Owner security

Sysdig Creates Open Source Solution for Cloud and Container Security in Modern Infrastructure

The container and cloud security market wave of growth, and one of the companies that takes advantage of this opportunity is Sysdig Inc.

Founded in 2013, Sysdig was born from an open source project aimed at solving the problems of modern container-based infrastructure. The founder and CTO of the company, Loris Degioanni (photo), had successfully combined an open source implementation for a network analyzer with a commercial solution at his previous company called CACE Technologies.

Degioanni and his colleagues at Sysdig believed that the growth of applications in cloud environments would require new monitoring and security tools.

“Let’s try to figure out where the cloud is going, where the containers are going,” Degioanni said. “What does it mean to offer deep, rich yet at the same time lightweight and easy-to-deploy security and visibility for a new way of writing software? This is how Sysdig was born.

Degioanni spoke with Jean Furrier, host of theCUBE, the live streaming studio of SiliconANGLE Media, before AWS Startup Showcase: Innovations in the Open Cloud an event. They discussed how the move from internal network devices to the cloud required a different monitoring solution, the development of Sysdig’s offering from an open source project, the company’s close partnership with Amazon Web Services Inc. and the importance of trust in the community. software development based. (* Disclosure below.)

Decode the network

Degioanni built his previous business on an open source network analysis tool called Wired shark, which was ultimately acquired by Riverbed Technology Inc. in 2010. Wireshark is a packet analyzer that allows users to see what is going on in the network on a microscopic level.

“When we were doing network packets, we were using network devices to collect information,” Degioanni recalls. “The data that is transferred over the network has very nice properties; it is rich and very deep. When you can see and decode what is happening on the network, you can understand what applications are doing. Packages never lie.

But by the middle of the last decade, the landscape had changed. Companies were rapidly moving their operations to the cloud and a packet-based approach was no longer practical.

“Suddenly we go to the cloud and the router, which was the point of view of this beautiful way of doing security and visibility, is gone,” Degioanni said. “I was sure what we were doing before was useful and powerful for users, but I was also sure the world was going to change. The modernized solutions weren’t going to work, so I decided to start from scratch.

Dependence on Falco

The solution has become Falco, an open source project originally created by Sysdig and now managed under the auspices of the Cloud Native Computing Foundation. Secure sysdig uses Falco to continuously detect threats and abnormal behavior in containers, Kubernetes and the cloud.

“A substantial part of our commercial product is an extension of Falco,” Degioanni explained. “I compare Falco to the security camera for your containers, your hosts and your cloud infrastructure. In software infrastructures, you can still have your firewall, but then you use a “security camera” like Falco which is able to observe every container, every process, every machine and every network connection. “

Sysdig has partnered with AWS to refine the open source Falco project. In October, Sysdig announcement that AWS would provide a CloudTrail plugin for real-time detection of unusual behavior in Amazon cloud services using Falco rules. The plug-in for Falco provides a basis for supporting other cloud environments and operating systems.

“A tool like Falco can also be AWS Fargate’s security camera,” Degioanni noted. “AWS and the Amazon team members have made many contributions to Falco. “

Trust the community

Sysdig’s customer base grew by 140%, serving nearly 700 customers, with average annual recurring revenues of over $ 875,000 for its major customers. The company recently completed a round of series G which raised $ 350 million in additional funding.

Business reliance on open source tools has come under scrutiny in recent months, following a series of cyber attacks that exploited vulnerabilities in community-driven software. Sysdig’s solution and ongoing coordination with CNCF provide an example of how the open source world is addressing security challenges in the rapidly evolving cloud-native ecosystem.

“Our goal was to fill the void in runtime security for containers, for Kubernetes and also for the cloud, but we have to do it in a way that is community-first,” said Degioanni. “It’s a great partnership because the CNCF is a great home for all of these projects and really allows users to trust a project in a way they know. Users can trust this project and know that it is community driven.

Watch the full video interview below and be sure to find out more about SiliconANGLE and theCUBE coverage on the AWS Startup Showcase: Innovations in the Open Cloud an event. (* Disclosure: Sysdig Inc. sponsored this segment of theCUBE. Neither Sysdig nor any other sponsor has editorial control over the content of theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

Show your support for our mission by joining our community of Cube Club and Cube Event experts. Join the community which includes Amazon Web Services and Amazon.com CEO Andy Jassy, ​​Dell Technologies Founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many other luminaries and experts.