OPA

Sysdig Secure leverages OPA to strengthen cloud and Kubernetes security with out-of-the-box policies as code.

Start free trial

OPA hero

Sysdig Secure Extends OPA

Sysdig Secure leverages OPA to enforce consistent policies across multiple infrastructure-as-code (IaC) sources (Terraform, Helm, Kustomize) and Kubernetes clusters, using a policy-as-code approach.

Apply Policy as Code

Leverage OPA and apply policy-as-code controls across your Kubernetes workloads.

Enforce Compliance and Governance

Automate compliance and governance across the application life cycle by applying out-of-the-box policies.

Shift Security Further Left

Scan IaC source files before deployment to prevent runtime security issues.

What is OPA?

OPA is an open-source policy engine that unifies policy enforcement for cloud-native environments. Sysdig Secure uses OPA to manage compliance and governance with policy as code.

Manage Compliance and Governance with Policy as Code

Infrastructure-as-Code (IaC) Security

Manage risk when configuring cloud infrastructures and shift security further left with IaC security scanning.

Risk-Based Prioritization

Fix issues faster with risk-based prioritization, identifying production instances affected by IaC security issues and sorted by severity. Prioritize IaC fixes based on application context.

Detailed Risk Posture

Continuously validate risk posture and governance across all of your workloads and multicloud environments by applying out-of-the-box policies.

Out-of-the-Box Policies

Scan incoming pull requests for security violations based on pre-defined out-of-the-box policies. Get a comprehensive list of violations, their severity, and the failed resources per file.

Get Involved

Contribute

Jump over to the project’s GitHub repository to contribute to OPA.

Project Website

Learn more at the project’s website.

Documentation

Start reading about how Sysdig extends OPA.