Sysdig introduces enhanced cloud-native investigation tools

Sysdig announced that it aims to address the fragility of cloud infrastructure layers through improved cloud-native investigation tools that are designed to dramatically reduce incident analysis time to five minutes, reports Security Boulevard.

Attackers often infiltrate cloud environments by exploiting software vulnerabilities or stolen credentials. After a successful breach, they then seek out other user identities or misconfigurations to gain access to more valuable systems. Sysdig’s solution automates the collection and correlation of events, status and vulnerabilities with identities. This serves to quickly detect ongoing attacker searches within the system while significantly accelerating threat detection and response.

Traditional security solutions such as Endpoint Detection and Response/Extended Detection and Response and Security Information and Event Management platforms lack the necessary cloud context, slowing investigations and limiting effectiveness. Sysdig’s approach centralizes data so security and platform teams can collaborate more effectively and share insights seamlessly. In addition, the Sysdig Cloud Attack Graph visualizes incidents, shows relationships between resources, and helps analysts understand the attack chain and potential lateral movement. By correlating cloud and workload events with identities, Sysdig highlights unusual logins, malicious IP addresses, and other indicators of compromise.