Policies
Sysdig Secure deploys different types of policies.
In addition to the policy types linked below, there are optional tools to help automate the creation of policies, such as:
- Runtime Policy Tuning (Threat Detection) for reducing noisy false positives in the events feed
- Network Security Policy Tool to author and fine-tune Kubernetes network policies
Threat Detection Policies
Sysdig Secure Runtime Threat Detection is managed by defining policies, which consist of rules to detect and respond to security violations, suspicious behavior, and anomalous activities within your environment. This page provides the conceptual background needed to use runtime threat detection policies in your own environment.
Vulnerability Policies
This page introduces Sysdig vulnerability policies that govern the pipeline, runtime, and host scanning features of Sysdig Secure.
Posture Policies
This page introduces Sysdig posture policies and the requirements and controls that comprise them, providing the conceptual background needed to create, edit, and apply compliance policies in your own environment. Posture Policies allow you to onfigure what is being evaluated by the Compliance feature in the context of compliance standards (CIS, NIST, etc.).
Risk Acceptance
You can accept the risk of detected vulnerabities and posture/compliance violations. This page collates all accepted risks and provides a management panel for each type.
Profiling
Image profiling in Sysdig enhances the data collection capabilities of the agent and is a building block for several other Sysdig features.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.