Sysdig achieves Red Hat Vulnerability Scanner Certification

Sysdig's recent renewal of the Red Hat Vulnerability Scanner certification enhances its ability to provide consistent and accurate container vulnerability scanning results for Red Hat-published images and related packages. This certification, achieved through collaboration with Red Hat, allows Sysdig to offer features like the Sysdig Risk Spotlight, which uses runtime insights to help detect, prioritize, and address Common Vulnerabilities and Exposures (CVEs) effectively. The partnership emphasizes the importance of standardization in vulnerability risk assessments, addressing inconsistencies that arise from varying security data sources. Sysdig Secure utilizes the Red Hat OVAL v2 security data feed to understand vulnerabilities in Red Hat-supported packages and determine available patches. This approach aligns with the "shift left" security practice, encouraging earlier detection of vulnerabilities in the development lifecycle to minimize security risks. The Sysdig 2023 Cloud-Native Security and Usage Report highlights the tendency for a significant portion of images to be scanned at runtime, underscoring the need for runtime insights to handle security threats efficiently.