Sysdig Previews Set of AI Agents for Cloud Security Platform
Sysdig, this week at the Black Hat USA 2025 conference, revealed it is providing early access to artificial intelligence (AI) agents that have been added to its cloud native application protection platform (CNAPP).
Previously, Sysdig made available AI capabilities via Sysdig Sage, which provided a conversation interface that provided access to a security analyst tool that could be queried via a natural language interface. Sysdig Sage is now being extended by adding a set of autonomous agents that can be assigned repetitive tasks to perform that are then reviewed by a cybersecurity professional.
Each of the Sysdig AI agents conducts a semantic analysis of cloud infrastructure and workloads to uncover key application context, such as environment and asset types, business functions, and customer resources. By correlating that context with insights into the runtime environment surfaced by the Sysdig CNAPP, it then becomes possible to better correlate threats to actual risks to the organization. Sysdig Sage then surfaces remediation guidance, along with ticket creation, ownership assignment, and streamlined workflow automations that can be invoked via a single click.
Additionally, Sysdig Sage can be used to create reports that provide visibility into vulnerability trends, remediation progress and overall risk posture.
Sysdig CTO Loris Degioanni said rather than replacing cybersecurity professionals, these agents are designed to augment them by giving them the AI equivalent of a junior assistant to complete tedious tasks. For example, AI agents are able to proactively monitor IT environments in a way that filters out low-risk noise, freeing up more than 80 hours per week that would have been previously devoted to manually triaging alerts and prioritizing risks, he noted.
Rather than train a single AI agent to perform all these tasks, Sysdig has opted to train a series of agents to optimally perform them, said Degioanni. A single AI agent would otherwise be overwhelmed by the number of tasks, resulting in them being performed not as accurately, he added.
The overall goal is to not only enable cybersecurity teams to respond faster to threats but also reduce the current level of drudgery that ultimately conspires to burn out cybersecurity professionals, said Degioanni.
It’s not clear to what degree cybersecurity teams are embracing AI, but given the historic shortage of skills that has long made it difficult to fill cybersecurity positions, the rise of AI should help lighten the load for existing cybersecurity teams in a way that, hopefully, will provide them with more time to investigate threats.
In the meantime, each cybersecurity team will need to determine to what degree they might need a new platform to take advantage of AI versus waiting for their incumbent vendors to deliver that capability. Regardless of approach, the one thing that is certain is that much of the manual labor that today creates a sense of drudgery should start to subside. The issue then becomes applying that time made available to better understand exactly how adversaries are similarly using AI to create and launch even more lethal threats to investigate.
