What's 🔥 in Enterprise IT/VC #254
What does the day one launch of an $8.5 Billion developer first company look like and why developer experience matters?
For followers of this newsletter, you’re quite familiar with my journey with Snyk from day one in middle of 2015 and the fact that we’ve invested in every single round since then. The book is still being written but I learn so much every day as the company continues to grow and scale and I love sharing the lessons learned along the way. With that, a heartfelt and huge 👏🏼 to Guy Podjarny and Peter McKay and the entire, amazing Snyk team on this milestone.
To be honest the best founders don’t set out to build $10B companies, they start with solving a nagging problem that they believe needs to be fixed and bring a unique TECHNICAL insight to solve that problem 10-100x better. For Guy and team it was to build a “developer friendly security” platform starting with OSS code and third party packages, to make it so easy for developers to not only test but also FIX and constantly monitor the packages they are using. Sounds simple but the developer experience was so 🔑 and something they still maniacally focus on today. And if you want the full playbook, I shared that in What’s 🔥 earlier this year.
Here is the original launch of Snyk at the Velocity Conference, 10/29/15 with co-founders Guy Podjarny and Assaf Hefetz (missing Danny Grander). It’s a must-see video because at the time many were not convince of the need for “developer friendly security” and the team knew that part of their mission was simply educating the market on the why. Building a movement takes time! I remember it took a couple years for this to truly take hold and hit the 100k a month download mark.
And bravely they did a live demo with code - can’t be dev first without the code!
Started with individual developers and eventually expanded to some of these early teams…
The coolest part of all of this is the product north 🌠 and message continue to be the same - “developer friendly security.”
Here’s Guy from his post last week reiterating the why and the how
Which gets us to the last and most important point — developers.
Digital transformation hinges on independent developers working continuously and rapidly. Businesses live or die depending on how well — and how quickly — their dev teams are able to build new functionality, get it to customers, and adapt to what they learn. Cloud removes barriers, giving developers more control over the underlying infrastructure, and accelerating the deployment of new updates.
Developers are also the only way we can scale security. From writing safe code to updating a vulnerable open source library to configuring infrastructure correctly, developers are the ones making the decisions that decide how secure the app is. If we equip them with the right tools, and give them the mandate and process to use them, they can build security in and stay ahead of the attackers. If we don’t — we’re never going to keep up.
And so, I would repeat the question — how can developer security be anything but an enormous market? How can we afford, as an industry and a society, to not invest in developer security and do all we can to accelerate its adoption?
At Snyk, we are committed to doing precisely that — get developers to embrace security, and build it into the fabric of software development
Believe it or not, the hardest part as you keep growing is to maintain focus and to be relentless on not forgetting the product north 🌠 that got you here in the first place. Snyk has continued to focus on that developer experience and now
is already used by millions of developers and more than 1,200 customers worldwide, including Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce. Snyk customers and users collectively have run more than 300 million tests in the last 12 months and fixed more than 30 million vulnerabilities in the last 90 days.
Snyk creates a seamless developer experience for security that embeds application and security intelligence in a SaaS platform with products that directly address both the needs of legacy as well as modern technology stacks, including open source, containers and infrastructure as code.
As always, 🙏🏼 for reading and please share with your friends and colleagues. Also, “never forget” 9/11 and please take a moment to reflect on that time…
👇🏼 Solid advice for future founders
So what does a Product Manager do?
Getting harder to standout at YC and giving up even more equity than before really makes you 🤔 (Axios Pro Rata)
What’s more: YC this year cut its own investment in participating startups from $150,000 for a 7% ownership stake to $125,000 for the same stake (via SAFE note), slashing the pre-money valuation from just under $2 million to $1.66 million. It also cut its pro rata rights to a 4% cap.
Investors have long complained about the discount YC gets and this change has only turned up the volume.
What they're saying: “Pretty much everywhere in venture things have gotten better for founders — more money, higher valuations, less dilution, more favorable terms, more (promised) value-add,” says one investor, who runs a specialized accelerator. “Except YC, where founders now seem to be getting a worse deal.”
👇🏼💯 just the beginning - and as @shomikghosh21 from my team says, spells out a big portion of our investment thesis the last 10 years - add security to this mix like @snyksec and Infra as Code @env0 and shift left testing @atomicjar…
AWS in 2006 and AWS today - EC2 and S3 still driving huge portion of sales - read 🧵 along with original deep dive from Jordan Novet at CNBCGreat breakdown, still EC2 #1 for the 💰 Reminds me of post I wrote in 2006, many VCs were quite skeptical of startups built on EC2. Web scale consumer cos were 1st to take advantage, amazing what world looks like today 15 yrs later where it is default beyondvc.com/2006/11/utilit…
Jordan Novet @jordannovetfor months i went around asking people, where does AWS' profit come from? here's the result of that work. it's not comprehensive by any means, but it is meant to give people a rough sense https://t.co/sd1NMtok1T
I ❤️ Docker but here’s a story on what happened to the business of Docker, an artistic success for sure but still TBD on the business side - great interviews with several executives with solid feedback from Solomon Hykes, the founder - focus matters!
“We never shipped a great commercial product,” Hykes told InfoWorld while on vacation in France this summer. “The reason for that is we didn’t focus. We tried to do a little bit of everything. It’s hard enough to maintain the growth of your developer community and build one great commercial product, let alone three or four, and it is impossible to do both, but that’s what we tried to do and we spent an enormous amount of money doing it.”
With the benefit of hindsight, Hykes believes that Docker should have spent less time shipping products and more time listening to customers. “I would have held off rushing to scale a commercial product and invested more in collecting insight from our community and building a team dedicated to understanding their commercial needs,” Hykes said. “We had a window in 2014, which was an inflection point and we felt like we couldn’t wait, but I think we had the luxury of waiting more than we realized.”
Craig McLuckie, Kubernetes cofounder and now vice president at VMware, says he offered to donate Kubernetes to Docker, but the two sides couldn’t come to an agreement. “There was a mutual element of hubris there, from them that we didn’t understand developer experience, but the reciprocal feeling was these young upstarts really don’t understand distributed systems management,” he told InfoWorld
More on developer experience from Jean Yang (Akita Software) on the a16z blog - a must read
What I mean by developer experience is the sum total of how developers interface with their tools, end-to-end, day-in and day-out. Sure, there’s more focus than ever on how developers use and adopt tools (even in consumer tools), and there are entire talks and panels devoted to the topic of so-called “DX” — yet large parts of developer experience are still largely ignored. With developers spending less than a third of their time actually writing code, developer experience includes all the other stuff: maintaining code, testing, security issues, addressing incidents, and more. And many of these aspects of developer experience continue getting ignored because they’re complex, they’re messy, and they don’t have “silver bullet” solutions.
One of best reads on building a career in Developer Relations from Slack and what a career arc looks like…
Developer Relations at Slack is currently a 12-person-strong team, and at this size, we’re generalists by preference and by necessity. Everyone writes docs, everyone builds tools and sample code, everyone gathers and shares developer feedback, and everyone works on events. We also come from different backgrounds: people on our team have joined us from core engineering, from developer support, from non-engineering operations roles, and some have been doing DevRel their entire careers. For our whole team, we have a single path.
Even for us, this path is imprecise, designed to be a set of guidelines rather than a series of job descriptions. Not everyone’s role will be neatly outlined by the content of the path, and, in my opinion, that’s not the point.
Wannabe dev first? Simply ❤️ the growth hacks from Max Stoiber and the GraphCDN team to offer true value for community
🤯 Microsoft to spend $20 Billion on cybersecurity over the next five years!
What’s web3? How do you get started?