Logz.io today extended the reach of its observability platform for Kubernetes environments to now include the Trivy tool for discovering issues with open source software packages and dependencies, infrastructure-as-code (IaC) issues and misconfigurations and known common vulnerabilities and exposures (CVEs).
Asaf Yigal, Logz.io CTO, says adding Trivy to the company’s open source Kubernetes 360 observability platform will enable organizations to further their efforts to adopt DevSecOps best practices. The Kubernetes 360 platform already includes a security information event management (SIEM) platform to analyze security data.
Logz.io has been making a case for an observability platform that aggregates curated instances of open source monitoring and analytics tools such as Prometheus to provide IT teams with the tools required to correlate events across complex cloud-native application environments deployed on top of Kubernetes clusters.
It’s not clear whether IT teams are embracing observability to go beyond simply monitoring a set of pre-defined metrics. However, as modern cloud-native application environments become more challenging to manage, there is clearly a need for tools that enable IT teams to proactively investigate anomalies that indicate the potential for a major disruption. In effect, adoption of cloud-native applications is driving organizations to instrument applications so they can use queries to investigate issues to prevent a major disruption from occurring in the first place. Most recently, Logz.io went a step further by integrating the Chat GPT generative artificial intelligence (AI) platform with its observability portfolio to make it easier to surface recommendations to resolve issues.
The integration of Trivy into the Logz.io platform extends that capability to include the results of scans conducted using an open source scanning tool, notes Yigal. That’s critical because, the mean-time-to-remediation (MTTR) of vulnerabilities in cloud-native application environments has been increasing as organizations embrace Kubernetes, he adds.
There is, of course, no shortage of observability platforms, but Logz.io is betting as cloud-native applications become more complex, the first place IT teams will look to apply these platforms will be in these application scenarios. In contrast, legacy monolithic applications today are, in most cases, being adequately served by legacy application performance management (APM) platforms that track pre-configured metrics.
Regardless of the approach to observability, it’s clear there will soon come a day when IT teams will not want to manage application environments without the capabilities these DevOps tools provide. The level of stress would be too great otherwise, as IT teams try to determine, for example, the root cause of application performance degradation. In the longer term, machine learning algorithms will proactively surface issues without requiring IT teams to know what queries to launch.
In the meantime, the federation of application performance and cybersecurity observability is now underway. The only thing left to be determined is how IT and cybersecurity teams will be organized once it becomes apparent that both teams are working from the same centralized pool of data resources.
Post Disclaimer
The information provided in our posts or blogs are for educational and informative purposes only. We do not guarantee the accuracy, completeness or suitability of the information. We do not provide financial or investment advice. Readers should always seek professional advice before making any financial or investment decisions based on the information provided in our content. We will not be held responsible for any losses, damages or consequences that may arise from relying on the information provided in our content.
