After selling their most recent startups, Boston-based serial entrepreneurs Greg Arnette and Matt Conway started collaborating on a new idea related to cloud configuration management. With years of experience in cloud-based software and cybersecurity, Arnette and Conway knew they wanted to build something that would help the new generation of software engineers and operations personnel: DevOps teams. As seasoned founders and executives, however, they knew to ensure there was a real-world problem to solve for a large customer base. So they interviewed over 500 cloud and DevOps leaders to discover their pain points. Arnette recorded all of these conversations and over time developed and started pitching a new idea: a unified configuration management platform.
Through their personal experiences and the aforementioned meetings, the founders saw that the average medium-size enterprise has more than 5,000 cloud configuration settings and that no centralized management system existed. These companies were also adding at least three new cloud systems per year, and the emergence of Kubernetes and microservices was making things even more complex by creating new opportunities for misconfiguration. The complexity of configuration across a corporate network was only increasing, yet DevOps personnel continued to manage it all via tribal knowledge and decentralized tooling. The lack of a centralized management platform may not have seemed like a major problem if it weren’t for the fact that more than 75% of outages are the result of cloud misconfigurations. This statistic is further supported by a 2018 Cybersecurity Insiders survey where 62% of respondents believe misconfiguration is the single biggest threat to cloud security.
Ensuring configuration settings are up to date is critical, and the founders saw the opportunity to create a single record of truth to describe a company’s entire system. This story resonated with investors, including Bob Davoli of Gutbrain Ventures, and CloudTruth raised its initial funding in late 2019 to begin development work on the platform. Over the past 18 months, secrets management — the management of digital authentication credentials — was always a high-priority item on the product roadmap. Coincidentally, one of Gutbrain’s other portfolio companies, Tuono, was developing a universal secrets management solution that would be the perfect complement to help accelerate CloudTruth’s vision. York IE is excited to announce that we have invested in the combined entity, branded CloudTruth, and believe this team can create the new system of record for configuration data.
CloudTruth was founded by an experienced team of entrepreneurs and software executives. Arnette most recently was the founder and CTO of Sonian, a cloud information archival provider that was acquired by Barracuda Networks in 2017. Prior to starting Sonian, Arnette was founder and CTO of IntelliReach, which exited to Wipro. Conway, CloudTruth co-founder, and CTO, has also had a successful run in startups, founding Simply Genius and serving as CTO of Backupify, which was acquired by Datto in 2014.
Rounding out the CloudTruth management team is CPO Jesse St. Laurent, who comes to CloudTruth via the acquisition of Tuono, where he was founder and CTO. Before founding Tuono, he was the vice president of product at Simplivity and HPE.
CloudTruth’s vision is to be the unified configuration management vendor. Its platform will centrally manage configuration parameters, templates, environment variables and secrets, enhancing a company’s existing tools and supporting all cloud platforms. By doing so, CloudTruth will unify access and visibility into all cloud and application configuration data in one place, providing a globally available, abstracted single record of provisioning and configuration truth for infrastructure, applications and services, and secrets management. CloudTruth will also integrate with a company’s existing configuration tools, pipelines, and workflows, all with the goal of helping software developers and CloudOps teams increase uptime, improve security and eliminate cloud configuration risks resulting from decentralized and distributed deployment and settings. By using CloudTruth, companies can unify their parameter store, ensure consistency with enhanced support for multiple environments, replace static configuration with dynamic templates and ensure the accuracy of their application configuration.
As stated, CloudTruth acquired Tuono, a cloud secrets management startup, to help unify and simplify access and visibility into companies’ infrastructure, application, and secrets configuration data. Tuono provides comprehensive enterprise cloud automation, including secrets management, role-based access control, versioning and audit logging. Tuono’s technology plays a key role in CloudTruth’s unified configuration management platform by helping CloudOps teams better define and manage their cloud infrastructure services. Tuono’s product will also serve as the initial hook for the platform. Universal secrets management is a widespread and defined pain point in the market and it will enable CloudTruth to quickly prove its value to customers.
CloudTruth’s original go-to-market (GTM) strategy, however, did not start with universal secrets management or Tuono, and earlier efforts laid the groundwork for the current plan. During Arnette’s product-market fit research and the early development of CloudTruth, thousands of leads were accumulated as he and other team members engaged with engineering and DevOps leaders. These relationships resulted in five early design partners and customers, including fast-growing companies such as Lacework and Drift. These early partners have continued to provide feedback on CloudTruth’s product and roadmap, helping the company to build a platform that will be valuable for any company using or relying on cloud solutions (IaaS, PaaS, and SaaS).
