4. @underscorevc
Serverless is
the future of
cloud-native
Serverless, or FaaS, is the glue
between the services in a
cloud environment.
Serverless is stateless and
event-driven, provides ease of
scaling, reduces operating
costs, and increases
productivity.
4Source:
https://medium.com/clouddon/waves-of-cloud-native-transformations-ef9
6a68ee238.
5. @underscorevc
Serverless offers unique benefits, certain
downsides, and new opportunities
5
Benefits Downsides
✔ Ease of scaling
— Serverless computing scales
applications automatically
— Provider takes care of replicating the
application’s functions and distributing
computing resources
✔ Reduced operating costs
— Reduces overprovisioning of servers,
and infrastructure management costs
✔ Productivity
— Developers only need to focus on the
code and the application itself, not the
infrastructure
✔ Decreased time to market
Vendor lock-in
— Users depend on the vendor’s other
services, making switching challenging
Lack of control
— Users are unable to cater computing
environment to application workloads
— Compliance, monitoring, debugging, and
security challenges have changed
Multitenancy
— Shared resources with other customers
can affect performance
Limited run-time capabilities
— Does not offer the same run-time as
containers or VMs
Knative is
allowing
users to
build solutions on
top of Kubernetes,
reducing lock-in
Start-ups have
been building
products to solve
many of these
early problems
6. @underscorevc
Serverless interest and adoption has been largely
driven by the large cloud providers…
Market Share
6
• AWS Lambda currently has
~80% marker share, as the first
to markets and the most
developed product
• Azure Functions is the second
largest player with ~10% market
share
• Google Cloud Functions is
estimated to have ~7% market
share
• The other players trying to get a
foothold in the market include
IBM Cloud Functions, Pivotal
Function Service and Red
Hat’s OpenShift Cloud
Functions
Source: CB Insights.
8. @underscorevc
What is driving serverless growth?
Category
8
1 Microservices
2 Stream & Edge
Processing
3 Batch Processing
4 IT Automation
Perspective Use cases
• Mobile and web apps
• HTTP REST APIs
• Chat bots
• Real-time analytics
• Microservices architectures requires an environment where
applications can be rapidly scaled independently
• The ease of scaling offered by serverless computing is
well-suited for a microservices architecture
• Stream processing requires real-time processing given the
unpredictability of its high volumes of data traffic
• Serverless enables edge processing which requires fast,
real-time response rates
• Scheduled batch processing needs are well-suited for
serverless because they are generally short-run and
requires minimal intervention
• Automated IT tasks can be initiated by serverless functions
because they are event-driven
Serverless is best suited to applications that have, short runtime of code, variable and
infrequent workloads, and are stateless and event-driven
• Real-time file/stream
processing
• Voice-enabled devices
• IoT backend
• CI / CD
• Backup
• Patching
• Data processing
o Jobs requiring intense
parallel compute, IO or
network access
9. @underscorevc
Is Knative
the future of
serverless?
● Knative allows developers to
build and run serverless
applications on Kubernetes
● Knative components enable
users to focus on writing the
code while the components
manage the Build, Serving,
and Eventing
● Knative runs on-premises, in
the cloud, or in a third-party
data centers, and codifies the
best practices shared by
Kubernetes-based
frameworks
9
Knative is a viable
open source
alternative to AWS
Lambda
Overview Key Implications
• Reduced vendor lock-in
— Runs on any infrastructure
that supports Kubernetes,
allowing enterprises to move
their workloads wherever they
run best
• Knative has strong tailwinds
with container adoption shifting
to Kubernetes
— In 2019, Kubernetes is
forecast to overtake ECS in
container orchestration
— On AWS, EKS will have a
larger share than ECS
• Alternatives to AWS Lambda
largely converging on a single
new standard
Note: Knative was developed by Google, in close partnership with Pivotal Software, IBM, and
SAP, and was launched in late 2018.
ECS: Amazon Elastic Container Service (including AWS Fargate).
EKS: Amazon Elastic Container Service for Kubernetes.
10. @underscorevc
What are the barriers to serverless adoption?
