Support Policy for Sysdig Shield

Sysdig is committed to providing reliable and efficient support for its edge components, Cluster Shield and Host Shield, collectively known as Sysdig Shield.

Monthly Release Cadence

Sysdig updates Sysdig Shield approximately once a month. Each release may include new features, enhancements, defect fixes, performance improvements, and CVE fixes.

Versioning System

Sysdig Shield uses semantic (X.Y.Z) versioning:

  • Major Versions (X): Often include major new features or functionality changes, and may also include bug fixes and CVE fixes. Significant updates may require changes to usage or configuration.
  • Minor Versions (Y): Typically introduce new features and enhancements, expanding Sysdig Shield’s capabilities without disrupting existing configurations. May also include bug fixes and CVE fixes.
  • Hoftix Versions (Z): Primarily focus on CVE fixes and bug fixes to improve the stability of major or minor releases. You can apply them without impacting current usage or configuration. Hotfix versions are rare and are only released to address any serious issues.

Version Support

Sysdig provides support for major and minor versions of Sysdig Shield for 12 months from their release date, regardless of whether the Shield is deployed with Sysdig SaaS or Sysdig on-premises. Support includes fixes for any issues, and If an issue is resolved in a later version of Shield, you must upgrade to that version to receive the fix.

Sysdig does not provide hotfixes, bug fixes, or CVE patches for any version other than the latest release. Customers using the on-premises version of Sysdig may be required to upgrade to the latest release to address certain issues.

Customers running Shield versions older than 12 months will not receive troubleshooting support for any issues and will be requested to upgrade to the latest versions of Sysdig before any troubleshooting is done. A patch version (Z) for a major or minor release will not reset the 12 month support clock.

Customers running Shield versions older than 12 months will not receive:

  • Troubleshooting support for any issues: Upgrade to the latest versions of Sysdig to receive troubleshooting.
  • Prebuilt kernel probe binaries.
  • New detection rules (Standard or Custom).

Vulnerabilities

Sysdig promptly addresses vulnerabilities in the Sysdig Agent and Shield. CVE fixes are provided in the a release within the following target timeframes (starting when a fix is available in a released package):

  • Critical: 30 days
  • High: 30 days
  • Medium: 90 days
  • Low: 180 days

Sysdig does not provide CVE fixes as patches to older Shield releases.

Upgrade Often

Sysdig strongly recommends you upgrade Sysdig Shield at least once every 3 months to benefit from the latest enhancements, new features and CVE fixes.

End of Support

As part of our commitment to continuously improve the Sysdig platform, Sysdig may deprecate features or functionality over time.

When a feature in Shield is scheduled for deprecation, Sysdig provides 12 months advance notice before the feature is removed. This notice period is intended to give you sufficient time to evaluate, plan, and transition to recommended alternatives, when available.

For details about deprecation, see Deprecation Policy.