We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Today, event-driven software-as-a-service (SaaS) platform Kubernetes Security Operations Center (KSOC) announced it raised $6 million as part of a seed funding round.
KSOC’s solution is designed to enable developers to automatically discover and track assets associated with Kubernetes environments across any cloud provider, from container registries to relevant cloud logs and clusters. It also uses event-driven architecture to identify misconfigurations, vulnerabilities, and security issues in real time.
Making Kubernetes management simple
The organization hopes to offer a solution for enterprises and technical decision-makers to simplify Kubernetes management, so that onsite security teams can secure Kubernetes and cloud-native infrastructure even if they don’t have extensive experience managing cloud attack surfaces.
This announcement comes as an increasing number of organizations struggle to secure Kubernetes environments, with 55% citing lack of internal experience and expertise as the biggest challenge when choosing Kubernetes, and 37% saying it was hard to hire internal expertise.
“Kubernetes is complex, and its deep layers of abstraction leave blind spots from a security perspective,” said Jimmy Mesta, cofounder and CTO of KSOC. “KSOC uses an event-driven architecture to not only find security issues in real time, but we take it a step further through automatic remediation via code or distributed policy enforcement aligning with security frameworks.”
At the same time, “Kubernetes user and service account entitlements are often overly permissive and one of the leading causes for cluster compromise. KSOC monitors in-cluster activity around role-based access control alerting on changes and remediates over-privileged access automatically,” he said.
A look at the Kubernetes security market
KSOC is the latest entrant to the global container and Kubernetes security market, which was valued at $714.0 million in 2020 and is projected to reach $8.24 billion by 2030 as more vulnerabilities and cyber threats raise concerns over securing container infrastructure.
The provider’s main competitors in the market are legacy scanning solutions that pinpoint misconfigurations and vulnerabilities. One of these providers is Lacework, which offers a security monitoring platform for Kubernetes that uses behavioral analysis and machine learning to detect known and unknown threats. Lacework raised $1.3 billion last year in a series D funding round and received an $8.3 billion valuation.
Another is Sysdig Secure, a security solution for containers, Kubernetes, and cloud environments with threat detection and response policies, which recently announced raising $350 million in funding, taking the company to a $2.5 billion post-money valuation.
However, Mesta argues that KSOC’s capabilities go far beyond the scanning capabilities of existing solutions.
“Our competitors mainly focus on legacy scanning solutions that only surface point-in-time misconfigurations or vulnerabilities in containers or Kubernetes. These products typically only provide a list of issues in the form of a report, leaving teams to solve the remediation process manually,” he said.
“KSOC is built by Kubernetes security veterans to address the needs of modern enterprise organizations as they continue to scale out their mission-critical business applications in Kubernetes,” Mesta said. “Our event-driven approach combined with identity-centric security remediation give our customers confidence that no security flaws will be introduced or exploited in their runtime environments.”
The funding round for KSOC was led by .406 Ventures, with participation from Vertex Ventures US and Gula Tech Adventures, and will enable KSOC to accelerate product development and upscale its sales and marketing strategies.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.