Threat Intelligence
7/28/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Capsule8 Launches Threat Prevention and Response Platform Beta for Cloud-Native Environments

Company Providing Private Demonstrations at Black Hat USA

BLACK HAT USA 2017, Las Vegas, Nev. – Capsule8 today launched the beta version of Capsule8 Protect, the industry’s first threat prevention and response platform purpose-built for cloud-native environments. Capsule8 Protect brings continuous security to an enterprise’s production environment, allowing them to detect and shut down attacks in the instant they happen. The company is conducting private demonstrations of its beta product at Black Hat USA from July 22-27.

Today’s product announcement coincides with the news that former RSA Executive Chairman and CEO Art Coviello is joining Capsule8’s board.

Organizations are rapidly shifting toward containerized and microservice architectures. However, this explosive growth brings significant challenges that require solutions to simplify and automate complex security requirements for this next-generation infrastructure. Existing solutions such as security appliances, which rely on IP or host names for monitoring, simply don’t work in the dynamic world of containers. Meanwhile container-focused security solutions provide some vulnerability scanning and threat alerting, but cannot protect large amounts of the legacy infrastructure or actually stop attacks from happening.  

"Capsule8’s approach to protecting cloud-native environments is perfectly timed to meet the needs of enterprises who sit on the verge of digital transformation, but feel hamstrung by current security approaches,” said John Viega, CEO of Capsule8. “The seismic shift toward microservices, cloud environments and containers have opened countless new opportunities for businesses to innovate, but legacy security approaches greatly limit organizations’ ability to make the leap. Capsule8 Protect provides next-gen threat prevention and response that will enable organizations to capitalize on these opportunities without compromising on security.”

Capsule8, founded by an experienced and well-known group of security experts, brings to market the first and only threat prevention and response platform aimed at protecting legacy technology and modern Linux systems and platforms, including entire production environments, without impacting performance. The platform, collaboratively created by Capsule8 with a select group of design partners from Fortune 500 organizations and well-funded startups, offers key features needed for the next-gen infrastructure, including:

  • Visibility: Capsule8 Protect provides the transparency required for real-time protection, monitoring and troubleshooting. Capsule8 delivers real-time, cluster-wide visibility across system, network and intra-container data to eliminate blind spots.
  • Real-Time Threat Prevention: Unlike conventional approaches that rely on batch analytics and alert an organization to an attack hours – or even days – after it occurred, Capsule8 alerts users to an attack instantly. By combining distributed, expert-driven analytics with powerful artificial intelligence techniques, Capsule8 Protect detects attacks in real time.
  • Automated Attack Resilience: Capsule8 Protect shuts down both known and zero-day attacks as they occur. Capsule8 offers a “shoot first, ask questions later” approach that automatically freezes any infected component and replaces it without affecting performance.
  • ·Intelligent Investigation: Capsule8 Protect stores all events in a distributed "flig recorder" that allows users to perform detailed forensic investigations or to review historical data for signs of an attack.
  •  API-first approach: Capsule8 provides security teams with core functional building blocks to create protections that can be used out of the box or customized to meet the specific needs of the customer environment.
  • Easy integration: For DevOps teams, Capsule8 offers a simple, one-line install into their platform with no impact on performance. For security teams, Capsule8 delivers straightforward integration with forensic or ops tools such as Slack, Hadoop, Splunk and others.

 “Our API-first approach makes it incredibly easy for customers to build their own protection rules and integrate with their existing security tools,” said Dino Dai Zovi, co-founder and CTO, Capsule8. “In the coming months, we’ll open-source our platform to enable and encourage collaboration in the development of our technology, while meeting the needs of customers and the open source community. We are committed to delivering open technology that security teams know they can trust.”

General availability of Capsule8 Protect is scheduled for this fall.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
The Impact of a Security Breach 2017
The Impact of a Security Breach 2017
Despite the escalation of cybersecurity staffing and technology, enterprises continue to suffer data breaches and compromises at an alarming rate. How do these breaches occur? How are enterprises responding, and what is the impact of these compromises on the business? This report offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.