DEVOPSdigest

Sysdig announced cloud security for Microsoft Azure Cloud with configuration risk management and threat detection that is built on Sysdig’s runtime security technology.

The Sysdig platform brings new continuous cloud security and compliance controls for Microsoft Azure together with existing vulnerability management, compliance, and threat detection for containers and Kubernetes. This new offering enables organizations to automatically discover assets with configuration drift or suspicious activity and flag cloud misconfigurations and compliance violations. Sysdig already provides cloud security for Amazon Web Services (AWS) and Google Cloud Platform (GCP), and with the addition of Azure, teams have a true multi-cloud solution.

Teams building in the cloud find that limited visibility into cloud usage, configurations, and activity impacts confidence in their security, compliance, and risk posture. Lack of visibility into risky configurations and cloud behavior put businesses at risk.

In recent years, attacks have increasingly utilized lateral movements, where attackers gain access at one point in the system and advance to other parts of the environment until they find something valuable to exploit. Threat research conducted by Sysdig shows that having a single view across cloud, workloads, and containers speeds the time to both detect and respond to these lateral movement techniques. By pairing the Sysdig cloud security capabilities announced with its container security features, teams can identify the entire attack chain and respond to threats faster.

Continuous Cloud Security for Azure Cloud :

- Cloud Configuration Management: Cloud security teams can manage and audit their security posture by automatically discovering all cloud services, as well as flagging misconfigurations and violations of regulatory compliance requirements.

- Multi-Cloud Threat Detection: Sysdig provides continuous detection for AWS, GCP, and now Azure of suspicious activity and configuration changes across infrastructure and services using Azure Activity Logs. This feature provides continuous threat detection to identify attacks and malicious activity that could be missed by static configuration checks.

- Cloud Risk Insights: Sysdig provides new visual insights across interconnected cloud and container security incidents, prioritized by risk levels. Sysdig reduces alert noise and provides instant visibility into the entire cloud attack chain. Classifying incidents based on severity levels allows teams to prioritize what to investigate and respond to first.

"As companies transition to the cloud, the reality is that most will have environments that span more than one cloud, along with containers," said Omer Azaria, VP of Research and Development at Sysdig. "Having a single tool that unifies threat detection across environments is what will keep companies out of the news as the next major breach victim. A single pane of glass is the most effective way to implement security in such environments.”

Sysdig believes the future of security is open. Open source security delivers better security through faster innovation. Organizations can be confident they are adopting an accepted standard that will last. Sysdig chose to build its cloud security capabilities on top of Falco, Sysdig open source, and Open Policy Agent (OPA). Sysdig selected the OPA open source project because it has strong momentum in adoption, a rapidly growing database of rules, enforcement of policy, and multi-cloud support.