 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
Sysdig, the cloud native security company, is using open source Falco, as the foundation for its new end-to-end cloud detection and response service: Cloud Native Application Protection Platforms (CNAPP).
You’ve heard that phrase before. A CNAPP is a security and compliance service that teams can use to build, deploy, and run comprehensive cloud native security services. It combines “shift left” and “shield right” security concepts to provide a comprehensive and robust security strategy throughout the application lifecycle.
This latest move, Sysdig claims, marks the first merger of cloud detection and response (CDR) and CNAPP in one cohesive platform. The result? Sysdig states it’s the only CNAPP platform capable of instant threat detection across cloud environments, ensuring comprehensive visibility and correlation across workloads, identities, cloud services, and third-party applications. The key to this integration is Falco and its underlying eBPF Linux kernel dynamic programming.
Falco is an open source runtime security tool. Created by Sysdig, it’s now a Cloud Native Computing Foundation (CNCF) project. Falco uses system calls to secure and monitor a system by parsing Linux kernel system calls at runtime, asserting the system call stream against a powerful rules engine, and alerting users when a rule is violated.
Underneath Falco is eBPF. This revolutionary Linux programming tool can run sandboxed programs in a privileged context, such as the operating system kernel. It’s used to safely and efficiently extend the capabilities of the kernel without changing the kernel source code or loading kernel modules.
This software stack runs quickly because all its components run at such a low level. Therefore, Sysdig asserts that while conventional cloud security tools often lag in identifying suspicious behavior, CNAPP promises an immediate, in-depth understanding of potential problems across the entire cloud environment.
Key features of the new Sysdig CNAPP include:
Alongside these detection enhancements, Sysdig also improves incident response and cloud investigations through:
Beta customers like what’ve they seen so far. Pierre Brunelle, Noteable CEO, said, “Sysdig is the best at cloud detection and response. They are the only vendor that provides a complete platform with multiple defense layers to detect abnormal activity in real-time and surface appropriate context.”
Echoing these sentiments, Karl Maire, Platform Tech Team Lead at Fuel50, added, “Sysdig enables us to quickly detect and respond to cloud attacks at cloud speed by knowing what is happening, the exact container or location in the cloud, and what is causing it.”
