Category Archives: Featured

WSO2 API Management Strategy: Industry Observations and Implications

Recently we at WSO2 were asked by a leading analyst to outline our vision and strategy for the future of API management. We felt that our response captured much of our current and planned execution, so much so that we felt we needed to share it. Our culture at WSO2 has always been one of transparency, and in the past, we’ve even shared our financials.

Following are some of our positions on API management and additional market insights, as well as our vision of the composable enterprise. Stay tuned for additional strategy-related posts that dive more deeply into our technology “big bets” and direction.

How digital transformation is changing the landscape of APIs and digital connections

Current IT trends show that over the next few years, enterprises will find they need to deal with more than 1 trillion programmable endpoints and APIs. These will consist of traditional application APIs, data APIs, data streams, software component APIs, microservices, sensors, and IoT inputs as well. Indeed, everything may become an API.

Knowledge workers know this, and will want/need access to all these APIs/endpoints whether it’s only to create a basic SaaS-to-SaaS connection, or to create a more complex integration. Therefore, over the next 2 to 5 years, we expect that tools and processes will necessarily evolve to address this level of scale and complexity.

Additionally, infrastructures to support this huge quantity of endpoints will gravitate toward those optimized for microservices and serverless underpinnings. From a development perspective, current low-code integration approaches that involve centralized IT orgs and/or waterfall style processes simply will not scale. As a result, architectures will necessarily tend toward more decentralized, cell-based approaches underpinned by microservices and serverless.

With the trend toward trillions of endpoints, WSO2 believes much of what is today considered part of the “development” organizations will evolve to include API integration. The trend will be particularly strong where APIs serve as the core of digital apps and applications that rely on Internet of Things (IoT) data and artificial intelligence (AI). This is at the core of the disruption WSO2 sees in the coming years: that IT organizations tend less toward “development”, and more toward being “API integrators.” We call this new disruptive IT phase the composable enterprise, which will be fueled by the explosive availability and use of APIs and programmable endpoints.

The future of digital connections across enterprise boundaries

WSO2’s position is that API ecosystems across enterprises will expand as today’s software disaggregation (componentization) trends continue. Thus the composable enterprise will become a combination of both internal and external API-based services, each front-ended by private and/or public APIs. This API diversity—and dynamism—will inherently require hybrid API integration capabilities and distributed (rather than centralized) forms of management and governance.

To accomplish this, we see the use of distributed integration technologies, such as microgateways and micro ESBs, which necessarily operate in a decentralized fashion, bridging services from different sources, vendors, and enterprises.

From a business perspective, WSO2 sees ever-tighter service integrations across enterprises, suppliers, partners, and customers—all underpinned by API integration technologies. IT departments will become the “services supply chain managers.”

A perfect example is WSO2 customer Wells Fargo, which has successfully front-ended its organizations and systems with public APIs and gateways to accelerate new product and service delivery, as well as speed integrations with business partners. This form of API marketplace is being adopted by digitally driven organizations that are encouraging partners, suppliers, and even customers, to work more closely with their offerings.

Enter: the composable enterprise

The WSO2 vision of the composable enterprise does not imply a purely internal IT model, but rather an approach that spans the enterprise’s complete external service ecosystem as well.

The notion of the composable enterprise will involve closer, more secure, and more real-time digital interactions between vendors, suppliers, and customers—as well as for internal integrations. API-based interactions will also result in more rapid product and service innovation among all parties, creating new forms of value for customers, partners, and internal business units alike. Already, multiple forms of storefronts, macro-gateways, and monetization models are arising where enterprises are brokering their internal services for use by external entities.

Today, WSO2 customers are pursuing this vision. Wells Fargo, BNY Mellon, and StubHub are just three of many enterprises that are publishing their APIs, as well as basing their internal architectures on disaggregated components front-ended with APIs, gateways, etc.

Indeed, many leading companies are already basing the bulk of their revenue on the API economy, capitalizing on the business wave highlighted in by the Harvard Business Review back in 2015:

“…Salesforce.com generates 50% of its revenue through APIs, Expedia.com generates 90%, and eBay, 60%. Salesforce.com has a marketplace (AppExchange) for apps created by its partners that work on its platform; they now number more than 300. Expedia’s APIs allow people using third-party websites to tap its functionality in order to book flights, cars, and hotels. And APIs allow eBay to list its auctions on other websites, get bidder information about sold items, collect feedback on transactions, and list new items for sale-all of which give additional exposure to eBay items and increase revenue.”

Future drivers and shapers of API management

WSO2 sees the major pressures driving the future of the API management space as grouped into two main categories: the market drivers led by the demand for API business and the technology shapers, led by vendors and innovators.

Drivers of API demand aren’t entirely new, but they have recently risen in their influence on IT behavior:

  1. The trillion endpoints future: the trend toward every digital asset becoming a programmable endpoint and causing IT to create strategies to access these assets.
  2. Digital business competitive pressures: forcing organizations to more quickly find ways to digitally interact with suppliers, partners, and customers.
  3. Knowledge worker information consumption: where organic demand for nearly every digital asset begins with line-of-business users looking for new data and conveniences.
  4. SaaS-to-SaaS app integration: a trend increasing exponentially where every new SaaS app or component is more valuable each time it’s integrated with another.
  5. Machine learning: with applications of ML forcing both data at rest and data streams to become accessible and front-ended with APIs.

Similarly, API management is being shaped by adjacent systems and technologies, quickly maturing the use (and re-use) of software endpoint components:

  1. Microservices and serverless technologies: these are (and will be) driving massive app disaggregation because of the abstractions and simplicities they create for software deployment, directly leading to a world of more broadly distributed micro APIs and microgateways.
  2. Cloud native dynamic systems: growing class of distributed and dynamically changing microservices will cause API discovery and surveillance to become dynamic as well.
  3. Configuration-based integration tools (e.g. ESBs) and code-based integration programming languages (e.g. Ballerina): because, “Software is eating the world,” every company is being forced to make software and agile integration to become a core competency. This creates a world where forms of API integration need to become as agile as developers and organizations want them to be.
  4. API security, access and governance: these requirements are leading to the native integration between integration, access Management, and API management.
  5. The advent of distributed cell-based architectures: these new architectures will allow for decentralized development, test and deployment, speeding integration activities across organizations.

Implications WSO2 sees for the future of API management solutions

  • Implications for architecture: there will be a growing shift toward cloud-native architectures and a need for decentralized composable units of architecture. Each composable unit is what WSO2 terms a “cell”. Cells are defined by, and interfaced through, APIs; are governed by micro- and macro-gateways; include embedded control planes like service meshes; and are developed by decentralized, independent teams.
  • Implications for development agility: with the need to develop and maintain an increasing number of connections across the enterprise, an organization’s ability to remain agile while supporting this expanded connectivity, faces pressures. WSO2’s vision is not only enabling organizations to make these connections, but to empower development teams, DevOps, and operations to increase their adaptive agility while doing integration. Integration teams must become integration agile, adopting the tools, organization, and processes similar to agile development.
  • Implications for tools: all API management and integration tools will need to involve some form of distributed technology, and all will necessarily evolve to be microservice and serverless friendly, i.e.:
    • Provide distributed forms of observability and security
    • Offer multiple control planes
    • Support service meshes
    • Support hybrid orchestration architectures

In closing…

Here at WSO2, we’re betting that all developer organizations will eventually have to adopt integration skills as well — especially as all digital assets become accessible and programmable.

We’re also anticipating the result will be the composable enterprise, shifting business onto a digital ecosystem. And to facilitate that, we’re building open source integration tools, integration agile methodologies, and even programming languages, to help digitally driven organizations achieve this future.

Stay tuned for more of our technical “big bets” in a future blog.

Introducing the WSO2 Integration Agile Platform

Integration has become the sexiest sector of enterprise software. We are on a mission to make every customer’s integration as agile as they want it to be.

