Sysdig and IBM Embed Sysdig Secure for Container Security
KubeCon + CloudNativeCon – Sysdig, Inc., the secure DevOps leader, announced the global availability of Sysdig Secure embedded within IBM Cloud. IBM Cloud Monitoring with Sysdig, which uses Sysdig Monitor, is already the default monitoring solution used by IBM and offered to IBM Cloud customers when onboarding. With this addition of Sysdig Secure, the Sysdig Secure DevOps Platform is tightly integrated with IBM Cloud to provide customers end-to-end monitoring and security capabilities.
The expansion of Sysdig Secure in IBM Cloud builds on the container, Kubernetes, and cloud monitoring capabilities of IBM Cloud Monitoring with Sysdig. Sysdig Secure adds image scanning, runtime security, compliance, incident response, and forensics. Now, when operating in IBM Cloud, DevOps, cloud, and security teams can secure the build pipeline, detect and respond to runtime threats, and validate compliance using Sysdig Secure.
Recommended AI News: Log-On Software Announces Log-On Wave for IBM Z
The Sysdig Secure DevOps Platform, which includes Sysdig Secure and Sysdig Monitor, closes the security and visibility gap for containers and Kubernetes. With Sysdig, cloud teams can embed security, validate compliance, and scale monitoring to manage security risk and improve application availability. Granular data enriched with cloud and Kubernetes context gives teams the visibility they need to confidently run applications in production.
“Since announcing the IBM Cloud Monitoring with Sysdig initiative in 2018, we have gone through extensive testing with IBM and proved our ability to deliver security, compliance, and monitoring at scale,” said Knox Anderson, vice president of product at Sysdig. “We deliver IBM Cloud Monitoring in six regions globally and adding Sysdig Secure to those regions will enable our joint customers to embed security, compliance, and performance into their DevOps workflow in just a few clicks.”
New Capabilities Added to IBM Cloud Monitoring with Sysdig
- Image scanning: Automate scanning within CI/CD pipelines and registries and implement registry scanning inline. Block vulnerabilities pre-production and monitor for new CVEs at runtime. Map a critical vulnerability back to an application and development team.
- Runtime security: Protects containers, Kubernetes, hosts, and IBM infrastructure with out-of-the-box policies based on open source Falco. Automatically trigger response actions and notify the right teams immediately.
- Compliance: Ensure regulatory compliance standards are met, such as PCI-DSS, GDPR, NIST 800-190, with compliance checks and file integrity monitoring (FIM). Continuously validate cloud compliance for environments built on containers and Kubernetes across the entire application lifecycle.
- Incident response and forensics: Conduct forensics and incident response for containers and Kubernetes to understand security breaches, meet compliance requirements, and recover quickly. Sysdig provides a single source of truth for all activity in the container ecosystem before, during, and after an incident.
The Challenge of Securing Containers and Kubernetes
Containers are black boxes that hide their internal activity, making it difficult to gain the visibility required to manage security risk. They are normally deployed using microservices, numbering in the tens of thousands, which dynamically connect to form applications. Managing this complex environment requires visibility into container activity, context to understand how the microservices interact, and a detailed audit record for investigating incidents and alerts. The Sysdig platform provides granular visibility enriched with Kubernetes and cloud context, along with a detailed audit trail, that allows teams to confidently run applications in production.