DEVOPSdigest

Mend.io and Sysdig unveiled a joint solution to help developers, DevOps, and security teams accelerate secure software delivery from development to deployment.

The new integration incorporates runtime context from Sysdig with Mend Container to provide users with superior, end-to-end, and risk-based vulnerability prioritization and remediation across development and production environments.

“As organizations increasingly use such cloud-native services as containers and Kubernetes, they struggle to keep pace with the high number of detected security issues,” Vered Shaked, EVP of Corporate Development at Mend.io. “Together, Mend.io and Sysdig give organizations struggling with limited time and resources more effective ways to target the remediation of real risk. By providing insights into risk detected at runtime, security teams can prevent and defend with greater confidence.”

“At the end of the day, security needs to protect the organization without slowing down product development, but teams struggle to prioritize due to a lack of runtime context,” said Bryan Smoltz, Vice President of Technology Alliances at Sysdig. “By highlighting the vulnerabilities to prioritize with runtime insights, our collaboration with Mend.io enables users to streamline security and move faster.”

Through its vantage point at runtime, Sysdig profiles containers to pinpoint the software packages that are in use vs. those that are not. Armed with these insights, Mend.io enables developers to quickly target the remediation of vulnerabilities and real risk based on runtime exposure and severity.

Mend Container, when integrated with Mend SCA and Sysdig Runtime Insights API, incorporates the runtime context of software packages into the Mend SCA product and container scanning results. By providing a view into runtime context, developers and security teams can confirm application deployment and behavior in production and set preferred remediation priorities and scoring.