Sysdig Cloud Detection & Response (CDR) is a cloud security platform that provides real-time threat detection, investigation, and response capabilities for hybrid and multi-cloud environments. The platform is built on the Falco engine and offers detection across Linux and Windows servers, containers, Kubernetes, cloud logs and trails, and serverless functions. The platform provides customizable detection rules for identifying known and unknown threats across cloud estates. It includes automated context generation for security events and provides visibility into complete attack kill chains with coverage for cloud services, identities, and workloads. Sysdig CDR correlates identity activity patterns with workload exploits to detect compromised identities, privilege escalation attempts, and account compromise. The platform supports automated threat response options for cloud and container environments. The solution aims to reduce incident analysis time by providing cloud-native context for security events. It offers investigation capabilities that include automated event context and visibility across cloud infrastructure components. The platform is designed for security teams operating in hybrid and multi-cloud environments who need real-time detection and response capabilities.