Sysdig Integrates with Docker
October 05, 2023

Sysdig and Docker announced the integration of Sysdig runtime insights into Docker Scout to help developers prioritize risk and move faster.

Docker and Sysdig will help customers reduce software supply chain noise, prioritize the insights that matter, and build leaner container images. Sysdig is the first runtime security integration into Docker Scout.

By leveraging real-time insights from production – such as in-use vulnerabilities, multidomain correlation, and in-use permissions – the Sysdig cloud-native application protection platform (CNAPP) connects the dots and identifies top risks across the software life cycle.

Docker Scout provides developers with actionable insights across the software supply chain via context-aware recommendations that result in improved application reliability and security. With this partnership, built on a shared open source heritage and commitment to cloud-native innovation, Sysdig and Docker add additional layers of runtime security that bring better visibility while empowering development and security teams to target real, imminent risk.

Benefits of Sysdig Runtime Insights Integration with Docker Scout

- Ship more secure images: Developers can compare images during the build phase with those running in production to easily identify risk, eliminate unnecessary packages, and build leaner container images with a smaller attack surface. Integration with the Docker Build and Push GitHub Action provide insight directly within GitHub to avoid committing risky images.

- Avoid shift-left security gaps: Shift-left security empowers teams to make better-informed decisions earlier in the development process. With Docker and Sysdig, it is possible to correlate image analysis with runtime context to generate actionable insights for securing the software supply chain.

- Accelerate cloud-native application delivery: Software validation processes are faster when informed by Sysdig runtime insights. By quickly identifying imminent risks that require immediate remediation, developers can focus on innovation and deliver cloud-native applications faster.

- Reduce monitoring noise: Joint customers can reduce monitoring noise by up to 95%, separating which vulnerabilities are in use and which are not. This helps security teams focus on what is most important and saves time for developers.

“Organizations need to strengthen security across the entire software life cycle. With Docker Scout, Docker is giving developers the power to build more secure images from the start. Incorporating Sysdig runtime insights means that users can save time by focusing on the real risks exposed in production. Our partnership will help teams to both shift left and shield right to protect against breaches without slowing innovation,” said Bryan Smoltz, Vice President of Technology Alliances at Sysdig.

“Docker Scout proactively provides actionable insights across the secure software supply chain,” said Julien Faure, General Manager for Software Supply Chain at Docker. “With the Sysdig integration, we’re able to cut through the noise using runtime context. Knowing which packages are in use allows developers to prioritize what matters and deliver secure software faster.”

Share this

Industry News

December 19, 2024

Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).

December 19, 2024

Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.

December 18, 2024

Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.

December 18, 2024

Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.

December 17, 2024

Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.

December 17, 2024

Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.

December 17, 2024

Kindo formally launched its channel partner program.

December 16, 2024

Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.

December 16, 2024

Fastly announced the general availability of Fastly AI Accelerator.

December 12, 2024

Amazon Web Services (AWS) announced the launch and general availability of Amazon Q Developer plugins for Datadog and Wiz in the AWS Management Console.

December 12, 2024

vFunction released new capabilities that solve a major microservices headache for development teams – keeping documentation current as systems evolve – and make it simpler to manage and remediate tech debt.

December 11, 2024

CyberArk announced the launch of FuzzyAI, an open-source framework that helps organizations identify and address AI model vulnerabilities, like guardrail bypassing and harmful output generation, in cloud-hosted and in-house AI models.

December 11, 2024

Grid Dynamics announced the launch of its developer portal.

December 10, 2024

LTIMindtree announced a strategic partnership with GitHub.