Virtualization Technology News and Information
VMblog's Expert Interviews: Sysdig Talks New CEO, Containers, DevSecOps and the Road Ahead

Containers and microservices are becoming a standard way of delivering infrastructure.  And a new way of working brings with it new challenges, and that's where Sysdig comes in.  The company focuses on monitoring containers, ensuring their security and keeping container-based infrastructures safe with their container intelligence platform.  A recent piece of notable news, the company hired a new CEO to take the company reins, former Nimble Storage president and CEO, Suresh Vasudevan.  To learn more about why he joined the company, the opportunity, its technology and the road ahead, I went straight to the source and spoke with Vasudevan himself.

VMblog:  You were at Nimble Storage from 2011, its youngest days, through a $1B+ IPO and an acquisition by Hewlett Packard Enterprise (HPE) in 2017.  Why the change from storage to microservices?

Suresh Vasudevan:  Leading Nimble Storage was one of the most gratifying professional experience of my life. I wasn't sure how I could ever top that, so it took me awhile to find something I was excited about. There were a few things I was looking for, both in terms of the challenge and in the company.

With regards to the technical challenge, it was important for me to find a big market experiencing rapid and chaotic changes. That's typically where the opportunity is to make the biggest impact in the market. It became apparent early in my search that microservices and containers are a radical, fundamental shift that will change the way enterprises build and deliver applications. Development speed is a huge advantage in today's world. With that said, the move poses operational challenges for monitoring and security as monolithic applications break down into composable applications comprised of dozens or even hundreds of inter-dependent services. This massive rethinking of traditional monitoring and security approaches and solutions is what Sysdig is solving.

VMblog:  You said that market growth opportunity was important to you, but there are other container companies out there playing in the same space.  Why Sysdig?

Vasudevan:  Two reasons. The first is that Sysdig has a fundamentally new and valuable insight that underpins the technology, which is something that is important to me. Sysdig has unlocked a new data source at the heart of applications - and this insight allows Sysdig to offer unified security, monitoring, AND forensics. No one else can offer something so elegant, powerful, and flexible.

The second reason Sysdig stands above the rest is the team. I have had the fortune of working at companies such as NetApp and Nimble, and I believe deeply that organizational culture is perhaps a more enduring differentiator than strategy or execution. I am so impressed by the team we've assembled at Sysdig. Everyone is here for the same reason: driving the industry transformation towards containers and microservices as the foundation for modern application development.

You can have the best technology in the world, but without the right people behind it, it's not going anywhere.

VMblog:  AIRO (Analytics, intelligence, response and orchestration) is one of the big concepts that came out of RSA.  DevSecOps are being told they need a toolset that enables common processes, but Sysdig has been offering a toolset for a while now.  Tell me about how Sysdig got here before anyone else.

Vasudevan:  I like the founding story of Sysdig because it reaffirms a belief I have long held - the most innovative technology comes from unique insight.

You see, Loris Degioanni, the founder and CTO of Sysdig, was one of the co-creators of WireShark, a tool used daily by millions to monitor and troubleshoot networking infrastructure. With the widespread adoption of the cloud and the advent of containers, he saw a likely gap in providing security, visibility, and troubleshooting in a world where there is no span port to tap into.

Loris realized that in cloud-native applications, every interaction with a host - application accesses, network activity, file reads and writes and so on - translates into a system call within the kernel. Loris was able to enrich system calls with all the relevant context and translate those calls into a stream of metrics and events to be analyzed in real-time and at scale.

Loris' insight led him to unlocking a new data source at the heart of applications. We call this capability ContainerVisionTM, which is foundational to our open source and commercial projects. With the ability to capture and tag so much data, Sysdig is able to provide a unified platform with superior insights, allowing developers and DevOps to move faster while unifying security and monitoring across their operational environment.

VMblog:  Sysdig first launched their open source product and then followed with the commercial product.  Can you tell me about both technologies and the strategy there?

Vasudevan:  We always had the vision of creating a unified platform, but true to our background, we started with composable, open source technology that the entire community could leverage. The Sysdig open source project started as a troubleshooting and forensics tool that used a new instrumentation point to capture way more information than typical tools like htop, lsof and the like, and add container context. Sysdig enables DevOps to analyze containers and orchestrators in real time, or capture container activity for later forensics.

For example, you should read "Fishing For Hackers," one of Sysdig's earliest forensics stories involving a compromised server, a honeypot, and a Russian bot scheme. I'll let you read the rest of that story later!

We then followed with Sysdig Falco, our second open source tool, which provides container security. There was a major gap around security in the container community, and we were excited to fill it in a powerful and flexible way. It is exciting to know that millions now use these open source tools.

Open source tools are great for developers and smaller organizations, but larger enterprises need software and services that scale, have robust management, and provide simpler interfaces. That's why we created the Sysdig Container Intelligence Platform on top of these projects. With just one instrumentation point and one data storage backend, we can then offer a series of applications like Sysdig Monitor and Sysdig Secure, which allow enterprises to solve a broad range of operational requirements faster, more efficiently, and more cost effectively.

VMblog:  What do you think are the barriers keeping enterprises from adopting containers?

Vasudevan:  I think the barriers are getting lower and lower every day. People are excited and optimistic about what containers can do for their company. We have found that companies often pick an autonomous project to test container technology. Once deployment is successful, they then begin to transition other projects. Containerization is a new way to do things, it takes time for developers to learn the technology, to convince others to get onboard, and to make the move.

That has been happening over the past few years, but now we see Global 2000 companies adopting containers with increasing velocity. We've found that organizations who architect in a visibility and security strategy from day one have a competitive advantage: they see a faster adoption of their internal container platforms, with less resistance from security teams.

VMblog:  What is the biggest take away from your time as CEO at Nimble Storage that you are bringing with you to Sysdig?

Vasudevan:  Stay focused, build smart, and let the data guide you. If you focus on a core customer or use case and you really effectively solve those needs, there will be no end to your success. If you use your data to help you really understand how customers are using your product, you can quickly uncover how well you're solving that problem and how to adapt.

And as I mentioned before, it takes a special group of people who can think this way. They have to be mission driven, especially in something as new and demanding as containers. That's not easy to do - but I see it here at Sysdig.

VMblog:  What can we expect from Sysdig in the next six months?  The next year?

Vasudevan:  I am excited about the potential at Sysdig. Security is an emerging topic in containers, but we're the only ones who can converge security and monitoring on the same platform. That gives our users an advantage with more data to get from insight to resolution faster.

Looking forward, you can expect us to expand on and continue to build out the already robust Sysdig Container Intelligence Platform. For example, last month we launched our Kubernetes Security Guide to help DevSecOps harden their orchestration tool. Expect a lot of this to flow into our next big Sysdig Secure release this summer. I don't want to give too much away but stay tuned for DockerCon.

And speaking of Docker, you might recall the Docker Usage Report we produced last year... we'll be updating it very soon. Expect some surprising insights!


Published Wednesday, May 09, 2018 8:08 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<May 2018>