alcide

Alcide Blog

Cloud-native Security Provider

The New Cloud-Native Security Paradigm- Exciting times for me to join Alcide!

Aug 26, 2019 8:41:22 AM / by Amir Ofek

 
 
I am a big believer in Jeff Bezos’s Day 1 philosophy. So when the opportunity came for me to drive Day 1 yet again, I could not resist.

It is clear beyond doubt cloud-native technologies are going to transform all we know about business, software and its supporting infrastructure. So I simply could not pass on the opportunity to join old friends to take part in this exciting paradigm shift to drive end-to-end cloud security so needed to protect this next wave of innovation. Here’s how my journey brought me to Alcide.

The cloud-native movement, led by Kubernetes, is going to eat software’s lunch for sure, but it will also become a heaven for hackers if we don’t have the right intelligent and automated protection frameworks in place. The CapOne recent AWS hack is just an early warning sign for what we may be facing down the road…

 

According to Gartner, By 2022, more than 75% of global organizations will be running containerized apps in production, an estimated increase from 30% today. This is no small transformation!
CNCF claims to have over 90 Certified Kubernetes offerings listed on their website, and that number is growing by the day. Look no further than Datadog’s survey that points to Kubernetes continuing its steady rise in container environments globally. This DevSecOps interaction between Cloud Security and DevOps, shifts power to all of you DevOps ninjas out there, and it is only beginning to shape out. So you can see when Alcide approached me about heading up the company for its next phase of scale, I was super intrigued.

Having led CyberInt for over three years in a determined Day 1 mentality, where we focused on bringing sophisticated, intelligent Managed Detection and Response solutions to address emerging cyber threats faced by businesses in the online space, I witnessed first hand the growing threat landscape in the face of accelerated digital transformation, with the traditional perimeter security fading away. At CyberInt, we knew enterprises across retail, ecommerce, finance and telecom, needed a new approach to pervasive online security - our response was to offer one of the most advanced Intelligence-led MDR solutions in the market. 

As enterprises started to move to cloud-native with Kubernetes becoming the de-facto standard for orchestrating containerized apps, I could easily see the security paradigm is being redefined again - this time spanning development, operations and security teams in what we have come to know as the rise of DevSecOps.

DevSecOps has become “fashionable” and while it is gaining more momentum, what most of us forget is that it is not simply a new security framework for managing distributed code, apps and microservices applications -  it is a whole new cultural transformation with Dev and Ops today starting to wear a new “security hat” - and wearing it across the entire CI/CD software development lifecycle. This cultural transformation is calling for a new way to design and develop security tools pushing for the truly quick and simple to use, capable of addressing and seamlessly supporting agile and dynamic workflows - a plug-and-play approach that mimics how Dev and Ops operate today. Turns out Alcide approached its security design and development in exactly the same way. So I got excited. Really excited!

 

Lastly, if I was going to join and lead a growing team with a huge potential, I had to know - no, I had to be sure, the team was already solving real pain points for its customers. So I had to ask myself - is Alcide onto something that others may not? Has Alcide built a strong foundation and delivering real, tangible value to the many teams that are testing, configuring, launching and growing their K8s deployments? What are they capable of doing today? Can they catch simple, bona fide K8s misconfiguration issues, which often lead to security risks, and can they reduce dramatically the complexity by collapsing the need for DevSecOps team to stitch and juggle many tools to address the spreading security issues that stem from using new technologies such as K8s? When I realized that was the case, I got sold. 

When I talked to Alcide’s customers, I saw, without a doubt, the immediate benefit Alcide was bringing to them: the deep visibility into the K8s clusters, paramount in distributed environments; the end-to-end insights of what is going on in these environments, and last but not least - their unified security single pane of glass, equally capable of addressing Security, Dev and Ops needs.

What made me shift from an Alcide enthusiast to an Alcide converted, though, was the great energized team and the growing ecosystems who have voted yes for us - the close, collaborative relationships the Alcide has already fostered with the cloud providers across Azure, GCP and AWS. Looking for proof - look no further than Driving Continuous Security and Configuration Checks for Amazon EKS with Alcide Advisor. The advisor tool was built to ensure a frictionless and secured DevSecOps workflow by layering a hygiene scan of Kubernetes clusters, and enabling DevOps and Security teams with their cloud onboarding. That is cloud-native transformation in the making.

So, the K8s Generation is here. Now it’s up to us at Alcide to deliver on the K8s cloud security promise with scale, Doing good for the K8s ecosystem globally. So I am excited to start my Day 1 again, and we sure do promise to deliver!

 

 

Topics: cloud security, kubernetes, microservices, devops