Integration isn’t uncool anymore. It’s no longer the murky “middleware” that was once considered a non-critical component of enterprise infrastructure. It’s no longer simply EAI or an ESB.

The enterprise integration market is nearly $34 billion and growing. As the demand for cloud services, SaaS app consumption, scaling services through application architecture disaggregation, the pervasiveness of containerized apps, and the mass adoption of serverless infrastructure, the more we’ll see, and need, integration.

The markets and vendors know this too, with funding for, and acquisition of, more integration-related firms than ever.

What’s driving integration’s growth? There are three drivers:

  1. SaaS to SaaS Integration: with 300K different SaaS apps adopted by enterprises globally, integration is how these systems now interoperate.
  2. Artificial Intelligence: as companies view recommendations powered by machine learning algorithms as a competitive weapon, the power of their analysis is correlated to the richness of the data feeding their algorithms. Integration has become the backbone necessary to feed ever larger pools that feed AI systems.
  3. Scaling Apps: as demands to scale applications globally, instantly, spread from the uber vendors (think Netflix or AWS) to the rest of us, our development teams are disaggregating their architectures to achieve higher forms of iterative deployment and elasticity. This hyper componentization is leading to a trillion programmable endpoints and making integration the glue that brings our APIs and microservices together as a whole.

The componentization trend driven by scaling demand allows development teams to innovate asynchronously. It allows line-of-business leaders to plan newer competitive moves without having to build infrastructures from scratch. With future applications containing 100s of components, integration provides the “glue”, workflow, resiliency, reassembly, and re-use. In other words, innovation is driven by integration.

We are not the only ones to recognize this. Gartner says about half the time and cost of building a digital platform will be integration. Development, platforms, and integration will increasingly coexist for organizations that see software as a core competency (which, according to Marc Andreesen, every company must become a software company).

Integration is not just hot, it’s the foundation of how any digitally-driven organization will innovate in the future.

The “Integration Gap”

WSO2 is about to celebrate our 13th anniversary. During that time we have worked on 2000 integration projects with customers.

Collaboration on over 2000 integration projects that now fuel 6 trillion transactions each year

Over that time, we’ve made an interesting observation: release cycles have improved, but they have not become agile. Our customers have steadily improved the release cycle for their projects, but that improvement has plateaued.

Over the past five years, we’ve seen our customers plateau in improvements to release iterations

Furthermore, the 2018 State of Agile report observed that only 4% of companies pursuing agile were seeing adaptive market benefits, even though more than 75% of enterprises are actively practicing agile. The 2018 Forrester Developer Survey implies that we are collectively undoing any agility gains made over the past decade.

The progress made over the past two decades from iterative development practices may be reversing

Why is this? It stems from the best practices and patterns that we’ve collectively advocated as an industry, from Service-Oriented Architecture, the API economy, and bi-modal forms of IT. The architectures we have advocated have created consequences across people, process, and technology.

  1. PEOPLE: Center of Excellence teams add governance barriers.
  2. PROCESS: middleware forces app dev teams to work through trickle-down “gates” to enter production.
  3. TECHNOLOGY: middleware is a dependency slowing application development teams.

Agility happens when people, process and technology are functioning to enable continuous, iterative improvements. Dependencies, whether through organizational limitations, management processes, or technology libraries create higher and higher gates that must be overcome prior to every release.

Although many development organizations may be using agile principles, few integration organizations achieve agility.

This is the heart of the “integration gap,” integration is everywhere, but its best practice implementation inhibits the adoption of agile practices.

Integration Agile

At WSO2, we are the largest open source integration vendor. We see healthy demand for our products, but we have learned that we need to help every organization view software as their core competency. With integration as your data and scaling backbone, your competitiveness is tied to how agile you will be with integration.

This puts on a new mission where we must make integration a tailwind to agility, not its headwind.

We will help every organization become as integration agile was you want to be.

