Container Compliance with Sysdig Secure

Meet regulatory compliance standards (e.g., PCI-DSS, NIST 800-190, NIST 800-53 and SOC2) when running containers and Kubernetes. Save time with out of the box policies that map to specific compliance controls. Continuously validate compliance and implement file integrity monitoring (FIM) across the entire application lifecycle.

Start Free Trial

SOC2 Compliance

SOC2 Compliance
for Containers & Kubernetes

CIS Benchmarks

CIS Benchmarks
for Docker & Kubernetes

NIST 800-190, NIST 800-53 rev 4

NIST 800-190
NIST 800-53 rev 4


Container PCI DSS

Get the guide for PCI compliance for containers and Kubernetes. Read Now

Validate Compliance Across the Entire Container Lifecycle

Sysdig Icon - Validate Compliace

Validate compliance & implement File Integrity Monitoring

Streamline compliance controls (CIS benchmarks, NIST 800-190, NIST 800-53, SOC2, PCI-DSS, etc) and enable File Integrity Monitoring (FIM) for containers via an automated workflow.

Sysdig Icon - Dashboard

Track cloud compliance with dashboards and analytics

Leverage mandate-specific container compliance dashboards to visualize compliance status and progress.

Sysdig Icon - Audit

Enable audit by correlating across all Kubernetes activity

Pass audits by correlating all container activity with Kubernetes application context, even after containers are gone, to identify trends and generate reports.

Validate Compliance and Implement File Integrity Monitoring

Unified overview to understand and measure your compliance progress.

Sysdig Secure provides out-of-the-box checks to verify container compliance and ensure File Integrity Monitoring. You can apply to images being pushed through the CI/CD pipeline or sitting in the registry. Sysdig Secure image scanning policies check a broad range of constructs, including container image metadata, content, licenses, vulnerabilities and Dockerfile instructions.

To meet industry best practices for container compliance, Sysdig Secure leverages CIS Benchmarks for Kubernetes and Docker. Guided remediation tips help you maintain or quickly reestablish CIS Kubernetes and Docker container compliance. Fine-grained compliance policies apply to any subset of the infrastructure: environment, application or namespace.

Sysdig Secure detects runtime container drift and compliance violations and responds with an immediate alert and response. Typical anomalous behavior detection includes:

  • Modification of system binaries after startup (NIST SP 800-190 4.4.4)
  • File Integrity Monitoring: Unauthorized file access to database containers (PCI-DSS 1.2.1)
  • Users spawning shells inside privileged containers (NIST SP 800-190 4.4.3)

Track Cloud Compliance with Reports, Dashboards and Analytics

Sysdig Secure maps standards (e.g., PCI, NIST, CIS) to specific controls and applies them to cloud environments. Internal and external auditors can schedule on-demand assessments and customizable compliance reports.

Quickly validate cloud compliance by visualizing container and cloud compliance patterns and trends, gaining valuable insights into container compliance and scoping it based on Kubernetes and cloud context. You may then embed the dashboard into existing workflows for GRC teams and CISO’s via an iframe.

Enable Audit by Correlating Across All Kubernetes Activity

Sysdig provides you with Kubernetes-specific API event rules that lets you:

  • Audit secret management, access and creation
  • Alert on requests by unauthorized users
  • Identify the creation of pods with a configuration that violates your policy
  • Alert on the suspicious creation or user binding of privileged roles
  • Identify the creation of resources in restricted namespaces like kube-system

Easily filter through any user or service interaction across the Kubernetes stack using an audit trail.

During a Kubernetes audit, you and your audit team needs to determine the “who”, “what”, “where”, “when” and “why” across the Kubernetes environment. Sysdig Secure Activity Audit accelerates incident response and enables audit for Kubernetes by correlating all container activity (e.g., executed commands, network connections, API events) with Kubernetes application context (e.g., users, services, deployments, namespaces), even after containers are gone.

For real time support of SOC2, PCI and HIPAA audit requirements, Sysdig Secure continuously audits all container activity, providing detailed evidence for auditors.

You may zoom into any timeframe – even for containers long gone – to see all container, user, application and service actions, including files touched, modified or exfiltrated.

“We use Sysdig Secure to report on all vulnerabilities and compliance violations in containers in specific Kubernetes namespaces.”

Japanese ISP

Start Free Trial

Sign-Up for a Sysdig Platform, Sysdig Secure or Sysdig Monitor free 30-day trial, no credit card required.