New Sysdig Sage will combine the power of runtime insights with a unique AI architecture that mediates interactions with multiple LLMs to uncover hidden risks and attack paths
SAN FRANCISCO – (July 25, 2023) – Sysdig, the leader in cloud security powered by runtime insights, today announced Sysdig Sage, a generative AI assistant built on a unique AI architecture specifically designed for cloud security. Sysdig Sage goes beyond typical AI chatbots to employ multistep reasoning and multidomain correlation to quickly discover, prioritize, and remediate risks specific to the cloud. It also leverages the power of Sysdig runtime insights to reveal hidden connections between risks and security events that would otherwise go undetected.
Generative AI Architecture Built for Cloud Security
The Sysdig generative AI architecture transcends standard AI chatbots that are designed to answer a specific question using a single large language model (LLM) and stateless analysis. Instead, Sysdig Sage uses a unique human-to-AI controller that mediates user interactions with LLMs to provide more advanced, tailored recommendations. This unique architecture:
- Deploys multistep reasoning: Sysdig Sage uses multistep reasoning, an iterative process that delivers relevant context to uncover hidden connections, prioritize risks, and accelerate investigations. For example, it can explore risk factors along multiple attack paths including trails of seemingly low-risk events that, in aggregate, pose a significant risk.
- Performs multidomain correlation: Sysdig Sage aggregates and analyzes telemetry from multiple domains including vulnerabilities, compliance, permissions, and runtime. Instead of wasting time context switching between multiple tools or relying on the post-processing of logs, users get relevant data and visualizations in a single place so that they can take timely and informed action.
- Tailors detection using open source Falco: The collective knowledge of the Falco open source community is integrated into Sysdig Sage right out of the box. Sysdig Sage can optimize Falco detection rules to the user’s environment so that they can detect threats and attacks earlier. Originally created by Sysdig, Falco is the open source solution for cloud threat detection, with more than 65 million downloads.
- Takes action: Sysdig Sage takes action after discerning risks and priorities. It provides recommended actions based on the relevant context from the full line of investigation and questioning. Users can then grant approval to execute recommended actions, saving valuable time when it matters the most – during the attack.
What People are Saying
“Generative AI has the power to improve security, but it must be harnessed in a way that addresses the unique challenges of the cloud,” said Loris Degioanni, Founder and CTO of Sysdig. “With Sysdig Sage, we are adding the power of generative AI to our cloud security platform to help practitioners by empowering them with cloud security expertise, uncovering hidden security connections that are otherwise not obvious, and ultimately helping them work smarter and respond faster.”
“Having an assistant that provides relevant context during an attack or for day-to-day tasks is extremely valuable. The architectural approach Sysdig has taken with Sysdig Sage is revolutionary and unlike anything we are seeing from other cloud security vendors. We anticipate that this will help break down silos in cloud domain knowledge, uncover hidden risks, and connect dots along the attack path,” said Ismael Alaoui, Principal Architect at Onna.
Sysdig Sage is currently accepting candidates for early access to preview later this year. Sign up here for more information.
To Learn More
- Watch “Cloud Security Meets GenAI: Introducing Sysdig Sage.”
- Read “More than an Assistant – A New Architecture for GenAI in Cloud Security” by Loris Degioanni.
- Learn more about Sysdig Sage.
Sysdig helps companies secure and accelerate innovation in the cloud. Powered by runtime insights, the cloud security platform stops threats in real time and reduces vulnerabilities by up to 95%. Rooted in runtime, the company created Falco, the open source solution for cloud threat detection. By knowing what is running in production, Dev and security teams can focus on the risks that matter most. From shift left to shield right, the most innovative companies around the world rely on Sysdig to prevent, detect, and respond at cloud speed.