Policies
Sysdig Secure deploys different types of policies.
In addition to the policy types linked below, there are optional tools to help automate the creation of policies, such as:
- Runtime Policy Tuning (Threat Detection) for reducing noisy false positives in the events feed
- Network Security Policy Tool to author and fine-tune Kubernetes network policies
Threat Detection Policies
This page introduces Sysdig threat detection policies and the rules that comprise them, providing the conceptual background needed to create, edit, and apply security policies in your own environment.
Vulnerability Policies
This page introduces Sysdig vulnerability policies that govern the pipeline, runtime, and host scanning features of Sysdig Secure.
Posture Policies
This page introduces Sysdig posture policies and the requires and controls that comprise them, providing the conceptual background needed to create, edit, and apply compliance policies in your own environment. Posture Policies allow you to onfigure what is being evaluated by the Compliance feature in the context of compliance standards (CIS, NIST, etc.).
Risk Acceptance
You can accept the risk of detected vulnerabities and posture/compliance violations. This page collates all accepted risks and provides a management panel for each type.
Cloud Account Rules
This section details the rules used for cloud accounts connected to Sysdig Secure in AWS, GCP, and Azure.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.