Sysdig Enhances its Cloud-Native Intelligence Platform with NIST 800-190 and PCI Compliance Capabilities for Kubernetes and OpenShift Environments

Sysdig Enhances its Cloud-Native Intelligence Platform with NIST 800-190 and PCI Compliance Capabilities for Kubernetes and OpenShift Environments

intelligence company, today announced new features for its Cloud-Native
Intelligence Platform focused on helping enterprises transition to
containers, reduce security risks, increase compliance posture, and
improve DevOps efficiency. With this announcement, Sysdig is the first
cloud-native visibility solution to extend compliance metrics and the
Kubernetes audit events to a monitoring dashboard. Furthermore,
compliance data will be available by default for all Sysdig customers,
whether they are usingSysdig
, or the entireSysdig
. With these added features, enterprises gain visibility
into the performance, health, and compliance posture of their Kubernetes
environment at a depth that no other cloud-native visibility or security
solution can provide.

Today’s enhancements also add long-term compliance trending and
dashboarding for Kubernetes and OpenShift environments andout-of-the-box
frameworks for National Institute of Standards and Technology (NIST)
800-190 and PCI compliance standards
. With Snyk integrations, Sysdig
adds enhanced vulnerability management. This release also introduces
Security Information and Event Management (SIEM) enrichment capabilities
and guided compliance remediation. These out-of-the-box frameworks,
integrations, and guided remediation allow customers to quickly and
efficiently enforce and adhere to various compliance and security
standards across their OpenShift and Kubernetes environments.

“By combining security and visibility data, we are giving enterprises a
deeper, clearer view inside their containers. Unified data that supports
both security and DevOps teams encourages better communication and
ultimately improves DevOps efficiency. With this new product release, we
accelerate enterprises’ ongoing transition to containers by giving them
the rich data they need to monitor application health, ensure
compliance, and reduce the risk of an attack on the environment,” said
Loris Degioanni, chief technology officer and founder of Sysdig.

Key Customer Benefits

  • Support for New Compliance Frameworks:By adding out-of-the-box
    NIST 800-190 and PCI bundles, enterprises have confidence knowing
    their containers and images meet specific compliance standards. NIST
    800-190 and PCI scanning policies can be leveraged pre-deployment to
    scan images early in the CI/CD pipeline and can also be used to assess
    whether images running in production are compliant. In the event
    images no longer meet compliance, DevOps and security teams will be
  • Guided Remediation for Compliance:In the event of a Center for
    Internet Security (CIS) Kubernetes and Docker benchmark configuration
    drift, users can leverage guided remediation tips in Sysdig to apply
    best practices for maintaining compliance, saving security
    professionals time when issues arise.
  • New Compliance Dashboards: Sysdig users will have access to
    more than 90 compliance metrics. By extending compliance to Sysdig’s
    monitoring dashboards, DevOps have access to more information for
    better decision making and they can quickly visualize patterns and
    trends in their compliance posture.
  • New Kubernetes Audit Dashboards:In December, Sysdig released
    Sysdig Secure 2.2, the first cloud-native security technology to tap
    the Kubernetes audit policy to create an additional feed of events.
    Sysdig has turned these events into metrics that give customers the
    ability to see long-term compliance posture trends in customizable
    dashboards, making is easier and quicker to ensure compliance.
  • SIEM Enrichment Capabilities:Sysdig is able to reduce alert
    fatigue by providing Security Operations Center (SOC) analysts the
    ability to prioritize alerts based on Sysdig triggered events. With
    this prioritization, DevOps teams will be able to better judge what
    warrants their attention and ultimately save time.
  • Enhanced Vulnerability Management with Snyk Integration: Sysdig
    ingests Snyk
    feeds to provide visibility into vulnerabilities for non-OS based
    packages, including Python, NPM, and Ruby to surface and bring
    attention to dependencies sooner, enabling DevOps to fix
    vulnerabilities before they are exploited.

RSA Conference, San Francisco – March 4 – 7, 2019

Sysdig will be at demoing the Sysdig Cloud-Native Intelligence Platform
at Kiosk #37 in theRSAC
Early Stage Expo
, located in the Marriott Marquis from March 5 – 7,
information here

Learn More

Join Binoy Das, solutions architect at AWS, and Pawan Shankar, product
marketing manager at Sysdig, on March 21, 2019 at 10 a.m. PDT for a
one-hour webinar about the “4 Best Practices to Meet Compliance
Requirements in Kubernetes Environments.”Register
. A recording will be available afterwards.

About Sysdig

(Twitter: @sysdig)
is the cloud-native intelligence company. Enterprises depend on Sysdig
to deliver reliable, secure containerized applications. We have created
the only unified platform to deliver container security, monitoring, and
forensics in a microservices-friendly architecture. Our open source
technologies have attracted a community of over a million developers,
administrators, and other IT professionals looking for deep visibility
into applications and containers. Our cloud-native intelligence platform
monitors and secures millions of containers across hundreds of
enterprises, including Fortune 500 companies and web-scale properties.
Learn more at

Read More


Please enter your comment!
Please enter your name here