We have been working hard in March to bring you great new features. We are excited to announce Sysdig Secure for cloud, a tool that will help you manage your cloud security posture, as well as a new PromQL Query Explorer in Sysdig Monitor. Also, the cloud community has been incredibly active, so don’t miss our highlights!
Have a look below for the details:
Sign up for our monthly Cloud-native News.
Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.
The news
- TLS 1.0 and 1.1 are officially deprecated.
- A2 VMs based on the NVIDIA A100 GPUs are GA in Google Cloud.
- Microsoft is planning to bring a new Azure Region to North China in 2022.
- CSA announced a series of additional features to CCM v4.
- Plus a vendor-neutral, technical credential for auditing cloud.
- If you’re using an M1 Mac, you can try the new Docker Desktop RC1.
- Red Hat introduced Sigstore, code signing with no need to manage keys.
- Puppet will donate $5 if you fill the 2021 State of DevOps Survey.
- Respond Falco Survey Spring 2021 to be eligible for exclusive Falco swag.
Industry buzz
Women in leadership
Learn the perspectives from several women in leadership at Google on why proactively focusing on DEI in the workplace is so critical.
Insights on application security
Read this interview with Tanya Janca, founder and author, about the role of AppSec in security organizations.
Security engineers learning how to dev
Take a look at this interesting article on how to create meaningful partnerships between security and software engineers.
Google Cloud products in 4 words or less
Find your way through all Google Cloud products with this recently updated overview.
Accelerate Threat Detection
Across AWS Cloud and Containers
Apr. 8 | 10am Pacific | 1pm Eastern
Community tips
Reverse engineering a Docker image
Read this intriguing story about how a tech consultant was able to recover a lost Dockerfile by taking apart the built Docker image.
Test your cluster resiliency with OSS chaos engineering tools
Take a look at this collection of open-source solutions for using chaos engineering in your Kubernetes cluster.
Make your Kubernetes cluster simpler with Containerd
Although Docker containers are still supported in Kubernetes, they add some overhead to your infrastructure. Discover how to migrate your Kubernetes cluster from Docker to Containerd.
Behind the scenes of Docker container and image layers
Learn how the Union Filesystem works behind all the image layers, creating the illusion of merging contents from several directories into one.
Be aware of these Git and Github vulnerabilities
Update your Git installation to ensure that it doesn’t get affected by this vulnerability regarding Git clone.
Also, read this interesting story about how this Github bug was found and fixed, which allowed an attacker to steal secrets.
Improving the performance of APIs with gRPC
Read how the Cloudflare DevOps team uses gRPC in combination with Kubernetes to improve the performance and usability of their internal APIs.
What’s New with Sysdig?
Announcing Sysdig Secure for cloud
Sysdig Secure for cloud extends protection to your whole cloud environment.
It continuously flags cloud misconfigurations before the bad guys get in and helps prevent lateral movement attacks involving containers and the cloud.
Sysdig Secure for cloud detects suspicious activity, like unusual logins from AWS leaked credentials. To spot these issues, it taps into cloud events, like GCP Audit logs, or AWS CloudTrail. It also features controls mapped to compliance benchmarks like CIS AWS Foundations Benchmark.
The new cloud security features are available in a single console, making it easier for you to validate your cloud security posture.
Get the Sysdig Secure for cloud free tier today, or request a free trial of the whole Sysdig Secure DevOps Platform.
Sysdig contributions to the CNCF
We are proud of contributing the sysdig kernel module, eBPF probe, and libraries to the Cloud Native Computing Foundation.
Read how this includes what is likely the most ambitious and sophisticated eBPF script on the planet, a system call capture library with full support for capture file abstraction, and a battle-tested, 70K+ lines of code, kernel event enrichment library.
Dockerfile best practices
Learn how to prevent security issues and optimize containerized applications by applying these 20 Dockerfile best practices when building images.
Announcing the new PromQL Explore
The new PromQL Explorer for Sysdig Monitor allows you to write PromQL queries faster by automatically identifying the common labels among different metrics. From there, you can use that query in a dashboard or alert with the click of a button.
Also, download our PromQL cheatsheet to learn how to structure your PromQL queries!
Recent releases and ecosystem updates
Most Sysdig products received updates in the last few days: Sysdig Secure, Sysdig Monitor, Sysdig Agent, Inline scanning engine, Terraform provider, and much more. Read all about the interesting new features and ecosystem updates on our blog.
Stay safe. Meet us online:
Accelerate Threat Detection
Across AWS Cloud and Containers
Apr. 8 | 10am Pacific | 1pm Eastern
Supercharging Kubernetes Labels and Metrics
Apr. 15 | 10am Pacific | 1pm Eastern
Preparing for the
Certified K8s Security Specialist (CKS) Exam
May 20 | 9am Pacific | 12pm Eastern
