Jun 30, 2025

Security Boulevard Community Chats Webinars Library Sysdig Extends AI Agent Reach Across Portfolio Sysdig has fully integrated an artificial intelligence (AI) agent across its cloud native application protection platform (CNAPP) to both identify and explain threats, along with remediation suggestions. Emanuela Zaccone, a product manager for Sysdig, said Sysdig Sage , in effect, is an AI analyst that can be assigned tasks to autonomously complete. At its core, Sysdig Sage accelerates investigations by translating natural language questions into risk-oriented graph queries using SysQL, the Sysdig domain-specific query language. First launched last year, Sysdig Sage serves to make the company’s platform more accessible. That’s critical because it enables cybersecurity teams to respond faster to cyberattacks that, in the age of AI, are now increasing in terms of both volume and sophistication, noted Zaccone. While there is a lot of understandable concern about the impact AI might have on employment, the fact remains that most organizations can’t find and retain enough cybersecurity expertise. AI agents such as Sysdig Sage should help level the playing field that today decidedly favors cybercriminals and other types of adversaries. The overall goal is to reduce the amount of time required to respond to threats from hours to minutes using real-time telemetry data, said Zaccone. Additionally, Sysdig Sage has been integrated with IT management platforms such as Jira from Atlassian to enable cybersecurity teams to create remediation tickets that can be assigned to the appropriate team to address. It’s not clear just how heavily cybersecurity teams are investing in AI, but it’s clear the cybercriminals are now using it to craft cyberattacks. On the plus side, a recent survey conducted by The Futurum Group finds that cybersecurity budgets will increase on average to 11% of the IT budget in 2025. Each cybersecurity team will, of course, need to determine for itself to what degree to trust AI agents. In some cases, organizations may assign the same task to two different AI agents in much the same way they rely on two different tools to confirm the existence and severity of a threat before raising an alarm. Inevitably, cybersecurity teams in collaboration with their IT counterparts will also need to determine to what degree they might trust AI agents to automatically remediate an issue based on the potential risk to the business. In the meantime, the job of being a cybersecurity analyst should become less tedious in the age of AI. Instead of spending hours looking for proverbial needles in a haystack, they should be able to at the very least better prioritize remediation efforts. All too often, a lot of time is spent remediating low-risk vulnerabilities that are easy to fix rather than addressing threats that could potentially cripple the organization. Hopefully, there might even come a day soon when the historic divide between cybersecurity teams and their IT colleagues is finally narrowed simply because the level of context about threats being identified by cybersecurity teams has substantially improved. After all, like most anyone who cries wolf once too often discovers, it’s always the next real threat alert that goes unheeded. Recent Articles By Author