Sysdig recently released their Cloud Native Application Protection Platform (CNAPP) with end-to-end detection and response capabilities. This platform combines cloud detection and response (CDR) with CNAPP, integrating the functionality of open-source Falco for both agent and agentless deployment models.
As organizations expand their cloud environments, they often face the challenge of managing numerous applications, services, and identities, leaving them susceptible to potential vulnerabilities. Traditional cloud security tools may be slow to identify suspicious behavior, and once alerted, it can take significant time to piece together the details of an incident. Sysdig's CNAPP aims to address these shortcomings by offering instant and continuous understanding of the entire cloud environment, empowering security teams with real-time insights and the ability to stop breaches instantly.
One of the important features of Sysdig CNAPP is its agentless cloud detection powered by Falco, an open-source solution widely adopted for cloud threat detection. Traditionally, organizations had to deploy Falco agents on their infrastructure to utilize its power within Sysdig. However, Sysdig has now introduced agentless cloud detection, enabling organizations to process cloud logs and detect threats across the cloud, identity, and the software supply chain without the need for additional agent deployments. This streamlined approach saves time and resources while enhancing the platform's threat-detection capabilities.
Earlier this year, Google Cybersecurity Action Team (GCAT) published the State of Cloud Detection and Response Report, which surveyed 400 security leaders and SecOps practitioners in North America. Based on the survey results, it was found that the majority of organizations now perform a significant portion of their computing operations in the cloud. Additionally, four out of every ten organizations transitioned to the cloud within the last year.
Consequently, cyber attackers are adapting their strategies to focus on cloud customers. This shift in the threat landscape has led to 84% of the surveyed respondents expressing the need to increase automation in their security measures to combat these evolving security threats effectively.
To address identity attacks and protect against multifactor authentication fatigue and account takeover, Sysdig introduces Okta detections as part of its CNAPP. By integrating real-time cloud and container activity with Okta events, security teams gain insights into potential identity threats and can take proactive measures to safeguard their cloud environment. Additionally, Sysdig's CNAPP incorporates GitHub detections, enabling organizations to receive real-time alerts when critical events, such as the unauthorized pushing of secrets into repositories, occur in the software supply chain.
Sysdig’s approach with CNAPP provides threat detection anywhere in the cloud, offering 360-degree visibility and correlation across workloads, identities, cloud services, and third-party applications. Interested readers can know more about the features in this Sysdig blog.