Connect Cloud Accounts

The Sysdig Secure platform for cloud accounts enables teams to secure builds, detect and respond to runtime threats, and continuously manage cloud configurations, permissions, and compliance. CSPM and Threat Detection features are available on AWS, Azure, and GCP. CIEM (Identity and Access) is currently available on AWS and GCP.

Cloud Features

Agentless Compliance and Posture Management (CSPM)

Sysdig’s Compliance and Posture Management for cloud accounts includes:

Inventory: Search and gain visibility into resources across your cloud and Kubernetes environments. Each resource is enriched with a 360-overview of misconfigurations, compliance violations, vulnerabilities, and more.
Compliance: Review and remediate risk and compliance violations of your business zones against the policies with which you need to comply.
Infrastructure as Code (IaC): This feature highlights and resolves misconfigurations and policy violations early in the development lifecycle, moving security close to the source as early as possible.

Cloud Detection and Response (CDR)

Also known as Threat Detection, this includes:

Threat Detection For Cloud: Sysdig analyzes Cloud platform logs for known threats.
Managed Threat Research: Discover new Zero Day Attacks against your cloud.

Agentless Vulnerability Scanning

Available for AWS and includes:

Agentless Host Scanning for runtime vulnerability detection in AWS cloud accounts

Identity and Access Management (CIEM)

Available for AWS and GCP and includes:

Least Permissive Analysis: Sysdig analyzes CloudTrail logs and offers suggestions following the principle of least privilege (PoLP) - eliminating excessive permissions from all identity entities.
Identity Hygiene: Prioritize what matters using risk labels (multi-factor authentication, inactive user, admin access) that automatically map to identity and access management violations.
Jira Remediation: Assign identity-related remediations through Jira.

Installation Planning

Installation Wizards take you through most of the installation scenarios for your cloud provider.

AWS

Agentless Install: Agentless CSPM and/or Agentless CDR
Agent-Based with CIEM: Agent-based CDR with CIEM, plus Agentless CSPM, installed using a script

GCP

GCP offers:

Agentless Install: Agentless CSPM and agentless CIEM via the Wizard
Agent-Based Threat Detection: Agent-based Threat Detection using a script

Azure

CDR and Agentless CSPM
Agentless CSPM only

Onboarding Types

Single onboarding scopes a single AWS account, GCP project, and Azure subscription. The target can either belong to an organization or operate independently. It is primarily recommended for feature testing before configuring the organizational setup.
Organizational onboarding scopes an AWS or GCP organization, or an Azure tenant. This installation is recommended to scope all the member items within the organizational landscape.

Quick Start

To secure a cloud account:

Log in to Sysdig Secure as admin and select Integrations > Data Sources|Cloud Accounts.
Click +Add Account and select AWS, GCP, or Azure to learn which features are supported and the installation methods available.
Follow the prompts to connect the account.
- AWS
- Azure
- GCP

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.