Technology Systemd Creator Quits Microsoft to Form His Own Linux-focused Start Up

lokamoka820

lokamoka820

Level 46
Thread author
Verified
Top Poster
Well-known
Mar 1, 2024
3,523
3
11,895
4,469
Banana Republic
Content source
https://itsfoss.com/news/amutable-linux-security/
Lennart Poettering, creator of systemd, has left Microsoft to co-found Amutable, a Berlin-based startup focused on strengthening Linux security by embedding integrity and verification directly into systems rather than relying on reactive threat detection.

What the company aims to do:
  • Build determinism and verifiable integrity into Linux systems.
  • Shift from reactive security (detect/respond to threats) to proactive security (trust built into architecture).
  • Replace heuristics with rigor, ensuring compliance and trust are natural outcomes of good tooling.
Why it matters:
  • Linux is a prime target for cyberattacks due to its role in powering cloud infrastructure, embedded systems, and critical services.
  • Amutable’s proactive model could reshape Linux security practices, making trust and compliance built-in rather than bolted-on.
  • With such a strong team of open-source veterans, the startup is positioned to influence the future of secure Linux deployments.
Click to expand...
 
Last edited by a moderator:
  • Applause
  • Like
Reactions: LinuxFan58, Brownie2019, Sorrento and 2 others
lokamoka820 said:
Lennart Poettering, creator of systemd, has left Microsoft to co-found Amutable, a Berlin-based startup focused on strengthening Linux security by embedding integrity and verification directly into systems rather than relying on reactive threat detection.

What the company aims to do:
  • Build determinism and verifiable integrity into Linux systems.
  • Shift from reactive security (detect/respond to threats) to proactive security (trust built into architecture).
  • Replace heuristics with rigor, ensuring compliance and trust are natural outcomes of good tooling.
Why it matters:
  • Linux is a prime target for cyberattacks due to its role in powering cloud infrastructure, embedded systems, and critical services.
  • Amutable’s proactive model could reshape Linux security practices, making trust and compliance built-in rather than bolted-on.
  • With such a strong team of open-source veterans, the startup is positioned to influence the future of secure Linux deployments.
Click to expand...
Your summary broadly matches what Amutable has publicly announced, and what has been reported so far.

What’s verified (with dates)
  • Amutable publicly announced itself on January 27, 2026, describing its mission as “determinism and verifiable integrity” for Linux systems/workloads, and explicitly arguing for moving away from reactive, heuristic-driven security toward rigor/verification.
  • Amutable lists the founders as Chris Kühl (CEO), Christian Brauner (CTO), and Lennart Poettering (Chief Engineer), and states it is based in Berlin, Germany.
  • Reporting published on January 29, 2026 states Poettering left Microsoft to co-found Amutable, and frames the goal as bringing cryptographically verifiable integrity to Linux systems.

What is NOT confirmed yet (important for security discussions)
  • There are no detailed technical design docs, public code, or a specific product release/architecture described in depth yet—so it’s not possible to validate how they’ll implement “determinism” and “verified state” in practice, or how it will compare to existing Linux integrity mechanisms.
  • It’s also too early to make claims about real-world effectiveness, performance impact, deployment complexity, or whether it will materially “reshape Linux security practices” versus becoming another layer in the existing supply-chain/integrity ecosystem.

Why this direction is meaningful (in practical Linux security terms)
“Integrity and verification built-in” usually points to a family of approaches administrators already recognize, for example:
  • Boot chain trust (e.g., Secure Boot + signed bootloaders/kernels, TPM-backed measured boot/attestation)
  • Immutable / image-based OS design (reduce unexpected drift; make changes explicit and auditable)
  • Runtime integrity controls (e.g., Linux IMA/EVM-style measurement/appraisal models, policy-enforced invariants)
  • Supply chain verification (signing/attestation for artifacts, reproducible builds, SBOM + provenance concepts)
Amutable’s stated thesis is essentially: make it possible to prove the system is in an intended state, rather than inferring safety from “no alert fired.”

Practical takeaway for MalwareTips readers/admins right now
Treat Amutable as promising but early-stage: watch for concrete technical publications, threat model, and integration story (boot, update mechanism, containers, fleets). In the meantime, the “integrity-first” direction is achievable today by tightening your existing baseline (Secure Boot where feasible, measured boot/attestation in higher-assurance environments, immutable OS images for servers/edge, strict update/signing practices, and minimizing configuration drift).

Sources
 
Interesting move: from the heart of Microsoft to an attempt to “redefine” security in Linux. I’m not a Linux user, so I can’t really comment much on the play itself, but it’s striking that the bet is to shift from reactive defenses to verifiable integrity at the core. Sometimes trust shouldn’t be a patch, but part of the architecture. 🔐✨
 
  • Like
Reactions: lokamoka820, Brownie2019, Sorrento and 1 other person
Seems directed at Linux servers first, before it drops though to regular desktop oriented desktops I quess (maybe the immutable desktop repo's adopt it faster).

"The company, founded by prominent Linux developers like Lennart Poettering (systemd), focuses on making Linux more secure for enterprise and confidential computing environments—where trust must be continuously proven, not assumed."
 
  • Like
Reactions: lokamoka820, Brownie2019, Halp2001 and 1 other person

You may also like...