Sysdig has announced an expansion of its cloud security services at Kubecon 2021. The company is now also able to protect AWS Fargate.
AWS Fargate is a serverless compute engine for runing containers. You only pay for the resources your application uses, so you don’t have to estimate your resource needs in advance. The service has grown tremendously in recent times and, according to Sysdig, more than 40 percent of new customers of AWS container services now choose AWS Fargate. Sysdig wants to capitalise on this by releasing its container threat detection service for this product as well.
First such service for Fargate
Sysdig’s solution consists of runtime security detection and response. The company claims to be the first to release such services for Fargate. The company also claims to have a first with its file integrity monitoring (FIM). This is a mandatory requirement to have for Payment Card Industry compliance.
Overview of both Fargate and other container services
Users of Sysdig’s services will receive a complete overview of the status of both their AWS Fargate environment and other container environments already supported, including Amazon ECS and Amazon EKS. The overview offers information about misconfigurations, vulnerabilities and runtime threats, among other things.
Sysdig lists three new ways the company is improving Fargate’s security. Runtime detection allows security teams to keep an eye out for threats, including suspicious changes to files, based on syscall data. There is support for applications written in all languages, including Go.
Sysdig also creates a log of all activity around AWS Fargate, including commands, network connections and file changes, and correlates this with context from the cloud and Kubernetes. This enables the creation of detailed audit and response reports for Fargate.
Overview of potential risk
Finally, Sysdig boasts of the overview it provides of security and potential vulnerabilities and threats in Fargate. Within minutes of creating a task in Fargate, Sysdig produces a complete picture of a possible attack chain. Furthermore, possible vulnerabilities in the images, suspicious activity, incorrect configurations and suspicious changes to the configurations in Fargate-workloads are identified.