IBM is expanding its partnership with Sysdig by making Sysdig Secure and Sysdig Monitor available to our clients and business partners as an add-on to the IBM Cloud Pak for Multicloud Management.
We also plan to release a further integration with IBM QRadar. This not only extends the functionality of the IBM Cloud Pak for Multicloud Management (MCM) by wrapping enhanced container security and governance to complement the solution but will also, through its integration with QRadar, analyze and correlate container-based security telemetry with an organization's entire infrastructure, providing a single view of all threats and their impact.
With tighter integration between Sysdig and the Cloud Pak for Multicloud Management, clients can now immediately launch out to Sysdig incidents for expedited remediation through single sign-on directly from Cloud Pak for Multicloud Management, rather than only viewing them in the Cloud Pak for MCM GRC dashboard. The solution is available direct from IBM with full support and through eligible IBM business partners, helping expand the reach worldwide.
In addition to detecting security issues, Sysdig Secure can also take remediation steps (such as stopping or pausing impacted containers) and make a system call capture of activity before, during, and after an incident. These captures enable DevOps and security teams to perform forensics, even after containers are gone or restarted on other nodes.
Centralizing container security findings from Sysdig into Cloud Pak for Multicloud Management and IBM QRadar expands the breadth and depth of information available to OpenShift users to help increase the effectiveness of managing security and governance.
Runtime security findings detected across the managed clusters are displayed in the Cloud Pak for Multicloud Management interface (and, in the future, IBM QRadar), with full context of where the issue has occurred in any environment. Each finding is also classified by severity and applicable compliance and security standards. This allows filtering to identify, understand, and resolve high priority issues.
Examples of the types of runtime activity that are detected using Sysdig
- Accessing cryptomining networks
- Creating privileged pods
- Executing disallowed container and Kubernetes activity
- Exfiltration of sensitive info
- Suspicious container, filesystem, and network activity
- Suspicious Kubernetes user activity and package management changes
The combination of these capabilities helps you confidently manage cloud security risk and ensure that security and compliance concerns do not block cloud adoption. Sysdig, IBM Cloud Pak for Multicloud Management, and IBM QRadar help you ship cloud applications faster by providing an efficient process for identifying and responding to potential threats, enforcing compliance, and accelerating incident response. Equipped with a comprehensive solution for container security and governance, you will be free to focus your efforts on strategic initiatives to grow your business.
Book a consultation with an IBM seller today to get started.
Watch this video to learn more about the integration of Sysdig with Cloud Pak for Multicloud Management: