Home / Companies / Sysdig / Blog / August 2021

August 2021 Summaries

9 posts from Sysdig

Filter
Month: Year:
Post Summaries Back to Blog
August 2021 updates from Sysdig include the introduction of managed Prometheus services allowing for remote write and custom metrics, enhancements in Sysdig Secure with the general availability of Kubernetes Audit functionality, and improvements in the Sysdig Monitor's integration capabilities. The Sysdig Secure Admission Controller now directly taps into Kubernetes API requests, improving policy creation against audit logs, while updates to the Sysdig Agent, such as the latest release of version 11.4.0, include various feature enhancements and defect fixes. The company has also made improvements in Kubernetes dashboards for better user experience and capacity planning and introduced customizable session expiration settings. Additionally, there are updates to the Sysdig Serverless Agent, Helm Chart, Inline Scanning Engine, and various SDKs, CLI tools, and plugins, reflecting Sysdig's ongoing commitment to enhancing cloud security, monitoring, and integration capabilities.
Aug 31, 2021 1,816 words in the original blog post.
Sysdig's acquisition of Apolicy aims to enhance cloud and Kubernetes security by integrating Infrastructure as Code (IaC) security and auto-remediation into its Secure DevOps platform. Apolicy's expertise in policy management, leveraging Open Policy Agent (OPA), and automated workflows allows Sysdig to manage security risks from source to production effectively. This acquisition supports the shift-left security approach in DevOps, focusing on identifying vulnerabilities early in the software development pipeline. Apolicy's approach includes automated drift remediation, risk prioritization, and policy enforcement across various environments, strengthening Sysdig's Kubernetes Security Posture Management (KSPM) and Cloud Security Posture Management (CSPM). The integration addresses the growing need for secure, compliant, and resilient infrastructure deployment as enterprises increasingly adopt containers and cloud technologies.
Aug 30, 2021 986 words in the original blog post.
OpenTelemetry offers a streamlined approach for sending metrics to a Prometheus remote write endpoint without the need for a fully configured Prometheus server, making it suitable for scenarios where custom metrics need to be sent from batch jobs or specific applications. It provides a vendor-agnostic set of SDKs, APIs, and tools to manage traces, metrics, and logs, and it integrates with open-source projects like Jaeger and Prometheus. The OpenTelemetry Collector facilitates the receipt, processing, and export of data by configuring it with a receiver for OpenCensus and an exporter for Prometheus Remote Write, enabling metrics to be pushed to external Prometheus servers. In a Kubernetes environment, users can deploy the OpenTelemetry Collector with a ConfigMap, Service, and Deployment, ensuring the necessary configurations, such as authentication tokens, are in place. This solution simplifies monitoring processes, and with the aid of the Sysdig platform, users can quickly set up a Prometheus remote write compatible endpoint to efficiently track business batch operations.
Aug 24, 2021 1,053 words in the original blog post.
AWS GDPR compliance is crucial for organizations processing personal data from EU citizens, as the GDPR requires companies to implement robust data protection measures and report breaches within 72 hours. The regulation, which aims to enhance privacy rights, has led to increasing enforcement by the European Data Protection Supervisor. AWS operates under a shared responsibility model, meaning users must ensure their service architecture meets compliance requirements. Sysdig Secure offers curated controls and compliance reports to assist companies in achieving AWS GDPR compliance, providing detailed explanations for each control and allowing users to track their security posture over time. These tools are useful for both cloud-based and local workloads, helping organizations avoid significant fines and maintain competitiveness in a global market.
Aug 18, 2021 957 words in the original blog post.
Sysdig has enhanced its managed Prometheus service by introducing Prometheus Remote Write functionality, allowing users to push metrics directly from their Prometheus servers to Sysdig Monitor, which offers scalable long-term storage and simplified monitoring. This feature supports various environments, including those not typically suited for Sysdig agents, and enables centralized metrics management across different setups, including Kubernetes. Users benefit from a form-based query interface, extended PromQL capabilities, and out-of-the-box tools for easy integration and configuration. Sysdig's pricing model now includes a usage-based option for custom metrics, providing a cost-effective solution for companies with high custom metric usage. With support for Prometheus's open-source standards and a commitment to avoiding vendor lock-in, Sysdig aims to streamline the monitoring process while offering competitive pricing and ready-to-use metrics, dashboards, and alerts.
Aug 11, 2021 1,161 words in the original blog post.
Sysdig Monitor aims to simplify monitoring integrations for services and applications through a streamlined use of Prometheus exporters, which help transform diverse metric formats into a standardized Prometheus format. By embracing open-source solutions, Sysdig reduces vendor lock-in and allows users to easily manage monitoring integrations with automatic workload discovery and management. It offers guided configuration for exporters, ensuring ease of setup without delving into complex documentation. Sysdig also maintains a secure image repository, ensuring all exporter images are safe and compatible with various application versions. Integration into CI/CD workflows is supported, with options like Helm charts for customization. Sysdig provides out-of-the-box dashboards and alert templates based on best practices, making it easy for users to start monitoring their applications effectively. The approach is designed to save time and effort, enabling users to focus on critical tasks while maintaining transparency in metric association with application workloads.
Aug 11, 2021 1,544 words in the original blog post.
The article introduces Pi-hole, an open-source network advertisement and internet tracking blocker, and explains how to monitor it using Prometheus Remote Write on a Raspberry Pi. Pi-hole operates by intercepting DNS requests to block potentially dangerous or ad-laden content, protecting all network-connected devices. The guide addresses the limitations of using a Raspberry Pi's SD card for intensive data storage by suggesting a configuration that sends data to a Prometheus server hosted elsewhere, thereby minimizing local storage use. It details the setup process, including installing Docker, deploying a Prometheus exporter for Pi-hole metrics, and configuring Prometheus to scrape these metrics and use remote write for centralized monitoring. Additionally, the author highlights using Sysdig Monitor and PromQL for creating dashboards that enhance visibility into network requests, ultimately offering a secure and manageable solution for maintaining network integrity with minimal overhead.
Aug 11, 2021 1,378 words in the original blog post.
The blog post discusses the importance of securing AWS Identity and Access Management (IAM) to prevent cloud data breaches, which occur frequently due to security misconfigurations and improper IAM settings. IAM plays a crucial role in cloud security by controlling access to resources and is inherently complex due to its integration with other AWS services. The post highlights common IAM misconfigurations, such as not enabling Multi-Factor Authentication (MFA), using weak password practices, and failing to apply the least privilege principle. Sysdig Secure offers a suite of more than 30 out-of-the-box rules to help users enhance the security of their AWS accounts by detecting and mitigating these vulnerabilities. These rules can be customized using a familiar language for those already employing Sysdig's security tools, facilitating seamless integration into existing cloud and container environments. The article encourages adopting robust security practices and utilizing tools like Sysdig to monitor and address potential security threats efficiently.
Aug 05, 2021 1,635 words in the original blog post.
Sysdig has pledged its support for Respect in Security, an initiative aimed at eliminating harassment from the cybersecurity industry, emphasizing its commitment to fostering a diverse and inclusive community both within the company and in the broader open-source community. The company defines harassment broadly, including any unwanted conduct that violates a person's dignity or creates an intimidating environment, and vows to address it in all forms, whether in the workplace or related settings. Sysdig's pledge includes commitments to not tolerate harassment, empower individuals to report incidents without fear of retaliation, protect anonymity, and provide regular education on what constitutes harassment. The organization also ensures that its reporting protocols are publicly accessible and regularly reviewed to maintain a positive and safe environment for all stakeholders.
Aug 03, 2021 599 words in the original blog post.