Sysdig, the secure DevOps leader, has made the Cloud-Native Security Hub available in the open. The Cloud-Native Security Hub is a repository for discovering and sharing Kubernetes security best practices and configurations.
The Sysdig open source team kicked off the project this summer, and the company will donate the project and supporting resources to the Falco open source community. Falco, the open source Kubernetes runtime security project, was originally started by Sysdig and since Oct. 2018, it has been a CNCF Sandbox Project.
The hub hosts Falco rules for Kubernetes control plane, popular container images, and detection rules for container-related vulnerabilities. During the next phase, the hub’s scope will extend to include rules and configurations for other Kubernetes security tools.
The goal of the hub is to give developers quick access to validated rules that will ultimately result in more secure Kubernetes environments.
A benefit of Kubernetes environments includes short software production cycles; however, there are security and visibility challenges. Falco and other open source tools are standardizing the Kubernetes security stack, but require complex rules and configurations.
Many of the policies and configurations are largely the same between organizations, regardless of industry. When developers collaborate and share, they will strengthen security in their environments. Until now, there hasn’t been a single searchable repository collecting proven security best practices.
The Cloud-Native Security Hub makes it easier for developers to access the collective expertise of the cloud-native community. Users can take the rules from the hub and pull them directly into clusters.
“It is amazing how quickly Kubernetes has evolved, but there is still security work to be done. Some of the core security features within Kubernetes are still emerging and configuring open source projects takes expertise,” said Loris Degioanni, Founder and Chief Technology Officer at Sysdig.
“By creating a home for users to find and share policies, we will be able to rapidly grow expertise across the community, which improves security of Kubernetes environments for everyone.”
Sysdig’s open source approach
Sysdig was founded with the belief that innovation is stifled when core technology is controlled by a single provider. When vendors work together, they can bring more innovation into the market, quicker.
The Sysdig business model depends on adding services and technologies on top of open source to enhance scalability, performance, and ease of use. As malicious attacks evolve, security tools require constant innovation to stay ahead.
The Cloud-Native Security Hub facilitates sharing across the community that will drive innovations in techniques for using Kubernetes security capabilities.
With this belief in the power of open source, Sysdig has heavily invested in the community. The company introduced Sysdig, the open source container troubleshooting project, in 2014.
Since then, the company has created two additional open source tools — Falco and Sysdig Inspect — along with contributing to other open source projects, including Prometheus and eBPF. In August, Sysdig announced the hiring of Kris Nova as Sysdig’s Chief Open Source Advocate, along with a dedicated open source engineering team.