Alcide: Creating a cloud-native security solution with Google Kubernetes Engine

About Alcide

Alcide is a cloud-native security leader empowering DevSecOps to continuously secure their growing Kubernetes deployments with continuous code-to-production enforcement of security policies.

Industries: Technology
Location: Israel

About DoiT International

With offices in the United States, Israel, and Greece, DoiT International helps startups to architect, build, and operate robust data solutions on the cloud.

Alcide uses Google Kubernetes Engine to build an elastic, efficient security platform that scales to its customers' needs, however large or small, even with limited resources.

Google Cloud Results

  • Slashes the time to provision new clusters with easy-to-use templates in Google Kubernetes Engine
  • Simplifies maintenance and updates with managed services
  • Enables staff to focus on core business logic and implementation of the product, instead of worrying about infrastructure

Cut deployment time from 2 to 3 days to 20 minutes

Cybersecurity has never been more important but keeping up with evolving technology standards can be a complicated, resource-intensive task. As organizations increasingly embrace the convenience of the cloud, security protocols have to adapt as well.

"Modern cloud deployment can be very complex," says Gadi Naor, CTO & co-founder, Alcide.io, a Tel Aviv-based information security firm. "There are often lots of moving parts and shifting parameters that can be hard to operate and secure." Alcide aims to provide a complete security solution designed specifically for cloud-based infrastructure. With a single platform, customers gain access to a threat intelligence solution using the company's proprietary machine learning algorithms, a deep level of visibility into their systems, and security segmentation at the microservices level.

"In a cloud-native environment, services run on different workloads so you can't base your security around servers," says Gadi. "By focusing on the microservices, we're taking firewalls to the next level."

"The cloud environment is elastic by nature, so we have to be too. We don't have time for a lot of provisioning or maintenance, so we looked for managed services for Kubernetes clusters. For us, Google's solution was the best way of offloading overheads and keeping the benefits of Kubernetes."

Gadi Naor, CTO & co-founder, Alcide

Founded in 2016, Alcide helps organizations secure their distributed and complex cloud stacks with thousands of nodes to secure. To achieve this, Alcide very quickly adopted an architecture based on Kubernetes, allowing its platform to quickly and easily scale up and down according to its needs. As a fast-growing company with limited resources, Alcide places a priority on efficiency. When it looked for ways to optimize its architecture, it turned to Google Cloud Platform (GCP) for the answer.

"The cloud environment is elastic by nature, so we have to be too," says Gadi. "We don't have time for a lot of provisioning or maintenance, so we looked for managed services for Kubernetes clusters. For us, Google's solution was the best way of offloading overheads and keeping the benefits of Kubernetes."

Flexibility, scalability, and ease of use with Google Kubernetes Engine

Over the last few years, cloud deployment has been shifting from virtual machine environments, based around servers and hardware, towards container-based systems, where the architecture is broken down into components. Each component performs a single task and they communicate with each other via APIs and messaging systems. A system like this makes it easier for companies to scale up and down quickly and maintain large workloads, compared to a more traditional architecture. Early on, Alcide developed its architecture around Kubernetes, an open source container solution from Google.

Even with Kubernetes, Alcide knew that it could make its deployments faster. "We were provisioning new clusters manually, which took days, even for experienced DevOps staff," says Gadi. "That was too much time from our perspective." In addition, the time and effort needed for maintaining clusters and managing security meant that Alcide's tight resources were being stretched thin. In early 2017, the company began looking for managed services with Kubernetes.

"There are a lot of additional services like logging, monitoring, and security that are baked into the overall service with Google Kubernetes Engine and Google Cloud Platform. With Kubernetes Engine in particular, Google is doing a great job in maintaining its performance. It's the best managed service we found."

Gadi Naor, CTO & co-founder, Alcide

After assessing its options, Alcide decided that Google Cloud Platform offered the most stable and secure solution for the company. Google Kubernetes Engine was the core of the new system, providing easy provisioning of new clusters and built-in maintenance tools. Alcide's developers spent time working on a deployment template that fit their needs. Once that was in place, creating new environments from scratch was quick and simple.

In addition, Alcide used Container Registry to maintain its container images, Cloud Load Balancing to keep its service smooth even with high volumes of traffic, and Stackdriver for logging each one of its clusters. Meanwhile, Google Cloud Identity & Access Management enabled Alcide to simplify its security while streamlining the procedures with granular control of permissions and authentications. By the end of its migration period, Alcide was using Kubernetes Engine for its testing, development, and production environments.

"There are a lot of additional services like logging, monitoring, and security that are baked into the overall service with Google Kubernetes Engine and Google Cloud Platform," says Gadi. "With Kubernetes Engine in particular, Google is doing a great job in maintaining its performance. It's the best managed service we found."

Reduced deployment time for increased productivity

Kubernetes Engine and Google Cloud Platform have enabled Alcide and its security platform to achieve a new level of elasticity by slashing the time taken to deploy new environments. "Provisioning new clusters used to take two to three days," says Gadi. "With our templates in Kubernetes Engine, we can now do it in 20 minutes." This has helped Alcide scale its platform to accommodate large enterprise stacks with thousands of nodes and hundreds of thousands of workloads.

"For a startup like ours, we want to move fast, close the gaps with our customers, and provide as much feature functionality as we can. Google Cloud Platform lets us concentrate on writing our own business logic and implementing the application, without having to worry about the infrastructure."

Gadi Naor, CTO & co-founder, Alcide

Meanwhile, Google's managed services made maintaining and updating clusters much easier for Alcide. With much of the DevOps burden lifted, engineers could now work on more important business objectives.

"For a startup like ours, we want to move fast, close the gaps with our customers and provide as much feature functionality as we can," says Gadi. "Google Cloud Platform lets us concentrate on writing our own business logic and implementing the application, without having to worry about the infrastructure."

Always evolving, always improving

As Alcide grows its business and works on new features, it continues to explore new ways of making GCP and Kubernetes even more efficient. The company is currently looking at the option of preemptible virtual machines in Kubernetes Engine to reduce costs while new features in Container Registry allow for built-in image scanning for vulnerabilities. "It's something we've recently started to explore, and it helps us deliver a much more secure workload in the design period," says Gadi. "We're very happy with Google Cloud Platform, both with where we're at now and where we're headed."

About Alcide

Alcide is a cloud-native security leader empowering DevSecOps to continuously secure their growing Kubernetes deployments with continuous code-to-production enforcement of security policies.

Industries: Technology
Location: Israel

About DoiT International

With offices in the United States, Israel, and Greece, DoiT International helps startups to architect, build, and operate robust data solutions on the cloud.

Google Cloud Platform logo

12 Months FREE TRIAL

Try Kubernetes Engine, BigQuery, and other Cloud Platform products with $300 in free credit and 12 months.

TRY IT FREE
Google Cloud Platform logo

12 Months FREE TRIAL

Try Kubernetes Engine, BigQuery, and other Cloud Platform products with $300 in free credit and 12 months.

TRY IT FREE