Home

The Home page offers a clean, visual representation of the most important issues in your environment. Home, the default tab, encompasses your Dashboards. The other tab, Recommendations, contains a curated list of your most pressing tasks.

For the Home page dashboards to display data, you must have completed basic onboarding and connected at least one data source. If not, the page will provide prompts for completing those setup tasks.

Data Source Status

At the top of the page is a status summary of data sources:

Detected cloud accounts
Sysdig agents status, based on nodes where agents have been or could be deployed.

Cloud Accounts

Icons for the cloud account providers AWS, GCP,or Azure are available at the top of the Home page. Select an icon to connect a cloud account, or to see the status of connected accounts. For connected accounts, you can see:

The number of accounts, projects, or subscriptions connected
The connection status of the cluster
A link to the Data Sources page, where you can take action

Sysdig Agents

Select the Sysdig Agents icon to see:

The number of agents connected
The nodes that require attention because their agents are out of date or almost out of date
The agent status
A link to the Data Sources page, where you can take action

Dashboard Sections

Home is curated based on what data sources you have successfully installed.

Each section:

Links directly to the related Sysdig Secure module and task
Provides an at-a-glance visualization of the environment status across these modules

Vulnerabilities

This section requires some sort of scanning to be set up, for example:

The charts shown will vary based on the scanning method set up in your environment. The purpose of this section is to highlight the trend of your worst vulnerabilities.

Runtime

This section requires Threat Detection to be set up in an environment, whether using the Sysdig Agent or Agentless Threat Detection.

The charts will showcase trends of Runtime events in your environments broken down by Severity.

Posture

This section requires at least one of the following to be set up: CSPM, KSPM, or CIEM.

Depending on what is installed, these charts provide a breakdown of your evaluated resources by category, trends of unused permissions, poor identity hygiene practices, and trends of passing compliance requirements for your starred policies.

You can change starred policies/compliance trends on the Compliance page.

If you have not starred any policies as favorites, then the line graph displays the results from the three policies with the lowest passing scores.

Recommendations

The alternative tab for the Home page is Recommendations. Access this tab by clicking on Home and selecting Recommendations.

Follow Sysdig Recommendations to take the most impactful actions to reduce security risks in your environments. It helps to cut through the noise and focus on the most important alerts and findings.

Sysdig takes a snapshot of your resources every seven days. An ascending arrow and percentage beside a recommendation indicates the increase in failing resoruces as compared to the previous snapshot.

In the Recommendations tab, you can:

Sort your recommendations:
- By Highest Priority: Sorts recommendations by the actions that will have the largest impact on reducing security risk in your environments. Recommendations are categorised into areas such as Compliance, Identity, or Setup.
- By Last Updated: Sorts recommendations by what has been updated most recently. It may be either a new recommendation or an existing recommendation with new findings or failing resources.
  Any list of findings or failing resources within a recommendation will be automatically sorted by highest risk.
Scroll the top three tasks in each category, or click See All to see all the recommended tasks in that category:
Check details by clicking a task to open the details panel on the right
Take action from the detail panel, depending on the task type
Dismiss a task, for a period of one day up to three months.
This applies only to the current user profile; it does not remove the task from other user’s lists

Below are the Recommendation Types.

Setup

Recommendations prompt certain setup tasks based on your onboarding status. These tasks include connecting data sources, setting up integrations, and taking educational product tours.

Identity and Access

Identity recommendations focus on highlighting Identity and Access Management (IAM) risks based on both overly permissive Policies and risky attributes Sysdig identifies for Users and Roles.

Wherever possible, the steps to be taken are summarized directly in the panel.

Open JIRA Tickets from Identity Recommendations

If the Sysdig Secure administrator has enabled an integration with a JIRA ticketing system, then Identity recommendations include the option to assign the policy updates to another team member via a JIRA ticket.

Project: Drop-down displays all the projects to which the user who created the API token has access. You must choose a project in order to see available assignees.
Issue Type: The integration currently supports Task, Story, and Bug
Description: Auto-filled. Content can also be added freely
Assignee: Drop-down list of all possible assignees from JIRA for the selected project. If left blank, it will default to the lead for the project on JIRA. Type to quick-search the assignee list.
Attachments: Least Permissive policy suggestions will attach a CSV summary and a JSON with the suggested policy. Other types will attach a CSV Summary.

Creation/Deletion Notes:

If you delete a Jira integration, it won’t affect the tickets you opened already.
Creation and deletion of a JIRA Integration will be noted in the Sysdig platform audit.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.