Partnering with Sysdig to Monitor and Secure Modern App Development

November 17, 2021
Partnering with Sysdig to Monitor and Secure Modern App Development

At PI, we are humbled to partner with companies that we believe have uncommon potential. Our evergreen, established capital base allows us to invest over long time horizons. We seek to serve as a sounding board for entrepreneurs and to help uncork growth opportunities. We deploy capital using a synergistic crossover strategy, leveraging our understanding of public markets and operational benchmarks to the benefit of our growth equity practice. Our listed equities strategy benefits from growth equity’s deep sector knowledge and portfolio to partner with companies through a public listing and beyond. We’re thrilled to announce a new partnership with Suresh Vasudevan, Loris Degioanni, and the rest of the Sysdig team; it is an honor to be co-leading their Series F growth financing. We’ve been more than impressed by Sysdig’s advancement of the DevSecOps movement through their comprehensive security and monitoring solution for modern dynamic application development.

Shift in Development Framework Creates New Attack Vectors and Necessitates New Security and Monitoring Tools

At PI, we’ve been tracking the evolution of the DevSecOps trend for a while. We have followed the development of modern CI/CD practices and the concurrent shift to containers and cloud infrastructure which enables faster software development and release cycles.

To increase the speed and frequency of software releases and improve end-user experience, companies are increasingly adopting microservices architectures and breaking up applications into smaller containerized services. As a result, developers can quickly and easily push new services and make code updates that are deployed separately without impacting the rest of the application. Containers have proven to be the ideal environment in which to deploy modern apps given their lightweight, agile nature and efficient resource usage. By decoupling apps from the OS and infrastructure layers, containers also enable flexible multi and hybrid cloud deployments and ensure a consistent development environment regardless of the underlying infrastructure. In short, containers enable developers to make more frequent updates and speed up new application creation. This is all well and good until we examine the security posture of the stack.

During our diligence, we observed wide gaps in existing monitoring and security solutions. We zeroed in on the problem: as many enterprises transition to microservices and thereby increase the complexity of their development and infrastructure environments, vulnerability arises because legacy monitoring tools lack visibility into containerized environments. Current monitoring and security tools were created for monolithic application and infrastructure environments — not for the rise of CI/CD, open source components, and managing multiple on-prem and cloud infrastructures. This new dynamic development environment introduces new threat vectors and security challenges in the build pipeline and in runtime environments. We saw the recent SolarWinds hack as a large-scale example of supply chain vulnerabilities in modern IT environments that could only be identified in runtime.

Today, this trend we observed has catalyzed a “shift left” in security — with vulnerabilities in open source and third party components, companies are embracing DevSecOps practices and integrating security best practices throughout the software development cycle. Both build and runtime security are now viewed as absolutely necessary to ensure application security.

Sysdig Leverages Deep Container Visibility to Monitor Application Behavior and Prevent Malicious Attacks

Enter Sysdig, which quite literally checked all of the boxes that we had constructed throughout our diligence process. Leveraging its unparalleled capabilities in container visibility, Sysdig is the first unified approach to security, monitoring, and forensics for container environments across the entire software development lifecycle. Its solution was constructed on open-source foundations, and the platform was built from the ground up to focus specifically on containerized environments and extend across the entire application development cycle. By creating a best-of-breed solution for developers and security teams, Sysdig has built an incredibly strong community whose members are champions for the product in the buying process. It didn’t hurt that the world-class Sysdig team is led by Suresh Vasudevan, a strong, admirable, and thoughtful leader who we’ve known after several years of collaboration on Anaplan’s board. Suresh has deep experience guiding other top-tier teams to success, including Nimble Storage (NMBL), NetApp (NTAP), and Datos IO to name a few.

When we first met Sysdig, we were immediately struck by the depth and breadth of their product offering, paired with strong Kubernetes and CI/CD tool integrations. Their core products — Sysdig, Falco, ImageVision, and Cloud Monitor — together create the first comprehensive security and monitoring offering including vulnerability assessment, container image scanning, threat detection, forensics, and incident response. The platform leverages the Sysdig Agent, a high performance system call tracer that sits on each host to collect information from containers, orchestration layer, and runtime. Sysdig supports most widely used container runtimes and orchestrators, integrates with major CI/CD tools, and has flexible deployment options, supporting all major clouds.

Sysdig has changed the DevSecOps paradigm. They have unlocked the puzzle to monitoring and security in dynamic environments with unmatched visibility, efficacy, customization, and simplicity. The platform secures containers across the build, deployment, and runtime stages of application development. It provides full stack visibility through correlating container activity with metrics and events from Kubernetes, physical hosts, and applications. Customers laud Sysdig’s comprehensive offering, citing ease of deployment and integration, depth of visibility, and a brilliant support team.

Why Now?

We at PI believe that Sysdig is forging an enormous opportunity that could address a $10B+ market opportunity by 2025. Container adoption is still in early stages, but is growing quickly — less than 35% of large enterprises are deploying containers today, but this is expected to increase to 75% by 2024. Total enterprise applications running in a container environment is expected to 3x over the next four years, from <5% to 15%. Concurrently, Kubernetes has become the default container orchestration layer. 59% of container production deployments are using Kubernetes for orchestration.

We feel conviction surrounding the trajectory of the market through observing existing tailwinds, with the shift to CI/CD increasing frequency of software updates, transition to microservices relying on more 3rd party and open source components, and hybrid and multi cloud adoption increasing the complexity of the underlying infrastructure layer. All of which make Sysdig’s core value proposition exceptionally clear. We feel strongly that the market is converging around container and cloud security needs, and that Sysdig will benefit from this trend.

A World-Class Team

Sysdig has a unique open source foundation, originally a project created by Loris Degioanni. Loris was one of the co-creators of WireShark, a visibility tool used daily by >20m users to monitor their networking infrastructure. Loris currently leads the Sysdig team as CTO, bringing an entrepreneurial edge to product innovation and deep experience in open source technology. CEO Suresh Vasudevan brings commendable leadership experience and expertise from previously leading Nimble Storage as CEO prior to its acquisition by HPE. Together, they’ve attracted an incredibly admirable and unreplicable team that we know will continue to push Sysdig to becoming the industry’s leading DevSecOps solution.

We couldn’t be more excited to partner with this incredible team on the journey to secure the modern development cycle!