The Remaking of Enterprise Infrastructure – Investment Themes For Next Generation Cloud

Enterprise infrastructure has been one of the foundational investment themes here at Madrona since the inception of the firm. From the likes of Isilon to Qumulo, Igneous, Tier 3, and to Heptio, Snowflake and Datacoral more recently, we have been fortunate to partner with world-class founders who have reinvented and redefined enterprise infrastructure.

For the past several years, with enterprises rapidly adopting cloud and open source software, we have primarily focused on cloud-native technologies and developer-focused services that have enabled the move to cloud. We invested in categories like containerization, orchestration, and CI/CD that have now considerably matured. Looking ahead, with cloud adoption entering the middle innings but with technologies such as Machine Learning truly coming into play and cloud native innovation continuing at a dizzying pace, we believe that enterprise infrastructure is going to get reinvented yet again. Infrastructure, as we know it today, will look very different in the next decade. It will become much more application-centric, abstracted – maybe even fully automated – with specialized hardware often available to address the needs of next-generation applications.

As we wrote in our recent post describing Madrona’s overall investment themes for 2019, this continued evolution of next-generation cloud infrastructure remains the foundational layer of the innovation stack against which we primarily invest. In this piece, we go deeper into the categories that we see ourselves spending the most time, energy and dollars over the next several years. While these categories are arranged primarily from a technology trend standpoint (as illustrated in the graphic above), they also align with where we anticipate the greatest customer needs for cost, performance, agility, simplification, usability, and enterprise-ready features.

Management of cloud-native applications across hybrid infrastructure

2018 was undeniably the year of “hybrid cloud.” AWS announced Outposts, Google released GKE On-Prem and Microsoft beefed up Azure Stack (first announced in late 2017). The top cloud providers officially recognized that not every workload will move to the cloud and that the cloud will need to go to those workloads. However, while not all computing will move to public clouds, we firmly believe that all computing will eventually follow a cloud model, offering automation, portability and reliability at scale across public clouds, on-prem and every hybrid variation in between.

In this “hybrid cloud forever” world businesses want more than just the ability to move workloads between environments. They want consistent experiences so that they can develop their applications once and run anywhere with complete visibility, security and reliability — and have a single playbook for all environments.

This leads to opportunities in the following areas:

  • Monitoring and observability: As more and more cloud-native applications are deployed in hybrid environments, enterprises will demand complete monitoring and observability to know exactly how their applications are running. The key will be to offer a “single pane of glass” (complete with management) across multiple clouds and hybrid environments, thereby building a moat against the “consoles” offered by each public cloud provider. More importantly, the next-generation monitoring tools will need to be intelligent in applying Machine Learning to monitor and detect – potentially even remediate – error conditions for applications running across complex, distributed and diverse infrastructures.
  • SRE for the masses: According to Joe Beda, the co-founder of Heptio, “DevOps is a cultural shift whereby developers are aware of how their applications are run in a production environment and the operations folks are aware and empowered to know how the application works so that they can actively play a part in making the application more reliable.” The “operations” side of the equation is best exemplified by Google’s highly trained (and compensated) Site Reliability Engineers (SRE’s). As cloud adoption further matures, we believe that other enterprises will begin to embrace the SRE model but will be unable to attract or retain Google SRE level talent. Thus, there will be a need for tools that simplify and automate this role and help enterprise IT teams become Google-like operators with the performance, scalability and availability demanded by enterprise applications.
  • Security, compliance and policy management: Cloud, where enterprises lose total control over the underlying infrastructure, places unique security demands on cloud-native applications. Security ceases to be an afterthought – it now must be designed into applications from the beginning, and applications must be operated with the security posture front and center. This has created a new category of cloud native security companies that are continuing to grow. Current examples include portfolio company, Tigera, which has become the leader in network security for Kubernetes environments, and container security companies like Aqua, StackRox and Twistlock. In addition, data management and compliance – not just for data at rest but also for data in motion between distributed services and infrastructures – create a major pain point for CIOs and CSOs. Integris addresses the significant associated privacy considerations, partly fueled by GDPR and its clones. The holy grail is to analyze data without compromising privacy. Technologies such as security enclaves and blockchains are also enabling interesting opportunities in this space and we expect to see more.
  • Microservices management and service mesh: With applications increasingly becoming distributed, open source projects such as Istio (Google) and Envoy (Lyft) have emerged to help address the great need to efficiently connect and discover microservices. While Envoy has seen relatively wide adoption, it has acted predominantly as an enabler for other services and businesses such as monitoring and security. With next-generation applications expected to leverage the best-in-class services, regardless of which cloud/on-prem/hybrid infrastructure they are run on, we see an opportunity to provide a uniform way to connect, secure, manage and discover microservices (run in a hybrid environment).
  • Streams processing: Customers are awash in data and events from across these hybrid environments including data from server logs, network wire data, sensors and IoT devices. Modern applications need to be able to handle the breadth and volume of data efficiently while delivering new real time capabilities. The area of streams processing is one of the most important areas of the application stack enabling developers to unlock the value in these sources of data in real time. We see fragmentation in the market across various approaches (Flink, Spark, Storm, Heron, etc.) and an opportunity for convergence. We will continue to watch this area to understand whether a differentiated company could be created.

Abstraction and automation of infrastructure

While containerization and all of the other CNCF projects promised simplification of dev and ops, the reality has turned out to be quite different. In order to develop, deploy and manage a distributed application today, both dev and ops teams need to be experts in a myriad of different tools, all the way from version control, orchestration systems, CI/CD tools, databases, to monitoring, security, etc. The increasingly crowded CNCF roadmap is a good reflection of that growing complexity. CNCF’s flagship conference, Kubecon, was hosted in Seattle in December and illustrated both the interest in cloud native technologies (attendees grew 8x since 2016 to over 8,000) as well as the need for increased usability, scalability, and help moving from experimentation to production. As a result, in the next few years, we anticipate that an opposite trend will take effect. We expect infrastructure to become far more “abstracted,” allowing developers to focus on code and letting the “machine” take care of all the nitty gritty of running infrastructure at scale. Specifically, we think opportunities are becoming available in the following areas:

  • Serverless becomes mainstream: For way too long, applications (and thereby developers) have remained captive of the legacy infrastructure stack in which applications were designed to conform to the infrastructure and not the other way around. Serverless, first introduced by AWS Lambda, broke that mold. It allowed developers to run applications without having to worry about infrastructure and to combine their own code with best-in-class services from others. While this has created a different concern for enterprises – applications architected to use Lambda can be difficult to port elsewhere – the benefits of serverless, in particular rapid product experimentation and cost, will compel a significant portion of the cloud workloads to adopt it. We firmly believe that we are at the very beginning of serverless adoption and we expect to see a lot more opportunities in this space to further facilitate serverless apps across infrastructure, similar to Serverless.com (toolkit for building serverless apps on any platform) and IOpipe (monitoring for serverless apps).
  • Infrastructure backend as code: The complexity of building distributed applications often far exceeds the complexity of the app’s core design and wastes valuable development time and budget. For every app, a developer wants to build, s/he ends up writing the same low-level distributed systems code again and again. We believe that will change and that the distributed systems backend will be automatically created and optimized for each app. Companies like Pulumi and projects like Dark are already great examples of this need.
  • Fully autonomous infrastructure: Automating management of systems has been the holy grail since the advent of enterprise computing. However, with the availability of “infinite” compute (in the cloud), telemetry data, and mature ML/AI technology, we anticipate significant progress towards the vision of fully autonomous infrastructure. Even in the case of cloud services, many complex configuration and management choices need be made to optimize the performance and costs of several infrastructure categories. These choices range from capacity management in a broad range of workloads to more complex decisions in specific workloads such as databases. In databases, for example, there has been some very promising research done on applying machine learning to basic configuration all the way to index maintenance. We believe there are exciting capabilities to be built and potentially new companies to be grown in this area.

Specialized infrastructure

Finally, we believe that specialized infrastructure will make a comeback to keep up with the demands of next-general application workloads. We expect to see that in both hardware and software.

  • Specialized hardware: While ML workloads continue to proliferate and general-purpose CPUs (and even GPUs) struggle to keep up, new specialized hardware has arrived from Google’s TPUs to Amazon’s new Inferentia chips in the cloud. Microsoft Azure also now offers FPGA-based acceleration for ML workloads while AWS offers FPGA accelerators that other companies can build upon – a notable example being the FPGA-based genomics acceleration built by Edico Genome. While we are unlikely to invest in a pure hardware company, we do believe that the availability of specialized hardware in the cloud will enable a variety of new investable applications involving rich media, medical imaging, genomic information, etc. that were not possible until recently.
  • Hardware-optimized software: With ML coming to every edge device – sensors, cameras, cars, robots, etc. – we believe that there is an enormous opportunity to optimize and run models on hardware endpoints with constrained compute, power and/or bandwidth. Xnor.ai, for example, optimizes ML models to run on resource-constrained edge devices. More broadly, we envision opportunities for software-defined hardware and open source hardware designs (such as RISC-V) that enable hardware to be rapidly configured specifically for various applications.

Open Source Everywhere

For every trend in enterprise infrastructure, we believe that open source will continue to be the predominant delivery and license mechanism. The associated business model will most likely include a proprietary enterprise product built around an open core, or a hosted service where the provider runs the open source as a service and charges for usage.

Our own yardstick for investing in open source-based companies remains the same. We look for companies based around projects that can make a single developer look like a “hero” by making her/him successful at some important task. We expect the developer mindshare for a given open source project to be reflected in metrics such as Github stars, growth in monthly downloads, etc. A successful business then can be created around that open source project to provide the capabilities that a team of developers and eventually an enterprise would need and pay for.

Conclusion

These categories are the “blueprints” we have in our minds as we look for the next billion-dollar business in the enterprise infrastructure category. Those blueprints, however, are by no means exhaustive. The best founders always surprise us by their ability to look ahead and predict where the world is going, before anyone else does. So, while this post describes some of the infrastructure themes we are interested in at Madrona, we are not exclusively thesis-driven. We are primarily founder driven; but we also believe that having a thoughtful point of view about the trends driving the industry – while being humble, curious and open-minded about opportunities we have not thought as deeply about – will enable us to partner with and help the next generation of successful entrepreneurs. So, if you have further thoughts on these themes, or especially are thinking about building a new company in any of these areas, please reach out to us!

Current or previous Madrona Venture Group portfolio companies mentioned in this blog post: Datacoral, Heptio, Igneous, Integris, IOpipe, Isilon, Pulumi, Qumulo, Snowflake, Tier 3, Tigera and Xnor.ai

Welcome Eclypsium – Creating and Leading the Next Major Security Market – Firmware Protection

At Madrona, we look for exceptional founders attacking big markets. Today, we are thrilled to announce our Series A investment in Eclypsium, the industry’s first enterprise firmware and hardware security platform. We couldn’t be more excited to lead another investment in a phenomenal Oregon-based team and join forces with returning investors Andreessen Horowitz and Intel Capital. Our investment in security has been enterprise focused – with Tigera, ExtraHop and the recently acquired Icebrg – and we are always on the lookout for unique approaches to this ongoing issue in modern computing.

Firmware is in every device in the modern enterprise – from end-user devices like mobile phones and laptops, to the servers, switches, and networking infrastructure that power data centers and networks globally. Exploits at the firmware or hardware level can have the worst possible consequences: attackers can “own” the machine and wiping/re-imaging may not get rid of the threat. Historically, the sophistication required to implement this type of attack made them relatively rare. In recent years, however, organized cybercrime and nation-states have provided the necessary funding and talent to make hardware exploits a reality. More recently, firmware attacks have become pervasive and persistent for certain industries; and they have the ability to permeate and compromise entire data centers, remaining undetected on thousands of devices. A wave of new attacks like the recent supply chain compromises or the LoJax UEFI exploit have clearly shown that organizations can no longer afford to rely on “security by obscurity” when it comes to their hardware. While the alleged Super Micro brouhaha is a bit of a different beast (and we were already well into discussions with Eclypsium when the story broke), it still illustrates the high-stakes nature of hardware and firmware-related exploits.

We were fortunate to be introduced to Eclypsium’s co-founder and CEO Yuriy Bulygin in the summer of 2017 by Will Peteroy from Icebrg (Madrona portfolio company acquired by Gigamon) and Drew Smith from the Oregon Venture Fund. We were instantly impressed by Yuriy’s deep firmware security expertise, passion for solving some of the hardest security problems and ability to build a world-class team of experts. We knew that the market for endpoint and data center security is massive with over $15B in spending combined, with hundreds of vendors offing a variety of solutions. All of the existing solutions, however, address risks at the software level from the operating system up to the applications. We hadn’t seen any companies focused on the attack surface from firmware down to hardware, arguably an equally large and significant attack vector. While the need for more effective security solutions is obvious, finding original security ideas addressing large new markets is very rare. Eclypsium represents both.

In getting to know the Eclypsium founders, Yuriy Bulygin and Alex Bazhaniuk, we quickly realized they were not only creating a potentially huge new market, they were conceivably the best team in the world to do it. Before founding Eclypsium, they had spent years at Intel’s Advanced Threat Research and McAfee on the front lines of discovering new threats and analyzing the world’s most sophisticated hardware and firmware attackers. There they created the open source project, CHIPSEC, a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform component, which has garnered participation from many of the leading hardware manufacturers and cloud providers. They bring together a truly unique collection of talent and experience in firmware threat research and real-world mitigation. Eclypsium’s mission is to find, stop and remove such attacks, which threaten the heart of every enterprise and organization today. They protect organizations from the foundation of their computing infrastructure upward, controlling the risk and stopping threats inside firmware of laptops, servers, and networking infrastructure.

We believe the Eclypsium team has the opportunity to create one of the next very large security companies and be the number one player in the evolving firmware security landscape. We look forward to working closely with Yuriy, Alex and team to build another leading technology company here in the Pacific Northwest.

You can learn more about Eclypsium and firmware security here:

Madrona’s 2017 Investment Themes

Every year in March, Madrona wraps up what happened in 2016 and we sit down with our investors to talk about our business – the business of finding and growing the next big Seattle companies. First and foremost, our strategy is to back the best entrepreneurs in the Pacific NW attacking the biggest markets. But we also overlay this with key themes and trends in the broader technology market. As part of our annual meeting we present our key investment themes for the year. Below is a snapshot of what we are focusing on:

Business and Enterprise Evolution to Cloud Native

Tim Porter-Madrona-Venture Capital Seattle
Tim Porter

The IT industry is in the early innings of its next massive shift. The transition to “cloud native” is as big or bigger as the move from PC to mainframes, the adoption of hypervisors, or the creation of public clouds. Cloud native at its core refers to applications or services built in the cloud that are container-packaged, dynamically scheduled, and microservices-oriented. Cloud Native enables all companies to take advantage of the application architectures that were once the province of Google or Facebook. Companies like Heptio and Shippable are at the forefront of disrupting how IT infrastructure has traditionally been managed with vastly increased agility, computing efficiency, real-time data, and speed. We firmly believe software that helps applications complete the journey from development on a cloud platform to deployment on different clouds, and running them at scale, will become the backbone of technology infrastructure going forward. As such, we are interested in meeting more companies that are making it easier to network, secure, monitor, attach storage, and build applications with container-based, microservice architectures.

Intelligent Applications

Customers today demand their software deliver insights that are real-time, nimble, predictive, and prescriptive. To accomplish this, applications must continuously ingest data, increasingly using event-driven architectures, coupled with algorithm-powered data models and machine learning to deliver better service and novel, predictive recommendations. The new generation of intelligent applications will be “trained and predictive” in contrast to the old generation of software programs that were created to be “programmed and predictable.” We believe that intelligent applications which rely on proprietary datasets, event-driven cloud-based architectures, and intuitive multisense interfaces will unlock new business insights in real-time and disrupt current categories of software. Investments in intelligent app companies that leverage these trends will likely be our largest area of investment in coming years.

Voice and XR Interfaces for Businesses and Consumers

We believe the shift we are seeing for human computer interactions will be as fundamental as the mouse click was for replacing the command line or touch/text was for the rise of mobile computing. This shift will be as pertinent for the enterprise as it is for consumers, and in fact will serve to further blur the lines between productivity and social communication.

With voice, we are most excited by companies that can leverage existing platforms such as Alexa to create a tools layer, or build intelligent vertical end-service applications.

In the realm of XR (from VR to AR), we believe this is a long game. VR will not be an overnight phenomenon, but will play out over the next 5 years as mobile phones become VR capable and, particularly, as truly immersive VR headsets become less expensive and cumbersome. We are committed to this future and are particularly focused on VR/AR technologies that bring the major innovation of “presence” into a shared or social space, as well as “picks-and-shovels” technology that are needed by the XR community now to start the building process now even in advance of a largescale install base of headsets.

Vertical Market Applications that use proprietary data sets and ML/AI

As algorithms continue to become more accessible by way of access to open-source libraries and platforms such as the one our portfolio company, Algorithmia, provides, we believe that proprietary data will be the bottleneck for intelligent apps. Companies and products with ML at their core must figure out how to acquire, augment, and clean proprietary, workable data sets to train the machine learning models. We are excited about the companies with these data sets, as well as companies, such as Mighty AI, that help build these data sets or work with companies to help them leverage their proprietary data to deliver business value.

One area where we see this is happening is when ML/AI and proprietary data is applied to intelligent apps in vertical markets. Vertical market focus allows companies to amass rich data sets and domain expertise at a far faster pace than companies building software that tries to be omni-intelligent, providing both product and go-to-market advantage. Most industry verticals are ripe for this innovation, but several stand out including manufacturing, healthcare, insurance/financial services, energy, and food/agriculture.

AI, IoT and Edge Computing

Linda Lian

IoT can be an ambiguous term, but fundamentally we see the explosion of devices connected to the Internet creating an environment where enterprise decision-making and consumer quotidian life will be crucially dependent on real-time data processing, analytics, and shorter response times even in areas where connectivity may be inconsistent. Real time response is crucial to success and is difficult to meet in the centralized, cloud-based model of today. For example, instant communications between autonomous vehicles cannot afford to be dependent on internet access or the latency of connecting to a cloud server and back. Edge computing technologies hope to solve this by bringing the power of cloud computing to the source of where data is generated. We are particularly committed to companies building technologies that are focused on solving how to bring AI, deep learning, machine vision, speech recognition, and other compute-heavy services to resource-constrained and portable devices and improve communication between them.

Another facet of IoT where we continue to have investment interest is new vertical devices for consumer (home, vehicle, wearable, retail), healthcare, and industrial infrastructure (electrical grid, water, public safety), along with enabling supporting infrastructure. Opportunities persist for networking solutions that improve access, range, power, discoverability, cost, and flexibility of edge devices and systems management that provide enhanced security, control, and privacy.

Commerce Experiences that Bridge Digital to Physical

Retail is in a state of flux and technologies are disrupting traditional models in more ways than e-commerce. First, physical retail isn’t going away, but it has a fresh new look. 85% of shoppers say they prefer shopping in stores due to a variety of factors including seeing the product and the social aspect. This has led the new generation of web-native brands such as Indochino, Warby Parker, Glossier and Bonobos to open stores – but they are very different, carrying little physical inventory and geared towards intimacy with customers and helping find the right product for the buyer.

Second, the decreasing cost of IoT hardware technologies such as Impinj’s RFID, advancements in distributed computing, and intelligent software such as computer vision will fundamentally alter physical retail experiences. Experiments are already underway at Amazon Go where shoppers can pick what they want and casually stroll out without waiting in a check-out line.

Within e-commerce, vertically integrated, direct-to-consumer models remain viable and compelling. They bypass costly distribution channels and can build strong brands and intimate customer experiences like Dollar Shave Club, Blue Apron, or Stitch Fix. Marketplaces that leverage underutilized resources or assets; or the technology that underlies these marketplaces remain relevant and compelling particularly for the millennial generation that prioritize access over ownership.

Security and Data Privacy

While certain security categories have been massively over-funded, new investment opportunities continue to arise. Security and data privacy are areas of massive concern for businesses, particularly in the current macro environment. Internally, enterprises demand full visibility, remediation tools, and monitoring capabilities to guard against increasingly sophisticated attacks. Particularly vulnerable are companies that house massive amounts of customer data such as financial services, big retailers, healthcare, and the government. Externally, the collection and analysis of massive amounts of real-time consumer behavioral and personal data is the bread and butter of sales, marketing, and product efforts. But new privacy laws in the US and imminent from the EU are creating heightened awareness of both the control and security of this data. We continue to be interested in companies and technologies that take novel approaches to protecting consumer data and helping corporations and organizations protect their assets.

Technologies Supporting Autonomous Vehicles

Transportation technology is experiencing a massive disruption. Autonomous driving will be the biggest innovation in automobiles since the invention of the car, impacting suppliers, car makers, ridesharing, and everything in between. Lines are blurring between manufacturer and technology provider. We believe the value creation in AVs will, not surprisingly, shift to software, and the data that makes it intelligent. More innovation is required in areas such as computer vision and control systems. Important advancements also remain to be made in component technologies such as radar, cameras, and other sensors. Indeed, there are billions of edge cases due to construction, pedestrians, weather, and a murky regulatory environment that must be ironed out both at the technology and policy level before the promise of AV is a reality.

Additionally, the rise of AV could massively disrupt current modes of car ownership. Fleet and operations management software will become increasingly important as AV transportation-as-a-service becomes more and more tangible. Software and systems for other vehicles including drones, trucks, and ships will also be huge markets and create new investment opportunities.

Seattle and the PNW are emerging as thought leaders in the area of AV, and we believe a technology center of excellence as well, creating new investment opportunities. We are deeply interested in all the threads that go into this complex and massive shift in technology, the car industry and in social culture.

Well, there you have it – Madrona’s key investment themes for 2017. Thanks for reading. If you are working on a startup in any of these areas – we would love to talk to you. Please shoot any of us a note – our email addresses are on in our bios on our website.