Articles from Sysdig

KubeCon + CloudNativeCon North America 2025 – Sysdig, the leader in real-time cloud security, today announced new open source threat investigation and analysis capabilities for Falco, the standard for runtime cloud threat detection used by more than 60% of the Fortune 500. These updates deepen Falco’s ability to integrate with Stratoshark, creating a unified, end-to-end cloud security workload built entirely on open source.

Sysdig, the leader in real-time cloud security, today announced the launch of its Model Context Protocol (MCP) server and partner integration hub, giving customers access to AI-powered security insights across their entire ecosystem. With Sysdig's partner integration hub, organizations can ingest data from their security tools — such as application security, supply-chain risk, and API protection — and enrich it with runtime intelligence to validate exposure, threats, vulnerabilities, and risk. Additionally, the new Sysdig MCP server seamlessly integrates into an organization's preferred AI platform, making this intelligence instantly accessible through flexible queries. By unifying third-party context with runtime insights, Sysdig provides a comprehensive view of every cloud asset, including where it's running and who owns it, enabling security teams to better prioritize remediation, strengthen accountability, and reduce cloud risk.

Black Hat USA – Sysdig, the leader in real-time cloud security, today announced the launch of the industry’s first agentic cloud security platform. With Sysdig’s autonomous AI agents, designed to analyze cloud environments end to end and surface hidden business risk, organizations can remediate crucial threats in minutes and deliver measurable improvements in their security posture. Sysdig Sage™, the company’s fully integrated AI cloud security analyst, understands context from the entire business and provides clear, contextual remediation recommendations, reducing an organization’s exposure time to critical vulnerabilities from days to minutes.

Sysdig, the leader in real-time cloud security, today announced the Sysdig Open Source Community, a new global hub connecting users of its open source tools, including Falco, Wireshark, Stratoshark, and sysdig OSS. The community, designed to unify and support the worldwide ecosystem of security professionals, developers, engineers, analysts, and students, will go beyond technical collaboration. It will also offer professional development opportunities, including certification programs, job and freelance boards, mentorship pairing, and a dedicated student support center.

Sysdig, the leader in real-time cloud security, today announced the complete integration of Sysdig Sage™ into its platform, giving security and development teams the power to effortlessly identify, investigate, and remediate risk with the support of the company’s AI cloud security analyst. As the first AI analyst fully integrated across a cloud-native application protection platform (CNAPP), Sysdig Sage enhances the speed, precision, and confidence of people working to secure every stage of the software development life cycle. Sysdig Sage removes guesswork across the board, helping teams instantly understand the “who, what, when, where, and how” of emerging cloud threats, and proactively suggesting high-impact, low-effort fixes.

Sysdig, the leader in real-time cloud security, today announced the donation of Stratoshark, the company’s open source cloud forensics tool, to the Wireshark Foundation. This contribution underscores Sysdig’s commitment to fostering innovation within the community, building in the open, and pushing security forward with advanced tools that better understand cloud-native environments. Sysdig’s contribution includes Stratoshark’s source code, including the code to interface Wireshark with the Falco libraries, in addition to its associated trademarks, logos, and website domains.

Sysdig, the leader in real-time cloud security, today announced the appointment of Gary Olson as Chief Revenue Officer (CRO) and Crendal Kear as Chief Business Officer (CBO) following a remarkable 337% growth in Sysdig Sage™ user adoption over the last eight months. Sysdig Sage, the industry’s first agentic artificial intelligence (AI) cloud security analyst, uses multi-step reasoning and contextual awareness to help security teams find, understand, and fix issues faster. By accelerating human response, Sysdig Sage equips organizations to outpace attackers and decrease cost per incident by >50%.

Sysdig, the leader in real-time cloud security, today released its “2025 Cloud-Native Security and Usage Report.” The company’s annual user analysis provides in-depth insights into real-world cloud security and usage trends, highlighting significant enterprise security progress while identifying key areas that demand urgent attention.

