The Sysdig Secure DevOps Platform
•
0 j'aime•389 vues
The document describes Sysdig Secure DevOps Platform, which provides unified visibility and security for production deployments of cloud-native applications. It converges security and monitoring to embed security, maximize availability, and validate compliance across the cloud-native lifecycle. The platform provides a single source of truth with context about containers, hosts, services and infrastructure. It leverages metadata to organize application and infrastructure views. The platform includes Sysdig Monitor for observability and reliability and Sysdig Secure for protection and assurance. It addresses security and operations needs for DevOps workflows across build, run and respond phases in a cloud-native environment.
Recommandé
Contenu connexe
Tendances
Tendances (20)
Similaire à The Sysdig Secure DevOps Platform
Similaire à The Sysdig Secure DevOps Platform (20)
Plus de Ashnikbiz
Plus de Ashnikbiz (20)
Dernier
Dernier (20)
The Sysdig Secure DevOps Platform
- 1. Sysdig Secure DevOps Platform Eric Tan Senior Sales Engineer
- 2. Server Virtual Machine Operating System Cloud-Native Architecture Web Middleware Database Storage MONOLITH Firewall Load Balancer Security CATALYSTS CLOUD NATIVE APPLICATIONS MICROSERVICES PERSISTENCE
- 3. Cloud-Native Organisation Change Control MONOLITH TEAMS Security Infrastructure Operations CATALYSTS CLOUD NATIVE Specialists DevSecOps Site Reliability Engineering Chapters Ambidextrous Organizations Squads Tribes Cross-functional Teams “Pizza” Teams Development Networks Storage Risk Backup Database
- 4. Mean Time To Recovery Insights To Fix Fast Time To Market DevSecOps Enabler Day 2 Operations Application Assurance Need Confidence? Shifting Business Needs
- 5. | Sysdig Inc. Proprietary Information5 Cloud native leaves you blind Security and operations fail without context Containers disappear and leave no trail You can’t secure what you cannot see
- 6. | Sysdig Inc. Proprietary Information6 • Not container native • No Kubernetes context • Not built for DevOps • Invasive instrumentation • Limited Kubernetes context • Lack scale and data depth for cloud-native forensics Legacy tools Point solutions Legacy and Point Solutions Do Not Work Cloud native requires specific tools Purpose-built
- 8. Sysdig Secure DevOps for Cloud Native • Founded by Wireshark co-creator • Contributed Falco to CNCF • Supported open-source sysdig (10M+ downloads) • Customer expansion mirrors cloud-native adoption • Trusted by the largest enterprises • Cloud-native security and monitoring • Provides visibility and control for secure operations Open by design Strong momentumEcosystem integration
- 9. | Sysdig Inc. Proprietary Information9 Embed security Maximize availability Validate compliance Sysdig Secure DevOps Platform Converging visibility and security for production deployments Sysdig Secure DevOps Platform Sysdig MonitorSysdig Secure
- 10. | Sysdig Inc. Proprietary Information10 Sysdig Secure DevOps Platform RespondRunBuild Unified Workflow Across the Cloud-Native Lifecycle CI/CD Security Registry Security Apps Context Infrastructure master node node Alerts Event Forwarding/Audit/IR SIEM Security PoliciesConfigurationVulnerabilities Metrics Events Audit logsAlerts Syscall capturesEvents SaaSSelf-hosted
- 11. SYSDIG PLATFORM -- DB, UX & API SYSDIG AGENT -- CONTAINER CONTAINER 3 -- CONTAINER 1 -- CONTAINER 2 -- eBPF / KERNEL INSTRUMENTATION HOST DATA COLLECTION SECURITY ENFORCEMENT IMAGE DETECTION & SCANNING A New Source Of Truth
- 12. Giving Data Relevance HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST HOST SERVICEVISIONTM Application Team X Namespace = Application Team X Application Team Y Project = Application Team Y DB Admin Deployment contains ‘db’ HOST HOST HOST HOST HOST HOST HOST HOST Infra Admin Host contains ‘production’ Leverage existing metadata already in your Orchestrator to organize your application and infrastructure views MULTI-CLOUD / MULTI-CLUSTER
- 13. Cloud Native Infrastructure (PaaS) RHEL / ATOMIC HOST RHEL / ATOMIC HOST Host NODE POD APP POD APP Sysdig Agent RHEL / ATOMIC HOST RHEL / ATOMIC HOST Host MASTER NODE Sysdig Agent CI/CD/GitOps DevSecOps Image Registry Container Build Sysdig UI Persistent Storage API / Authentication Management Scheduler Replication Network Overlay / Service Mesh Sysdig Monitor observability & reliability Physical & Logical Network Application Delivery Controller Firewalls End Users Sysdig Platform Full- stack application assurance, a combination of ... Sysdig Secure protection & assurance Secrets Management POD APP Logging Complementary, For Increased Assurance SIEM HIDS Anti-Virus
- 14. | Sysdig Inc. Proprietary Information14 DevOps Secure DevOps Across Cloud-Native Lifecycle • Incident Response • Forensics • Audit • Runtime Security • Vulnerability Reporting • Troubleshooting• Infrastructure Monitoring • Application Monitoring • Image Scanning Continuous Compliance (PCI, NIST, CIS, etc.) RespondRunBuild Unified platform for security and DevOps use cases Secure DevOps • Configuration Validation
- 15. Demo