RSS

Sysdig On-Premises Release Notes

Here are the most recent release notes for the On-Premises version of Sysdig Platform. Review the entries to learn about the latest features and enhancements.
  • Supported Web Browsers: Sysdig supports, tests, and verifies the latest versions of Chrome and Firefox. Other browsers may also work but are not tested with the same rigour.
  • Falco Rules: You may also want to review the update log for Falco Rules. used in the Sysdig Secure Policy Editor.

7.1.0 Release, April 2025

Upgrade Process

Supported Upgrades From: 6.x, 7.x

For the full supportability matrix, see the On-Premises Install Documentation. This repository also includes the on-premises Installation documentation.

Sysdig Secure

YARA Rules and Regex Exceptions for Malware Control Policy

You can now utilize YARA rules, maintained by Sysdig’s Threat Research Team, to enhance the Malware Control policy’s detection capabilities. You can customize exceptions for files, processes, and hashes with Regex or exact string matching. For more information, see Malware Control Policy — Detect.

Policy Unification for Vulnerability Management

You can now create unified Vulnerability Management Policies, streamlining policy management across all stages: Pipeline, Registry and Runtime. This updates brings unified policy definitions, greater flexibility with scope filters, and expanded support for registry policies.

The new unified policy system is available to all users of Vulnerability Management. Existing policies remain functional, and will be automatically converted to an equivalent policy in the new unified model.

For more information, see Vulnerability Management Policies.

  • Unified Policy Definition: Policies are now defined once with a set of rules and scope filters. These policies can apply to any or all stages: Pipeline, Registry, and Runtime. This removes the need for policy duplication and reduces complexity.

  • Registry Policy Support: Policies can now be applied to images scanned in registries, expanding coverage to all critical stages of your software development lifecycle.

  • Image Name Scope for All Stages: You can now scope policies using filters, such as Image Reference (also known as Image Name or Pullstring). This gives you granular control and ensures consistency across Pipeline, Registry and Runtime.

7.0.0 Release, February 2025

Upgrade Process

Supported Upgrades From: 6.x

For the full supportability matrix, see the On-Premises Install Documentation. This repository also includes the on-premises Installation documentation.

Sysdig Platform

Next Gen Sysdig API Documentation

The Next Gen API Docs are the new and standardized documentation for both Sysdig Secure and Monitor APIs. To access them, see Next Gen API Docs.

Sysdig Secure

Zones

You can now use Zones to filter the results across Vulnerability Findings and the Events feed. A zone is a collection of scopes that represent logical groupings of your infrastructure or workloads. For example, you can create a zone for your production environment, a staging environment, or a region. They allow you to scope the infrastructure based on specific attributes for Hosts, Kubernetes, Image and Git. For more information, see Zones.

Configurable Data Retention for Scan Results

You can now configure the data retention period for Pipeline and Registry scan results, up to a maximum of 90 days. For more information, See Scan Results Retention.

Automations for Vulnerability Findings (Technical Preview)

You can use the new Sysdig Secure Automations feature to create automated actions, such as sending notifications via email and Slack, in response to conditions you specify. You can use this feature to create automations to alert on any new Vulnerability Findings. For more information, see Automations.

The feature is not enabled by default and requires a new Graph datastore added to the Sysdig On-Premise backend. As a result, this release may require additional hardware resources. Contact Sysdig Support to open a support case for guidance and assistance with the upgrade process.

Sysdig Monitor

Enhanced IOPS & NFS Visibility

Sysdig introduced the following metrics to enhance IOPS and NFS visibility at the filesystem mount level:

NFS Host
  • sysdig_host_fs_nfs_op_count
  • sysdig_host_fs_nfs_op_request_count
  • sysdig_host_fs_nfs_op_sent_bytes
  • sysdig_host_fs_nfs_op_recv_bytes
  • sysdig_host_fs_nfs_op_queue_time_us
  • sysdig_host_fs_nfs_op_round_trip_time_us
  • sysdig_host_fs_nfs_op_total_client_time_us
NFS Container
  • sysdig_container_fs_nfs_op_count
  • sysdig_container_fs_nfs_op_request_count
  • sysdig_container_fs_nfs_op_sent_bytes
  • sysdig_container_fs_nfs_op_recv_bytes
  • sysdig_container_fs_nfs_op_queue_time_us
  • sysdig_container_fs_nfs_op_round_trip_time_us
  • sysdig_container_fs_nfs_op_total_client_time_us
IOPS
  • sysdig_fs_file_total_time
  • sysdig_fs_file_open_count
  • sysdig_fs_file_error_total_count
  • sysdig_fs_file_total_bytes
  • sysdig_fs_file_in_bytes
  • sysdig_fs_file_out_bytes

For additional details, see Metrics Dictionary.

Defect Fixes

  • Fixed the login issue when using OpenID Connect integration.
  • Fixed the issue with setting up a Custom Role when using LDAP integration.

6.14.3 Hotfix Release, February 2025

Upgrade Process

Supported Upgrades From: 5.0.x, 5.1.x, 6.x

For the full supportability matrix, see the On-Premises Install Documentation. This repository also includes the on-premises Installation documentation.

Defect Fixes

This hotfix fixes an issue with setting up a Custom Role when using the lightweight directory access protocol (LDAP) integration.

6.16.2 Hotfix Release, January 2025

Upgrade Process

Supported Upgrades From: 5.0.x, 5.1.x, 6.x

For the full supportability matrix, see the On-Premises Install Documentation. This repository also includes the on-premises Installation documentation.

Defect Fixes

This hotfix fixes the issue with authentication when using OpenID Connect.

6.16.1 Release, January 2025

Upgrade Process

Supported Upgrades From: 5.0.x, 5.1.x, 6.x

For the full supportability matrix, see the On-Premises Install Documentation. This repository also includes the on-premises Installation documentation.

Sysdig Secure

Platform Audit Logs for CLI Scanner

Sysdig Platform Audit Logs now record the following CLI Scanner actions:

  • vm-collector-write
  • vm-policies-read
  • vm-policies-write
  • vm-riskacceptance-read-scanner
  • vm-riskacceptance-read-ui
  • vm-riskacceptance-write-ui

Track Risk Acceptance Actions of Users

Sysdig has enhanced its Vulnerability Management (VM) capabilities by introducing the ability to track user actions related to risk acceptance. You can now easily discover:

  • Which user created the risk
  • Which user last updated the risk
  • When these actions occurred

These enhancement provide greater transparency and control over risk acceptance and update workflows, enabling you to manage vulnerabilities more effectively. For more information, See Accepted Risks for Vulnerabilities.

Hide Accepted Risks

You can now hide accepted risks. This lets you focus on unresolved vulnerabilities. To support this, the Sysdig Vulnerability Overview pages and the Vulnerabilities tab on the scanning result pages now include a Risk Acceptance filter. This filter help you view All Risks or Accepted Risks, or hide accepted risks by selecting Risk Not Accepted. For more information, see, Filters.

SBOM Download Button

You can now download a complete Software Bill of Materials (SBOM) from your scan results in CycloneDX JSON format. For more information, see SBOM Download.