This interview puts the spotlight on a highly specialized area of cyber security, identity-based workload protection.
Sramana Mitra: Let’s start by introducing our audience to yourself as well as to Portshift.
Ran Ilany: I’m the CEO and Co-Founder for Portshift. Portshift is a fairly young startup company. It was founded in 2018. We are 20 people and we are in the domain of cloud native security.
We are providing what is termed in the industry as identity-based protection for continuous security and for environments which are essentially Kubernetes and service mesh.
Everybody knows what multi-factor authentication is for users. We get text messages or codes on our cellular phones in order to login. We even get notifications when we move from machine to machine. We can’t really imagine our life without multi-factor authentication. A company such as Google even tries to make the whole process much easier.
When we started, we had all the facilities to identify users accessing services that bear some risk. But how come we don’t have any solutions to identify workload or containers? Some of the cases are accessing the same resources or same information in order to get data.
This was our starting point to address a challenge that we see like expanding in modern environments. Containers are very dynamic environments. We want to protect both the data and who is accessing the data. This is a very high-level description of what Portshift brings to the table.
Sramana Mitra: Double-click down one level.
Ran Ilany: I mentioned that containers and Kubernetes are very dynamic. The number one challenge is pretty much basic. How do you know which application is running? Can you know which connections are corresponding to those containers? Do you really know what was changed in the pipeline itself?
There is a lot of very important information that you’d like to understand in a very dynamic environment. Certainly not the least is whether we can do something about it. We see a lot of things that are happening. We can even identify them. Can we really block a specific container or block the actual connection if we see something bad happening in the environment?
This is a fairly basic challenge that we see with a modern environment which is very much aligned with the organizations that are moving to those technologies. First of all, being able to visualize your assets and secondly, being able to understand and what resources those workloads are accessing.
Lastly, being able to describe the policy which is very simple for controlling those workloads. This is the problem space.
Sramana Mitra: Explain how you’re solving the challenge. Also help position the company for us. The space is crowded. What I’m interested in understanding is also how the ecosystem map plays out. Whom do you partner with? Whom do you compete with? Whom do you interface with?
Ran Ilany: Portshift has Portshift Identity. It’s being able to sign every workload and artifact from the pipeline to the actual run-time environment. I’m not talking about the classical or technical cosigning but being able to take the container hash for instance along with the CICD attributes which describes the containers, and then provide two things.
The first one is being able to control and visualize what is running on top of what. That is to say, for instance, a container which will be associated with a production environment will never be able to run on an instance or VM that is associated with a different environment. This is the vertical perspective of being able to identify your infrastructures, specifically in environments which are not yours.