Catching up

It's been a busy summer.

When creating this blog a few months back, I was hoping to release at least a post a month – but have already slipped on that goal. While I have a lot of content from the past 2 years, the first posts directly published to the new blog were those two long-form articles on Edge Networks and Snowflake back in Aug & Sept. I wanted to set the bar high out the gate, but they ended up putting the "long" in long-form, so ended up taking a surprising amount of time.

After a short blog break, I am back now with a goal to move a bit faster.  Expect more frequent  takes – ones that aren't 45 minute long reads (with many, many days of effort behind them). My new goal is to try doing at least a post a week in a shorter format, with the occasional longer-form post as needed. I also plan to do more embedded drawings, as I find they go a lot way in boiling complex architectures down to something understandable. [I'm still trying to find a good whiteboarding tool on iPad w/ Pencil, let me know if you know of one that has pre-built shapes and arrows in addition to freehand, and allows for typing text.]

However, it's not only been busy for me, but also for the SaaS companies and platforms I follow. I will be releasing a series of Catch Up posts to go through a few of them in greater detail, to explore their platform changes and give thoughts on their moves of late.  

But first, let's do a speed round over the companies I see innovating rapidly, with some links to my previous Twitter thoughts on a few.


Crowdstrike

Crowdstrike ($CRWD) has been busy stopping all the cyber attacks that have ramped up during this era of turmoil. Pandemic = the shift to work from home = massive changes to IT processes = exploitable confusion! Yet, while doing what they do best during this tailwind, they've also been quietly pivoting their EPP platform (protecting systems and devices) to also protect container & serverless workloads (protecting apps & services across cloud providers).

They've been extremely busy, adding multiple product lines that were announced during their annual Fal.con event. Falcon Horizon is to help users better protect multi-cloud deployments. It provides visibility and control over hybrid or multi-cloud environments., performing continuous oversight over security posture, and real-time monitoring of cloud configurations – which allows it to help find and remediate security issues across systems and services. They also announced Falcon Forensics, which provides hooks for a customer's partners to access threat details in incident response and perform forensic triage, as well as Falcon X Recon, which proactively patrols the far reaches of the Dark Web to keep a close eye on hacker marketplaces & forums, to provide situational awareness to customers through dashboards and an search interface – even providing a "hacker dictionary" and language translation to help understand what hackers are saying. And, oh yeah, they've been enhancing their ecosystem to add a Threat Intel section to their marketplace, to allow enriching Threat Graph with 3rd party data sources.

But most exciting is their new product line pivoting their Threat Graph into a new direction,  Zero Trust Assessment (ZTA). They acquired Preempt to add in real-time behavioral ML over identity, working with and enhancing the features of IDaaS providers like Okta and PingID. This allows ZTA to provide continuous, real-time assessment of security risk, in order to provide conditional access to that device. They extended this capability to a wide variety of integrated partners -- a Who's Who of next-gen cybersecurity providers (Zscaler, Okta, and Cloudflare among them) -- to enrich their Zero Trust platforms with device posture capabilites – using the status of the requesting device in risk determination, along with establishing identity, in determining Zero Trust access.


Fastly

Fastly ($FSLY) has had a tumultuous last few months due to geo-political pressures forcing their largest customer away, while taking their sweet, sweet time to release their much-anticipated Compute@Edge product.

Compute@Edge has FINALLY released, into Limited Availability – which instantly went "maximum capacity" and a wait list. While we waited for them to fully release this new edge compute platform, they have been heavily focused on getting security, observability, and developer features in place. They acquired Signal Sciences to add in better app protection at the edge, wrapping up their next-gen app & API security features into a new product called Secure@Edge. In doing so, they added a healthy chunk of additional enterprise customers [which is good, since, like new features, new customers seem to get added at a glacial pace].

And, oh yeah, they've almost doubled the global bandwidth over the past year, while continuing to innovate on the content side of things, greatly improving their live-streaming and VOD capabilities with better observability into video consumption and origin loading, adding logic features around device detection, plus allowing customers to reserve bandwidth for live events or have Fastly  support in place to monitor the streams during critical live events.

They held their Altitude user conference this month, and announced futher enhancements to the developer features, like a command-line utility for development, APIs to manage deployments, and finally adding JavaScript support - or rather, AssemblyScript, its more secure, WebAssembly-friendly cousin. But more important, they showed a glimpse of where they are heading, showing roadmaps for future segments coming to their edge network platform, to be called Observe@Edge (ultimately trying to take some monitoring and analytical features back from Datadog) and Perform@Edge (repackaging their existing content delivery & video streaming capabilities, adding in programmable logic from edge compute).  So as far as them leveraging their own edge network platform, they plan on continuing to do what they do best (delivering content), and making it better.  [Completely irrelevant sidebar: by now having four <OverlySimplisticVerb>@Edge product lines, the naming is looking extremely juvenile. Live a little, Fastly.]

Fastly has been all over the announced Google changes in July, where Google is factoring in new Core Web Vital metrics into their page ranking scores in search results – as have all CDN competitors, like Cloudflare and Akamai. With their focus on speed, Fastly is well situated to take advantage, and are focused on helping customers achieve higher ranking due to the speed of page load. These changes by Google are making CDNs even more vital for any web-focused companies. No announcement from Google as to when these changes take effect - some time in 2021.


Datadog

They keep gaining partners – it seems every development platform coming out (including Fastly's Compute@Edge and Snowflake) can ship metrics to Datadog ($DDOG), as well as integrations with every collaborative dev tool (like Slack and Service Now). As for their cloud provider partners, they are now beginning a deeper integration with Microsoft Azure to order to be directly available in their dashboard & budget spend (first 3rd party to be that deeply integrated), and have extended their strategic partnership with Google Cloud Platform into other global regions.

They continue to improve their DevOps-focused products by adding compliance checks and recommendation alerts for infrastructure configurations.  Now that they have all the metrics and logs, Datadog has been heavily expanding their platform by adding incident & error tracking collaborative tools over that data, for DevOps teams to discover, track and resolve issues within their apps or systems. They also continue to focus on improving developer workflows as well, by adding a continuous profiling feature in APM to measure code performance, deployment tracking features, and adding mobile iOS and Android app capabilities to Real User Monitoring. They also acquired Undefined Labs for better observability features over development test workflows.

Oh, and they now have a Marketplace for applications built upon their platform. Expect even more partnerships and integrations through that, to further enrich and analyze all these metrics and views.


Cloudflare

Cloudflare ($NET) has been moving quickly, with a lot of announcements that flew by in a blur over late summer.

Serverless Week focused on expanding the capabilities of Workers, their edge compute development platform. Enhancements included uncapping the compute & memory limits on edge apps, creating a higher tier with usage based pricing, and adding a feature to force edge apps to be bound into certain regions (eg only in US or EU POPs). After the focus on Workers, they then expanded interconnect options by now allowing data centers or enterprise networks to be directly wired into their edge network without using public Internet, circumventing the need for Argo Tunnels (a secure tunnel for your web apps to the nearest edge) or Magic Transit (bringing the edge to your network).  

After that was Birthday Week – 10 years must go by fast when you're running full speed the entire time – where they announced products around making a better Internet. This include a Cloudflare Web Analytics, a new privacy-focused web analytics tool (move over, Google Analytics), Cloudflare Radar, a new dashboard to gain insight over the state of the web (or any specific site), and API protection features. But most interesting was the new Durable Objects feature unveiled in Workers, which allow for maintaining state at the edge (aka persisting shared data) – flipping serverless on its head, given that it is normally stateless. "Stateful Edge" brings an exciting new potential - every app can be its own scalable edge database, each instance tracking its own data between multiple users of that app. It's a game changer for edge network & compute.

Then after all that came Zero Trust Week. The new Cloudflare for Teams product line (Gateway + Access) has now been combined with other Cloudflare products like WAF and DDoS protection, wrapping it all up now as Cloudflare One, adding a range of existing and new products and features to expand the usability and scope of this cybersecurity platform. Magic Firewall is a next-gen firewall protecting your enterprise infrastructure, and seems to be a must-have add-on for Magic Transit (connecting the edge to your enterprise network) customers. They extended Cloudflare Access to tie into identity partners like Okta, including using more than one simultaneously, and EPP partners like Crowdstrike for adding in device posture to risk assessment. One of the bigger enhancements is that Access will not only protect internal services (like Zscaler's ZPA) but also external SaaS providers, acting as a Zero Trust interface over ANY of the SaaS tools a company  utilizes - going way beyond the Secure Web Gateway (SWG, a kind of firewall over SaaS tool usage) features of its sibling Gateway product. This is potent -- while still using partners for establishing identity, Cloudflare Access will be taking over all access rights and traffic restrictions from there.

Beyond that, Gateway SWG is getting WARP speed with Argo Smart Routing (aka it will take the fastest Internet paths and circumvent networking issues, with their "Waze for the Internet" service) as well as the new Magic Firewall, plus will now have browser isolation that they acquired from S2 Systems – which means the edge network is becoming your browser, and your device is seeing only the safe (malware free) "final copy". [Zscaler has a similar service, added from their Appsulate acquisition.]  An Intrusion Detection System (IDS) is also coming that will proactively scan the traffic usage of your enterprise's use of the edge network when using Cloudflare One.

Edge Networking (development platform over a global network) + Next-Gen Cybersecurity (an app they built upon it) is a pretty exciting combination to be right now, and this company is innovating at a hhhypersonic rate, with hints of more to come. Like Fastly, Cloudflare has also been all over Core Web Vital metrics that Google has published and is adopting some time next year. Cloudflare is going further in helping their wide array of free & paid customers, by calculating and showing these metrics in their Browser Insights dashboard (introduced a year ago), and in the newly announced Web Analytics tool (coming soon).

MEANWHILE, while all that was going on, they happened to be protecting the campaigns of a huge number of local, state and federal candidates in the good 'ole US of A from being hacked or attacked during election season – thanks to their Athenian Project and their Cloudflare for Campaigns initiative offering free WAF and DDoS protection services. No official counts yet from this election, but it seems that at least 229 campaigns across 28 states, as well as both presidential campaigns, utilized it. Learn more about it in their Radar dashboard on election security. This concerned citizen would like to simply state "Thanks, Cloudflare".


Okta

Okta ($OKTA) hasn't been standing still either. Besides expanding existing products to make them easier (and stickier), they also added new Device-based features that allow tracking devices attached to your identity, allowing for passwordless logins using device posture as a factor during authentication. This allows them to better manage risk by leveraging EPP partners like Crowdstrike, in order to know if the device is trusted.  However, something to watch -- I just mentioned several new products from Crowdstrike and Cloudflare that circumvent or enhance some of Okta's features, so while identity is driving Zero Trust and Okta remains at the core of that, other solutions are showing up outside their platform to help with risk assessment and Zero Trust access from there.


Twilio

Twilio ($TWLO) keeps doing what they do -- managing customer communications. And now they will manage customer workflows, after acquiring Segment.io, a company I briefly highlighted in my Snowflake writeup. Segment.io is a customer-data focused service that helps ingest from sales tools into a data warehouse (like Snowflake), then performs analytics over that data. In addition, they provide a customer monitoring & profiling tool that reminds me of Datadog's Real User Monitoring.

Competition in communications-as-a-service is getting more fierce, however, as Microsoft Azure is stepping up with its own communication services, and Twilio continues to go head to head against Zoom and Agora with developer-focused SDKs to embed video & audio capabilities into their applications. I am also watching for if and how Twilio embraces edge networking in their platform - they appear to be starting to use their global data centers for more than interconnecting to telcom services.


Docusign

Docusign ($DOCU) is a recent purchase for me, after seeing their improved execution over the past 2 quarters, combined with how they are starting to leverage (and monetize) ML/AI in their Agreement Cloud platform. Recent platform enhancements include 2 new analytically-driven products.

Docusign Insights is an AI that uses natural language capabilities to analyze contract language over an enterprise's pool of existing contracts, to help gain insights into the company's stance, extract key clauses, provides search capabilities over intent, and helps manage overall risk.  Docusign Analyzer is the flip-side to that, an AI for analysis of a negotiated contract, in order to analyze & change the language, in order to reduce risk, increase compliance adherence, and ultimately, to improve one's posture in negotations. It breaks agreements into individual clauses, performs a risk-assessment using an enterprise's legal & organizational rules, and generates a scorecard for the agreement. It can also offer suggested replacement language from a library of pre-approved clauses.

These are features that will only improve from here, as the SaaS platform gets utilized more and more, and the AI & intent recognition features get smarter and smarter. As customers adopt Agreement Cloud and utilize these AI-driven features, they can be in a position to have a stronger stance in their contract negotations - and woe to the counter-party that isn't using these same risk-mitigating negotiating tools.


Zoom

Zoom ($ZM) continues to expand their platform into success in multiple directions , with their ancillary product lines of Zoom Phone (virtual enterprise phone system, great for any future worker scenario - in-office, hybrid or fully remote), Zoom for Home (consumer hardware), and [should workers return to offices any time soon], Zoom Rooms (conference room solutions).  

During their recent Zoomtopia user conference, they announced several new platform expansions. They announced Zoom Apps [originally Zapps but, thankfully, quickly changed] to allows software partners to directly embed their collaboration-based apps into Zoom meetings, where workers can all view and edit the app inline in the meeting. 25 partners were initially included, including Asana, Slack, and Atlassian. They have also created a new marketplace for content called OnZoom, that allows workshop and event providers (in fitness, concerts, webinars, lessons, etc) a place to sell access to their Zoom-driven content, allowing up to 1000 attendees. Zoom handles payments and access.

Plus, they continue to strengthen their SDK and APIs to enable other software solutions to be built upon their platform of video and audio services. And, like Docusign, they too are starting to leverage AI & natural language capabilities, adding an enhancement that can extract key insights from recorded transcripts.  


Snowflake

Snowflake ($SNOW) hit the public market with a blast, with everyone and their Uncle Warren buying in. If you wanted a company twice as expensive as SaaS market leaders like Zoom - this is it. They had some very recent product announcements last week that run across all of their platfrom.  

Snowpark is a new set of APIs that allow developers access to run ingest & data management workloads directly within the Snowflake platform, using the dev language of their choice (supporting Python, Java and Scala initially). This seems similar to their analytics programming interfaces (which allows for running analytical scripts directly in their compute), but it is expanding that capability to the data engineering side of the database as these new features are for handling data ingest (ETL) and managing or manipulating the data from there (ELT). This allows for a huge amount of customization, and will become extremely sticky as customers begin to migrate off of out-of-the-box ingest tools for their custom data flows. This can also better expose their platform to feature engineering, which allows ML/AI to mold the data layout for you. (Think of it as analytics over the ingest and structure of the data, instead of over the values in the data.)

On the integration side, they now have integration category for Data Services, allowing 3rd party data services direct access to their customers' data. This will help partners that focus on data enrichment, risk assessment, and analytics. Beyond their current support of both structured and semi-structured (JSON) data, they also announced expanding the capabilities of Snowflake to include unstructured/binary data. [What database folks call Blobs.] They will support embedding unstructured data into records, like images, audio or video files, documents, spreadsheets, and the like (now in private beta). They been improving security too, announcing conditional row-based data access restrictions (coming later this year). This will help companies with data sharing or publishing, or restricting internal team access - not only can you grant a partner or subscriber access to a data table of yours, but you can fence the exact rows they can access within that table.


Whew. A lot to disgest in just a few short months.

There seems to be a lot of movement going on with Zero Trust capabilities across these players – I see a number of moves towards app & API protection, and using device posture with identity in risk assessment. These companies are swirling together in partnerships, while simultaneously competing against one another in the overall chain. Okta stands out as being circumvented somewhat, while Crowdstrike is the EPP platform that all Zero Trust providers want to talk to for device posture.

In addition, I see several companies starting to enhance the monetization of their platform and ML/AI.  Several are creating managed marketplaces for apps to be built upon their platform, and there are multiple ML/AI initiatives, especially around natural language capabilities (recognition of intent).

There is much to watch here. Time now to dive deeper into some of the details.  First up.... a deeper look at the platform enhancements from the company that innovated the most.

-muji