Zero-day attacks are one of the leading causes of compromises in enterprise security today. The industry has come a long way to protect against such attacks on the desktops but hasn’t made as good a progress when it comes to production environments. The scales in production environments are completely different for zero-day attacks as they hold mission-critical data and most importantly – customer information. Considering the nature of the data they handle, it is important to protect them. Capsule8 fends off such attacks with its purposefully built zero-day attack detection platform.
Headquartered in Brooklyn, New York the company was founded in 2016. Capsule8 is the industry’s first zero-day attack detection platform that is capable of bare metal, virtual machine, and container security for the modern day production environments. While many companies out there focus on network applications or the container, Capsule8 chooses to stop attacks as they happen.
The Zero-Day Attack Platform
Most companies use hybrid deployment with a server which handles data from multiple cloud computing platforms remotely. To protect a distributed environment, Capsule8 resorts to placing sensors on the cloud, and also at the data center – both bare metal and container. These sensors work to capture security-critical data from the infrastructure and analyze these instances. This enables Capsule8 to respond to zero-day attacks as they happen. So, the customers using the Capsule8 platform can automatically kill the attacker connections, restart workloads (either by restarting the whole process or restarting the container or even by doing an orchestrator-level restart) or immediately alert an investigator. A customer, in that way, gets to contain and deter an attack before it takes hold of your infrastructure.
Capsule8 with its distributed telemetry makes it easy to perform forensic investigations based on historical data, without impacting the network performance or storage. The platform also has a console that can analyze and display the data concerning the attack through simple integration of SIEMs, Orchestration tool, Slack or Big Data stores which can make central management easy.
The Capsule8 platform adapts as your production changes and scales. Plus, there is no SaaS component to it which gives the customers full control over their data and eliminates the risks of deletion or corruption of data by third parties. The system is modeled to be intelligent and responds to an attack in real-time.
Focusing on Linux
Linux is widely adopted in the enterprise but there is hardly a better security offering focussed on the Linux architecture than Capsule8. The approach by the company is clear – the company is keen on being the leading force when it comes to protecting the full Linux production infrastructure which is used pretty much by everyone in the industry.
Taking giant strides
Last year, in its series B funding round, the security company was able to rake in $15 million as investors were eager to see them jumpstart the process of getting their products out (even when the company itself wasn’t fishing for funds!).
Capsule8 was founded three years ago by a good mix of seasoned hackers and security entrepreneurs. The company, in the short time period, has made it possible for many enterprises to modernize their Linux-powered infrastructure without making compromises.
John Viega, Co-founder and CEO
Mr. Viega is a well-respected cybersecurity luminary who is widely known for his expertise in building defense systems that are capable of offering protection against exploitation of previously unknown vulnerabilities.
Prior to Capsule 8, he was the EVP of the cloud security provider SilverSky. He was responsible for transforming the company from a managed services provider to an innovative cloud security company. The company was subsequently acquired by BAE. At BAE, he served as the EVP of Product. Here, he was responsible for a portfolio of analytics products that included financial crime and security. He has also worked with the cybersecurity giant McAfee as its SaaS CTO.
Mr. Viega is also an award-winning author with as many as six books to his name. He has co-designed the GCM encryption mode, which is used for more than 70% of encrypted web traffic.
“Capsule8’s mission is simple: to make security teams happy – without making ops mad – by delivering the best possible protection for Linux workloads on the planet.”
Recognized for a pioneering approach
At the time of writing, Capsule8 has been named as one of the 10 finalists for the RSA Conference 2019 Innovation Sandbox Contest. The company has been recognized for its work in protecting Linux production environments (containerized, virtualized or bare metal). Capsule8 will present its technology to the high-power panel of judges and a live audience to compete for the coveted title of “Most Innovative Start-Up”.
“Capsule8 is the industry’s only real-time, zero-day exploit detection platform purpose-built for Linux production systems – whether containerized, virtualized or bare metal.”
“Capsule8 massively reduces security operations’ workload by automatically detecting and shutting down exploits as they’re happening – without adding any risk to production infrastructure.”
“Our real-time zero-day attack detection platform dramatically improves and simplifies infrastructure security today, while providing resilience for tomorrow’s containerized environments.”