VMware and Google Cloud have extended their partnership with the launch of a new offering which enables organisations to run their VMware workloads in Google Cloud Platform (GCP).

The product, the snappily titled Google Cloud VMware Solution by CloudSimple – the latter being a verified VMware cloud partner – will give customers the opportunity to run VMware workloads on-prem, in the cloud, or as part of a hybrid architecture.

Both sides naturally came across as agreeable in the soundbites. “With VMware on Google Cloud Platform, customers will be able to leverage all of the familiarity and investment protection of VMware tools and training as they execute on their cloud strategies, and rapidly bring new services to market and operate them seamlessly and more securely across a hybrid cloud environment,” said VMware COO Sanjay Poonen.

Google Cloud CEO Thomas Kurian noted similarly in a blog post confirming the news. “Customers have asked us to provide broad support for VMware, and now with Google Cloud VMware Solution by CloudSimple, our customers will be able to run VMware vSphere-based workloads in GCP,” wrote Kurian. “This brings customers a wide breadth of choices for how to run their VMware workloads in a hybrid deployment, from modern containerised applications with Anthos to VM-based applications with VMware in GCP.”

The move – as Poonen noted – meant VMware now supported the five largest clouds, in this instance AWS, Azure, Alibaba and IBM alongside Google. VMware’s dealings with AWS are better known; the launch of AWS Outposts last November all-but brought the house down at re:Invent when CEO Pat Gelsinger took to the stage. Outposts enables organisations to deliver a ‘truly consistent hybrid experience’, in the company’s words, either AWS-native or running VMware Cloud on AWS.

VMware’s positioning as a partner has been long in coming and is coming to a head now. In February 2015, this publication put out an op-ed titled ‘Here’s why VMware hasn’t left it too late with its hybrid cloud push.’ Back then, VMware’s move to cloud was relatively late, having previously had a long-standing heritage in virtualisation. Many companies had their aborted attempts to move into the public cloud – CenturyLink and Verizon to name two in the telco space – yet VMware evidently saw two apparent trends.

Enterprises were not only going to focus on a handful of primary players for their public cloud infrastructure – and not focus on just one vendor but go multi-cloud – but they were also not going to give up certain on-prem assets.

You can read the full Google Cloud blog here.

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

VMware and Google Cloud have extended their partnership with the launch of a new offering which enables organisations to run their VMware workloads in Google Cloud Platform (GCP).

The product, the snappily titled Google Cloud VMware Solution by CloudSimple – the latter being a verified VMware cloud partner – will give customers the opportunity to run VMware workloads on-prem, in the cloud, or as part of a hybrid architecture.

Both sides naturally came across as agreeable in the soundbites. “With VMware on Google Cloud Platform, customers will be able to leverage all of the familiarity and investment protection of VMware tools and training as they execute on their cloud strategies, and rapidly bring new services to market and operate them seamlessly and more securely across a hybrid cloud environment,” said VMware COO Sanjay Poonen.

Google Cloud CEO Thomas Kurian noted similarly in a blog post confirming the news. “Customers have asked us to provide broad support for VMware, and now with Google Cloud VMware Solution by CloudSimple, our customers will be able to run VMware vSphere-based workloads in GCP,” wrote Kurian. “This brings customers a wide breadth of choices for how to run their VMware workloads in a hybrid deployment, from modern containerised applications with Anthos to VM-based applications with VMware in GCP.”

The move – as Poonen noted – meant VMware now supported the five largest clouds, in this instance AWS, Azure, Alibaba and IBM alongside Google. VMware’s dealings with AWS are better known; the launch of AWS Outposts last November all-but brought the house down at re:Invent when CEO Pat Gelsinger took to the stage. Outposts enables organisations to deliver a ‘truly consistent hybrid experience’, in the company’s words, either AWS-native or running VMware Cloud on AWS.

VMware’s positioning as a partner has been long in coming and is coming to a head now. In February 2015, this publication put out an op-ed titled ‘Here’s why VMware hasn’t left it too late with its hybrid cloud push.’ Back then, VMware’s move to cloud was relatively late, having previously had a long-standing heritage in virtualisation. Many companies had their aborted attempts to move into the public cloud – CenturyLink and Verizon to name two in the telco space – yet VMware evidently saw two apparent trends.

Enterprises were not only going to focus on a handful of primary players for their public cloud infrastructure – and not focus on just one vendor but go multi-cloud – but they were also not going to give up certain on-prem assets.

You can read the full Google Cloud blog here.

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Containers, when utilised properly, can significantly improve an organisation’s efficiency through speeding up development and automating processes. Yet like with so many technologies before it, security was never quite at the top of the priority list.

