Announcing Sysdig Secure – Container run-time security & forensics

Sysdig Secure is a newly announced product that offers container run-time security and forensics for enterprises, integrating seamlessly with orchestration technologies such as Kubernetes and Docker. Building on Sysdig's previous offerings like Sysdig Monitor and Sysdig Falco, it provides deep container visibility and uses the same analytics backend and user interface, forming part of the Sysdig Container Intelligence Platform. The product is designed to enhance security by detecting and analyzing anomalies, such as suspicious user activity, in real-time. An example of its utility is showcased through a scenario where Sysdig Secure detects, analyzes, and provides insight into a security breach caused by a rootkit. This detailed process involves capturing system activity, reviewing user commands, and examining file installations, all without logging into the affected system. Sysdig Secure aims to provide a streamlined security workflow, with ongoing development for additional features.