Sysdig Announces Risk Spotlight to Prioritize Vulnerabilities Based on Runtime Intelligence

Sysdig Secure reduces vulnerability alerts by 95%, allowing developers to focus on shipping applications faster

SAN FRANCISCO — April 20, 2022 — Sysdig, the unified container and cloud security leader, announced the availability of Risk Spotlight, a vulnerability prioritization feature based on runtime intelligence. Risk Spotlight enables security teams to reduce alert noise and effectively prioritize remediation based on a more accurate risk assessment to efficiently reduce risk without slowing down developers.

Blog: Eliminate Noise and Prioritize the Vulnerabilities that Really Matter with Risk Spotlight.

As applications are often quickly assembled from public repositories, developers unknowingly bring vulnerabilities from open source packages. Most do not warrant a developer’s attention since they are not tied to packages running in production. Without context, developers find themselves scrolling through thousands of vulnerabilities in spreadsheets trying to figure out which fixes matter. Vulnerability noise hides the true risk, leaving the door open to compromise.

Key Benefits of Risk Spotlight

• Reduce vulnerability noise by up to 95%: Risk Spotlight eliminates the noise from vulnerabilities that pose no immediate risk by identifying the packages not used at runtime. This helps DevOps and developer teams understand the real risk in their container environments and minimize alert fatigue.

• Manage risk with actionable insights: Risk Spotlight delivers vulnerability details – such as the CVSS vector from multiple sources, the fix version, and link to publicly available exploits – to manage vulnerability risk at scale.

• Comprehensive vulnerability management for containers from source to run: Risk Spotlight provides a single view of vulnerability risk across the container lifecycle – from build to runtime. The new UI also speeds remediation by giving developers a package-centric view of vulnerabilities, along with the fix or upgrade they need to apply. Developers can also apply security best practices early by removing unused packages during the build process.

“Detecting threats at runtime across containers, hosts, and cloud services is fundamental for cloud-native security. Then using that runtime intelligence to prioritize vulnerabilities provides developers a reasonable list of the highest impact issues to fix,” said Loris Degioanni, Founder and CTO at Sysdig. “Scrolling line-by-line through an endless spreadsheet of issues is inefficient for developers and slows down software releases.”

The Sysdig ApproachSysdig is driving the standard for unified cloud and container security so DevOps and security teams can confidently secure containers, Kubernetes, and cloud services. Built on open source Falco threat detection, Sysdig gives real-time visibility to risk across containers and multiple clouds, eliminating security blind spots. Sysdig uses context to prioritize security alerts so teams can focus on high-impact security events and improve efficiency. By understanding the entire source to runtime flow and suggesting guided remediation, Sysdig shortens time to resolution. With the Sysdig platform, teams can find and prioritize software vulnerabilities, detect and respond to threats and anomalies, and manage cloud configurations, permissions, and compliance.

Availability

Risk Spotlight is available now to Sysdig Secure users at no additional cost.

Resources

• Blog: Eliminate Noise and Prioritize the Vulnerabilities that Really Matter with Risk Spotlight.
• Blog: Are Vulnerability Scores Misleading You? Understanding CVSS Severity and Using Them Effectively.
• Watch: Reducing Vulnerability Noise with Sysdig.
• Join Sysdig for, “Automatically Prioritize Vulnerabilities Using Runtime Intelligence” on May 12.

Media Contact

Amanda McKinney Smith
amanda.smith@sysdig.com
703-473-4051