Introduction to Sysdig Secure DevOps Platform

Embed security, compliance and performance into DevOps workflows The Sysdig Secure DevOps Platform converges security and compliance with performance and capacity monitoring to create a...


Sysdig is the first unified approach to monitor and secure containers across the entire software lifecycle and helps you gain trust in your container-based microservices platform. Sysdig gives you control over and accelerates the transition to cloud native technologies by giving insights into day-to-day telemetry and security operations.

Sysdig is an Open Core company, meaning their core tools are open source, and offer commercial versions with enterprise features and support. For Sysdig, this means the sysdig, inspect and falco tools are their open core, and rely on a number of other existing open source tools, such as Prometheus. They build a number of commercially available products on top.

Sysdig Platform
Sysdig Platform enables full-stack insights into the behaviour of (cloud) infrastructure, container hosts and applications running inside those containers. With this rich set of data, it becomes easy to define what activity is considered normal for your applications, and be notified when this behaviour deviates. This applies to security as well as performance and availability incidents.

Sysdig Monitor
Using the open source capture and analysis tools sysdig and inspect, Sysdig Monitor, an enterprise-grade container monitoring platform, leverages kernel-level observability to troubleshoot application performance and security issues and visualizes them in an intuitive UI for quick analysis, correlation, mitigation and easy drill-downs into potential performance hot spots. Sysdig integrates with Kubernetes, OpenShift, Mesos, Docker EE and many cloud providers to dynamically map services using full-stack metadata.

Sysdig combines detailed container telemetry, rich Kubernetes and Docker monitoring and enterprise-grade Prometheus monitoring, delivering better application observability, alerting and troubleshooting. Monitor uses only a single instrumentation point per host, massively simplifying the adoption curve for effective and full-stack container monitoring.

Sysdig Secure
Secure is Sysdig’s security product, based on the open source Falco project, a CNCF sandbox project. It brings together container image scanning, compliance, run-time protection and forensics to identify vulnerabilities, threats, meet regulatory requirements and audit activity across microservices. Sysdig Secure uses trace-driven capture of system calls, processes, containers, connections and file systems, allowing you to dive deeper.

Sysdig Secure manages the container security aspects across the entire lifecycle, from image vulnerability management to configuration compliance checks and run-time prevention and detection.