Policies

Sysdig Secure deploys different types of policies.

In addition to the policy types linked below, there are optional tools to help automate the creation of policies, such as:

Topics in This Section
Threat Detection Policies

This page introduces Sysdig threat detection policies and the rules that comprise them, providing the conceptual background needed to create, edit, and apply security policies in your own environment.

Vulnerability Policies

This page introduces Sysdig vulnerability policies that govern the pipeline, runtime, and host scanning features of Sysdig Secure.

Posture Policies

This page introduces Sysdig posture policies and the requires and controls that comprise them, providing the conceptual background needed to create, edit, and apply compliance policies in your own environment. Posture Policies allow you to onfigure what is being evaluated by the Compliance feature in the context of compliance standards (CIS, NIST, etc.).

Risk Acceptance

You can accept the risk of detected vulnerabities and posture/compliance violations. This page collates all accepted risks and provides a management panel for each type.

Cloud Account Rules

This section details the rules used for cloud accounts connected to Sysdig Secure in AWS, GCP, and Azure.

Install Falco Rules On-Premises

Profiling

Zones