Every container image protected by Sysdig is tested against VulnDB, the largest database of vulnerability data; remediation steps simplify time-to-resolve vulnerabilitiesSAN FRANCISCO – September 2, 2020 — Sysdig, Inc., the secure DevOps leader, today announced the addition of VulnDB as a third-party vulnerability source. VulnDB, from Risk Based Security, is a comprehensive, timely, and actionable source of vulnerability intelligence. With this partnership, the Sysdig Secure DevOps Platform extends its image scanning capabilities to provide richer findings around vulnerabilities in third-party libraries and dependencies. Combined with the wide range of vulnerability databases the Sysdig platform checks against, the comprehensive data from VulnDB enables organizations to more effectively identify, track, and reduce security risk. To support this activity, Sysdig added a new VulnDB view to the Sysdig dashboards.
Today, Sysdig also announced how JW Player is using Sysdig to securely deliver video to more than 1 billion users.
There is an inherent security risk as organizations assemble code to save time, instead of writing from scratch. The 2020 Container Security Snapshot highlights that 53 percent of non-OS packages have “high” or “critical” level vulnerabilities. Although teams may be scanning for OS packages, many developers are unaware of risk being introduced into their applications via third-party packages, dependencies, and misconfigurations.
Reduce security risk and speed the fix
Image scanning is critical to the ‘shift-left’ approach for security and should be integrated into the build process to validate images added to the container registry, and during runtime to ensure new vulnerabilities, secrets, and license violations are not introduced during production. Image scanning is one of 10 workflows that span security, compliance, and monitoring that Sysdig provides to help organizations manage security risk and maximize availability. As Sysdig scans images, VulnDB provides Sysdig customers with increased vulnerability coverage and further strengthens reporting on vulnerabilities.
VulnDB provides more than 76,000 additional vulnerabilities not found in the publicly available Common Vulnerabilities and Exposures (CVE) database and provides the most comprehensive vulnerability database. The new VulnDB view in the Sysdig dashboards helps organizations to quickly identify vulnerabilities, recommend a fix, and speed remediation. For each vulnerability detected, developers can immediately see every package affected, along with the version impacted and the Common Vulnerability Scoring System (CVSS) score. The VulnDB and vendor scores help teams focus on high-risk issues and understand who is responsible for the fix.
“There are vulnerabilities in virtually every application,” said Jake Kouns, chief executive officer at Risk Based Security. “The key is having a security partner that alerts you to the ones that need your attention. By including better data from VulnDB in their powerful container and Kubernetes security and monitoring platform, Sysdig has given its customers access to the best vulnerability intelligence on the market.”
“As organizations move to the cloud, they often rely too heavily on default vulnerability data, which isn’t enough for most organizations,” said Omer Azaria, vice president of engineering at Sysdig. “Partnering with VulnDB adds a valuable intelligence feed, enabling us to give Sysdig customers the most comprehensive aggregation of vulnerabilities and visibility to their risks. Addressing issues during the build process is fundamental to accelerating application delivery while managing risk.”
Current Sysdig customers have access to the VulnDB data and will find the new views in their dashboards today. Learn more about Sysdig image scanning.
Connect with Sysdig
- Get started with Sysdig
- Get more news in the Sysdig newsroom
- Read the Sysdig blog
- Follow Sysdig on Twitter
- Watch Sysdig videos on YouTube
- Follow Sysdig on LinkedIn
Media contactAmanda McKinney Smith
About Sysdig In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation.
Sysdig. Secure Every Second.