The Cloud Native Computing Foundation’s flagship conference, KubeCon + CloudNativeCon Europe, is right around the corner, May 20 - 23, 2019 taking place this year in Fira Gran Via, Barcelona, Spain. Ahead of the show, VMblog was able to speak with Loris Degioanni, founder and CTO of Sysdig.
VMblog: Can you tell me a little bit about your history and ultimately what
led you to where you are today?
Loris Degioanni: My
participation in open source goes back to my college days. I love the open
source philosophy - there is a problem, let's fix it. I started my first company,
CACE Technologies, out
of college based on this principle. CACE Technologies is most well-known for
Wireshark, an open-source
packet analyzer still used for network troubleshooting and analysis today.
Fast forward a little bit and during the early days of the cloud, I realized
there was going to be a major visibility problem driven by the drastic increase
in data and the ephemeral nature of containers. Thinking through this problem,
we created sysdig, an open source container and microservices
monitoring tool in 2013. The company by the same name has gone on to create
additional open source and commercial security and troubleshooting
technologies, including Falco, a CNCF project.
VMblog: What
are the biggest challenges enterprises face when moving to the cloud today?
Degioanni: DevOps and security teams tasked with
translating cloud-native architectures into operational reality struggle with
ensuring reliable, secure, performant applications. Enterprises have struggled
in the transition to production because they need vast amounts of data to see
and secure their applications, but they need all that data with context to
understand if their Kubernetes-based microservices are running reliably and
securely. The concept of needing all this context - aka metadata or even tags -
is relatively new -- monolithic approaches tended to be statically deployed and
so it was easy to know who was doing what, and where. The cloud takes a different
set of tools and a different mindset. Since moving to the cloud is relatively
new, and moving to these dynamic architectures is also new, companies need to
be careful. They need to make sure they have the right tools and their IT teams
understand what they are getting into.
Another issue we see is that some enterprises
have not yet built an employee community that engages with the cloud community
-- both OSS and Enterprise. Cloud-native is interesting because it was born in
open source, a collaborative approach to problems. Companies can now expect
more than a typical vendor-customer relationship; now there is a higher-level
of engagement with developers who are all using the same open source projects.
For some companies, this takes some getting used to, but also presents great
opportunities to accelerate innovation.
VMblog: As the
cloud or more specifically, Kubernetes, matures, how is cloud adoption
changing?
Degioanni: In the last six months we have seen a rapid
increase in companies moving containers into production. Before, our customers
had what we call "tiger teams," a small group that would test containers with a
small project. However, in the last six months, there has been a massive shift
in the number of enterprises moving their applications to the cloud. We definitely
see that IT teams have greater confidence in the cloud and now there is more of
a willingness to move important data over.
VMblog: What
about multi-cloud and hybrid-cloud, what are the next steps and how far off are
we?
Degioanni: Well, with announcements like Google
GKE-On-Prem and the recent Google Anthos, we are getting a lot closer. Google
Anthos enables enterprises
to run and manage workloads across multiple clusters, clouds and hardware --
including managing environments that mix public clouds and on-premises
hardware.
VMblog: I
think we can all agree that DevOps is real and has been adopted, but now we are
hearing about DevSecOps. What are your thoughts on DevSecOps?
Degioanni: DevSecOps is coming right behind DevOps. There
will always be innovative companies that drive the needle forward before
everyone else. When you think about security, government and financial
institutions have some of the largest security concerns and many of these
companies are actively adopting DevSecOps.
Take Airline Tariff Publishing Company (ATPCO)
as an example, they are the pricing engine that enables seamless management of
airfare across all of the major airlines. As they transitioned to cloud-native,
they chose Sysdig to manage the risk, health and performance of their OpenShift
platform because we provide a complete solution to their DevOps, security teams
and service owners, enabling them to use one tool to better collaborate. When
companies are moving to cloud-native, that is the time to rethink tooling and
operations and it is the perfect time to simplify, consolidate and transition
to tools built for modern environments and no longer rely on legacy approaches.
VMblog: No one
wants to talk about it, but things happen and sometimes something goes wrong.
What challenges have you seen enterprises face?
Degioanni: Of course, enterprises need to ensure they
have the proper tools before something goes wrong, constantly pulling data from
their environment and alerting on them. I have seen enterprises hold off on
introducing security into their environment until production, but this is a
major mistake because vulnerabilities should be identified and fixed before
code is ever pushed live. However, zero-day threats are real and unavoidable.
Enterprises need to have a ‘what if' strategy in place to give them the data
and insight to find and isolate anomalous activity and work backwards to the
root cause. Forensics boils down to another data challenge. It is important for
enterprises to have access to data on all containers, including those that have
been killed, along with context so that they can quickly determine the issue
and remediate it. Not all container tools save this data, which I think is a
huge mistake - why have a toolset that tells you your getting attacked without
the capabilities to tell you why or how to fix it?
To learn more about containerized
infrastructure and cloud native technologies, consider coming to KubeCon + CloudNativeCon
Barcelona, May 20-23 in Barcelona.
++
About Loris Degioanni
Loris Degioanni is the CTO
and founder of Sysdig, the Cloud-Native Visibility and Security Platform. He is
also the creator of the popular open source troubleshooting tool, sysdig, and
the open source container security tool Falco. Prior to founding Sysdig, Loris
co-created Wireshark, the open source network analyzer, which today has 20+
million users. Loris holds a PhD in computer engineering from Politecnico di
Torino and lives in Davis, California.
About Sysdig
Sysdig closes the
cloud-native operations gap. Our cloud-native visibility and security platform
gives enterprises insight and control as they transition to dynamic modern
architectures, allowing them to see the benefits faster, with less risk. Our
open source technologies have attracted a community of more than a million
developers, administrators and other IT professionals. The Sysdig cloud-native
visibility and security platform allows DevOps, security professionals, and
service owners to get context-rich information to dig deeper into their
containerized environments and reliably build, run and respond to issues in
millions of containers across hundreds of enterprises, including Fortune 500
companies and web-scale properties. Learn more at www.sysdig.com.