StackRox and Skybox Security, two California-based cybersecurity providers, have issued reports over the past week which come to similar conclusions: organisations are struggling with the sprawl of major container and Kubernetes adoption, with security taking a hit as a result.

The industry figures reveal the extent of the concern. In May, this publication noted that the 2019 KubeCon event felt like a milestone for the industry. At the time of Kubernetes being upgraded as a ‘graduate’ of the Cloud Native Computing Foundation (CNCF) last March, Redmonk research found almost three quarters (71%) of the Fortune 100 were using containers in some form.

These are emphasised further by the current reports. StackRox found that, of the 390 IT professionals surveyed across industry, more than four in five had adopted Kubernetes. This 51% increase on just six months ago was described by the company as ‘staggering.’

It is worth noting at this juncture that, of course, container vendors take great care in securing their products in the first place. But this begets another discussion around where responsibility begins and ends.

This publication has variously reported on incidents where cloud infrastructure vendors explore the limits of how much they can guide their customers. Amazon Web Services (AWS), for instance, launched an offering in November which offered further protection to customers lest they launch a public S3 bucket by mistake. Previously, the company had revamped its design, giving public buckets bright orange warning indicators.

It is a similar theme here. With containers in particular, environments change frequently. Old container images, with known vulnerabilities, can be replicated and spread through various cloud infrastructures. Skybox found that vulnerabilities in cloud containers have increased by 46% year over year, and 240% compared to 2017. Despite this, less than 1% of newly published vulnerabilities were exploited in the wild.

The StackRox report focused more on general security trends. Two in three organisations polled had more than 10% of their applications containerised, yet two in five (40%) remained concerned their container strategy does not sufficiently invest in security. When it came to what organisations wanted, there were seven core capabilities respondents cited in a container security solution. These were, in order, vulnerability management, compliance, visibility, configuration management, runtime threat detection, network segmentation, and risk profiling and prioritisation.

“Organisations are putting the operational benefits of agility and flexibility at risk by not investing in security,” said Kamal Shah, StackRox CEO. “Containers and Kubernetes have moved well beyond the early adoption phase – security must be built-in from the start, not bolted-on after the fact, for organisations to securely realise the full potential of cloud-native technologies.”

Amrit Williams, Skybox VP products, added: “It’s critical that customers have a way to spot vulnerabilities even as their environment may be changing frequently. They also need to assess those vulnerabilities’ exploitability and exposure within the hybrid network and prioritise them alongside vulnerabilities from the rest of the environment – on-prem, virtual networks and other clouds.”

You can read the StackRox report here (email required) and the Skybox report here (email required).

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Capital One has confirmed a ‘data security incident’ which affected more than 100 million customers in the US and Canada – and while Amazon Web Services (AWS) has been identified as the receptacle in which the data was stolen, both customer and vendor appear not to be to blame.

Paige A. Thompson, otherwise known as ‘erratic’, was arrested on Monday and appeared in court in Seattle on a charge of computer fraud and abuse. According to the criminal complaint document (pdf), a ‘firewall misconfiguration’ ensured the vulnerability of the Capital One cloud server.

On July 17, a previously unknown individual emailed Capital One’s responsible disclosure address pointing it to a GitHub account where leaked data resided. “Capital One determined that the [file] contained the IP address for a specific server,” the document notes. “A firewall misconfiguration permitted commands to reach and be executed by that server, which enabled access to folders or buckets of data in Capital One’s storage space at the Cloud Computing Company.”

That cloud computing company, it was later confirmed, was Amazon. The original email, alongside a Slack message purportedly from Thompson, mentioned S3, AWS’ primary storage product. Amazon confirmed this to Bloomberg, adding that the data ‘wasn’t accessed through a breach or vulnerability in AWS systems.’ AWS also confirmed that Thompson had previously been an employee of the company, last working there in 2016.

Capital One is a well-known AWS customer; the company selected Amazon as its ‘predominant cloud infrastructure provider’ in 2016, with the news announced in conjunction with AWS’ re:Invent customer gathering. The financial services provider said at the time it was advocating a cloud-first mindset, with plans to migrate the majority of its core business and customer applications to AWS over the coming five years.

From Capital One’s perspective, the company praised its cloud-first system for the speed at which it was able to remediate the incident. Putting together a specific question-and-answer on the subject in its press materials, Capital One wrote: “This type of vulnerability is not specific to the cloud. The elements of infrastructure involved are common to both cloud and on-premises data centre environments.

“The speed with which we were able to diagnose and fix this vulnerability, and determine its impact, was enabled by our cloud operating model.”

