Sysdig Announces Revolutionary Generative AI Defense for Cloud Security

JULY 25, 2023


New Sysdig Sage will combine the power of runtime insights with a unique AI architecture that mediates interactions with multiple LLMs to uncover hidden risks and attack paths

SAN FRANCISCO – (July 25, 2023) – Sysdig, the leader in cloud security powered by runtime insights, today announced Sysdig Sage, a generative AI assistant built on a unique AI architecture specifically designed for cloud security. Sysdig Sage goes beyond typical AI chatbots to employ multistep reasoning and multidomain correlation to quickly discover, prioritize, and remediate risks specific to the cloud. It also leverages the power of Sysdig runtime insights to reveal hidden connections between risks and security events that would otherwise go undetected.

Generative AI Architecture Built for Cloud Security

The Sysdig generative AI architecture transcends standard AI chatbots that are designed to answer a specific question using a single large language model (LLM) and stateless analysis. Instead, Sysdig Sage uses a unique human-to-AI controller that mediates user interactions with LLMs to provide more advanced, tailored recommendations. This unique architecture:

  • Deploys multistep reasoning: Sysdig Sage uses multistep reasoning, an iterative process that delivers relevant context to uncover hidden connections, prioritize risks, and accelerate investigations. For example, it can explore risk factors along multiple attack paths including trails of seemingly low-risk events that, in aggregate, pose a significant risk.
  • Performs multidomain correlation: Sysdig Sage aggregates and analyzes telemetry from multiple domains including vulnerabilities, compliance, permissions, and runtime. Instead of wasting time context switching between multiple tools or relying on the post-processing of logs, users get relevant data and visualizations in a single place so that they can take timely and informed action.
  • Tailors detection using open source Falco: The collective knowledge of the Falco open source community is integrated into Sysdig Sage right out of the box. Sysdig Sage can optimize Falco detection rules to the user’s environment so that they can detect threats and attacks earlier. Originally created by Sysdig, Falco is the open source solution for cloud threat detection, with more than 65 million downloads.
  • Takes action: Sysdig Sage takes action after discerning risks and priorities. It provides recommended actions based on the relevant context from the full line of investigation and questioning. Users can then grant approval to execute recommended actions, saving valuable time when it matters the most – during the attack.

What People are Saying

“Generative AI has the power to improve security, but it must be harnessed in a way that addresses the unique challenges of the cloud,” said Loris Degioanni, Founder and CTO of Sysdig. “With Sysdig Sage, we are adding the power of generative AI to our cloud security platform to help practitioners by empowering them with cloud security expertise, uncovering hidden security connections that are otherwise not obvious, and ultimately helping them work smarter and respond faster.”

“Having an assistant that provides relevant context during an attack or for day-to-day tasks is extremely valuable. The architectural approach Sysdig has taken with Sysdig Sage is revolutionary and unlike anything we are seeing from other cloud security vendors. We anticipate that this will help break down silos in cloud domain knowledge, uncover hidden risks, and connect dots along the attack path,” said Ismael Alaoui, Principal Architect at Onna.


Sysdig Sage is currently accepting candidates for early access to preview later this year. Sign up here for more information.

To Learn More

Media Contact

Sysdig Press
[email protected]

Sysdig Logo

In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig, rated #1 for CSPM in the Gartner Peer Insights “Voice of a Customer” report, correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation.

Sysdig. Secure Every Second.