DEVOPSdigest

Sysdig announced a partnership with Google Cloud to deliver cloud and container security solutions that help organizations address security and compliance needs.

This collaboration establishes the Sysdig software-as-as-service (SaaS) offering on Google Cloud and introduces a new unified cloud and container security offering for Google Cloud customers. The Sysdig Secure DevOps Platform brings new continuous cloud security and compliance controls together with existing vulnerability scanning, compliance validation, and threat detection for containers.

Enterprises are under pressure to accelerate the delivery of applications in the cloud. Modern cloud apps built using a DevOps approach, CI/CD, and containerized microservices require a shift in security processes. According to the State of DevOps 2021 study, “Teams who integrate security best practices throughout their development process are 1.6 times more likely to meet or exceed their organizational goals.” Without secure DevOps, misconfigurations and weak passwords in the cloud are common, evident by the many high-profile cloud breaches. Sysdig is solving these problems, together with Google Cloud, to help joint customers reduce security risk and confidently run containers, Kubernetes, and cloud.

With this announcement, Sysdig adds cloud capabilities to give enterprises a new way to meet key security and compliance requirements across their Google Cloud deployments.

- Cloud Security Posture Management (CSPM) for Google Cloud: Secure public cloud accounts with automatic cloud asset discovery, cloud services posture assessment, and compliance validation based on the Cloud Custodian open-source project. Cloud security teams can automatically discover in-use Google Cloud services, flag misconfigurations, and alert on compliance violations.

- Cloud configuration change and threat detection: Detect threats via Google Cloud Audit logs with out-of-the-box rules based on open source Falco to continuously monitor for suspicious activity or configuration changes across services and infrastructure in real-time.

- Chronicle integration for advanced threat hunting: Forward Sysdig-detected security events directly to Google Cloud’s Chronicle security analytics platform. Sysdig cloud and container detection, built on Falco, gives Chronicle users unique insight to analyze and respond faster to cloud-native workload threats.

- Sysdig SaaS on Google Cloud: The Sysdig SaaS platform is now available in the Google Cloud US-East region, making it even easier for cloud teams to get started with security, compliance, and monitoring for public, hybrid, and multi-cloud environments. Teams can get started in minutes leveraging Google Cloud’s trusted, world-scale infrastructure and grow without worrying about backend data management.

- Availability on Google Cloud Marketplace: Purchase and deploy with a single click from the Google Cloud Marketplace. Consolidated billing allows customers to draw down on their Google Cloud spend commitment.

- Free Tier for Cloud Security: Take advantage of continuous cloud security for free, forever, for a single account. Sysdig’s Free Tier includes a daily CIS benchmark check and threat detection to ensure cloud environments are secure and compliant. The Free Tier also includes image scanning for Google Cloud Registry (GCR) or Artifact Registry to automatically detect and block vulnerabilities for up to 250 images per month.

“With security top-of-mind for our customers, we expect the deep visibility and threat detection of Sysdig and the secure-by-default infrastructure of Google Cloud will encourage greater cloud adoption among today’s enterprises,” said Vineet Bhan, Head of Security Partnerships, Google Cloud. “We believe there is a lot of opportunity for us to accelerate innovation together with our partnership.”

“We’re seeing an inflection point and cloud and container adoption is accelerating, yet we know security is the top barrier,” said Suresh Vasudevan, Chief Executive Officer, Sysdig. “We are excited to partner with Google Cloud to help customers adopt secure DevOps, so they can confidently run container and Kubernetes workloads.”

The new capabilities announced today build on joint visibility, security, and compliance solutions previously available for Google Cloud services including GKE, Anthos, Security Command Center, Cloud Run, Cloud Build, Google Container Registry, and Artifact Registry.

The Sysdig Secure DevOps Platform provides organizations a SaaS-first platform to address the most critical security, compliance, and monitoring functions, allowing teams to ship cloud applications faster. The Sysdig platform delivers image scanning, Kubernetes and container monitoring, application and cloud service monitoring, runtime security, compliance, threat detection and prevention, incident response, and forensics at scale.