Integration Agile: a mission that will make every organization view software as their core competency

We call this mission, “Integration Agile” and we will do it by helping your organization to align your people, process and technology to overcome the integration agility gap.

The WSO2 Integration Agile Platform

We are introducing the evolution of our offerings designed to help any organization become as agile as they want to be.

WSO2 Integration Agile Platform: people, process, and open source technology to make integration agile

At WSO2Con in San Francisco, we’re unveiling our new platform as a unified offering consisting of

  • WSO2 Maturity Model for Agility: Agility is a journey, and each team can achieve different levels integration agility. We are introducing a 5-phase maturity model for agility, where organizations can self-assess, as well as plan for their own transformation to whatever level of agility they desire.
  • WSO2 Methodology for Agility: To guide each organization about how to adopt integration agility practices, we are introducing a reference methodology that guides each organization to best practices for people, process, and architecture to achieve their ideal form of agility. Underlying this methodology are best practices of how to develop, reuse, run and manage integrations.
  • WSO2 Architecture for Agility: We’ve standardized the patterns for integration deployment. As technology has evolved, we’ve helped organizations deploy layered, segmented, and now, cell-based architectures each of which provide different forms of scalability, governance, and agility.
  • WSO2 Open Source Products: Our award-winning product pillars for Integration, Identity and Access Management, API Management, and Analytics & Streaming. We are announcing our quarterly release of these products, integrated and interoperable, with this quarter’s theme tied to microservices architectures.

Microservices are essential to advancing integration technology to iterative deployment necessary for agility

Today at WSO2Con, WSO2 announced the summer release of our platform with a focus on driving microservices innovation. By delivering WSO2 functionality on a cloud native, open source platform, WSO2 facilitate agility by extending platform-wide support for the development and deployment of distributed, lightweight microservices. These capabilities include:

Management of microservices APIs is addressed by WSO2 API Microgateway, which provides secure, low-latency access to microservices and eliminates the need for a central gateway by enabling enterprises to apply API management policies in a decentralized fashion.

Real-time microservices analytics are enabled by WSO2 Stream Processor, a lightweight runtime that can run in distributed deployments using Kafka and container-native environments, such as Kubernetes. It adds support for message tracing across microservices using the OpenTracing standard for better insights into performance.

Microservices integration is optimized using the MicroESB in WSO2 Enterprise Integrator. The MicroESB is a lightweight mediation runtime that includes all core mediation capabilities and offers a significantly faster startup time, making it ideal for containers.

Secure microservices are provided by WSO2 Identity Server which now supports role-based access control (RBAC) and validation using the Java Web Token (JWT) standard that has been widely adopted for microservices.

WSO2 Maturity Model for Agility

Our maturity model addresses the alignment of people, process and technology to help transform your development and integration capability. We’ve defined 5 phases that describe your agility alignment with both internal and external customer needs.

We are offering maturity assessments, and self-assessments. We can aide your organization understand where they are at on this curve and what is required to achieve higher forms of agility.

WSO2 Reference Architecture for Agility

The architectural pattern that an organization deploys directly impacts the maximum level of agility that you can achieve. We are introducing a reference architecture for agility that defines the best practices and patterns that organizations deploy for two types of commonly deployed architecture and one new one:

  1. Layered Architecture: functional capabilities grouped in layers by following a System of Systems view. It is a centralized system where data moves from layer to layer.
  2. Segmented Architecture: functional capabilities sub-grouped within layers based on organizational ownership. It is a centralized system where data flow moves from layer to layer.
  3. Cell-Based Architecture: functional capabilities grouped in an architecture unit based on scope and ownership. It is a decentralized where data moves within and across cells and governance is transparently applied through a control plane embedded within cells.

The architecture that you define will create a ceiling on the level of agility that you can achieve

Asanka Abeysinghe, our VP of Architecture out of CTO Office, has collected our experiences across customers to prepare our vision of these architectures. You can learn about these patterns and learn how to apply them to your projects with this white paper.

