Today marks a milestone in our short and exciting life at Capsule8. We are launching our flagship platform, Capsule8 Protect, into beta with some of the most exciting companies on the planet. You can read the official announcement here but I thought the time was right to share our backstory. How we got here and what drives our production innovation.
My co-founders and I have spent our careers in cyber security and we came together because we knew that the way security needed to work for the modern enterprise needed to drastically change. Let’s face it – the cybersecurity industry has been iterating on the same fundamental ideas and approaches for the last two decades and real change needs to happen if we are going to embrace the world of microservices, containers and cloud technologies. To figure out what the change needed to be, we started by looking at and talking to some of the largest companies at the forefront of the microservices movement. These Silicon Valley giants were in the process of building custom security systems that look fundamentally different from the traditional enterprise. They were applying loads of time, talent and dollars to tackle what’s broken in cybersecurity – and frankly filling the gap since traditional security solutions largely don’t apply in the cloud-native enterprise.
So what’s so different?
First, in the traditional enterprise, a bunch of security appliances collect massive amounts of logs, which are shipped to a centralized server for analysis. Then, if they’re lucky, an alert might pop out 24 hours later to say, “You’re hacked.” These modern companies didn’t want to wait 24 hours to find out. So they are building out real-time streaming detection platforms in house. Real-time requires a different, more strategic analytics approach. It requires that you collect far more system data then you can get from a network device. They use all this signal and their hired security expertise to produce vastly fewer alerts, with vastly fewer false positives.
Second – and perhaps what we get most excited about — is that they automate responses to those alerts – actually shutting them down without human intervention. That’s why they all have tiny response teams, whereas a traditional enterprise of the same size have a SOC in the background with 50+ people supporting them.
When we then went out and talked to 40+ additional large enterprises looking to move toward containers and microservices. They told us that they want the kind of same real-time, automated threat protection and response capabilities. They don’t want to spend a lot of time and resources triaging false positives. They want to focus on detecting attacks as they happen, not after the fact. And they want to be able to respond automatically whenever possible – but they need to do it in a way that isn’t going to put the performance or stability of their applications or networks at risk.
So that is what Capsule8 is delivering. We are bottling up what we learned and combining it with the expertise of our team to deliver next-gen threat protection for every enterprise looking to modernize. We’re delivering the industry’s only threat prevention and response platform purpose-built for cloud-native infrastructures. We are bringing continuous security to an enterprise’s production environment, allowing them to detect and shut down attacks in the instant they happen – without impacting performance.
Importantly we recognize that enterprises will take a long time to fully move to next-gen infrastructure, so we are building our platform in such a way that it can support legacy Linux production environments at the same time.
And we are just getting started. So stay tuned. We are excited for what’s coming.