Investigate

You can use Sysdig Secure Investigate to perform investigations as part of incident response, investigate the origin and consequences of security issues, and respond swiftly to threats. It helps you discover, understand, and respond to anomalous behaviors in your environment.

Use Sysdig Investigate to perform:

Activity Audit: Track commands, connections, and requests made to your Kubernetes API. You can view activity in the form of an interactive graph, and more details in the event feed.
Captures: Create a snapshot of a moment in time of your environment. Use it to inspect activity and uncover more data.
Rapid Response: Connect remotely into a host via shell and execute commands, reacting to threats as soon as you notice them. Due to its power, you must manufally enable this feature.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.