Deprecation Notes
| Application | Deprecated functionality | Announcement | Deprecation date |
|---|---|---|---|
| Host Shield & Agent | Legacy eBPF driver | Dec 4, 2025 | Dec 4, 2026 |
| Host Shield & Agent | Agent Secure mode | Dec 4, 2025 | Dec 4, 2026 |
| Host Shield & Agent | container_engines | Dec 4, 2025 | Dec 4, 2026 |
| Host Shield & Agent | Support for Mesos metrics | August 28, 2025 | August 28, 2026 |
| Host Shield & Agent | Agent Monitor Light mode | Aug 27, 2025 | Aug 27, 2026 |
| SaaS - Sysdig Secure | Terraform properties in AWS & GCP Onboard | Jul 1, 2025 | Nov 30, 2025 |
| Host Shield & Agent | Linux Kernel prior to 3.10 | Feb 1, 2025 | June 17, 2025 |
| Host Shield & Agent | Custom App Checks | Feb 1, 2025 | June 17, 2025 |
| Host Shield & Agent | Support for Python 2.7 | Feb 1, 2025 | June 17, 2025 |
| Serverless Agent | Serverless Orchestrator Agent | Dec 17, 2024 | Aug 1, 2025 |
| SaaS - Sysdig Secure | Legacy Scanning Engine | July 18, 2025 | July 18, 2025 |
| Host Shield | Support for RHEL6 and CentOS6 | Feb 1, 2024 | March 1, 2024 |
For migration support and guidance, contact Customer Success.
The dates below refer to the deprecation date of features and applications.
November 04, 2026
Legacy eBPF Driver
Starting with version 14.3.0, no new features will be introduced for the Legacy eBPF driver. The driver will retire on December 04, 2026.
Secure Mode
Secure Mode is deprecated and will retire on December 04, 2026. To ensure continued support and improved performance, migrate to Secure_Light mode.
Configuration Keys
The following configuration keys are deprecated and will be removed in an upcoming release:
container_engines.dockercontainer_engines.podmancontainer_engines.cricontainer_size_request.enabled
Replace these keys with the following:
container_runtime.docker.enabledcontainer_runtime.podman.enabledcontainer_runtime.cri.enabledcontainer_runtime.size_request_enabled
In accordance with our support policy, support for these keys will be fully removed within 12 months. Update your configurations to ensure compatibility with future releases.
December 15, 2025
List Matching Policies and Rules Creation
You will not be able to create new List matching Policies and Rules. In place of those, we suggest using Falco. It’s more versatile and helps you create more valuable detections.
Existing Policies and rules will continue working until further notice. It is also possible to continue modifying existing policies and rules.
We encourage you to start converting your existing List matching Policies and Rules to rely on Falco using the guide here.
Nov 30, 2025
Terraform properties in AWS & GCP Onboard
If you onboarded your AWS accounts before Selective Cloud Account Onboarding was introduced, your Terraform or CFT configuration may include organizational_unit_ids or org_units. Contact your Sysdig support representative for guidance on transitioning to include_ouids and exclude_ouids.
If you onboarded your GCP accounts before Selective Cloud Account Onboarding was introduced, your Terraform configuration may include management_group_ids. Contact your Sysdig support representative for guidance on transitioning to include_folders and exclude_folders.
CLI Scanners version 1.3.0 and earlier
Sysdig CLI Scanner versions 1.3.0 and earlier will no longer be able to submit scan results to the Sysdig backend. All external-facing endpoints that support these scanners will be decommissioned across all regions. Upgrade your CLI scanner to the latest available version to have continuous support.
Sept 30, 2025
Container ID as Primary Identifier in Vulnerability Management Scanning:
We are deprecating the use of Container ID as the unique identifier for vulnerabilities within Host Scanning when Container Scanning is enabled.
Previously, vulnerabilities were tracked and counted using Container ID. This meant that even if the same container image or workload was restarted, each new Container ID would be counted separately and generate a new scan result.
Now, vulnerabilities are correlated using a combination of Hostname, Container Name, and Image ID. This provides a stable identifier across restarts and ensures more accurate correlation of Software Bill of Materials (SBOM) to running container workloads.
Impact
As the change rolls out, the following impact is expected:
- Vulnerability counts in dashboards will change. They may temporarily spike due to the changeover and new identification of vulnerabilities and resources. This will normalize after the switch and the old results drop off. Once the change is fully in effect, vulnerability counts will appear lower, as duplicate entries tied to container restarts or redeploys are eliminated.
Benefits
This update grants the following benefits:
- Reduced noise and clearer vulnerability data, as containers will no longer be overcounted.
- Improved accuracy as vulnerabilities will be tied to Host, Container Name, and Image ID.
Timeline
September 30th, 2025: Container ID support will be fully deprecated and begin rollout to all environments. After this date, all vulnerability identifiers will use Hostname + Container Name + Image ID.
Recommended Actions
No customer action is required. Dashboards and reports will automatically reflect the new identifier model by the deprecation date.
Aug 1, 2025
Serverless Orchestrator Agent
The Orchestrator Agent entered its deprecation phase with Serverless Agent 5.3.0 and is set to be fully deprecated by Aug 1, 2025.
After this date, it will no longer receive updates, including development, maintenance, bug fixes, or security patches. For guidance on migrating from the Orchestrator, please refer to Migrating from Orchestrator.
July 18, 2025
Legacy Scanning Engine
As part of our ongoing efforts to improve performance, security, and reliability, we are officially deprecating the Legacy Scanning Engine.
On July 18, 2025, the following actions will take place:
The Legacy Scanning Engine UX pages will be removed from the platform.
All related backend services will begin shutting down.
We will no longer provide support for the Legacy Scanning Engine in any SaaS region after this date.
No further maintenance, updates, or bug fixes will be delivered.
SaaS users will no longer have access to Legacy Scanning Engine functionality via the user interface or APIs.
Any workflows or integrations that depend on this engine will cease to function.
We recommend all customers transition to our current scanning solution as soon as possible to ensure uninterrupted service and continued support. For details, see Vulnerability Management.
June 17, 2025
Linux Kernel prior to 3.10
The minimum supported Linux kernel version is 3.10.
Users running older kernel versions should plan to upgrade to maintain compatibility and support.
Support for Python 2.7
Python 2.7 reached its official End of Life in January 2020, to enhance security, stability, and performance, support for Python 2.7 has been discontinued.
Sysdig recommends updating to a supported Python version.
Custom App Checks
To improve Sysdig Monitorβs functionality and streamline integrations, Sysdig has now sunset Custom App Checks
Sysdig strongly recommends transitioning to Monitoring Integrations for better performance and support.
March 1, 2024
Support for RHEL6 and CentOS6
As part of Sysdig Agent 13.0.0 release Sysdig dropped the support for RHEL6 and CentOS6, all the customer that are affected has received communication from their Sysdig rappresentative.
On-prem installations remain supported until individual account contracts are expired. Sysdig is also committed to supporting feeds for those environments.
