Sysdig is a cloud and container security company founded in 2013 by Loris Degioanni, co-creator of Wireshark. The company is the creator of Falco, the open source runtime security standard that graduated from CNCF in 2024. Sysdig has raised $744 million in funding at a $2.5 billion valuation.
Platform Overview
Sysdig provides unified security for cloud-native applications from build time to runtime.
Sysdig Secure delivers cloud and container security powered by Falco. The platform provides runtime threat detection using kernel-level visibility via eBPF, vulnerability scanning across CI/CD pipelines, registries, and runtime, plus Cloud Security Posture Management and compliance automation.
Sysdig Monitor offers cloud-native observability with full Prometheus compatibility. The platform provides deep Kubernetes visibility, long-term metric retention, and correlation between security and performance data.
Falco: The Runtime Security Standard
Falco is the CNCF-graduated project that powers Sysdig’s runtime detection. The open source tool monitors kernel events via eBPF to detect threats and anomalous behavior in containers, hosts, and Kubernetes.
Falco has over 175 million downloads and is used by more than 60% of Fortune 500 companies. Contributors include IBM, Apple, and Booz Allen Hamilton alongside Sysdig.
Key Capabilities
Runtime threat detection uses Falco-powered rules to detect intrusions, file integrity changes, and suspicious network activity in real time. The platform can detect container escapes, cryptomining, and privilege escalation attempts.
Kubernetes security provides native integration with Kubernetes for cluster security, network policy enforcement, and workload protection. Sysdig supports admission control, image scanning, and runtime protection.
Compliance automation maps security findings to frameworks including PCI DSS, HIPAA, SOC 2, ISO 27001, and FedRAMP.
Sysdig Sage AI
Launched in 2024, Sysdig Sage is an AI-powered security analyst that achieved 337% growth in user adoption over eight months. Over 45% of customers have adopted the capability for automated investigation and remediation.
Recent Developments
In November 2024, Bill Welch was appointed CEO, bringing experience from IronNet, Duo Security, and Zscaler. The company expanded its leadership team in 2025 with new CRO and CBO from Snyk and Zscaler respectively.
Sysdig was named a Strong Performer in the 2026 Gartner Voice of the Customer for CNAPP.
Leadership
Founder Loris Degioanni serves as CTO. He previously co-created Wireshark, which has over 20 million users. CEO Bill Welch joined in late 2024 from IronNet where he served as co-CEO.