Home

The Home page offers a clean, visual representation of the most important issues in your environment. Home, the default tab, encompasses your Dashboards. The other tab, Recommendations, contains a curated list of your most pressing tasks.

For the Home page dashboards to display data, you must have completed basic onboarding and connected at least one data source. If not, the page will provide prompts for completing those setup tasks.

Data Source Status

At the top of the page is a status summary of data sources:

  • Detected cloud accounts
  • Sysdig agents status, based on nodes where agents have been or could be deployed.

Cloud Accounts

If you have installed Sysdig Secure for cloud, cloud account links are displayed per cloud provider (AWS | GCP | Azure). From here you can see:

  • Detected accounts
  • Any Out of Date or Almost Out of Date clusters
  • A link to the Data Sources page, where you can take action

Sysdig Agents

Similarly, here you can see:

  • Number of nodes detected
  • Nodes which might require attention because their agents are out of date or almost out of date
  • A link to the Data Sources page, where you can take action

Dashboard Sections

Home is curated based on what data sources you have successfully installed.

Each section:

  • Links directly to the related Sysdig Secure module and task
  • Provides an at-a-glance visualization of the environment status across these modules

Vulnerabilities

This section requires some sort of scanning to be set up, for example:

The charts shown will vary based on the scanning method set up in your environment. The purpose of this section is to highlight the trend of your worst vulnerabilities.

Runtime

This section requires Threat Detection to be set up in an environment, whether using the Sysdig Agent or Agentless Threat Detection.

The charts will showcase trends of Runtime events in your environments broken down by Severity.

Posture

This section requires at least one of the following to be set up: CSPM, KSPM, or CIEM.

Depending on what is installed, these charts provide a breakdown of your evaluated resources by category, trends of unused permissions, poor identity hygiene practices, and trends of passing compliance requirements for your starred policies.

You can change starred policies/compliance trends on the Compliance page.

If you have not starred any policies as favorites, then the line graph displays the results from the three policies with the lowest passing scores. If there are more than three with matching low scores, it displays the first three alphabetically.

Recommendations

The alternative tab for the Home page is Recommendations. Access this tab by clicking on Home and selecting Recommendations.

Recommendations guides users to take the most impactful actions to reduce security risks in their environments. It helps to cut through the noise and focus on the most important alerts and findings.

In the Recommendations tab, you can:

  • Sort your recommendations:

    • By Highest Priority: Sysdig’s prioritized list sorts recommendations by the actions that will have the largest impact on reducing security risk in your environments. Recommendations are sorted within a specific product area (such as Compliance, Identity, or Setup).

    • By Last Updated: This sorts recommendations by what has been updated most recently. It may be either a new recommendation or an existing recommendation with new findings or failing resources.

    • Within a Recommendation: Any list of findings or failing resources within a recommendation will be automatically sorted by highest risk.

  • Scroll the Top 3 tasks in each category, or click See All to see all the recommended tasks in that category:

  • Check details by clicking a task to open the details panel on the right

  • Dismiss a task (for 1 day/week/month/3 months).

    This applies only to the current user profile; it does not remove the task from other user’s lists

  • Take action from the detail panel, depending on the task type

Below are the Recommendation Types.

Setup

Recommendations prompt certain setup tasks based on your onboarding status. These tasks include connecting data sources, setting up integrations, and taking educational product tours.

Identity and Access

Identity recommendations focus on highlighting Identity and Access Management (IAM) risks based on both overly permissive Policies and risky attributes Sysdig identifies for Users and Roles.

Wherever possible, the steps to be taken are summarized directly in the panel.

Open JIRA Tickets from Identity Recommendations

If the Sysdig Secure administrator has enabled an integration with a JIRA ticketing system, then Identity recommendations include the option to assign the policy updates to another team member via a JIRA ticket.

  • Project: Drop-down displays all the projects to which the user who created the API token has access. You must choose a project in order to see available assignees.
  • Issue Type: The integration currently supports Task, Story, and Bug
  • Description: Auto-filled. Content can also be added freely
  • Assignee: Drop-down list of all possible assignees from JIRA for the selected project. If left blank, it will default to the lead for the project on JIRA. Type to quick-search the assignee list.
  • Attachments: Least Permissive policy suggestions will attach a CSV summary and a JSON with the suggested policy. Other types will attach a CSV Summary.

Creation/Deletion Notes:

  • If you delete a Jira integration, it won’t affect the tickets you opened already.
  • Creation and deletion of a JIRA Integration will be noted in the Sysdig platform audit.