 From around the globe, it's theCUBE with coverage of KubeCon and CloudNativeCon Europe 2020 virtual, brought to you by Red Hat, the CloudNative Computing Foundation and ecosystem partners. Welcome back, I'm Stu Miniman and this is theCUBE's coverage of KubeCon, CloudNativeCon, the Europe 2020 virtual edition. Of course, even before 2020, security was one of the top concerns out there with everyone working from home, some of the ramifications, what's happening, security is even more heightened and something we've had great pleasure digging into in this CloudNative ecosystem. Happy to welcome to the program first time guest and first time we've had cyber armor on theCUBE, so welcome Ben Hershberg who's the co-founder and vice president of R&D. Ben, thank you so much for joining us. Thank you for having me, Stu, thank you. All right, so Ben, 10 years ago when I became an analyst, security was one of those things that if you look at security and management overall, it's, ah, these are the things we need to fix in IT. Unfortunately, a decade later, it's still something that I can say, so if you could just frame for us a little bit as one of the co-founders of the company, what was the why for cyber armor? What did you see out in the marketplace? What was some of the core competencies that you and your team had that made you form the company? Yeah, so it's a really good question because when we, three years ago, when we started to look around in the cyber industry and we're really looking into what's happening today because cyber was founded by veterans of the industry and we were looking into what part of the chain was missing in the security field and we saw that one of the key components which is even today is missing and we are coming in to solve it is the component of the software itself. I mean, we are really looking, looked for many, many years as you said, we looked into the field and we saw firewalls and segments and parameters and we saw authentication of users and these were more the most important aspects of cybersecurity and we saw that there is a big change in the field because today the systems are so elastic, so changing, so many new components went into the field and so much is changing that we see that, okay, we cannot still build our security upon the old infrastructure we had before and we went into the most common denominator you have in the field and it's the software because if you're looking into what you are trying to protect today, obviously you're trying to protect your data and your data is sitting behind some kind of software and usually the software is run on some kind of an infrastructure which is in the old world it was a data center, today we are evidence going into the cloud and between these two steps came into the new kind of containerization and cloud-native infrastructure which really changes the whole way we are looking into how to run our software today and we saw that the most common denominator is the software itself, so what we call workload and we said that well if I need to protect something I need to protect the workload and I run through protecting the way that I don't really care who is running it and where it's being run but I am in our case we are also SaaS provider of our security solution when I'm running my workload I want to be in control and this is the thing we are targeting we are targeting giving the one who's writing the software the one who is deploying the software the owner of the service giving him let's say the keys and all the two of them and no one else All right so Ben if I hear you right is that then the application developer is the one that's interacting with your software and using it obviously the DevOps movement really rallied around telling people that security can't be an afterthought it needs to be something baked into the process more recently DevSecOps is a term that we hear used quite a bit so who are the people that are involved will help us understand a little bit really the organizational impact of what you're doing So today we see our world really gravitating towards development and DevOps I mean I see DevOps as an integral part of the development because we don't want to create a different organization to handle these kind of deployment things if I have a group who's in charge of all the service I want this group to handle the service from A to Z and we are targeting not really the developers in the sense that we are not integrating the software with APIs but we are integrating our solutions through the deployment tools so in order to use our solution which is actually a software identity based control plane you don't need to integrate it with your software you are developing we can take any kind of software anyone wrote and we can integrate it with the system using cloud native techniques like Kubernetes integration so it's really who is going to interface with our solution is more DevOps and sector folks as you mentioned All right, Ben when I look at your website you talk quite a bit about the integrations you mentioned Kubernetes of course we're here at the cloud native conference so what integrations how much work is there to do to integrate with the various Kubernetes platforms how do you tie into things like service meshes are there any other of the dozens and dozens of projects that the CNCF has out there that your team needs to be involved in integrating with? So we took a really, yeah it's interesting phrase but we took an orthodox approach here where we said that we want to integrate with the core features of Kubernetes only because from our perspective we don't want to bring in other solutions into the service space what our customers are having so therefore we are integrating ourselves only with the Kubernetes core component and literally installation of our system takes a second and which is partial because Kubernetes itself is such a good solution that such a good project that literally installations and all setups are taking no time and we are bringing our own service to service authentication control plan we are an early stage startup and we are