Browse all content by asset type.
Introducing the Sysdig open source community

DEFENSE REPORT
AI Helps Teams Reduce MTTR by 76%
Sysdig named representative vendor in Gartner Market Guide for CNAPP
Blog Posts

Kubernetes Incident Response: Detect, investigate, and contain in under 10 minutes

Sysdig recognized as a Cloud Security Leader in Latio Tech Cloud Security Market Report

AI echolocation of cloud risks using Sysdig & Snyk MCP servers
Briefs

Sysdig Corporate Brief
Founded by the creators of open source standards — Falco, Stratoshark, and Wireshark — and built on agentic AI, Sysdig delivers real-time cloud defense grounded in the uncompromising truth of runtime.

BRIEF. 2025 Cloud‐Native Security and Usage Report
This is a special edition of Sysdig’s 2025 Cloud-Native Security and Usage Report, providing only the usage and analysis of the open source detection tool, Falco.

BRIEF. Top 5 Best Practices For Image Scanning
How do you manage container security risk without slowing down application delivery?
Case Studies

Greater Stability, Smarter Planning: How a Global Enterprise Gained Control of Its Cloud
Global Technology Leader unifies cloud monitoring to eliminate blind spots and outages

Caught in Runtime: How Sysdig Detected Credential Exposure in a Crypto Platform Before It Became a Breach
Cryptotrading Platform prevents breach with real-time visibility

Good-Enough Security Isn’t Good Enough When You Serve a Billion People
UIDAI secures 1.4B+ identities and 100M daily authentications with Sysdig.
Ebooks

Top 6 Use Cases for Monitoring Cloud-Native Workloads with Sysdig Monitor

Securing the Cloud: The Benefits of Falco with an Enterprise Experience
An ebook with 3 mini case studies heavily featuring Falco and how it works with Sysdig, plus a callout to Falco Feeds at the end.
Guides

Guide to OWASP Top 10 for Kubernetes
This guide on OWASP Top 10 for Kubernetes provides valuable information and best practices beyond the original OWASP guidance, and that applies broadly to most Kubernetes environments.

5 Steps to Securing AWS Cloud Infrastructure
Tackling unique cloud security risks requires a continuous and automated approach. Our checklist outlines how organizations can set up the security strategy to follow as they move to the cloud.

5 Steps to Securing GCP Cloud Infrastructure
Tackling unique cloud security risks requires a continuous and automated approach. Our checklist outlines how organizations can set up the security strategy to follow as they move to the cloud.
Infographics

The Evolution of Modern Cloud Security
Remember asking your teachers why you needed to know history? They probably said that learning history is important in understanding how society has changed and progressed over time, and that we can learn from past experiences and mistakes.

The Grand Atlas of Software Security
This infographic demonstrates how to secure each stage of the software lifecycle, with a focus on the Shift Left approach, where early remediation reduces risks and costs.
Podcasts
Exploring Advanced Cybersecurity with Michael Isbitski
"Cybersecurity leader Mike Isbitski explores the intricacies of cloud-native security and vulnerability management in today's technological landscape. With over 25 years of experience, he provides valuable insights into the challenges and complexities organizations face in securing ephemeral infrastructure and machine identities in the cloud. This episode also explores the cautious adoption of AI in cybersecurity, emphasizing the need for a balanced approach that maintains operational functionality while addressing evolving security concerns."
Screaming in the Cloud: Benchmarking Security Attack Response Times in the Age of Automation with Anna Belak
"Anna Belak, Director of the Office of Cybersecurity Strategy at Sysdig, joins Corey on Screaming in the Cloud to discuss the newest benchmark for responding to security threats, 5/5/5. Anna describes why it was necessary to set a new benchmark for responding to security threats in a timely manner, and how the Sysdig team did research to determine the best practices for detecting, correlating, and responding to potential attacks. Corey and Anna discuss the importance of focusing on improving your own benchmarks towards a goal, as well as how prevention and threat detection are both essential parts of a solid security program."
Screaming in the Cloud: An Open-Source Mindset in Cloud Security with Alex Lawrence
"Alex Lawrence, Field CISO at Sysdig, joins Corey Quinn on Screaming in the Cloud to discuss how he went from studying bioluminescence and mycology to working in tech, and his stance on why open source is the future of cloud security."
Press Releases

Sysdig Expands the Power of Runtime Context with New MCP Server and Partner Integration Hub
Sysdig, the leader in real-time cloud security, today announced the launch of its Model Context Protocol (MCP) server and partner integration hub, giving customers access to AI-powered security insights across their entire ecosystem.

Sysdig Unveils the Industry’s First Agentic Cloud Security Platform
With semantic analysis powered by autonomous AI agents, Sysdig Sage™ surfaces critical business risks and helps organizations fix them at the source in minutes

Sysdig Launches Open Source Community to Unite and Empower Millions of Cloud Security Innovators and Builders of All Levels
The company’s new forum establishes a place where Falco, Wireshark, Stratoshark, and sysdig OSS users can connect, collaborate, and growSAN…
Reports
2017 Docker Usage Report
The main question we wanted to answer was, “How are people using Docker in their application environments right now?” As the premier container monitoring solution, Sysdig is in a fantastic position to answer this question with actual Docker usage data across hundreds of customers. The data you see here represents a snapshot of our customer behavior in early spring 2017.
Videos
Detecting Threats to Kubernetes, Containers, and Google Cloud
See how Sysdig helps secure and accelerate innovation with Google Cloud.
Secure DevOps Practices at Yahoo Japan
With more than 3,000 developers and a large Kubernetes environment, learn how Yahoo Japan is preventing cyber-attacks and unauthorized access by introducing appropriate security measures for the container environment.
Securing and Monitoring AWS Container Services
Developers, operations, and security teams must work together to address key workflows to secure and monitor containers, Kubernetes and cloud services across...
Webinars
Image Scanning on Azure
Do you want to ensure images are free of vulnerabilities and meet best practices before pushing to production? Image scanning refers to the process of analyzing the contents and the build process of a container image in order to detect security issues, vulnerabilities, or bad practices. Participants will learn how Sysdig Secure can identify vulnerabilities pre-production and at runtime.
Combat Critical Cloud Vulnerabilities
Cloud and containers are being adopted by a broad set of organizations as they try to maintain a competitive advantage. In our recent Cloud-Native Security and Usage Report, we found that 75% of containers in the cloud have vulnerabilities!
Securing Serverless Containers on AWS Fargate
Join us to hear how Sysdig uniquely solves the serverless visibility challenge so you can confidently secure AWS Fargate serverless containers at scale.
Events
Whitepapers

Securing AI: Navigating a New Frontier of Security Risk
Organizations worldwide are turning to artificial intelligence (AI) to gain insights, optimize operations, and remain competitive in an increasingly digitized economy. As businesses move workloads to cloud‑native environments to support these AI initiatives, they encounter a new frontier of security risk. For security managers building cloud security programs, it’s crucial to take a step back and ask: Does your current program truly cover the unique risks AI workloads bring?

The 555 Guide for Cloud Security Practitioners
The Sysdig 555 Benchmark for Cloud Detection and Response sets the standard for operating securely in the cloud, emphasizing the need for security teams to detect, triage, and respond to attacks within the average time it takes threat actors to conduct them: 10minutes.





