Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:15 PM
Dark Reading
Dark Reading
Products and Releases

Introducing Capsule8: Container-Aware, Real-time Threat Protection for Linux

Founded by Renowned Security Veterans and Funded by Bessemer Venture Partners

BROOKLYN, New York (February 8, 2017) – Capsule8 today emerged from stealth mode to unveil its plans for the industry’s first container-aware, real-time threat protection platform designed to protect legacy and next-generation Linux infrastructures from both known and unknown attacks. Founded by experienced hackers John Viega, Dino Dai Zovi and Brandon Edwards, Capsule8 is being built on the real-world experience of its founders to protect against exploitation of previously unknown vulnerabilities. The company raised seed funding of $2.5 million from Bessemer Venture Partners, as well as individual investors Shardul Shah of Index Ventures and Jay Leek of ClearSky, and formerly of The Blackstone Group. The funding will help fuel the launch of the Capsule8 platform this spring.

“The cloud has catapulted Linux to the most popular platform on the planet, and now the use of container technology is exploding. Yet there has been no world-class commercial security offering focused on securing the Linux infrastructure – until now,” said Bob Goodman, partner at Bessemer. “Capsule8 is solving the difficult problem of providing zero-day threat protection for Linux, whether legacy, container or something in-between. Simply put, John, Dino and Brandon are pioneering the most comprehensive and effective security protection ever offered for Linux.”

A New Approach to Linux Security

Despite the huge adoption of Linux in the enterprise, both on-premise and in the cloud, today’s security best practices (such as anti-virus and network appliances) haven’t worked. Many large-scale hacks of Linux infrastructures, such as Yahoo!’s recent breach, go undetected until the stolen data shows up on the Internet. Many companies patch Linux problems as they arise, yet they have no way of knowing whether they were attacked before the patch or if the intruder remains inside their network. Enterprises are also experimenting with containers, which show huge potential, but represent point security solutions with weak support for legacy security infrastructure.

Capsule8 was created to solve this problem. With the launch of its platform this spring, Capsule8 will provide real-time threat protection that detects and prevents known and zero-day attacks in production infrastructure. Capsule8’s security will span the entire Linux infrastructure in data centers and in the cloud as well as across virtual machines, bare metal, and containers. With intelligent investigation that leverages artificial intelligence and security analytics, Capsule8 provides visibility for complex applications with high fidelity alerting. Moreover, Capsule8 enables organizations to optimize their existing security investment through SIEM and forensic tool integration.

Capsule8 has already signed customers for their pre-release product, including SourceClear and Namely. Mark Curphey, CEO of SourceClear said, “Capsule8 is the first product that supplements our pre-deployment detection with Runtime Threat Protection for Linux systems.  Not only am I excited to be a customer, I expect we’re going to be a great 1-2 punch for many enterprises looking to deploy modern applications.”

“Generally, when architecting information systems or adapting new tech there are three core principles I tend to keep in mind – scalability, maintainability, and security. Capsule8 aligns with those principles while enhancing the later with detailed security specific visibility. Protecting infrastructure at scale without sacrificing stability or performance is essential,” said Daniel Leslie, Director of Cyber-Security & Technology at Namely Inc. 

Founded by Security Veterans

Capsule8’s founders have spent their careers helping to shape the security industry as hackers, entrepreneurs, authors and industry speakers. Capsule8 CEO John Viega was most recently EVP of cloud security provider Silversky, where he led the technological advancement of the company’s cloud-based security suite. Following the successful acquisition of SilverSky by BAE Systems, John went on to serve as EVP of Product. Prior to SilverSky, John was SaaS CTO at McAfee. John is an award-winning author with a half dozen books to his name, including “Building Secure Software” and “Network Security with OpenSSL.”  He also co-designed the GCM encryption algorithm, which is nearly universally supported in the HTTPS and IPSec standards.

Capsule8 CTO Dino Dai Zovi most recently served as the Mobile Security Lead at Square, building out the platform that allows Square to ensure that their sellers’ mobile devices are safe. He has also held security leadership roles with Endgame, Two Sigma Investments and Matasano Security. Dino is a member of the BlackHat Review Board and also a regular speaker at information security conferences around the world including DEFCON, BlackHat and CanSecWest. He is a co-author of the books "The iOS Hacker's Handbook,” “The Mac Hacker’s Handbook” and “The Art of Software Security Testing.” He is best known in the information security community for winning the first PWN2OWN contest at CanSecWest 2007. 


The founding team also includes Brandon Edwards as Chief Scientist. Prior to Capsule8, Brandon was VP of Threat Labs at BAE Systems, having joined the company through its successful acquisition of SilverSky, where he designed their cloud-based, zero-day prevention product. Brandon has also served as hacker-in-residence at NYU Tandon School of Engineering, and held senior security roles at TippingPoint and McAfee.

Expert industry analysts have begun to recognize the unmatched experience and capability of the Capsule8 founders. “The Capsule8 founders are the real deal,” said Ed Amoroso, CEO of TAG Cyber. “They are serving an important market that is woefully under-supported. And they have a solution that combines something-old with something-new into a cloud infrastructure that will benefit from IT and cloud security tailwinds for the coming decade.”

Capsule8, led by its three visionary founders, brings unmatched experience in cyber security to solve one of today’s most pressing and unmet security needs: Linux Infrastructure Protection.

About Capsule8

Founded in fall 2016 and headquartered in Brooklyn, NY, Capsule8 is developing the industry’s first container-aware, real-time threat protection platform designed to proactively protect legacy and next-generation Linux infrastructure from both known and unknown attacks. Founded by experienced hackers and seasoned security entrepreneurs, and funded by Bessemer Venture Partners, Capsule8 is making it possible for Linux-powered enterprises to modernize without compromise. Learn more at www.Capsule8.io.


# # #




Recommended Reading:

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: George has not accepted that the technology age has come to an end.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-03-06
Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service sc...
PUBLISHED: 2021-03-05
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
PUBLISHED: 2021-03-05
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.
PUBLISHED: 2021-03-05
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
PUBLISHED: 2021-03-05
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0.