Sysdig, the container security startup, announced some new unified cloud and container security products to its portfolio, with the launch of continuous cloud security posture management. Cloud Security Posture Management for AWS is the first product.
It is based on Cloud Custodian, an open-source, stateless rules engine that manages AWS environments by combining many of the compliance scripts used by organizations.
The new service brings cloud asset discovery, compliance validation, and cloud services posture assessment. IT teams will be able to identify the entire attack chain and start a rapid response to threats.
The second product
The second product is the Multi-Cloud Threat Detection for AWS and GCP, based on Falco (an open-source, cloud-native runtime security project by Cloud Native Computing Foundation and Sysdig.)
It offers alerts using continuous cloud audit logs inspection. Falco performs analysis within the user’s cloud account, protects data, and eliminates log exportation costs.
The service also brings support for cloud threat detection using GCP audit logs, in addition to the AWS CloudTrail integration it received in 2020. Security teams can continuously detect suspicious activity or configuration changes in their infrastructure without manual or periodic configuration checks.
The third product
Cloud Risk Insights rounds off the new offerings. It provides visual insights across connected cloud and container security incidents. They are prioritized based on the level of risk they pose.
This one will reduce alert irritations and give instant visibility to view the entire cloud attack chain, from the time a hacker exploits a container flaw and accessing the cloud to elevate privileges and use the Kubernetes cluster for things like crypto mining.
These three products have a free tier that includes a daily check against the Center for Internet Security benchmarks and continuous threat detection to bring security and enforce compliance.