Sysdig Platform Architecture
Confidently run containers, Kubernetes, and cloud
NEW!! June 14 | FIND, FOCUS, and FIX the Cloud Threats that Matter with Accenture, AWS, Expel, Snyk, Sysdig and SANS
Sysdig Platform Architecture
ServiceVision
Context
Enriches data with metadata from cloud providers, Kubernetes, and containers
CloudVision
Config and activity
Consolidated view of cloud activity using cloud logs
ImageVision
Vulnerabilities
Identify vulnerabilities across the SDLC and prioritize the ones that matter using runtime context
ContainerVision
Granular visibility
Granular visibility into container, network, application, & system activity
Built on an Open-Source Security Stack
We built the Sysdig platform on an open-source stack to accelerate innovation and drive standardization.
Falco is the open source standard for cloud native threat detection.
The Open Policy Agent is an open source policy engine that unifies policy enforcement across the stack.
Cloud Custodian is an open-source rules engine for cloud configuration management.
Sysdig OSS is the standard for cloud and container forensics.
Prometheus is an open source project for monitoring cloud-native applications & Kubernetes.
Deep Visibility Across Your DevOps Workflow
Get unified visibility across workloads and cloud infrastructure from a single cloud security and monitoring platform. Accurately alert on threats, operational issues and compliance risks and respond using a detailed activity record. Easily plug into your existing workflows with out-of-the-box integrations.
Infrastructure as Code Validation
- Block risky configs
- Auto-remediate at the source
Vulnerability Management
- Scan in CI/CD and registries
- Block risky images
- Prioritize vulns using runtime context
Configuration and Permission Management
- Detect cloud misconfigurations
- Enforce least privilege access
- Use OPA to apply consistent policies
Threat
Detection
- Use Falco to detect threats, drift, config changes, and runtime vulns
- Implement K8s native microsegmentation
Incident
response
- Capture detailed record for forensics
- Remediate config issues
- Block malicious activity
Compliance (PCI, NIST, SOC 2 and others)
Sysdig Secure
Radically Simple to Run
Simple, powerful instrumentation
Single agent for hosts, containers, and Kubernetes. Continuous cloud security running locally in your account.
SaaS delivery
No infrastructure to manage. Scale quickly as your environment grows.
Curated workflows
Save time with out-of-the-box dashboards and curated policies powered by the community.
Our list of integrations is always growing.
Infrastructure as Code (IaC)
CI/CD
Registries
Cloud
Containers as a Service (CaaS)
Orchestrator
SIEM
We've got you covered
SaaS delivery for simplicity and scale
- Hosted and managed by Sysdig experts
- SOC2 Type II certified
- Three availability zones in the U.S. and Europe
- Available as on-premises software if required