Welcome to another monthly update on what’s new from Sysdig! This month’s big announcement is our new support for Prometheus as a managed service. There are several individual features behind this which we cover in more detail below, but here is a summary: Also, Kubernetes 1.22 was released and we shared our review of what to look out for. Go check out our Kubernetes 1.22 – What’s new? post if you haven’t already.

Monitoring services and applications in just a few clicks – that’s the dream of every SRE and developer, but this is very difficult because most applications don’t expose metrics in a standardized format. This article will introduce the current pros and cons of the Prometheus exporters ecosystem and how we leveraged the power of the open-source exporters in Sysdig to radically simplify the user experience to allow you to monitor your applications in just a few clicks.

Last year we cooked a holiday ham using Sysdig. Honestly, just revisiting that makes me hungry, but it got me thinking. What about dessert? Today, I’d like to discuss baking a pie and eating it with Prometheus Remote Write. But not just any pie: a Raspberry Pi. Specifically, I’d like to introduce you to Pi-hole, an open-source project that has become very popular in the community. In this article you’ll learn how easy is Monitoring Pi-hole with Prometheus Remote Write.

We are excited to announce that Prometheus Remote Write functionality is now generally available in Sysdig Monitor. This feature allows Prometheus users to easily push metrics directly from their Prometheus servers to Sysdig’s Managed Prometheus Service. Sysdig Monitor provides not only a scalable long term storage solution for custom metrics but also radically simplifies Prometheus monitoring.

Last year’s IDC’s Cloud Security Survey found that nearly 80 percent of companies polled have suffered at least one cloud data breach in the past 18 months.

This release brings 56 enhancements, an increase from 50 in Kubernetes 1.21 and 43 in Kubernetes 1.20. Of those 56 enhancements, 13 are graduating to Stable, a whopping 24 are existing features that keep improving, and 16 are completely new. It’s great to see so many new features focusing on security, like the replacement for the Pod Security Policies, a rootless mode, and enabling Seccomp by default. Also, watch out for all the deprecations and removals in this version!

In any case, by using the MITRE ATT&CK framework to model and implement your cloud IaaS security, you will have a head start on any compliance standard since it guides your cybersecurity and risk teams to follow the best security practices. As it does for all platforms and environments, MITRE came up with an IaaS Matrix to map the specific Tactics, Techniques, and Procedures (TTPs) that advanced threat actors could possibly use in their attacks on Cloud environments.

The CVE-2021-33909, named Sequoia, is a new privilege escalation vulnerability that affects Linux’s file system. It was disclosed in July, 2021, and it was introduced in 2014 on many Linux distros; among which we have Ubuntu (20.04, 20.10 and 21.04), Debian 11, Fedora 34 Workstation and some Red Hat products, too. This vulnerability is caused by an out-of-bounds write found in the Linux kernel’s seq_file in the Filesystem layer.