UPDATED 06:00 EDT / JUNE 14 2018

INFRA

With new platform release, Sysdig looks to make containerized apps more secure

Sysdig Inc. debuted a new version of its software container security platform at the DockerCon conference today, with features to prevent code vulnerabilities from making their way into enterprise applications.

Many factors can lead to a security weakness slipping through the cracks. One of them, according to Sysdig, is that companies often push back vulnerability testing until the latter stages of the development cycle. Today’s update aims to facilitate an alternative approach.

At the core of Sysdig Secure 2.0 is a scanner that can automatically check software libraries, packages and configuration settings for vulnerabilities. Freeing up developers from having to run security assessments manually could make it much more practical to perform testing on a regular basis. This is especially true in fast-paced software projects that rely on containers.

Enterprises are rapidly embracing containers because they allow for software to be deployed in a lightweight and highly portable form without rewriting. The technology’s flexibility can help development teams ship code faster, but shorter release cycles come at a cost: They leave less time for engineers to focus on security.

Sysdig Secure 2.0 lets companies integrate its automated vulnerability scanner directly into their development workflows via a new connector for Jenkins, the ubiquitous code management tool. The platform blocks code from getting released if it’s found to contain vulnerabilities.

Sysdig Secure is useful for catching other types of issues as well. For instance, companies can use the platform to flag application components that violate the privacy rules outlined in Europe’s recently implemented General Data Protection Regulation. Sysdig said it has added over 200 new compliance checks as part of the release.

On top of blocking vulnerable code, Sysdig Secure 2.0 also focuses on easing the detection of vulnerabilities that already exist in live production applications. The platform can quarantine or terminate vulnerable containers depending on the severity of the threat.

For a high-level view of exactly how much security risk exists in an environment, administrators can turn to the expanded analytics console included in the release. Sysdig said the dashboard offers insight not only into specific containers or servers but also provides higher-level context about the business assets they underpin.

Image: Unsplash

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU