Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Serverless: Market Overview and Investment Opportunities


Published on

Blaze O'Byrne - August 2019

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Serverless: Market Overview and Investment Opportunities

  1. 1. Serverless Computing Market overview and investment opportunities Blaze O’Byrne – MBA Summer Associate August 2019
  2. 2. @underscorevc 1. Serverless Computing Overview 2. Key Investment Areas – Serverless Monitoring – Serverless Security – Serverless Infrastructure TABLE OF CONTENTS
  3. 3. @underscorevc Serverless Computing Overview 3
  4. 4. @underscorevc Serverless is the future of cloud-native Serverless, or FaaS, is the glue between the services in a cloud environment. Serverless is stateless and event-driven, provides ease of scaling, reduces operating costs, and increases productivity. 4Source: 6a68ee238.
  5. 5. @underscorevc Serverless offers unique benefits, certain downsides, and new opportunities 5 Benefits Downsides ✔ Ease of scaling — Serverless computing scales applications automatically — Provider takes care of replicating the application’s functions and distributing computing resources ✔ Reduced operating costs — Reduces overprovisioning of servers, and infrastructure management costs ✔ Productivity — Developers only need to focus on the code and the application itself, not the infrastructure ✔ Decreased time to market Vendor lock-in — Users depend on the vendor’s other services, making switching challenging Lack of control — Users are unable to cater computing environment to application workloads — Compliance, monitoring, debugging, and security challenges have changed Multitenancy — Shared resources with other customers can affect performance Limited run-time capabilities — Does not offer the same run-time as containers or VMs Knative is allowing users to build solutions on top of Kubernetes, reducing lock-in Start-ups have been building products to solve many of these early problems
  6. 6. @underscorevc Serverless interest and adoption has been largely driven by the large cloud providers… Market Share 6 • AWS Lambda currently has ~80% marker share, as the first to markets and the most developed product • Azure Functions is the second largest player with ~10% market share • Google Cloud Functions is estimated to have ~7% market share • The other players trying to get a foothold in the market include IBM Cloud Functions, Pivotal Function Service and Red Hat’s OpenShift Cloud Functions Source: CB Insights.
  7. 7. @underscorevc 7Source: eport-from-flexera.pdf. Serverless Market Size ($ billions) …with the Serverless market forecast to grow at a CAGR of ~35% Serverless is the fastest growing extended cloud service for the second year in a row, with 50% growth over 2018
  8. 8. @underscorevc What is driving serverless growth? Category 8 1 Microservices 2 Stream & Edge Processing 3 Batch Processing 4 IT Automation Perspective Use cases • Mobile and web apps • HTTP REST APIs • Chat bots • Real-time analytics • Microservices architectures requires an environment where applications can be rapidly scaled independently • The ease of scaling offered by serverless computing is well-suited for a microservices architecture • Stream processing requires real-time processing given the unpredictability of its high volumes of data traffic • Serverless enables edge processing which requires fast, real-time response rates • Scheduled batch processing needs are well-suited for serverless because they are generally short-run and requires minimal intervention • Automated IT tasks can be initiated by serverless functions because they are event-driven Serverless is best suited to applications that have, short runtime of code, variable and infrequent workloads, and are stateless and event-driven • Real-time file/stream processing • Voice-enabled devices • IoT backend • CI / CD • Backup • Patching • Data processing o Jobs requiring intense parallel compute, IO or network access
  9. 9. @underscorevc Is Knative the future of serverless? ● Knative allows developers to build and run serverless applications on Kubernetes ● Knative components enable users to focus on writing the code while the components manage the Build, Serving, and Eventing ● Knative runs on-premises, in the cloud, or in a third-party data centers, and codifies the best practices shared by Kubernetes-based frameworks 9 Knative is a viable open source alternative to AWS Lambda Overview Key Implications • Reduced vendor lock-in — Runs on any infrastructure that supports Kubernetes, allowing enterprises to move their workloads wherever they run best • Knative has strong tailwinds with container adoption shifting to Kubernetes — In 2019, Kubernetes is forecast to overtake ECS in container orchestration — On AWS, EKS will have a larger share than ECS • Alternatives to AWS Lambda largely converging on a single new standard Note: Knative was developed by Google, in close partnership with Pivotal Software, IBM, and SAP, and was launched in late 2018. ECS: Amazon Elastic Container Service (including AWS Fargate). EKS: Amazon Elastic Container Service for Kubernetes.