FOSDEM 2025 – Sysdig, the leader in real-time cloud security, today announced the release of Stratoshark, an open source tool that extends Wireshark’s granular network visibility into the cloud and empowers users with a standardized approach to cloud observability. For 27 years, Wireshark – with over 5 million daily users and more than 160 million downloads in the last decade alone – has helped users analyze network traffic and troubleshoot issues. As companies have transitioned to the cloud, however, engineers and analysts have lacked the same visibility from a comparable open source tool. Stratoshark unlocks deep cloud observability and introspection, helping analyze and troubleshoot cloud system calls and logs with a level of granularity and workflow familiar to long-time Wireshark users.

Sysdig, the leader in real-time cloud security, today announced that it had been recognized as Customers’ Choice in the Gartner Peer Insights “Voice of the Customer for Cloud-Native Application Protection Platforms” (CNAPPs) report. This recognition was driven by more than 100 reviews over the last 18 months where customers gave Sysdig an average of 4.9 out of a possible 5 stars and a 99% “willing to recommend” rating as of October 2024. Customers across the globe trust Sysdig to provide unified, comprehensive cloud security and protect their modern, dynamic environments. This customer-driven report comes on the heels of Sysdig’s #1 rating in the Gartner “Voice of the Customer” report for cloud security posture management (CSPM), released in March 2024.

Sysdig, the leader in real-time cloud security, today announced the appointments of Sergej Epp as Chief Information Security Officer (CISO) and Shanta Kohli as Chief Marketing Officer (CMO) under the direction of CEO William “Bill” Welch, who joined the company last month. Together, Kohli and Epp bring nearly four decades of cybersecurity experience and a track record of success in the cybersecurity industry across organizations including Palo Alto Networks, Kiteworks, and Blue Coat Systems (a company acquired by Symantec).

Sysdig, the leader in real-time cloud security, today announced the appointment of William “Bill” Welch as Chief Executive Officer. Welch, a proven leader in scaling high-growth cybersecurity companies, joins Sysdig following senior executive roles at Duo Security, Zscaler, and Symantec, and most recently served as President and COO of Talkdesk. His appointment will further accelerate Sysdig’s growth trajectory and expand its global impact in the rapidly evolving cloud-native application protection platform (CNAPP) market. Welch will also join the Sysdig board of directors.

KubeCon + CloudNativeCon North America – Sysdig today announced the launch of Falco Feeds by Sysdig, a continuously evolving and curated set of Falco detections. With over 130 million downloads, open source Falco has set the standard for runtime threat detection in the cloud, and Falco Feeds extends its power and utility. Backed by the Sysdig Threat Research Team (TRT), a dedicated group of threat researchers on the leading edge of emerging cloud risks and vulnerabilities, Falco Feeds gives open source-focused companies access to expert-written rules that continue to be updated as new threats are discovered.

Sysdig, the leader in real-time cloud security, today announced the release of the Sysdig Threat Research Team’s (TRT) “2024 Global Threat Year-in-Review.” The report, which Sysdig threat researchers derive from real-world adversarial operations and attack campaigns, highlights the evolution of threat attackers’ tactics, including a growing reliance on automation and new cloud technologies.

Sysdig, the leader in real-time cloud security, today announced that it has been recognized as “Company of the Year” for container and Kubernetes security by Frost & Sullivan. The company also announced the appointment of Omer Azaria to the role of Chief Product Officer (CPO).

Black Hat USA – Sysdig, the leader in real-time cloud security, today announced the launch of Cloud Identity Insights, an expansion of its cloud detection and response (CDR) capabilities designed to correlate identity behavior with workload activity and cloud resources. Cloud Identity Insights can instantly detect compromised identities, help contain them in real time, and leverage smart policy optimization to prevent future breaches. This deep and broad coverage is made possible by the next generation of Sysdig’s proven enterprise-ready agent, launched today. This next-gen agent builds on the company’s lightweight instrumentation to use 50% fewer resources and is supported by both a universally compliant second-generation eBPF probe and open source Falco.

Sysdig, the leader in real-time cloud security, today announced AI-powered detection and response with Sysdig Sage™, the company’s generative AI security analyst. When organizations have only minutes to respond to cloud attacks, Sysdig Sage turns lengthy investigations into fast, meaningful conversations that focus security teams on what matters most, using multi-step reasoning and contextual awareness. Sysdig Sage transcends the basic data summarization offered by other AI tools to actually interact with users through humanlike conversations that consider previous context for more in-depth answers. Built on a unique autonomous agents architecture, Sysdig Sage knows where the user is in the product and provides rich context, while proactively suggesting next steps and even directing the user’s workflow. See Sysdig Sage in action.

