Sysdig Secure Reviews

Name: Sysdig Secure
Brand: Sysdig
Rating: 4.1 (9 reviews)

4.1 out of 5

9 reviews
100% willing to recommend

487 followers

What is Sysdig Secure?

In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights, a unique AI architecture, and open source Falco. Sysdig delivers live visibility by correlating signals across cloud workloads, identities, and services to uncover hidden attack paths. By knowing what is running, teams can prioritize the vulnerabilities, misconfigurations, permissions, and threats that matter most. From prevention to defense, Sysdig helps enterprises move faster and focus on what matters: innovation.

Get the Sysdig Secure Buyer's Guide and find out what your peers are saying about Sysdig Secure, Wiz, Prisma Cloud by Palo Alto Networks and more!

Sysdig Secure is the #4 ranked solution in top Cloud Detection and Response (CDR) solutions, #13 ranked solution in top Cloud-Native Application Protection Platforms (CNAPP) solutions, #18 ranked solution in Container Security Solutions, and #18 ranked solution in top Cloud Security Posture Management (CSPM) solutions. PeerSpot users give Sysdig Secure an average rating of 8.2 out of 10. Sysdig Secure is most commonly compared to Wiz: Sysdig Secure vs Wiz. Sysdig Secure is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 21% of all views.

Helped 831,265 peers since 2012

Featured reviews

Peter Du

CISO at a recruiting/HR firm with 51-200 employees

The main benefit for me personally is being able to articulate the ever-growing, dynamic, and constantly changing landscape. Just today, in a management leadership call, I was able to demonstrate that although we are solving a lot of these vulnerabilities, we are picking up new vulnerabilities each and every day. It allows me to articulate the importance of information security with actual real-time data. Sysdig's runtime insights help us detect and respond to threats that are happening in real-time. We can look at Sysdig dashboards or run reports to see precisely what happens in our runtime environment. A good use case of this was that when zero-day vulnerabilities came out, we could scan our environment to see if the vulnerabilities apply to any of our production workloads. Sysdig Secure helps us prioritize issues and distribute work. We are a small company, so we do not have multiple security or dev teams. We have two or three guys on my team. Having the ability to focus on critical vulnerabilities is crucial. It does not make sense to prioritize low-level threats when we have limited time. We do not use live threat investigation features as much as we would like because of different priorities, but it is something that we do use. Over time, it shows us whether we are putting the right effort into resolving issues. For example, when we look at the dashboard scene over a 30-day period, we can see whether the critical vulnerabilities are increasing or decreasing. It lets us know whether we are on the right track. We are currently using agentless scanning. Deploying it onto our cluster has enabled us to get full visibility into what is running on our cluster. Sysdig provides us with the contextual awareness we need to create an immediate incident response strategy. It provides links to the threat and explains the threat and the resolution possible. It equips us with the right information to make a decision on whether to address the threat immediately or take a risk in terms of deploying remediation. Sysdig has not enabled us to reduce the number of security tools we use. We were not using anything before Sysdig, and after choosing Sysdig, we did not have a need to look at anything else. Sysdig has not helped reduce external SOC costs. We are a very small business, so we do not have the budget for an external SOC. However, it has definitely alleviated the pressure to look for one and to source an external SOC. We have a project history to look at a virtual SOC and leverage tools that we do have, and Sysdig is a part of that. There is definitely a saving there because we have not had the need to go out and look for an external SOC. Sysdig has helped reduce the percentage of workloads that have security exposures that put the organization at risk. It has reduced the workload, mainly from an understanding of where we can assign work to cover the most ground in terms of resolving vulnerabilities.

Read full review

SunilKumar28

DevOps Specialist at a manufacturing company with 10,001+ employees

There was a security concern related to a specific feature. While the feature itself was promising, it posed a challenge. The situation revolved around code scanning. If your source code is hosted within your own premises, say on Bitbucket, you naturally wouldn't want your code to be accessible to external parties beyond your company. Keeping your code base private is a standard practice. However, in the case of code scanning using Sysdig Secure, they copy your code to their SaaS platform. This posed an issue for us. When we inquired about this, their response acknowledged the concern. In an upcoming release, they plan to enable code scanning within your on-premises environment through the assistance of an agent. This change is already in progress. While this tool stands out compared to existing solutions in the market, it's important to note that there are still some limitations to consider. Another drawback we encountered relates to our expertise with Kubernetes. The tool can monitor Kubernetes audit logs, triggering alerts and notifications. However, it falls short in terms of taking direct action based on these alerts. There are different methods of event capture, including through system level and system calls, as well as via Kubernetes audit events. Notably, at the system level, Sysdig Secure can both detect and respond to events, allowing actions like blocking and warning. This proactive approach is effective at the system call level. However, when it comes to monitoring Kubernetes audit events, Sysdig Secure can only notify without being able to execute any further actions. It can't block access or containers. The vendor likened their role to that of a monitoring camera, observing events and sending notifications without the capacity to intervene. This limitation applies to Kubernetes audit events. Given that everything operates within our system, there is a workaround available: configuring system-level policies to block containers as necessary.

Read full review

Mario Simko

Observability team leader at SAP concour

Perhaps, it could support more custom implementations, as our company utilizes custom implementations rather than standard ones. Configuring it requires a deep understanding and adjustment to our specific needs, which took some time. Other than that, I'm unsure about potential improvements. We were considering the possibility of compartmentalizing their tools. Currently, in Sysdig Secure, they bundle multiple features, and we are unable to use them individually. For instance, if we only need compliance scanning, we have to deploy the entire secure package. This is because of the way their agent functions, but I can't delve into more details.

