Sysdig, the cloud security platform powered by runtime insights, has announced a generative AI assistant called Sysdig Sage. Built on an AI architecture specifically designed for cloud security, Sysdig Sage goes beyond typical AI chatbots to employ multistep reasoning and multidomain correlation to quickly discover, prioritize, and remediate risks specific to the cloud.

According to the company, the Sysdig generative AI architecture transcends standard AI chatbots that are designed to answer a specific question using a single large language model (LLM) and stateless analysis. Instead, Sysdig Sage uses a unique human-to-AI controller that mediates user interactions with LLMs to provide more advanced, tailored recommendations. It also leverages the power of Sysdig runtime insights to reveal hidden connections between risks and security events that would otherwise go undetected. This unique architecture:

• Deploys multistep reasoning: Sysdig Sage uses multistep reasoning, an iterative process that delivers relevant context to uncover hidden connections, prioritize risks, and accelerate investigations. For example, it can explore risk factors along multiple attack paths including trails of seemingly low-risk events that, in aggregate, pose a significant risk.
• Performs multidomain correlation: Sysdig Sage aggregates and analyzes telemetry from multiple domains including vulnerabilities, compliance, permissions, and runtime.
• Tailors detection using open source Falco: The collective knowledge of the Falco open source community is integrated into Sysdig Sage right out of the box. Sysdig Sage can optimize Falco detection rules to the user’s environment so that they can detect threats and attacks earlier.
• Takes action: Sysdig Sage takes action after discerning risks and priorities. It provides recommended actions based on the relevant context from the full line of investigation and questioning.

Sysdig Sage is currently accepting candidates for early access to preview later this year.