PlatformIntegrationsChangelogPricingBlog
Deploy in your cluster
About

We saw a miner run for 11 days. We built Kubesentry so your team doesn't.

Founded in 2024 in Seattle. Four engineers who've lived the runtime security gap firsthand.

The incident that started everything

In 2023, Iris Van Leeuwen was leading platform security at an early-stage fintech startup. The company ran a 30-node EKS cluster — image scanning was set up, SAST in the CI pipeline, shift-left security done right. Then the cloud bill arrived. $47,000 over budget. Eleven days of undetected cryptomining.

The attacker had exploited a misconfigured deployment post-launch. The container image was clean. The vulnerability was introduced via an environment variable injection in a staging pipeline that carried through to production. Not a single scanner caught it, because the mining binary wasn't in the image — it was downloaded after the container started running.

Iris spent the next three months researching what eBPF-based runtime monitoring could have done. Dev Anand — then a kernel engineer who'd contributed to the Linux eBPF verifier — had a working prototype over a weekend. Kubesentry was incorporated in early 2024.

The mission is simple: give every Kubernetes team the runtime visibility that only large security teams with dedicated tooling currently have. SREs and platform engineers running mid-size SaaS products shouldn't need a dedicated SOC to catch what's running in their clusters.

Mission

Give every Kubernetes team the runtime visibility that only large security teams currently have.

How we build

  • Visibility before compliance theater
  • Low-noise, high-fidelity alerts
  • K8s-native deployment (DaemonSet not sidecar)
  • Open detection rules (Falco-compatible)
$3.5M
Seed Round · 2024
Seattle, WA
Founded 2024

The team

Iris Van Leeuwen
CEO

Previously led platform security at an early-stage fintech; experienced a cryptomining attack firsthand and spent 11 days understanding how eBPF could have caught it in real time.

Dev Anand
CTO

Former kernel engineer; contributed to the Linux eBPF verifier. Built the first Kubesentry prototype over a weekend after Iris described the incident.

Priya Nakamura
Head of Detection Engineering

Former threat researcher at a cloud security company; wrote 40+ Falco rules that are in the OSS Falco library today.

Marcus Webb
Lead Engineer

Distributed systems engineer; previously built high-throughput event pipelines at a telemetry startup.

Join us in building runtime visibility for every K8s team.

We're hiring. Reach out at [email protected].

Deploy in your cluster Get in touch