Threat Intelligence

12:00 AM
Dark Reading
Dark Reading
Products and Releases

Capsule8 Launches Threat Prevention and Response Platform Beta for Cloud-Native Environments

Company Providing Private Demonstrations at Black Hat USA

BLACK HAT USA 2017, Las Vegas, Nev. – Capsule8 today launched the beta version of Capsule8 Protect, the industry’s first threat prevention and response platform purpose-built for cloud-native environments. Capsule8 Protect brings continuous security to an enterprise’s production environment, allowing them to detect and shut down attacks in the instant they happen. The company is conducting private demonstrations of its beta product at Black Hat USA from July 22-27.

Today’s product announcement coincides with the news that former RSA Executive Chairman and CEO Art Coviello is joining Capsule8’s board.

Organizations are rapidly shifting toward containerized and microservice architectures. However, this explosive growth brings significant challenges that require solutions to simplify and automate complex security requirements for this next-generation infrastructure. Existing solutions such as security appliances, which rely on IP or host names for monitoring, simply don’t work in the dynamic world of containers. Meanwhile container-focused security solutions provide some vulnerability scanning and threat alerting, but cannot protect large amounts of the legacy infrastructure or actually stop attacks from happening.  

"Capsule8’s approach to protecting cloud-native environments is perfectly timed to meet the needs of enterprises who sit on the verge of digital transformation, but feel hamstrung by current security approaches,” said John Viega, CEO of Capsule8. “The seismic shift toward microservices, cloud environments and containers have opened countless new opportunities for businesses to innovate, but legacy security approaches greatly limit organizations’ ability to make the leap. Capsule8 Protect provides next-gen threat prevention and response that will enable organizations to capitalize on these opportunities without compromising on security.”

Capsule8, founded by an experienced and well-known group of security experts, brings to market the first and only threat prevention and response platform aimed at protecting legacy technology and modern Linux systems and platforms, including entire production environments, without impacting performance. The platform, collaboratively created by Capsule8 with a select group of design partners from Fortune 500 organizations and well-funded startups, offers key features needed for the next-gen infrastructure, including:

  • Visibility: Capsule8 Protect provides the transparency required for real-time protection, monitoring and troubleshooting. Capsule8 delivers real-time, cluster-wide visibility across system, network and intra-container data to eliminate blind spots.
  • Real-Time Threat Prevention: Unlike conventional approaches that rely on batch analytics and alert an organization to an attack hours – or even days – after it occurred, Capsule8 alerts users to an attack instantly. By combining distributed, expert-driven analytics with powerful artificial intelligence techniques, Capsule8 Protect detects attacks in real time.
  • Automated Attack Resilience: Capsule8 Protect shuts down both known and zero-day attacks as they occur. Capsule8 offers a “shoot first, ask questions later” approach that automatically freezes any infected component and replaces it without affecting performance.
  • ·Intelligent Investigation: Capsule8 Protect stores all events in a distributed "flig recorder" that allows users to perform detailed forensic investigations or to review historical data for signs of an attack.
  •  API-first approach: Capsule8 provides security teams with core functional building blocks to create protections that can be used out of the box or customized to meet the specific needs of the customer environment.
  • Easy integration: For DevOps teams, Capsule8 offers a simple, one-line install into their platform with no impact on performance. For security teams, Capsule8 delivers straightforward integration with forensic or ops tools such as Slack, Hadoop, Splunk and others.

 “Our API-first approach makes it incredibly easy for customers to build their own protection rules and integrate with their existing security tools,” said Dino Dai Zovi, co-founder and CTO, Capsule8. “In the coming months, we’ll open-source our platform to enable and encourage collaboration in the development of our technology, while meeting the needs of customers and the open source community. We are committed to delivering open technology that security teams know they can trust.”

General availability of Capsule8 Protect is scheduled for this fall.


Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
13 Russians Indicted for Massive Operation to Sway US Election
Kelly Sheridan, Associate Editor, Dark Reading,  2/16/2018
Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.