It is always interesting to learn about real-world examples of technologies at work. So, when ThreatQuotient invited me to share how we at Sysdig are using the ThreatQ Platform to enhance our cloud detection and response solutions, I was happy to participate.
Let’s start with a little context around Sysdig. Anyone reading this blog knows that threat detection and response has been a foundational security technology for years. However, as more companies move their operations from on-prem to the cloud they are turning to Sysdig for cloud security and container security of their modern architecture. Sysdig scans for thousands of indicators of compromise (IoCs) from a variety of sources including strategically placed honeypots, data collection systems, commercial threat intelligence feeds, and open-source feeds to enrich and provide more context to the detections. Informed by this continuously evolving threat intelligence, the Sysdig Threat Research Team writes, tunes, and pushes rules out to customers via the Sysdig platform to detect threats in containers, cloud infrastructure, and the Kubernetes control plane, and implement response. ...read more!
