Sold by: Sysdig
Deployed on AWS
In the cloud, every second counts. Sysdig's cloud-native application protection platform (CNAPP) stops cloud threats in real time and prioritizes the risks that matter most. Our CNAPP correlates signals across cloud workloads, identities, and services to uncover hidden attack paths.
Sysdig secures your AWS cloud and workload with top-rated support for services including Amazon ECS, Amazon EKS, and AWS Fargate, and integrations with AWS security solutions including AWS Security Hub, Amazon GuardDuty, and Amazon Security Lake.
4.7
Overview
Sysdig secures cloud innovation on AWS with the power of runtime insights. From shift left to shield right, you can prevent, detect, and respond at cloud speed. For businesses innovating in the cloud, every second counts. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights, a unique AI architecture, and open source Falco. Sysdig strengthens cyber resilience, reducing your attack surface and accelerating incident response. Our platform correlates signals across cloud workloads, identities, and services to enable teams to prioritize risks and act decisively.
Sysdig's Cloud Native Application Protection Platform (CNAPP) unifies the capabilities of Cloud Workload Protection (CWP), Cloud Detection and Response (CDR), Cloud Security Posture Management (CSPM), and Cloud Infrastructure Entitlement Management (CIEM). We help cloud teams monitor user, cloud, container, and Kubernetes activity and apply runtime insights to prioritize vulnerabilities and cloud security risks.
- Secure AWS cloud and container services
- Detect threats in real-time with visibility built on open source Falco
- Prioritize risk, fix misconfigurations, measure compliance, and reduce alert noise
- Mitigate active Generative AI risk with AI workload security
- Consolidate vulnerability scanning, posture management, and runtime security
Sysdig Monitor is also available, providing Prometheus-compatible observability for your AWS cloud workloads. Real-time granular insights, cloud-native context, and remediation tips help you troubleshoot and resolve issues in rapidly changing cloud environments. Drive cost savings and right-size your environment with usage-based recommendations.
For custom pricing, EULA, or private contract, please contact salesops@sysdig.com for a private offer.
Highlights
- STOP ATTACKS IN REAL-TIME: Leverage real-time behavioral insights and threat intelligence to continuously monitor for threats.
- PRIORITIZE AND FIX VULNERABILITIES FAST: Prioritize in-use vulnerabilities to address risk and reduce noise up to 95%.
- VISUALIZE CLOUD RISK: Correlate signals across cloud workloads, identities, and services to understand attack paths and real risk.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
CNAPP Enterprise | Public purchases require a minimum purchase of 20 units | $72.00 |
Monitor Enterprise Host | Public purchases require a minimum purchase of 20 units | $36.00 |
Dimension | Cost/unit |
|---|---|
Additional usage fee for CNAPP Enterprise per Host Hr | $0.13 |
Additional usage fee for Cloud Logs Events per Event | $2.50 |
Additional usage fee for CNAPP CaaS per Serverless Host Hr | $0.03 |
Additional usage fee for Secure D&R - CaaS per Serverless Host Hr | $0.02 |
Additional usage fee for Monitor Enterprise Host per Host Hr | $0.06 |
Additional usage fee for Monitor Enterprise Time Series per TS Metric | $7.00 |
Additional usage fee for Monitor Enterprise Cost Advisor per hr | $0.02 |
Additional usage fee | $0.19 |
Vendor refund policy
N/A
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Have an issue? We'll make sure Sysdig is working just the way you want it to. https://sysdig.com/support/
Our documentation provides a deep dive into the core of our cloud-native security, visibility, and compliance platform:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Sophos
By CrowdStrike
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Runtime Security Detection
Real-time threat detection using behavioral insights and open source Falco runtime security engine
Cloud Workload Protection
Unified security capabilities across Cloud Workload Protection (CWP), Cloud Detection and Response (CDR), Cloud Security Posture Management (CSPM), and Cloud Infrastructure Entitlement Management (CIEM)
Multi-Cloud Service Integration
Native support for container services including Amazon ECS, Amazon EKS, and AWS Fargate with integrations to AWS security solutions
AI-Powered Risk Correlation
Unique AI architecture for correlating security signals across cloud workloads, identities, and services to identify potential attack paths
Vulnerability Management
Comprehensive vulnerability scanning with runtime insights and prioritization of in-use security risks across cloud infrastructure
Cloud Security Posture Management
Continuous scanning of cloud environments to identify assets, assess security and compliance settings, and detect potential malicious activities with integration to AWS GuardDuty and SecurityHub
Endpoint Protection
Advanced agent-based protection against malware, fileless threats, and ransomware for Windows and Linux hosts in cloud environments
Threat Detection and Response
