Chinese financial services firm Ant Group has created a homegrown cloud security platform on open-source software – building it heavily around Kata containers and eBPF.

The company opted to “build it” rather than “buy it” because existing container workload protection software “left gaps around container escape, inconsistent kernel support, and policy management complexity,” the Linux Foundation said.

Ant Group, a partially owned subsidiary of the sprawling Alibaba Group conglomerate, is using the platform, dubbed AntCWPP for “high-risk workloads” it said in a case study. 

Kata containers…

It built the platform on Kata containers. 

That’s a novel implementation of a lightweight virtual machine that merged the Intel Clear Containers and Hyper runV projects with the self-declared aim of “retooling virtualization to fit container-native applications, in order to deliver the speed of containers,  and the security of VMs.”

See also: This new OSS tool uses eBPF to slash cloud networking costs

Get the full story: Subscribe for free

Join peers managing over $100 billion in annual IT spend and subscribe to unlock full access to The Stack’s analysis and events.

Subscribe now

Already a member? Sign in