This repository is used to track all work for the BCGov Platform Services Team (This includes work for: 1. Platform Experience, 2. Developer Experience 3. Platform Operations/OCP 3)
Describe the issue
Need to evaluate Sysdig Secure to validate claims and see if it will meet our needs.
Additional context
Add any other context, attachments or screenshots
How does this benefit the users of our platform?
Increased network visibility on security events
better correlation of config weaknesses/vuln components to security events
easier rules setup?
easier pipeline integration?
Definition of done
[x] Share cloud security schedule for review by Sysdig
[x] Get feedback on any gaps for cloud security schedule
[x] Evaulate Configuration Management – inspect context on implications to misconfigurations and where to find/fix them.
[ ] Evaluate Runtime Security – Experiment with options for enforcement actions (kill, block, pause).
[ ] Evaluate Network Visibility – Provides a better overall experience and gives specific details on processes and policy violation actions.
[ ] Evaluate Incident Response (IR) and Forensics – RapidResponse, process captures (automated or manual) which can be triggered on a policy violation and replayed to understand processes over time executed against a resource (includes commands and disk reads/writes).
Describe the issue Need to evaluate Sysdig Secure to validate claims and see if it will meet our needs.
Additional context Add any other context, attachments or screenshots
How does this benefit the users of our platform?
Definition of done