The concept of employing separate platforms to monitor and secure containers soon may be obsolete if Sysdig has its way. The company has added a Sysdig Secure module to provide visibility into container runtimes and apply polices to secure them and analyze how they might have been compromised.
Apruva Davé, vice president of marketing, says Sysdig Secure employs the same instrumentation, user interface and analytics engine the company developed to monitor containers. Now those offerings are being extended in a way that eliminates the need for a separate container security platform. Sysdig Secure will be demonstrated for the first time this week at the DockerCon Europe 2017 conference.
In addition to enabling DevOps teams to detect anomalous container behavior, Davé says organizations can also implement policies against all containers deployed on a platform. A Sysdig Capture capability also allows organizations to capture all the activity that occurred before and after a breach was discovered. Davé says that the cloud service comes with deep integration with Kubernetes, Docker, AWS ECS and Mesos platforms to make it easier to unify the monitoring and securing of entire microservices based on containers.
In the future Davé says Sysdig will continue to invest in machine learning algorithms to inject higher levels of artificial intelligence across all the modules the comprise the Sysdig Container Intelligence Platform. To help fuel those efforts the company announced it has also raised an additional $25 million in funding.
Beyond simply trying to expand into an adjacent market, Davé notes that adding security tools to the company’s portfolio makes sense because one integrated DevOps team is now typically responsible for both ongoing operations and security of containerized applications. As part of the whole DevSecOps trends that shifts responsibility left toward developers, Davé notes that it’s increasingly become common for IT security specialists to be included in the DevOps team instead of looking for vulnerabilities after the application has already been built.
Davé contends that applications deployed on containers are more secure because IT organizations can more granular visibility across a range of microservices versus what can be achieved when monolithic applications are deployed on top of virtual machines. Fixing IT security issues is also easier because instead of patching the application, a developer simply replaces one set of containers with another in way that is less disruptive to the entire application environment.
Regardless of what level of IT security can be achieved, there’s no doubt the No. 1 reason more containers aren’t being deployed in production environments is security. IT organizations tend to be conservative when it comes to deploying new technologies. In the case of containers, however, the need to accelerate the rate at which applications are built and deployed is trumping traditional security concerns. Organizations must figure out not only how to manage those containers, but also secure them in a way that generates the least amount of DevOps friction possible.