Sysdig Secure, Docker native run-time security

Sysdig Secure, launched in November 2017, is a comprehensive security solution designed for Docker and microservices, integrating seamlessly with container orchestration technologies like Kubernetes and Docker Swarm. The platform offers a hands-on approach to implementing run-time security policies, exemplified through the configuration of security rules in a simple use case involving Docker's example-voting-app. Users are guided to set up Kubernetes applications, create and adapt security policies, and test their effectiveness by simulating attacks. Sysdig Secure provides an infrastructure overview, allowing users to monitor security events and configure policies with varying severity levels. It includes default security rules, such as policies against unexpected privileged container launches and unauthorized process executions, which can be customized for specific scenarios. The tool also supports creating custom security policies that leverage the simplicity and specificity of container and microservices architectures, offering features like capture files for in-depth analysis. Overall, Sysdig Secure emphasizes the importance of strict and specific security policies in container environments, promoting a proactive security stance through detailed monitoring and rule customization.