San Francisco, CA, USA
May 29, 2020   |  By Kaizhe Huang
This CVE is a Server Side Request Forgery (SSRF) vulnerability in kube-controller-manager that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master’s host network (such as link-local or loopback services).
May 28, 2020   |  By Kaizhe Huang
Reverse shell is a way that attackers gain access to a victim’s system. In this article, you’ll learn how this attack works and how you can detect it using Falco, a CNCF project, as well as Sysdig Secure. Sometimes, an application vulnerability can be exploited in a way that allows an attacker to establish a reverse shell connection, which grants them interactive access to the system.
May 27, 2020   |  By Eric Carter
Today, we are pleased to announce the expansion of Sysdig’s relationship with IBM to extend cloud security governance with IBM Cloud Pak for Multicloud Management. Through a new OEM agreement, Sysdig Secure and the Sysdig Secure DevOps Platform are now available through IBM and IBM Business Partners. The combined IBM and Sysdig offering delivers centralized cloud visibility, governance and automation with in-depth container security intelligence for Red Hat OpenShift.
May 20, 2020   |  By David de Torres Huerta
A Prometheus CloudWatch exporter is a key element for anyone wanting to monitor AWS CloudWatch. Exporting CloudWatch metrics to a Prometheus server allows leveraging of the power of PromQL queries, integrating AWS metrics with those from other applications or cloud providers, and creating advanced dashboards for digging down into problems. But, who watches the watcher? Despite those advantages, using the wrong exporter or an incorrect configuration can have bad consequences in production environments.
May 7, 2020   |  By Aaron Newcomb
A few weeks ago, we announced that Sysdig is offering fully compatible Prometheus monitoring at scale for our customers, as well as a new website called hosting a curated repository of Prometheus exporters, dashboards and alerts. This got me thinking about how we were actually able to implement the changes necessary to offer this in our platform.
Feb 22, 2019   |  By Sysdig
Prometheus metrics add a valuable dimension to cloud-native monitoring giving developers visibility into applications in highly dynamic service-oriented architectures. Sysdig automatically collects Prometheus metrics and helps it scale for the enterprise.
Oct 3, 2018   |  By Sysdig
For Dummies Series - Best practices, insights and recommendations.
Oct 1, 2018   |  By Sysdig
Microservices built on containers and Kubernetes are helping you build and run software applications much faster than ever before. In your new infrastructure stack, keeping track of what’s happening becomes a new challenge.
Sep 1, 2018   |  By Sysdig
How to Monitor Kubernetes services, cluster and components.
Aug 1, 2018   |  By Sysdig
Scale, secure and augment Prometheus.
May 20, 2020   |  By Sysdig
Apr 16, 2020   |  By Sysdig
Attend our webinar about PCI compliance in containers & Kubernetes: Download our PCI Guide: More info in our blog: Many of your applications are now starting to run on containers in the cloud. If your applications are at all dealing with credit card data, you may be wondering how to validate PCI compliance, a well known regulation for handling this data securely. PCI is also a must have requirement to check off before your code gets to production.
Apr 3, 2020   |  By Sysdig
Organizations are moving to the cloud and DevOps to ship applications faster. However, the dynamic nature of these environments can lead to gaps in visibility. Without the proper insight, how can you address the issues that impact the availability and performance of your applications? Sysdig Monitor provides cloud monitoring at scale with full Prometheus compatibility. You can get deep visibility into rapidly-changing container-environments including infrastructure, services and applications.