Check out all the on-demand sessions from the Intelligent Security Summit here.
Armo, an Israel-based security startup, believes it can mitigate the challenges of securing software vulnerabilities and managing privileges with its new platform that targets cloud-native computing environments. Today, Armo emerged from stealth to announce it has raised $4.5 million in seed funding from Pitango First.
“The last five years in cloud workload was all about vulnerability management and misconfiguration,” Armo CEO and cofounder Shauli Rozen told VentureBeat. “We are now seeing companies getting into runtime and facing the realities of doing runtime security and getting runtime visibility and control into their environments. And they see that the existing tools just don’t work.”
Runtime security refers to the idea that all computing activities occurring within a container are vetted for potential vulnerabilities. Containers and microservices are increasingly popular options for writing and deploying web-based applications, but the security side has not always kept pace.
To get around that, security teams have improvised solutions such as a “sidecar,” which, as the name suggests, is software bolted onto the side of the main application to deal with security. But Rozen said this type of approach doesn’t provide great visibility and can impede performance. For instance, according to an analysis of around 4 million Docker Hub images, about 51% had exploitable vulnerabilities and 6,432 of the images had malware.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
Instead, Armo has developed a platform called Workload Fabric that allows DevOps teams to include security directly in the applications as they are being written. It also provides a dashboard for monitoring any potential issues.
A benefit of this approach is that Fabric can identify malicious code that has been inserted into an application. This was something that failed to happen in last year’s SolarWinds hack, when Russian hackers inserted malicious code into an application that was distributed via updates to customers.
“The developers don’t have to change the way they work, they just add our component and then every microservice goes up with this fabric embedded,” Rozen said.
Rozen’s cofounders Leonid Sandler and Benjamin Hirschberg had previously founded NDS, which Cisco acquired for $5 billion.
Armo has been developing the platform with a handful of partners to refine the technology. Now it is making the technology publicly available and will use the funding to launch its marketing efforts. Rozen is optimistic that DevOps teams will be enthusiastic about a service that makes it easier for them to embed security.
“Many people say that DevOps [teams] don’t care about security,” Rozen said. “I find it to be not very true. They do care about security, but they don’t want it to bother them.”
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.