Container security specialist Sysdig has released v2.3 of its Sysdig Secure offering for runtime security and forensics.
To make sure a cluster configuration follows compliance controls, the product now presents users with remediation tips to help in applying best practices and fix configuration drifts. New and improved scanning policies for NIST 800-190, PCI compliance frameworks, CIS, and Dockerfile best practices provide checks for container images in Kubernetes and OpenShift environments.
Since it takes a village to secure a system, Sysdig Secure 2.3 is able to work with feeds from the Snyk vulnerability management tool, which offers insight into vulnerabilities stemming from non-OS packages. The new version also integrates with Splunk and Syslog, which should, amongst other things, make prioritising alerts easier.
Sysdig customers who also use Sysdig Monitor get additional compliance related metrics and ways of visualising Kube-audit metrics in their dashboards from the update.
In other news, HashiCorp has set a first beta version of Terraform 0.12 out into the wild, so that users can take it for a spin and voice feedback before the final release.
A first preview of the update with a focus on language improvements was introduced back in summer 2018, which means most issues should have been dealt with already. Upgrading is facilitated by a purpose-built tool – if you run into any problems however, the company appreciates detailed descriptions to make the transition as smooth as possible.
Meanwhile Terraform Enterprise users have just had Run Notifications made available to them. The new feature lets users configure workspaces to send messages as a run advances, so that they can for example receive relevant updates via Slack.