Gee Wiz! The Armageddon of Cloud Attacks Incarnated
This bug is pretty damned close to Cloud Armageddon. https://t.co/VXkLMxqWmK— Corey Quinn (@QuinnyPig) August 27, 2021
We were planning on leading with the annual Stack Overflow developer survey’s results, because what could take precedence over that?! Well…maybe ChaosDB.
Israeli unicorn Wiz, co-founded by Assaf Rappaport former GM of Microsoft’s Israel R&D Center, disclosed a major vulnerability in Azure Cloud’s Cosmos DB, dubbing the hack ChaosDB. While the team at Wiz is indeed spearheaded by the former CTO of Microsoft’s Cloud Security Group as well, this is still a major disclosure – and some might claim, worth well more than the $40K price tag Microsoft was willing to pay for it. This has begged the question by many, will less ethical hackers be more inclined to sell such critical data to malicious hackers for a better price?! Chilling.
This comes hot on the heels of another major Azure disclosure, by yet another Israeli security company, Guardicore. Not a very good month for Azure Security. This vulnerability, a critical vulnerability in Hyper-V’s virtual network switch driver AKA the Critical 9.9 Vulnerability, the underlying technology in Azure Cloud, was found by security researchers Ophir Harpaz from Guardicore, and Peleg Hadar of Microsoft. You can see it discussed in detail at the upcoming Black Hat conference.
Interesting that Microsoft, which has (or had…) a better security reputation than AWS, is failing here—security is one of their key differentiators when competing against the nearly ubiquitous AWS, and against Google Cloud, which still leads in terms of market share.
It’s That Time of Year Again: The Stack Overflow Survey Says…!
In May this year, more than 80,000 developers responded to the beloved annual Stack Overflow Developer Survey, and the results were announced at the beginning of August. This is the survey basically everyone in the tech ecosystem waits for. It provides a glimpse of actual real-world numbers related to developer tools, platforms, programming languages, salaries, and much more. It’s a “by developers for developers” survey—the holy grail of developer insights—and we’ve taken a snapshot of a few interesting takeaways for you.
As you can see, according to Stack Overflow, AWS remains the front runner in the cloud wars. This is very much aligned with the less grassroots industry analysis by Gartner released at the tail end of July this year. Notably, AWS beat Microsoft and Google Cloud in the competition for the much-coveted $10 billion National Security Agency contract.
They also signed (along with Google Cloud), a $4 billion contract with the Israeli government for Project Nimbus (Israel’s flagship cloud-services project). Microsoft, which seemed to be gaining traction against. Its cloud competitors in the last quarter may lose steam the following major security breaches recently disclosed.
(On this note, AWS celebrated another major milestone this month: 15 years of Amazon EC2. Happy birthday!)
All of this just goes to show you that reaching maturity is indeed a marathon, not a sprint. We tend to consider technologies that are 10+ years old outdated, but the truth is, it takes roughly 15–20+ years for technology to truly be production-grade. You can see this holds true with databases as well, with MySQL and PostgreSQL still leading the pack, despite being launched in 1995 and 1996, respectively.
These days, you can’t go to any tech conference (particularly DevOps, cloud, and open-source conferences) without hearing the buzzword “Kubernetes” everywhere. But the reality is that Docker is still dominating the container sphere by far, as Kubernetes has inherent complexity issues. Docker is still the de facto platform on which developers build their applications, even though Kubernetes deprecated the Docker runtime (containers) in its latest version, in favor of CRI (container runtime interface) compliant runtimes.
The Israeli Ecosystem Is in a Unicorn and Buying Frenzy!
I’ve already lost count of the number of Israeli unicorns crowned this year. Yet another was named this month: automobile automation company, Otonomo, IPO’d on Nasdaq at a $1.4 billion valuation (through a SPAC merger). Israeli-led companies still continue to nab new and exciting Israeli startups, as the DevOps unicorn, Elastic, acquired Build Security, which will also serve as Elastic’s R&D center in Israel, (until now, Elastic was a remote-first company, with headquarters in the Netherlands) – this following acquisitions by JFrog and Cybereason recently.
We also were super excited to read about Cisco’s acquisition of our loyal client, Epsagon, earlier this month, at a whopping and well-deserved $500 million price tag! Congrats to Nitzan Shapira and Ran Ribenzaft on their exceptional vision and execution.
In other funding news, OwnBackup raised $240 million this month, kicking them up to a $3.35 billion valuation; Coralogix raised $55 million; and Fireblocks, the Israeli crypto-infrastructure startup, raised $335 million at a $2.2 billion valuation, just to name a few.
There Can’t Be a Roundup Without Israel “Cloud Nation” References
Not sure how we haven’t said this yet, but have we mentioned that Israel is the “a Cloud Nation?” Now we have proof.
Forbes released its annual The Cloud 100 ranking, and 10% of the companies on the list are Israeli. The list includes Gong, Forter, YotPo, Cloudinary, Rapyd, TripActions, Riskified(Forter, look out…), Sisense, Papaya Global, and Axonious.
Google also announced, at the end of last month, plans for a subsea cable that will run through Israel, connecting Europe and Asia in order to enable faster cloud access. Made possible by the normalization of relations between the Gulf states and Israel, the project is valued at $400 million. Which Brings Us to the Trillion-Dollar Cloud Paradox…apostrophe
Martin Casado and Sarah Wang wrote an excellent piece recently on how cloud seems like the right decision as an early stage startup, but then becomes quite a costly burden as companies grow – dubbing this the Trillion Dollar Cloud Paradox, if you haven’t yet, you should certainly read it. This was followed up by numerous online discussions and posts, as well as articles, such as this one on the New Stack by Nati Shalom, as it clearly struck a chord with many.
Albeit, the New Stack will tell you that the next era after cloud computing is sky computing, per distinguished computer science professors at University of California Berkeley, Ion Stoica and Scott Shenker. What do you think?