Container Compliance with Sysdig Secure
Meet regulatory compliance standards (e.g., PCI-DSS, NIST 800-190, NIST 800-53 and SOC2) when running containers and Kubernetes. Save time with out of the box policies that map to specific compliance controls. Continuously validate compliance and implement file integrity monitoring (FIM) across the entire application lifecycle.
for Containers & Kubernetes
for Docker & Kubernetes
NIST 800-53 rev 4
Container PCI DSS
Get the guide for PCI compliance for containers and Kubernetes.
Validate Compliance Across the Entire Container Lifecycle
Validate compliance & implement File Integrity Monitoring
Streamline compliance controls (CIS benchmarks, NIST 800-190, NIST 800-53, SOC2, PCI-DSS, etc) and enable File Integrity Monitoring (FIM) for containers via an automated workflow.
Track cloud compliance with dashboards and analytics
Leverage mandate-specific container compliance dashboards to visualize compliance status and progress.
Enable audit by correlating across all Kubernetes activity
Pass audits by correlating all container activity with Kubernetes application context, even after containers are gone, to identify trends and generate reports.
Validate Compliance and Implement File Integrity Monitoring
Sysdig Secure provides out-of-the-box checks to verify container compliance and ensure File Integrity Monitoring. You can apply to images being pushed through the CI/CD pipeline or sitting in the registry. Sysdig Secure image scanning policies check a broad range of constructs, including container image metadata, content, licenses, vulnerabilities and Dockerfile instructions.
To meet industry best practices for container compliance, Sysdig Secure leverages CIS Benchmarks for Kubernetes and Docker. Guided remediation tips help you maintain or quickly reestablish CIS Kubernetes and Docker container compliance. Fine-grained compliance policies apply to any subset of the infrastructure: environment, application or namespace.
Sysdig Secure detects runtime container drift and compliance violations and responds with an immediate alert and response. Typical anomalous behavior detection includes:
- Modification of system binaries after startup (NIST SP 800-190 4.4.4)
- File Integrity Monitoring: Unauthorized file access to database containers (PCI-DSS 1.2.1)
- Users spawning shells inside privileged containers (NIST SP 800-190 4.4.3)
Track Cloud Compliance with Reports, Dashboards and Analytics
Quickly validate cloud compliance by visualizing container and cloud compliance patterns and trends, gaining valuable insights into container compliance and scoping it based on Kubernetes and cloud context. You may then embed the dashboard into existing workflows for GRC teams and CISO’s via an iframe.
Enable Audit by Correlating Across All Kubernetes Activity
Sysdig provides you with Kubernetes-specific API event rules that lets you:
- Audit secret management, access and creation
- Alert on requests by unauthorized users
- Identify the creation of pods with a configuration that violates your policy
- Alert on the suspicious creation or user binding of privileged roles
- Identify the creation of resources in restricted namespaces like kube-system
Easily filter through any user or service interaction across the Kubernetes stack using an audit trail.
During a Kubernetes audit, you and your audit team needs to determine the “who”, “what”, “where”, “when” and “why” across the Kubernetes environment. Sysdig Secure Activity Audit accelerates incident response and enables audit for Kubernetes by correlating all container activity (e.g., executed commands, network connections, API events) with Kubernetes application context (e.g., users, services, deployments, namespaces), even after containers are gone.
For real time support of SOC2, PCI and HIPAA audit requirements, Sysdig Secure continuously audits all container activity, providing detailed evidence for auditors.
You may zoom into any timeframe – even for containers long gone – to see all container, user, application and service actions, including files touched, modified or exfiltrated.
“We use Sysdig Secure to report on all vulnerabilities and compliance violations in containers in specific Kubernetes namespaces.”Japanese ISP
Start Free Trial
Sign-Up for a Sysdig Platform, Sysdig Secure or Sysdig Monitor free 30-day trial, no credit card required.