The unified container and cloud security company Sysdig, today announced Drift Control in order to prevent container attacks at runtime. With this, teams have the ability to detect, prevent, and accelerate incident response for containers that were modified in production.
The company also stated that it has enhanced malware and cryptomining detection with new threat intelligence feeds from Proofpoint Emerging Threats Intelligence and the Sysdig Threat Research Team.
Drift Control works to enforce the immutability principle, bringing a preventative defense layer to cloud-native workloads.
According to the company, this container immutability ensures that container software remains unmodified for the duration of its lifetime, preserving consistency from source to runtime and preventing actions that could be part of an attack.
“When there is an attack every 11 seconds, it is important to have multiple layers of defense,” said Omer Azaria, vice president of research and development at Sysdig. “Sysdig’s new Drift Control capability enforces best practices that can stop an attack before damage is done.”
With Drift Control, users gain the ability to create common runtime attacks by dynamically blocking executables that were not in the original container.
Additionally, teams gain access to enhanced detection with the latest threat intelligence feeds, allowing them to obtain the most timely and accurate threat information, including malicious IPs and domains.
Users also experience quicker incident response and mitigation with Rapid Response from Sysdig Secure. This allows teams to dig directly into a compromised or suspicious container with on-demand secured shell access, investigate blocked executables, and detect malicious communications.
Current users of Sysdig Secure now have access to Drift Control and new threat feeds. These are also included in Sysdig Secure for new customers at no additional charge.