Sysdig into your workflows Automate image scanning into build Continuously validate compliance Enforce runtime security Use monitoring data for troubleshooting and security Implement an incident response plan
during Build Scan for: • vulnerabilities: ◦ OS packages ◦ 3rd party libraries • Misconfigurations CI/CD integration + registry support Runtime reporting of new vulnerabilities Trigger based alerting and notifications to appropriate teams Registry
Need to meet multiple regulatory compliance standards (NIST, PCI, etc) Steps to extend compliance across the entire container/k8s lifecycle: 1. Cluster deployment and setup (use CIS Benchmarks) 2. Build time: image scanning (use scanning policies for PCI, NIST) 3. Runtime Compliance (runtime rules based on Falco) 4. Audit activity: i. Host ii. Containers iii. Orchestration: K8s api audit events
for troubleshooting and security Look for feedback via runtime monitoring and spot potential attacks: - DoS - Cryptomining - Unexpected POD CRASHLOOP - Unexpected processes - Rogue connection attempts - New deployments, orchestration events - Misconfiguration and software bugs - File Integrity Monitoring
Full stack visibility (Processes, network, file system etc aka every single system call) Runtime Prevention via K8s native controls: - Pod Security Policy - Network Security Policy Runtime Threat Detection (IDS) via Falco + enterprise workflows - Cloud and Kubernetes aware policies - Machine learning profiling - Community contribution
Response Plan Automated response - K8s and container aware - Remediation actions (Alert, Stop, Pause, Quarantine / taint) Full command audit and K8s API events trace Sysdig capture file - Recreate all system activity even if the container is long gone
Open Foundation Image scanning Vulnerability analysis Monitoring Infrastructure and application metrics Runtime security Detection rules and alerts Forensics/troubleshooting Deep visibility into container activity Sysdig Secure DevOps Platform Adds scale, workflow, K8s, and cloud context Respond Run Build
30 day free trial: https://sysdig.com/company/free-trial/ Monday, April 20 8am PDT / 4pm GMT K8s Security MasterClass Rancher & Sysdig Detecting anomalous activity in Rancher with Falco and Sysdig Secure Tuesday, April 21 10am PDT / 6pm GMT PCI Compliance in Containers & K8s Map PCI processes to containers and walk through a time-saving checklist Thursday, April 30 10am PDT / 6pm GMT Top 5 Cloud Native Pipeline Security Considerations Booz Allen Hamilton experts share best practices in securing software pipelines Register for our upcoming webinars sysdig.com/webinars