(upbeat music) [Reporter] - Live from San Diego, California it's theCUBE covering Goodcloud and Cloud- Native cloud. Brought to you by Red Hat the Cloud-Native computing foundation. and its ecosystem partners. >> Welcome back, we're here at Kubecon Cloud-Native con 2019 in San Diego, I'm Stu Miniman. We've got over 12,000 in attendance here and we have a three guest lineup of Kubecon veterans here. To my right is Loris Degioanni who's the CTO and founder of Sysdig. To his right, representing the Tiger is Amit Gupta who's vice president of business development and Product Management at Tigera, and also Knox Anderson who's Director of Product Management. We know from the Octopus, Amit, that also means that he's with Sysdig. So gentlemen, thank you all for joining. [Loris]- Octopus and Tiger >> Octopus and Tiger, bringing it all together on the tube. We have a menagerie as it were. So Loris, let's start as they said, you know all veterans, you've been here, you've almost been to every single one, something about a you know, a child being born made you miss one. [Loris] - The very first one. >> So, why don't you bring us in kind of what's so important about this ecosystem, why it's growing so fast and Sysdig's relationship with the community? >> Yeah, I mean, you can just look around, right? Kubecon is growing year after year, it's becoming bigger and bigger and this just a reflection of the community getting bigger and bigger every year, right? It's really looks like we are, you know, here with this community creating the next step, you know? For computing, for cloud computing, and really, you know, Kubernetes is becoming the operating system powering, you know, the cloud and the old CNC ecosystem around it is really becoming, essentially the ecosystem around it. And the beauty of it is it's completely open this time, right? For the first time in history. >> All right, so since you are the founder, I need to ask, give me the why? So we've been saying you know, we've been starting this program almost 10 years ago and the big challenge of our time is you know building software for distributed systems. Cloud's doing that, Edge is taking that even further. Bring us back to that moment of the birth of Sysdig and how that plays into all the open source and that growth you're talking about. >> Yeah, I mean, Sysdig was born, so first of all, a little bit of background of me. I've been working in open source and networking for my whole career. My previous company was the business behind washer, then it took on a live service, so, a huge open source community and working with enterprises all around the world, essentially to bring visibility over their neighbors. And then I started realizing the stack was changing radically, right? With the event of cloud computing. With the event of containers and Docker. With the event of Kubernetes. It, legacy ways of approaching the problem were just not working. Were not working the technical level because, you need to create something completely new for the new stack but they were also not working at the approach level. Every thing was proprietary. Every thing was in silos, right? So the approach now is much more, like inclusive and community first, and that's why I decided to start Sysdig. >> All right. so Amit, we know things are changing all the time. One thing that does not ever change is security is paramount. I really say, I go back 10 or 15 years you know, they've got a lot of lip service around security. Today, it's a board level discussion. Money, development, especially here in the Cloud-Native space it's really important so, talk about Tigera relationship with Sysdig and very much focused on the Kubernetes ecosystems. >> Absolutely. So I couldn't agree with you more, Stu. I mean, security is super critical and more so now as folks are deploying more and more mission critical applications on the Kubernetes based platform. So, Sysdig is a great partner for us. Tigera provides networking and network security aspects of that Kubernetes deployment. And if you think about it how modern applications are built today, you've taken a big large model and decomposed into hundreds of micro services so there's procedural cause that were happening inside the code and now API calls on the network so you've got a much bigger network with that service a highly distributed environment. So the traditional architectures where you manage the security typically with the firewall or a gateway, it's not sufficient. It's important, it's needed and that's really where, as people design their architecture, they have to think about how do you design security across that entire infrastructure in a distributed fashion or done in the early stages of your projects. >> Knox, help us understand the relationship here, how it fits into Sysdig's product with Tigera. >> Yeah, so we're great partners with Tigera. Tigera lives at the network security level. Sysdig's secure in that the product we built extends the instrumentation that Loris started off with our open source tool, to provide security across the entire container lifecycle. So at build time, making sure your images are properly configured, free of vulnerabilities at run time, looking at all the activity that's happening and then the big challenge in the Kubernetes space is around incident response and audit. So if something happens in that pod, Kubernetes is going to kill it before anyone can investigate and Sysdig helps you with those work flows. >> Maybe it would help, we all throw around those terms, Cloud-Native a lot and it's a term I've heard for a number of years. But the definition like cloud itself is one that you know matures over time and when we get there so, maybe if we focus in a little bit on Cloud-Native security. You know, what is it we're hearing from customers, what does it mean to really build Cloud-Native Security. What makes that different from the security we've been building in our data centers, in clouds for years? >> Well I thought Cloud-Native was just a buzzword. Does it actually mean something? (laughs) >> Well hopefully it's more than just a buzzword and that's what I'm hoping you could explain. >> Yeah, so again, the way I see it is the real change that you are witnessing is how software is being written. And we're touching a little bit on it at this point. Software intended to be architected as big monoliths now is being splayed into smaller components. And this is just a reflection of software development teams in a general way being much more efficient when you can essentially, break the problem into sub-problems and break the responsibilities into sub-responsibilities. This is perhaps something that is extremely beneficial especially in terms of productivity. But also, sort of revolutionizes the way you write software, you run software, you maintain software, CICD, you know continues development, continues integration, pipelines, the reliance on GIT and suppository to store everything. And this also means that, securing, monitoring, troubleshooting infrastructures becomes much different. And one of things we are seeing is legacy two's don't work anymore and the new approaches like Calico Networking or like Falco and runtime security or like Sysdig secure, for the lifecycle and