Akash & Riyaz have 35+ man years of experience of hacking into cloud accounts and guiding teams on security. All of that experience has been poured into the product.
In 2016, Riyaz and I started a cyber security services business focusing on the security of Apps and APIs hosted in the public cloud. We saw a repeated pattern, our customers' cloud accounts were badly configured and vulnerable to hackers while their apps and APIs were designed to withstand hacks. It became clear that application security has made rapid strides in the previous decade, cloud security hasn't kept up.
Initially, we figured that we could solve this by offering more services. Even then we were building for security teams. While this makes sense there are two truths we uncovered on this journey. First, there are nearly not enough security folks in the world today, let alone for the coming decade. Some estimates say 3 Million folks are needed. Almost in all teams who manage public cloud are engineering teams and security folks are at most advisors.
The public cloud opportunity is just about to take off 🚀. From current usage of about $268 Billion per year it is likely to go up to $1.2 Trillion by 2030! It became clear to us that if we ever hope to scale, we need to build the product for engineering teams who take care of cloud infra for their teams.
Some call themselves Site Reliability Engineers (SREs), DevOps (Developer Operations),platform engineers. and cloud admins.
Whatever is the role they identify themselves they need a product that has embedded security experience and best practices and will integrate with their workflow. There is a common misconception that this should only be done by shifting left. The truth is humans err, so while building security in at the early stage of development is useful we need to ensure that whatever is running in production is as secure as it was when it was first setup. This is what Kloudle does for engineers.