Getting Started with Sysdig Secure (Legacy)

This page is being replaced by the new Home page in Sysdig Secure, as well as the updated Data Sources pages.

Get Started Page (Free Tier)

Users who choose Sysdig Secure for cloud’s Free Tier option can quickly connect a single cloud account/region with Sysdig Secure CSMP, threat detection, and image/registry scanning functions, using https://sysdig.com/company/start-free/

Once connected, the Get Started page shows a subset of the options available in the 30-day trial or Enterprise page.

Get Started Page

The Get Started page targets the key steps to ensure users are getting the most value out of Sysdig Secure. The page is updated with new steps as users complete tasks and as Sysdig adds new features to the product.

The Get Started page also serves as a linking page for

  • Documentation

  • Release Notes

  • The Sysdig Blog

  • Self-Paced Training

  • Support

Users can access the Get Started page at any time by clicking the rocketship in the side menu.

Connect Your Data Sources

Connect Your Cloud Account

  • Here you can easily launch a CloudFormation template to connect an AWS account to Sysdig Secure. Be sure to deploy in the AWS account and region you want to secure.

Install the Agent

  • Installing the agent on your infrastructure allows Sysdig to collect data for monitoring and security purposes. See also Quick Install Sysdig Agent on Kubernetes . Recommended: Use the Helm chart installation option to obtain the Vulnerability Management engine and the runtime scanner.

Integrate with the Kubernetes Audit Log

  • The Kubernetes Audit log provides a security-relevant chronological set of records documenting the Kubernetes API activity. By parsing the Kubernetes Audit log we can track user activity, sensitive modifications, and permissions updates. Processing and auditing API logs is key to tracking indicators of compromise within Kubernetes environments, as well as meeting compliance controls.

Invite Your Team

  • Invite someone in your team to use this Sysdig Secure account. They will receive an email and a user will be created for them. They are automatically assigned to Advanced User role.

Secure Your Pipeline

Scan an Image

  • With the sysdig-cli-scanner you can automatically scan your images even before they are uploaded to a registry. Go to Vulnerabilities pipeline page for a detailed information on how to integrate this feature.
  • Sysdig Secure will emit alerts to get proactive notification of events, anomalies, or any security incident that requires attention. The alerting system provides out-of-the-box push gateways for regular email, Slack, Cloud-provider notification queues, and custom webhooks, among others.

Secure Your Runtime Environment

Create a Detection Rule

  • Sysdig Secure detects and responds to anomalous runtime activity by leveraging its behavioral detection engine, which is built on top of the open-source project, Falco. Additionally, users can easily create whitelist-based security rules for process execution, file access, and network activity using the basic policy engine.

Enable CIS Benchmark Scan

  • Schedule a Compliance task to perform regular scans of your environment and ensure you are meeting industry best practices and regulatory requirements.