Threat prevention for protecting production environments

Capsule8 launched the beta version of Capsule8 Protect, a threat prevention and response platform purpose-built for cloud-native environments.

Organizations are rapidly shifting toward containerized and microservice architectures. However, this explosive growth brings significant challenges that require solutions to simplify and automate complex security requirements for this next-generation infrastructure. Existing solutions such as security appliances, which rely on IP or host names for monitoring, simply don’t work in the dynamic world of containers. Meanwhile container-focused security solutions provide some vulnerability scanning and threat alerting, but cannot protect large amounts of the legacy infrastructure or actually stop attacks from happening.

Capsule8, founded by an experienced and well-known group of security experts, brings to market the first threat prevention and response platform aimed at protecting legacy technology and modern Linux systems and platforms, including entire production environments, without impacting performance.

The platform offers key features needed for the next-gen infrastructure, including:

• Visibility: Capsule8 delivers real-time, cluster-wide visibility across system, network and intra-container data to eliminate blind spots.
• Real-time threat prevention: Unlike conventional approaches that rely on batch analytics and alert an organization to an attack hours – or even days – after it occurred, by combining distributed, expert-driven analytics with artificial intelligence techniques, Capsule8 Protect detects attacks in real time.
• Automated attack resilience: The platform offers a “shoot first, ask questions later” approach that automatically freezes any infected component and replaces it without affecting performance.
  • Intelligent investigation: Capsule8 Protect stores all events in a distributed “flight recorder” that allows users to perform detailed forensic investigations or to review historical data for signs of an attack.

API-first approach: The platform provides security teams with core functional building blocks to create protections that can be used out of the box or customized to meet the specific needs of the customer environment.

“Our API-first approach makes it incredibly easy for customers to build their own protection rules and integrate with their existing security tools,” said Dino Dai Zovi, co-founder and CTO, Capsule8.

“In the coming months, we’ll open-source our platform to enable and encourage collaboration in the development of our technology, while meeting the needs of customers and the open source community.”