The Red Hat Ecosystem Catalog is the official source for discovering and learning more about the Red Hat Ecosystem of both Red Hat and certified third-party products and services.
We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.
Sysdig Vulnerability Scanner is part of Sysdig Secure, an Industry leading CNAPP (Cloud Native Application Protection Platform) that helps unify vulnerability management across OpenShift, Kubernetes, containers and hosts in hybrid and public clouds.
In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. Sysdig helps organizations leveraging Red Hat OpenShift save time and reduce noise by prioritizing vulnerabilities using runtime intelligence. OpenShift customers can now fix vulnerabilities at cloud speed.
Hosts, Containers, and CI/CD Scanning
Sysdig VM provides the capabilities to scan images and containers across the development lifecycle:
1. In the pipeline,
2. On the Registry or Repository, and
3. During Runtime.
It thus correlates these results and provides clear insight to shift-left preventative security.
In-use vulnerability prioritization
This VM feature deployed with our runtime agent provided the industry’s first capability to identify packages and libraries loaded into execution at runtime. This allows our customers to prioritize fixing vulnerabilities that not only have an exploit but are exploitable because they are in running memory.
Easy setup and less maintenance
The scanning engine can be deployed in stand-alone, agent-based, cluster-based and agentless configurations. Optimizations in orchestration integration and image collection have reduced the compute resources for scanning as well as minimized the number of scans needed in the environment.
Multi-source detection and feed curation
Sysdig utilizes a curation schema that enriches vulnerability detection information from manufacturer, Open-source, and commercial CVE feeds. This provides prove-ably better detections than open-source benchmarks.
Rich context enrichment
Integration of CSPM, CWPP, and KSPM data enriches the VM data to provide contextually aware risk through attack-path analysis.
Multi-cloud vulnerability management
Besides Sysdig’s ability to fully protect OpenShift and Kubernetes customers from vulnerabilities across the development lifecycle, Sysdig Secure empowers hybrid cloud security by covering VM for main cloud providers (AWS, GCP, Azure) as well.