BCDevOps / developer-experience

This repository is used to track all work for the BCGov Platform Services Team (This includes work for: 1. Platform Experience, 2. Developer Experience 3. Platform Operations/OCP 3)
Apache License 2.0
8 stars 17 forks source link

Sysdig Secure POV #4890

Closed NickCorcoran closed 3 months ago

NickCorcoran commented 5 months ago

Describe the issue Need to evaluate Sysdig Secure to validate claims and see if it will meet our needs.

Additional context Add any other context, attachments or screenshots

How does this benefit the users of our platform?

Definition of done

NickCorcoran commented 5 months ago

Obtained most recent security certification information.

NickCorcoran commented 4 months ago

Network vis does not provide source IPs (similar to ACS). Just global ingress/egress.

NickCorcoran commented 4 months ago

Figured out that sysdig does not support url path s3 buckets, only bucket.namespace.host structure. They are investigating further, but for PoV, will stop there. Can always do push to an actual Amazon s3 bucket if needed after.

NickCorcoran commented 4 months ago

Tested process captures and analysis.

NickCorcoran commented 4 months ago

Did not test Rapid Response. Unknown how we might utilize that function - better to request help from DXC team vs shutting things down other ways.

NickCorcoran commented 4 months ago

Recruited a few ppl to review and provide feedback: Jason, Marco, Wade S., Pierre