  10. 10. @underscorevc What are the barriers to serverless adoption? Category 10 1 Overall transition to microservices architecture 2 Monitoring / Alerting 3 Security 4 Storage Perspective Opportunities • Largely consulting, as opposed to technology focused • Traditionally development was with monolithic architecture. IDC estimates that ~60% of companies have not transitioned to cloud native, thus are unlikely to adopt serverless • Serverless adoption will be driven by microservices adoption • With no access to the underlying infrastructure, monitoring, tracing, and observability cannot be undertaken with agents, making traditional logging tools inappropriate • While serverless transfers many of the security concerns to the cloud provider, it has also created new security risks that are a blind spot for most enterprise IT and security leaders • The stateless nature of serverless makes it difficult to support applications that have fine-grained state sharing needs • This is largely due to the limitations of existing storage services offered by large cloud providers Serverless computing will grow as along with new risks inherent in both application disaggregation and multi-tenant resource sharing • Storage likely to remain with major vendors (capital requirements / security risks) • IOPipe • Dashbird • Protego • PureSec (acquired) • Thundra
  11. 11. @underscorevc What does serverless need? 11 These are ideas, largely based on thoughts from the developer community, that would help adoption Automation Ideas (RPA) Cloud provider improvements • Ruby for serverless — AWS Lambda introduced support in Nov-18 — Currently still unavailable on other providers • Faster “cold starts” — When an application hasn’t been used it take longer to start up, leading to increased latency — Especially problematic in Java and C#, and for enterprises using VPC’s(1) • Increased run-times — Lambda recently increased to 15 minutes — Azure and Google currently offer 10 minutes Note: AWS Lambda natively supports Java, Go, PowerShell, Node.js, C#, Python, and Ruby code. (1) Certain enterprises must deploy through VPC’s due to security compliance. This can add up to 10 seconds on cold starts. • Refactor at runtime — A software platform could analyze code at runtime and identify slowest parts — Software then takes this section of code, creates a Lambda function, automatically deploys, and sets up a SNS trigger • Deployment automation — A platform that allows you to run all serverless function in one local file — At deployment, the code is automatically split and deployed in a way that make sense for the app (potentially like webpack)
  12. 12. @underscorevc Key Investment Areas
  13. 13. @underscorevc Serverless Monitoring
  14. 14. @underscorevc Serverless monitoring, tracing, and alerting 14 A shift towards serverless has meant that new DevOps tools are needed • Early-stage startups are currently providing the leading products for serverless monitoring • Larger application monitoring companies are beginning to move into the space • Products released to date have largely focused on: o Function tracing o Monitoring and alerts o Debugging tools o CPU profiling o Cost analysis (CloudZero) o CloudWatch data analysis Notable companies / products Seed Later Stage Service Provider Note: In June-18, AWS added CloudWatch Logs Insights into the Lambda monitoring console. Denotes Underscore portfolio company.
  15. 15. @underscorevc Serverless monitoring companies Company 15 Overview • IOpipe is the serverless DevOps platform built for teams building and running event-driven serverless architecture • The company’s technology provides full observability and dev tools for building, shipping, and running serverless applications. Tools include, profiling, monitoring, logging, and metrics • Location: Philadelphia, PA Funding Seed-3: $2.0m (Aug-18) Seed-2: $2.5m (Aug-17) Seed-1: $1.0m (Jan-17) Investors • Boldstart • Correlation • Madrona • NEA • Underscore • Dashbird’s product helps developers build and maintain serverless applications • The company's technology help to resolve the problem of monitoring and debugging fixes by developing serverless architectures to build more scalable and cheap back end applications • Dashbird uses CloudWatch logs in order to offer in-depth analytics, and the 2 minute setup doesn't require any code changes • Location: Tallinn, Estonia Seed: $0.8m (May-18) • Icebreaker VC • Passion Capital Serverless observability and monitoring tools stand out as an attractive investment area in serverless, with IOPipe and Dashbird providing leading products in the space Source: Pitchbook, CrunchBase. Denotes Underscore portfolio company.
