Second in a series of articles about the underlying factors that affect security posture We recently conducted a survey o...
Problem
The server operating system has not changed in 50 years
Our current server operating systems have not changed in 50 years and do not reflect modern day concerns for managing servers and cyber-security.
Today's servers are built for multiple users to run multiple programs, leaving large spaces open for targeted cyber attacks. Data breaches can cost even the best operations security teams $100M and can cause huge trust and brand issues for the companies involved.
It makes you wonder why the operating system hasn't changed in decades. Watch this video to learn what the problem truly is:
Solution
The future is unikernels
NanoVMs is a production-ready unikernel platform. A unikernel is an application that has been boiled down to a small, secure, light-weight virtual machine which eliminates general purpose operating systems such as Linux or Windows. This means that there are no users and no shell to login to and, more importantly, you can't run more than the one program you want to run inside.
Unlike containers unikernels are provisioned directly on the hypervisor without a traditional system like Linux. What this means is that we can run Linux applications faster and more safely than containers and even normal Linux systems.
There is massive interest in the operating systems research communities for unikernels, yet NanoVMs is first to market and runs existing software today with no porting or code modifications.
Unikernels are widely considered to be the next generation of cloud infrastructure for their speed and security. Our platform provides massive VM consolidation on a private cloud and ultra secure system that can run 1000s of vms/server.
Product
A safe, secure and controlled environment
NanoVMs allows users to control, build, and run unikernels anywhere with confidence. With NanoVMs, users can prevent hackers from violating their organizations, increase the speed of operations, and build a platform without worrying about servers.
NanoVMs has tooling to deploy unikernels to major public clouds like AWS and Google Cloud and also has an on-premise private cloud offering.
Traction
Paid trials with Amgen and revenue from the US Air Force
NanoVMs' innovative and secure technology has raised considerable interest in our product. We’ve filed multiple patents, one has been issued, and have had trials with Amgen and revenue from the US Air Force, among others.
As seen in:
Customers
A solution for all customers
Our customers run across a variety of markets, predominantly the finance, health, government, energy, and telecom industries. All of our clients are companies in notoriously targeted businesses. They have found that our product grants them full control and security, along with scalable and easy to maintain software improvements.
While our focus today is x86 based cloud/datacenter workloads we find the same challenges wherever we look. Unikernels as a newer architecture, have the potential of affecting beneficial change for lots of different workloads including different architectures such as ARM and different deployments like edge compute.
Like other software tooling in the space, our end users are primarily dev-ops professionals and developers. The financial buyer might come from the security side of the organization, so our sales motion utilizes a top down approach and our marketing, primarily through open source and education, utilizes a bottom up approach.
Business model
Subscriptions and fees for service
Our primary revenue comes from an annual subscription to our on-premise infrastructure platform which we price by cpu socket.
We see a very big future in helping clients that use private cloud workloads take advantage of the performance and security advantages of unikernels.
Not withstanding, we also offer subscriptions to small teams or individuals that wish to deploy their software as unikernels on the public clouds. Those plans start at $1/day and will get those customers priority bug fixes and feature development, along with access to expert kernel engineers that can help fix any problem they might have.
In addition, we offer dev-ops as a service, where we connect people with decades of experience with customers to help remedy their systems issues. We also offer performance engineering and consultation, which we price according to company size and service need. These are all used as a means of moving more organizations onto our infrastructure.
Market
Addressing 5 key markets
Cyber security is a fast growing market, estimated to grow at a CAGR of 11.9% for the next five years. NanoVMs taps into five key industries within this market: energy, healthcare, finance, telecom, and governments. By providing a product that appeals to all five of these markets, we believe we can achieve a revenue of $3M within the three years.
Traditional cyber security companies focus on detection and remediation not defense -- more importantly none of the solutions are working. We need a different approach.
A growing trend in the ecosystem is to "push left" security concerns into operations known as devsecops. Unikernels really embrace this notion and we believe this category will explode with unikernel adoption.
The private cloud market absolutely dwarfs the public cloud. Only less than 5% of North American compute is actually in the public cloud and that's a big market on it's own.
Just to paint the numbers the public cloud infrastructure market is already north of $30B today.
Competition
The production-ready unikernel platform in the industry
NanoVMs offers a first-to-market competitive advantage. We’ve outpaced massive competition from IBM and Dell, and have retained only a fraction of the attack surface that comes in a traditional Linux system.
There are many types of infrastructure one can provision on today and we feel the future needs less devops with more security.
Compared to Linux, the Nanos kernel has only a tenth of 1% of the attack surface.
There are plenty of infrastructure options in the ecosystem today. Some require very expensive devops while others wish to go "serverless". Likewise there are varying levels of security in the available infrastructure choices. We think you shouldn't have to choose between the two.
A lot of people new to unikernels confuse them with containers but the fact remains that containers are horribly insecure constructs. Unikernels don't just address container insecurity but they deal with fundamental security flaws in Linux itself. The world's largest tech companies are built on Linux: Google, Uber, Facebook, etc.
Vision and strategy
Building a more secure system
By reaching our investment goal, we plan to grow paid partnerships and to allocate funds to our sales and marketing efforts in order to increase our current traction.
We are going to continue to invest in our engineering efforts as well by hiring more kernel engineers. While we have good unikernel implementation today, there are many use cases we have not been able to tap yet that would greatly benefit from unikernels.
Among those include: SCADA, 5G, edge machine learning, etc. For instance today we are X86 only but we have plans on adding ARM support to enable some of these other edge based applications.
Unikernels are a fundamentally different architectural paradigm shift and as such represent a massive opportunity for many different deployments.
Funding
$1.5M in funding to date
We’ve currently have raised $1.5M in funding. Notable investors include Bloomberg Beta, Initialized Capital, L2 Ventures, and Hack VC.
We were also a part of the Alchemist Accelerator - the accelerator dedicated towards enterprise startups.
Founders
Ian Eyberg is the founder and CEO of NanoVMs. Ian previously worked at Appthority, an enterprise mobile security company as an early engineer. He has spoken at conferences throughout the world such as HighLoad++, GopherCon, SCALE and many more security and infrastructure conferences on the topic of unikernels. He currently holds multiple patents with notices of allowance on the subject.