Capital One noted that no credit card account numbers or login credentials were compromised, as well as less than 1% of social security numbers. The press materials curiously noted that ‘no bank account numbers or social security numbers were compromised, other than… about 140,000 social security numbers of… credit card customers.’

Alex Heid, chief research officer at SecurityScorecard, described the company’s response as ‘commendable’, particularly in its disclosure and bug hunting practices, but added a caveat. “From the standpoint of any business handling large amounts of data, the use of third-party hosting services within cloud computing environments is an unavoidable reality of the modern era,” said Heid. “The attack perimeter of a network goes beyond the organisation itself and is often intertwined with a collection of third-party vendors.

“In addition to making use of a continuous monitoring service for all external assets is an important part of understanding the scope, implementing a bug bounty reporting program will go a long way in making sure there’s always an ‘extra set of eyes’ on assets of value.”

You can take a look at the Capital One page dedicated to the incident here.

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

As the largest players have published their most recent financial results, Gartner has weighed up the situation and looked into its crystal ball – and has given Amazon a greater advantage than before.

The analyst firm has put together its latest forecast around the global infrastructure as a service (IaaS) market and found growth of 31.3% in 2018. The worldwide IaaS market was rated at $32.4 billion (£26.2bn) last year, up from $24.7bn in 2017.

Amazon Web Services (AWS) was pegged by Gartner at having almost half (47.8%) of total market share, significantly ahead of Microsoft with 15.5%. Alibaba takes the bronze medal on 7.7%, with Google (4.0%) and IBM (1.8%) rounding off the top five. It's worth noting however that Gartner's 2018 IaaS Magic Quadrant put Google in as a leader, alongside AWS and Microsoft, for the first time.

Not surprisingly, Amazon shows the lowest growth across the four largest players between 2017 and 2018, with Alibaba (92.6% growth) taking the honours. Microsoft (60.9%) and Google (60.2%) scored comparatively, with Amazon (26.8%) trailing.

This makes for interesting comparison with another analyst, Synergy Research. In its most recently published figures, the company pins AWS as holding a third of the market, with Microsoft and Google at 16% and 8% share respectively.

Nevertheless, both analyst firms see a similar theme when it comes to the wider market. “Despite strong growth across the board, the cloud market’s consolidation favours the large and dominant providers, with smaller and niche providers losing share,” said Sid Nag, Gartner research vice president. “Only those providers who invest capital expenditure in building out data centres at scale across multiple regions will succeed and continue to capture market share.

“Google’s cloud offering is something to keep an eye on with its new leadership focus on customers and shift toward becoming a more enterprise-geared offering,” added Nag.

Synergy posits that the law of large numbers has taken effect in recent quarters; the growth among the largest vendors, while still strong, simply could not continue at the same pace. Yet as this publication put it when Amazon and Google’s results were released, it is not so much big numbers but big expectations. Amazon dipped on its $8bn quarter for AWS and got relatively pilloried, while Google Cloud got praise for its first $8bn run rate.

Gartner recommends that for those still looking to take a slice of the cloud infrastructure pie, particularly managed service providers, vertical industries and partnerships should be a key focus.

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

It is not only the law of large numbers which applies in cloud revenues, but also the law of large expectations. Amazon Web Services (AWS) reported revenues of $8.38 billion (£6.7bn) for its most recent quarter although a slight dip in growth saw pessimism from the analysts. Google Cloud, meanwhile, secured an annual run rate of $8 billion in its results to a much friendlier outlook.

Amazon’s downturn with AWS was seeing only 37% growth year on year, compared with 49% the previous year. AWS profit had risen almost 30% year over year, with the cloud infrastructure arm now comprising more than 13% of total revenues at Amazon.

Google, meanwhile, saw its ‘other revenues’ – of which Google Cloud is a part – climb to $6.18bn (£4.97bn) for the most recent quarter, up almost 40% year on year. Google does not disclose specific revenues around its cloud suite – for the second successive quarter, an analyst asked this very question – yet the noises were all good from Alphabet’s senior management.

“Customers are choosing Google Cloud for a variety of reasons,” Google CEO Sundar Pichai told analysts in what was described as ‘another strong quarter’ for the company. Pichai cited reliability and uptime, flexibility, scalable data management, and artificial intelligence and machine learning as key areas of differentiation.

Industry watchers will not be particularly surprised by these features, as it has been Google’s message for a while. In February Google Cloud chief exec Thomas Kurian – in his first major speaking gig since taking over the role – cited five ways Google differentiated from its hyperscale rivals, which essentially amounted to the above four alongside hybrid and multi-cloud capability.

