Overview
Product Information on Sysdig Secure
What is Sysdig Secure?
Sysdig Secure Pricing
Sysdig Secure Product Images
Overall experience with Sysdig Secure
“Good Visibility and AWS integrations, but needs work to filter out noise”
“Key Vulnerability Workflow Features Missing Amid Heavy Resource Consumption Concerns”
About Company
Company Description
Sysdig is a cloud security company that focuses on runtime in order to both prevent, detect, and respond to attacks in real time. The company combines the ability to detect changes in risk using runtime insights, an AI-based architecture, and open source Falco. This technology base enables the company to correlate signals across cloud workloads, identities, and services to uncover hidden attack paths.
Company Details
Do You Manage Peer Insights at Sysdig?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
User Sentiment About Sysdig Secure
Reviewer Insights for: Sysdig Secure
Performance of Sysdig Secure Across Market Features
Sysdig Secure Likes & Dislikes
The compliance section is really well done. Being able to see frameworks side-by-side, understand which controls we are failing, and mark certain findings as accepted risk has been helpful for our audits. I also like how vulnerabilities are separated by where they show up - makes it easier to figure out if something slipped through CI or came from the base image. The Falco rules give us a lot of control once you figure out how to use them properly.
The meta data for the vulnerabilities is quite good. Integration with cloud and k8s is easy and painless. Anomaly detection is pretty good
Sysdig's vulnerability management tools have excellent context-aware filtering that allows us to filter CVEs by those that are critical, in-use by the workload at runtime, exposed, exploitable, and have a fix available. This has allowed us to cut 99.99% of CVE noise from our environments and focus on fixing the most important things first. We also like the runtime security features - Sysdig is able to sort through and filter out noise and false positives and is able to learn your environment. This has led to a massive reduction in alert fatigue. It is also very easy to apply runtime security tools to workloads (such as preventing the execution of specific binaries, etc). We've also been enjoying the network security tools. Sysdig is able to track which workloads communicate with each other and provide diagrams and network policy suggestions.
Too many medium-severity alerts that turn out to be nothing. We're constantly triaging stuff that doesn't matter for our actual environment. The prioritization isn't smart enough - it doesn't seem to consider whether a vulnerable package is actually being used or exposed to the internet. We need better context around which CVEs actually pose risk to us, versus just existing somewhere in the stack. Also, the data security features feel pretty basic compared to what you get for infra security.
The UI needs a lot of improvement, it's confusing and not intuitive. Opening tickets per image is a big missing feature to complete the vuln mgmt workflow. The automatically generated remediation guidance from Sage is missing key information. The pricing model is a huge pain, as it's difficult to estimate growth in nodes and not all nodes are created equal and it emphasizes you to use the largest node size possible to save money. Constantly needing to true-up within the year. My infra team also says the agent consumes too many resources is and much heavier than other equivalent agents. There's also no internet exposure or attack path feature, as it's only for the ingress controllers, but nothing behind them.
We wish that Sysdig offered more tooling to help developers deploy secure applications to Kubernetes - such as secure container images and other kinds of SAST/DAST tooling to help developers catch issues before they make it to the clusters. We also wish that Sysdig's integrations and plugins with other products (like IDEs, CI/CD pipelines, etc) were more well maintained. Many of these are open source integrations and have had many bugs and issues. Granted, they were addressed and fixed, but they do not seem very active. The final thing is we wish that Sysdig supported on-prem environments better when it comes to workload exposure filtering. Currently, it only works on cloud platforms. While there is a feature request for this to work on prem, it has been in the works for almost a year with little update.
Top Sysdig Secure Alternatives
Peer Discussions
Sysdig Secure Reviews and Ratings
- SRE<50M USDHealthcare and BiotechReview Source
Good Visibility and AWS integrations, but needs work to filter out noise
We've used Sysdig for a few months. Setup was pretty smooth thanks to the AWS Organizations support - that definitely helped us get going faster than expected. The vulnerability views across pipeline, registry, and runtime are useful for tracking where issues come from. That said, we're still spending quite a bit of time filtering out false positives on the threat detection side. Support has been hit or miss - we've had some really helpful interactions on Slack, but response times aren't always consistent. - DevSecOps Engineering Manager<50M USDTelecommunicationReview Source
Sysdig Reduces CVE Noise and Alert Fatigue With Runtime Aware Tools
Sysdig overall has been a pleasure to use and implement in our organization. It has replaced several other tools and manual processes with one unified platform for vulnerability management, runtime security, and compliance reporting. New features are rolled out frequently, and whenever we find a bug or have a feature request it is relayed to the appropriate folks quickly. Their customer success team responds quickly and is knowledgeable about the platform and the underlying tech. - CTO<50M USDSoftwareReview Source
Sysdig's CNAPP Suite Offers Robust Security Features through Detailed Threat Detection and AI Capabilities
The Sysdig CNAPP security suite is amongst the best in the business. The product itself is fairly comprehensive and they are able to capture signals that most other vendors can't. The account team has been phenomenal and has been engaged since we first reached out. Overall, we're very happy with the service and the team. - IT Associate1B-10B USDSoftwareReview Source
Operational Workflow Strengthened by Sysdig Despite Documentation and Language Limitations
Sysdig has significantly clarified our team's security posture, which was previously a vague area. We successfully established a formal operational workflow for addressing application vulnerabilities, which had previously been handled in an ambiguous manner. - IT Security & Risk Management Associate50M-1B USDSoftwareReview Source
Sysdig’s Alert Customization and Reporting Features Facilitate Cloud Deployment Monitoring
Sysdig is very easy to set up and the documentation is pretty straightforward. I like the fact that they have a lot of predefined vulnerability and posture policies so I don't have to create them manually. Overall it's a great product because it offers solutions to every stage of cloud deployment.