24/7 managed detection and response service leveraging telemetry from multiple security solutions including endpoint, firewall, network, email, and identity platforms
Cloud Workload Protection
Security agents designed to protect cloud-based Windows and Linux hosts against modern cyber threats including ransomware
Network Security
Cloud edge firewall solution providing network visibility, protection, and response across public, private, and hybrid cloud environments using cloud native, virtual, and physical appliances
Cloud Security Posture Management
Unified cloud security platform providing continuous monitoring and management of cloud infrastructure security configurations
Threat Detection and Response
Advanced threat intelligence and detection capabilities with real-time monitoring and response across cloud environments
Container and Kubernetes Protection
Comprehensive security solution for containerized applications and Kubernetes environments with runtime protection
Multi-Cloud Coverage
Seamless security protection across AWS, Azure, and GCP cloud platforms with consistent security controls
Workload Runtime Protection
Automated discovery and protection for cloud workloads with lightweight agent-based security monitoring
Standard contract
No
No
Customer reviews
Mumu Muhaemin
Runtime threat detection has improved and security teams prioritize real Kubernetes risks
Reviewed on Dec 27, 2025
Review provided by PeerSpot
What is our primary use case?
Our primary use case for Sysdig Secure is runtime threat detection and vulnerability management.
What is most valuable?
The best feature Sysdig Secure offers is threat detection.
The threat detection feature on Sysdig Secure stands out compared to other solutions I have seen or used because Sysdig sees the actual behavior inside the container or kernel and correlates it with Kubernetes infrastructure, which makes detection both earlier and more precise in a cloud-native environment.
Sysdig Secure has positively impacted our organization by improving visibility into our Kubernetes environment and focusing on real risk, which has reduced alert noise, improved threat detection at runtime, and made vulnerability management more efficient by prioritizing issues that actually affect running workloads.
What needs improvement?
Sysdig Secure works well for us, but there are a few areas for improvement, such as the alerting and notification system being more flexible for complex workflows, and some dashboard and reporting features could be more customizable to match specific team needs.
For how long have I used the solution?
I have been using Sysdig Secure for three years.
What do I think about the stability of the solution?
Sysdig Secure is stable.
What do I think about the scalability of the solution?
Sysdig Secure scales well with growth and increased workloads, especially in Kubernetes and cloud-native environments, as the agent collects data efficiently and the back end can aggregate and analyze events across many nodes and namespaces.
How are customer service and support?
Our experience with Sysdig Secure customer support has been positive, as they have been responsive and provided useful guidance whenever we had questions or needed help.
Which solution did I use previously and why did I switch?
We previously used commercial point tools, but we switched to Sysdig Secure because we wanted a more unified platform that combines runtime threat detection, vulnerability management, and compliance into a single solution.
How was the initial setup?
We have seen a noticeable reduction in false positives due to better rule tuning and Kubernetes context, and incident response time improved because alerts are more actionable and include full runtime context, allowing faster triage and investigation.
What was our ROI?
We have seen a measurable return on investment with Sysdig Secure, as it has reduced the time spent on incident investigation and vulnerability triage.
What's my experience with pricing, setup cost, and licensing?
Our experience with Sysdig Secure pricing and licensing has been generally positive, with costs aligned with the value we get from the platform, requiring some initial engineering effort for agent deployment and policy tuning, but overall it was not overly complex.
Which other solutions did I evaluate?
We evaluated several other solutions before choosing Sysdig Secure, including Aqua, Prisma Cloud, and Lacework , ultimately choosing Sysdig Secure for its strong Kubernetes-native runtime visibility and unified platform for vulnerability and compliance.
What other advice do I have?
My advice for others looking into using Sysdig Secure is to clearly define your primary use case before getting started, whether it is runtime detection, vulnerability management, or compliance. I would rate my overall experience with this product as an eight out of ten.
Sharan K Lakshman
Vulnerability tracking has improved and pipeline checks now keep container images compliant
Reviewed on Dec 16, 2025
Review provided by PeerSpot
What is our primary use case?
My main use case for Sysdig Secure involves deploying microservices that contain a lot of Docker images, and Sysdig Secure helps me identify the vulnerabilities associated with these images and provides me the fix version for them, which is really helpful in staying on track of our vulnerability weaknesses.
