Sysdig announced the launch of zero trust network security for Kubernetes. This launch expands Sysdig’s runtime security to add network visibility and segmentation. With total network visibility and automated rule creation, Sysdig reduces the time to implement network security from weeks to hours.
Sysdig also announced the expansion of IBM Cloud Monitoring with Sysdig to include Sysdig Secure.
The best strategy for network security is to use native controls, such as Kubernetes network policies, to enforce zero trust network segmentation. With this approach, DevOps teams have confidence that their policies are being implemented accurately. The modern software development stack is moving to open standards and security is no exception.
New zero trust network security with Sysdig
Quickly understand network communications with new topology maps: DevOps teams are often blind to how containerized apps are communicating. This understanding is critical in creating effective policies.
Sysdig adds dynamic network topology maps to visualize all communication into and out of a particular pod, service, and application. This detailed visibility allows DevOps teams to spot malicious attempts that take advantage of permissive network policies before it’s too late.
Save time with low-touch Kubernetes-native network segmentation: Kubernetes network policies are hard for teams to implement. A lot of time is wasted going back-and-forth between developers and DevOps teams to agree on the right network policy. With this announcement, Sysdig saves time by automating least privilege policies based on observed traffic enriched with application and Kubernetes metadata.
Teams can easily implement accurate network policies that are not too permissive, but also do not break application functionality. It also helps organizations meet compliance requirements, such as NIST and PCI, which require network segmentation.
Conduct thorough investigations with process-level visibility: Being able to investigate all connections, either accepted or failed, is critical to responding to below-the-radar attempts before it’s too late.
With Sysdig Audit Tap, DevOps teams can fingerprint every process connection, giving full process-level visibility into the entire environment, including every network connection attempt.
Teams can monitor every connection made by a process, even if a connection is unsuccessful. Teams can also plug into existing incident response workflows by forwarding events to SIEM tools like Splunk.
Simplify the path to zero trust network security
Zero trust is centered on the belief that organizations should never automatically trust anything inside or outside its perimeters and instead must verify before granting access.
As cloud and Kubernetes matures, so does interest in applying Zero Trust principles, but DevOps and security teams are inexperienced at applying a zero trust network security model to these new environments.
“There are several approaches to zero trust that forward-looking security teams can take advantage of. We believe using a Kubernetes-native approach that goes beyond traditional firewalling to enforce segmentation at the namespace and service level is the strongest approach,” said Omer Azaria, vice president of engineering, security at Sysdig.
“For developers and DevOps teams, we provide an easy button for implementing Kubernetes network policies. From the cloud security architect’s opinion, Kubernetes network policies provide guardrails that keep security and compliance in check as developers move quickly in the cloud.”
The Sysdig Secure DevOps Platform allows cloud teams to confidently secure containers, Kubernetes, and cloud services. With Sysdig, cloud teams secure the build pipeline, detect and respond to runtime threats, continuously validate compliance, and monitor and troubleshoot cloud infrastructure and services.