Secure Dashboards

The Home page offers a clean, visual representation of the most important issues in your environment and a curated list of the top tasks required. With the introduction of the Home page, earlier interfaces, such as Get Started and the Sysdig Secure Overview, are no longer required.

The top half of the page encompasses the Dashboards.

For the Home page dashboards to display data, you must have completed basic onboarding and at least one data source must be connected. Otherwise, the page will provide prompts for completing those setup tasks.

Data Source Status

At the top of the page is a status summary of data sources:

  • Detected cloud accounts
  • Sysdig agents status, based on nodes where agents have been or could be deployed.

Cloud Accounts

If you have installed Sysdig Secure for cloud, cloud account links are displayed per cloud provider (AWS | GCP | Azure). From here you can see:

  • Detected accounts
  • Any Out of Date or Almost Out of Date clusters
  • Link to the Data Sources page to take action

Sysdig Agents

Similarly, here you can see:

  • How many nodes detected
  • Which nodes might require attention because agents are out of date or almost out of date
  • Link to the Data Sources page to take action

Dashboard Panels

Each dashboard in the top half of the Home page provides a view of the trends and most urgent issues in the areas of Compliance, Risks and Vulnerabilities, and Identity and Access.

Each dashboard:

  • Links directly to the related Sysdig Secure module and task
  • Provides an at-a-glance visualization of the environment status across these modules

You can expand the Dashboard for a full page experience or minimize to a collapsed view using the highlighted toggles:


The Compliance dashboard requires the use of the new Compliance module, and gives a window into the Compliance Views landing page.

Hover over elements for tooltip descriptors and click on a row to jump to the Compliance Views: Results page to begin remediations.

Risks and Vulnerabilities

This dashboard gives a variety of ways to quickly understand the top risks and vulnerabilities in your environment.

The top ways to use it are:

  • Scan for spiking runtime events

    The chart collates runtime events with medium or high severity in a 7-day view, per day

  • Scan for Mitre attack events broken down per cluster

  • Check top workloads at risk - running workloads with critical vulnerabilities and respective packages in execution

  • Expand the panel to full-screen to show the Workload Risk Assessment chart which maps your riskiest workloads, showing those with running vulnerabilities from the past 24 hours and runtime events in the past week..

    Focus on the top-right bubbles first (critical vulnerability with high risk event).

Click the panel to jump into the Vulnerabilites | Runtime module for more triaging.

You can also filter by Cluster or Namespace within the Risks and Vulnerabilities panel.

Identity and Access

This dashboard shows:

  • How many users and/or roles are inactive
  • How many users and/or roles lack multifactor authentication (MFA).

Click on the panel to jump into the Identity and Access | Users page to triage.

You can also filter by Account ID within the panel.