I can use Sysdig Secure along with our CI/CD pipeline as a stage to ensure that even when the code has been checked into the repo, it has been checked for quality, specifically to ensure that the resultant image has no vulnerabilities.
What is most valuable?
The best features Sysdig Secure offers include a very intuitive UI that clearly shows me what images have what vulnerabilities and how I can fix them, indicating where the issues are and what I should upgrade to, thus helping us stay ahead of all the vulnerabilities.
Sysdig Secure's API is a main feature I have used, allowing me to integrate it to scan a list of images and output the result in the form of an Excel sheet or a CSV with details on high vulnerability criticality, making it useful in a GitLab project to ensure that new images added to the repo do not have any critical vulnerabilities.
Sysdig Secure has positively impacted our organization by helping us keep track of the vulnerabilities in our images, making it easy to manage and upgrade the packages we need based on the clear guidance Sysdig Secure provides on what to do and where.
In terms of measurable outcomes, I have seen a reduction in vulnerabilities, as Sysdig Secure can tell us how many vulnerabilities are present on a day-to-day report basis, which has improved our efficiency by more than 50% and helps us stay compliant with necessary regulations.
What needs improvement?
I wish Sysdig Secure could enhance their outreach to more platforms so their APIs are easily accessible for personal or professional projects, and I have noticed a few bugs in the UI to fix version filtering that I hope they will address in upcoming releases.
I give it an eight because of the bugs, specifically the fix version bug where sometimes there is no fix version shown, and I wish Sysdig Secure offered a personalized UI that users could tailor to their daily workflows, making navigation more efficient based on their specific role and tasks
Sysdig Secure does everything from a detection point of view, telling me the vulnerabilities I have and where they are located, and I believe that if Sysdig Secure creates an LLM tool that could automatically fix those vulnerabilities in the repo, it would be really helpful.
For how long have I used the solution?
I have been using Sysdig Secure for about seven to eight months or more, and we have been using it for our vulnerability management.
What do I think about the stability of the solution?
Sysdig Secure is pretty stable in my experience.
What do I think about the scalability of the solution?
For my use case, Sysdig Secure handles growth and increased workloads well.
What other advice do I have?
My advice for others looking into using Sysdig Secure is to evaluate your options, but Sysdig Secure appears to be a good deal. I give Sysdig Secure an overall rating of eight out of ten.
sahil p.
Secure your container with sysdig secure
Reviewed on Sep 16, 2025
Review provided by G2
What do you like best about the product?
The UI is very impressive and the correlation of the Sysdig's secure CNAPP is very good.
What do you dislike about the product?
Nothing to dislike so far, We liked the product.
What problems is the product solving and how is that benefiting you?
We are unable to look through the malware or the vulnerabilities in our container with traditional EDR and vulnerability scanner. that Sysdig has solved.
Kapil S.
Enhancing Cloud Security with Real-time Threat Detection
Reviewed on Sep 08, 2025
Review provided by G2
What do you like best about the product?
real-time visibility into cloud-native environments with robust runtime threat detection & prevention for containers and Kubernetes.
What do you dislike about the product?
Good level of knowledge required to deploy and integration with current setup.
What problems is the product solving and how is that benefiting you?
providing container and Kubernetes security, runtime threat detection, vulnerability management, and compliance enforcement and Support and solution provided by India SE Lead is hightly appreciated. the combination of SYSDIG+Team knowledge is excellent.
Prasanna G.
Robust Security Insights with Clear Visualizations
Reviewed on May 26, 2025
Review provided by G2
What do you like best about the product?
Sysdig Secure offers comprehensive visibility into container and Kubernetes security. I particularly appreciate its real-time threat detection and intuitive dashboards, which make complex security data more digestible—even for documentation and communication purposes. The integration with CI/CD pipelines and Kubernetes environments is seamless, helping teams maintain a secure DevOps workflow.
What do you dislike about the product?
While Sysdig Secure is feature-rich, the initial learning curve can be a bit steep for new users, especially those outside traditional DevSecOps roles. Some configuration options could be more user-friendly, and documentation sometimes lags behind new feature releases.
What problems is the product solving and how is that benefiting you?
Sysdig Secure addresses key challenges in container and Kubernetes security by providing deep visibility, runtime threat detection, and compliance enforcement. In my role as a Tech Writer, it helps me understand and document complex security workflows with clarity. The platform’s detailed security event data, visual insights, and audit trails make it easier to create accurate, user-friendly content. This not only supports internal teams but also enhances the quality of documentation for end users, improving knowledge transfer and reducing security misconfigurations.