May
18
2021
--

Styra, the startup behind Open Policy Agent, nabs $40M to expand its cloud-native authorization tools

As cloud-native apps continue to become increasingly central to how organizations operate, a startup founded by the creators of a popular open-source tool to manage authorization for cloud-native application environments is announcing some funding to expand its efforts at commercializing the opportunity.

Styra, the startup behind Open Policy Agent, has picked up $40 million in a Series B round of funding led by Battery Ventures. Also participating are previous backers A. Capital, Unusual Ventures and Accel; and new backers CapitalOne Ventures, Citi Ventures and Cisco Investments. Styra has disclosed CapitalOne is also one of its customers, along with e-commerce site Zalando and the European Patent Office.

Styra is sitting on the classic opportunity of open source technology: scale and demand.

OPA — which can be used across Kubernetes, containerized and other environments — now has racked up some 75 million downloads and is adding some 1 million downloads weekly, with Netflix, Capital One, Atlassian and Pinterest among those that are using OPA for internal authorization purposes. The fact that OPA is open source is also important:

“Developers are at the top of the food chain right now,” CEO Bill Mann said in an interview, “They choose which technology on which to build the framework, and they want what satisfies their requirements, and that is open source. It’s a foundational change: if it isn’t open source it won’t pass the test.”

But while some of those adopting OPA have hefty engineering teams of their own to customize how OPA is used, the sheer number of downloads (and potential active users stemming from that) speak to the opportunity for a company to build tools to help manage that and customize it for specific use cases in cases where those wanting to use OPA may lack the resources (or appetite) to build and scale custom implementations themselves.

As with many of the enterprise startups getting funded at the moment, Styra has proven itself in particular over the last year, with the switch to remote work, workloads being managed across a number of environments, and the ever-persistent need for better security around what people can and should not be using. Authorization is a particularly acute issue when considering the many access points that need to be monitored: as networks continue to grow across multiple hubs and applications, having a single authorization tool for the whole stack becomes even more important.

Styra said that some of the funding will be used to continue evolving its product, specifically by creating better and more efficient ways to apply authorization policies by way of code; and by bringing in more partners to expand the scope of what can be covered by its technology.

“We are extremely impressed with the Styra team and the progress they’ve made in this dynamic market to date,” said Dharmesh Thakker, a general partner at Battery Ventures. “Everyone who is moving to cloud, and adopting containerized applications, needs Styra for authorization—and in the light of today’s new, remote-first work environment, every enterprise is now moving to the cloud.” Thakker is joining the board with this round.

Mar
16
2021
--

Docker nabs $23M Series B as new developer focus takes shape

It was easy to wonder what would become of Docker after it sold its enterprise business in 2019, but it regrouped last year as a cloud native container company focused on developers, and the new approach appears to be bearing fruit. Today, the company announced a $23 million Series B investment.

Tribe Capital led the round with participation from existing investors Benchmark and Insight Partners. Docker has now raised a total of $58 million including the $35 million investment it landed the same day it announced the deal with Mirantis.

To be sure, the company had a tempestuous 2019 when they changed CEOs twice, sold the enterprise division and looked to reestablish itself with a new strategy. While the pandemic made 2020 a trying time for everyone, Docker CEO Scott Johnston says that in spite of that, the strategy has begun to take shape.

“The results we think speak volumes. Not only was the strategy strong, but the execution of that strategy was strong as well,” Johnston told me. He indicated that the company added 1.7 million new developer registrations for the free version of the product for a total of more than 7.3 million registered users on the community edition.

As with any open-source project, the goal is to popularize the community project and turn a small percentage of those users into paying customers, but Docker’s problem prior to 2019 had been finding ways to do that. While he didn’t share specific numbers, Johnston indicated that annual recurring revenue (ARR) grew 170% last year, suggesting that they are beginning to convert more successfully.

Johnston says that’s because they have found a way to turn a certain class of developer in spite of a free version being available. “Yes, there’s a lot of upstream open-source technologies, and there are users that want to hammer together their own solutions. But we are also seeing these eight to 10 person ‘two-pizza teams’ who want to focus on building applications, and so they’re willing to pay for a service,” he said.

That open-source model tends to get the attention of investors because it comes with that built-in action at the top of the sales funnel. Tribe’s Arjun Sethi, whose firm led the investment, says his company actually was a Docker customer before investing in the company and sees a lot more growth potential.

“Tribe focuses on identifying N-of-1 companies — top-decile private tech firms that are exhibiting inflection points in their growth, with the potential to scale toward outsized outcomes with long-term venture capital. Docker fits squarely into this investment thesis [ … ],” Sethi said in a statement.

Johnston says as they look ahead post-pandemic, he’s learned a lot since his team moved out of the office last year. After surveying employees, they were surprised to learn that most have been happier working at home, having more time to spend with family, while taking away a grueling commute. As a result, he sees going virtual first, even after it’s safe to reopen offices.

That said, he is planning to offer a way to get teams together for in-person gatherings and a full company get-together once a year.

“We’ll be virtual first, but then with the savings of the real estate that we’re no longer paying for, we’re going to bring people together and make sure we have that social glue,” he said.


Early Stage is the premier “how-to” event for startup entrepreneurs and investors. You’ll hear firsthand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company building: Fundraising, recruiting, sales, product-market fit, PR, marketing and brand building. Each session also has audience participation built in — there’s ample time included for audience questions and discussion. Use code “TCARTICLE at checkout to get 20% off tickets right here.

Feb
25
2021
--

Why F5 spent $2.2B on 3 companies to focus on cloud native applications

It’s essential for older companies to recognize changes in the marketplace or face the brutal reality of being left in the dust. F5 is an old-school company that launched back in the 90s, yet has been able to transform a number of times in its history to avoid major disruption. Over the last two years, the company has continued that process of redefining itself, this time using a trio of acquisitions — NGINX, Shape Security and Volterra — totaling $2.2 billion to push in a new direction.

While F5 has been associated with applications management for some time, it recognized that the way companies developed and managed applications was changing in a big way with the shift to Kubernetes, microservices and containerization. At the same time, applications have been increasingly moving to the edge, closer to the user. The company understood that it needed to up its game in these areas if it was going to keep up with customers.

Taken separately, it would be easy to miss that there was a game plan behind the three acquisitions, but together they show a company with a clear opinion of where they want to go next. We spoke to F5 president and CEO François Locoh-Donou to learn why he bought these companies and to figure out the method in his company’s acquisition spree madness.

Looking back, looking forward

F5, which was founded in 1996, has found itself at a number of crossroads in its long history, times where it needed to reassess its position in the market. A few years ago it found itself at one such juncture. The company had successfully navigated the shift from physical appliance to virtual, and from data center to cloud. But it also saw the shift to cloud native on the horizon and it knew it had to be there to survive and thrive long term.

“We moved from just keeping applications performing to actually keeping them performing and secure. Over the years, we have become an application delivery and security company. And that’s really how F5 grew over the last 15 years,” said Locoh-Donou.

Today the company has over 18,000 customers centered in enterprise verticals like financial services, healthcare, government, technology and telecom. He says that the focus of the company has always been on applications and how to deliver and secure them, but as they looked ahead, they wanted to be able to do that in a modern context, and that’s where the acquisitions came into play.

As F5 saw it, applications were becoming central to their customers’ success and their IT departments were expending too many resources connecting applications to the cloud and keeping them secure. So part of the goal for these three acquisitions was to bring a level of automation to this whole process of managing modern applications.

“Our view is you fast forward five or 10 years, we are going to move to a world where applications will become adaptive, which essentially means that we are going to bring automation to the security and delivery and performance of applications, so that a lot of that stuff gets done in a more native and automated way,” Locoh-Donou said.

As part of this shift, the company saw customers increasingly using microservices architecture in their applications. This means instead of delivering a large monolithic application, developers were delivering them in smaller pieces inside containers, making it easier to manage, deploy and update.

At the same time, it saw companies needing a new way to secure these applications as they shifted from data center to cloud to the edge. And finally, that shift to the edge would require a new way to manage applications.

Feb
08
2021
--

Container security acquisitions increase as companies accelerate shift to cloud

Last week, another container security startup came off the board when Rapid7 bought Alcide for $50 million. The purchase is part of a broader trend in which larger companies are buying up cloud-native security startups at a rapid clip. But why is there so much M&A action in this space now?

Palo Alto Networks was first to the punch, grabbing Twistlock for $410 million in May 2019. VMware struck a year later, snaring Octarine. Cisco followed with PortShift in October and Red Hat snagged StackRox last month before the Rapid7 response last week.

This is partly because many companies chose to become cloud-native more quickly during the pandemic. This has created a sharper focus on security, but it would be a mistake to attribute the acquisition wave strictly to COVID-19, as companies were shifting in this direction pre-pandemic.

It’s also important to note that security startups that cover a niche like container security often reach market saturation faster than companies with broader coverage because customers often want to consolidate on a single platform, rather than dealing with a fragmented set of vendors and figuring out how to make them all work together.

Containers provide a way to deliver software by breaking down a large application into discrete pieces known as microservices. These are packaged and delivered in containers. Kubernetes provides the orchestration layer, determining when to deliver the container and when to shut it down.

This level of automation presents a security challenge, making sure the containers are configured correctly and not vulnerable to hackers. With myriad switches this isn’t easy, and it’s made even more challenging by the ephemeral nature of the containers themselves.

Yoav Leitersdorf, managing partner at YL Ventures, an Israeli investment firm specializing in security startups, says these challenges are driving interest in container startups from large companies. “The acquisitions we are seeing now are filling gaps in the portfolio of security capabilities offered by the larger companies,” he said.

Feb
01
2021
--

Rapid7 acquires Kubernetes security startup Alcide for $50M

Boston-based security operations company Rapid7 has been making moves into the cloud recently, and this morning it announced that it has acquired Kubernetes security startup Alcide for $50 million.

As the world shifts to cloud native using Kubernetes to manage containerized workloads, it’s tricky ensuring that the containers are configured correctly to keep them safe. What’s more, Kubernetes is designed to automate the management of containers, taking humans out of the loop and making it even more imperative that the security protocols are applied in an automated fashion as well.

Brian Johnson, SVP of Cloud Security at Rapid7 says that this requires a specialized kind of security product and that’s why his company is buying Alcide. “Companies operating in the cloud need to be able to identify and respond to risk in real time, and looking at cloud infrastructure or containers independently simply doesn’t provide enough context to truly understand where you are vulnerable,” he explained.

“With the addition of Alcide, we can help organizations obtain comprehensive, unified visibility across their entire cloud infrastructure and cloud-native applications so that they can continue to rapidly innovate while still remaining secure,” he added.

Today’s purchase builds on the company’s acquisition of DivvyCloud last April for $145 million. That’s almost $200 million for the two companies that allow Rapid7 to help protect cloud workloads in a fairly broad way.

It’s also part of an industry trend with a number of Kubernetes security startups coming off the board in the last year as bigger companies look to enhance their container security chops by buying talent and technology. This includes VMware nabbing Octarine last May, Cisco getting PortShift in October and Red Hat buying StackRox last month.

Alcide was founded in 2016 in Tel Aviv, part of the active Israeli security startup scene. It raised about $12 million along the way, according to Crunchbase data.

Jan
07
2021
--

Lacework lands $525M investment as revenue grows 300%

As the pandemic took hold in 2020, companies accelerated their move to cloud services. Lacework, the cloud security startup, was in the right place at the right time as customers looked for ways to secure their cloud native workloads. The company reported that revenue grew 300% year over year for the second straight year.

It was rewarded for that kind of performance with a $525 million Series D today. It did not share an exact valuation, only saying that it exceeded $1 billion, which you would expect on such a hefty investment. Sutter Hill and Altimeter Capital led the round with help from D1 Capital Management, Coatue, Dragoneer Investment Group, Liberty Global Ventures, Snowflake Ventures and Tiger Global Management. The company has now raised close to $600 million.

Lacework CEO Dan Hubbard says one of the reasons for such widespread interest from investors is the breadth of the company’s security solution. “We enable companies to build securely in the cloud, and we span across multiple different categories of markets, which enable the customers to do that,” he said.

He says that encompasses a range of services, including configuration and compliance, security for infrastructure as code, build time and runtime vulnerability scanning and runtime security for cloud native environments like Kubernetes and containers.

As the company has grown revenue, it has been adding employees quickly. It started the year with 92 employees and closed with more than 200, with plans to double that by the end of this year. As he looks at hiring, Hubbard is aware of the need to build a diverse organization, but acknowledges that tech in general hasn’t done a great job so far.

He says they are working with the various teams inside the company to try and change that, while also working to support outside organizations that are helping educate underrepresented groups to get the skills they need and then building from that. “If you can help solve the problem at an earlier stage, then I think you’ve got a bigger opportunity [to have a base of people to hire] there,” he said.

The company was originally nurtured inside Sutter Hill and is built on top of the Snowflake platform. It reports that $20 million of today’s total comes from Snowflake’s new venture arm, which is putting some money into an early partner.

“We were an alpha Snowflake customer, and they were an alpha customer of ours. Our platform is built on top of the Snowflake data cloud and their new venture arm has also joined the round with an investment to further strengthen the partnership there,” Hubbard said.

As for Sutter Hill, investor Mike Speiser sees Lacework as one of his firm’s critical investments. “[Much] like Snowflake at a similar point in its evolution, Lacework is growing revenue at over 300% per year making Lacework one of Sutter Hill Ventures’ most important and promising portfolio companies,” he said in a statement.

Jan
05
2021
--

Chronosphere nabs $43M Series B to expand cloud native monitoring tool

Chronosphere, the scalable cloud native monitoring tool launched in 2019 by two former Uber engineers, announced a $43.4 million Series B today. The company also announced that their service was generally available starting today.

Greylock, Lux Capital and venture capitalist Lee Fixel, all of whom participated in the startup’s $11 million Series A in 2019, led the round with participation from new investor General Atlantic. The company has raised $54.4 million.

The two founders, CEO Martin Mao and CTO Rob Skillington, created the open-source M3 monitoring project while they were working at Uber, and left in 2019 to launch Chronosphere, a startup based on that project. As Mao told me at the time of the A round, the company wanted to simplify the management of running the open source project:

M3 itself is a fairly complex piece of technology to run. It is solving a fairly complex problem at large scale, and running it actually requires a decent amount of investment to run at large scale, so the first thing we’re doing is taking care of that management,

He said that the company spent most of last year iterating the product and working with beta customers, adding that they certainly benefited from building the commercial service on top of the open-source project.

“I think we’re lucky that we have the foundation already from the open-source project, but we really wanted to focus a lot on building a product on top of that technology and really have this product be differentiated, so that was most of the focus of 2020 for us,” he said.

Mao points out that he and Skillington weren’t looking for this new round of funding as they still had money left from the A round, but the company’s previous investors approached them and they decided to strike to add additional money to the balance sheet, which would help grow the company, attract employees and help reassure customers they had plenty of capital to continue building the product and the company.

As the company has developed over the last year, it has been adding employees at a rapid clip, growing from 13 at the time of the A round in 2019 to 50 today with plans to double that by the end of next year. Mao says the founders have been thinking about how to build a diverse company from its early days.

“So [ … ] beginning last year we were making sure we were hiring the right leaders, and the right recruiting team who also care about diversity, then following that we made company-wide goals and targets for both gender and ethnic diversity, and then [we have been] holding ourselves accountable on these particular goals and tracking against them,” Mao said.

The company has been spread out from the beginning, even before COVID, with offices in Seattle, New York and Lithuania, and that has helped in terms of having a broader base to recruit from. Mao wants to remain mostly remote whenever it’s possible to return to the office, but maintain hubs on each coast where employees can meet and see each other in person.

With the product generally available today, the company will look to expand its customer base, and with the open-source project to drive interest, they have a proven way to attract new customers to the commercial product.

Nov
18
2020
--

IBM is acquiring APM startup Instana as it continues to expand hybrid cloud vision

As IBM transitions from software and services to a company fully focussed on hybrid cloud management, it announced  its intention to buy Instana, an applications performance management startup with a cloud native approach that fits firmly within that strategy.

The companies did not reveal the purchase price.

With Instana, IBM can build on its internal management tools, giving it a way to monitor containerized environments running Kubernetes. It hopes by adding the startup to the fold it can give customers a way to manage complex hybrid and multi-cloud environments.

“Our clients today are faced with managing a complex technology landscape filled with mission-critical applications and data that are running across a variety of hybrid cloud environments – from public clouds, private clouds and on-premises,” Rob Thomas, senior vice president for cloud and data platform said in a statement. He believes Instana will help ease that load, while using machine learning to provide deeper insights.

At the time of the company’s $30 million Series C in 2018, TechCrunch’s Frederic Lardinois described the company this way. “What really makes Instana stand out is its ability to automatically discover and monitor the ever-changing infrastructure that makes up a modern application, especially when it comes to running containerized microservices.” That would seem to be precisely the type of solution that IBM would be looking for.

As for Instana, the founders see a good fit for the two companies, especially in light of the Red Hat acquisition in 2018 that is core to IBM’s hybrid approach. “The combination of Instana’s next generation APM and Observability platform with IBM’s Hybrid Cloud and AI technologies excited me from the day IBM approached us with the idea of joining forces and combining our technologies,” CEO Mirko Novakovic wrote in a blog post announcing the deal.

Indeed, in a recent interview IBM CEO Arvind Krishna told CNBC’s Jon Fortt, that they are betting the farm on hybrid cloud management with Red Hat at the center. When you combine that with the decision to spin out the company’s managed infrastructure services business, this purchase shows that they intend to pursue every angle

“The Red Hat acquisition gave us the technology base on which to build a hybrid cloud technology platform based on open-source, and based on giving choice to our clients as they embark on this journey. With the success of that acquisition now giving us the fuel, we can then take the next step, and the larger step, of taking the managed infrastructure services out. So the rest of the company can be absolutely focused on hybrid cloud and artificial intelligence,” Krishna told CNBC.

