Graham Cluley Security News is sponsored this week by the oldsters at Sysdig. Thanks to the good workforce there for his or her assist!
Attacks focusing on the software program provide chain are on the rise and splashed throughout the information. SolarWinds raised consciousness in regards to the threat. More current occasions, just like the Federal Civilian Executive Branch (FCEB) company breach, amplified the priority.
Software provide chain threat isn’t going anyplace. As improvement groups more and more depend on open supply software program and third-party code, the chance of publicity to each identified and unknown safety vulnerabilities considerably will increase.
The Sysdig 2023 Cloud-Native Security and Usage report discovered that 87% of container photos have excessive or essential vulnerabilities, which highlights the significance of runtime safety. There is plenty of discuss shift left, however threats come up in manufacturing. Then what?
Different assault vectors exist, and points like ransomware, cryptomining, or different compromises aren’t prevented by scanning code or photos. Not to say that container vulnerabilities are found day by day. Your container, which appears secure one second, can turn out to be a possible sufferer of a newly disclosed exploit. Shift-left alone will not be sufficient.
The purpose of each cybersecurity program needs to be full lifecycle safety.
Looking at real-world information, the sixth annual Sysdig Cloud-Native Security and Usage report reveals how world corporations of all sizes and industries are utilizing and securing cloud and container environments. This yr, the report highlighted key CISO priorities, together with software program provide chain threat, zero belief, and price administration. Read the key takeaways from Sysdig’s report.
Download the complete Cloud-Native Security and Usage Report to uncover the newest insights like:
- How corporations can save as much as $10M in cloud prices
- 87% of photos embrace a excessive or essential vulnerability
- 90% of accounts have extreme permissions
About Sysdig
Sysdig delivers cloud and container safety so you possibly can cease assaults with no wasted time. Detect threats in real-time utilizing ML, curated guidelines and Sysdig Threat Research Policies. Prioritize vulnerabilities primarily based on in-use threat publicity and repair quick with context. Gain agentless visibility mixed with runtime safety powered by eBPF and Falco.
If you’re focused on sponsoring my web site for every week, and reaching an IT-savvy viewers that cares about laptop safety, you possibly can discover extra info right here.