Introducing Capsule8: Container-Aware, Real-time Threat Protection for Linux

Founded by Renowned Security Veterans and Funded by Bessemer Venture Partners

February 9, 2017

5 Min Read


BROOKLYN, New York (February 8, 2017) – Capsule8 today emerged from stealth mode to unveil its plans for the industry’s first container-aware, real-time threat protection platform designed to protect legacy and next-generation Linux infrastructures from both known and unknown attacks. Founded by experienced hackers John Viega, Dino Dai Zovi and Brandon Edwards, Capsule8 is being built on the real-world experience of its founders to protect against exploitation of previously unknown vulnerabilities. The company raised seed funding of $2.5 million from Bessemer Venture Partners, as well as individual investors Shardul Shah of Index Ventures and Jay Leek of ClearSky, and formerly of The Blackstone Group. The funding will help fuel the launch of the Capsule8 platform this spring.

“The cloud has catapulted Linux to the most popular platform on the planet, and now the use of container technology is exploding. Yet there has been no world-class commercial security offering focused on securing the Linux infrastructure – until now,” said Bob Goodman, partner at Bessemer. “Capsule8 is solving the difficult problem of providing zero-day threat protection for Linux, whether legacy, container or something in-between. Simply put, John, Dino and Brandon are pioneering the most comprehensive and effective security protection ever offered for Linux.”

A New Approach to Linux Security

Despite the huge adoption of Linux in the enterprise, both on-premise and in the cloud, today’s security best practices (such as anti-virus and network appliances) haven’t worked. Many large-scale hacks of Linux infrastructures, such as Yahoo!’s recent breach, go undetected until the stolen data shows up on the Internet. Many companies patch Linux problems as they arise, yet they have no way of knowing whether they were attacked before the patch or if the intruder remains inside their network. Enterprises are also experimenting with containers, which show huge potential, but represent point security solutions with weak support for legacy security infrastructure.

Capsule8 was created to solve this problem. With the launch of its platform this spring, Capsule8 will provide real-time threat protection that detects and prevents known and zero-day attacks in production infrastructure. Capsule8’s security will span the entire Linux infrastructure in data centers and in the cloud as well as across virtual machines, bare metal, and containers. With intelligent investigation that leverages artificial intelligence and security analytics, Capsule8 provides visibility for complex applications with high fidelity alerting. Moreover, Capsule8 enables organizations to optimize their existing security investment through SIEM and forensic tool integration.

Capsule8 has already signed customers for their pre-release product, including SourceClear and Namely. Mark Curphey, CEO of SourceClear said, “Capsule8 is the first product that supplements our pre-deployment detection with Runtime Threat Protection for Linux systems.  Not only am I excited to be a customer, I expect we’re going to be a great 1-2 punch for many enterprises looking to deploy modern applications.”

“Generally, when architecting information systems or adapting new tech there are three core principles I tend to keep in mind – scalability, maintainability, and security. Capsule8 aligns with those principles while enhancing the later with detailed security specific visibility. Protecting infrastructure at scale without sacrificing stability or performance is essential,” said Daniel Leslie, Director of Cyber-Security & Technology at Namely Inc. 

Founded by Security Veterans

Capsule8’s founders have spent their careers helping to shape the security industry as hackers, entrepreneurs, authors and industry speakers. Capsule8 CEO John Viega was most recently EVP of cloud security provider Silversky, where he led the technological advancement of the company’s cloud-based security suite. Following the successful acquisition of SilverSky by BAE Systems, John went on to serve as EVP of Product. Prior to SilverSky, John was SaaS CTO at McAfee. John is an award-winning author with a half dozen books to his name, including “Building Secure Software” and “Network Security with OpenSSL.”  He also co-designed the GCM encryption algorithm, which is nearly universally supported in the HTTPS and IPSec standards.

Capsule8 CTO Dino Dai Zovi most recently served as the Mobile Security Lead at Square, building out the platform that allows Square to ensure that their sellers’ mobile devices are safe. He has also held security leadership roles with Endgame, Two Sigma Investments and Matasano Security. Dino is a member of the BlackHat Review Board and also a regular speaker at information security conferences around the world including DEFCON, BlackHat and CanSecWest. He is a co-author of the books "The iOS Hacker's Handbook,” “The Mac Hacker’s Handbook” and “The Art of Software Security Testing.” He is best known in the information security community for winning the first PWN2OWN contest at CanSecWest 2007. 


The founding team also includes Brandon Edwards as Chief Scientist. Prior to Capsule8, Brandon was VP of Threat Labs at BAE Systems, having joined the company through its successful acquisition of SilverSky, where he designed their cloud-based, zero-day prevention product. Brandon has also served as hacker-in-residence at NYU Tandon School of Engineering, and held senior security roles at TippingPoint and McAfee.

Expert industry analysts have begun to recognize the unmatched experience and capability of the Capsule8 founders. “The Capsule8 founders are the real deal,” said Ed Amoroso, CEO of TAG Cyber. “They are serving an important market that is woefully under-supported. And they have a solution that combines something-old with something-new into a cloud infrastructure that will benefit from IT and cloud security tailwinds for the coming decade.”

Capsule8, led by its three visionary founders, brings unmatched experience in cyber security to solve one of today’s most pressing and unmet security needs: Linux Infrastructure Protection.

About Capsule8

Founded in fall 2016 and headquartered in Brooklyn, NY, Capsule8 is developing the industry’s first container-aware, real-time threat protection platform designed to proactively protect legacy and next-generation Linux infrastructure from both known and unknown attacks. Founded by experienced hackers and seasoned security entrepreneurs, and funded by Bessemer Venture Partners, Capsule8 is making it possible for Linux-powered enterprises to modernize without compromise. Learn more at


# # #



Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights