Sysdig Secure uses a unified platform to provide security, monitoring and investment in cloud, container and microservices architecture integrated with Docker and Kubernetes.
Learn moreSecurity of cloud and k8s environments
Sysdig Secure's protection is based on a ‘service-aware’ approach to simultaneously provide: deep visibility into the cloud and containers, security assessment (regulatory compliance, benchmarks, CIEM), vulnerability scanning, analysis and threat detection and blocking.
Key benefits
Increased security - by gaining full insight, automatic risk assessment and threat detection with automated responses.
Time and resource savings - by minimising the need for multiple separate tools and reducing the time taken for hazard analysis and risk assessment.
Achieve compliance with safety standards - through the ability to verify against a wide range of industry regulations, standards and safety benchmarks.
Main features
Vulnerability management
Scanning of container and server images. Prioritisation based on runtime context and risk. Scanning within CI/CD pipelines and in real-time for running containers.
Risk detection and response
Real-time detection of suspicious activity, anomalies and deviations and blocking of suspicious activity. Use of Falco's rule-based policies and Machine Learning support. Conduct analysis based on detailed activity log data
Continuous validation of compliance with current standards
Time-saving with ready-made policies and reports available for PCI, NIST, SOC2, among others, and detection of compliance violations with remediation steps.
Configuration and authorisation management
Identification of inappropriate configurations of cloud, Kubernetes containers and clusters and excessive permissions to cloud resources based on the practice of ‘least privilege’.
Easy integration
The ‘Integration’ menu option in Sysdig Secure provides quick access to multiple types of integration: pluggable data sources, outbound services such as event forwarding, and integration with third-party systems such as Jira or Git.
Main use cases
Threat detection
Identify threat activity that may indicate a potential attack, malware or security breach, etc. Obtain detailed information on these activities from the cloud layer and its services, individual machines and containers running applications. Respond to threats in an automated manner by blocking the execution of suspicious processes.
Vulnerability identification and prioritisation
Detect vulnerabilities located at host level and in container images throughout their lifecycle. Begin with development stations through CI/CD pipelines, artifacts located in registries, and monitor vulnerabilities for those images that are already being used by running applications on the environment. Prioritise them by having a broad context and additional risk indicators.
Permission monitoring in the cloud
Easily implement a ‘least access privilledge’ practice by automatically analysing the permissions actually used against the permissions allocated and recommending changes based on this. Get information about the risks of over-allocated privileges and inadequate access security.
Standards compliance
Verify compliance with standards, security regulations starting from the earliest stages. From the IaC code on which the infrastructure or objects to be deployed on Kubernetes clusters are built. Get up-to-the-minute information about the resources and services you have, their configurations and their compliance with selected standards, regulations or benchmarks. In the event of non-compliance, obtain it using ready-made remediation steps.