Open Source Insider

KubeCon + CloudNativeCon 2025: Sysdig (et al) points to Schrödinger’s security snag

Adrian Bridgwater
Adrian Bridgwater

We’re in Atlanta, Georgia all week and that can only mean one thing, it must be time for KubeCon CloudNativeCon (Americas) 2025… and it is. On the hunt for insight into the latest cloud-anative trends and tendencies, our first point of contact this year was with Loris Degioanni, co-founder and CTO at Sysdig.

Always vocal on the world of always-on computing, Degioanni insists that the future of cloud-native is about speed and security must be ready for the challenge.

Assume breach positions

“Over the past few years, developers across the globe have embraced the cloud as the default environment. Most new workloads are born in the cloud… and existing applications continue to move there in droves. Security teams are racing to match the pace of cloud-native, especially as AI adoption surges, but they can’t do that with a traditional mindset. Today we can say that ‘assume breach’ is the only approach that keeps organisations ahead,” asserted Degioanni.

He says that cloud-native environments are ephemeral by design, with 60% of containers living for one minute or less

That creates a “Schrödinger’s Security” problem.

At any given moment, an environment can either be secure or insecure… and that state may change before you even finish asking the question. Real-time visibility, integrated workflows and intelligent automation are a few of the must-have cloud-speed tools in security teams’ toolboxes.

“The good news is that all of the building blocks for robust cloud-native security are here. Technologies like eBPF and rich system call data give us the ability to understand exactly what is happening across cloud and container environments in seconds. With the proper tools, the challenge is not collecting data, but turning it into meaningful security decisions at machine speed,” advised Degioanni.

That’s where the future of cloud-native is headed. Real-time, platform-based, AI-powered security built on open standards. 

Sergej Epp, CISO at Sysdig concurs.

“Cloud security isn’t just about new tools, it demands new processes, new culture and new technology. Firewalls don’t work here. Visibility must come from inside the workload. That’s where innovations like eBPF and deep system telemetry change the game, giving security teams the power to understand exactly what’s happening across containers and workloads in real time,” said Epp.

He says that the challenge is no longer data collection, it’s acting at AI speed. 

“To counter AI-driven attacks, we must think agentic-first: systems that can perceive, reason and respond autonomously across ephemeral cloud workloads. That requires deep, real-time data – every system call, every signal, every second. Good AI starts with good data,” he reminds us.

Steve Francis, CEO at Sidero Labs is also vocal on the ever-developing nature of cloud-native.

“Cloud native has become the backbone of digital autonomy; it’s more than a deployment model,” said Francis. “As organisations move workloads closer to where data is created, the line between cloud and edge is dissolving. We see this as a major inflection point where Kubernetes and immutable infrastructure are enabling a unified operational model that spans datacentres, public clouds and the edge. The winners in 2026 will be those who treat this not as an infrastructure problem, but as a systems reliability opportunity.”

Pursuit of resilience brilliance

Todd Smith, CEO at Taho has more to say here. He thinks that cloud-native started as a way for companies to scale efficiently without massive upfront hardware investments. But, he points out, the recent AWS DNS outage that impacted thousands of businesses and millions of consumers was a good reminder that even the biggest cloud providers aren’t immune to hiccups. 

“Resilience still depends on how teams architect and operate their systems. The focus is shifting from chasing the latest framework to making sure the basics like uptime, portability and customer trust are built in from the start,” said Smith.

“We think that’s where the next chapter of cloud is headed: toward simplicity, reliability and secure defaults. Too often, teams end up buried in YAML, with hundreds of brittle lines defining what used to be a few clicks. That kind of complexity introduces as much risk as it mitigates. What’s needed are guardrails that make good engineering easy. The companies that get this right will make the cloud feel stable and predictable again, even as they scale across regions, span multiple cloud providers and extend to the edge,” he surmised.