Interview with Chris Kranz and Why Sysdig

Sysdig are a company that are at the forefront of container security and monitoring. They have been asking the questions for a number of years that people are only just starting to look at regarding how to secure access to containers. I had the pleasure to interview Chris Kranz, Sysdig’s EMEA SE Manager. He has a wealth of knowledge about all things DevOps. This is a two part interview, this post goes into the why, what and then we touch upon futures a little bit, part two of the post is a conversation about the state of the industry.

An Interview with Chris Kranz

So without further ado, let’s kick off the interview.

Why did you join Sysdig?

Chris: I’ve been doing the DevOps thing for a while. Scripting, automation and those kind of things got me into the Cloud side of things, Whilst at my previous company I started getting into the container side of things from a storage aspect and I knew a couple of people from there that went to Sysdig, but at the time I didn’t really have the container experience they were looking for.

So I went back to the contract market and worked on a project to stand up a container-as-a-service platform for a new payment platform. I spent nine months there and that was what gave me the experience to go and join Sysdig. That’s the journey of how I got there.

Sysdig

The why is when I working on the contract, we were looking at using all open source tools; so we were using upstream vanilla Kubenetes, we were doing Prometheus, Logging with Elasticsearch, Fluentd, and Kibana and finally Jenkins. All of this stuff was open source and we were doing things very much DIY.

We knew what we were doing, but the gaps were obvious and they were glaring in the face and at the time when I was talking to the guys at Sysdig. We were talking about the monitoring side and I was like “yes these are all my problems I wish we could sort but it’ll be great if you did security, too”.

Container security the static part
Source: stocksnap.io

Then lo and behold just as I join Sysdig, the security messaging starts coming out, and it was just dumb luck for me. I joined Sysdig as a monitoring company and within a month they were shouting about security left right and center. Security is now a big focus of what I do. Because nobody really cares about that you’re smarter about monitoring than anybody else, as long as you deliver a dashboard and it shows metrics customers are happy.

Security however is a whole different bag. There’s a lot of value in security, while the security marketplace is huge, there are not many people really maturely looking at containers as first class citizens. Lots of traditional security companies are saying “We do security of containers too” but they are really just kludging it. Sysdig came from containers; you know using the Batman and Bane thing, we were born in that world. We didn’t adopt it.

Want to join our 1-day workshop on Running the Sysdig platform in a Kubernetes environment?

Check the agenda or contact tim.boersma@amazic.com for free registration.

What are Sysdig’s capabilities?

Chris: I guess that the elevator pitch is: we can go deeper. We do monitoring, security and forensics for containerized platforms. The core capability is being able to monitor individual system calls. Every application makes system calls in order to talk to the underlying OS, to get access to hardware whether it’s writing files talking to the network or talking to other applications. By monitoring those we get deep insights into operational telemetry, but it also gives us a really rich source of security information.

Building up on top of that, the good and bad ugly of containers is that they just pop up in huge numbers. Our largest customer has got a hundred and fifty thousand containerized hosts and they are churning through millions of containers every day. That in and of itself just represents noise at that level.

What does the future hold for Sysdig?

Chris: You’ll see Sysdig continue to grow in the security space. I think over the next couple of years Sysdig will help organizations transition more into that DevSecOps; baking security into the software release cycle.

Sysdig has evolved and will continue to strengthen as a security company. So I think that’s what excites me most is the security coverage. You know I look at I look at our platform I look at the data that we have access to and what we collect and as a data geek it’s hugely exciting. The potential for what we can do with that, from a security perspective and also application health; it does to some extent go back to monitoring.

Machine learning are going to be hugely exciting in this space. Without sounding like I’m having a dig at anyone else I love that we’re technically honest. We don’t really have marketitecture too much. I like the fact that when we come out and say we do something it’s actually pretty spot on and it’s something that I can I can be pretty proud of as a techie.

Summary

Sysdig is a very rounded-out Container monitoring solution that has taken great strides into becoming a force to be reckoned with in the Container security market, because they have come to container security from a strong position of actually leaving and breathing containers rather than container support being bolted on. Sysdig’s knowledge is both deep and board.

In the next post Chris and Tom discuss the state of the industry to see why Sysdig is in the position it’s in, and how Sysdig helps customers balance security and monitoring.

Want to join our 1-day workshop on Running the Sysdig platform in a Kubernetes environment?

Check the agenda or contact tim.boersma@amazic.com for free registration.