Capsule8 Launches Linux-Based Container Security Platform
Computer & Internet

Capsule8 Launches Linux-Based Container Security Platform

Cybersecurity startup
Capsule8 this week introduced that it has raised US$2.5 million to launch the business’s first container-aware, real-time menace safety platform designed to guard legacy and next-generation Linux infrastructures from current and potential assaults.

CEO John Viega, CTO Dino Dai Zovi and Chief Scientist Brandon Edwards, all veteran hackers, cofounded the agency. They raised seed funding from Bessemer Enterprise Companions, in addition to particular person buyers Shandul Shah of Index Ventures and ClearSky’s Jay Leek.

“The cloud has catapulted Linux to the preferred platform on the planet, and now using container know-how is exploding,” mentioned Bob Goodman, a accomplice at Bessemer. “But there was no world-class industrial safety providing targeted on securing the Linux infrastructure — till now.”

Capsule8 is fixing the tough downside of offering zero-day menace safety for Linux, whether or not it’s legacy, container or some mixture of the 2, he added.

Linux Focus

Home windows safety tends to concentrate on “discover the unhealthy executable,” which is smart in that setting as a result of unhealthy executables are ubiquitous in an assault, famous Capsule8’s Viega.

Nonetheless, that strategy does not work properly in a Linux setting, so Capsule8 focuses on detecting and defending towards system compromise, he instructed LinuxInsider.

The opposite typical strategy in Linux is a community equipment, Viega mentioned. Nonetheless, there may be not a lot context on the community, significantly as end-to-end encryption begins to turn out to be ubiquitous within the enterprise, so this strategy does not discover a lot and results in many spurious alerts.

“The result’s that the majority Linux compromises both go undetected or are a shock — corporations discover their information on a discussion board at a later date and so they discover that they had no clue they have been attacked,” he defined.

Among the many most noteworthy incidents, the corporate cited the huge breach at Yahoo, which went undetected for years till the stolen information confirmed up on the Internet.

Whereas Linux-based techniques current lots of the similar safety issues as Home windows-based techniques, the most important distinction in assaults could be discovered round malware, in line with Mark Nunnikhoven, vp of cloud analysis at Trend Micro.

“Whereas we do frequently see malware focusing on Linux techniques, it is a extra widespread prevalence that the malware implanted on Linux techniques is there to be distributed to Home windows shoppers connecting to that Linux system,” he instructed LinuxInsider.

On the defensive entrance, there is a stark distinction within the quantity of effort required to assist the quickly altering software program on Linux platforms, Nunnikhoven identified.

“Given the character of Linux and GNU, launch cycles are a bit extra erratic, and there is much more variation that requires a mature and strong response by safety suppliers,” he mentioned.

Buyer Base

Capsule8 already has signed up clients for its prerelease product, together with SourceClear and Specifically.

Capsule8 is the primary product that dietary supplements SourceClear’s predeployment detection with runtime menace safety for Linux techniques, CEO Mark Curphey mentioned.

There are three core rules that ought to information choice making when adopting new know-how, advised Daniel Leslie, director of cybersecurity and know-how at Specifically. They’re scalability, maintainability and safety.

Defending infrastructure at scale with out sacrificing stability or efficiency is crucial, he mentioned.

Analytics vs. EDR

Capsule8 doubtless will take an agent-based strategy primarily targeted on visibility, speculated Adrian Sanabria, senior analyst for data safety at 451 Research.

“They’re speaking about gathering tons of particulars about what is going on on with the working system, processes, purposes, community connections, file exercise, and so forth.,” he instructed LinuxInsider.

“I feel EDR (endpoint detection and response) is definitely the perfect and closest comparability I can discover — it’s extra like that, based mostly on the main points I can discover to date,” Sanabria maintained.

There is a huge distinction between safety analytics merchandise and EDR, in that “EDR merchandise are typically workstation-based, and none of them are container-aware that I do know of,” he identified.

“On the container aspect, there’s lots of competitors already,” Sanabria continued, “however not one of the container safety startups are doing Linux safety. The one exception can be Development Micro. The most recent launch of Deep Security consists of container-aware assist, and the product actively defends towards assaults, whereas it appears like Capsule8 will initially simply be a monitoring product.”

Industrial container safety might be Capsule8’s finest wager for development, he advised.

“451 does lots of enterprise surveying regularly,” Sanabria famous, “and I’ve received to say, ‘Linux Security’ is one factor I’ve by no means seen on the listing of ‘ache factors’ — even on the backside of the listing.”
Capsule8 Launches Linux-Based Container Security Platform

Related posts

Mesh Networks: The Future of Police Patrolling


Amazon Deploys Army of Echoes Against Oncoming Threats


Twitter Sets Up Privacy Center but Moves to Skirt GDPR