Sysdig, the leader in real-time cloud security, today announced the expansion of its cloud-native security platform with a new software-as-a-service (SaaS) region in India. Sysdig is expanding the SaaS version of its cloud-native application protection platform (CNAPP) to the Indian subcontinent in response to growing customer demand and the region’s rapidly expanding cloud economy.

Sysdig, the leader in real-time cloud security, today announced enhanced cloud-native investigations designed to cut incident analysis time to 5 minutes. This acceleration is made possible by automating the collection and correlation of events, posture, and vulnerabilities to identities for even the most complex cloud attacks. When an attack happens in less than 10 minutes in the cloud, investigations must move fast. Sysdig’s real-time cloud investigation gives organizations back precious time, reduces their skill gaps, and grants security and platform teams the ability to make better-informed, faster decisions.

AWS re:Inforce – Sysdig, a leader in real-time cloud security, today announced the extension of AI Workload Security to Amazon Bedrock, Amazon SageMaker, and Amazon Q. In a world where security teams are challenged with staying ahead of attackers, AI workloads containing massive amounts of sensitive training data are ripe targets. AI Workload Security, an extension of the Sysdig cloud-native application protection platform (CNAPP), identifies and manages active AI risk giving security teams greater visibility into their environments, real-time identification of suspicious AI workload activity, and vulnerability prioritization powered by real-time runtime insights.

Sysdig, the leader in cloud security powered by runtime insights, today announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks. With Sysdig, ecosystem partners leverage Sysdig’s runtime insights to help organizations harden defenses, identify active cloud risks, stop attacks, and streamline cloud security from development through production.

Sysdig, the leader in cloud security powered by runtime insights, today announced the launch of AI Workload Security to identify and manage active risk associated with AI environments. The newest addition to the company’s cloud-native application protection platform (CNAPP) is designed to help security teams see and understand their AI environments, identify suspicious activity on workloads that contain AI packages, and fix issues fast.

Sysdig, the leader in cloud security powered by runtime insights, today announced that it has been named Google Cloud’s 2024 Technology Partner of the Year for Security in Configuration, Vulnerability Management, and GRC. This award recognizes Sysdig for its continued innovation, collaboration, and dedication to customer success.

Sysdig, the leader in cloud security powered by runtime insights, today announced that the company was named a Strong Performer — one of only two vendors to receive the recognition — in Gartner Peer Insights “Voice of the Customer” for Cloud Security Posture Management (CSPM) Tools. Sysdig is the only cloud security platform to receive the maximum of five stars in the report, which was derived directly from verified customer feedback, and synthesizes reviews and ratings received as of November 30, 2023.

Sysdig, the leader in cloud security powered by runtime insights, today celebrates Falco becoming a graduated project within the Cloud Native Computing Foundation (CNCF). Falco’s graduation caps years of its growth as a leading open source cloud-native threat detection engine and emphasizes the importance of runtime security as organizations adopt cloud-first practices. In light of the updated SEC cybersecurity incident disclosure guidelines, Falco’s graduation comes at a time when companies are rethinking security strategies and pursuing comprehensive incident visibility to determine materiality. Immediately knowing when someone is inside an environment and shutting them down in seconds dramatically decreases the attack surface and impact.

Sysdig, the leader in cloud security powered by runtime insights, today released its “2024 Cloud-Native Security and Usage Report.” Following the company’s seventh annual report, the recent significant infrastructure breaches across well-known organizations, and the updated Securities and Exchange Commission (SEC) cybersecurity and disclosure rules, Sysdig is highlighting its team of researchers and thought leaders, whose work paves the way in cloud-native threat investigation and security strategy. With experience ranging from enterprise architecture to national intelligence analysis and exploit detection to offensive security research, these leaders bring a wealth of expertise to the broader cloud security ecosystem.

Sysdig, the leader in cloud security powered by runtime insights, today announced findings from its “2024 Cloud-Native Security and Usage Report.” Looking at real-world data, the seventh annual report details the dangerous practice of putting convenience before preventive security in pursuit of faster application development. This report comes on the heels of significant infrastructure breaches across well-known organizations and the recently updated Securities and Exchange Commission (SEC) cybersecurity and disclosure rules.

Sysdig, the leader in cloud security powered by runtime insights, today announced that Sysdig has been named the top Cloud Security Platform by the 2023 InfoWorld Technology of the Year Awards. The annual awards program recognizes the best and most innovative products, from containers and DevOps to cloud computing and software development.

Sysdig, the leader in cloud security powered by runtime insights, today announced that Andy Dobrov has been named Senior Vice President of Customer Success, Support, and Services. Andy, who has an impressive track record of building customer success teams into strong competitive differentiators, joins Sysdig as the company builds on a monumental year – including Deloitte announcing Sysdig as one of the fastest-growing private companies and Newsweek naming Sysdig to their 1000 Excellence Index.

Sysdig, the leader in cloud security powered by runtime insights, announces malware threat detection and Windows server detection. With the speed, breadth, and interconnectedness of the cloud outpacing traditional endpoint detection and response (EDR) approaches, organizations require a purpose-built solution that stays ahead of cloud attacks and supports collaboration between security and development teams.

SANS CyberFest 2023 – Sysdig, the leader in cloud security powered by runtime insights, today released at SANS CyberFest 2023 the 5/5/5 Benchmark for Cloud Detection and Response, a new framework that outlines how quickly organizations should detect, triage, and respond to attacks in the cloud. Operating securely in the cloud requires a mindset shift in regard to time, and with that, cloud security programs need to hold themselves to a modernized benchmark: five seconds to detect, five minutes to correlate insights and understand what’s happening, and five additional minutes to respond. Recent findings by the Sysdig Threat Research Team published in the 2023 Global Cloud Threat Report note that, after discovering an exploitable target, malicious actors require less than 10 minutes to execute an attack.

DOCKERCON – Sysdig and Docker today announced the integration of Sysdig runtime insights into Docker Scout to help developers prioritize risk and move faster. Docker and Sysdig will help customers reduce software supply chain noise, prioritize the insights that matter, and build leaner container images. Sysdig is the first runtime security integration into Docker Scout.

Sysdig, the leader in cloud security powered by runtime insights, today announced Cloud Attack Graph, which provides the industry’s first real-time attack path analysis and live risk prioritization. Using its real-time insights from production, these new features identify unseen but imminent threats and attacks in motion. In addition, the company released a new cloud inventory that provides comprehensive cloud visibility with integrated search to surface information such as in-use instances of a critical vulnerability or roles with unused credentials. Sysdig also released agentless scanning, providing a complete agent and agentless solution across the software life cycle.

Sysdig, the leader in cloud security powered by runtime insights, today announced that the company has joined the Customer First program on Gartner Peer Insights™ in the cloud-native application protection platform (CNAPP) category. This program is for vendors that have approached review collection in an honest, unbiased fashion and are committed to understanding their current customer base. Sysdig has an average customer rating of 4.9 out of 5 across 65+ reviews submitted as of August 21.

Black Hat – Checkmarx, the global leader in application security solutions, and Sysdig, the leader in cloud security powered by runtime insights, today announced the integration of Sysdig Secure with Checkmarx One to help organizations prioritize critical risks and stay ahead of threats. By delivering runtime insights from Sysdig within the cloud-native Checkmarx One™ Application Security Platform, joint users have clear visibility into workloads that are running in production, with context and information that can help reduce vulnerability noise up to 95% and boost developer productivity.

According to the latest report from Sysdig, the leader in cloud security powered by runtime insights, the average time from recon to attack completion is now only 10 minutes. Using worldwide honeynets for the 2023 Global Cloud Threat Report, the Sysdig Threat Research Team sheds light on an alarming truth: Attacks in the cloud are lightning fast, with minutes determining the line between detection and severe damage. It’s clear that cloud attackers are taking advantage of the same things that lure companies to the cloud. While defenders need to protect their entire software life cycle, attackers only have to be right one time, and automation is making it even easier for them.