Category
10
1 Overall transition to
microservices
architecture
2 Monitoring / Alerting
3 Security
4 Storage
Perspective Opportunities
• Largely consulting, as
opposed to technology
focused
• Traditionally development was with monolithic architecture. IDC
estimates that ~60% of companies have not transitioned to cloud
native, thus are unlikely to adopt serverless
• Serverless adoption will be driven by microservices adoption
• With no access to the underlying infrastructure, monitoring, tracing,
and observability cannot be undertaken with agents, making
traditional logging tools inappropriate
• While serverless transfers many of the security concerns to the
cloud provider, it has also created new security risks that are a blind
spot for most enterprise IT and security leaders
• The stateless nature of serverless makes it difficult to support
applications that have fine-grained state sharing needs
• This is largely due to the limitations of existing storage services
offered by large cloud providers
Serverless computing will grow as along with new risks inherent in both application
disaggregation and multi-tenant resource sharing
• Storage likely to remain
with major vendors
(capital requirements /
security risks)
• IOPipe
• Dashbird
• Protego
• PureSec (acquired)
• Thundra
11. @underscorevc
What does
serverless
need?
11
These are ideas,
largely based on
thoughts from the
developer community,
that would help
adoption
Automation Ideas (RPA) Cloud provider improvements
• Ruby for serverless
— AWS Lambda introduced
support in Nov-18
— Currently still unavailable on
other providers
• Faster “cold starts”
— When an application hasn’t
been used it take longer to
start up, leading to increased
latency
— Especially problematic in Java
and C#, and for enterprises
using VPC’s(1)
• Increased run-times
— Lambda recently increased to
15 minutes
— Azure and Google currently
offer 10 minutes
Note: AWS Lambda natively supports Java, Go, PowerShell, Node.js, C#, Python, and Ruby
code.
(1) Certain enterprises must deploy through VPC’s due to security compliance. This can
add up to 10 seconds on cold starts.
• Refactor at runtime
— A software platform could
analyze code at runtime and
identify slowest parts
— Software then takes this
section of code, creates a
Lambda function,
automatically deploys, and
sets up a SNS trigger
• Deployment automation
— A platform that allows you to
run all serverless function in
one local file
— At deployment, the code is
automatically split and
deployed in a way that make
sense for the app (potentially
like webpack)
14. @underscorevc
Serverless monitoring, tracing, and alerting
14
A shift towards serverless has meant that new DevOps tools are needed
• Early-stage startups are currently providing the
leading products for serverless monitoring
• Larger application monitoring companies are
beginning to move into the space
• Products released to date have largely focused
on:
o Function tracing
o Monitoring and alerts
o Debugging tools
o CPU profiling
o Cost analysis (CloudZero)
o CloudWatch data analysis
Notable companies / products
Seed
Later
Stage
Service
Provider
Note: In June-18, AWS added CloudWatch Logs Insights into the Lambda monitoring console.
Denotes Underscore portfolio company.
15. @underscorevc
Serverless monitoring companies
Company
15
Overview
• IOpipe is the serverless DevOps platform built for teams building and
running event-driven serverless architecture
• The company’s technology provides full observability and dev tools
for building, shipping, and running serverless applications. Tools
include, profiling, monitoring, logging, and metrics
• Location: Philadelphia, PA
Funding
Seed-3: $2.0m (Aug-18)
Seed-2: $2.5m (Aug-17)
Seed-1: $1.0m (Jan-17)
Investors
• Boldstart
• Correlation
• Madrona
• NEA
• Underscore
• Dashbird’s product helps developers build and maintain serverless
applications
• The company's technology help to resolve the problem of monitoring
and debugging fixes by developing serverless architectures to build
more scalable and cheap back end applications
• Dashbird uses CloudWatch logs in order to offer in-depth analytics,
and the 2 minute setup doesn't require any code changes
• Location: Tallinn, Estonia
Seed: $0.8m (May-18) • Icebreaker VC
• Passion Capital
Serverless observability and monitoring tools stand out as an attractive investment area in
serverless, with IOPipe and Dashbird providing leading products in the space
Source: Pitchbook, CrunchBase.
Denotes Underscore portfolio company.
