Sysdig Secure for AWS
Modern cloud applications are not just the virtualized compute resources anymore, but a superset of cloud services that are essential to them. If you do not control the security of your cloud accounts, you are exposing your whole organization to a massive risk. This risk has the potential to bring every resource down, infiltrate any workload, exfiltrate secrets, or even create unseen assets that cost you money. This would have a negative impact on your internet presence reputation.
As the number of cloud services and configurations available grow exponentially, not relying on a cloud security platform puts you at great risk of having an unseen misconfiguration turn into a serious security issue.
Sysdig Secure for cloud includes the following specific integrations for Amazon Web Services:
- Threat Detection based on CloudTrail
- Cloud Security Posture Management and Compliance
- ECR Image Registry Scanning
- Fargate Image Scanning
Threat Detection based on CloudTrail
Threat Detection leverages audit logs from AWS CloudTrail and Falco rules as the source of truth for operational audit. This enables detection of threats as soon as they happen, and brings governance, compliance, and risk auditing for your cloud accounts.
You will be able to detect misconfiguration and unexpected or unwanted activity when something creates, deletes or modifies your cloud resources, protecting you from compromised cloud accounts or involuntary human error.
A rich set of Falco rules are included corresponding to security standards and benchmarks like NIST 800-53, PCI DSS, SOC 2, MITRE ATT&CK®, CIS AWS, AWS Foundational Security Best Practices.
Cloud Security Posture Management and Compliance
With AWS Cloud Benchmarks, you can execute a curated collection of checks periodically on your AWS account that will inform you which services and configuration present a security challenge.
You will be shown remediation procedures for your specific resources, with steps on how to implement them using the AWS Console, or CLI commands you should execute to harden their security posture.
Reports will show you an overall score of your progress for full compliance coverage, scoped by account, that you can download as CSV or compare with previous historical data.
ECR Image Registry Scanning
ECR Image Registry Scanning automatically scans all container images pushed to all your Elastic Container Registries, so you have a vulnerability report available in your Sysdig Secure dashboard at all times, without having to set up any pipeline.
An ephemeral CodeBuild pipeline is created each time a new image is pushed, that executes an inline scan of it, based on your defined scan policies.
Default policies have you covered not only for vulnerabilities, but also for
dockerfile best practices, and you can define advanced rules yourself for packages license for example.
Fargate Image Scanning
Fargate Image Scanning automatically scans any container image deployed on a serverless Fargate task that run on Elastic Container Service. This takes into consideration also public images that live in registries other than ECR, as well as private ones you set the credentials for.
An ephemeral CodeBuild pipeline is automatically created when a container is deployed on ECS Fargate to execute the inline scan.
Continue to next sections
Ready to install Sysdig Cloud Connector for AWS?
Do you want more information about architecture and resources deployed?
Please visit any of the following sections for more information: