Sysdig Announces Risk Spotlight to Prioritize Vulnerabilities Based on Runtime Intelligence

Sysdig Secure reduces vulnerability alerts by 95%, allowing developers to focus on shipping applications faster

Sysdig, the unified container and cloud security leader, announced the availability of Risk Spotlight, a vulnerability prioritization feature based on runtime intelligence. Risk Spotlight enables security teams to reduce alert noise and effectively prioritize remediation based on a more accurate risk assessment to efficiently reduce risk without slowing down developers.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20220420005416/en/

Blog: Are Vulnerability Scores Misleading You? Understanding CVSS Severity and Using Them Effectively

As applications are often quickly assembled from public repositories, developers unknowingly bring vulnerabilities from open source packages. Most do not warrant a developer’s attention since they are not tied to packages running in production. Without context, developers find themselves scrolling through thousands of vulnerabilities in spreadsheets trying to figure out which fixes matter. Vulnerability noise hides the true risk, leaving the door open to compromise.

Key Benefits of Risk Spotlight

• Reduce vulnerability noise by up to 95%: Risk Spotlight eliminates the noise from vulnerabilities that pose no immediate risk by identifying the packages not used at runtime. This helps DevOps and developer teams understand the real risk in their container environments and minimize alert fatigue.
• Manage risk with actionable insights: Risk Spotlight delivers vulnerability details – such as the CVSS vector from multiple sources, the fix version, and link to publicly available exploits – to manage vulnerability risk at scale.
• Comprehensive vulnerability management for containers from source to run: Risk Spotlight provides a single view of vulnerability risk across the container lifecycle – from build to runtime. The new UI also speeds remediation by giving developers a package-centric view of vulnerabilities, along with the fix or upgrade they need to apply. Developers can also apply security best practices early by removing unused packages during the build process.

“Detecting threats at runtime across containers, hosts, and cloud services is fundamental for cloud-native security. Then, using that runtime intelligence to prioritize vulnerabilities provides developers a reasonable list of the highest impact issues to fix,” said Loris Degioanni, Founder and CTO at Sysdig. “Scrolling line-by-line through an endless spreadsheet of issues is inefficient for developers and slows down software releases.”

The Sysdig Approach

Sysdig is driving the standard for unified cloud and container security so DevOps and security teams can confidently secure containers, Kubernetes, and cloud services. Built on open source Falco threat detection, Sysdig gives real-time visibility to risk across containers and multiple clouds, eliminating security blind spots. Sysdig uses context to prioritize security alerts so teams can focus on high-impact security events and improve efficiency. By understanding the entire source to runtime flow and suggesting guided remediation, Sysdig shortens time to resolution. With the Sysdig platform, teams can find and prioritize software vulnerabilities, detect and respond to threats and anomalies, and manage cloud configurations, permissions, and compliance.

Availability

Risk Spotlight is available now to Sysdig Secure users at no additional cost.

Resources

1. Blog: Eliminate Noise and Prioritize the Vulnerabilities that Really Matter with Risk Spotlight.
2. Blog: Are Vulnerability Scores Misleading You? Understanding CVSS Severity and Using Them Effectively.
3. Watch: Reducing Vulnerability Noise with Sysdig.
4. Join Sysdig for, “Automatically Prioritize Vulnerabilities Using Runtime Intelligence” on May 12.

About Sysdig

Sysdig is driving the standard for cloud and container security. The company pioneered cloud-native runtime threat detection and response by creating Falco and Sysdig as open source standards and key building blocks of the Sysdig platform. With the platform, teams can find and prioritize software vulnerabilities, detect and respond to threats, and manage cloud configurations, permissions, and compliance. From containers and Kubernetes to cloud services, teams get a single view of risk from source to run, with no blind spots, no guesswork, no black boxes. The largest and most innovative companies around the world rely on Sysdig.

View source version on businesswire.com: https://www.businesswire.com/news/home/20220420005416/en/