Home » developers

Application security platform NeuraLegion raises $4.7 million seed led by DNX Ventures

Posted on October 15, 2020October 15, 2020 by DREAMTECH

A video call group photo of NeuraLegion’s team working remotely around the world

Application security platform NeuraLegion announced today it has raised a $4.7 million seed round led by DNX Ventures, an enterprise-focused investment firm. The funding included participation from Fusion Fund, J-Ventures and Incubate Fund. The startup also announced the launch of a new self-serve, community version that allows developers to sign up on their own for the platform and start performing scans within a few minutes.

Based in Tel Aviv, Israel, NeuraLegion also has offices in San Francisco, London, and Mostar, Bosnia. It currently offers NexDAST for dynamic application security testing, and NexPLOIT to integrate application security into SDLC (software development life-cycle). It was launched last year by a founding team that includes chief executive Shoham Cohen, chief technology officer Bar Hofesh, chief scientist Art Linkov, and president and chief commercial officer Gadi Bashvitz.

When asked who NeuraLegion views as its closest competitors, Bashvitz said Invicti Security and WhiteHat Security. Both are known primarily for their static application security testing (SAST) solutions, which Bashvitz said complements DAST products like NeuraLegion’s.

“These are complementary solutions and in fact we have some information partnerships with some of these companies,” he said.

Where NeuraLegion differentiates from other application security solutions, however, is that it was created for specifically for developers, quality assurance and DevOps workers, so even though it can also be used by security professionals, it allows scans to be run much earlier in the development process than usual while lowering costs.

Bashvitz added that NeuraLegion is now used by thousands of developers through their organizations, but it is releasing its self-serve, community product to make its solutions more accessible to developers, who can sign up on their own, run their first scans and get results within fifteen minutes.

In a statement about the funding, DNX Ventures managing partner Hiro Rio Maeda said, “The DAST market has been long stalled without any innovative approaches. NeuraLegion’s next-generation platform introduces a new way of conducting robust testing in today’s modern CI/CD environment.”

DNX Ventures launches $315 million fund for US and Japanese B2B startups

By Catherine Shu

Why AWS built a no-code tool

Posted on June 24, 2020June 24, 2020 by DREAMTECH

AWS today launched Amazon Honeycode, a no-code environment built around a spreadsheet-like interface that is a bit of a detour for Amazon’s cloud service. Typically, after all, AWS is all about giving developers all of the tools to build their applications — but they then have to put all of the pieces together. Honeycode, on the other hand, is meant to appeal to non-coders who want to build basic line-of-business applications. If you know how to work a spreadsheet and want to turn that into an app, Honeycode is all you need.

To understand AWS’s motivation behind the service, I talked to AWS VP Larry Augustin and Meera Vaidyanathan, a general manager at AWS.

“For us, it was about extending the power of AWS to more and more users across our customers,” explained Augustin. “We consistently hear from customers that there are problems they want to solve, they would love to have their IT teams or other teams — even outsourced help — build applications to solve some of those problems. But there’s just more demand for some kind of custom application than there are available developers to solve it.”

Image Credits: Amazon

In that respect then, the motivation behind Honeycode isn’t all that different from what Microsoft is doing with its PowerApps low-code tool. That, too, after all, opens up the Azure platform to users who aren’t necessarily full-time developers. AWS is taking a slightly different approach here, though, but emphasizing the no-code part of Honeycode.

“Our goal with honey code was to enable the people in the line of business, the business analysts, project managers, program managers who are right there in the midst, to easily create a custom application that can solve some of the problems for them without the need to write any code,” said Augustin. “And that was a key piece. There’s no coding required. And we chose to do that by giving them a spreadsheet-like interface that we felt many people would be familiar with as a good starting point.”

A lot of low-code/no-code tools also allow developers to then “escape the code,” as Augstin called it, but that’s not the intent here and there’s no real mechanism for exporting code from Honeycode and take it elsewhere, for example. “One of the tenets we thought about as we were building Honeycode was, gee, if there are things that people want to do and we would want to answer that by letting them escape the code — we kept coming back and trying to answer the question, ‘Well, okay, how can we enable that without forcing them to escape the code?’ So we really tried to force ourselves into the mindset of wanting to give people a great deal of power without escaping to code,” he noted.

Image Credits: Amazon

There are, however, APIs that would allow experienced developers to pull in data from elsewhere. Augustin and Vaidyanathan expect that companies may do this for their users on tthe platform or that AWS partners may create these integrations, too.

Even with these limitations, though, the team argues that you can build some pretty complex applications.

“We’ve been talking to lots of people internally at Amazon who have been building different apps and even within our team and I can honestly say that we haven’t yet come across something that is impossible,” Vaidyanathan said. “I think the level of complexity really depends on how expert of a builder you are. You can get very complicated with the expressions [in the spreadsheet] that you write to display data in a specific way in the app. And I’ve seen people write — and I’m not making this up — 30-line expressions that are just nested and nested and nested. So I really think that it depends on the skills of the builder and I’ve also noticed that once people start building on Honeycode — myself included — I start with something simple and then I get ambitious and I want to add this layer to it — and I want to do this. That’s really how I’ve seen the journey of builders progress. You start with something that’s maybe just one table and a couple of screens, and very quickly, before you know, it’s a far more robust app that continues to evolve with your needs.”

Another feature that sets Honeycode apart is that a spreadsheet sits at the center of its user interface. In that respect, the service may seem a bit like Airtable, but I don’t think that comparison holds up, given that both then take these spreadsheets into very different directions. I’ve also seen it compared to Retool, which may be a better comparison, but Retool is going after a more advanced developer and doesn’t hide the code. There is a reason, though, why these services were built around them and that is simply that everybody is familiar with how to use them.

“People have been using spreadsheets for decades,” noted Augustin. “They’re very familiar. And you can write some very complicated, deep, very powerful expressions and build some very powerful spreadsheets. You can do the same with Honeycode. We felt people were familiar enough with that metaphor that we could give them that full power along with the ability to turn that into an app.”

The team itself used the service to manage the launch of Honeycode, Vaidyanathan stressed — and to vote on the name for the product (though Vaidyanathan and Augustin wouldn’t say which other names they considered.

“I think we have really, in some ways, a revolutionary product in terms of bringing the power of AWS and putting it in the hands of people who are not coders,” said Augustin.

AWS launches Amazon Honeycode, a no-code mobile and web app builder

By Frederic Lardinois

Linear takes $4.2M led by Sequoia to build a better bug tracker and more

Posted on November 21, 2019November 21, 2019 by DREAMTECH

Software will eat the world, as the saying goes, but in doing so, some developers are likely to get a little indigestion. That is to say, building products requires working with disparate and distributed teams, and while developers may have an ever-growing array of algorithms, APIs and technology at their disposal to do this, ironically the platforms to track it all haven’t evolved with the times. Now three developers have taken their own experience of that disconnect to create a new kind of platform, Linear, which they believe addresses the needs of software developers better by being faster and more intuitive. It’s bug tracking you actually want to use.

Today, Linear is announcing a seed round of $4.2 million led by Sequoia, with participation also from Index Ventures and a number of investors, startup founders and others that will also advise Linear as it grows. They include Dylan Field (Founder and CEO, Figma), Emily Choi (COO, Coinbase), Charlie Cheever (Co-Founder of Expo & Quora), Gustaf Alströmer (Partner, Y Combinator), Tikhon Berstram (Co-Founder, Parse), Larry Gadea (CEO, Envoy), Jude Gomila (CEO, Golden), James Smith (CEO, Bugsnag), Fred Stevens-Smith (CEO, Rainforest), Bobby Goodlatte, Marc McGabe, Julia DeWahl and others.

Cofounders Karri Saarinen, Tuomas Artman, and Jori Lallo — all Finnish but now based in the Bay Area — know something first-hand about software development and the trials and tribulations of working with disparate and distributed teams. Saarinen was previously the principal designer of Airbnb, as well as the first designer of Coinbase; Artman had been staff engineer and architect at Uber; and Lallo also had been at Coinbase as a senior engineer building its API and front end.

“When we worked at many startups and growth companies we felt that the tools weren’t matching the way we’re thinking or operating,” Saarinen said in an email interview. “It also seemed that no-one had took a fresh look at this as a design problem. We believe there is a much better, modern workflow waiting to be discovered. We believe creators should focus on the work they create, not tracking or reporting what they are doing. Managers should spend their time prioritizing and giving direction, not bugging their teams for updates. Running the process shouldn’t sap your team’s energy and come in the way of creating.”

Linear cofounders (from left): KarriSaarinen, Jori Lallo, and Tuomas Artma

All of that translates to, first and foremost, speed and a platform whose main purpose is to help you work faster. “While some say speed is not really a feature, we believe it’s the core foundation for tools you use daily,” Saarinen noted.

A ⌘K command calls up a menu of shortcuts to edit an issue’s status, assign a task, and more so that everything can be handled with keyboard shortcuts. Pages load quickly and synchronise in real time (and search updates alongside that). Users can work offline if they need to. And of course there is also a dark mode for night owls.

The platform is still very much in its early stages. It currently has three integrations based on some of the most common tools used by developers — GitHub (where you can link Pull Requests and close Linear issues on merge), Figma designs (where you can get image previews and embeds of Figma designs), and Slack (you can create issues from Slack and then get notifications on updates). There are plans to add more over time.

“We started solving the problem from the end-user perspective, the contributor, like an engineer or a designer and starting to address things that are important for them, can help them and their teams,” Saarinen said. “We aim to also bring clarity for the teams by making the concepts simple, clear but powerful. For example, instead of talking about epics, we have Projects that help track larger feature work or tracks of work.”

Indeed, speed is not the only aim with Linear. Saarinen also said another area they hope to address is general work practices, with a take that seems to echo a turn away from time spent on manual management and more focus on automating that process.

“Right now at many companies you have to manually move things around, schedule sprints, and all kinds of other minor things,” he said. “We think that next generation tools should have built in automated workflows that help teams and companies operate much more effectively. Teams shouldn’t spend a third or more of their time a week just for running the process.”

The last objective Linear is hoping to tackle is one that we’re often sorely lacking in the wider world, too: context.

“Companies are setting their high-level goals, roadmaps and teams work on projects,” he said. “Often leadership doesn’t have good visibility into what is actually happening and how projects are tracking. Teams and contributors don’t always have the context or understanding of why they are working on the things, since you cannot follow the chain from your task to the company goal. We think that there are ways to build Linear to be a real-time picture of what is happening in the company when it comes to building products, and give the necessary context to everyone.”

Linear is a late entrant in a world filled with collaboration apps, and specifically workflow and collaboration apps targeting the developer community. These include not just Slack and GitHub, but Atlassian’s Trello and Jira, as well as Asana, Basecamp and many more.

Saarinen would not be drawn out on which of these (or others) that it sees as direct competition, noting that none are addressing developer issues of speed, ease of use and context as well as Linear is.

“There are many tools in the market and many companies are talking about making ‘work better,’” he said. “And while there are many issue tracking and project management tools, they are not supporting the workflow of the individual and team. A lot of the value these tools sell is around tracking work that happens, not actually helping people to be more effective. Since our focus is on the individual contributor and intelligent integration with their workflow, we can support them better and as a side effect makes the information in the system more up to date.”

Stephanie Zhan, the partner at Sequoia whose speciality is seed and Series A investments and who has led this round, said that Linear first came on her radar when it first launched its private beta (it’s still in private beta and has been running a waitlist to bring on new users. In that time it’s picked up hundreds of companies, including Pitch, Render, Albert, Curology, Spoke, Compound and YC startups including Middesk, Catch and Visly). The company had also been flagged by one of Sequoia’s Scouts, who invested earlier this year

Sequoia Logo Natalie Miyake

Although Linear is based out of San Francisco, it’s interesting that the three founders’ roots are in Finland (with Saarinen in Helsinki this week to speak at the Slush event), and brings up an emerging trend of Silicon Valley VCs looking at founders from further afield than just their own back yard.

“The interesting thing about Linear is that as they’re building a software company around the future of work, they’re also building a remote and distributed team themselves,” Zahn said. The company currently has only four employees.

In that vein, we (and others, it seems) had heard that Sequoia — which today invests in several Europe-based startups, including Tessian, Graphcore, Klarna, Tourlane, Evervault and CEGX — has been considering establishing a more permanent presence in this part of the world, specifically in London.

Sources familiar with the firm, however, tell us that while it has been sounding out VCs at other firms, saying a London office is on the horizon might be premature, as there are as yet no plans to set up shop here. However, with more companies and European founders entering its portfolio, and as more conversations with VCs turn into decisions to make the leap to help Sequoia source more startups, we could see this strategy turning around quickly.

By Ingrid Lunden

AWS is now making Amazon Personalize available to all customers

Posted on June 11, 2019June 11, 2019 by DREAMTECH

Amazon Personalize, first announced during AWS re:Invent last November, is now available to all Amazon Web Services customers. The API enables developers to add custom machine learning models to their apps, including ones for personalized product recommendations, search results and direct marketing, even if they don’t have machine learning experience.

The API processes data using algorithms originally created for Amazon’s own retail business, but the company says all data will be “kept completely private, owned entirely by the customer.” The service is now available to AWS users in three U.S. regions, East (Ohio), East (North Virginia) and West (Oregon), two Asia Pacific regions (Tokyo and Singapore) and Ireland in the European Union, with more regions to launch soon.

AWS customers who have already added Amazon Personalize to their apps include Yamaha Corporation of America, Subway, Zola and Segment. In Amazon’s press release, Yamaha Corporation of America Director of Information Technology Ishwar Bharbhari said Amazon Personalize “saves us up to 60% of the time needed to set up and tune the infrastructure and algorithms for our machine learning models when compared to building and configuring the environment on our own.”

Amazon Personalize’s pricing model charges five cents per GB of data uploaded to Amazon Personalize and 24 cents per training hour used to train a custom model with their data. Real-time recommendation requests are priced based on how many are uploaded, with discounts for larger orders.

By Catherine Shu

Microsoft and GitHub grow closer

Posted on May 6, 2019May 6, 2019 by DREAMTECH

Microsoft’s $7.5 billion acquisition of GitHub closed last October. Today, at its annual Build developer conference, Microsoft announced a number of new integrations between its existing services and GitHub. None of these are earth-shattering or change the nature of any of GitHub’s fundamental features, but they do show how Microsoft is starting to bring GitHub closer into the fold.

It’s worth noting that Microsoft isn’t announcing any major GitHub features at Build, though it’s only a few weeks ago that the company made a major change by giving GitHub Free users access to unlimited private repositories. For major feature releases, GitHub has its own conference anyway.

So what are the new integrations? Most of them center around identity management. That means GitHub Enterprise users can now use Azure Active Directory to access GitHub. Developers will also be able to use their existing GitHub accounts to log into Azure features like the Azure Portal and Azure DevOps. “This update enables GitHub developers to go from repository to deployment with just their GitHub account,” Microsoft argues in its release announcement.

As far as selling GitHub goes, Microsoft also today announced a new Visual Studio subscription with access to GitHub Enterprise for Microsoft’s Enterprise Agreement customers. Given that there is surely a lot of overlap between Visual Studio’s enterprise customers and GitHub Enterprise users, this move makes sense. Chances are, it’ll also make moving to GitHub Enterprise more enticing for current Visual Studio subscribers.

Lastly, the Azure Boards app, which offers features like Kanban boards and sprint planning tools, is now also available in the GitHub Marketplace.

By Frederic Lardinois

Docker developers can now build Arm containers on their desktops

Posted on April 24, 2019April 24, 2019 by DREAMTECH

Docker and Arm today announced a major new partnership that will see the two companies collaborate in bringing improved support for the Arm platform to Docker’s tools.

The main idea here is to make it easy for Docker developers to build their applications for the Arm platform right from their x86 desktops and then deploy them to the cloud (including the Arm-based AWS EC2 A1 instances), edge and IoT devices. Developers will be able to build their containers for Arm just like they do today, without the need for any cross-compliation.

This new capability, which will work for applications written in Javascript/Node.js, Python, Java, C++, Ruby, .NET core, Go, Rust and PHP, will become available as a tech preview next week, when Docker hosts its annual North American developer conference in San Francisco.

Typically, developers would have to build the containers they want to run on the Arm platform on an Arm-based server. With this system, which is the first result of this new partnership, Docker essentially emulates an Arm chip on the PC for building these images.

“Overnight, the 2 million Docker developers that are out there can use the Docker commands they already know and become Arm developers,” Docker EVP of Business Development David Messina told me. “Docker, just like we’ve done many times over, has simplified and streamlined processes and made them simpler and accessible to developers. And in this case, we’re making x86 developers on their laptops Arm developers overnight.”

Given that cloud-based Arm servers like Amazon’s A1 instances are often signficantly cheaper than x86 machines, users can achieve some immediate cost benefits by using this new system and running their containers on Arm.

For Docker, this partnership opens up new opportunities, especially in areas where Arm chips are already strong, including edge and IoT scenarios. Arm, similarly, is interested in strengthening its developer ecosystem by making it easier to develop for its platform. The easier it is to build apps for the platform, the more likely developers are to then run them on servers that feature chips from Arm’s partners.

“Arm’s perspective on the infrastructure really spans all the way from the endpoint, all the way through the edge to the cloud data center, because we are one of the few companies that have a presence all the way through that entire path,” Mohamed Awad, Arm’s VP of Marketing, Infrastructure Line of Business, said. “It’s that perspective that drove us to make sure that we engage Docker in a meaningful way and have a meaningful relationship with them. We are seeing compute and the infrastructure sort of transforming itself right now from the old model of centralized compute, general purpose architecture, to a more distributed and more heterogeneous compute system.”

Developers, however, Awad rightly noted, don’t want to have to deal with this complexity, yet they also increasingly need to ensure that their applications run on a wide variety of platform and that they can move them around as needed. “For us, this is about enabling developers and freeing them from lock-in on any particular area and allowing them to choose the right compute for the right job that is the most efficient for them,” Awad said.

Mesina noted that the promise of Docker has long been to remove the dependence of applications from the infrastructure they run on. Adding Arm support simply extends this promise to an additional platform. He also stressed that the work on this was driven by the company’s enterprise customers. These are the users who have already set up their systems for cloud-native development with Docker’s tools — at least for their x86 development. Those customers are now looking at developing for their edge devices, too, and that often means developing for Arm-based devices.

Awad and Messina both stressed that developers really don’t have to learn anything new to make this work. All of the usual Docker commands will just work.

By Frederic Lardinois

GitHub Free users now get unlimited private repositories

Posted on January 7, 2019January 7, 2019 by DREAMTECH

If you’re a GitHub user, but you don’t pay, this is a good week. Historically, GitHub always offered free accounts but the caveat was that your code had to be public. To get private repositories, you had to pay. Starting tomorrow, that limitation is gone. Free GitHub users now get unlimited private projects with up to three collaborators.

The amount of collaborators is really the only limitation here and there’s no change to how the service handles public repositories, which can still have unlimited collaborators.

This feels like a sign of goodwill on behalf of Microsoft, which closed its acquisition of GitHub last October, with former Xamarin CEO Nat Friedman taking over as GitHub’s CEO. Some developers were rather nervous about the acquisition (though it feels like most have come to terms with it). It’s also a fair guess to assume that GitHub’s model for monetizing the service is a bit different from Microsoft’s. Microsoft doesn’t need to try to get money from small teams — that’s not where the bulk of its revenue comes from. Instead, the company is mostly interested in getting large enterprises to use the service.

Talking about teams, GitHub also today announced that it is changing the name of the GitHub Developer suite to ‘GitHub Pro.’ The company says it’s doing so in order to “help developers better identify the tools they need.”

But what’s maybe even more important is that GitHub Business Cloud and GitHub Enterprise (now called Enterprise Cloud and GitHub Enterprise) have become one and are now sold under the ‘GitHub Enterprise’ label and feature per-user pricing.

Note: this story was scheduled for tomorrow, but due to a broken embargo, we decided to publish today. The feature will go live tomorrow.

By Frederic Lardinois

Google’s Apigee officially launches its API monitoring service

Posted on October 11, 2018October 11, 2018 by DREAMTECH

It’s been about two years since Google acquired API management service Apigee. Today, the company is announcing new extensions that make it easier to integrate the service with a number of Google Cloud services, as well as the general availability of the company’s API monitoring solution.

Apigee API monitoring allows operations teams to get more insight into how their APIs are performing. The idea here is to make it easy for these teams to figure out when there’s an issue and what’s the root cause for it by giving them very granular data. “APIs are now part of how a lot of companies are doing business,” Ed Anuff, Apigee’s former SVP of product strategy and now Google’s product and strategy lead for the service, told me. “So that tees up the need for API monitoring.”

Anuff also told me that he believes that it’s still early days for enterprise API adoption — but that also means that Apigee is currently growing fast as enterprise developers now start adopting modern development techniques. “I think we’re actually still pretty early in enterprise adoption of APIs,” he said. “So what we’re seeing is a lot more customers going into full production usage of their APIs. A lot of what we had seen before was people using it for maybe an experiment or something that they were doing with a couple of partners.” He also attributed part of the recent growth to customers launching more mobile applications where APIs obviously form the backbone of much of the logic that drives those apps.

API Monitoring was already available as a beta, but it’s now generally available to all Apigee customers.

Given that it’s now owned by Google, it’s no surprise that Apigee is also launching deeper integrations with Google’s cloud services now — specifically services like BigQuery, Cloud Firestore, Pub/Sub, Cloud Storage and Spanner. Some Apigee customers are already using this to store every message passed through their APIs to create extensive logs, often for compliance reasons. Others use Cloud Firestore to personalize content delivery for their web users or to collect data from their APIs and then send that to BigQuery for analysis.

Anuff stressed that Apigee remains just as open to third-party integrations as it always was. That is part of the core promise of APIs, after all.

By Frederic Lardinois

GitHub Enterprise and Business Cloud users now get access to public repos, too

Posted on July 12, 2018July 12, 2018 by DREAMTECH

GitHub, the code hosting service Microsoft recently acquired, is launching a couple of new features for its business users today that’ll make it easier for them to access public repositories on the service.

Traditionally, users on the hosted Business Cloud and self-hosted Enterprise were not able to directly access the millions of public open-source repositories on the service. Now, with the service’s release, that’s changing, and business users will be able to reach beyond their firewalls to engage and collaborate with the rest of the GitHub community directly.

With this, GitHub now also offers its business and enterprise users a new unified search feature that lets them tap into their internal repos but also look at open-source ones.

Other new features in this latest Enterprise release include the ability to ignore whitespace when reviewing changes, the ability to require multiple reviewers for code changes, automated support tickets and more. You can find a full list of all updates here.

Microsoft’s acquisition of GitHub wasn’t fully unexpected (and it’s worth noting that the acquisition hasn’t closed yet), but it is still controversial, given that Microsoft and the open-source community, which heavily relies on GitHub, haven’t always seen eye-to-eye in the past. I’m personally not too worried about that, and it feels like the dust has settled at this point and that people are waiting to see what Microsoft will do with the service.

