Sysdig, a cloud security vendor, has announced the addition of a new attack graph to its cloud-native application protection platform (CNAPP). This new graph aims to provide real-time cloud attack path analysis and live risk prioritization across assets, users, and activity. In addition, Sysdig has also released a new cloud inventory that offers cloud visibility with integrated search capabilities to surface information.
The complexity of cloud environments has been increasing, and organizations are facing more sophisticated cloud security threats. Attackers take advantage of the automation and complexity of the cloud to move laterally, elevate their privileges, and maximize the impact of their attacks.
The recent Cloud Native Threat Report by Aqua Security highlighted that threat actors are investing resources to evade cloud security defenses. They conceal their campaigns and avoid detection to establish a stronger foothold in compromised systems. The report also identified vulnerabilities in various areas of the cloud software supply chain, posing significant threats to organizations.
Sysdig’s new cloud security features focus on real-time risk response and management. The vendor acknowledges that prevention alone is not sufficient in the fast-paced cloud environment. It is essential to be prepared to defend in real-time. Cloud security requires tools that can connect the dots and provide context, but most importantly, it must operate in real-time.
The new cloud attack graph is the neural center of the Sysdig CNAPP. It leverages multidomain correlation to identify threats in real-time. The graph layers instant detections, in-use vulnerabilities, and in-use permissions to connect risk data across environments. This approach helps customers identify and address threats before they escalate. The graph also provides a stack-ranked list of risks, prioritizing the order in which threats should be addressed. Moreover, it offers a visual representation of exploitable dependencies across resources, revealing potential attack paths.
Additionally, Sysdig’s new cloud inventory provides a searchable list of all resources in a cloud environment, including users, workloads, hosts, and infrastructure as code. This inventory can be used to quickly check for vulnerabilities and exposure. For example, it can help identify all instances of Log4j in packages that are in use and exposed to the internet. With this information, customers can investigate potentially compromised workloads in real-time and gain insights into associated misconfigurations, compliance violations, and vulnerabilities.
In summary, Sysdig aims to enhance cloud security through its latest additions to the CNAPP. The new attack graph enables real-time risk assessment and prioritization, while the cloud inventory provides visibility and vulnerability scanning capabilities. By addressing the evolving complexity of cloud environments and the ever-growing sophistication of cloud security threats, Sysdig aims to empower organizations to better protect their cloud-native applications and data.