Cell-Based Architecture for the Composable Enterprise

What happens if teams can self-organize to produce units of architecture which are continuously deployed and incrementally updated without the organizational or technological dependencies that create gates to releases?

We call an approach to achieve this a cell-based architecture.

Cells are independently deployed by self organizing teams, and then used to construct applications through composition

A cell is a collection of components, grouped from design and implementation into deployment. A cell is independently deployable, manageable, and observable. Components inside the cell can communicate with each other using supported transports for intra-cell communication. And all external communication must happen through the edge-gateway or proxy, which provides APIs, events, or streams via governed network endpoints using standard network protocols.

Every cell has its own Gateway for ingress and egress along with a control plane for distributed governance

Self-organizing teams producing cells is the best way to achieve maximum agility. It is the self-containment of people, process and technology dependencies that eliminate the gates that slow down process.

Cells can be built with a variety of technologies and programming languages, including Java and Node.JS.

At WSO2, we are making it easy and simple to generate cells with Ballerina, a cloud native programming language. Ballerina programs have these integration properties as part of the cell’s code, embedded within it. And soon, Ballerina will generate cells (with Gateways, observability, deployment and dependencies included) as part of every build from a developer.

When cell-based architectures are combined with an event-based hybrid integration platform, such as what we offer with WSO2 Enterprise Integration deployed with Kubernetes, your organization transitions into the Composable Enterprise. You are not just adopting the cloud, you have become cloud native giving you autonomous releases without compromising on change-control authority.

Composable Enterprise with Cloud Native approaches allow IT to reallocate budget from Center of Excellence to development and operations

With the Composable Enterprise, middleware Center-of-Excellence (CoE) silos are removed. This allows enterprise IT to reallocate budget into development and operations, which are the drivers of innovation. By shifting traditional integration operations into code, we accelerate the development cycle and eliminate gates.

The Future of Development is Integration

WSO2 now much more than a product company. We believe, like Gartner, that all development organizations are now integration organizations. And to deliver that, we built on our customer experience where we consistently helped transform them to become Integration Agile.

As you, our customers, now look at the integration needs (and opportunities) ahead, we hope you now ask yourself questions like why shouldn’t your integration now be as agile as your development?

Well, we’re here to help. Send me an email and let’s get the conversation started.

tyler@wso2.com

Announcing the WSO2 Serverless Solution

Most enterprises today looking for serverless solutions have few options without cloud lock-in. Remember that public serverless offerings will capture a customer’s data, lock out external event streams, and likely limit developer language choice. This lock-in hinders application migration, multi-cloud scaling, and the use of private cloud resources. A more palatable solution ought to allow organizations to tap serverless for disaggregated architectures, and allow them to utilize both public and private cloud resources, event models, and programming paradigms.

In response, customers today are mostly forced to use public serverless offerings from AWS (Lambda), MSFT, GOOG, etc., with limitations placed on the supported programming languages for each. Users are further locked-in because of the need to use adjacent proprietary services like the cloud’s storage services. And if a company wants to use an alternative, they’ll require considerable investment to manage.

Enter the WSO2 serverless solution

Today we’re introducing the WSO2 Serverless Solution, a private function hosting environment based on Apache OpenWhisk and Kubernetes. And it’s immediately available, though on a limited-access basis.

To develop the solution, WSO2 has been working with Rodric Rabbah and Perry Cheng, co-founders of CASM LLC and co-creators of Apache OpenWhisk. They bring in-depth knowledge on custom deployments and backend optimizations to the overall solution, and both continue to be active members of the OpenWhisk community.

The solution allows organizations to leverage their existing event sources and programming languages. Underlying the open source function platform, Apache OpenWhisk allows developers to plug existing event sources into the solution. It also allows developers to use their preferred programming language as a function runtime which will allow them to re-use most existing code, and allows users to define their own custom resource limits. These combine to provide greater overall agility to a serverless solution. And you’ll have freedom from cloud lock-in.

And the best part is that the WSO2 Serverless Solution is a private hosted platform managed by WSO2, so it ought to significantly reduce learning, set-up and maintenance overhead for DevOps teams.

