Sysdig

San Francisco, CA, USA
2013
Jan 26, 2021   |  By Chris Kranz
Welcome to another monthly update on what’s new from Sysdig. Our team continues to work hard to bring great new features to all of our customers, automatically and for free!
Jan 19, 2021   |  By Kaizhe Huang
In this blog, we will compare and contrast Falco vs. AuditD from a Host Intrusion Detection (HIDS) perspective. AuditD is a native feature to the Linux kernel that collects certain types of system activity to facilitate incident investigation. Falco is the CNCF open-source project for runtime threat detection for containers and Kubernetes. We will dig deeper into the technical details and cover the installation, detection, resource consumption, and integration between both products.
Jan 13, 2021   |  By Sysdig
74 percent of customers 'shift left' by scanning images during the build phase, 58 percent of containers are running as root, which increases runtime security risk.
Jan 13, 2021   |  By Aaron Newcomb
The fourth annual Sysdig container security and usage report looks at how global Sysdig customers of all sizes and industries are using and securing container environments. By examining how and when organizations are implementing security in the development lifecycle, we have been able to uncover some interesting data points in this year’s report. For example, we can see that 74% of organizations are scanning container images in the build process.
Jan 7, 2021   |  By Suresh Vasudevan
Today, Red Hat announced its intent to acquire Stackrox. This is a very exciting development in the world of cloud-native security! First and foremost, congratulations to Stackrox, an early participant in the container security space. This acquisition is a great outcome for Stackrox given their nascent scale and on-premises offering.
Dec 29, 2020   |  By Loris Degioanni
Most modern organizations understand that the earlier you integrate security into the development process, the more secure the applications will be in production. For containerized workloads, securing the container image throughout the application life cycle is a critical part of security, but many organizations don’t even follow basic best practices for ensuring secure container images.
Dec 23, 2020   |  By Kaizhe Huang
CVE-2020-8554 is a vulnerability that particularly affects multi-tenant Kubernetes clusters. If a potential attacker can create or edit services and pods, then they may be able to intercept traffic from other pods or nodes in the cluster. An attacker that is able to create a ClusterIP service and set the spec.externalIPs field can intercept traffic to that IP. In addition, an attacker that can patch the status of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
Dec 22, 2020   |  By Alex Lawrence
With the holidays upon us around the world, some folks here at Sysdig decided to take a technological approach to holiday cooking. How, you ask? By adding a little PromQL to the mix. A home kitchen during the holidays can be a very frenetic place. There are often many, many dishes being prepared at the same time and cooked in sequence. Some are short and easy, others can take several hours. It’s inevitable that a dish will get missed, or a step forgotten.
Dec 22, 2020   |  By Chris Kranz
Welcome to another monthly update on what’s new from Sysdig. Our team continues to work hard to bring great new features to all of our customers, automatically and for free!
Dec 16, 2020   |  By David de Torres Huerta
In this article, we will explain how to monitor an Oracle Database with Prometheus using an exporter to generate metrics. Also, we will review the main metrics that you should monitor on resource usage and performance, and what to alert on to detect issues and incidents in your Oracle Database.
Jan 13, 2021   |  By Sysdig
Join Sysdig and AWS experts to learn how to detect and respond to threats to your production applications running on services like AWS Fargate and Amazon EKS. With the rise of microservices and DevOps practices, new security threats put your infrastructure and applications at risk. Hear how to leverage signals from AWS CloudTrail and open source Falco to spot unexpected behavior, block threats, and validate compliance across your AWS environment.
Jan 12, 2021   |  By Sysdig
Tune into our #LinkedInLive event on Jan 12 at 10 am PST and Join Sysdig and AWS experts to learn how to detect and respond to threats to your production applications running on services like AWS Fargate and Amazon EKS. With the rise of microservices and DevOps practices, new security threats put your infrastructure and applications at risk. Hear how to leverage signals from AWS CloudTrail and open source Falco to spot unexpected behavior, block threats, and validate compliance across your AWS environment.
Dec 10, 2020   |  By Sysdig
Tune into our #LinkedInLive event on December 9 from 11:30am-12pm PST and join Sysdig and Amazon Web Services (AWS) experts, Pawan Shankar and Eric Carter, to learn how to scan #AWS #Fargate containers in under 4 minutes with Sysdig Secure. Join this live discussion to learn how Sysdig Secure closes the visibility and security gap by providing the first automated #Fargate inline scanning.
Nov 17, 2020   |  By Sysdig
A Zero trust approach for network security is a must to block unnecessary connections between pods, services and apps. But, when your traditional applications move to Kubernetes, you become blind to how your apps are communicating. Where do you start?
Nov 11, 2020   |  By Sysdig
Watch this video to learn about the 5 key workflows for onboarding Secure DevOps with Sysdig.
Oct 19, 2020   |  By Sysdig
Sysdig can help you quickly move container apps into production without sacrificing visibility and security. With embedded security, monitoring and compliance, Sysdig gets teams shipping cloud apps faster, without slowing down developers.
Oct 13, 2020   |  By Sysdig
With the release of Kubernetes 1.18, we saw 40 features and updates added. In a recent blog post we collated these together in one place so that you can learn what may affect your clusters and prepare for change. Now, we go one step further, inviting Alex Ellis, CNCF Ambassador and Open Source project founder to share his take on the changes. We saw Alex’s in-depth article on the recent deprecations around “kubectl run” and asked him to pick four of his highlights to share with examples.
Oct 2, 2020   |  By Sysdig
The distributed nature of Kubernetes has turned both legacy infrastructure and traditional cybersecurity approaches on their heads. Organizations building cloud-native environments in their own data centers grapple with operationalizing and scaling Kubernetes clusters, and then ensuring system-wide security from the infrastructure layer all the way up to each container. In this webinar, you’ll hear from two cloud-native experts in infrastructure and security who will offer up valuable insights on.
Oct 2, 2020   |  By Sysdig
Protect Kubernetes? As Kubernetes matures, security is becoming an important concern for both developers and operators. In this talk, Loris Degioanni (CTO and Founder @Sysdig) will give an overview of cloud native security, discuss its different aspects, with particular focus on runtime, and explain what inspired the development of Falco, the CNCF container security project. Through demonstration, he will educate the CNCF community on the ways Falco is being used for real-world workloads. Lastly, he will share the latest on Falco’s adoption, maturation within CNCF and what’s on the horizon.
Sep 29, 2020   |  By Sysdig
Developers, operations, and security teams must work together to address key workflows to secure and monitor containers, Kubernetes and cloud services across the entire cloud-native lifecycle. By addressing mage scanning, runtime security, and compliance, along with monitoring for Kubernetes, container, applications, and cloud services you can automate protection and performance management to accelerate cloud adoption.
Feb 22, 2019   |  By Sysdig
Prometheus metrics add a valuable dimension to cloud-native monitoring giving developers visibility into applications in highly dynamic service-oriented architectures. Sysdig automatically collects Prometheus metrics and helps it scale for the enterprise.
Oct 3, 2018   |  By Sysdig
For Dummies Series - Best practices, insights and recommendations.
Oct 1, 2018   |  By Sysdig
Microservices built on containers and Kubernetes are helping you build and run software applications much faster than ever before. In your new infrastructure stack, keeping track of what’s happening becomes a new challenge.
Sep 1, 2018   |  By Sysdig
How to Monitor Kubernetes services, cluster and components.
Aug 1, 2018   |  By Sysdig
Scale, secure and augment Prometheus.
Jul 1, 2018   |  By Sysdig
An inside look at shifting container usage trends.
Jun 1, 2018   |  By Sysdig
What you need to think about when deploying Kubernetes.
May 1, 2018   |  By Sysdig
How containers change your compliance lifecycle.
Apr 1, 2018   |  By Sysdig
Get your containerized apps production-ready.
Mar 1, 2018   |  By Sysdig
A unified approach for security, monitoring, and forensics in containerized and microservice environments.

Sysdig is the first unified approach to monitor and secure containers across the entire software lifecycle.

Sysdig was born out of the belief that open source tools will be at the foundation of your next generation infrastructure. See our projects for system visibility, and container security, as well as partner projects we’ve embraced.

Accelerate your transition to containers, and then have confidence in your ongoing operations. We've built the cloud-native intelligence platform to create a single, more effective way to secure, monitor, and assure your critical applications:

  • Container security (Sysdig Secure): Protect and assure your applications. Bring together image scanning and run-time protection to identify vulnerabilities, block threats, enforce compliance, and audit activity across your microservices.
  • Enterprise-grade Docker monitoring (Sysdig Monitor): Enhance software reliability and accelerate problem resolution with advanced Kubernetes integration and built-in Prometheus monitoring capabilities.
  • Automatic orchestrator integration (Sysdig ServiceVision): We use Sysdig ServiceVision to dynamically map services using metadata from Kubernetes, OpenShift, AWS, Azure, Google, Mesos, or Docker EE, and more. With this insight, you can isolate and solve problems faster.

Our container intelligence platform monitors and secures millions of containers across hundreds of enterprises, including Fortune 500 companies and web-scale properties.