Instana, which is based in Chicago with offices in Munich, was founded in 2015 in the early days of Kubernetes and the startup’s APM solution has evolved to focus more on the needs of monitoring in a cloud native environment. The company raised $57 million along the way with the most recent round being that Series C in 2018.

The deal per usual is subject to regulatory approvals, but the company believes it should close in the next few months.

Nov
12
2020
--

Solo.io announces service mesh platform aimed at enterprise customers

Solo.io, a Cambridge, Massachusetts service mesh startup, announced some big changes to its approach today with a full-stack platform of services aimed squarely at the enterprise. The culmination of this will be Gloo Mesh Enterprise, a new product that will be available in beta by the end of the year.

Service meshes are part of a cloud native, containerized approach to development that enable micro services to communicate with one another.

Idit Levine, founder and CEO at Solo, says that she began by creating individual components since launching the company in 2017 because she knew that it was early for service meshes. Today’s announcement is about bringing all of these components the company has created into a more coherent and connected enterprise product.

While she was worried at first that the pandemic would have a negative impact on business, she says that her company has been busier than ever and today’s announcement is really about giving customers what they have been asking for throughout this tumultuous year.

Most of Solo’s customers are running Kubernetes and they needed some missing pieces that Solo was happy to provide for them. The first problem is the primary reason the company started, which was to manage service meshes, and Gloo Mesh, which is based on the open-source Istio service mesh, helps developers manage their service mesh clusters.

Another problem involved running containers at the edge, which required an API gateway. To that end, the company announced Gloo Edge, an API gateway built on the Envoy Proxy, an edge service proxy. Running applications at the edge means they get the resources they need to improve performance and save bandwidth.

The third piece is called Gloo Portal. This provides a centralized, self-service catalog of services that developers can tap into as they are building their applications. The final piece is Gloo Extensions, which provides a way for developers to access or build extensions called web assembly modules.

All of these pieces are available as open source, but companies that want additional functionality and support and a way to connect all of these pieces will need to buy the enterprise product. Among the additional features in the enterprise version is the ability to apply roles to the APIs in Gloo Edge to control who has access. Gloo Mesh users get production Istio support including updates and patches. It also includes a dashboard for managing clusters and developer tools for building web assembly pieces in Gloo Extension.

The company has raised more than $36 million, according to PitchBook data. The most recent deal was $23 million in September. Levine says the startup has several dozen large customers at this point, and 35 employees. She said she is actively hiring and expects to be at 50 soon.

Oct
27
2020
--

Rockset announces $40M Series B as data analytics solution gains momentum

Rockset, a cloud-native analytics company, announced a $40 million Series B investment today led by Sequoia with help from Greylock, the same two firms that financed its Series A. The startup has now raised a total of $61.5 million, according to the company.

As co-founder and CEO Venkat Venkataramani told me at the time of the Series A in 2018, there is a lot of manual work involved in getting data ready to use and it acts as a roadblock to getting to real insight. He hoped to change that with Rockset.

“We’re building out our service with innovative architecture and unique capabilities that allows full-featured fast SQL directly on raw data. And we’re offering this as a service. So developers and data scientists can go from useful data in any shape, any form to useful applications in a matter of minutes. And it would take months today,” he told me in 2018.

In fact, “Rockset automatically builds a converged index on any data — including structured, semi-structured, geographical and time series data — for high-performance search and analytics at scale,” the company explained.

It seems to be resonating with investors and customers alike as the company raised a healthy B round and business is booming. Rockset supplied a few metrics to illustrate this. For starters, revenue grew 290% in the last quarter. While they didn’t provide any foundational numbers for that percentage growth, it is obviously substantial.

In addition, the startup reports adding hundreds of new users, again not nailing down any specific numbers, and queries on the platform are up 313%. Without specifics, it’s hard to know what that means, but that seems like healthy growth for an early stage startup, especially in this economy.

Mike Vernal, a partner at Sequoia, sees a company helping to get data to work faster than other solutions, which require a lot of handling first. “Rockset, with its innovative new approach to indexing data, has quickly emerged as a true leader for real-time analytics in the cloud. I’m thrilled to partner with the company through its next phase of growth,” Vernal said in a statement.

The company was founded in 2016 by the creators of RocksDB. The startup had previously raised a $3 million seed round when they launched the company and the $18.5 million A round in 2018.

Powered by WordPress | Theme: Aeros 2.0 by TheBuckmaker.com