Read full review

Sysdig Secure mindshare

Product category:

As of January 2025, the mindshare of Sysdig Secure in the Cloud-Native Application Protection Platforms (CNAPP) category stands at 2.4%, up from 2.2% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Cloud-Native Application Protection Platforms (CNAPP)

PeerAnalyst reports

Type	Title	Date
Category	Cloud-Native Application Protection Platforms (CNAPP)	Jan 21, 2025	Download
Product	Reviews, tips, and advice from real users	Jan 21, 2025	Download
Comparison	Sysdig Secure vs Prisma Cloud by Palo Alto Networks	Jan 21, 2025	Download
Comparison	Sysdig Secure vs Wiz	Jan 21, 2025	Download
Comparison	Sysdig Secure vs SentinelOne Singularity Cloud Security	Jan 21, 2025	Download

Title	Rating	Mindshare	Recommending
Wiz	4.5	26.4%	100%	20 interviews Add to research
Prisma Cloud by Palo Alto Networks	4.2	20.6%	98%	108 interviews Add to research

Valuable Features

Sysdig Secure offers a variety of valuable features according to users. The log monitor is highly appreciated, as well as the solution's runtime security. Another noteworthy feature is Falco, which is an open source tool for rules and policies. Sysdig is seen as a comprehensive solution compared to its competitors, with the ability to connect to Azure, AWS, or Google Cloud platforms. It can be used for image scanning and benchmarking to Kubernetes, and also has the capability to regulate SecOps of CIS.

"The most valuable feature is the level of support that we get. Our solutions or customer success representative is very valuable. I see them as an extension of our security team."
"The proactiveness of the support has been fantastic. Every time we mention something in a meeting that we're trying to do, he proactively takes that as an investigation topic and looks into it. He'll provide the solution even though we might not have asked him to investigate it."
"Sysdig Secure has many strong foundational features like compliance and benchmark, security, network access management, and vulnerability management."

Room for Improvement

Users have suggested that the dashboard on Sysdig Secure could be more intuitive and prioritize more important issues. Additionally, there are concerns about the solution's ability to compete with other CSPM options like Wiz or Orca. Some users have also suggested that the solution may benefit from simplification by focusing on only a few key features.

"Reporting can definitely be better. Live dashboards should be configurable for a longer period of time rather than 30 days. Being able to go back in time to compare six months ago to today would be valuable."
"Sysdig's biggest weakness is dashboarding and reporting. You have access to the data and can get everything you need, but we need the ability to summarize the information quickly in a format that senior leaders can understand. We report to the executive level and global board. I need to roll all that in-depth information into a quick summary, and their maturity level isn't there. I'm seeing that on the future road map, but it isn't there now."
"Banks and financial institutions cannot use Sysdig Secure because it doesn't sell SaaS-hosted versions for under two hundred working nodes."

ROI

Sysdig Secure provided a significant return on investment for users, with many reporting improved security posture and greater visibility into their environments. The platform's ability to detect and respond to threats in real-time was particularly praised, along with its user-friendly interface and comprehensive reporting capabilities. Some users noted that the cost of the tool was initially a concern, but ultimately felt that the benefits outweighed the expense.

Pricing

The cost of Sysdig Secure varies based on the number of agents and the user's environment, with a reported average price of around 80K.

"I am always going to say that it could be a little bit cheaper. I do feel that it is a little bit on the expensive side."
"Sysdig is competitive. The quality matches the pricing. Obviously, everyone wants things to be cheaper, but if you're realistic, you acknowledge that quality service comes with a price. Sysdig is the gold standard for Kubernetes, and I wouldn't choose anything else. We live in Kubernetes. Everything is containerized, so that means a lot to us, and we're willing to make an investment."
"In comparison to other cloud solutions, it's reasonably priced. However, when compared to in-house built open-source projects, it might be considered somewhat costly. The cost depends on whether someone sees the support provided by Sysdig as an advantage or if it's deemed unnecessary. Personally, I find the support to be excellent and consider it a good value."

Popular Use Cases

Sysdig Secure is primarily used by cloud providers to address issues in their environment. The solution is used for runtime security of containers, cloud security, CSPM, and CWPP. One reviewer obtained the product for Dell SecOps and is interested in the Kubernetes Stack and the Falco Project, which is supported by many big brands. Additionally, Sysdig's reputation as the founder of Wireshark lends credibility to their focus on security.

Service and Support

Sysdig Secure's customer service and support are satisfactory, with responsive handling of questions and knowledgeable technical support. Additionally, the support team is described as "awesome."

Deployment

Sysdig Secure's initial setup was generally easy and not overly complex. Technicians found it easy to deploy and use, while one reviewer rated it a six out of ten and noted that good personnel or a team is needed for extensive deployments. The deployment process may involve various roles such as security engineers and cloud architects who need visibility into the underlying stack. There is documentation available in the portal with links and comments to assist with implementation, and while products can be installed quickly, gaining total visibility may take a few days.

Scalability

The reviewers have varying opinions on the scalability of Sysdig Secure.

Stability

Users have differing opinions regarding the stability of Sysdig Secure. Some describe it as being very stable, while others note that its stability depends on whether it is being used in a container or cloud environment.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Sysdig Secure Buyer's Guide for additional reliable information.