Emerging from Beta
The early days in a start-up’s life are always interesting and fun - you focus on building stellar technology, learning the market that you’re in and building the team.
Since we founded Scalock (now Aqua - and more about that here), we have been in a private beta for more than 6 months. While we were not in true stealth mode - we have been blogging, using social media, going to industry events, and establishing technology partnerships - being in private beta means that we have been merely dipping our toes in the water, being very selective about the customers we work with, and also being pretty immune to market pressures and the outside world.
All of this is about to change, starting right now. No more dipping our toes - we’re jumping head-first and at the deep end of the pool… the sheltered lives we’ve been leading in beta land are about to confront reality, but we are armed with our beta customers’ knowledge and feedback, with a technology that is comprehensive and more mature than most first GA products. We’ve also become intimate with the virtual container market, still a relatively small market but growing at neck-breaking speed.
Customer Beta Insights
So as we make this big change, I wanted to share some of our learnings from our beta customers, many of which are Fortune 100 companies:
The container market, especially as concerns the adoption of Docker containers, is real. The technology is being adopted left, right and center in the enterprise world, with many organizations already in production, and others planning to get there this year. Among our beta customers were major technology companies, financial institutions, and even aerospace companies. And those sometimes conservative, risk-averse companies are the EARLY adopters.
The security aspect of containers is a multi-faceted, compound challenge. Container technology is so new, and the ways of using is so diverse, that it is impossible to lock down specific scenarios. There is no “silver bullet” here. The only valid approach is one that provides layers of security and integrates into the container lifecycle from development to production.
While there were several common use-cases that we identified amongst our beta customers, the emphasis was different based on the application, the team leading the project, and industry requirements such as PCI-DSS compliance. For instance, there’s some urgency in assuring image integrity and assessing images for vulnerabilities, and much of the market hype is around those requirements -- but they are only a first step of many in a chain that leads to a secure runtime environment. Other customers are more adamant about protecting the environment from the actions of malicious insiders, or simply sloppy ones, by strictly limiting access at the individual container level.
Even during the relatively short time that we’ve been in beta, we’ve seen Docker, CoreOS and other vendors in the ecosystems make meaningful strides to improve the security stance of containerized applications. Does that still leave room for a dedicated security platform for containers? The answer we got from our customers, our partners and industry analysts that we briefed was a resounding “yes, plenty”.
Making container platforms secure for enterprise-grade deployments is ‘table stakes’. It’s a prerequisite for enterprises to even consider container adoption. As with every other development in the history of IT, security is trailing behind. When the Internet started nobody thought it would require firewalls. Smartphones were hugely popular well before mobile security products emerged. Going back to the points I made earlier -- we are still in an early stage of the market, and it is already clear that security will not be solved by any single point solution. That’s why we’ve built a platform that includes a full toolset with a focus on runtime, which will continue to adapt to market needs.
I’d be remiss if I didn’t thank the wonderful team we’ve assembled at Scalock/ Aqua for the dedicated work they put in to make this company a success, as well as our investors and advisors who have our backs and know how to push us in the right direction. When we planned out 2016 we never dreamed that we will progress so quickly, both in terms of customer adoption as well as the maturity and feature-set of our platform. I can only imagine what happens next.
Now the real fun starts.