Paladin Cloud launches open source platform for cloud security and governance

- Advertisement -


While the cloud plays an increasingly important role In today’s business world, companies moving to a remote infrastructure face many challenges, and perhaps the main one is it’s a security issue.

- Advertisement -

Hosting applications and data in the cloud is now a reality for countless companies. But knowing exactly what’s going on under the hood isn’t always easy due to the complexity of in-game integrations, spanning everything from API gateways to Kubernetes. As a result, identifying security policy violations can be a little tricky.

- Advertisement -

This is the problem that Paladin Cloud intends to address this issue with an open source “security as code” platform that is being launched to the general public today.

Paladin Core meaning is to help developers and development (DevOps) teams protect their applications and data in both test and production environments, and this is achieved through full transparency into the security posture of their myriad cloud services and enterprise systems. Ultimately, it’s all about automating the detection and remediation of security policy violations, which can include anything from unauthorized access or misconfigurations to insecure APIs.

- Advertisement -

To help take the open source project to the next stage and further towards commercialization, the Piscataway, New Jersey-based startup today announced it has raised $3.3 million in a seed funding round co-led by Okapi Venture Capital and Bowery Capital with participation of many well-known sponsors, including Samsung Next, T-Mobile Ventures, SaaS Ventures, Touchdown Ventures and UST.

Plugin architecture

Paladin uses a plug-in architecture that helps developers connect to and pull data from multiple sources, including code repositories, threat intelligence systems, API gateways, Kubernetes, and more. Paladin can then detect all assets, evaluate and fix policy violations, and perform any pre-configured automatic fixes.

While Paladin is designed to secure all major public clouds, including AWS, Azure, and Google Cloud, as an open source project, Paladin is flexible and extensible. This means that it can be used as part of hybrid cloud strategieswhere some of their data and applications are hosted between public and private cloud infrastructure – Paladin can be used to create bridges between these disparate systems.

To get a better idea of ​​the world that Paladin has entered, there are a number of other similar players in space – these enable Wiza $6 billion company; bridgethat was recently acquired by Palo Alto Networks for $156 million; and Accurics, which was acquired by Tenable for about the same amount. Not to mention other young startups like Jit, which recently came out of hiding with big capital. $38.5 million in seed funding.

Thus, it is clear that there is a real need for cloud security in the age of DevOps. However, Paladin positions its open source framework as one of its main differentiators. Benefits are the usual benefits of open source solutions, including the fact that open source is an incredibly attractive proposition for developers who prefer to tinker with software and test it themselves without having to jump through giant corporate hoops.

“Developers prefer to deploy open source solutions over closed source solutions,” Paladin co-founder and CEO Daniel Dini told TechCrunch. “Today, closed source players are selling their products to CIOs or security teams as paid enterprise solutions. Many developers don’t use these products because they often don’t have the budget to buy expensive enterprise solutions, and these products aren’t flexible enough to integrate with other cloud systems.”

Although there are other open source players in space (including venture Stacklet), Paladin touts its “holistic approach” to cloud security, which includes the aforementioned connector-based architecture that extends security not only to major public clouds, but to a wide range of cloud technologies such as Kubernetes.

History so far

Paladin has been in stealth mode as a self-funded project since late 2021, and in the past months, founders Dini and CTO Steve Hull have been co-creating the product with partner clients and community developers. .

Today’s announcement marks the official launch of the main Paladin. open source project on GitHub, which includes many out-of-the-box features including a user interface control panel; advanced security policies covering major clouds; policy management plane for direct connection to cloud-based enterprise systems; role-based access control (RBAC); prioritizing policy violations based on severity; and more.

Paladin Dashboard

It also signals the start of what will eventually become a fully commercial product. This will include an enterprise-grade offering with a SaaS self-service platform and premium features such as service level agreements (SLAs), AI-based risk assessment, and improved compliance reporting.

Paladin says it already provides commercial support to at least one public enterprise.

“In addition to many developers using the OSS (Open Source Software) beta product, Paladin signed a multi-year OSS support contract with a Philadelphia-based public company to launch the open source product,” Dini said. “Due to a confidentiality agreement, the company is not currently allowed to disclose the client’s name.”

But before the big monetization kicked in, Paladin is now well funded to fund its growth in the open source community by building its own team.

“The company plans to use the proceeds from the seed round to hire several key roles, such as head of developer relations, and to build its development team,” Dini said.


Credit: techcrunch.com /

- Advertisement -

Stay on top - Get the daily news in your inbox

DMCA / Correction Notice

Recent Articles

Related Stories

Stay on top - Get the daily news in your inbox