March 2022 Cloud-native news

Hello from all of us at Sysdig!

March has been a busy month for the cloud-native community, so don’t miss our cloud-native highlights!

The unfolding tragedy in Ukraine has been heartbreaking. Sysdig has taken several steps to stand with the people of Ukraine, including matching employee donations to humanitarian organizations. We hope you will consider taking action as well.

Sign up for our monthly Cloud-native News.

Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.

The news

Industry buzz

How to get more women in open source

Representation matters. Don’t miss this analysis on what keeps women away from open source, and how we can improve as a community.

Azure is closing the gap on AWS

The Flexera State of the Cloud 2022 report found that Azure is closing in on AWS. Read in this year’s report to see how all of the cloud providers stack up.

The future of Kubernetes

Secrets, networking, definitions… There are lots of aspects where Kubernetes can improve in 2022. Take this journey into what the future could look like.

Don’t forget about Log4j

Hours after its publication, hundreds of threats exploited the log4j vulnerability. Months later, Mandiant reminds us that the situation has not changed. If you’d like to know more, take a look at exploiting, mitigating, and detecting Log4j.

Community tips

Dirty Pipe

CVE-2022-0847, aka “dirty pipe,” allows writing read-only files in Linux affecting a large number of cloud services.

CRI-O has a make-me-root flaw

Another vulnerability, this time affecting CRI-O v1.19+. Check out what CVE-2022-0811 is about.

Also, discover how to detect and mitigate CVE-2022-0811.

Escaping privileged containers for fun

After the discovery of CVE-2022-0492, threat researchers are looking for similar vulnerabilities. Read this analysis on the call_usermodehelper_* function family.

We also covered CVE-2022-0492 recently in our blog.

Securing your Grafana instance

Don’t miss these tips from the Grafana team to audit security in your Grafana instance and keep your Grafana secure.

What is OpenTelemetry

Learn how OpenTelemetry allows you to collect the three pillars of observability – traces, logs, and metrics – in this straightforward guide for developers.

Limiting traffic in Kubernetes with Linkerd

Discover a different approach to restricting traffic between namespaces using service mesh features, like Linkerd’s traffic policies.

What’s new with Sysdig?

Sysdig Monitoring & Security for Oracle Cloud

Now available in the Oracle Cloud Marketplace, the Sysdig platform gives OKE users a unified view of the risk, compliance, and performance.

How to monitor Starlink with Prometheus

Learn how Starlink works in a domestic environment and how to monitor Starlink’s connection with Prometheus.

Will the cloud kill security agents?

The cloud is shifting paradigms so it’s possible to implement security without the need for agents. Check out the advantages and disadvantages of agentless.

Triaging a malicious Docker container

We’ve seen increasing cases of attacks via maliciously crafted containers. Discover how we handle them once we discover them in our honeypot.

Why is MFA important to your cloud account?

Login accounts are precious to malicious actors. Learn why, and how multi-factor authentication can save you from a bad time.

Real-time threat detection in the cloud

Don’t miss how stream detection can help you reduce costs and respond to threats in cloud environments faster.

Recent releases and ecosystem updates

Most Sysdig products received updates in the last few days: Sysdig Secure and the Sysdig Cloud Connector, Sysdig Agents, our CLI and tools, and much more. Read all about the interesting new features and ecosystem updates on our blog.