Demo: Sysdig Secure - Focus, Find and Fix Cloud Security Threats That Matter
Sysdig Secure really covers the full life cycle of modern cloud native, containerized cloud-based applications from the security point of view, according to Loris Degioanni, chief technology officer and founder of Sysdig. However, for this episode of The New Stack Demos, recorded at CloudNative SecurityCon in February, he opted to focus on only one aspect of the product. This demo, he said, concentrated on “how we tie it to vulnerability management.”
More people are deploying and managing Kubernetes, but it's still relatively new to a lot of people. Degioanni described how the paradigms are new, the approaches are new and different in terms of finding vulnerabilities, and how Sysdig Secure can bring vulnerablity management to the CI/ CD pipeline, for example, without it being too overwhelming.
“So what we're trying to do here is essentially sort of decrease the barrier a little bit for people and make this more digestible … and more secure by actually focusing on what's really important,” he said.
Check out Degioanni’s demo and learn more about how Sysdig Secure finds and prioritizes vulnerabilities.
Also, read The New Stack’s featured article about how the Sysdig Threat Research Team uncovered an extensive crypto mining operation, PurpleUrchin, which abuses free continuous integration and deployment service accounts. “PurpleUrchin: GitHub Actions Hijacked for Crypto Mining”
Loris Degioanni (Linkedin): / degio
Sysdig website: https://sysdig.com/