Sysdig

Technology | Cloud and Runtime

Our Sysdig integration provides a unified view of application vulnerabilities for security, development, and cloud teams.

Organizations are increasingly focused on the unique risks of containerized applications, while security and development teams are also looking to shift left and proactively address security risks earlier in the development lifecycle. Sysdig’s robust runtime security and threat detection capabilities provide essential protection for containerized applications in production.

Checkmarx & Sysdig Better Together: Full Lifecycle Container Security

The Sysdig and Checkmarx partnership combines continuous runtime monitoring and analysis together with comprehensive application security testing. The integrated solution helps organizations identify and remediate container risks across the full lifecycle of a containerized application. Checkmarx further integrates with Sysdig to collect and correlate data from runtime environments, helping joint customers better prioritize remediation of risks identified during the development phase. By integrating with Sysdig, Checkmarx extends its container security capabilities beyond static image analysis, ensuring a comprehensive approach throughout the container.

Visibility from Code to Cloud

Map your cloud environments assets (clusters, pods and container images) to your source code repositories.

Identify Attack Paths

Identify the attack paths for exposed container images to the source code repositories vulnerabilities.

Actionable Insights and Prioritized Remediation

Identify and map vulnerabilities in Kubernetes clusters, container images, and code repositories with runtime data for better risk management.

Contextual Risk Management

Correlate Checkmarx SAST results with Sysdig’s cloud asset inventory to prioritize vulnerability remediation based on exploitable risks in running applications.

Extended Security Coverage

Apply the “Shift Left, Shield Right” strategy to secure every stage of the SDLC. Enhancing security insights within development environments allows you to foster collaboration across teams.

Detection of In-use Vulnerable Packages

Checkmarx Sysdig - CxOne Container Security integration

Sysdig runtime insights provide visibility into in-use vulnerable packages within Checkmarx One Container Security results. Accelerating the prioritization of critical open-source security risks and boosting developer productivity.

Visibility from Code to Cloud

Map your cloud environments assets (clusters, pods and container images) to your source code repositories.
Identify Attack Paths

Identify the attack paths for exposed container images to the source code repositories vulnerabilities.
Actionable Insights and Prioritized Remediation

Identify and map vulnerabilities in Kubernetes clusters, container images, and code repositories with runtime data for better risk management.
Contextual Risk Management

Correlate Checkmarx SAST results with Sysdig’s cloud asset inventory to prioritize vulnerability remediation based on exploitable risks in running applications.
Extended Security Coverage

Apply the “Shift Left, Shield Right” strategy to secure every stage of the SDLC. Enhancing security insights within development environments allows you to foster collaboration across teams.
Detection of In-use Vulnerable Packages

Sysdig runtime insights provide visibility into in-use vulnerable packages within Checkmarx One Container Security results. Accelerating the prioritization of critical open-source security risks and boosting developer productivity.

“Together, Checkmarx and Sysdig provide security across the entire cloud security life cycle, from application development to response. Checkmarx is an innovator in enterprise-grade application security. With Sysdig and Checkmarx paired together, users can make better-informed decisions by understanding what is a real threat.”

Bryan Smoltz — Vice President of Technology Alliances at Sysdig

Related Resources

Webinar: Code to Cloud Security with Checkmarx and Sysdig

Webinar: Boost your software supply chain security by prioritizing risk with runtime insights

Press Release: Checkmarx Integrates Sysdig Runtime Insights for Faster Prioritization of Cloud-Native Application Vulnerabilities

Blog: Container runtime insights to prioritize what matters most

Frequently Asked Questions

What Checkmarx subscription or license do I need?

The integration with Sysdig for Checkmarx Cloud Insights requires subscription to one of the Checkmarx One packages, excluding the entry “Start with SAST” subscription.

The integration with Sysdig for Checkmarx Container Security Open Source Packages used at runtime requires the subscription to Professional or Enterprise subscriptions, or the Container Security add-on as part of the Essentials subscription.

What Sysdig subscription or license do I need?

The integration requires subscription to the Sysdig Secure plan.

How do I setup the integration?

For the integration with Sysdig for Checkmarx Cloud Insights, deploy Sysdig Lambda function with the necessary configuration to connect to both Sysdig Secure Inventory API and Checkmarx Cloud Insights. For a step-by-step guide please refer to our documentation.

For the integration with Sysdig for Checkmarx Container Security Open Source Packages used at runtime, enter the Sysdig Risk Spotlight Token and select your Sysdig tenant region into the CxOne Integrations settings. For a step-by-step guide please refer to our documentation.