Cloud Accounts
Cloud Features
Agentless Compliance and Posture Management (CSPM)
Sysdig’s Compliance and Posture Management for cloud accounts includes:
- Inventory: Search and gain visibility into resources across your cloud and Kubernetes environments. Each resource is enriched to provide a 360-overview of misconfigurations, compliance violations, vulnerabilities, and more.
- Compliance: Review and remediate risk and compliance violations of your business zones against the policies with which you need to comply.
- Infrastructure as Code (IaC): This feature highlights and resolves misconfigurations and policy violations early in the development lifecycle, moving security close to the source as early as possible.
- Basic Cloud Infrastructure Entitlement Management (CIEM): Improve your Identity hygiene by identifying Risks based on Connected IAM Resources and Permission Criticality, such as Data Exfiltration Risk in 1 Hop and Risky AWS Users. Use Search to filter for Identities with configuration-based Identity findings such as No MFA and Administrative Permissions.
Cloud Detection and Response (CDR)
Also known as Threat Detection, this includes:
- Threat Detection for Cloud: Sysdig analyzes Cloud platform logs for known threats.
- Managed Threat Research: Discover new Zero Day Attacks against your cloud.
Advanced Cloud Infrastructure Entitlement Management (CIEM)
Sysdig’s Advanced Cloud Infrastructure Entitlement Management (CIEM), also known as Identity and Access Management (IAM), provides:
- Least Permissive Analysis: Sysdig analyzes cloud platform logs and offers suggestions based on the principle of least privilege (PoLP), which involves eliminating excessive permissions from all identity entities.
- Usage-Based Context: Clean up IAM Policies and Principals that are going unused, and understand which high-risk permissions are actively used versus unnecessary.
Agentless Vulnerability Scanning
Sysdig’s Agentless Vulnerability Host Scanning, also known as Vulnerability Management (VM), provides runtime vulnerability detection in cloud accounts.
Installation Planning
Sysdig’s cloud features rely on the following components:
- CSPM: Trust relationship.
- CDR: Log ingestion.
- CIEM: Log ingestion and Trust relationship.
- VM: Volume access.
CSPM is set up when you connect a cloud account. The installation wizards in the UI take you through the installation scenarios for your cloud provider, which involve setting up the required component for the feature you desire.
Supported Features
AWS
- Agentless:
- Cloud Security Posture Management (CSPM)
- Cloud Infrastructure Entitlement Management (CIEM)
- Cloud Detection and Response (CDR)
- Vulnerability Scanning (VM)
- Legacy Agent-Based:
- Cloud Detection and Response (CDR)
GCP
- Agentless:
- Cloud Security Posture Management (CSPM)
- Cloud Infrastructure Entitlement Management (CIEM)
- Cloud Detection and Response (CDR)
- Vulnerability Scanning (VM)
- Legacy Agent-Based:
- Cloud Detection and Response (CDR)
Azure
- Agentless:
- Cloud Security Posture Management (CSPM)
- Cloud Infrastructure Entitlement Management (CIEM)
- Cloud Detection and Response (CDR)
- Vulnerability Scanning (VM)
- Legacy Agent-Based:
- Cloud Detection and Response (CDR)
Oracle Cloud
- Agentless:
- Cloud Security Posture Management (CSPM)
Onboarding Types
Single onboarding is scoped to a single AWS account, GCP project, or Azure subscription. The target can either belong to an organization or operate independently. It is primarily recommended for feature testing before configuring the organizational setup.
Organizational onboarding covers an entire AWS Organization, GCP Organization, Azure Tenant or Oracle Cloud Tenancy. This installation is recommended to secure your whole environment.
Quick Start
To connect a cloud account:
- Log in to Sysdig Secure as admin and select Integrations > Cloud Accounts and choose AWS, GCP, Azure or Oracle Cloud.
- From the relevant account page, follow the wizard prompts to connect the account.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.
