Sysdig, a container security startup has announced the general availability of a new feature called Drift Control aimed at preventing cyberattacks at runtime.
With Drift Control, security teams can detect, prevent, and speed up incident response for software containers that have been modified in production.
Sysdig Monitor, a cloud-native intelligence platform that helps manage large deployments of containers. It also sells Sysdig Secure, which detects vulnerabilities by tapping into the data generated by system calls in a container environment.
With Drift Control, Sysdig Secure can now enforce the immutability principle to ensure containers aren’t modified between deployment and production. That prevents the software in containers from being modified at any time during its lifetime, thereby eliminating the risk that the modifications might create vulnerabilities for hackers to exploit and gain access.
Due to dynamic cloud nature, larger deployments might bring container drift. Sysdig Drift Control will automatically flag and block any deviations from trusted containers. It blocks executables that were not present in the original image.
Sysdig also has enhanced malware and cryptomining detection capabilities in Sysdig Secure with the introduction of intelligence feeds from Proofpoint Emerging Threats Intelligence that provide developers and system administrators with access to more timely and accurate intelligence around the latest risks,
Sysdig said Drift Control, Rapid Response and the new threat intelligence feeds are all available now at no additional cost to customers.