Sysdig CSPM Remediates Security Issues in Seconds
Industry-first guided remediation that aggregates issues to save time
SAN FRANCISCO — September 14, 2022 — Sysdig, the unified container and cloud security leader, today announced ToDo, an actionable checklist showing prioritized risks, and Remediation Guru, guided remediation at the source. This is the industry’s first cloud security posture management (CSPM) offering that aggregates security findings by root cause and prioritizes remediation based on impact. ToDo saves time during investigations and Remediation Guru allows security and DevOps teams to fix issues in seconds with just a few clicks.
Organizations often have hundreds of cloud accounts and services spread across multiple cloud environments. They are automating deployment of cloud services using Infrastructure as Code (IaC). If the IaC template has a configuration error, the same error is often replicated across cloud environments, generating multiple alerts and overwhelming security teams.
Compounding the problem, policies and controls often cannot be applied across environments. This results in inconsistent policies across the organization for different parts of the software delivery pipeline. The lack of agnostic controls across the technology stack increases management complexity.
With Sysdig, security teams can rapidly find, prioritize, and remediate security issues. ToDo aggregates risks that have the same root cause and provides opinionated prioritization that reduces time spent on investigation. However, teams not only need help identifying the risks and focusing their attention on what matters, but they also need assistance implementing the fixes. Remediation Guru automatically generates the suggested change to IaC templates that can be applied with a single click so teams can get back to revenue-generating work. Because Sysdig has a shared policy model, teams can efficiently and consistently enforce policy across multiple cloud and Kubernetes environments.
- Manage cloud and Kubernetes inventory with a single view: Teams gain visibility into cloud assets across hybrid- and multi-cloud environments.
- Prioritize what matters with ToDo: ToDo prioritizes actions that remediate the greatest number of issues by consolidating based on root cause and impact.
- Save time using Remediation Guru to fix configuration risks: Remediation Guru enables teams to fix at the source by approving automatically generated pull requests that map misconfigurations in production to IaC manifests.
- Adopt a shared policy model leveraging OPA: Sysdig helps teams apply security policies using Open Policy Agent (OPA) policy-as-code once across multiple cloud and Kubernetes environments. Teams get a unified view of security requirements from source to production, and can easily create custom OPA-based policies with a few clicks.
“It is the worst kept secret in cloud that security tools often overwhelm teams with useless alerts that are not actionable,” said Omer Azaria, Vice President of Security Engineering at Sysdig. “Customers cannot wait to get their hands on ToDo prioritization and Remediation Guru, tools that group issues and guide you to take the most impactful actions to improve security posture. For example, ‘making this change to your IAC manifest file will cause 100 resources to pass a failing compliance control.'”
Remediation Guru is available as a tech preview to all Sysdig Secure customers. ToDo is available on request. New customers gain access to ToDo and Remediation Guru when purchasing Sysdig Secure.
- Blog: KSPM and how to improve your Kubernetes security posture
- Blog: Prioritize alerts and findings with Sysdig Secure
- Blog: Fixing potential security issues in your Infrastructure as code at the source with Sysdig
Amanda McKinney Smith
Sysdig is driving the standard for cloud and container security. The company pioneered cloud-native runtime threat detection and response by creating Falco and Sysdig Open Source as open source standards and key building blocks of the Sysdig platform. With the platform, teams can find and prioritize software vulnerabilities, detect and respond to threats, and manage cloud configurations, permissions, and compliance. From containers and Kubernetes to cloud services, teams get a single view of risk from source to run, with no blind spots, no guesswork, no wasted time. The largest and most innovative companies around the world rely on Sysdig.