The container security space garnered a new entrant as Sysdig launched its Secure product targeted at providing greater visibility and orchestrator integration.
Apurva Davé, vice president of marketing at Sysdig, explained that the container platform integration allows for runtime detection across distributed, dynamic, and ephemeral container deployments. This includes insight into an organization’s application, container, host, or network.
If a security threat is detected, Davé said Secure users can block or quarantine the impacted area.
The new product is part of Sysdig’s Container Intelligence Platform. Sysdig is offering the Secure product as either cloud-based or on-premises.
“We already have a monitor and troubleshooting tool, and I think we are the first to now unify security and monitoring in a microservices friendly way,” Davé said.
The forensic capabilities from the underlying platform allows an organization to have an incident report on security issues. The report can include any potential policy violation, user activity, system call, or data written to a file.
Davé cited the forensic capabilities as being critical in dealing with the short shelf life of containers.
“Our instrumentation leverages the same capabilities of our forensic product to provide full visibility into containers,” Davé explained. “That’s what we mean by runtime. As they are running we can alert to any activity happening in real time.”
Customers can select either the open source version of the platform, which is targeted at basic container deployments, or a more robust commercial product. Davé noted the open source tools are for “deep troubleshooting around a single host” while the commercial product is more for aggregated deployments.
“We think these are very different products and very different use cases,” Davé said. “The commercial product is really for production environments at scale.”
Sysdig is competing against a number of players in the container security space, including Aqua Security, Layered Insight, and Twistlock. Davé said Sysdig’s breadth and depth differentiates it from its rivals.
In terms of breadth, Davé said Sysdig views containers more as a service instead of what makes up a running container. He explained that view was inline more with how Kubernetes or Docker views a container rather than how other security firms view containers.
As for depth, Davé said Sysdig’s analytics and forensics capabilities allow the company to dig deeper into what’s happening inside of a container.
“We think we have a depth advantage as to what’s happening inside a container that others can’t match,” Davé said.
Funds for Expansion
As part of the Secure product launch, Sysdig also announced it had raised $25 million in new funding that it plans to use to expand. The Series C round was fully consumed by Accel Partners’ Growth Fund. Accel has participated in past funding, with Sysdig now having raised $52 million in total funding.
Davé said Sysdig is also planning to use its analytics capabilities to launch additional products.
“We know most operators and organizations have day jobs, and are not sitting around dreaming about math problems,” Davé said. “We think we have a system to analyze what’s happening on the network and can use deep learning insight to enable an effective leverage of that insight.”
Davé said that work might not lead to an actual product, and instead could be just an update to its current work.
“Data is cheap,” Davé said. “It’s how you make action out of that data that is important in the market. We think we are in a good position to help organizations.”