Sysdig

Container security orchestration with Falco and Splunk Phantom

Dec 7, 2018 By Néstor Salceda In Sysdig

Container security orchestration allows to define within your security policy how you are going to respond to your different container security incidents. These responses can be automated in what is called security playbooks. This way, you can define and orchestrate multiple workflows involving different software both for sourcing and responding. This is how Falco and Splunk Phantom can be integrated together to do this.

Read Post

Sysdig

Read more about Container security orchestration with Falco and Splunk Phantom

Service based access control with Sysdig Secure Teams

Dec 6, 2018 By Knox Anderson In Sysdig

While you’re likely familiar with role-based access control, Sysdig teams introduce the concept of service-based access control. With service-based access control, administrators can define groups of users that have access to policy events, policy configuration, and scanning data limited to a service or set of services, as defined by your orchestration system (think Kubernetes, Mesos, and the like).

Read Post

Sysdig

Read more about Service based access control with Sysdig Secure Teams

How to identify malicious IP activity using Falco

Dec 3, 2018 By Omer Azaria In Sysdig

One of the most common security use cases, is the ability to identify connections generated by malicious actors, or internal components connecting to suspicious servers (e.g malware C&Cs). In this post, we will show how to leverage the Falco engine, to identify connections made to IPs that were flagged by multiple security sensors, and are streamed as a feed to the Falco engine.

Read Post

Sysdig

Read more about How to identify malicious IP activity using Falco

Using Terraform for container security as code with Sysdig Secure

Dec 2, 2018 By Jorge Salamero Sanz In Sysdig

In the following tutorial you can learn how to implement container security as code. You probably have a CI/CD pipeline to automatically rebuild your container images. What if you could define your container security as code, push it into a Git repository to version control changes and then enforce your policy in your container orchestration tool like Docker or Kubernetes using Sysdig Secure?

Read Post

Sysdig

Read more about Using Terraform for container security as code with Sysdig Secure

What's new in Kubernetes 1.13?

Nov 28, 2018 By Mateo Burillo In Sysdig

Looking forward to the new Kubernetes 1.13 features? At Sysdig we follow Kubernetes development closely and here we bring you a brief intro to what’s new and features that you will find in the next version of Kubernetes. Kubernetes 1.13 will be out on December 03 2018, so here we go: What’s new in Kubernetes 1.13?

Read Post

Sysdig

Read more about What's new in Kubernetes 1.13?

Monitoring Java in Docker: Overcoming past limitations

Nov 21, 2018 By Mateo Burillo In Sysdig

Before the release of Java 9 and 10, there were several limitations to deploying and monitoring Java in Docker. This post explores how the latest versions of Java address the most common of these limitations, and includes examples of how to make the most of monitoring Java in Docker.

Read Post

Sysdig

Read more about Monitoring Java in Docker: Overcoming past limitations

Audit and container runtime security to detect anomalous activity

Nov 21, 2018 By Sysdig In Sysdig

An example of how we can audit and detect anomalous activity in a microservices application running in Docker and Kubernetes using container runtime security.

View Video

Sysdig

Read more about Audit and container runtime security to detect anomalous activity

Container forensics analysis and postmortem

Nov 21, 2018 By Sysdig In Sysdig

This is how we can perform forensics and postmortem analysis after someone hacking into our container and downloading some malware. In this case was a Wordpress instance running on Docker in Kubernetes.

View Video

Sysdig

Read more about Container forensics analysis and postmortem

Container security policy configuration

Nov 21, 2018 By Sysdig In Sysdig

A traditional security policy model doesn’t work with containers. The hard part is applying those policies to different containers as they change in your infrastructure. We need a security policy model that can adapt dynamically to orchestration platforms like Kubernetes and Cloud Native apps.

View Video

Sysdig

Read more about Container security policy configuration

User activity auditing in containers

Nov 21, 2018 By Sysdig In Sysdig

Auditing and logging automatically any command execution being run across your distributed environment is a must for container security best practices.

View Video

Sysdig

Read more about User activity auditing in containers

Subscribe to Sysdig

Operations | Monitoring | ITSM | DevOps | Cloud

Sysdig

Container security orchestration with Falco and Splunk Phantom

Service based access control with Sysdig Secure Teams

How to identify malicious IP activity using Falco

Using Terraform for container security as code with Sysdig Secure

What's new in Kubernetes 1.13?

Monitoring Java in Docker: Overcoming past limitations

Audit and container runtime security to detect anomalous activity

Container forensics analysis and postmortem

Container security policy configuration

User activity auditing in containers

Monthly Archive

Follow Us