Capsule8, a Brooklyn, NY-based security startup, emerged from stealth today to debut its container-aware threat protection platform for Linux.
Headed by CEO John Viega, formerly the executive vice president of cloud security specialist Silversky and CTO of McAfee's SaaS unit, the company has raised $2.5 million to date. Investors include Bessemer Venture Partners as well as Shardul Shah of Index Ventures and Jay Leek of ClearSky.
The company's leadership includes co-founder and CTO Dino Dai Zovi who hails from Square where he served as the company's Mobile Security Lead. He is also a member the influential BlackHat Review Board and holds the distinction of winning the first PWN2OWN hacking competition at CanSecWest 2007. Co-founder and chief scientist Brandon Edwards is the former vice president of Threat Labs of BAE Systems, which acquired Silversky in 2014.
Launching this spring, Capsule8's namesake platform will provide zero-day threat protection for cloud and on-premises Linux-based infrastructures, especially those running containers. As John Viega told eSecurity Planet, containers inherit many of the security challenges Linux admins struggle with, compounding the potential risks to their environments.
"Containerized applications are Linux applications, and most of the same threats apply: software vulnerabilities, misconfigurations, weak authentication, and so on," he said. "Capsule8 monitors containers and Linux Machines in real-time, protecting against these kinds of problems, and giving the visibility into what happened that is sorely lacking in Linux."
Enterprise adoption of Docker and other application container platforms is skyrocketing, and not only as a means to add agility to an organization's software development efforts.
A June 2016 report from the Cloud Foundry Foundation and ClearPath Strategies found that most organizations (64 percent) planned to use containers in production within a year, on top of the 16 percent that were already doing so. Last spring, Shippable discovered that more than half of all developers surveyed by the company were using container technologies to deploy new applications in production.
Capsule8 provides data center operators with security visibility into the entire Linux infrastructure, including the aforementioned containers, virtual machines, and of course, bare-metal servers. Using a blend of artificial intelligence and security analytics capabilities, the platform can spot the signs that unreported vulnerabilities are being exploited.
Nuanced alerting capabilities cut down on false alarms, reducing alert fatigue and stress levels among IT security personnel. Capsule8 also integrates with security information and event management (SIEM) solutions and forensic tools, enabling customers to further tailor the product to their environments.