16. @underscorevc
Serverless monitoring companies
Company
16
Overview
• Lumigo is a developer of a serverless operations platform designed to help
organizations to build their cloud applications.
• The company's platform allows full visibility and traceability of serverless
applications including 3rd party services, enabling enterprises to prevent
services disruptions before they happen through actionable alerts based on
user and entity behavioral analytics
• Location: Tel Aviv, Israel
Funding
Seed: $8.0m (Jan-19)
Investors
• Grove Ventures
• Pitango VC
• Meron Capital
• Thundra is a developer of software designed to provides deep insight into
the entire serverless environment
• The company's software offers full observability, debugging and
performance tracking by identifying and solving performance problems in
their AWS Lambda environments with minimal to zero coding and no
additional overhead
• The software enables clients to adopt serverless architectures and to
customize and configure monitoring for any use case
• Location: Boston, Massachusetts
Seed: $1.5m (Oct-18) • Battery Ventures
Serverless observability and monitoring tools stand out as an attractive investment area in
serverless
Source: Pitchbook, CrunchBase.
18. @underscorevc
Serverless security – Market map
18
Complete
cloud-nati
ve security
Serverless
only
Seed Series-A Series-B ≥Series-C
Serverless transferred many application security risks to the provider but also created new
risks as monitoring becomes harder, the attack surface grows, and dependencies increased
• There have been pure-play serverless
security start-ups along with new products
from established players
• VMWare recently acquired Intrinsic, and
Palo Alto Networks also acquired both
PureSec and Twistlock
• The products released have largely
focused on:
o Function testing (Dev)
o Library vulnerabilities (Dev & CI/CD)
o Runtime firewalls (Deployment)
o Container security (Deployment)
o Function monitoring (Production)
o Permission monitoring (Production)
Note: Companies shown have published, or presented, extensive materials around
serverless security. Dollar amount represents funding to date / pre-acquisition.
Intrinsic (Undisclosed), PureSec (Undisclosed), and Twistlock ($410m) were acquired
between May-19 and August-19.
($2.0m)
(Acquired)
($32.0m)
($100.0m)
(Acquired)
(Acquired)
19. @underscorevc
Serverless security acquisitions
Company
19
Overview
• Puresec is a developer of a cloud-based cyber security platform
designed to provide network protection for serverless architectures
• The company's cloud-based cyber security platform seamlessly
integrates with serverless applications and provides instant
protection against both known and unknown threats, enabling
companies to build and run applications and services without having
to manage infrastructure, resulting in saving time and money
• Location: Tel Aviv, Israel
While it was initially unclear if companies would buy/adopt serverless security point-solutions,
the increasing consolidation leads us to believe they will look for end-to-end solutions
Funding
Acquired by Palo Alto
Networks in Jun-19 for an
undisclosed amount
Series-A: $7.0m (Oct-18)
Seed: $3.0m (May-17)
Investors
• Square Peg
Capital
• TLV Partners
• Entrée Capital
Source: Pitchbook, CrunchBase.
• Intrinsic is a developer of a cyber security platform designed to
protect applications from exploits and malicious code.
• The company's cyber security platform is focused on node.js uses a
new application-level runtime virtualization technology to
automatically enforce security policies on applications, enabling
users to protect their applications from outside cyber threats.
• Location: San Francisco, CA
Acquired by VMWare in
Aug-19 for an undisclosed
amount
Seed: Undisclosed
(Aug-16)
• First Round
• a16z
• NEA
20. @underscorevc
Serverless security companies
Company
20
Overview
We are keeping a close eye on both Snyk and Protego to see if they are also acquired in the
wave of consolidation
Funding Investors
• Snyk is a provider of security analysis tools designed to identify
open-source packages.
• The company's security analysis tools secure authoring and
consuming of open-source code and offer tools that help to find, fix
and monitor known vulnerabilities in open source dependencies,
enabling clients to use open source without compromising security.
• Location: London, UK / Tel Aviv, Israel
Series-B: $22.0m (Sep-18)
Series-A: $7.0m (Mar-18)
Seed: $3.0m (Jan-16)
• Accel
• Boldstart
• Cannan
• GV
• Heavybit
Source: Pitchbook, CrunchBase.
