Cloud

4/11/2018
02:30 PM
Dark Reading
Dark Reading
Products and Releases
0%
100%

Capsule8 Announces General Availability of Capsule8 1.0

Lyft among first to pursue Capsule8's Linux workload attack detection platform for both containerized and legacy environments.

BROOKLYN, NY (April 11, 2018) -- Capsule8 today announced the general availability of Capsule8 1.0, the industry’s only real-time, zero-day attack detection platform capable of scaling to massive production deployments. Following a successful beta with some of the biggest companies from Wall Street and Silicon Valley, Capsule8 is delivering continuous security across the entire production environment, both containerized and legacy, to detect and shut down attacks as they happen. Lyft, the fastest growing rideshare company in the U.S., is among the first to use the Capsule8 platform for attack detection.

As organizations modernize their production environments with technologies like cloud, microservices and containers, they face a changing attack surface that conventional security solutions can’t address. And with vulnerabilities such as Meltdown and Spectre, legacy Linux infrastructures are also up against inadequate protection caused by low visibility and poor detection. Capsule8 was built to protect today’s modern production environment and solve the most critical security challenges associated with containerized, virtualized and bare metal infrastructures in a single, scalable solution.

"Attack detection is an important focus in microservice environments like Lyft's, where expected host behavior can vary across server fleets. Capsule8's architecture and detection capabilities are impressive and align perfectly with the need for a low-overhead real-time alerting solution which evolves as attackers do,” said James Addison, senior security engineer at Lyft. “We're glad to see Capsule8 pushing the boundaries of attack detection."

Capsule8 detects and can instantly disrupt attacks in the production environment before the attack takes hold. Key features of Capsule8 1.0 include:

· Real-time Detection at Scale: Capsule8 utilizes distributed, expert-driven analytics to detect zero-day attacks in real time, reducing an organization’s typical flood of alarms and false positives to a trickle of high value, high context alerts of real attacks. Also, unlike conventional detection approaches that don’t scale, Capsule8 relies on distributed architecture that can scale detection to tens of thousands of nodes – without impacting performance.

· Built for Production: When an organization’s system or network is under heavy load, Capsule8 responds appropriately to ensure overall performance isn’t impacted, all without deploying any kernel modules or high-risk components. Plus, it deploys alongside an organization’s infrastructure, not as a SaaS solution, leaving full control of data to the customer and eliminating the risks of potential dissemination, deletion, or corruption of your data by third parties.

· Intelligent Investigation: Capsule8’s distributed telemetry makes it easy to perform forensic investigations on historical data, without significant impact to network performance or storage.

· Automated Disruption: Capsule8 can go beyond detection and makes it easy for companies to automatically disrupt an attack once detected. For instance, customers can strategically (and automatically) kill attacker connections, restart workloads, or alert an investigator, immediately upon initial detection.

· Support for Cloud Native and Legacy: Capsule8 supports both orchestrated and non-orchestrated workloads. Capsule8 deploys easily in a Kubernetes orchestrated environment through cloud providers such as AWS, GCP or Azure, as well as bare metal environments deployed with your operations tools of choice such as Ansible, Puppet, Chef or SaltStack.

· Easy Third-Party Integration: Capsule8’s API-first approach allows for simple integration with alert management systems, communication tools, SIEMs, orchestration tools and big data stores allowing security teams to monitor activity using the tool of their choice.

“Production environments most often hold an organization’s most valuable assets, yet they are the most vulnerable to the industry’s worst attacks. The security industry has been unable to effectively detect attacks at the scale required for production environments -- until now,” said John Viega, co-founder and CEO, Capsule8. “Capsule8 1.0 was built to protect today’s modern production environments and solve the challenge of detecting -- and even shutting down -- zero-day attacks within both containerized and legacy Linux infrastructures. We are blown away by the customer traction we are already seeing and truly humbled by the caliber of companies, like Lyft, turning to us to solve this critical problem.”

For more information, or to schedule a private demonstration of Capsule8 1.0 at the RSA Conference, please contact [email protected].

 

About Capsule8

Founded in fall 2016 and headquartered in Brooklyn, NY, Capsule8 is developing the industry’s first and only real-time, zero-day attack detection platform purpose-built for modern production environments. Founded by experienced hackers and seasoned security entrepreneurs, and funded by Bessemer Venture Partners and ClearSky, Capsule8 is making it possible for Linux-powered enterprises to modernize without compromise. Learn more at www.Capsule8.com.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
New Mirai Version Targets Business IoT Devices
Dark Reading Staff 3/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Reading Schneier's Friday Squid Blog again?
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.