Hello, from all of us at Sysdig!
Come join us in the cloud, we have something for everyone: Exciting releases, Kubernetes conferences, shocking news, and a lot of tips for the newcomers. Let the cloud-native highlights begin!
Ping us @sysdig or on our open source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are available in the archive.
Sign up for our monthly Cloud-native News.
The news
- Sigstore announced v1.0
- Researchers cracked the keys to the Zeppelin Ransomware
- Lots of RDS snapshots with personal info have been found
- AWS announced Resource Explorer
- Google cloud launched Cloud Workstations
- Azure Payment HSM helps you secure cloud digital payments
KubeCon Detroit was a success
Catch up with all the talks:
- KubeCon Detroit wrapup
- Falco at the KubeCon NA 2022
- Detecting Threats in GitHub with Falco
- Keda with Prometheus
- Boost Your Logs with Prometheus! From Logs to Metrics
Industry buzz
GitHub Actions exploited for crypto mining.
A cryptojacking operation was recently discovered, dubbed PurpleUrchin:
- Free cloud dev accounts are being abused for crypto mining.
- Check the technical details.
- Extra: What’s the real cost of crypto mining?
What scanners are missing?
When securing an environment like AWS, the output from security scanners might look good in a report, but you need to fill the gaps.
Just-in-time access for least privilege in the cloud
Recent data breaches targeted employee accounts. Check how reducing permissions to a minimum can help your security.
Does Kubernetes give you multi-cloud portability?
Kubernetes and containers are designed to let you move your workloads around. Discover how that isn’t always the case.
Building a resilient SRE process
Learn from Reputation’s experience.
Community tips
The OpenSSL PunyCode vulnerability
- What happened?
- Why is it not as bad as we thought?
- How does it affect popular images?
- How can you mitigate it?
The danger System Role – AWS SDK client
Best practices for least privilege says to avoid running as admin as much as possible. Dig into tips to learn how to implement this on the AWS SDK client.
Rolling your Kafka cluster with zero downtime
Discover how to do “painless” rolling releases with Kafka.
CloudTrail vs. CloudWatch
Does cloud log management shield you from threats?
How to monitor etcd
etcd is one of the main components of Kubernetes. Dig into the steps to monitor this service, as well as the top metrics to keep an eye on.
What’s new with Sysdig?
Have you signed up for the Cost Advisor preview yet?
With our recently announced Cost Advisor, you can reduce wasted spending by 40% on average:
- See cost savings estimates
- Get configuration recommendations base on your actual usage
- Get alerted on spending spikes
- Leverage monitoring tool for cost visibility
Using Sysdig Secure to detect the OpenSSL CVE
Discover how Sysdig Secure helps you detect and prioritize the mitigation of CVE 2022-3602 and CVE 2022-3786: OpenSSL 3.0.7.
AWS Lambda Telemetry is supported in Sysdig Monitor
Observability in serverless computing environments, such as AWS Lambda, has always been a challenge. Check how Sysdig helps.
Strengthen cybersecurity with shift-left and shield-right
Dig into the underpinnings of modern cybersecurity programs in the world of containers, Kubernetes, and cloud.
How to secure Helm
Is Helm secure enough? Can you trust it blindly? Learn the best practices on securing Helm.
Recent releases and ecosystem updates
Read all about Sysdig’s new features and ecosystem updates.
There are new Falco rules like:
- Redirect STDOUT/STDIN to Network Connection in Host.
- Lastlog Files Cleared.