Learn how your company can create applications to automate tasks and generate further efficiencies through low-code/no-code tools on November 9 at the virtual Low-Code/No-Code Summit. Register here.


Container and cloud security vendor Sysdig, which today announced raising $350 million in funding at a $2.5 billion post-money valuation, has seen its customer base surge by 75% this year for its security platform that offers deeper visibility and better prioritization of threats, CEO Suresh Vasudevan told VentureBeat.

The platform’s “open source foundation” has also continued to help set the company apart, he said in an interview. And in 2022, Sysdig aims to sustain its strong growth with the help of its series G funding round, which has also enabled the vendor to more than double its valuation from just eight months ago.

Sysdig’s platform offers capabilities spanning cloud-native application development security, detection and response for runtime threats, and management of configurations and permissions. The platform covers security across containers, Kubernetes container orchestration, and a range of public cloud and hybrid environments.

“The fact that we’ve built an end-to-end platform allows us to have a much better sense of how to prioritize, what to focus on, and how to remediate issues at the source—at the time when you’re building your software rather than much later when you’re deployed in production,” Vasudevan said.

Event

Low-Code/No-Code Summit

Join today’s leading executives at the Low-Code/No-Code Summit virtually on November 9. Register for your free pass today.

Register Here

Fast-moving markets

That emphasis places Sysdig squarely at the center of not only the fast-growing cloud security market—Gartner estimates 70% of workloads will be running in the public cloud within three years, up from 40% today—but also of application security.

In the application security realm, ensuring that apps are secure from the get-go during the DevOps process has become an increasing focus for many companies. According to a recent report from Venafi, nearly all senior IT executives agree that software build processes are not secure enough. And concerns about insecure software supply chains are widespread as businesses grapple with the vulnerability in Apache Log4j — an open source component that is often hard to detect in software—and attacks such as the SolarWinds Orion breach.

Meanwhile, when it comes to containers, a survey by the Cloud Native Computing Foundation (CNCF) found that the use of containers in production has surged by 300% since 2016, with 92% of organizations using containers in production in 2020.

Growth spurt

Sysdig tripled its security revenue run rate this year while adding 300 new customers, bringing the company to 700 customers in total, according to Vasudevan. Customers include Goldman Sachs, IBM, Cisco Systems, Comcast, McKinsey & Company, Pixar, SAP Concur, and Experian.

Notably, Sysdig also saw a major increase in the average spend of its top customers this year, ending the year at an average annual spend of $800,000 for its top 50 customers — up from $500,000 at the start of 2021, he said.

“Not only are we seeing more customers deploy modern, cloud-native applications, but their footprint of cloud-native technologies is increasing rapidly,” Vasudevan said.

Sysdig’s customer traction no doubt helped to fuel the company’s big jump in valuation with this latest funding round. The San Francisco-based company had most recently achieved a valuation of $1.19 billion in April of this year, in connection with the firm’s $189 million series F round.

The new funding round was led by Permira, via the investment firm’s growth fund, and included Guggenheim Partners as the one other new investors. Existing backers that took part in the round were Accel, Bain Capital Ventures, DFJ Growth, Glynn Capital, Goldman Sachs, Insight Partners, Next47, Premji Invest & Associates, and Third Point Ventures.

Sysdig has now raised a total of $744 million since its founding in 2013 by Loris Degioanni.

Open source advantage of container security

Sysdig’s platform is built on top of two open-source threat detection projects that Degioanni originally created — one being Falco, and the other being the open-source version of Sysdig. Falco was donated to the CNCF in 2018, and it’s received more than 37 million downloads.

Sysdig customers appreciate this open source foundation because it shows widespread adoption of the underlying technologies used in the company’s platform—there’s a level of “standardization” that is very assuring, Vasudevan said.

“If I want to implement runtime rules for how to detect risky access, it’s not just that Sysdig says, ‘Here’s a proprietary way of doing that.’ Because we’ve done this in the open source, our policies are published in the open source, and our rules for detection are published in the open source. They’re being adopted by AWS, by [Microsoft] Azure, by Google,” he said.

“We see this over and over again: A customer comes to us and says, ‘Your Falco rules are being used by many other customers. So it gives us comfort in using you for detection, versus a proprietary rule that a vendor might have created,'” Vasudevan said. “Standardization by others in the industry and by ecosystem partners is the biggest benefit.”

Key capabilities

In addition, Sysdig differentiates with the depth of visibility it provides into customer environments, he said.

“We pride ourselves on having unmatched visibility — deeper data and richer context — that allows you to do much better security detection and to have more insights on what’s risky than anyone else,” Vasudevan said.

And this visibility extends across not only vulnerabilities and configuration issues, but also into the detection of threats in real-time — providing a significant enhancement to security, he said.

On top of that, the platform leverages this visibility to help customers—who are often inundated with hundreds of vulnerabilities that need to be fixed — to prioritize the most important issues to focus on, according to Vasudevan. “Suddenly your list of vulnerabilities shrinks to a much more manageable level,” he said.

Looking ahead, Sysdig plans to continue enhancing its platform in areas such as automated remediation of issues through Infrastructure as Code (IaC) and enabling queries about data access to cloud data stores beyond Amazon S3, Vasudevan said.

Sysdig is ramping up for a big 2022 in terms of sales, he noted. “Our objective over the course of 2022 is to basically deploy three times the sales capacity that we have,” Vasudevan said. Key geographies for expansion will include Europe, the Middle East, Asia-Pacific, and South America.

The company currently employs 500 and said it plans to use the new funding in part to double its headcount in 2022.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.