Of the 42 bullet points which represented Amazon’s highlights over the quarter, AWS commanded 11 of them. Particular developments of note included the general release of Amazon’s managed blockchain service, as well as a major new customer in the shape of NASCAR. The quarter was more product-heavy from an AWS perspective than usual, including the launch of managed machine learning services Personalize and Textract, as well as AWS Security Hub, which gives customers a central area to managed security and compliance across AWS environments.

From Google’s side, key highlights included two acquisitions – storage provider Elastifile and business intelligence platform provider Looker – as well as the launch of a new data centre region in Osaka.

Ruth Porat, chief financial officer at Alphabet, added a little more context to the reporting. “[We’re] pleased with the performance of both [Google Cloud Platform] and G Suite,” she said. “Growth in GCP was led by strong customer demand for our compute and data analytics products and G Suite continues to deliver strong growth. Overall, GCP remains one of the fastest growing businesses in Alphabet, and we’re really pleased with how the team is executing on both.”

Amazon SVP and chief financial officer Brian Olsavsky told analysts it was a ‘really strong quarter’ for AWS and batted away concerns of a slightly lower performance. “We’ve been pretty transparent with our AWS revenue and income numbers – we’ve been breaking it out [from] 2015 and we’re very happy with the growth in absolute dollar terms,” said Olsavsky. “We’re seeing a pick-up from customers and their usage, their increased pace of enterprise migration, [and] increased adoption of our services, especially machine learning services.

“Continually again, AWS is being chosen as a partner to many companies because of our leadership position both in technology, our vibrant partner ecosystem, and also the stronger security that we offer,” Olsavsky added.

As far as this translates to the wider industry, the slight fall in yearly growth may have been expected. Indeed, analyst firm Synergy Research has been citing the law of large numbers in recent quarters; more than 100% growth across the hyperscale cloud providers simply could not go on forever. In terms of market share, Synergy notes AWS remains at a third (33%) of the market, with Microsoft at 16% and Google 8% respectively.

You can read the full Amazon earnings release here and the full Alphabet report here.

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

CircleCI has secured $56 million (£44.8m) in series D funding to further its presence and product – with one investor arguing the company is the ‘DevOps standard’.

The San Francisco-based provider of continuous integration and delivery software has taken its total funding to $115.5 million, having most recently raised $31m for its series C in January last year.

CloudTech explored CircleCI’s proposition on its series C round around automating built, test and deploy processes across organisations’ development cycles, particularly around its combination of ‘speed and solidity.’

Since then, the company has put together a lot more, including a more than quadrupled increase in monthly job count, alongside 75 new employees added in 2019 and the opening of a first international office in Tokyo. Hubs have been added in Boston and Denver, while more than 900 ‘orbs’ – putting commands and jobs into single, reusable lines of code – have been initiated.

Various research in recent months has explored both the technical and cultural aspect of DevOps implementations. According to Trend Micro, in a study released at the start of this month, more than three quarters (77%) of those polled said developers, security and operations teams needed to be in closer contact.

As this publication has covered variously, as architectures and cloud technologies have improved, then customer expectations have improved with it. “Every company today relies on software to continuously improve its products and business in order to keep up with consumers’ evolving needs and expectations,” said Rob Zuber, CircleCI chief technology officer. “We believe humans should never have to wait on machines. This new round of funding will better allow us to provide developers flexibility and control to power their workflows seamlessly.”

The funding round was led by Owl Rock Capital Partners and NextEquity Partners, alongside existing investors Scale Venture Partners, Top Tier Capital, Threshold Ventures, Baseline Ventures, Industry Ventures, Heavybit, and Harrison Metal Capital.

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

LinkedIn has announced the launch of a ‘multi-year migration’ project to Microsoft Azure.

The move will see LinkedIn move its infrastructure across, having already utilised Azure for a variety of services including video delivery and machine translation across the social network’s news feed.

“Today’s technology landscape makes the need for constant reinvention paramount, especially as we look to scale our infrastructure to drive the next stage of LinkedIn’s growth,” wrote Mohak Shroff, LinkedIn SVP engineering, in a blog post announcing the move. “With the incredible member and business growth we’re seeing, we’ve decided to begin a multi-year migration of all LinkedIn workloads to the public cloud.”

One would have expected, given Microsoft bought LinkedIn for $26.2 billion three years ago, that migrating to Azure would have been part of the plan. Yet Shroff told VentureBeat that this was not quite the case. Shroff noted that Microsoft allowed LinkedIn ‘independence in decision making’, adding that Azure wasn’t particularly pitched to them.