Initially, CloudTruth will be harvesting the leads it generated over the past two years with a focus on companies that have 100 to 1,000 employees and a mature DevOps team (10 or more people). These companies will be experienced in using the cloud and will quickly comprehend the value CloudTruth will bring to their environment. The buying persona of these potential customers will range from directors and vice presidents of engineering, infrastructure, CloudOps, and DevOps to CTOs and CISOs. CloudTruth will provide significant relief to each of these groups, resulting in stickiness and cross-sell opportunities once the platform is deployed within a company. As the platform matures it will become available for large enterprises, cloud-managed service providers, cloud service providers, and systems integrators, resulting in larger annual contract values.
The York IE team spends a lot of time analyzing current and potential market size for any investment opportunity, and it is no secret that we harp on the benefits of bottom-up market sizing. We can quote Gartner predictions that worldwide public cloud spend will grow to $332 billion in 2021, or that the cloud IT service management market is $16 billion and growing at a 15% CAGR, but those statistics don’t accurately represent the opportunity that CloudTruth is targeting. Additionally, in early-stage investments, it is obviously much more important to consider what the market size will be than what it currently is.
CloudTruth’s market opportunity is difficult to define for two primary reasons. First, public cloud use is still growing significantly, and DevOps as a practice is still fairly nascent. Many companies are still operating with a divide between their developer and operations teams. With an accelerated digital transformation stemming from the pandemic, more companies will be utilizing cloud resources, and they will be using more of them. This will make it a necessity for them to implement DevOps practices and hire the appropriate personnel. It’s no wonder that some analysts are predicting the DevOps market will grow to over $10 billion by 2025. Tools such as CloudTruth will become another necessity to ensure that they can manage their parameters, templates, environment variables, and secrets all from one central location.
Second, there is no unified configuration management platform in the market. Currently, configuration data and information is kept in disparate tools across a company’s DevOps team. In many ways, CloudTruth is working to create a new category within DevOps, and that is always difficult to quantify. In this situation, our team has to believe in relevant market trends and adjacent sector growth to believe that a company has a large opportunity. With regards to CloudTruth, York IE not only has deep conviction in the growth of cloud computing, DevOps, and cybersecurity/compliance but also in more detailed market dynamics that CloudTruth can capitalize on, such as tool/configuration sprawl, developer empowerment, and shift-left. It is our opinion that every DevOps team will need CloudTruth as their cloud networks continue to expand.
The competition CloudTruth will face as it looks to execute on its opportunity is divided into a few different groups, and the company will face additional competition as it adds features and functionality to the platform. But the York IE team believes that CloudTruth is creating a new category in the DevOps tooling market — unified configuration and secrets management — and that it will surpass any point solutions that fall under the larger umbrella of configuration management (ex., secrets managers) with its range of features and modules; not to mention its expansive dataset, while also providing necessary focus and depth that DevOps platforms cannot.
With the initial focus on universal secrets management, CloudTruth will face both legacy and startup competition. Large infrastructure and software vendors such as Amazon Web Services, Google, Microsoft and HashiCorp all provide solutions for secrets management. CloudTruth differentiates from these competitors by offering additional features such as end-to-end secret protection, comprehensive audit logging, role-based access control, extremely simple GUI and API access, and a system for protecting secrets through the automation pipeline. Furthermore, CloudTruth’s secrets manager has neutrality from the infrastructure platforms and can be used with any public cloud the customer chooses. This is very beneficial in the world of multi-cloud deployments.
Secrets management is an important piece of comprehensive cloud configuration management, and there are several startups such as Doppler, Akeyless, and now 1Password (via the acquisition of Secrethub) that are working to solve the issue. But these are point solutions that do not provide the unified approach the market needs. CloudTruth will differentiate with the features listed above and by solving problems related to configuration sprawl, which the secrets management-only vendors can’t help with.
Two other companies that are emblematic of future competition are Harness and Quali. Both of these startups are building platforms to help teams across the DevOps lifecycle with continuous integration, continuous delivery, cost management, and quality assurance. Both companies, especially Harness, already provide features and modules that cross over into configuration management, but it is not necessarily a core focus. In York IE’s opinion, CloudTruth could serve as a great complement to these platforms providing additional data and context from outside their platforms that are necessary for effective configuration management.
As can be seen, there are several players trying to help DevOps teams with cloud configurations. The York IE team believes this shows how significant the problem is, and it makes us excited to partner with the impressive team behind CloudTruth. CloudTruth has the potential to remove the complexity surrounding cloud configuration and in turn make the digital world much more secure.
Learn more about York IE’s investment portfolio.