with Sysdig Secure
Continuous compliance for Containers and Kubernetes
Ensure you meet regulatory compliance standards (e.g., PCI-DSS, GDPR, NIST 800-190) with compliance checks and file integrity monitoring (FIM). Continuously validate cloud compliance for environments built on containers and Kubernetes across the entire application lifecycle.
CIS Benchmarks for Docker & Kubernetes
Out of the box checks for CIS Docker & Kubernetes Benchmarks that allow you to enforce and manage compliance across your Kubernetes and container lifecycle.
Container NIST SP 800-190 / NIST 800-53
NIST SP 800-190 policies are designed to inform security professionals with a clear understanding of NIST framework of recommended actions to secure their cloud-native environment.
Container PCI DSS
Sysdig partners with PCI Security Standards Council to help implementing PCI. Learn more about PCI compliance in A guide to Kubernetes & containers PCI complaince.
Validate compliance & implement File Integrity Monitoring
Streamline compliance controls (CIS benchmarks, NIST 800-190, PCI-DSS, etc) and enable File Integrity Monitoring (FIM) for containers via an automated workflow.
Track cloud compliance with dashboards and analytics
Leverage mandate-specific container compliance dashboards to visualize compliance status and progress.
Enable audit by correlating across all Kubernetes activity
Pass audits by correlating all container activity with Kubernetes application context, even after containers are gone, to identify trends and generate reports.
Validate Compliance and Implement File Integrity Monitoring
Sysdig Secure provides out-of-the-box checks to verify container compliance and ensure File Integrity Monitoring. You can apply to images being pushed through the CI/CD pipeline or sitting in the registry. Sysdig Secure image scanning policies check a broad range of constructs, including container image metadata, content, licenses, vulnerabilities and Dockerfile instructions.
To meet industry best practices for container compliance, Sysdig Secure leverages CIS Benchmarks for Kubernetes and Docker. Guided remediation tips help you to maintain or quickly reestablish CIS Kubernetes and Docker container compliance. Fine-grained compliance policies apply to any subset of the infrastructure: environment, application or namespace.
Sysdig Secure detects runtime container drift/compliance violations and responds with an immediate alert and response. Typical anomalous behavior detection includes:
- Modification of system binaries after startup (NIST SP 800-190 4.4.4)
- File Integrity Monitoring: Unauthorized file access to database containers (PCI-DSS 1.2.1)
- Users spawning shells inside privileged containers (NIST SP 800-190 4.4.3)
Track Cloud Compliance with Reports, Dashboards and Analytics
Sysdig Secure maps standards (e.g., PCI, NIST, CIS) to specific controls and applies them to cloud environments. Internal and external auditors can schedule on-demand assessments and customizable compliance reports.
Quickly validate cloud compliance by visualizing container and cloud compliance patterns and trends, gaining valuable insights into container compliance and scoping it based on Kubernetes and cloud context. You may then embed the dashboard into existing workflows for GRC teams and CISO’s via an iframe.
Enable Audit by Correlating Across All Kubernetes Activity
Sysdig provides you with Kubernetes-specific API event rules that lets you:
- Audit secret management, access and creation
- Alert on requests by unauthorized users
- Identify the creation of pods with a configuration that violates your policy
- Alert on the suspicious creation or user binding of privileged roles
- Identify the creation of resources in restricted namespaces like kube-system
Easily filter through any user or service interaction across the Kubernetes stack using an audit trail.
During a Kubernetes audit, you and your audit team needs to determine the “who”, “what”, “where”, “when” and “why” across the Kubernetes environment. Sysdig Secure Activity Audit accelerates incident response and enables audit for Kubernetes by correlating all container activity (e.g., executed commands, network connections, API events) with Kubernetes application context (e.g., users, services, deployments, namespaces), even after containers are gone.
For real time support of SOC2, PCI and HIPAA audit requirements, Sysdig Secure continuously audits all container activity, providing detailed evidence for auditors.
You may zoom into any timeframe – even for containers long gone – to see all container, user, application and service actions, including files touched, modified or exfiltrated.
“We used Sysdig Secure to report on all vulnerabilities and compliance violations in containers in specific Kubernetes namespaces.”Japanese ISP
Start Free Trial
Sign-Up for a Sysdig Platform, Sysdig Secure or Sysdig Monitor free 30-day trial, no credit card required.