Sysdig, a prominent player in the open source-based cloud monitoring and security platform market, has recently expanded its offerings by venturing into the realm of generative AI and large language models (LLMs) in 2023.
Branded as Sage AI, the cutting-edge technology introduced by Sysdig aims to integrate LLMs into its cloud monitoring and security platform, empowering organizations to enhance cloud security management and accelerate incident response.
At its core, Sage AI functions as an advanced assistant capable of executing intricate multi-step reasoning, correlating data from various domains, and taking proactive actions. Although still in the early testing phase, Sysdig has ambitious plans for its new AI technology.
Loris Degioanni, the visionary founder and CTO of Sysdig, expressed his vision for Sage AI, highlighting its amalgamation of domain expertise and open-source knowledge in cloud security. This unique integration with LLMs provides a robust architecture for handling security-related tasks efficiently.
One notable distinction of Sysdig's approach is the development of an "LLM controller" rather than merely relying on a pre-trained LLM API. This controller orchestrates requests to different LLMs while also refining and validating data to ensure accuracy and minimize any potential AI hallucinations.
While the specific LLMs utilized by Sage AI remain undisclosed, it leverages the LangChain technology, an open-source method of chaining LLM requests together. Sysdig adapted this generalist tool and combined it with its proprietary innovations to create an effective solution for cybersecurity, specifically tailored to AI cloud security challenges.
Loris Degioanni emphasized that Sage AI isn't meant to replace human security analysts. Instead, it serves as an intelligent complement, enabling users to have a more profound understanding of their cloud security context. By sitting alongside the user, Sage AI interprets data and provides relevant insights. For instance, if an alert indicates a security breach in a container on the Sysdig platform, Sage AI can offer a precise explanation of the issue and assist users in resolving it. Additionally, users can engage with the AI through queries, and the system can take actions to aid in issue resolution.
Sage AI's ultimate purpose is to address the critical shortage of skills and expertise in the cybersecurity industry, particularly in the cloud security domain. Degioanni acknowledges the complexity of cloud security and the scarcity of skilled professionals. He believes that AI can bolster organizational efficiency, effectiveness, and resource utilization, enabling better threat detection and creating more secure infrastructures.
As Sysdig ventures into the frontier of AI-powered cloud security, the cybersecurity industry watches with anticipation, hopeful that this innovative technology will bridge the gap in talent and fortify the resilience of cloud-based systems against evolving threats.