Case Study: Mercari achieves enhanced Kubernetes security and rapid intrusion detection with Sysdig Secure DevOps Platform

The Sysdig Secure DevOps Platform Provides Robust Security for Kubernetes Clusters Supporting Mercari's Flea Market App

Mercari, the leading flea market app in Japan with millions of monthly users and large transaction volumes, moved from a monolithic to a microservices architecture on GCP using GKE. That shift — plus developers taking on operational roles — exposed Kubernetes security risks (privilege escalation, shared-kernel vulnerabilities) and created a need for better monitoring, alerting, and immutable operation logs to protect sensitive transaction data.

After a PoC comparing three vendors, Mercari chose the Sysdig Secure DevOps Platform for its strong intrusion detection, recording capabilities, low operational overhead, and community-backed Falco runtime tooling. Deployed incrementally in about a month, Sysdig delivered immediate alerts, improved incident response and forensics (including fast mitigation of CVE exploits), comprehensive developer operation logs, and a stronger overall Kubernetes security posture without measurable performance impact.

Mercari

Hiroki Suezawaof

Security Engineering Team