It’s now been just over a year since we announced the $12.5 million Machine Identity Management Development Fund. As we look back over a year of funding cutting-edge innovation, there were a few surprises—all of them favorable! We’ve had more global interest, more developer participation and more customer downloads than we anticipated. I recently interviewed, Kevin Bocek, vice president of security strategy and threat intelligence at Venafi about the first year of the fund. Simply put, in his own words, “it's huge”. Read on to learn why.
When you launched the fund last year, what did you see in the future for the first year? What did you anticipate?
Kevin: We knew it was going to be a success. We knew that because we were hearing from our customers in the Global 5000 that machine identities were really important to the future of their ecosystems. We were already seeing success from developers in our ecosystem like Cygnacom who were already building a business around helping customers by providing them with integrations. We also knew that Machine Identity Management was a global challenge that was impacting a significant amount of critical infrastructure. When we put all of those factors together, we knew the fund was going to be successful. But I don't think any of us realized that it would be successful to the degree that it has been.
Tell me how the fund exceeded your expectations.
Kevin: I was told by some in the industry that we'd be lucky if we get three developers. Many larger public market security companies had created ‘funds’ with little impact and participation. I felt that we could get at least 10 to 15 in one year based on the excitement around Machine Identity Management. We now have 22! Also, we didn’t expect the fund to have such a global footprint. Not only do we have multiple developers in the United States, it’s truly a global phenomenon. We have three developers in Canada and the United Kingdom, two in Germany and the Netherlands, and one in Australia. Completely unexpected. It's exciting already to see our customers already using what's been built in the fund. Things that didn't exist a year ago already are being used in production now to manage and protect machine identities.
You initially planned to focus the fund on cloud, DevOps and IoT use cases. How did the fund do in those areas?
Kevin: IoT is one area where the fund has had unexpected success. We have three developers focused on IoT solutions. We have accessec who's delivered their integration for Bosch programmable logic controllers. We've got Intrinsic ID working on new ways to protect machine identities, protecting private keys in IoT devices. We've got Device Authority working on how to protect the firmware and software updates that are code signed going to IoT devices. We fulfilled on the promise in the fund for IoT to bring new innovation.
And there's a big push in the fund related to DevOps. Protecting the full tool chain throughout DevOps. We're fortunate to have the best minds globally joining the cause to manage and protect machine identities in the fast-changing world of DevOps and Cloud. For example, we went to the Chef team and said, "Hey, our customers need to manage more machine identities using automation from Chef." They responded, "The experts that know Chef and the best to enable our joint customers to go fast, safely is Indellient out of Canada."
In another example, the CloudBees team, the developers of Jenkins, the standard for automating build process, said, "The experts that you need to go work with is Fullstaq out of the Netherlands." The Development Fund is opening up Machine Identity Management to developers outside of the traditional security stack and our customers will be excited to see the innovation delivered and on its way. They’re developers in their area of expertise in Pivotal Cloud Foundry, in Chef, in Kubernetes, in Jenkins. The Development Fund is changing the way the world views Machine Identity Management.
How has the fund extended beyond that initial focus?
Some of the places we didn't expect the Development Fund would explore innovation 2019 is quantum. There's obviously a need to get ready for quantum, preparing for the future that's coming and the risks that are going to face us. Now we've got Crypto4A out of Canada providing a full lifecycle around quantum safe crypto-agility. That's something we just didn't expect. We’re also looking at other quantum developers in Canada and the UK who want into the fund.
We also accepted two developers in the ServiceNow ecosystem. The Difenda integration gives users self-service access to the Venafi Platform through ServiceNow ITSM. This enables users to leverage customizable workflows that automate management of keys and certificates with the Venafi Platform. And the Nous Infosystems integration allows users to import data on existing certificates, map certificates to digital assets, and perform auto-renewals—all through a highly intuitive GUI and self-service dashboard.
As we look at the impact of the fund, which areas of security do you think that the fund has impacted the most last year?
Kevin: Yes, I think it's actually Kubernetes. Jetstack cert-manager has been downloaded millions of times since we sponsored Jetstack—the standard for using machine identities in Kubernetes, and I think that's where we've made the biggest impact.
Based on our success, we're going to extend to other areas of self-service and robotic process automation. We will have a developer coming into the fund who probably spent close to 30 to 40 hours investigating the DevOps self-service problem and talking with our customers before they even put together a Development Fund application.
Are there more unexpected developments that have advanced the fund in new ways?
Kevin: In a thriving ecosystem of developers, there are always things that you can’t predict. When we went into it, there were not open source developers building for the Venafi platform. The majority of the fund development is actually done by open source developers, where you can get integrations from GitHub. That's been an amazing change. Again, that's been a part of that enablement around VCert, our API Abstraction for DevOps that’s available under Apache 2.0 open source license. VCert is now becoming the standard interface for open source developers to manage machine identities. It's available now in Go, Python and Ruby. And the developers in the fund have really raced to adopt VCert. That's been another big change, I should say, and unexpected. But we're just getting started.
What do you see happening with the fund over the coming year?
Kevin: Only upwards and to the right, of course. We're going to see I think an increasing focus on DevOps. The majority will be open source projects. We're going to see the themes around quantum continue to play a big part of the conversation. The fund's going to be just more and more international. I can tell you interest is growing fastest in Europe and Asia. The Development Fund will be more and more global.
Any last thoughts about the fund and how it’s changed the way we think about machine identity management?
Kevin: I’m extremely pleased that the fund is attracting the smartest minds to manage and protect machine identities. That's the power of the Venafi ecosystem. That's the power of the Development Fund. That's why we're attracting more and more developers globally into the fund. That's why actually we got more developers right now than I could have ever expected. We’ve got them coming back and asking to participate again. Right now, we’re oversubscribed. That’s an amazing problem to have.
The fund is all about the customer. Ultimately, we're doing all of this for our customers to manage machine identities. There's no one else doing this level of innovation for our customers. We're bringing together ecosystems for the Global 5000. We're bringing together the ecosystems in Chef, Pivotal, CloudBees, and Kubernetes. This alone should validate the heck out of their decision to manage and protect machine identities with Venafi. If you're a customer, you should be smiling when you read this.
Machine Identity Management Development Fund
With a vast ecosystem of partners and out-of-the-box integrations, Venafi can helps our customers manage all machine identities and orchestrate them throughout their security infrastructure. Learn more about this Venafi partner and the Venafi Technology Network at http://marketplace.venafi.com.