Sysdig has announced that it is looking to address the vulnerability of cloud infrastructure layers with enhanced cloud-native investigation tools designed to dramatically reduce incident analysis time to five minutes, Security Boulevard reports.
Attackers often infiltrate cloud environments by exploiting software vulnerabilities or stolen credentials, and when a successful breach occurs, they then look for other user identities or misconfigurations to gain access to more valuable systems. The Sysdig solution automates the process of collecting events, situations, and vulnerabilities and associating them with identities, quickly detecting persistent attacker searches within the system while dramatically accelerating threat detection and response.
Traditional security solutions such as endpoint detection, response/detection, extended response, security intelligence, and event management platforms lack the necessary cloud context, slowing down investigations and reducing effectiveness. Sysdig's approach centralizes data, enabling security and platform teams to collaborate more effectively and share insights seamlessly. Additionally, the Sysdig Cloud Attack Graph visualizes incidents, shows relationships between resources, and helps analysts understand the attack chain and potential lateral movements. By correlating cloud and workload events with identities, Sysdig highlights unusual logins, malicious IP addresses, and other indicators of compromise.
