Virtualization Technology News and Information
#KubeCon #CloudNativeCon Europe 2019 - VMblog Speaks with Sysdig Founder and CTO Loris Degioanni


The Cloud Native Computing Foundation’s flagship conference, KubeCon + CloudNativeCon Europe, is right around the corner, May 20 - 23, 2019 taking place this year in Fira Gran Via, Barcelona, Spain.  Ahead of the show, VMblog was able to speak with Loris Degioanni, founder and CTO of Sysdig. 

VMblog:  Can you tell me a little bit about your history and ultimately what led you to where you are today? 

Loris Degioanni:  My participation in open source goes back to my college days. I love the open source philosophy - there is a problem, let's fix it. I started my first company, CACE Technologies, out of college based on this principle. CACE Technologies is most well-known for Wireshark, an open-source packet analyzer still used for network troubleshooting and analysis today. Fast forward a little bit and during the early days of the cloud, I realized there was going to be a major visibility problem driven by the drastic increase in data and the ephemeral nature of containers. Thinking through this problem, we created sysdig, an open source container and microservices monitoring tool in 2013. The company by the same name has gone on to create additional open source and commercial security and troubleshooting technologies, including Falco, a CNCF project.

VMblog:  What are the biggest challenges enterprises face when moving to the cloud today?

Degioanni:  DevOps and security teams tasked with translating cloud-native architectures into operational reality struggle with ensuring reliable, secure, performant applications. Enterprises have struggled in the transition to production because they need vast amounts of data to see and secure their applications, but they need all that data with context to understand if their Kubernetes-based microservices are running reliably and securely. The concept of needing all this context - aka metadata or even tags - is relatively new -- monolithic approaches tended to be statically deployed and so it was easy to know who was doing what, and where. The cloud takes a different set of tools and a different mindset. Since moving to the cloud is relatively new, and moving to these dynamic architectures is also new, companies need to be careful. They need to make sure they have the right tools and their IT teams understand what they are getting into.

Another issue we see is that some enterprises have not yet built an employee community that engages with the cloud community -- both OSS and Enterprise. Cloud-native is interesting because it was born in open source, a collaborative approach to problems. Companies can now expect more than a typical vendor-customer relationship; now there is a higher-level of engagement with developers who are all using the same open source projects. For some companies, this takes some getting used to, but also presents great opportunities to accelerate innovation.

VMblog:  As the cloud or more specifically, Kubernetes, matures, how is cloud adoption changing?

Degioanni:  In the last six months we have seen a rapid increase in companies moving containers into production. Before, our customers had what we call "tiger teams," a small group that would test containers with a small project. However, in the last six months, there has been a massive shift in the number of enterprises moving their applications to the cloud. We definitely see that IT teams have greater confidence in the cloud and now there is more of a willingness to move important data over.

VMblog:  What about multi-cloud and hybrid-cloud, what are the next steps and how far off are we?

Degioanni:  Well, with announcements like Google GKE-On-Prem and the recent Google Anthos, we are getting a lot closer. Google Anthos enables enterprises to run and manage workloads across multiple clusters, clouds and hardware -- including managing environments that mix public clouds and on-premises hardware.

VMblog:  I think we can all agree that DevOps is real and has been adopted, but now we are hearing about DevSecOps. What are your thoughts on DevSecOps?

Degioanni:  DevSecOps is coming right behind DevOps. There will always be innovative companies that drive the needle forward before everyone else. When you think about security, government and financial institutions have some of the largest security concerns and many of these companies are actively adopting DevSecOps.

Take Airline Tariff Publishing Company (ATPCO) as an example, they are the pricing engine that enables seamless management of airfare across all of the major airlines. As they transitioned to cloud-native, they chose Sysdig to manage the risk, health and performance of their OpenShift platform because we provide a complete solution to their DevOps, security teams and service owners, enabling them to use one tool to better collaborate. When companies are moving to cloud-native, that is the time to rethink tooling and operations and it is the perfect time to simplify, consolidate and transition to tools built for modern environments and no longer rely on legacy approaches.

VMblog:  No one wants to talk about it, but things happen and sometimes something goes wrong. What challenges have you seen enterprises face?

Degioanni:  Of course, enterprises need to ensure they have the proper tools before something goes wrong, constantly pulling data from their environment and alerting on them. I have seen enterprises hold off on introducing security into their environment until production, but this is a major mistake because vulnerabilities should be identified and fixed before code is ever pushed live. However, zero-day threats are real and unavoidable. Enterprises need to have a ‘what if' strategy in place to give them the data and insight to find and isolate anomalous activity and work backwards to the root cause. Forensics boils down to another data challenge. It is important for enterprises to have access to data on all containers, including those that have been killed, along with context so that they can quickly determine the issue and remediate it. Not all container tools save this data, which I think is a huge mistake - why have a toolset that tells you your getting attacked without the capabilities to tell you why or how to fix it?

To learn more about containerized infrastructure and cloud native technologies, consider coming to KubeCon + CloudNativeCon Barcelona, May 20-23 in Barcelona.


About Loris Degioanni 

Loris Degioanni is the CTO and founder of Sysdig, the Cloud-Native Visibility and Security Platform. He is also the creator of the popular open source troubleshooting tool, sysdig, and the open source container security tool Falco. Prior to founding Sysdig, Loris co-created Wireshark, the open source network analyzer, which today has 20+ million users. Loris holds a PhD in computer engineering from Politecnico di Torino and lives in Davis, California.

About Sysdig

Sysdig closes the cloud-native operations gap. Our cloud-native visibility and security platform gives enterprises insight and control as they transition to dynamic modern architectures, allowing them to see the benefits faster, with less risk. Our open source technologies have attracted a community of more than a million developers, administrators and other IT professionals. The Sysdig cloud-native visibility and security platform allows DevOps, security professionals, and service owners to get context-rich information to dig deeper into their containerized environments and reliably build, run and respond to issues in millions of containers across hundreds of enterprises, including Fortune 500 companies and web-scale properties. Learn more at

Published Friday, April 26, 2019 7:31 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<April 2019>