Deepfence CEO Sandeep Lahane teamed up with Owen Garrett, Head of Products and Community, to chat with Craig Box from the Kubernetes Podcast from Google. Craig posed some interesting questions about how Deepfence came about, the problems it solves, how it fits into a complex landscape of cloud native security solutions, and the decision to make an open source project. In this post, we give a sneak peek into some of the conversation and point you to episode #173 so you can listen in.
Sandeep describes how, during the earliest days of Docker and Kubernetes, he had the idea to extend microservices into the world of security. That was the high-level concept behind the genesis of Deepfence: delivering security as a microservice and creating a security tool that scales, just like the rest of your microservices.
Through research and collaboration with partners and other security professionals, Sandeep emphasizes that he was focused on understanding the core security challenges in cloud native environments. What was missing? Sandeep notes that, with alarming consistency, the feedback to that question was: “We need deeper visibility and understanding of what is happening between and amongst all the microservices in our ecosystem.” This resounding request is what inspired Sandeep to create Deepfence and develop its two products, ThreatMapper and ThreatStryker, along with Owen and CTO Shyam Krishnaswamy.
Craig also delves into where the two Deepfence products fit on the DevSecOps left-to-right spectrum. Owen articulates why the different teams – Dev, Sec, and Ops – have different problems to solve and requirements to fulfill and therefore need different tools.
To get the full story and to learn more about the innovative technology behind ThreatMapper and ThreatStryker, including deep packet filtering and eBPF, and how these products provide a way to observe all of the “chatter” to contextualize and prioritize vulnerabilities, check out the full Kubernetes Podcast from Google or click the image below.