India is one of the most dynamic cloud markets in the world right now. Sysdig is scaling strategically in India with localised infrastructure like a public cloud data centre. Shantanu Gattani, VP, Product Management, Sysdig, claims to Rajneesh De, Group Editor, CXO Media & APAC Media, in an exclusive conversation that Sysdig Sage is the industry’s first fully integrated AI cloud security analyst.
What are the solutions and services in the Sysdig portfolio?
Sysdig equips and empowers security and development teams to prevent, detect, and respond to attacks against companies building software in the cloud. Built on Falco, the open source standard for runtime threat detection with more than 150 million downloads, Sysdig’s cloud security platform – Sysdig Secure – delivers continuous, end-to-end visibility into what is running across your environment.
This means you can do everything from addressing vulnerabilities in development to detecting attacks in real time. It correlates signals across workloads, identities, and services to uncover hidden attack paths and identify active risks.
With Sysdig Sage, the industry’s first fully integrated AI cloud security analyst, Sysdig unlocks real-time defence rooted in the uncompromising truth of runtime. Our deep visibility, built-in customisation, and transparency give organisations the speed, flexibility, and precision to act decisively, adapt quickly and confidently secure what matters most.
How is Sysdig helping enterprises operationalise AI within their cybersecurity teams?
Cloud attacks move fast, and they are only growing more complex and less predictable in the era of AI-driven threats. Security teams are overwhelmed by repetitive tasks and low-context alerts, making it difficult to focus on what truly matters. That’s why some of the largest companies in India are choosing Sysdig, especially because of our AI expertise with Sysdig Sage.
Built on an autonomous agent architecture, Sysdig Sage is designed to meet the unique challenges of cloud security and accelerate human response. It uses multi-step reasoning and deep contextual awareness to automatically identify, investigate, and remediate risk. It acts as an intelligent, always-on teammate, and it understands exactly what you’re seeing, so it can guide you through the noise.
Sysdig Sage eliminates guesswork and helps teams instantly understand the “who, what, when, where, and how” of emerging threats – it also recommends high-impact, low-effort fixes, so teams can take confident, precise action.
How would you assess the beneficial roles of open source innovation in cloud native protection?
From Falco and Wireshark to Sysdig OSS and Stratoshark, open source is a part of Sysdig’s DNA. We believe the future of security is built on open source. Let me explain why.
Cybersecurity cannot be an asymmetrical battle. While attackers openly share the latest tools, tactics, and techniques, defenders often operate in silos. That gap puts organisations at a steep disadvantage. Threats evolve too quickly, and solutions without transparent, battle-tested detection capabilities simply cannot keep up. That is why Sysdig is built on open source, and why we continue to invest in the community that powers it.
We realise some customers will only use our open-source tool, and we are okay with that. Others will use them for a while and, as they scale, realise they need an enterprise partner. Syfe is an example of a company that did just that! They love the real-time threat detection that Falco brings, but it was very manual.
Since Sysdig is the creator of Falco, they knew we were the standard for threat detection and response, and the transition would be easy. They also improved their CIS AWS Foundations Benchmark score to 90% up from 60% and now spend 75% less time on security and compliance.
Take the Sysdig Open Source Community, for example. Launched July 28, our global open source hub connects over 9 million users across key projects in our ecosystem, like Falco and Wireshark. It’s a place for sharing best practices, collaborating on innovation, and making the world more secure, together. When you use Sysdig, you are not just getting a platform – you’re tapping into the strength of a global community committed to defending the cloud.
What are the key pillars of Sysdig’s GTM strategy for India, and what are the key initiatives under this strategy?
India is one of the most dynamic cloud markets in the world right now, and we see a tremendous opportunity to support India’s most innovative companies as they pursue secure and sovereign cloud development. That is why we recently invested in a public cloud data centre in the region – a foundational step that enables us to meet data sovereignty requirements and deliver the region’s first real-time cloud security software-as-a-service (SaaS) platform to our customers.
Our go-to-market (GTM) strategy is focused and deliberate. Most often, we are supporting industries like banking, financial services and insurance (BFSI), government, digital-native businesses (DNB), and crypto, sectors where security risk is high and runtime insight is mission-critical. We’re also meeting customers where they are with a flexible consumption model, offering both SaaS and on-premises options tailored to their environments and regulatory needs.
Perhaps most importantly, we are obsessed with listening to our customers. Their feedback fuels continuous improvement across Sysdig. It’s not just about delivering features. It’s about solving real problems, in real time. For us, it’s prime time for runtime.
What are the key components of Sysdig’s Double Double strategy?
At Sysdig, our “north star” in India is what we call the “Double Double” strategy: doubling our business every two years. And we’re targeting serious investments to make that happen.
Here’s what that looks like on the ground: we’re scaling strategically in India and across APJ, with localised infrastructure like our public cloud data centre and GTM efforts that meet its most innovative sectors.
That includes tailored offerings for industries like BFSI and government, as well as pricing and packaging designed specifically for the Indian market, such as on-prem bundles that address unique compliance and procurement needs.
Where is Sysdig India placed in your overall global plans on development, R&D, support services, and GTM fronts?
We believe that companies that fail to invest in high-growth markets, like India, do so at their own peril. That is why it is not just a checkbox for Sysdig; it is a priority across all functions, like GTM, R&S, customer success, and beyond. It is a force multiplier for Sysdig, and our investment in the region reflects the importance we’ve placed on it.
The bottom line is that India is one of the fastest-growing economies globally. It rose from the 10th to the 5th largest GDP in just two years. That kind of acceleration demands attention, and we’re responding with real investment. Within APJ, India is contributing as much to Sysdig’s business as Japan and Australia/New Zealand – it’s a clear signal that our strategy is resonating.
How have conversations with CISOs changed over the years?
The role of the CISO has evolved from being a technical guardian to a strategic business enabler, and the nature of conversations has followed that arc.
Earlier, CISOs were primarily focused on risk avoidance, compliance checklists, and infrastructure hardening. Discussions were deeply technical, often reactive, and centred on defending the perimeter (firewalls, endpoint protection, and patching). Their visibility into cloud and application environments was limited, and the security agenda was often siloed from the rest of the business.
Today, the conversation has shifted to enablement, resilience, and ROI. CISOs are now sitting at the executive table, tasked with protecting innovation. The cloud is the new data centre, and digital transformation is non-negotiable. As a result, security must move at the speed of DevOps.
Modern CISOs are asking: How do I reduce my attack surface proactively? How can security become invisible to developers but still effective? How can we move from thousands of findings to the few that matter?
Runtime awareness, AI-powered prioritisation, and unifying security across the cloud-native stack are recurring themes. They want fewer dashboards and more actionability. This is where cloud-native application protection platforms (CNAPPs) – and capabilities like runtime threat detection and AI-based remediation – are gaining ground.
Especially in India, we’re seeing a rise in tech-first companies, like banks, telcos, and startups, that view cybersecurity not just as a defensive function but as a competitive differentiator. The stakes are higher, the conversations are sharper, and the expectations are clearer: security must enable innovation without friction.
With multiple cloud adoption now the norm, how are your solutions ensuring security for enterprises?
Protecting multi-cloud and hybrid environments demands real-time detection and a unified view across all platforms. Sysdig has a strong partner program and provides end-to-end visibility, threat detection, and response across major cloud service providers, including AWS, Azure, GCP, IBM, and OCI, as well as on-premises infrastructure.
By continuously correlating signals across environments and workloads, Sysdig enables faster, more effective incident response no matter where applications are running. Our goal is to simplify comprehensive security in complex, distributed environments, helping organisations take full advantage of multi-cloud architecture’s benefits – like flexibility, redundancy, and performance – without compromising.
CoinDCX, one of the largest crypto exchanges, is a Sysdig customer. Their CISO once said, “The cloud brought a lot of ease to the tech team and business operations, but it also made things challenging for my team.” This is why companies like CoinDCX partner with companies like Sysdig.
How are regulatory conformances redefining the dynamics of enterprise security?
Regulatory conformance has gone from being a checkbox exercise to a board-level imperative. It’s no longer just about passing audits; it’s about continuous, provable security. With frameworks like DORA and India’s DPDP Act, enterprises are expected to demonstrate real-time compliance across sprawling, cloud-native environments.
This shift is redefining enterprise security in two key ways. First, security and compliance are converging. CISOs now require platforms that can simultaneously detect threats and verify controls. Second, the emphasis is on continuous assurance, not annual certification. You can’t rely on snapshots – you need live evidence, runtime visibility, and policy-as-code to keep pace.
Simply put, regulations are accelerating the move toward integrated, context-aware, runtime-centric security platforms. They’re forcing companies to operationalise trust, not just declare it.
What are going to be Sysdig’s key focus areas in India over the next few quarters?
Sysdig will continue to focus on driving growth in the region by expanding its success and footprint with digital-native businesses, actively building community engagement for Falco across PAN India, and working closely with our ecosystem of partners to address the cloud security challenges our customers face.
