This article will show you how to leverage the Sysdig Terraform provider to follow Secure GitOps principles and use security as code in your infrastructure to define Alerts, Rules, and Policies.

the k8s-security-configwatch GitHub Action, an open source tool from Sysdig, secures your GitOps workloads by detecting changes on your Kubernetes security configuration.

In this blog post, we are going to cover how to perform container image scanning for CircleCI using Sysdig Secure. Image scanning allows DevOps teams to detect and resolve issues, like known vulnerabilities and incorrect configurations, directly in their CI/CD pipelines. Using Sysdig Secure, you can enforce image policies to block vulnerabilities before they reach production environments and fix them faster while the developer still has the context.

We’ve been busy this New Year (a rather warm one in San Francisco) to bring you exciting new ways to secure your DevOps journey. Read on for the details and see how you can put them to use!

We often hear from our customers that to adopt a container and Kubernetes security tool in any mid sized or large organization, separation of duties and least privilege access via RBAC is a must. Admin roles cannot be granted unnecessarily to all teams. If users or groups are routinely granted these elevated privileges, account compromises or mistakes can result in security and compliance violations.

Monitor Kubelet is key when running Kubernetes in production. Kubelet is a very important service inside Kubernetes’ control plane. It’s the component that cares that the containers described by pods are running in the nodes. Kubelet works in a declarative way by receiving PodSpecs and ensuring that the current state matches desired pods.

Experience Kubernetes OOM kills can be very frustrating. Why is my application struggling if I have plenty of CPU in the node? Managing Kubernetes pod resources can be a challenge. Many issues can arise, possibly due to an incorrect configuration of Kubernetes limits and requests. In this article, we will try to help you detect the most common issues related to the usage of resources.

Sysdig, an industry leader for monitoring and security of cloud-native workloads, and IBM have joined forces to bring a fully Integrated powerful platform that delivers the security and performance that enterprises need in today’s multi-cloud world. Sysdig Secure and the IBM Cloud Pak for Multicloud Management (MCM) can help you accelerate Kubernetes and cloud adoption by addressing security and regulatory compliance from the start on enterprise hybrid cloud environments.

In this blog post, you will learn how to setup image scanning with Github Actions using Sysdig Secure DevOps Platform. We will create a basic workflow to perform a local scan to detect vulnerabilities and bad practices before the image is pushed to any registry. We will also customize scanning policies to stop the build according to a set of defined rules.