  16. 16. @underscorevc Serverless monitoring companies Company 16 Overview • Lumigo is a developer of a serverless operations platform designed to help organizations to build their cloud applications. • The company's platform allows full visibility and traceability of serverless applications including 3rd party services, enabling enterprises to prevent services disruptions before they happen through actionable alerts based on user and entity behavioral analytics • Location: Tel Aviv, Israel Funding Seed: $8.0m (Jan-19) Investors • Grove Ventures • Pitango VC • Meron Capital • Thundra is a developer of software designed to provides deep insight into the entire serverless environment • The company's software offers full observability, debugging and performance tracking by identifying and solving performance problems in their AWS Lambda environments with minimal to zero coding and no additional overhead • The software enables clients to adopt serverless architectures and to customize and configure monitoring for any use case • Location: Boston, Massachusetts Seed: $1.5m (Oct-18) • Battery Ventures Serverless observability and monitoring tools stand out as an attractive investment area in serverless Source: Pitchbook, CrunchBase.
  17. 17. @underscorevc Serverless Security
  18. 18. @underscorevc Serverless security – Market map 18 Complete cloud-nati ve security Serverless only Seed Series-A Series-B ≥Series-C Serverless transferred many application security risks to the provider but also created new risks as monitoring becomes harder, the attack surface grows, and dependencies increased • There have been pure-play serverless security start-ups along with new products from established players • VMWare recently acquired Intrinsic, and Palo Alto Networks also acquired both PureSec and Twistlock • The products released have largely focused on: o Function testing (Dev) o Library vulnerabilities (Dev & CI/CD) o Runtime firewalls (Deployment) o Container security (Deployment) o Function monitoring (Production) o Permission monitoring (Production) Note: Companies shown have published, or presented, extensive materials around serverless security. Dollar amount represents funding to date / pre-acquisition. Intrinsic (Undisclosed), PureSec (Undisclosed), and Twistlock ($410m) were acquired between May-19 and August-19. ($2.0m) (Acquired) ($32.0m) ($100.0m) (Acquired) (Acquired)
  19. 19. @underscorevc Serverless security acquisitions Company 19 Overview • Puresec is a developer of a cloud-based cyber security platform designed to provide network protection for serverless architectures • The company's cloud-based cyber security platform seamlessly integrates with serverless applications and provides instant protection against both known and unknown threats, enabling companies to build and run applications and services without having to manage infrastructure, resulting in saving time and money • Location: Tel Aviv, Israel While it was initially unclear if companies would buy/adopt serverless security point-solutions, the increasing consolidation leads us to believe they will look for end-to-end solutions Funding Acquired by Palo Alto Networks in Jun-19 for an undisclosed amount Series-A: $7.0m (Oct-18) Seed: $3.0m (May-17) Investors • Square Peg Capital • TLV Partners • Entrée Capital Source: Pitchbook, CrunchBase. • Intrinsic is a developer of a cyber security platform designed to protect applications from exploits and malicious code. • The company's cyber security platform is focused on node.js uses a new application-level runtime virtualization technology to automatically enforce security policies on applications, enabling users to protect their applications from outside cyber threats. • Location: San Francisco, CA Acquired by VMWare in Aug-19 for an undisclosed amount Seed: Undisclosed (Aug-16) • First Round • a16z • NEA
  20. 20. @underscorevc Serverless security companies Company 20 Overview We are keeping a close eye on both Snyk and Protego to see if they are also acquired in the wave of consolidation Funding Investors • Snyk is a provider of security analysis tools designed to identify open-source packages. • The company's security analysis tools secure authoring and consuming of open-source code and offer tools that help to find, fix and monitor known vulnerabilities in open source dependencies, enabling clients to use open source without compromising security. • Location: London, UK / Tel Aviv, Israel Series-B: $22.0m (Sep-18) Series-A: $7.0m (Mar-18) Seed: $3.0m (Jan-16) • Accel • Boldstart • Cannan • GV • Heavybit Source: Pitchbook, CrunchBase. • Protego Labs is a developer of security services designed to offer full lifecycle security to serverless applications • The platform works by continuously scanning serverless infrastructure, including functions, logs and databases, to increase the application's security posture and minimize the attack surface, using machine learning based analysis and deep learning algorithms, enabling users to identify and prevent attacks in real time • Location: Baltimore, Maryland Seed: $2.0m (May-18) • Glilot Capital • Ron Gula (Tenable founder) • Tim Belcher (NetWitness founder)
