CIO Influence
CIO Influence News Cloud Security

Sysdig Delivers Industry’s First CNAPP with End-to-End Detection and Response

Sysdig Delivers Industry's First CNAPP with End-to-End Detection and Response

Sysdig, the leader in cloud security powered by runtime insights, announced end-to-end detection and response embedded in its CNAPP. The company is the first vendor to deliver the consolidation of cloud detection and response (CDR) and Cloud-Native Application Protection Platforms (CNAPP), leveraging the power of open source Falco in both agent and agentless deployment models. This approach enables Sysdig to be the only CNAPP platform that can detect threats instantly anywhere in the cloud with 360-degree visibility and correlation across workloads, identities, cloud services, and third-party applications.

aws cloud

As organizations build out their cloud environments, they face sprawl, with hundreds of unchecked and potentially vulnerable applications, services, and identities. Most cloud security tools are slow to identify suspicious behavior, and once alerted organizations can spend hours, if not days, combing through snapshots trying to piecemeal together what happened. It is a best-case scenario for bad actors, gifting them hours or even days to inflict maximum damage – and the organization might never know what happened.

CIO INFLUENCE: Top Challenges for CTOs in 2023

Embedding CDR in CNAPP

Teams need a CNAPP that instantly and continuously understands the full context of the entire environment. With today’s announcement, Sysdig is consolidating CDR and CNAPP, giving teams a single platform that understands the entire application life cycle, puts the application at the center, and consolidates security tools around it. Using its runtime insights – knowledge of what is in use at production – Sysdig makes better-informed decisions across the software life cycle.

Stop Breaches Instantly with End-to-End Threat Detection

  • Agentless cloud detection based on Falco: Created by Sysdig, Falco is a widely adopted open source solution for cloud threat detection, now under the stewardship of the Cloud Native Computing Foundation. Previously, to leverage the power of Falco within Sysdig, organizations had to deploy Falco on their infrastructure. With the release today, customers can access an agentless deployment of Falco when processing cloud logs, which are used to detect threats across cloud, identity, and the software supply chain, along with other sources.
  • Identity threat detection: With new Sysdig Okta detections, security teams can protect against identity attacks, such as multifactor authentication fatigue caused by spamming and account takeover. Sysdig details the entire attack from user to impact by stitching Okta events with real-time cloud and container activity.
  • Software supply chain detection: Extend threat detection into the software supply chain with new Sysdig GitHub detections. Developers and security teams can be alerted in real time of critical events, such as when a secret is pushed into a repository.
  • Enhanced Drift Control: Prevent common runtime attacks by dynamically blocking executables that were not in the original container.

CIO INFLUENCE: General Data Protection Regulation (GDPR) Anniversary

Accelerate Cloud Investigations and Incident Response in Real Time

  • Live mapping: Sysdig brings an endpoint detection and response (EDR)-like approach of assembling all relevant real-time events into one view when a breach occurs. With Kubernetes Live, teams can dynamically see their live infrastructure and workloads, as well as the relationships between them, to speed incident response.
  • Attack lineage with context: Sysdig Process Tree enables the rapid identification and eradication of threats by unveiling the attack journey from user to process, including process lineage, container and host information, malicious user details, and impact.
  • Curated threat dashboards: Dashboards provide a centralized view of critical security issues, spotlighting events across clouds, containers, Kubernetes, and hosts to enable threat prioritization in real time. Sysdig also provides dynamic mapping against the MITRE framework for cloud-native environments, so security teams know exactly what is happening at any given moment.

“Due to the nature of our product, Noteable is a target for cryptojacking attacks. Sysdig is the best at cloud detection and response. They are the only vendor that provides a complete platform with multiple defense layers to detect abnormal activity in real time and surface appropriate context so that we understand the possible impact and can respond quickly,” said Pierre Brunelle, CEO at Noteable.

“In the cloud, everything happens fast. Time is of the essence when stopping attacks. Breaches can be very costly. Sysdig enables us to quickly detect and respond to cloud attacks at cloud speed by knowing what is happening, the exact container or location in the cloud, and what is causing it, versus hours to detect and understand what needs to be done,” said Karl Maire, Platform Tech Team Lead at Fuel50.

CIO INFLUENCE: Nextira Selected by Ansys Technology Partner Program to Support Customers Implementing Ansys Gateway Powered by AWS

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

ADDING MULTIMEDIA MATRIXX Software and CompaxDigital Join Forces to Drive New Revenue Growth for Emerging 5G Services

AsiaRF Unveils Revolutionary Developments for MWC 2023 The World’s First Wi-Fi HaLow IoT Solution to Debut Soon

PR Newswire

Mapp Cloud Fall Update New Smart Notifications and Eight Advanced Features

CIO Influence News Desk