Sysdig announced that it is looking to address the fragility of cloud infrastructure layers through enhanced cloud-native investigation tools that are designed to drastically reduce incident analysis time to five minutes, Security Boulevard reports.
Attackers often infiltrate cloud environments by exploiting software vulnerabilities or stolen credentials, and upon a successful breach, they then seek other user identities or misconfigurations to access more valuable systems. Sysdig’s solution automates the collection and correlation of events, posture, and vulnerabilities to identities, which serves to rapidly detect ongoing searches by attackers within the system while also significantly accelerating threat detection and response.
Traditional security solutions like endpoint detection and response/extended detection and response and security information and event management platforms lack the necessary cloud context, which slows down investigations and limits effectiveness. Sysdig's approach centralizes data, enabling security and platform teams to collaborate more effectively and share insights seamlessly. Additionally, the Sysdig Cloud Attack Graph visualizes incidents, showing relationships between resources, and helping analysts understand the attack chain and potential lateral movements. By correlating cloud and workload events to identities, Sysdig highlights unusual logins, malicious IP addresses, and other indicators of compromise.