This is inferred in the blog post. The success of Azure, ‘coupled with the opportunity to leverage the relationship we’ve built with Microsoft, made Azure the obvious choice.’ “Moving to Azure will give us access to a wide array of hardware and software innovations, and unprecedented global scale,” added Shroff. “This will position us to focus on areas where we can deliver unique value to our members and customers.

“The cloud holds the future for us and we are confident that Azure is the right platform to build on for years to come.”

Microsoft released its fourth quarter results earlier this month to almost universal praise; the company saw total revenues go up 12% to $33.7 billion (£26.9bn). While revenue for Azure is not specifically disclosed, Microsoft said it climbed 64% compared with the previous year.

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Microsoft has unveiled its fourth quarter results to almost universal acclaim, with revenue up 12% to $33.7 billion (£26.9bn) and Azure revenue growth up 64%.

The company has been resolutely sticking to a theme on its earnings reports. "Microsoft Cloud drives record fourth quarter results," the release read this time last year. It was "Microsoft Cloud strength powers record first quarter results" three months hence, and for Q2, "Microsoft Cloud strength fuels second quarter results." 

Now, it was simply "Microsoft Cloud powers record fourth quarter results" – and it makes sense as to why. Revenue across its various buckets went up; intelligent cloud, which covers parts of Azure as well as server products and enterprise services, was at $11.4 billion up 19%, while productivity and business processes – focusing predominantly on Office 365 and LinkedIn – was at $11bn and up 14%. 

Speaking to analysts, Microsoft CEO Satya Nadella said the company was building Azure as 'the world's computer, addressing customer's real world operational sovereignty and regulatory needs.' Nadella noted the company's presence in Cape Town and Johannesburg, representing the first major move into Africa from a hyperscale cloud provider, as well as increased partnerships with Oracle, Red Hat and VMware.

"Azure is the only cloud with limitless data and analytics capabilities across the customer's entire data estate," said Nadella. "Our differentiated approach, from developer tools and infrastructure, to data and analytics, to AI, is driving growth. The world's leading companies trust Azure for their mission-critical workloads, including more than 95% of the Fortune 500."

Of those, the most recent – announced just yesterday – was AT&T, following a similar deal the telco penned with IBM. The partnership with Oracle, as this publication mused in June, was potentially another one with retail as a focus. Of the three customers cited in the press materials, two were large retailers, in particular Albertsons, whose CIO all-but-said in January that the move to Microsoft was partly down to Amazon's retail presence.

According to guidance released overnight by Synergy Research, Microsoft remains the clear number two in cloud infrastructure services, well behind AWS but significantly ahead of the chasing pack. The company remains the 'very clear' market leader in software as a service, with its growth rate above the market rate in both SaaS and IaaS.

The two cloud infrastructure leaders' competition is soon set to come to a head with the award of the single-vendor JEDI cloud computing contract from the Pentagon expected to be announced next week. 

You can read Microsoft's full results here.

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

IBM and AT&T have announced a multi-year 'strategic alliance' whereby the telco will utilise IBM's cloud, as well as the Red Hat platform.

The Armonk firm will make AT&T Business its primary provider of sofware-defined networking (SDN) alongside this, building on the companies' existing relationships around AT&T being IBM's strategic global networking provider.

Alongside the moves to preferred providers, the companies will also collaborate on various initiatives, including edge computing platforms. AT&T and IBM see benefits in both directions on this: using 5G speed at the edge of the network, enterprises will be able to get greater insights and efficiencies. AT&T naturally wants to play a part in the former, with IBM there at the latter.

The two companies have been long-time partners; at InterConnect in 2017, AT&T CEO Randall Stephenson joined IBM chief exec Ginni Rometty on stage to discuss the increasing 'enterprise strong' element of IBM's offering. "I don't believe we're more than three or for years away from being indistinguishable from the 'data cloud' to the 'network cloud'," said Stephenson at the time.

"Building on IBM's 20-year relationship with AT&T, today's agreement is another major step forward in delivering flexibility to AT&T Business so it can provide IBM and its customers with innovative services at a faster pace than ever before," said Arvind Krishna, IBM SVP cloud and cognitive software in a statement. "We are proud to collaborate with AT&T Business, provide the scale and performance of our global footprint of cloud data centres, and deliver a common environment on which they can build once and deploy in any one of the appropriate footprints to be faster and more agile."

This makes for an interesting comparison with Verizon, who moved to Amazon Web Services (AWS) as preferred public cloud provider in May last year. The operator said it was migrating more 1,000 business critical applications and backend systems as part of the process.

In 2017, AT&T signed an agreement with Oracle whereby the telco moved 'thousands' of its large scale internal databases to Oracle's IaaS and PaaS offerings.

CloudTech has reached out to AT&T and will update the story in due course.

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.