Deprecation Notes

Welcome to the deprecation notes for the SaaS and OnPrem versions of the Sysdig Platform. As part of our commitment to continuously improve the Sysdig platform, Sysdig may deprecate features and components over time. Deprecation decisions are made carefully, often in conjunction with new or improved capabilities.
ApplicationDeprecated functionalityAnnouncementDeprecation date
Host Shield & AgentLinux Kernel prior to 3.10Feb 1, 2025June 17, 2025
Host Shield & AgentCustom App ChecksFeb 1, 2025June 17, 2025
Host Shield & AgentSupport for Python 2.7Feb 1, 2025June 17, 2025
SaaS - Sysdig SecureLegacy Scanning EngineJuly 18, 2025July 18, 2025
Serverless AgentServerless Orchestrator AgentDec 17, 2024Aug 1, 2025
SaaS - Sysdig SecureTerraform properties in AWS & GCP OnboardJul 1, 2025Nov 30, 2025
Host Shield & AgentAgent Monitor Light modeAug 27, 2025Aug 27, 2026
Host ShieldSupport for RHEL6 and CentOS6Feb 1, 2024March 1, 2024
Host Shield & AgentSupport for Mesos metricsAugust 28, 2025August 28, 2026

For migration support and guidance, contact Customer Success.

The dates below refer to the deprecation date of features and applications.

Nov 30, 2025

Terraform properties in AWS & GCP Onboard

If you onboarded your AWS accounts before Selective Cloud Account Onboarding was introduced, your Terraform or CFT configuration may include organizational_unit_ids or org_units. Contact your Sysdig support representative for guidance on transitioning to include_ouids and exclude_ouids.

If you onboarded your GCP accounts before Selective Cloud Account Onboarding was introduced, your Terraform configuration may include management_group_ids. Contact your Sysdig support representative for guidance on transitioning to include_folders and exclude_folders.

Sept 30, 2025

Container ID as Primary Identifier in Vulnerability Management Scanning:

We are deprecating the use of Container ID as the unique identifier for vulnerabilities within Host Scanning when Container Scanning is enabled.

Previously, vulnerabilities were tracked and counted using Container ID. This meant that even if the same container image or workload was restarted, each new Container ID would be counted separately and generate a new scan result.

Now, vulnerabilities are correlated using a combination of Hostname, Container Name, and Image ID. This provides a stable identifier across restarts and ensures more accurate correlation of Software Bill of Materials (SBOM) to running container workloads.

Impact

As the change rolls out, the following impact is expected:

  • Vulnerability counts in dashboards will change. They may temporarily spike due to the changeover and new identification of vulnerabilities and resources. This will normalize after the switch and the old results drop off. Once the change is fully in effect, vulnerability counts will appear lower, as duplicate entries tied to container restarts or redeploys are eliminated.

Benefits

This update grants the following benefits:

  • Reduced noise and clearer vulnerability data, as containers will no longer be overcounted.
  • Improved accuracy as vulnerabilities will be tied to Host, Container Name, and Image ID.

Timeline

September 30th, 2025: Container ID support will be fully deprecated and begin rollout to all environments. After this date, all vulnerability identifiers will use Hostname + Container Name + Image ID.

No customer action is required. Dashboards and reports will automatically reflect the new identifier model by the deprecation date.

Aug 1, 2025

Serverless Orchestrator Agent

The Orchestrator Agent entered its deprecation phase with Serverless Agent 5.3.0 and is set to be fully deprecated by Aug 1, 2025.

After this date, it will no longer receive updates, including development, maintenance, bug fixes, or security patches. For guidance on migrating from the Orchestrator, please refer to Migrating from Orchestrator.

July 18, 2025

Legacy Scanning Engine

As part of our ongoing efforts to improve performance, security, and reliability, we are officially deprecating the Legacy Scanning Engine.

On July 18, 2025, the following actions will take place:

  • The Legacy Scanning Engine UX pages will be removed from the platform.

  • All related backend services will begin shutting down.

  • We will no longer provide support for the Legacy Scanning Engine in any SaaS region after this date.

  • No further maintenance, updates, or bug fixes will be delivered.

  • SaaS users will no longer have access to Legacy Scanning Engine functionality via the user interface or APIs.

  • Any workflows or integrations that depend on this engine will cease to function.

We recommend all customers transition to our current scanning solution as soon as possible to ensure uninterrupted service and continued support. For details, see Vulnerability Management.

June 17, 2025

Linux Kernel prior to 3.10

The minimum supported Linux kernel version is 3.10.

Users running older kernel versions should plan to upgrade to maintain compatibility and support.

Support for Python 2.7

Python 2.7 reached its official End of Life in January 2020, to enhance security, stability, and performance, support for Python 2.7 has been discontinued.

Sysdig recommends updating to a supported Python version.

Custom App Checks

To improve Sysdig Monitor’s functionality and streamline integrations, Sysdig has now sunset Custom App Checks

Sysdig strongly recommends transitioning to Monitoring Integrations for better performance and support.

March 1, 2024

Support for RHEL6 and CentOS6

As part of Sysdig Agent 13.0.0 release Sysdig dropped the support for RHEL6 and CentOS6, all the customer that are affected has received communication from their Sysdig rappresentative.

On-prem installations remain supported until individual account contracts are expired. Sysdig is also committed to supporting feeds for those environments.