Containers and microservices are becoming a standard way of delivering
infrastructure. And a new way of working brings with it new challenges, and that's where Sysdig comes in. The company focuses on monitoring containers, ensuring their
security and keeping container-based infrastructures safe with their container intelligence platform. A recent piece of notable news, the company hired a new CEO to take the company reins, former Nimble Storage president and CEO, Suresh Vasudevan. To learn more about why he joined the company, the opportunity, its technology and the road ahead, I went straight to the source and spoke with Vasudevan himself.
VMblog: You were at Nimble Storage from 2011, its
youngest days, through a $1B+ IPO and an acquisition by Hewlett Packard Enterprise (HPE) in 2017. Why
the change from storage to microservices?
Suresh Vasudevan: Leading
Nimble Storage was one of the most gratifying professional experience of my
life. I wasn't sure how I could ever top that, so it took me awhile to find
something I was excited about. There were a few things I was looking for, both
in terms of the challenge and in the company.
With regards to the technical challenge, it
was important for me to find a big market experiencing rapid and chaotic
changes. That's typically where the opportunity is to make the biggest impact
in the market. It became apparent early in my search that microservices and
containers are a radical, fundamental shift that will change the way
enterprises build and deliver applications. Development speed is a huge
advantage in today's world. With that said, the move poses operational challenges for monitoring and security as monolithic
applications break down into composable applications comprised of dozens or
even hundreds of inter-dependent services. This massive rethinking of
traditional monitoring and security approaches and solutions is what Sysdig is
solving.
VMblog: You said that market
growth opportunity was important to you, but there are other container
companies out there playing in the same space. Why Sysdig?
Vasudevan: Two reasons. The first is that Sysdig has a
fundamentally new and valuable insight that underpins the technology, which is
something that is important to me. Sysdig has unlocked a new data source at the heart of
applications - and this insight allows Sysdig to offer unified security,
monitoring, AND forensics. No one else can offer something so elegant,
powerful, and flexible.
The second reason Sysdig stands above the rest
is the team. I have had the
fortune of working at companies such as NetApp and Nimble, and I believe
deeply that organizational culture is perhaps a more enduring differentiator
than strategy or execution. I
am so impressed by the team we've assembled at Sysdig. Everyone is here for the
same reason: driving the industry transformation towards containers and
microservices as the foundation for modern application development.
You
can have the best technology in the world, but without the right people behind
it, it's not going anywhere.
VMblog: AIRO
(Analytics, intelligence, response and orchestration) is one of the big
concepts that came out of RSA. DevSecOps are being told they need a toolset
that enables common processes, but Sysdig has been offering a toolset for a
while now. Tell me about how Sysdig got here before anyone else.
Vasudevan: I like the founding story of Sysdig because it
reaffirms a belief I have long held - the most innovative technology comes from
unique insight.
You see, Loris Degioanni, the founder and CTO
of Sysdig, was one of the co-creators of WireShark, a tool used daily by millions to
monitor and troubleshoot networking infrastructure.
With the widespread adoption of the cloud and the advent of containers,
he saw a likely gap in providing security, visibility, and troubleshooting in a
world where there is no span port to tap into.
Loris realized that in cloud-native
applications, every interaction with a host - application accesses, network
activity, file reads and writes and so on - translates into a system call
within the kernel. Loris was able to enrich system calls with all the relevant
context and translate those calls into a stream of metrics and events to be
analyzed in real-time and at scale.
Loris' insight led
him to unlocking a new data source at the heart of applications. We call this
capability ContainerVisionTM, which is
foundational to our open source and commercial projects. With the ability to
capture and tag so much data, Sysdig is able to provide a unified platform with
superior insights, allowing developers and DevOps to move faster while unifying
security and monitoring across their operational environment.
VMblog: Sysdig first launched their open source
product and then followed with the commercial product. Can you tell me about
both technologies and the strategy there?
Vasudevan: We always had the vision of creating a unified
platform, but true to our background, we started with composable, open source
technology that the entire community could leverage. The Sysdig open
source project
started as a troubleshooting and forensics tool that used a new instrumentation
point to capture way more information than typical tools like htop, lsof and
the like, and add container context. Sysdig enables DevOps to analyze
containers and orchestrators in real time, or capture container activity for
later forensics.
For example, you should read "Fishing For Hackers," one of Sysdig's earliest
forensics stories involving a compromised server, a honeypot, and a Russian bot
scheme. I'll let you read the rest of that story later!
We then followed with Sysdig Falco, our second open source tool,
which provides container security. There was a major gap around security in the
container community, and we were excited to fill it in a powerful and flexible
way. It is exciting to know that millions now use these open source tools.
Open source tools
are great for developers and smaller organizations, but larger enterprises need
software and services that scale, have robust management, and provide simpler
interfaces. That's why we created the Sysdig Container Intelligence Platform on
top of these projects. With just one instrumentation point and one data storage
backend, we can then offer a series of applications like Sysdig
Monitor and Sysdig Secure, which allow enterprises to
solve a broad range of operational requirements faster, more efficiently, and
more cost effectively.
VMblog: What
do you think are the barriers keeping enterprises from adopting containers?
Vasudevan: I think the barriers
are getting lower and lower every day. People are excited and optimistic about
what containers can do for their company. We have found that companies often
pick an autonomous project to test container technology. Once deployment is
successful, they then begin to transition other projects. Containerization is a
new way to do things, it takes time for developers to learn the technology, to
convince others to get onboard, and to make the move.
That has been
happening over the past few years, but now we see Global 2000 companies
adopting containers with increasing velocity. We've found that organizations
who architect in a visibility and security strategy from day one have a
competitive advantage: they see a faster adoption of their internal container
platforms, with less resistance from security teams.
VMblog: What is the biggest take
away from your time as CEO at Nimble Storage that you are bringing with you to
Sysdig?
Vasudevan: Stay focused, build
smart, and let the data guide you. If you focus on a core customer or use case
and you really effectively solve those needs, there will be no end to your
success. If you use your data to help you really understand how customers are
using your product, you can quickly uncover how well you're solving that
problem and how to adapt.
And as I mentioned
before, it takes a special group of people who can think this way. They have to
be mission driven, especially in something as new and demanding as containers.
That's not easy to do - but I see it here at Sysdig.
VMblog: What can we expect from
Sysdig in the next six months? The next year?
Vasudevan: I am excited about the potential at Sysdig.
Security is an emerging topic in containers, but we're the only ones who can
converge security and monitoring on the same platform. That gives our users an
advantage with more data to get from insight to resolution faster.
Looking forward, you can expect us to expand
on and continue to build out the already robust Sysdig Container Intelligence
Platform. For example, last month we launched our Kubernetes Security Guide to help DevSecOps
harden their orchestration tool. Expect a lot of this to flow into our next big
Sysdig Secure release this summer. I don't want to give too much away but stay
tuned for DockerCon.
And speaking of Docker, you might recall the Docker Usage Report we produced last year...
we'll be updating it very soon. Expect some surprising insights!
##