I can’t believe that 2015 is over and we are now onto a new year!
2015 started when Dima and I quit our day jobs and started working in our “garage” in January. We ate home-made Cholnet (Dima has a picture of that with the caption “Twistlock 0.0” somewhere :), and worked hard on coming up with a clear picture of what we want to do for our new venture.
After a few trials and errors, our vision started to crystallize:
- First, we know that we want to focus on the “new stack”. We realized that companies such as Google, which probably was the first to implement the concept of widespread services, did so with containers as a critical element. The reason for that was to empower users to focus on innovation and not on endless IT procedures and management.
- We then came to realize that our job, in starting Twistlock, is to ensure that security is elastic enough to support this new stack so any company can adopt these new concepts. To do that, we knew we need to give Security Ops necessary tools and capabilities so they can become enablers, not road blocks.
To realize this vision, we had to do a few things first:
People & Hiring: People are the most important thing for us at Twistlock. We know that to build a great company, we must give employees opportunities to learn, to grow and to have fun. It’s difficult to do that if we don’t surround ourselves with top-notch people. So we tried very had to hire the best people we can, and in doing so, also keeping our existing team energized, fulfilled, and having fun at the same time.
Moreover – working in a large enterprise (Microsoft) for 14 years, I’ve seen evidences of this – if you want to create a successful product, the core team must be made out of exceptional individuals, otherwise you’ll never be able to lead the market.
So you get it – we absolutely didn’t compromise on the quality of the team. I know everyone says that but we decided that we’d rather not hire if we can’t find the right candidate. We started with a small core group and we gradually brought on folks that help us elevate the collective quality of the team. Our hiring process was rigorous and careful at the same time. As a result, we built an amazing team in Israel and in the US.
We will do more of that in 2016. Check out our job page on stackoverflow.
Product: Throughout 2015, we experimented and developed a new kind of security “particle” for container-based data centers – our container Defender. I think of it as a true next-generation security technology because not only it fits seamlessly with the DevOps process, it also affords integrated protection from software development to production. In addition, it is as portable and efficient to deploy as any containers. Developing the Defender technology was a learning process for all of us, but we had fun at the same time.The fun and learning part was trailblazing like all other products in the containers eco-system, but we also had an additional constraint — making sure the product adheres to classic security standards.
It’s been a blast, and we also won a few awards along the way:
- SC Awards Finalist for Best Emerging Technology
- CRN Top 10 coolest startups of 2015
- Virtualization Review Editor Choice Awards
- CRN Emerging Vendors 2015
We are thrilled with the market reception. At the same time, though, the recognitions kept us on our toes and we know that we have to continue to do our absolute best.
Partnerships: We were privileged to work side by side with the Docker security team (see 17:36 in the video at the bottom of the page) on a couple of subject areas.
- It started from two “tiny” projects and evolved into a full blown effort which we ended up leading: Authentication & Authorization for the Docker project.
- We became Google Container Registry’s launching partner. Google mentioned us in their blog regarding our integration with the Google container stack. Google were generous and helped us by providing us access to their container dev team, as well as their product team, to make sure the integration worked perfectly.
- We also became Amazon EC2’s Container Registry launching partner, providing container security and vulnerability management. This was detailed in an Amazon blog regarding our integration with the new Amazon container offering. Amazon was also extremely supportive in the integration efforts, which we had to complete in a super short time frame.
We had the pleasure of partnering with Ishi Systems, a global expert in Mesos. We also announced a strategic partnership with Sonatype, whose visibility in software supply chain assurance complements ours seamlessly.
We have many more partnerships in the making, but I guess they will have to wait for 2016
Lastly but not the least customers: We had the privilege of working with some of the most innovative companies on the planet. Our customers are a good mix of fortune 500’s, multi-nationals, and super innovative startups. A large number of companies showed interest in our beta program, which allowed us to pick roughly 15 customers for our beta.
Our beta customers have been super involved; they gave us feedback, helped us increase the quality of the product and the sophistication of the technology. With that, we were able to complete a widely successful beta program in November and brought our technology to general availability in DockerCon Europe.
It has been an intense, sometimes grueling, but amazing year to say the least. But above all, it has been a fantastic learning experience like no other.
As we enter the new year, a big thanks to our customers, partners, and everyone who helped us along the way.
Some consider container adoption as a fad, but from where we stand now a year later, we see it as a trail-blazing trend that is making ground-swell changes. This is happening not just in startups, where everyone is focused on innovation, but also with fortune 500 / large enterprises that are eager to unleash the power of their “in house” R&D. We are proud to say that Twistlock is an one of the enablers of this change.
Happy new year and onto a even more adventurous and successful 2016!
- Container Security
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
Baking Compliance in your CI/CD PipelineRead the Blog
Serverless Security Suggestions: Tips for Keeping Serverless Functions SecureRead the Blog
Why a Common Security Toolset is Essential for DevSecOpsRead the Blog
Putting the “Ops” in DevSecOps: Why It’s Hard and How to Do ItRead the Blog
Why the Point Solution Mindset for IT Security is DeadRead the Blog