Sysdig, the leader in cloud security powered by runtime insights, today announced Sysdig Sage, a generative AI assistant built on a unique AI architecture specifically designed for cloud security. Sysdig Sage goes beyond typical AI chatbots to employ multistep reasoning and multidomain correlation to quickly discover, prioritize, and remediate risks specific to the cloud. It also leverages the power of Sysdig runtime insights to reveal hidden connections between risks and security events that would otherwise go undetected.

Sysdig, the leader in cloud security powered by runtime insights, today announced a partnership with Google Cloud to develop new generative artificial intelligence (AI) features in its cloud security platform. Sysdig’s cloud-native application protection platform (CNAPP) consolidates security to enable real-time vulnerability management, entitlement management, posture management, and threat detection and response. With Google Cloud’s Vertex AI, Sysdig can build AI-powered features and experiences that up-level security teams and protect cloud software development.

Gartner Security and Risk Summit – Sysdig, the leader in cloud security powered by runtime insights, today announced end-to-end detection and response embedded in its CNAPP. The company is the first vendor to deliver the consolidation of cloud detection and response (CDR) and Cloud-Native Application Protection Platforms (CNAPP), leveraging the power of open source Falco in both agent and agentless deployment models. This approach enables Sysdig to be the only CNAPP platform that can detect threats instantly anywhere in the cloud with 360-degree visibility and correlation across workloads, identities, cloud services, and third-party applications.

RSA -- Sysdig, the leader in cloud security powered by runtime insights, today announced an integration with ServiceNow Container Vulnerability Response (CVR), bringing runtime insights to help prioritize vulnerabilities for ServiceNow users. The ServiceNow CVR [1] application groups container vulnerabilities to enable teams to triage and remediate faster. With this integration, ServiceNow users can further triage with Sysdig by prioritizing what is active at runtime and therefore focus on issues that pose the greatest risk.

Sysdig, a leader in cloud security powered by runtime insights, announced today that it has achieved the Amazon Web Services (AWS) Cloud Operations Competency in the categories of Compliance and Auditing and Monitoring and Observability. The new AWS Cloud Operations Competency allows customers to select validated AWS Partners who offer comprehensive solutions with an integrated approach across all five solution areas of Cloud Operations: Cloud Financial Management, Cloud Governance, Monitoring and Observability, Compliance and Auditing, and Operations Management. As an AWS Cloud Operations Competency Partner, Sysdig has demonstrated expertise in helping customers build a strong and scalable foundation for their end-to-end Cloud Operations. Sysdig previously achieved six other AWS Competency designations.

According to a new report from Sysdig, the unified container and cloud security leader, it costs $430,000 in cloud bills for an attacker to generate $8,100 in cryptocurrency revenue. The report confirms that cryptojacking remains the primary motivation for opportunistic attackers, exploiting vulnerabilities and weak system configurations. Using worldwide honeynets, the Sysdig Threat Research Team (Sysdig TRT) took an extensive look at TeamTNT and geopolitical activities over the past nine months. Sysdig was able to draw conclusions on TeamTNT, the explosion of malicious payloads in Docker Hub, and the rise in DDos attacks after the Russian/Ukraine war began.

Sysdig, the unified container and cloud security leader, today announced that open source Falco threat detection is the first security tool to monitor gVisor. gVisor, the container security platform developed by Google and open sourced in 2018, provides an additional layer of isolation between running applications and the host operating system.

Sysdig, the unified container and cloud security leader, today announced ToDo, an actionable checklist showing prioritized risks, and Remediation Guru, guided remediation at the source. This is the industry’s first cloud security posture management (CSPM) offering that aggregates security findings by root cause and prioritizes remediation based on impact. ToDo saves time during investigations and Remediation Guru allows security and DevOps teams to fix issues in seconds with just a few clicks.

BLACK HAT (Booth #1760) -- Sysdig, the unified container and cloud security leader, today announced machine learning-powered cloud detection and response (CDR) to combat cryptojacking. The company’s threat engine and detection algorithms block cryptojacking in the cloud with 99% precision.

AWS re:Inforce (Booth #404) – Sysdig, the source to run cloud and container security company, announced today that it has achieved Amazon Web Services (AWS) Security Competency status in three categories. This designation recognizes that Sysdig has demonstrated deep expertise that helps customers achieve their cloud security goals.

