What’s New in Sysdig – Might 2024

“What’s New in Sysdig” is again with the Might 2024 version! My identify is Dustin Krysak. I’m a Buyer Options Engineer primarily based in Vancouver, BC, and I’m excited to share our newest updates.

The Sysdig Menace Analysis Group (TRT) has been busy lately investigating and analyzing new safety threats. Their analysis has uncovered notable vulnerabilities and assault vectors, which they’ve shared insights about by way of the Sysdig weblog. These weblog posts embrace an in-depth take a look at RUBYCARP, a long-running botnet, and LLMjacking, a way that may leverage giant language fashions for malicious functions.

This month, we additionally introduced our newest initiative, the Runtime Insights Associate Ecosystem. If , you’ll be able to take a look at our weblog submit and the official press launch.

image2 84

Sysdig Safe

RBAC Permissions Accessible in Vulnerability Administration

Directors can now create RBAC roles and outline which roles can entry the Vulnerability Administration, Coverage, Reporting, and Threat Acceptance features. For extra info, see Customized Roles.

New Model Releases

Keep up-to-date with the most recent releases for our scanning instruments. Might’s updates deliver improved performance, bug fixes, and safety enhancements. 

Sysdig CLI Scanner V1.10.0

Runtime Scanner V1.7.0

Host Scanner V0.10.0

Upgrading is straightforward, however be at liberty to attain out when you’ve got any questions.

Sysdig Monitor

Alert Editor

When creating alerts, the Alert Editor robotically shows the optimum time window on your alert rule, and each information level within the alert preview now corresponds with an analysis of an alert rule. You can even Discover Historic Knowledge for Metric alerts 

Sysdig Brokers

13.20.0: Enhanced protection and visibility

Our newest agent replace provides help for Suse Linux and elevated visibility into JMX and non-interactive instructions.  

Suse Linux Enterprise Server Help

Now you can set up the Sysdig Agent on SLES 12 and SLES 15.

Seize Non-Interactive Instructions in Exercise Audit

Exercise audit can now seize and report non-interactive instructions.

Help for Including Labels to JMX Metrics

Sysdig added help for labels on JMX metrics collected by the agent. For extra info, see Accumulate JMX Labels.

Defect Fixes

We’ve a number of fixes for our agent that landed in Might. The entire listing will be seen within the launch notes.

Terraform Supplier V1.26.0

  • Provides the flexibility to create, replace, and delete posture insurance policies.

For extra info, see our Terraform Supplier docs.

Sysdig Cloud Connector V0.16.66

  • Makes secure_api_token non-obligatory in cluster-shield

Admission Controller v3.9.45

This launch is out there beneath helm chart 0.16.2.

  • Makes secure_api_token non-obligatory in cluster-shield

Sysdig Safe Jenkins Plugin v2.3.1 

  • Bump embedded scanner to 1.9.2
  • Bug fixes:
    • Make sure that all of the logs from the embedded scanner have been written to file for correct retrieval by the trailer
    • Enhance the ready time earlier than stopping the logs trailer to 2s
    • Guarantee correct administration of vuln-list inside consequence json
    • Use imageTag (if obtainable) when all coverage evaluations go

Prometheus Integration v1.29.0

  • APPLY modifications over PromQl labels on cluster standing dashboards
  • ADD restarted pods toplist panel to cluster standing dashboard
  • New model mysql-exporter fixing HIGH vulnerabilities
  • New model php-fpm_exporter fixing HIGH vulnerabilities

Open Supply

Falco

Falco 0.37.1 is the most recent steady launch.

New Web site Sources

Blogs 

Webinars

Sysdig Coaching

Kraken Discovery Labs

image3 61

Assaults now not take days—they take minutes. Cloud safety requires a contemporary detection and response benchmark. The 555 benchmark specifies that you’ve got 5 seconds to detect, 5 minutes to triage, and 5 minutes to reply.

On this 60-minute workshop, you’ll execute precise cloud assaults like SCARLETEEL after which assume the function of the defender, leveraging threat-hunting methods to detect and reply instantly within the cloud.

You’ll be able to join this lab on our web site.

Teacher Led Coaching

We’ve a brand new Azure-specific Cloud Security Posture Administration (CSPM) lab obtainable for ILT (Teacher Led Coaching) supply. This ILT content material included the ideas of zones and Infrastructure as Code, built-in with supply management utilizing GitHub or GitLab.

If you’re fascinated about studying extra about how you can schedule an ILT workshop, please contact your account crew.

Recent articles

Patch Alert: Essential Apache Struts Flaw Discovered, Exploitation Makes an attempt Detected

Dec 18, 2024Ravie LakshmananCyber Assault / Vulnerability Risk actors are...

Meta Fined €251 Million for 2018 Knowledge Breach Impacting 29 Million Accounts

Dec 18, 2024Ravie LakshmananKnowledge Breach / Privateness Meta Platforms, the...