Activity Audit is a new feature included in the Secure 3.0 release. This feature speeds incident response and enables audit by correlating container and Kubernetes activity.

Sysdig Secure 3.0 introduces Kubernetes Policy Advisor to provide Kubernetes native prevention using Pod Security Policies (PSPs). This feature automates the generation of PSPs and validates them pre-deployment, so they don’t break applications when applied. This allows users to adopt Pod Security Policies in production environments quickly and easily.

Today, we are excited to announce the launch of Sysdig Secure 3.0! Sysdig Secure is the industry’s first security tool to bring both prevention and incident response to Kubernetes.

As Falco grows in popularity, many new users get exposed to it on a daily basis. As should be expected, most of these users are not aware of what the architecture underneath Falco is. What components play a role in powering it? How do these components relate to each other? I thought it would be fun to write a blog post that answers these questions. And I thought it would be fun to write it with an historical perspective.

In this blog post, we are going to teach you how to aggregate all Kubernetes security events across your AWS container services. We’ll be using AWS FireLens to route Falco notifications, centralizing all the security events, such as AWS CloudWatch, in one service.

We’re excited today to release the Sysdig 2019 Container Usage Report. Continued momentum for Kubernetes and greater adoption of cloud-native architectures are changing not just usage patterns, but processes and organizational structures as well. One of the surprising insights this year is the 2X increase in the number of containers that live for less than five minutes. As services grow more dynamic, cloud teams are recognizing the need to integrate security into their DevOps processes.

In this blog post, you’ll learn how to setup image scanning for Azure Pipelines using Sysdig Secure DevOps Platform. Azure DevOps gives teams tools like version control, reporting, project management, automated builds, lab management, testing, and release management. Azure Pipelines automates the execution of CI/CD tasks, like building the container images when a commit is pushed to your git repository or performing vulnerability scanning on the container image.

A recent flaw, CVE-2019-14287, has been found in sudo. In this blogpost, we are going to show you how to use Falco or Sysdig Secure, to detect any exploit attempts against this vulnerability. sudo allows users to run commands with other user privileges. It is typically used to allow unprivileged users to execute commands as root. The issue exists in the way sudo has implemented running commands with an arbitrary user ID in versions earlier than 1.8.28.