2 min

Sysdig – a container security company – has improved its monitoring system for Kubernetes with a number of new features. The new options use machine learning.

Sysdig uses a uniform approach to container security. In addition, it monitors for threats, but also provides forensic tools to investigate possible problems. The company offers a cloud native intelligence platform based on two open source projects; the Sysdig forensics platform and Sysdig Falco.

Runtime profiling

One of the new options is runtime profiling, writes Silicon Angle. This feature has been added to Sysdig Securev, an important part of the company’s platform. Sysdig Secure makes it possible for large companies to monitor the health and performance of a Kubernetes environment.

Runtime profiling, combined with the new Falco Rule Builder user interface, makes it easier to create runtime security policies. The function works by creating a learned container profile, which contains information about the normal processes, activities of file systems, network behaviour and system calls of container images.

Once the profile has been created, DevOps and security teams can use it to create policies that are automatically applied to any application. These rules help administrator to revert to the highest levels of deviant behavior that can indicate security problems.

Machine learning better than manual work

According to Sysdig, this method of machine learning-based profiling is better than manual profiling. In the manual version, there is a high risk of human error, so it is not reliable enough.

Applications that go into production get a lot of scale and complexity, so it’s almost impossible to manually set up each security function.

The Falco Rule Builder allows teams to create security policies based on the profiles of each container image. According to the company, this allows enterprises to visually interact with the Falco engine in order to create new, adapted policies, without the need for much technical knowledge.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.