ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
Recent Quotes
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

Sysdig Redefines Cloud Detection and Response by Enabling 5-Minute Investigations

By: via Business Wire

Attack chain visualization and real-time identity correlation equip security teams to outpace attacks

Sysdig, the leader in real-time cloud security, today announced enhanced cloud-native investigations designed to cut incident analysis time to 5 minutes. This acceleration is made possible by automating the collection and correlation of events, posture, and vulnerabilities to identities for even the most complex cloud attacks. When an attack happens in less than 10 minutes in the cloud, investigations must move fast. Sysdig’s real-time cloud investigation gives organizations back precious time, reduces their skill gaps, and grants security and platform teams the ability to make better-informed, faster decisions.

The cloud is different – faster, more complex, and more dynamic than on-premises environments – with an ever-increasing attack surface attributable to AI and rapidly changing cloud supply chains. Organizations have just 5 minutes to investigate cloud incidents. Legacy endpoint detection and response (EDR)/extended detection and response (XDR) solutions and security information and event management (SIEM) platforms lack crucial cloud context, slowing down investigations and limiting their scope. Additionally, SIEM queries may not even yield results before an attacker has the keys to the castle. To effectively detect, investigate, and respond in the cloud, teams must be able to monitor and analyze cloud and log events in real time – capabilities only afforded to them by a truly cloud-native solution. Sysdig simplifies investigations, and therefore limits the blast radius for teams that have historically been tasked with correlating, contextualizing, and evaluating threats across fragmented data feeds from disparate and complex domains.

According to Forrester Research, “Investigations in the cloud must be timely. Attackers can access and kill an instance before an analyst can respond to the attack, losing valuable time and data on the incident ... Cloud response cannot happen effectively without investigators having situational awareness of just-in-time, dynamic permissions.” [1]

What’s New

  • Attack chain visualization: By visualizing a given incident in the Sysdig Cloud Attack Graph, security analysts gain a dynamic view of the relationships between resources for a better understanding of the kill chain and potential lateral movement across a cloud environment. Overlays of detections, vulnerabilities, and misconfigurations help responders discern where a threat may have originated, and how a threat actor was able to perpetuate an attack.
  • Real-time identity correlation: By automatically correlating cloud and workload events to identities, Sysdig has unlocked a more powerful way to enhance real-time monitoring for complete incident context. Automatic correlation between cloud events and location-aware identities highlights unusual logins, impossible travel scenarios, and malicious Internet Protocol (IP) addresses. Users gain a clearer understanding of what threat actors are doing in their infrastructure, as well as how they have and can leverage associated policies, permissions, and roles to advance an attack.
  • Investigation workflow optimization: By centralizing, enriching, and correlating identities to events, security and platform teams can break silos and readily share findings to expedite investigations, improve preventive controls, and give prescriptive guidance for response actions.

Why It Matters

  • 5-minute cloud investigations: Siloed and limited data dramatically slows investigations. It forces teams to manually collect and correlate findings across tools, which delays response times and weakens security postures. Sysdig delivers enriched, comprehensive forensic data correlated across activity audits, system call captures, process trees, and beyond. This accelerates cloud-native investigations by automating correlation across environments between resources, events, identities, postures, and vulnerability data so that security and platform teams can deliver 5-minute incident investigations and respond confidently.
  • Tell the right story: Most solutions lack meaningful multi-cloud detection and response insights, leading to ineffective threat prioritization and unclear attack contexts. So while an EDR tool may detect lateral movement across Amazon Elastic Compute Cloud (EC2) instances, for example, it will likely miss data exfiltration in multicloud and container environments. By coupling real-time runtime insights with automatic cross-cloud context and correlation, Sysdig helps security and development teams understand the ��five Ws” of a cloud investigation so that they can construct a rich context-driven attack narrative in 5 minutes.
  • Unify cloud-native lines of business: Effective cloud security requires teams to work cross-functionally within the security and platform team spectrum. Sysdig unifies lines of business through a shared platform, enabling teams to speak the same language and accelerate collaborative actions across protection, detection, and response controls.

“When it comes to outpacing attacks in the cloud, anything less than real-time detection and automated correlation across multiple domains puts organizations at a grave disadvantage,” said Jamie Butler, Head of Runtime Protection and Response Strategy at Sysdig. “Enhanced cloud-native investigation enables enterprises to quickly assess real-time threats, easily explore deep context-driven attack narratives, and precisely respond at cloud speed.”

[1] Forrester – The Comprehensive Guide to Cloud Detection and Response; Allie Mellen, Andras Cser, Jeff Pollard; April 23, 2024.

Resources

About Sysdig

In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig, rated No. 1 for cloud security posture management (CSPM) in the Gartner Peer Insights “Voice of a Customer” report, correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation. Sysdig. Secure Every Second.

@Sysdig redefines cloud detection and response by enabling 5-minute investigations. Learn more: https://sysdig.com/press-releases/sysdig-redefines-cloud-detection-and-response/

Contacts

Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.