Sysdig has announced the launch of Zero Trust network security for Kubernetes, expanding the company’s runtime security to add network visibility and segmentation.
With total network visibility and automated rule creation, Sysdig reduces the time to implement network security from weeks to hours.
Sysdig also announced the expansion of IBM Cloud Monitoring with Sysdig to include Sysdig Secure.
Sysdig adds dynamic network topology maps to visualize all communication into and out of a particular pod, service, and application. This detailed visibility allows DevOps teams to spot malicious attempts that take advantage of permissive network policies before it’s too late.
Further, Sysdig saves time by automating least privilege policies based on observed traffic enriched with application and Kubernetes metadata. Teams easily implement accurate network policies that are not too permissive, but also do not break application functionality. It also helps organizations meet compliance requirements, such as NIST and PCI, which require network segmentation.
With Sysdig Audit Tap, DevOps teams can fingerprint every process connection, giving full process-level visibility into the entire environment, including every network connection attempt. This enables teams to monitor every connection made by a process, even if a connection is unsuccessful.
Teams can also plug into their existing incident response workflows by forwarding these events to a SIEM tool like Splunk.
The Sysdig Secure DevOps Platform allows cloud teams to confidently secure containers, Kubernetes, and cloud services. With Sysdig, cloud teams secure the build pipeline, detect and respond to runtime threats, continuously validate compliance, and monitor and troubleshoot cloud infrastructure and services.
The new network security workflow is available as a part of the Sysdig Enterprise tier at no additional cost.