Sysdig Launches Visibility and Security Platform 2.0 and Closes the Cloud-Native Visibility Gap
April 11, 2019Sysdig announced
the Sysdig Cloud-Native Visibility and Security Platform
(VSP) 2.0. This new release provides enterprises with the first and
only unified view of the risk, health, and performance of their cloud-native
environments. With this rich-data platform, service owners, DevOps, and
security teams have access to a single source for performance metrics,
compliance dashboards, security events, and more to eliminate risk and resolve
problems fast. Sysdig fills the cloud-native visibility gap that emerged
because legacy security and performance products are blinded by cloud-native
architectures.
The Sysdig Visibility and Security Platform 2.0: A New Look at Cloud-Native Data
Enterprises
have struggled in the transition to production because they need vast amounts
of data and context to understand if their Kubernetes-based microservices are
running reliably and securely. Each team involved in operating services –
service owners, DevOps, and security teams – previously relied on their own set
of isolated tools to get a narrow view of their environment.
With
Sysdig VSP 2.0 these issues are eliminated with a single, comprehensive view of
the enterprise environment which provides risk, health, and performance data
across thousands of clusters for many thousands of microservices.
According
to a new report by analysts at 451 Research, “Tools that were designed for
monolithic applications running on a relatively simple, vertical stack no
longer suffice in increasingly complex environments, comprised of containers,
microservices, third-party services, and multiple clouds. The modern,
cloud-native world requires an entirely new perspective, enabled by new
organizational models and tools designed to deliver visibility into this
dynamic environment.”
451 Report: “A Single Source of Truth for Cloud-Native Development, Operations and Security.“
“We
work daily with the world’s largest financial institutions, government
organizations, and media companies. They are all looking for ways to embrace
DevSecOps to break down the communication and cost inefficiencies among team
silos,” said Payal Chakravarty, vice president of product management at Sysdig.
“Based on their feedback, we created Platform 2.0 to
analyze thousands of microservices and dynamically highlight the ones that have
performance or security issues that need immediate attention. With a single,
operational view to surface performance, compliance, vulnerabilities, and
policy data, users are able to triage issues faster, reduce alert noise, and
gain massive operational efficiency.”
Using the Overview App on Sysdig’s platform, an enterprise can get an aggregated view of this information tuned to different use cases:
- Service owners can ensure that they are shipping reliable, compliant, and vulnerability-free code pre-production, while understanding the performance of their code in production and whether bottlenecks are slowing downstream services.
- Platform operations and DevOps teams can ensure services are performing well while managing capacity allocation, infrastructure performance, and compliance across all clusters.
- Security teams can get a
single, comprehensive view into vulnerability management, compliance, and
run-time policy violations.
This
overview then provides deep contextual information that allows users to dive
deep into Sysdig Secure and Sysdig Monitor to analyze performance metrics,
compliance dashboards, security forensics, and more to isolate and remediate
problems faster than ever before.
Enterprise Scale and Control
As
enterprises rapidly embrace a cloud-native architecture, they require a level
of scale not provided by legacy vendors or existing niche container tooling.
With VSP, Sysdig further scales and simplifies the act of instrumenting, collecting, and storing the granular data required to secure and manage containerized microservices. Alongside this data lives two orders of magnitude more contextual information, for which Sysdig has designed its system to handle natively:
- A single agent based on the extended Berkeley Packet Filter (eBPF) to collect context-rich and deep performance and security data from hosts, containers, orchestrators, network, process, and files across clouds.
- A single, horizontally scalable data platform that ingests, analyzes, and provides operational insights across billions of data points.
- Multi-cloud design that allows Sysdig to run anywhere while securing applications across many clouds.
- Reduce operational overhead by 67 percent or more by eliminating the need for multiple tools.
- Enterprise controls such
as Lightweight Directory
Access Protocol (LDAP) and service-based access controls.
“By
taking advantage of cloud-native architectures, enterprises can right many of
the wrongs of legacy technology,” said Loris Degioanni, founder and chief
technology officer of Sysdig. “Sysdig’s contribution is closing the visibility
gap with a single platform that unifies performance and security data with all the
context needed for highly distributed, ephemeral microservices. We’ve unlocked
all this data for any use case, and we did it while reducing the
instrumentation tax that enterprises are used to paying for safety and
security.”
Sysdig
built its platform with an open core, leveraging Falco, Prometheus, and Sysdig
Inspect as core cloud-native building blocks for its enterprise-class product.
Continued Embrace of the Kubernetes Ecosystem
Sysdig’s
history of supporting the Kubernetes and cloud-native ecosystem goes back to
2015. With VSP, Sysdig extends its leadership position in making Kubernetes
even friendlier for the enterprise.
Key new Kubernetes-related features include:
- Enhanced Kubernetes monitoring and security with new out-of-the-box dashboards for capacity planning, control plane health and compliance trends, new default alerting rules, Kubernetes benchmark results, out-of-the-box Kubernetes audit policies, and integration with Kubernetes admission controllers.
- Support for new runtimes such as CRI-O and containerd.
- A topological view that dynamically understands Kubernetes orchestration, combining compliance violations, network connections, and performance metrics to provide a more holistic infrastructure status.
- The ability to use Kubernetes metadata to search, correlate, and scope events to narrow down root cause or assess risk profiles.
- Downstream integration
forwards events to security
information and event management (SIEM) tools such as Splunk.
Availability
A preview version of VSP 2.0 will be released next month. Sysdig products are priced per host secured and monitored. Pricing starts at $30/host/month, billed annually.