  21. 21. @underscorevc Serverless Infrastructure
  22. 22. @underscorevc Serverless infrastructure 22 Serverless infrastructure consists of the hosted and installable platforms, along with the software platforms that tie the software stack together • Hosted platforms o This market is largely dominated by AWS Lambda, Azure Functions, and Google Cloud Functions o Startups have build platforms to extend capabilities, or for specific use cases. I believe these products will struggle to gain widespread traction as most customers have pre-existing relationships with a large provider • Installable platforms o Knative is forecast to make most of the installable platforms obsolete, with it predicted to become the new standard • Other software platforms o New products are being developed, on top of Kubernetes and Knative, to create better multi-cloud serverless management platforms
  23. 23. @underscorevc Serverless infrastructure companies Company 23 Overview • Triggermesh is an open-source multi-cloud serverless management platform for deploying, orchestrating and migrating serverless workloads across clouds • The company's platform helps developers deploy and manage serverless functions on any leading public cloud or in their own data center, enabling clients to reduce recurring engineering costs, automate the complete serverless lifecycle and improve the process of building serverless applications • Location: Research Triangle Park, North Carolina Funding n.a. (founded Jul-18) Investors • n.a. • Nuweba is a developer of a fast and secure serverless platform designed to offer advanced application security and deep visibility services • The company's platform aims to overcome the speed, security and visibility challenges facing serverless technology, as well as offers enterprise-grade, application level security and all-around deep visibility of how applications are running in real-time • Location: Tel Aviv, Israel Seed: $4.8m (Feb-19) • Magma Venture Partners • Target Global Source: Pitchbook, CrunchBase.
  24. 24. @underscorevc Serverless infrastructure companies Company 24 Overview • Nimbella is a pure serverless cloud that leverages the public cloud infrastructure and can be extended to private on-premise infrastructure. It is built on open standards, giving developers full control over their architecture and code, without vendor lock-in. • The product is designed from the ground up to address the needs of event-based applications, long running applications, stateful workloads, and more complex use cases that employ artificial intelligence and machine learning • Founders were primary authors of Apache OpenWhisk • Location: San Francisco, California Funding Seed: $4.0m (Oct-18) Investors • Engineering Capital • Elefund • Converge • Binaris is a provider of a function as a service (serverless) platform intended to bring development agility to demanding and emerging applications • The company’s serverless platform focusses on high speed function invocation to extend serverless to demanding applications like online gaming, bidding and trading systems, enabling developers to compose functions together in a microservice architecture, while maintaining predictable response times in the milliseconds • Location: Tel Aviv, Israel Con-note: $2.5m (Jun-18) Seed: $3.9m (Oct-18) • Meron Capital • Cardumen Capital • Lightspeed • Engineering Capital • Dell Capital Source: Pitchbook, CrunchBase.
  25. 25. @underscorevc Appendix
  26. 26. @underscorevc Serverless characteristics and use cases Short runtime of code ● Designed to execute code for seconds or milliseconds, thus not useful for long-running applications Variable and infrequent workloads ● Minimizes infrastructure related costs for applications that do not need to be running all of the time Stateless and event-driven ● Functions are spun up and down quickly, and data from the execution is neither saved nor made available for the next execution 26 Serverless Characteristics Serverless Use Cases Microservices ● Ease of scaling well-suited for a microservices architecture Stream & Edge Processing ● Requires fast, real-time responses of unpredictable data traffic Batch Processing ● Well-suited as they are generally short-run and requires minimal intervention IT automation ● Tasks such as backup or patching are well suited as they are event-driven.
  27. 27. @underscorevc History of Serverless products 27