Cloud security vendor Sysdig has added a new attack graph to its cloud-native application protection platform (CNAPP). The graph provides real-time cloud attack path analysis and live risk prioritization across assets, users, and activity, according to the firm. Sysdig has also released a new cloud inventory that offers cloud visibility with integrated search to surface information, as well as agentless scanning, it said in a press release.\n\nCloud environments are increasingly complex, as are the cloud security threats that organizations face. Attackers exploit the complexity and automation of the cloud to move laterally, elevate privileges, and maximize blast radiuses.\n\nIn June, Aqua Security\u2019s 2023 Cloud Native Threat Report revealed that threat actors are investing resources to evade cloud security defenses, concealing campaigns and avoiding detection to establish a stronger foothold in compromised systems. Meanwhile, various areas in the cloud software supply chain remain vulnerable to compromise and pose significant threats to organizations, the report found.\n\nNew capabilities center on real-time cloud risks\n\nSysdig\u2019s new cloud security features are centred on real-time risk response and management, the vendor claimed. \u201cPrevention is necessary, but it won\u2019t catch everything given the speed of the cloud,\u201d said David Quisenberry, senior manager of information security at apree health. \u201cWe also need to be ready to defend in real time. Cloud security requires tools that connect dots and provide context, but the key is that it must be in real time.\u201d\n\nThe firm said that the new cloud attack graph functions as the neural center of the Sysdig CNAPP, applying multidomain correlation to identify threats in real time. The graph layers instant detections, in-use vulnerabilities, and in-use permissions to connect risk data across environments and help customers diffuse threats before they escalate, Sysdig added. A stack-ranked list of risks prioritizes the order in which threats should be addressed, while a visual representation of exploitable dependencies across resources helps to reveal potential attack paths.\n\nInventory can help check for vulnerabilities\n\nSysdig\u2019s new cloud inventory provides a searchable list of all resources in a cloud environment across users, workloads, hosts, and infrastructure as code, according to the vendor. The inventory can also be used to quickly check exposure to vulnerabilities, such as identifying all instances of Log4j in packages in use and exposed to the internet, the company said. Customers can then dig deeper into potentially compromised workloads with a real-time view of associated misconfigurations, compliance violations, and vulnerabilities.\n\nFinally, Sysdig\u2019s agentless scanning capabilities have been expanded to include host scanning, highlighting vulnerabilities, misconfigurations, in-use permissions, and threats. Meanwhile, the scalable agent delivers real-time analysis of file access, network connections, and active processes in addition to other workload attributes, filtering out unused package vulnerabilities for prioritized protection.