security of containers are something bubbling up as alternatives to the old way of doing things. >> I would add to that I agree with you. I would add that if you're defining a Cloud-Native security the Cloud-Native means it's a distributed architecture. So your security architecture has got to be distributed as well, absolutely got a plan for that. And then to your point, you have to automate the security as part of the various aspects of your lifecycle. Security can not be an afterthought you have to design for that right from the beginning and then one last thing I would add is just like your applications are being deployed in an automated fashion your security has to be done in that fashion so, policy is good, infrastructure is good and the security is just baked in as part of that process. It's critical you design that way to get the best outcomes. >> Yeah, and I'd say the asset landscape has completely changed. Before you needed to surface finding against a host or an IP. Now you need to surface vulnerabilities and findings against clusters, name spaces, deployments, pods, services and that huge explosion of assets is making it much harder for teams to triage events, vulnerabilities and it's really changing the process in how the sock works. >> And I think that the landscape of the essence is changing also is reflected on the fact that the persona landscape is changing. So, the separation between attempts and operation people is becoming thinner and thinner and more and more security becomes a responsibility of the operation team, which is the team in charge of essentially owning the infrastructure and taking care of it, not only for the operational point of view but also from the security. >> Yeah, I think I've heard the point that you've made a many times. Security can't be a bolt on or an afterthought. It's really something fundamental, we talk about DevOps is, it needs to be just baked into the process, >> Yeah. >> It's, as I've heard chanted at some conferences, you know, security is everyone's responsibility, >> Correct. >> make sure you step up. We're talking a lot about open source here. There's a couple of projects you mentioned, Falco and Calico, you're partners with Red hat. I remember going to the Red Hat show years ago and they'd run these studies and be like, people are worried that open source and security couldn't go side by side, but no, no you could actually, you know open source is secure but taking the next step and talking about building security products with open source give us, where that stands today and how customers are you know embracing that? And how can it actually keep up with the ever expanding threat surfaces and attacks that are coming out? >> Yeah. First of all as we know open source is actually more secure and we're getting proof of that you know, pretty much on a daily basis including you know, the fact that tools like Kubernetes are regularly scrutinized by the security ecosystem and the vulnerabilities are found early on and disclosed. In particular, Sysdig is the original creator of Falco which is an open source, CNCF phased anomaly detection system that is based on collecting high granular data from a running Kubernetes environment. For example, through the capture of the system calls and understanding the activity of the containers and being able to alert about the anomalous behavior. For example, somebody being able to break into your container, extricating data or modifying binaries, or you know perpetrating an attack or stuff like that. We decided to go with an approach that is open source first because, first of all, of course, we believe into participating with the community and giving something as an inclusive player to the community. But also we believe that you really achieve better security by being integrated in the stack, right? It's very hard , for example, to have, I don't know, security in AWS that is deeply integrated with the cloud stack upon us, alright? Because this it's propietary. Why would Kubernetes solutions like Falco or even like Calico, we can really work with the rest of the community to have them really tightly coupled and so much more effective than we could do in the past. >> You know, I mean I would make one additional point to your question. It's not only that users are adopting open source security. It's actually very critical that security solutions are available as an open source, because, I mean, look around us here this is a community of open source people, they're building and distributing infrastructure platform from that is all open source so we're doing this service if we don't offer a good set of security tools to them, not an open source. So that's really our fundamental model that's why Calico provides two key problems networking and network security for our users, you deploy your clusters, your infrastructures, and you have all the bells and whistles you need to be able to run a highly secure, highly performing cluster in your environment and I believe that's very critical for this community. >> Yeah, and I'd say that and now with open source, prevention has moved into the platform. So, with network policy and things like Calico or in our 3.0 launch we incorporated the ability to automate tests and apply pod security policies. And those types of prevention mechanisms weren't available on your platforms before. >> Okay, I often find if you've got any customer examples, talk about, you know, how they're running this production kind of the key, when they use your solutions you know, the benefits that they're having? >> Yeah, I'll take a few examples. I mean, today it is probably fair to say Calico from the partial phone home data we get a 100,000 plus customers across the globe, some of the, I can't take the actual names of the customers but, so the largest banks are using Calico for their enterprise networking scenarios and essentially, the policies, the segmentation inside the clusters should be able to manage the security for those workloads inside their environments. So that's how I would say. >> Yeah, and Sysdig, we, have an open core base with Falco, and then we offer a commercial product called Sysdig secure, in particular, last week we release version 3.0 of our commercial product which is another interesting dynamic because if we can offer the open core essentially to the community but then offer additional features with our commercial product. And Falco is installed in many, many thousands extension of platforms. and Sysdig secure you know secures, and offers visibility to the biggest enterprises in the world. We have deployments that are at a huge scale with the biggest banks, insurance companies, media companies, and we tend to fall to cover the full life cycle of applications because as the application and as the software moves in the CICD pipeline so security needs to essentially accompany the application through the different stages. >> All right, well thank you all three of you for providing the update. Really appreciate you joining us in the program and have a great rest of the week >> Thank you very much. >> Thank you. >> Thank you. >> We'll be back with more coverage here from Kubecon, Cloud-Nativecon. I'm Stu Miniman and thanks for watching theCUBE. (upbeat music)