Sysdig has announced runtime detection and response to secure AWS Fargate, a serverless compute engine for containers from AWS, an expansion of Sysdig’s cloud security capabilities.
With the announcement, Sysdig launched the first runtime security detection and response solution for AWS Fargate that provides detailed audit logs to respond to incidents. Sysdig also introduced the first file integrity monitoring (FIM) capability for AWS Fargate, a mandatory component to pass PCI compliance.
With Sysdig, organizations get a unified view across AWS Fargate cloud and compatible container services like Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS), including the ability to see misconfigurations, vulnerabilities, and runtime threats.
Sysdig’s runtime detection for AWS Fargate is based on open source Falco, the runtime security tool created by Sysdig and contributed to the Cloud Native Computing Foundation (CNCF). The deep visibility is possible through Falco’s comprehensive access to system calls exported by the Linux kernel. Sysdig worked with AWS to provide comprehensive visibility into AWS Fargate containers.
With early access to AWS Fargate 1.19 last year, the Sysdig team worked on a series of Falco optimizations. The announcement today builds on Sysdig’s existing image scanning and posture management capabilities for AWS Fargate.