Security In the Cloud

Finally, a way to secure cloud-native applications

The trend toward the public cloud is undeniable. Amazon Web Services (AWS) alone, by far the largest of the public cloud providers, is close to a $10B revenue run-rate and growing at almost 70% per year, as of the end their Q4 2015 results.  

The move to the public cloud has ushered with it a new micro-services architecture for building applications in the cloud, one that takes advantage of a software-defined elastic infrastructure that scales horizontally to meet demand. The benefits of these cloud-native applications are many, including higher engineering velocity due to their loosely-coupled nature and greater resiliency due to a more limited blast-radius of failures. However, they also have their own unique requirements for operations, especially when it comes to security.

I saw this firsthand while at Netflix. Existing security products were ill-suited for an elastic cloud infrastructure running cloud-native apps. Most products simply didn’t work in such an environment. Others managed to cloud-wash their products, but still failed to meet the unique needs of cloud-native apps. You can imagine my excitement when I finally found a company that did cloud security right.

Today, we are excited to announce our investment in Threat Stack. Threat Stack is a complete cloud security platform for the modern cloud infrastructure and enables companies to quickly detect and respond to cyber attacks and insider threats. The Company also allows businesses to analyze historical behaviors at any point in time, particularly important in an elastic cloud infrastructure where resources come and go frequently.

Threat Stack sits squarely at the intersection of two key trends we continue to see repeatedly: the rapid rate of cloud adoption and the increasing concern and focus around securing a cloud environment. As more companies migrate to AWS and other cloud providers, these businesses are looking to bridge the cloud security gap. At the same time, security is often cited as the primary reason enterprises are reluctant to move to the cloud. Threat Stack’s product provides a security solution that gives comfort to cloud migrations and in turn, is also a key aspect to why cloud vendors are advocating cloud security vendors to their customers. In addition, Threat Stack provides a solution that covers both on‐premises and cloud deployments, which aids in cloud migrations and hybrid cloud environments.

The market potential was easy to be impressed by, but we were equally impressed with the product and team. The ease-of-use of the Threat Stack product was unusual for a security product, generally known for complexity and messy UIs. Threat Stack’s focus on the workload gives them a unique way of contextualizing threats and security vulnerabilities that reduces false positives and aids in incident investigation and resolution. Furthermore, the team continues to impress us, from the team Brian has built, to the accelerating quarter over quarter growth the company is experiencing.

We’re thrilled to welcome Threat Stack to the Scale family and look forward continuing to grow the company together.