Microsoft has acquired GitHub for $7.5B in stock

By Frederic Lardinois

Kubernetes and Cloud Foundry grow closer

Posted on April 20, 2018April 20, 2018 by DREAMTECH

Containers are eating the software world — and Kubernetes is the king of containers. So if you are working on any major software project, especially in the enterprise, you will run into it sooner or later. Cloud Foundry, which hosted its semi-annual developer conference in Boston this week, is an interesting example for this.

Outside of the world of enterprise developers, Cloud Foundry remains a bit of an unknown entity, despite having users in at least half of the Fortune 500 companies (though in the startup world, it has almost no traction). If you are unfamiliar with Cloud Foundry, you can think of it as somewhat similar to Heroku, but as an open-source project with a large commercial ecosystem and the ability to run it at scale on any cloud or on-premises installation. Developers write their code (following the twelve-factor methodology), define what it needs to run and Cloud Foundry handles all of the underlying infrastructure and — if necessary — scaling. Ideally, that frees up the developer from having to think about where their applications will run and lets them work more efficiently.

To enable all of this, the Cloud Foundry Foundation made a very early bet on containers, even before Docker was a thing. Since Kubernetes wasn’t around at the time, the various companies involved in Cloud Foundry came together to build their own container orchestration system, which still underpins much of the service today. As it took off, though, the pressure to bring support for Kubernetes grew inside of the Cloud Foundry ecosystem. Last year, the Foundation announced its first major move in this direction by launching its Kubernetes-based Container Runtime for managing containers, which sits next to the existing Application Runtime. With this, developers can use Cloud Foundry to run and manage their new (and existing) monolithic apps and run them in parallel with the new services they develop.

But remember how Cloud Foundry also still uses its own container service for the Application Runtime? There is really no reason to do that now that Kubernetes (and the various other projects in its ecosystem) have become the default of handling containers. It’s maybe no surprise then that there is now a Cloud Foundry project that aims to rip out the old container management systems and replace them with Kubernetes. The container management piece isn’t what differentiates Cloud Foundry, after all. Instead, it’s the developer experience — and at the end of the day, the whole point of Cloud Foundry is that developers shouldn’t have to care about the internal plumbing of the infrastructure.

There is another aspect to how the Cloud Foundry ecosystem is embracing Kubernetes, too. Since Cloud Foundry is also just software, there’s nothing stopping you from running it on top of Kubernetes, too. And with that, it’s no surprise that some of the largest Cloud Foundry vendors, including SUSE and IBM, are doing exactly that.

The SUSE Cloud Application Platform, which is a certified Cloud Foundry distribution, can run on any public cloud Kubernetes infrastructure, including the Microsoft Azure Container service. As the SUSE team told me, that means it’s not just easier to deploy, but also far less resource-intensive to run.

Similarly, IBM is now offering Cloud Foundry on top of Kubernetes for its customers, though it’s only calling this an experimental product for now. IBM’s GM of Cloud Developer Services Don Boulia stressed that IBM’s customers were mostly looking for ways to run their workloads in an isolated environment that isn’t shared with other IBM customers.

Boulia also stressed that for most customers, it’s not about Kubernetes versus Cloud Foundry. For most of his customers, using Kubernetes by itself is very much about moving their existing applications to the cloud. And for new applications, those customers are then opting to run Cloud Foundry.

That’s something the SUSE team also stressed. One pattern SUSE has seen is that potential customers come to it with the idea of setting up a container environment and then, over the course of the conversation, decide to implement Cloud Foundry as well.

Indeed, the message of this week’s event was very much that Kubernetes and Cloud Foundry are complementary technologies. That’s something Chen Goldberg, Google’s Director of Engineering for Container Engine and Kubernetes, also stressed during a panel discussion at the event.