Sysdig, the unified container and cloud security leader, announced Drift Control to prevent container attacks at runtime. Teams can detect, prevent, and speed incident response for containers that were modified in production, also known as container drift. Additionally, Sysdig enhanced malware and cryptomining detection with new threat intelligence feeds from Proofpoint Emerging Threats (ET) Intelligence and the Sysdig Threat Research Team. To be successful in the cloud, teams need a single view of risk with no blind spots, which includes having prevention that flags and blocks container drift.

(KubeCon + CloudNativeCon Europe) -- Sysdig, the unified container and cloud security leader, announced the availability of Sysdig Advisor, a Kubernetes troubleshooting feature that consolidates and prioritizes relevant performance details in Sysdig Monitor. By providing a single view of performance and event information, Sysdig Advisor enables operations, developers, and site reliability engineering (SRE) teams to troubleshoot issues faster while decreasing the number of tools needed.

(KubeCon + CloudNativeCon Europe) — Sysdig, the unified container and cloud security leader, announced today that Edd Wilder-James has joined Sysdig from Google to lead the company’s open source ecosystem team. As VP of Open Source Ecosystem, Edd will expand the open source team at Sysdig, with a focus on community outreach and partnerships. Sysdig was founded as and built on an open source foundation, which includes Sysdig Open Source (Sysdig OSS), Sysdig Inspect, Open Policy Agent, Prometheus, and Falco. Learn more about Edd and why he chose Sysdig.

(KubeCon + CloudNativeCon Europe) — Sysdig, the unified container and cloud security leader, announced that Sysdig open source, the incident response standard for containers, has been extended to the cloud. Using system calls, Sysdig open source (Sysdig OSS) traditionally offers deep observability into running applications, as well as file system access and network activity, which speeds incident response and troubleshooting. Teams can quickly filter information from Sysdig OSS and take action. With the announcement of this new integration, these capabilities have been extended beyond containers to any cloud environment.

Sysdig, the unified container and cloud security leader, announced the availability of Risk Spotlight, a vulnerability prioritization feature based on runtime intelligence. Risk Spotlight enables security teams to reduce alert noise and effectively prioritize remediation based on a more accurate risk assessment to efficiently reduce risk without slowing down developers.

Sysdig, the unified container and cloud security leader, announced today that the Sysdig platform has been extended to support Oracle Cloud Infrastructure (OCI). With Sysdig, a member of the Oracle Partner Network (OPN), Oracle Container Engine for Kubernetes (OKE) users gain a unified view of the risk, health, compliance, and performance of cloud-native applications. The Sysdig platform is now available on the Oracle Cloud Marketplace and, in addition to OKE monitoring, supports runtime security and host vulnerability scanning with Oracle Linux distributions (UEH and RHCK).

Sysdig, the unified container and cloud security leader, and Snyk, the leader in developer security, today announced the integration of Sysdig Secure with Snyk Container to cover container security from development through operations. Based on initial internal testing, this integration allows teams to eliminate up to 95 percent of vulnerability alerts using runtime intelligence from Sysdig Secure with Snyk Container.

KubeCon + CloudNativeCon North America – Sysdig today announced the addition of cloud security monitoring functionality to the Falco open source software project. The new Amazon Web Services (AWS) CloudTrail plug-in provides real-time detection of unexpected behavior and configuration changes, intrusions, and data theft in AWS cloud services using Falco rules. The Falco community developed this extension with Sysdig based on a new plug-in framework that allows anyone to extend Falco to capture data from additional sources beyond Linux system calls and Kubernetes audit logs. As organizations manage critical data across multiple clouds, they need consistent threat detection across their distributed environments. Additional plug-ins will allow organizations to use a consistent threat detection language and close security gaps by using consistent policies for workloads and infrastructure. In addition, more than twenty new out-of-the-box policies supporting compliance frameworks were released.

Sysdig, Inc., the secure DevOps leader, announced today significant enhancements to Sysdig Monitor, which radically simplifies Prometheus adoption with a new integrations manager, simplified querying, and long-term metric storage for its managed Prometheus service.