Sysdig, Inc. today announced its partnership with Google Cloud to bring container runtime security capabilities to the Cloud Security Command Center (Cloud SCC), a security and data risk platform helping enterprises to gather data, identify threats, and act on them before they result in business damage or loss. Sysdig takes a services-aware approach to bring container runtime security and forensics capabilities to the Cloud SCC. With this integration, DevSecOps can protect their workloads by gaining full visibility of actionable intelligence to stop threats before they impact operations.

Effective container runtime security hinges on security response teams being able to quickly detect and respond to security threats on live containers – from detection, to remediation, to forensics. With new container security capabilities and partners available through Cloud SCC, customers can view security alerts for Kubernetes Engine clusters in a single pane of glass, and choose how to best take action.

By bringing together container visibility and a native Google Kubernetes Engine (GKE) integration, Sysdig Secure provides the ability to block threats, enforce compliance, and audit activity across the infrastructure through microservice aware security policies. Security events are enriched with hundreds of container and Kubernetes metadata before being sent to the Cloud SCC. This process brings relevant signals to the attention of Google Cloud customers and correlates Sysdig events with other security information sources to have a single point of view and the ability to react accordingly at all levels.

“We chose to develop on Google Cloud for its robust, cost-effective platform. Sysdig is the perfect complement because it allows us to effectively secure and monitor our Kubernetes services with a single agent,” said Ashley Penny, VP of infrastructure, Cota Healthcare. “We’re excited to see that Google and Sysdig are deepening their partnership through this product integration.”

The benefits of Sysdig integration with Google Cloud Security Command Center.

  1. Continuous security with runtime analysis.
    Certain suspicious activities, such as unexpected outgoing connections, anomalous file access or unauthorized process behavior often only come to light post deployment. By leveraging system calls, Sysdig is able to provide deeper container visibility, which can be used to detect, alert, and block suspicious activity post deployment.
  2. Less time spent manually correlating event information.
    The Cloud SCC gives enterprises consolidated visibility into their cloud assets and generates curated insights that provide users with a unique view of threats to their cloud assets. Cloud SCC integrates with a number of security tools, including Sysdig Secure, providing a one-stop-shop for all information collected and a more robust view of the infrastructure at any given time.
  3. Security compliance and audit for containers in Google Cloud.
    Sysdig Secure results can be viewed directly in the Cloud SCC, enabling DevSecOps practitioners to easily browse deployment configuration, container events, and every user command executed without having to log into another system.
  4. All encompassing forensics and post-mortem analysis for better decision making.
    Sysdig records all activity, including commands, processes, network, and file system operations, enabling post-mortem analysis and forensics from the time of the attack, as well as pre-attack activity trails. The continuous recordings from Sysdig can be used in conjunction with other microservice data to make more informed decisions.

“Enterprises are rapidly adopting containers to create a more agile, secure development environment for their next generation microservices applications,” notes Loris Degioanni, CTO and founder, Sysdig. “We’re happy to be one of the first to partner with Google in this way and to bring the monitoring, security, and forensics capabilities of the Sysdig Container Intelligence Platform deeper into Google Cloud through our Cloud SCC integration.”

“At Google, we’ve had a decade’s worth of experience building – and securing – containers. We are constantly developing new solutions to ensure customers are armed with the tools needed to combat today’s security challenges,” said Andy Chang, product manager, Google Cloud. “With new container runtime security capabilities in Cloud SCC, and technical integrations like the one from Sysdig, we are giving customers access to the tools they need to protect containers.”