Coldago announced its Gems 2023

Coldago Research just unveiled its last Gems for 2023. It reflects the market trend, their product development and announcement, the real impact of these vendors on the market and their vision associated with their capability to execute on it. For 2023, I select GRAID Technology, LINBIT, Pliops, PoINT Software & Systems and UnifabriX.

The interesting part is than I did this analysis for more than 10 years as I started it in 2010. Here is below the full list since the beginning.

Year	Companies
2023	GRAID Technology - LINBIT - Pliops - PoINT Software & Systems - UnifabriX
2022	Fungible - Lightbits Labs - Liqid - Model9 - VAST Data
2021	Nebulon - Pavilion Data - OwnBackup - Robin.io - Versity
2020	Data Dynamics - Hammerspace - HYCU - Kasten - StorPool
2019	Igneous - Komprise - MinIO - Qumulo - WekaIO
2018	Cohesity - Datera - Portworx - Rubrik - Vexata
2017	Datrium - Infinidat - Hedvig - Nasuni - NooBaa
2016	Cloudian - Coho Data - Compuverde - DDN - E8 Storage
2015	Actifio - Caringo - CTera Networks - Kaminario - PernixData
2014	DSSD - Exablox - Panzura - Primary Data - Sanbolic
2013	Avere - Nimble Storage - Tintri - SolidFire - Virsto
2012	Cleversafe - Fusion-IO - Pure Storage - Symform - Zadara
2011	Arkeia - StorSimple - TwinStrata - Veeam - Violin
2010	Coraid - DataCore - FalconStor - Isilon - Nexenta

I recently also recorded a dedicated podcast for the French Storage Podcast, it is the episode 143 globally, enjoy your listening. 

Read More

Towards a standard in container security with Sysdig

For the 4th time, we met Sysdig in San Francisco during the recent 48th edition of The IT Press Tour. The first meeting was in June 2016, 7 years ago, just 3 years after Loris Degioanni founded the company. We have the opportunity to meet him again with Suresh Vasudevan, CEO, we met also in the past. It was definitely a very good session and we learned all the progress made the company and their impact on the market. That help us to put in perspective elements shared several years ago. What a trajectory and impact with tons of Falco downloads and business in 20+ countries. So far the company has raised $750 million and I'm still wondering why the company needs such large amount. Of course we understand in this market companies have to move fast, invest a lot, recruit people and gain market share. At the same time, the company has to protect itself against potential acquisition as the goal could be an IPO.

Since the beginning the company defines its mission: "To accelerate and secure cloud innovation" from source to run, meaning from the development to the operation phase. And this works in the loop as upgrade and changes are permanent with CI/CD considerations. They do that with a fundamental element, Falco, the open source standard for cloud-native threat detection and response. Associated with Falco, Sysdig designs, builds and develops Sysdig Secure and Sysdig Monitor, 2 commercial offerings, tailored to Kubernetes environments.

The move for enterprises to distributed computing model has obviously introduced some risks in terms of security at all levels. Vulnerability, configuration, IAM and threat detection are 4 key areas paramount to address to facilitate cloud adoption and users' success.

Falco is the foundation, it is integrated with several security products on the market like Sumo Logic, StackRox, CloudGuard from CheckPoint... The philosophy is to monitor system and cloud events and even more via a standard open API. Falco is agentless, well advanced in threat detection, recognized as one of the most advanced security engine in the domain.

Sysdig has developed a real expertise on the container security side with key people and also leverages public repositories and honeypot network plus vulnerability research. Sysdig Secure appears to be one of the most comprehensive approach in the domain today that, coupled with Machine Learning, delivers a new level of protection. As the Kubernetes environment evolves in realtime with very frequent CI/CD updates, it represents a new difficulty especially for elements currently in-use. Partners understand this and the partnership with Snyk is a perfect example of deep integration, birdging developers, security domains and operations.

At the same time, Sysdig briefed the group on the coming annual Sysdig 2023 Cloud-Native Security and Usage Report, available here. It turns out that the containers world is still very opened to threats and the access management represents an invitation for penetration as the real technique seems to be very relaxed. Also costs are not well controlled with CPU, memory and containers usage clearly in waste mode. The summary slide speaks for itself. 

Read More

Project Velero, an open source data protection framework for cloud-native workloads

During the recent 48th edition of The IT Press Tour, we had the opportunity to have a session on Project Velero at Red Hat office in Sunnyvale.

Velero is an open source tool that offers data protection, migration and DR for cloud-native workloads orchestrated by Kubernetes. And as enterprises move more and more to these Kubernetes controlled environments, it clearly become a must have, whatever the deployment model is on-premises or public clouds.

I mentioned the location of the meeting as this project is a joint effort from several active vendors such Dell, Kasten, Microsoft, Red Hat and VMware by alpha order. The web site of the project indicated clearly that the project is backed by VMware but when we checked the page pointed http://vmware.github.io/ then https://github.com/vmware/, we didn't find any project name velero. Of course on the main Github page, the search of Velero gave results. This link should be updated.

Velero comes from Heptio, it was the Ark product there, a Seattle-based company acquired by VMware end of 2018.

Already mentioned above, Velero mission is to protect stateful information within a Kubernetes cluster such etcd and persistent volumes. The difficulty in a distributed environment is to be sure everything is consistent, I should say frozen at the same time, to have a real point-in-time view of the entire application environment. This is really difficult and it represents a classic theoretical challenge to solve.

Velero has 3 components: a Velero server in the cluster, a CLI client and a Restic deamonset in the cluster as well. Velero relies on the Kubernetes API server to manage correctly etcd data and also cloud provider snapshot but also it could be a file system backup with Restic for instance, then use a data mover function to copy these data to an external object storage for backup images persistence. 

We understand that Velero is used by several key vendors such Veritas with NetBackup, Dell with PowerProtect, VMware, Red Hat and a few others.

Read More

HYCU picks a radical new approach for SaaS applications data protection

HYCU joined the recent IT Press Tour for the 8th time, confirming the value of the tour. And this time, they chose the tour to make a big splash, the launch of R-Cloud, their disruptive solution to protect users' data used by SaaS applications. They briefed us last week in San Jose, CA, for an official announcement today.

We saw for a few years vendors protecting always same SaaS applications, the famous Salesforce, Google Workspace or Microsoft 365, and as the opportunity is big enough for all players, they don't really address other need or really incrementally. With bare metal, virtual machines, container, cloud-based workloads and now SaaS applications, the industry has created its own complexity and it becomes even more critical and tough to protect all these data with one solution. We see even users jumping into SaaS application without any information about data protection or believing it is included. It should be but it is not and it is a real scandal for SaaS. We understand the PaaS option and the IaaS different requirements.

For SaaS itself, the complexity is huge as not all SaaS application are covered and if so it is by different solutions. What a nightmare.

HYCU took some time to think about a solution to address this fast growing issue and they came back with a real innovative approach. At the root, the team realized that SaaS applications vendors know the best how to protect data, they know their service architecture and how their services consume data. So the idea is to offer, free of charge, to these vendors the capability to build their own agent/plug-in/driver/module... with a low code/no code approach and then managed and orchestrated by HYCU Protégé. It gives them the confidence to say that choosing their service is now risk free in terms of data loss as data may be recovered.

The second key element is R-Graph, a topology view of all SaaS applications used by a company to understand their need and things are protected.

The next key component is the Marketplace where all modules are displayed very easy to deploy. The service is sold under subscription between 1 to $3 per seat per month whatever is the volume of data.

This is a real disruption for the SaaS world and HYCU has initiated a new way to control that data protection aspect. The race has started and we'll see how the competition will react to this announcement. We'll also monitor the adoption of the HYCU solution.

Read More