Sysdig Secure for cloud
Sysdig Secure for cloud is the software that connects Sysdig Secure features to your cloud environments to provide unified threat detection, compliance, forensics, and analysis.
Because modern cloud applications are no longer just virtualized compute resources, but a superset of cloud services on which businesses depend, controlling the security of your cloud accounts is essential. Errors can expose an organization to risks that could bring resources down, infiltrate workloads, exfiltrate secrets, create unseen assets, or otherwise compromise the business or reputation. As the number of cloud services and configurations available grows exponentially, using a cloud security platform protects against having an unseen misconfiguration turn into a serious security issue.
Check Sysdig Secure - Secure for cloud to review the features provided per cloud.
Multiple Installation Options
Sysdig Secure for cloud is available on a variety of cloud providers, with simplified installation instructions available from the Data Sources screen.
Terraform based
Supported cloud providers at this time are:
Full Install
Agentless (CSPM Only)
Cloud-Native templates
Native template deployment for
Helm Chart based (feature limited)
Core component for Sysdig Secure for Cloud, is called cloud-connector, which is also available through following methods:
Note: Installing this component will only allow you threat detection and image scaning features, although together with SysdigCompliance IAM role, it can handle Compliance and Identity and Access Posture too.
Deployment Summary
Features
- Threat Detection: Requires a Compute Deployment
- Compliance: Requires Sysdig Role Setup
- Identity and Access Management: Requires Compute Deployment and Sysdig Role Setup
- Image Scanning: Requires a Compute Deployment, and will Spawn Scanning Service
Single vs. Organizational
- Single: Targets a single account/project/subscription. Only a single workload is spawned in the specified account/project/subscription, that will target the resources of the account.
- Organizational: Targets the whole organization/tenant. Only a single workload is spawned in the specified account/project/subscription, that will target the whole organization/tenant.
Summary
| Cloud | Single Setup | Organizational Setup | Event Source | Compute Deployment Options | Sysdig Role Setup | Image Scanning Options | Spawned Scanning Service |
|---|---|---|---|---|---|---|---|
| AWS | Account | Organization with member accounts | Cloudtrail | ECS, Apprunner, K8s | IAM Role with Trusted Identity | ECS deployed images, ECR, Public Repositories | Codebuild project |
| GCP | Project | Organization with member projects | Project/Organization Sink, GCR PubSub Topic | CloudRun, K8s | Workload Identity Federation | CloudRun deployed images, GCR, Public Repositories | Cloudbuild task |
| Azure | Subscription | Tenant subscriptions | EventHub, Eventgrid | Azure Container Instances(ACI), K8s | Azure Lighthouse | ACI deployed images, ACR, Public Repositories | ACR Task |
See Also
- Subscription Type Cloud Limitations
- Does our installation method not adapt to your infrastructure? Fill up our Secure for Cloud Questionnaire and use the public Github Repositories to let us help you. You can also Contact us through our usual support channel.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.