It seems that we are in the middle of a mini acquisition spree for Kubernetes startups, specifically those that can help with Kubernetes security. In the latest development, Venafi, a vendor of certificate and key management for machine-to-machine connections, is acquiring Jetstack, a U.K. startup that helps enterprises migrate and work within Kubernetes and cloud-based ecosystems, which has also been behind the development of cert-manager, a popular, open-source native Kubernetes certificate management controller.
Financial terms of the deal, which is expected to close in June of this year, have not been disclosed, but Jetstack has been working with Venafi to integrate its services and had a strategic investment from Venafi’s Machine Identity Protection Development Fund.
Venafi is part of the so-called “Silicon Slopes” cluster of startups in Utah. It has raised about $190 million from investors that include TCV, Silver Lake and Intel Capital and was last valued at $600 million. That was in 2018, when it raised $100 million, so now it’s likely Venafi is worth more, especially considering its customers include the top five U.S. health insurers, the top five U.S. airlines, the top four credit card issuers, three out of the top four accounting and consulting firms, four of the top five U.S., U.K., Australian and South African banks and four of the top five U.S. retailers.
For the time being, the two organizations will continue to operate separately, and cert-manager — which has hundreds of contributors and millions of downloads — will continue on as before, with a public release of version 1 expected in the June-July time frame.
The deal underscores not just how Kubernetes-based containers have quickly gained momentum and critical mass in the enterprise IT landscape, in particular around digital transformation, but specifically the need to provide better security services around that at speed and at scale. The deal comes just one day after VMware announced that it was acquiring Octarine, another Kubernetes security startup, to fold into Carbon Black (an acquisition it made last year).
“Nowadays, business success depends on how quickly you can respond to the market,” said Matt Barker, CEO and co-founder of Jetstack. “This reality led us to re-think how software is built and Kubernetes has given us the ideal platform to work from. However, putting speed before security is risky. By joining Venafi, Jetstack will give our customers a chance to build fast while acting securely.”
To be clear, Venafi had been offering Kubernetes integrations prior to this — and Venafi and Jetstack have worked together for two years. But acquiring Jetstack will give it direct, in-house expertise to speed up development and deployment of better tools to meet the challenges of a rapidly expanding landscape of machines and applications, all of which require unique certificates to connect securely.
“In the race to virtualize everything, businesses need faster application innovation and better security; both are mandatory,” said Jeff Hudson, CEO of Venafi, in a statement. “Most people see these requirements as opposing forces, but we don’t. We see a massive opportunity for innovation. This acquisition brings together two leaders who are already working together to accelerate the development process while simultaneously securing applications against attack, and there’s a lot more to do. Our mutual customers are urgently asking for more help to solve this problem because they know that speed wins, as long as you don’t crash.”
The crux of the issue is the sheer volume of machines that are being used in computing environments, thanks to the growth of Kubernetes clusters, cloud instances, microservices and more, with each machine requiring a unique identity to connect, communicate and execute securely, Venafi notes, with disruptions or misfires in the system leaving holes for security breaches.
Jetstack’s approach to information security came by way of its expertise in Kubernetes, developing cert-mananger specifically so that its developer customers could easily create and maintain certificates for their networks.
“At Jetstack we help customers realize the benefits of Kubernetes and cloud native infrastructure, and we see transformative results to businesses firsthand,” said Matt Bates, CTO and co-founder of Jetstack, in a statement. “We developed cert-manager to make it easy for developers to scale Kubernetes with consistent, secure, and declared-as-code machine identity protection. The project has been a huge hit with the community and has been adopted far beyond our expectations. Our team is thrilled to join Venafi so we can accelerate our plans to bring machine identity protection to the cloud native stack, grow the community and contribute to a wider range of projects across the ecosystem.” Both Bates and Barker will report to Venafi’s Hudson and join the bigger company’s executive team.