Modern applications are increasingly developed as distributed microservices, leveraging containers and Kubernetes. While this shift accelerates innovation, it presents challenges for legacy security tools that are not ready to function in this dynamic environment.

Providing observability, security and compliance for containers, Kubernetes and the cloud is the mission of DevOps platform company Sysdig Inc., which has seen ground for a sharp growth. It recently joined the unicorn club after raising $188 million in a late-stage funding round at a $1.19 billion valuation.

“We really secure the entire lifecycle from source to production, so [we] do things like scan your IaC for misconfiguration, monitor your runtime environments for threats and operational best practices,” said Knox Anderson (pictured), vice president of product management at Sysdig. “We provide a lot of capabilities around Prometheus Monitoring as well, and then also let organizations perform incident response and compliance audits against these environments.”

Anderson spoke with Lisa Martin, host of theCUBE, SiliconANGLE Media’s livestreaming studio, in advance of the AWS Startup Showcase: New Breakthroughs in DevOps, Analytics, and Cloud Management Tools event. They discussed the key security challenges Sysdig addresses, its commitment to open source and the Falco project, and the company’s relationship with Amazon Web Services Inc. (* Disclosure below.)

The need for deep and unified visibility

Sysdig hit the market at about the same time that containers and Kubernetes started to receive attention in the tech landscape. It was launched in 2013 as an open-source initiative to address the security issues faced by enterprises adopting cloud applications. The company created projects to leverage visibility as a foundation for security, including Sysdig and Falco, which have become standards for threat detection and incident response.

During the past year and a half, the COVID-19 pandemic has boosted the use of the cloud, as well as the modernization of IT infrastructures for enterprises, which have had to accelerate their digital transformation to adapt to remote working and online operations.

“They’re changing their platform to take advantages of containers and Kubernetes, and you really have to rethink all of your security tooling. And that’s when a company like Sysdig comes in,” Anderson said.

Modern cloud apps are built using CI/CD and run as containerized microservices. The problem is that traditional tools can’t shift security left, validate configurations, or provide detection and response for production workloads, according to Sysdig. What is needed, the company says, is a container and cloud security stack built on open-source innovation, with deep and unified visibility across workloads and multicloud infrastructure.

Sysdig’s products include Sysdig Monitor, a cloud native intelligence platform based on the open-source Falco project that helps manage large Kubernetes deployments, and Sysdig Secure, which embeds security and compliance into the build, run and respond stages of the container and Kubernetes lifecycle.

Committed to open source

With containers gaining ground in different businesses, Sysdig has customers in all types of industries. For example, SAP Concur, a SaaS company providing travel and expense management services to businesses, turned to Sysdig to secure its Kubernetes environment, where thousands of developers are building their applications and deploying them.

“They use Sysdig as a platform that allows developers to easily onboard onto their Kubernetes clusters and then ensure that they’re meeting compliance needs and FedRAMP needs for that platform that they deliver their core business apps on,” Anderson explained.

All Sysdig’s offerings are based on open-source technology, which allows for more transparency about how the tools work and gives users more control. A great example of its commitment to open source is Falco, which was created by Sysdig in 2016 and donated to the Cloud Native Computing Foundation in 2018. Falco, which detects unexpected application behavior and alerts on threats at runtime, is the first runtime security project to join CNCF as an incubation-level project, according to Anderson.

“Falco meets a lot of your IDS or your file integrity monitoring requirements that you might have as you move to Kubernetes,” he stated. “I’m really excited to see where it goes over the next year as Falco extends to also cover some cloud security use cases.”

Sysdig runs its SaaS internally on AWS, using Amazon’s services to deliver its products to customers. It also has worked closely with AWS to provide better security for services such as AWS Fargate, a serverless computing engine for running application containers in the cloud.

In May, Sysdig announced the creation of new runtime detection and incident response tools for Fargate. The new offering also contains a key file integrity monitoring capability for AWS Fargate that Sysdig said is a necessary component for organizations to ensure compliance with the Payment Card Industry Data Security Standard.

“We did work sessions with their engineering teams and learned what we could do to get the visibility that we need for tools like Falco and Sysdig to work seamlessly in Fargate environments,” Anderson said. “And we’ve already seen great adoption of customers using the Sysdig product on top of Fargate.”

Watch the complete video interview below, and be sure to check out SiliconANGLE’s and theCUBE’s coverage of the AWS Startup Showcase: New Breakthroughs in DevOps, Analytics, and Cloud Management Tools event on September 22. (* Disclosure: Sysdig Inc. sponsored this segment of theCUBE. Neither Sysdig nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE