Capsule8 Launches Linux-Based Container Security Platform
Cybersecurity startup Capsule8 this week announced that it has raised US$2.5 million to launch the industry' s first container-aware, real-time threat protection platform designed to protect legacy and next-generation Linux infrastructures from existing and potential attacks.
CEO John Viega, CTO Dino Dai Zovi and Chief Scientist Brandon Edwards, all veteran hackers, cofounded the firm. They raised seed funding from Bessemer Venture Partners, as well as individual investors Shandul Shah of Index Ventures and ClearSky' s Jay Leek.
" The cloud has catapulted Linux to the most popular platform on the planet, and now the use of container technology is exploding," said Bob Goodman, a partner at Bessemer. " Yet there has been no world-class commercial security offering focused on securing the Linux infrastructure -- until now."
Capsule8 is solving the difficult problem of providing zero-day threat protection for Linux, whether it be legacy, container or some combination of the two, he added.
Windows protection tends to focus on " find the bad executable," which makes sense in that environment because bad executables are ubiquitous in an attack, noted Capsule8' s Viega.
The other typical approach in Linux is a network appliance, Viega said. However, there is not much context on the network, particularly as end-to-end encryption starts to become ubiquitous in the enterprise, so this approach doesn' t find much and leads to many spurious alerts.
" The result is that most Linux compromises either go undetected or are a surprise -- companies find their data on a forum at a later date and they find they had no clue they were attacked," he explained.
Among the most noteworthy incidents, the company cited the massive breach at Yahoo, which went undetected for years until the stolen data showed up on the Web.
While Linux-based systems present many of the same security problems as Windows-based systems, the biggest difference in attacks can be found around malware, according to Mark Nunnikhoven, vice president of cloud research at Trend Micro.
On the defensive front, there' s a stark contrast in the amount of effort required to support the rapidly changing software on Linux platforms, Nunnikhoven pointed out.
" Given the nature of Linux and GNU, release cycles are a bit more erratic, and there' s a lot more variation that requires a mature and robust response by security providers," he said.