UPDATED 16:13 EST / SEPTEMBER 22 2021

CLOUD

Sysdig spends unicorn cash as platform expands to solve cloud and container security, visibility challenges

The economy is returning to a facsimile of the pre-2020 world, but the boom in cloud adoption triggered by the COVID-pandemic shutdown shows no sign of slowing.

Paralleling the rise in cloud has been an increase in enterprise adoption of open-source technology. Ninety percent of information technology leaders currently use open-source products, according to the 2021 “The State of Enterprise Open Source” report published by Red Hat Inc. This simultaneous growth of cloud and open-source is in part due to a positive feedback cycle, where cloud adoption means containerization, which leads to a company opting into Kubernetes for container orchestration, which in turn brings previously closed software consumers into the open-source community.

“Cloud adoption and Kubernetes adoption are something that everyone is trying to accelerate as quickly as possible,” stated Knox Anderson (pictured), vice president of product management at Sysdig Inc.

Anderson spoke with Lisa Martin, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during the AWS Startup Showcase: New Breakthroughs in DevOps, Analytics, and Cloud Management Tools event. They discussed the importance of security and application monitoring in a containerized environment, as well as how Sysdig’s platform and open-source project Falco are simplifying security for infrastructure-as-code. (* Disclosure below.)

Cash injection aids acquisition and strengthens Sysdig’s market position

Going from physical infrastructure to infrastructure-as-code comes with a host of security and management problems. First is the skills gap, an ever-growing problem that was the subject of a recent in-depth article by theCUBE’s Paul Gillin.

“The information technology skills crisis is the worst it has been since just before the Great Recession of 2008,” Gillin reported.

And, according to Anderson, “Everyone wants to use Kubernetes, but [with] the amount of people that can operate those platforms, it’s is really difficult.”

Sysdig solves this by automating the application lifecycle from source to production, integrating security into the DevOps workflow, and speeding the deployment process.

“With Sysdig, we provide just an easy way to get your Kubernetes clusters instrumented and then provide strong coverage for threat detection, compliance and then observability for those environments,” Anderson said.

In April 2021, Sysdig achieved unicorn status, raising $188 million in late-stage funding to reach a $1.18 billion valuation. This enabled the company to acquire cloud native application security company Apolicy, adding strength to Sysdig’s IaC security stance.

“A lot of traditional security requirements are now getting baked into what a DevOps team does day-to-day,” Anderson said. “So, the DevOps team is doing things like implementing IaC, so your infrastructure is code and no changes are manually made to environments anymore.”

Sysdig offers both proprietary and open-source solutions

Another problem that comes with cloud complexity is the lack of visibility into the applications that run in containerized environments. If an organization isn’t able to track what’s going on, criminals can hack into clusters and deploy containers that mine cryptocurrencies on the company’s dime.

“As the price of a bitcoin and things like that go up, there are more and more people that want to steal your resources for mining,” Anderson said. “I’d say every single week there’s a different environment that has a crypto-mining container that’s spun up in there.”

Sysdig has been instrumental in providing companies with two ways to secure and manage the application lifecycle: through its proprietary secure DevOps platform and open-source runtime security project Falco.

“We have default Falco rules, better vetted by the open-source community to detect crypto mining,” Anderson said. CPU spikes are identified through resource abuse metrics, allowing compromised workloads to be identified.

Sysdig created Falco in-house in 2016 and donated the project to the Cloud Native Computing Foundation in October 2018. In January 2020, Falco became the first runtime security project to reach incubation-level and is known in the OS community as the “de facto Kubernetes threat detection engine.”

Sysdig remains very involved in the project, and in February 2021 the company contributed the equivalent of 100,000 coding hours with a donation of the Sysdig kernel module, extended Berkeley Packet Filter (eBPF) probe, and Falco libraries to the CNCF.

Open-source adoption is driven by increased demand for built-in security

It seems counterintuitive that application security can be increased by making software code open. But increased enterprise adoption of open source is a positive move for application security, according to Anderson.

“Open source is building a lot of fundamental platform-level security in by default,” he said. “With Kubernetes, you can enforce service-to-service communication. You put a service mesh on top of that, and you can almost pretend it’s a [web application firewall] sometimes.”

Sysdig’s unique value proposition is that it provides both monitoring and security through a single platform, according to Anderson.

“DevOps teams can go into one product, see what they need for capacity planning, chargebacks, health monitoring, and then in the same interface go in and see, ‘OK, is that Kubernetes cluster meeting my SOC 2 controls?’” he said.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the AWS Startup Showcase: New Breakthroughs in DevOps, Analytics, and Cloud Management Tools event. (* Disclosure: Sysdig Inc. sponsored this segment of theCUBE. Neither Sysdig nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU