Home SecurityCloud Security New Sysdig cloud security software prioritizes risk, cuts remediation time

New Sysdig cloud security software prioritizes risk, cuts remediation time

Source Link

Unified container and cloud security firm Sysdig on Wednesday launched its cloud security posture management (CSPM) offering, which aggregates security findings by root cause and prioritizes remediation based on impact. The new offering consists of  ToDo, an actionable checklist showing prioritized risks, and Remediation Guru, which offers guided remediation at the source. 

“We consistently hear from prospects that the cloud security tools they are familiar with inundate teams with alerts and findings. Compounding the issue is cutting through the noise to know where to devote resources,” said Maya Levine, product manager at Sysdig. 

Enterprises often have hundreds of cloud accounts and services spread across multiple cloud environments. They often automate the deployment of cloud services using infrastructure as code (IaC). If the IaC template has a configuration error, the same error can get replicated across cloud environments, generating multiple alerts and overwhelming security teams. 

Compounding the problem, policies and controls often cannot be applied across environments. This results in inconsistent policies across the organization for different parts of the software delivery pipeline. The lack of agnostic controls across the technology stack increases management complexity, according to the company.

“The data we have around this is qualitative, this is a pain point that is repeatedly shared in feedback sessions,” Levine said. “The challenge is two-fold. First, of all the alerts and findings a security team deals with, how many of those are actionable? For example, does a vulnerability in an image have a fix yet? Second, how to prioritize what to focus on first?”

ToDo is expected to save time during investigations and Remediation Guru could allow security and DevOps teams to fix issues in seconds with just a few clicks, the company said in a statement. 

Copyright © 2022 IDG Communications, Inc.

Related Articles

Leave a Comment