Home / Companies / Sysdig / Blog / December 2019

December 2019 Summaries

3 posts from Sysdig

Filter
Month: Year:
Post Summaries Back to Blog
Two malicious Python libraries, jeilyfish and python3-dateutil, were identified on the Python Package Index (PyPI) as typosquatting versions of legitimate libraries, aiming to deceive developers into downloading them. The jeilyfish library, active for nearly a year, was particularly harmful, as it collected and transmitted sensitive information such as SSH and GPG keys to a server. Meanwhile, python3-dateutil was malicious by referencing jeilyfish. To safeguard against such threats, Sysdig Secure offers a comprehensive solution by integrating image scanning and runtime policies within CI/CD pipelines. This allows detection and prevention of trojanized libraries and their activities, using tools like Falco to monitor and act against suspicious runtime behaviors, ensuring protection from similar zero-day threats and typosquatting attacks.
Dec 12, 2019 2,311 words in the original blog post.
Kubernetes 1.17 introduces a range of enhancements and optimizations aimed at improving performance, scalability, and functionality across multiple features. This release includes the promising topology-aware routing for services, enhancements to IPv4/IPv6 dual-stack support, and the machine-readable structured output for kubeadm, which facilitates better integration with tools like Terraform. The update also sees several features graduating to stable, including Taint node by condition, Schedule DaemonSet Pods by kube-scheduler, and Configurable Pod Process Namespace Sharing, which offer more refined scheduling and node management capabilities. Additionally, the release optimizes the kube-apiserver by reducing redundant object serialization, introduces an EndpointSlice API for better scalability, and finalizes support for dynamic maximum volume counts and Kubernetes CSI topology. These improvements reflect a focus on optimizing network traffic, supporting dual-stack configurations, and enhancing the Kubernetes ecosystem's overall efficiency and flexibility.
Dec 06, 2019 2,050 words in the original blog post.
Josh Ziman, CTO of Global Commerce & Information, discusses the implementation of compliance requirements in federal environments using modern security architectures, focusing on Sysdig Secure DevOps Platform to address NIST SP 800-53 and FedRAMP controls. Sysdig Secure enhances container and OpenShift-based infrastructures by allowing for the development and application of micro-policies that align with specific business and container needs, thereby streamlining the compliance process. The platform's capabilities, such as runtime profiling and container baselining, enable organizations to maintain compliance and enforce policies throughout the container lifecycle, offering both rigidity and flexibility in security measures. By integrating Sysdig's tools with Global CI's policy lifecycle approach, organizations can efficiently achieve ongoing authorization and rapid Authorization to Operate (ATO), while balancing high-level policy objectives with technical implementation and business impact.
Dec 02, 2019 1,460 words in the original blog post.