October 25, 2022 | By Anik Bose, General Partner at BGV
“Everything is moving to the cloud” is old news. So old, in fact, that applications that are born and bred in the cloud are quickly becoming the norm. Kubernetes- and other container-based architectures are widespread, with 93% of developers using or planning to use containers in production, according to the 2022 survey of the Cloud Native Computing Foundation.
Cloud native development is valued for providing the ability to move fast and stay agile. Highly configurable environments and automated scaling enable greater responsiveness to user needs with less operational friction and engineering effort. Sounds utopian… until you realize that “fast and agile” usually stands in direct opposition to “guarded and secure.” Kubernetes is a great case in point: so many of the default settings enable open networks and communication to facilitate developer productivity – at the inevitable expense of security.
The recent cloud native development trend to “shift left” and make security testing an integral part of the application DevOps process is helpful, but it doesn’t come close to covering all the bases. Pre-release security operations such as code scanning can only test for known security issues and vulnerabilities. What about the unknown? What about new threats or unforeseen angles of attack? It’s unsurprising, therefore, that 57% of the DevOps, engineering and security professionals surveyed by RedHat about Kubernetes security pointed to securing workloads at runtime as their biggest concern.
Spyderbat provides an automated, cloud native security solution that enables enterprises to secure their workloads from first line to runtime. With Spyderbat, DevOps and SecOps teams are no longer restricted to code scanning, compliance/configuration management and manual runtime security approaches. They now have the ability to detect and stop attacks at runtime across the software development life cycle in their Linux VMs and Kubernetes clusters.
Rather than attempting to anticipate every possible attack technique, Spyderbat uses ground-truth eBPF data to construct an exhaustive map of all ongoing system activities within and across both cloud systems and their containers. With runtime visibility into the entirety of the environment, Spyderbat recognizes significant workload behavior deviation, allowing analysts to intercept and shut down attacks live.
At BGV, we co-led the Series Seed investment (and participated in the series round) in Spyderbat, a company that has taken on the challenge of pioneering an industry first cloud native run time security solution. The company was founded by serial entrepreneurs Marc Willebeek Lemair and Brian Smith who pioneered intrusion prevention innovation at Tipping Point.
Agile and Secure: Transforming the Enterprise
Our investment in Spyderbat is representative of our focus on Enterprise 4.0: the companies and technologies that enable the digital transformation of the enterprise through disruptive cloud and AI innovation. Digital transformation is driving re-platforming to cloud and cloud native architectures rendering legacy manual “connect the dot” approaches to cybersecurity obsolete. This problem is further exacerbated by the DevOps/SecOps gap where SecOps lacks cloud/linux expertise and is largely blind to DevOps creating a tension between the need for speed to release containers and doing so securely.
Spyderbat is a prime example of an Enterprise 4.0 company. Cloud native security innovations that generate immediate business value and significant ROI improvements for their customers are a foundational part of Enterprise 4.0. With 31% of RedHat’s Kubernetes security survey respondents experiencing revenue or customer loss due to a security incident over the last 12 months, and 55% delaying or slowing down application deployment due to security concerns, Spyderbat’s immediate benefit to all areas of the cloud native enterprise, from development and operations to customer satisfaction, becomes obvious.
The demand for cloud native automated runtime security will only grow in the future, as cloud native container technology in general, and Kubernetes specifically, goes “under the hood,” being integrated into other services, technologies and platforms that are offered directly to users.
Given the high rate of change, the growing attack surface, the faster DevOps cycle with multiple code pushes per day, and the current supply chain vulnerabilities, cloud security demands automation – and Spyderbat provides it spectacularly.
Contributing to the Community
At BGV, we are not only impressed with Spyderbat’s commercial cloud security offering, but also by its participation in the open source cloud security community.
Spyderbat’s open source projects include Spydertop, an htop-like tool for historic understanding of a workload’s process behavior, and the Spyderbat Falco Connector, which integrates the popular Falco open source tool for container security with the Spyderbat platform.
With an open source program aiming to contribute useful visibility and security tools to anyone who works in a cloud native environment, Spyderbat shows that solving real-world problems for real cloud developers is not only a business model, but a value. We are excited about our involvement with Spyderbat, and look forward to seeing and facilitating their growth.