• Protego Labs is a developer of security services designed to offer
full lifecycle security to serverless applications
• The platform works by continuously scanning serverless
infrastructure, including functions, logs and databases, to increase
the application's security posture and minimize the attack surface,
using machine learning based analysis and deep learning
algorithms, enabling users to identify and prevent attacks in real time
• Location: Baltimore, Maryland
Seed: $2.0m (May-18) • Glilot Capital
• Ron Gula
(Tenable
founder)
• Tim Belcher
(NetWitness
founder)
22. @underscorevc
Serverless infrastructure
22
Serverless infrastructure consists of the hosted and installable platforms, along
with the software platforms that tie the software stack together
• Hosted platforms
o This market is largely dominated by AWS Lambda, Azure Functions, and Google Cloud Functions
o Startups have build platforms to extend capabilities, or for specific use cases. I believe these products will
struggle to gain widespread traction as most customers have pre-existing relationships with a large provider
• Installable platforms
o Knative is forecast to make most of the installable platforms obsolete, with it predicted to become the new
standard
• Other software platforms
o New products are being developed, on top of Kubernetes and Knative, to create better multi-cloud serverless
management platforms
23. @underscorevc
Serverless infrastructure companies
Company
23
Overview
• Triggermesh is an open-source multi-cloud serverless management
platform for deploying, orchestrating and migrating serverless
workloads across clouds
• The company's platform helps developers deploy and manage
serverless functions on any leading public cloud or in their own data
center, enabling clients to reduce recurring engineering costs,
automate the complete serverless lifecycle and improve the process
of building serverless applications
• Location: Research Triangle Park, North Carolina
Funding
n.a. (founded Jul-18)
Investors
• n.a.
• Nuweba is a developer of a fast and secure serverless platform
designed to offer advanced application security and deep visibility
services
• The company's platform aims to overcome the speed, security
and visibility challenges facing serverless technology, as well
as offers enterprise-grade, application level security and all-around
deep visibility of how applications are running in real-time
• Location: Tel Aviv, Israel
Seed: $4.8m (Feb-19) • Magma Venture
Partners
• Target Global
Source: Pitchbook, CrunchBase.
24. @underscorevc
Serverless infrastructure companies
Company
24
Overview
• Nimbella is a pure serverless cloud that leverages the public cloud
infrastructure and can be extended to private on-premise
infrastructure. It is built on open standards, giving developers full
control over their architecture and code, without vendor lock-in.
• The product is designed from the ground up to address the needs of
event-based applications, long running applications, stateful
workloads, and more complex use cases that employ artificial
intelligence and machine learning
• Founders were primary authors of Apache OpenWhisk
• Location: San Francisco, California
Funding
Seed: $4.0m (Oct-18)
Investors
• Engineering
Capital
• Elefund
• Converge
• Binaris is a provider of a function as a service (serverless) platform
intended to bring development agility to demanding and emerging
applications
• The company’s serverless platform focusses on high speed function
invocation to extend serverless to demanding applications like online
gaming, bidding and trading systems, enabling developers to
compose functions together in a microservice architecture, while
maintaining predictable response times in the milliseconds
• Location: Tel Aviv, Israel
Con-note: $2.5m (Jun-18)
Seed: $3.9m (Oct-18)
• Meron Capital
• Cardumen
Capital
• Lightspeed
• Engineering
Capital
• Dell Capital
Source: Pitchbook, CrunchBase.
26. @underscorevc
Serverless
characteristics
and use cases
Short runtime of code
● Designed to execute code for
seconds or milliseconds, thus not
useful for long-running
applications
Variable and infrequent workloads
● Minimizes infrastructure related
costs for applications that do not
need to be running all of the time
Stateless and event-driven
● Functions are spun up and down
quickly, and data from the
execution is neither saved nor
made available for the next
execution
26
Serverless Characteristics Serverless Use Cases
Microservices
● Ease of scaling well-suited for a
microservices architecture
Stream & Edge Processing
● Requires fast, real-time responses
of unpredictable data traffic
Batch Processing
● Well-suited as they are generally
short-run and requires minimal
intervention
IT automation
● Tasks such as backup or patching
are well suited as they are
event-driven.