Highlights:
- In decentralized cloud environments, technologies like machine learning have the ability to quickly identify and address cryptojacking attacks, despite efforts taken to escape discovery.
- Sysdig’s ML-powered solution helps security teams find and prioritize fixing software anomalies and vulnerabilities before it’s too late.
Sysdig, a unified container, and cloud security supplier, announced the release of a new Machine Learning (ML)-driven Cloud Detection and Response (CDR) solution to counter attempts at cryptojacking, at the Black Hat Conference.
One of the most crucial skills a security team may possess is the capacity to identify dangers and act as soon as possible. The faster the team responds to a data breach, the lower the disruption and operational impact level.
This is more easily said than done, which is the issue. It might be pretty difficult to detect harmful environmental behavior and initiate a response when using manual administrative methods.
However, an organization’s detection and response efforts may be accelerated by technologies like Artificial Intelligence (AI) and machine learning. According to Sysdig’s statement, machine learning is a crucial technology that businesses and other decision-makers may use to scale up their efforts to find and fix vulnerabilities.
Taking control of cryptojacking
The amount of malicious crypto mining attacks increased by 30% to 66.7 million between January and June 2022, despite the fact that the cryptocurrency market has taken some substantial hits in recent months.
Cybercriminals will try to leverage a target’s computing resources with malware to mine cryptocurrencies while attempting to stay undiscovered for as long as possible. This creates unique issues for enterprise security teams. The financial gain of the attack increases with the length of time they go unnoticed.
In decentralized cloud environments, technologies like machine learning have the ability to quickly identify and address cryptojacking attacks, despite these efforts to escape discovery.
“Sysdig gives real-time visibility at scale to address risk across containers and multiple clouds, eliminating security blind spots,” said Daniella Pontes, senior product marketing manager at Sysdig.
“We use context to prioritize security alerts so teams can focus on high-impact security events and improve efficiency. By understanding the entire source to runtime flow and suggesting guided remediation, we shorten time to resolution,” Pontes said.
In essence, Sysdig’s ML-powered solution helps security teams to find and prioritize fixing software anomalies and vulnerabilities before it’s too late.
The solution operates with deep container visibility, the ability to examine process activity and other system behaviors, and a specialized ML model that is specifically trained to recognize crypto miner behavior running in containers.
The company claims that this strategy is so successful that 99% of the time, its threat engine and detection algorithms block cryptojacking attempts.
Examining the market for cloud security posture management
Analysts predict that the Cloud Security Posture Management (CSPM) market will expand from USD 4.2 billion in 2022 to USD 8.6 billion by 2027. Sysdig is one of the major competitors in this field.
CrowdStrike is one of Sysdig’s main marketplace rivals. Its Falcon Horizon solution can automatically discover cloud-native assets, identify configuration errors, and detect security vulnerabilities and security threats with its integrated threat intelligence.
Sysdig also competes against companies like Rapid7 and InsightCloudSec. With vulnerability assessments and automated remediation to eliminate misconfigurations and vulnerabilities, this solution provides real-time analysis and automation capabilities to help security teams safeguard workloads during runtime.
The fact that Sysdig is shifting away from utilizing machine learning for more general anomaly detection and toward using it for more specialized objectives or use cases, such as identifying crypto mining, is one of the fundamental distinctions between Sysdig and other providers, according to Pontes.
“Our solution is based on an ML model trained to recognize the anatomy of crypto miners from the processing activity in running containers. We use our deep visibility into containers at runtime to collect the necessary type of data to be able to identify cryptominers’ behavior,” Pontes said.