Hello from all of us at Sysdig!
Come join us in the cloud, and let’s escape from this crazy-weather August. We have a little bit for everyone: Exciting releases, hacking conferences, shocking news, and a lot of tips for the newcomers. Let the cloud-native highlights begin!
Also, don’t miss all of Sysdig’s activity. We now block cryptojacking using Machine Learning, we achieved AWS Security Competency, and more!
Sign up for our monthly Cloud-native News.
Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.
The news
- GitHub now supports SSH commit verification.
- PCI has published a new guide for container orchestration tools.
- SLSA3 generic generator for GitHub Actions is now generally available.
- Falco is now supported in gVisor to implement threat detection.
- Kubernetes added an official, automatically refreshed CVE feed.
- Istio announced Ambient Mes, a new dataplane mode without sidecars.
- AWS launched a new security best practice control to enhance your CSPM.
- Google announces the availability of Google Cloud Backup and DR.
- GKE now exposes the Kubernetes control plane metrics.
- Azure allows encrypting a storage account with a key on a different tenant.
- Hashicorp announced the graduation of vault-k8s to Version 1.0.
Hot off the press: The 2022 Cloud-Native Threat Report
After months of research, the most costly and pervasive threats to public clouds, containers, and Kubernetes are exposed in this inaugural report:
- The real cost of cryptomining
- Supply chain attacks from Docker Hub
- Geopolitics and hacktivism
Get your copy of the full report for all the trends and insights.
Join us in the InformationWeek event to learn about what Sysdig’s Threat Research Team is seeing out there and what you can do to protect yourself.
Industry buzz
SBOMs, the next step in software application development
Have you ever developed software? Discover what a Software Bill Of Materials is.
The reality of machine learning on cybersecurity
Dig into the quiet victories and false promises of machine learning in security.
Scaling monitoring to trillions of data points
Learn from Ninja Van’s experience on scaling a monitoring infrastructure.
Avoid cloud misconfigurations, aim for continuous compliance
Discover this new model from Google Cloud. Stay secure without slowing down.
Why should you pay attention to eBPF?
If you wanna know what the eBPF fuzz is about, check this great first contact.
Community tips
7 Kubernetes trends to watch in upcoming years
Glimpse into the future of seven kubernetes trends to keep an eye on.
What’s inside of a Distroless container image?
Go beyond scratch images and take a deeper look at distroless container images.
Understanding Kubernetes evicted pods
Learn about Kubernetes eviction in the preemption and node-pressure processes.
AWS security best practices
Discover the top 26 AWS security best practices you should follow in production.
Detecting suspicious activity using private decoy resources
Start detecting suspicious activity in your AWS account with these honeypots.
Kubernetes API server bypass risks
Dig into the known ways you can bypass security of the Kubernetes API server.
OWASP Kubernetes top 10
Read the top K8s risks prioritized by the Open Web Application Security Project.
Falco Driverkit with Docker on Debian
Learn to build your own Falco driver for Falco and Sysdig OSS.
What’s new with Sysdig?
Sysdig CSPM remediates security issues in seconds
We recently announced ToDo, an actionable checklist showing prioritized risks; and Remediation Guru, guided remediation at the source. This is the industry’s first Cloud Security Posture Management (CSPM) offering that aggregates security findings by root cause and prioritizes remediation based on impact.
- Learn about KSPM and how to improve your Kubernetes security posture.
- Discover how ToDo saves time during investigations.
- Check how Remediation Guru allows teams to fix issues in seconds.
- Watch them in action.
Sysdig launches Partner Technical Accreditation Program
Discover how Sysdig Partners can support their customers to get a unified view of the security, compliance, and observability challenges related to their cloud native architecture.
Managed policies for Sysdig Secure
Check how to quickly implement rules and policies to prevent malicious behavior.
Onna Technologies saves time and money with Sysdig & Snyk
Discover how they secure their SDLC while saving time and money.
Recent releases and ecosystem updates
Read all about Sysdig’s interesting new features and ecosystem updates.