looking into developing our solutions to integrate with the service mesh also at a later phase bring our security on board and bringing also there the missing chain in the security which the service mesh was missing because we simply see that there are really great products and really great solutions there so we want to enable our customers to enjoy all they can but without compromising their security. All right, your product itself what's the relationship with open source? Many of the companies we've seen doing security have open source projects the event is in person you walk around the show floor and open source is a big piece of this community here so what's your relationship when it comes to open source? So it's a really interesting question because many of our founders came from the direction not from the open source but from classical closed source companies and partially this is due to simply the sensitivity of the security field and there are historical reasons for that but I myself and some of our key people always gave into open source and took part in many open source projects in the past as a company cyber armor looks into open source as something very, very valuable we are really looking into how we can interact and how we can open source our parts of our solution which can make interest other companies and other people because everyone of us knows that there are two main reasons to open source one is show some kind of transparency and the other is to let others enjoy also your project and take part in it so right now at this stage we have only a few open source parts of our system which are more we have open source than for transparency reasons but we're really looking into every day and we're looking into how we could take some parts of our system and make it generally available because we think it's a good idea. All right, Ben, what can you tell me about your customers? Oftentimes if you've got an example even if it's anonymized helps explain the value proposition of what your company is offering. So, where to start? So, one of our first customers is a big service provider, B2C service provider which is a well known company and this company really had high security expectations from the cloud native systems and they tried many solutions in order to protect their services and their internal service to service communication and they simply after food trails they tried our solution and understood that our solution has also big benefits from the security side and the upside from the performance side therefore they decided to go with cyber in order to protect their East-West communications within their systems Another company which is a B2C company is deploying his system in the cloud infrastructure which they are less reliant and less feel secure because of legal reasons and therefore they decided to use cyber in order to completely protect their services and not just the communication between the services but also the intellectual property they have within their services in order to protect themselves and this is a very interesting use case because they are simply, I think, one of the biggest, you know, beyond Google and Facebook and the big companies we know, cloud companies we know they are one of the biggest cloud users I know so they really have a very interesting scale of going from 3,000 nodes where NetE is spawning up to within a few hours to 100,000 nodes scale which was, you know, a very interesting experience for us because, you know, as a new startup, you know, this is how you are trying your system out and prove that your solution is indeed made for the cloud and, you know, we're really happy to say that we passed this phase Alright, well, Ben, since you have the R&D component in your role give us a little bit of an insight as to the things you're working on what you see as some of the big challenges that the security in this space need to be addressing a little bit further down the road So, there are two big things which we are working on and I think that two interesting parts of the security question because one part is that no one of us really like to pay more for security, we don't like to pay for it we want just to have it, okay? It's something, you know, you won't be there but you don't want to know about it and when, you know, we are talking about, you know, even here at KubeCon we are talking about simple things like, you know, moving from clear communication to TLS we right away understand that it costs us money and one of our biggest goals here is to add security without having excessive costs for the service provider and we really are trying to improve our system and make it more performing in the sense that they should take as last call on services in order to provide security and the other big part is runtime security because our solution is making sure that, you know, that your workload which you are running in your system is keep being the same workload throughout the whole runtime process just as you want it to be and in order to do that we are taking what they call what we call code DNA in the CICD of our customers and we understand how his workload should work and in runtime we make sure that his workload is not changing maliciously and the same behavior stays as it should be and, you know, this is something we are really improving because we are looking into the newest attacks coming from many directions and we want to incorporate that in our solutions and make sure that you can, you know, throughout the whole runtime process of your workload we can keep you secure and safe and this, you know, this is very interesting work and, you know, as someone, as I'm with a veteran of cyber security and a white hacker of myself in my previous jobs, you know, I see this as something really interesting and really evolving today. All right, well, Ben Hershberg, thanks so much for introducing our community to cyber armor. Great catching up with you. And I was glad to be here. Thank you very much. And thank you. Stay tuned for more coverage of KubeCon, CloudNativeCon. I'm Stu Miniman and thanks for watching.