Sysdig, Inc., the cloud-native intelligence company, today announced that the Sysdig Cloud-Native Intelligence Platform and
Sysdig's open source technologies now leverage extended Berkeley Packet
Filter (eBPF) to deliver visibility and security for
container-optimized Linux platforms. eBPF, a Linux-native in-kernel
virtual machine, enables secure, low-overhead tracing for application
performance and event analysis. With new Sysdig-engineered eBPF
programs, Sysdig extends its technology to purpose-built container
operating systems, including Google's Container-Optimized OS (COS) and Red Hat's Project Atomic Host.
"Visibility
and security are critically important issues when it comes to
containerized environments," said Loris Degioanni, chief technology
officer and founder at Sysdig. "By offering a unified platform, we're
enabling collaboration between historically separate teams and provide
everyone with the same rich data so the entire team understands the
entire system and they are speaking the same language. eBPF provides an
opportunity for us to deliver our solution to more enterprises,
including those operating in container-optimized environments."
451 Research predicts the application container marketplace will reach $4.3 billion by 2022,
a compound annual growth rate (CAGR) of 30%. Containers give
enterprises greater flexibility to run applications across clouds and,
more than any other technology, are helping to make multi-cloud and
hybrid-cloud a reality. Sysdig solves the multi-cloud visibility
challenge by providing cross-cluster and cross-cloud visibility and
security - now supported with full functionality using eBPF.
The Benefit of ContainerVision with eBPF
Sysdig's
engineered eBPF programs can be leveraged by ContainerVision, Sysdig's
patented data collection technology that is responsible for providing
visibility inside containers. ContainerVision is at the core of all
Sysdig software and it is what gives enterprises a complete,
unobstructed view inside their environment. The new eBPF support enables
users to deploy Sysdig solutions to monitor and secure next-generation
operating systems designed for running containers. These operating
systems, including Container-Optimized OS (COS) from Google Cloud
Platform and Project Atomic Host from Red Hat, which pre-install
container runtimes and Kubernetes components, feature an immutable
infrastructure approach designed with a minimal footprint to enhance
operational security and scale.
As more enterprises move to container-based cloud environments, the demand for container and Kubernetes monitoring and security capabilities
has increased. Sysdig is the only platform with a combined solution for
both. Enterprises that pair container-optimized platforms with Sysdig's
eBPF implementation gain deep views into their infrastructure and
applications along with the ability to operate secure environments with
greater confidence while resolving issues more quickly.
Sysdig is Committed to Open Source
Sysdig launched in 2013 with sysdig,
its open source monitoring technology. Since then, beyond the company's
visibility and security platform, Sysdig has launched additional open
source projects, including Falco,
the open source runtime security project from Sysdig that was added as a
Cloud Native Computing Foundation Sandbox project last year. Sysdig is
committed to the open source community and has contributed more than a
dozen enhancements to the eBPF project over the last several years.
eBPF Reinforces the value of kernel-level instrumentation
The
popularity of eBPF-based kernel tracing further reinforces Sysdig's
kernel-level instrumentation that delivers seamless performance and
security observability for hosts, containers, and infrastructure. By
observing activity at the kernel-level, Sysdig solutions deliver deep,
granular visibility with transparent instrumentation that eliminates the
overhead and risk of adding monitoring and security code into
individual container images.
Availability
eBPF is now available with the latest releases of Sysdig's open source projects - sysdig and Falco - to enterprises running Linux Kernel Version 4.14 or higher. It will be available with Sysdig's unified agent for Sysdig Monitor and Sysdig Secure in March.