Sysdig

Sysdig provides a cloud-native application protection platform (CNAPP) with runtime security at its core. The company was founded in 2013 by Loris Degioanni, who previously co-created Wireshark and created the open source projects sysdig and Falco. The platform offers real-time threat detection and response capabilities built on system call-level introspection into containers and cloud environments. The company's technology originated from open source projects, including the sysdig tool for container visibility and Falco, which became the first runtime security project accepted by the Cloud Native Computing Foundation (CNCF). Sysdig developed commercial and open source security drivers using eBPF technology for deep system monitoring. The platform combines multiple security capabilities including vulnerability management with runtime context, infrastructure-as-code security with automated fixes via Git pull requests, and cloud detection and response. The company introduced the 555 Benchmark framework for measuring detection, investigation, and response times in cloud environments. Sysdig Sage serves as an AI assistant integrated into the platform for cloud security workflows, with recent additions of agentic AI capabilities for contextual guidance. The platform addresses security needs for both development and security operations teams working in cloud-native and containerized environments. Sysdig's approach prioritizes vulnerabilities and risks based on what is actually running in production environments rather than static analysis alone.