Both the Cloud Foundry Foundation and the Cloud Native Computing Foundation (CNCF), the home of Kubernetes, are under the umbrella of the Linux Foundation. They take somewhat different approaches to their communities, with Cloud Foundry stressing enterprise users far more than the CNCF. There are probably some politics at play here, but for the most part, the two organizations seem friendly enough — and they do share a number of members. “We are part of CNCF and part of Cloud Foundry foundation,” Pivotal CEO Rob Mee told our own Ron Miller. “Those communities are increasingly sharing tech back and forth and evolving together. Not entirely independent and not competitive either. Lot of complexity and subtlety. CNCF and Cloud Foundry are part of a larger ecosystem with complimentary and converging tech.”

We’ll likely see more of this technology sharing — and maybe collaboration — between the CNCF and Cloud Foundry going forward. The CNCF is, after all, the home of a number of very interesting projects for building cloud-native applications that do have their fair share of use cases in Cloud Foundry, too.

Cloud Foundry Foundation looks east as Alibaba joins as a gold member

Cloud.gov makes Cloud Foundry easier to adopt for government agencies

Posted on April 18, 2018April 18, 2018 by DREAMTECH

At the Cloud Foundry Summit in Boston, the team behind the U.S. government’s cloud.gov application platform announced that it is now a certified Cloud Foundry platform that is guaranteed to be compatible with other certified providers like Huawei, IBM, Pivotal, SAP and — also starting today — Suse. With this, cloud.gov becomes the first government agency to become Cloud Foundry certified.

The point behind the certification is to ensure that all of the various platforms that support Cloud Foundry are compatible with each other. In the government context, this means that agencies can easily move their workloads between clouds (assuming they have all the necessary government certifications in place). But what’s maybe even more important is that it also ensures skills portability, which should make hiring and finding contractors easier for these agencies. Given that the open source Cloud Foundry project has seen quite a bit of adoption in the private sector, with half of the Fortune 500 companies using it, that’s often an important factor for deciding which platform to built on.

From the outset, cloud.gov, which was launched by the General Services Administration’s 18F office to improve the U.S. government’s public-facing websites and applications, was built on top of Cloud Foundry. Similar agencies in Australia and the U.K. have made the same decision to standardize on the Cloud Foundry platform. Cloud Foundry launched its certification program a few years ago and last year, it also added another program for certifying the skills of individual developers.

To be able to run government workloads, a cloud platform has to offer a certain set of security requirements. As Cloud Foundry Foundation CTO Chip Childers told me, the work 18F did to get the FedRAMP authorization for cloud.gov helped bring better controls to the upstream project, too, and he stressed that all of the governments that have adopted the platform have contributed to the overall project.

GitLab adds support for GitHub

Posted on March 22, 2018March 22, 2018 by DREAMTECH

Here is an interesting twist: GitLab, which in many ways competes with GitHub as a shared code repository service for teams, is bringing its continuous integration and delivery (CI/CD) features to GitHub.

The new service is launching today as part of GitLab’s hosted service. It will remain free to developers until March 22, 2019. After that, it’s moving to GitLab.com’s paid Silver tier.

GitHub itself offers some basic project and task management services on top of its core tools, but for the most part, it leaves the rest of the DevOps lifecycle to partners. GitLab offers a more complete CI/CD solution with integrated code repositories, but while GitLab has grown in popularity, GitHub is surely better known among developers and businesses. With this move, GitLab hopes to gain new users — and especially enterprise users — who are currently storing their code on GitHub but are looking for a CI/CD solution.

The new GitHub integration allows developers to set up their projects in GitLab and connect them to a GitHub repository. So whenever developers push code to their GitHub repository, GitLab will kick off that project’s CI/CD pipeline with automated builds, tests and deployments.

“Continuous integration and deployment form the backbone of modern DevOps,” said Sid Sijbrandij, CEO and co-founder of GitLab. “With this new offering, businesses and open source projects that use GitHub as a code repository will have access to GitLab’s industry leading CI/CD capabilities.”

It’s worth noting that GitLab offers a very similar integration with Atlassian’s BitBucket, too.