A little more detail…

The serverless solution is fundamentally powered by Apache OpenWhisk and Kubernetes to allow IT orgs to provide a uniform, elastic, and secure platform for reactive, event-based, and batch workloads.

The Solution offers several unique capabilities:

  • Private function platform – powered by Apache OpenWhisk deployed on top of Kubernetes
  • Managed hosting environment – provided by WSO2, mapped to internal private resources and events, with customized elasticity.
  • Private, dedicated servers and operations – provides segregated tenancy
  • Support for any programming language – broader support than any single public cloud vendor
  • Leverage any existing event source – no matter where you deploy
  • Transparent computational elasticity – to support both short and long running computation
  • Guaranteed computational capacity – because it is a private function environment
  • Secure platform, plus service isolation, and encryption of data in motion
  • Local development environment – for developer teams
  • Dev tracing and operations of event-driven apps with logging, monitoring, and analytics

Why did we do this?

WSO2’s mission is to help digitally-driven organizations become integration-agile. And we do that with a platform of open-source Integration, API Management, Identity Management and related products. One core motive of ours (and of the overall open source model) is freedom from lock-in… So it stood to reason that if we wanted to simplify integration tasks, it would require simplifying deployment tasks too. So we developed this cloud-vendor-neutral deployment approach to complement our products.

Availability

As mentioned, the solution is immediately available on an early-access basis. Pricing is offered at a flat rate, on either a monthly or annual billing. For more information see the WSO2 Serverless Solution.

Ask an Expert: Catching up with Srinath Perera

Srinath Perera is vice president of research at WSO2. He is a scientist, software architect, author, and speaker. He is also a key architect behind Apache Axis2 and WSO2 Stream Processor. We caught up with Srinath recently to get his take on the significance of Streaming SQL, the future of open source stream processing solutions, and why we must learn to think, question, and see beyond the obvious.

1. What has your journey at WSO2 been like?

This is my ninth year at WSO2, but I have been working with Sanjiva Weerawarana on similar technologies since 2003. Yes, it’s been close to 15 years, and it’s been a lot of fun. I have worked on a wide variety of challenging problems, and have worked with many brilliant individuals who will make good stories for one’s grandchildren one day. I have done a lot more than I imagined years ago.

2. For agile digital businesses, the availability of business insights is a significant factor in gaining a competitive advantage. How does WSO2 Stream Processor help?

Our product can easily plug-in to a user’s system and collect data. You could then write queries using Streaming SQL to detect important conditions. Streaming SQL is similar to SQL, but works on data streams instead of data tables. The former is flowing, while the latter is stored on a disk.

Compared to what our competitors offer, we have very powerful Streaming SQL with operators most others do not have. We enable you to use machine learning models within Streaming SQL itself. Also, if you are looking for a small deployment, our server can run a HA deployment with only two nodes and process about 100,000 events/second. If you are looking for a large deployment, we can run on top of Kafka. In the event you are unsure or undecided, you can always start small and later switch to Kafka without changing any code.

Streaming SQL is similar to SQL, but works on data streams instead of data tables. The former is flowing, while the latter is stored on a disk.”

3. What does the future hold for open source stream processing solutions?

In my opinion, stream processing has not become mainstream yet. People are still figuring out analytics. It’s not easy to find developers who excel in analytics. Stream processing has to wait for that adoption to play out. No one will try to do real-time before they figure out basic analytics; that is unless you have specialized use cases such as for stock markets, surveillance, and anomaly detection.

People are still figuring out analytics. It’s not easy to find developers who excel in analytics. Stream processing has to wait for that adoption to play out.”

4. What are the benefits of an open source stream processing solution?

I think there’s a growing trend for middleware as an open source model. They use complex code, support a wide variety of use cases, and are used by many. We are increasingly made aware that products are best built using the open source model. I think there’s no better testament than Microsoft, a company that hated open-source, but has now embraced it.

I think there’s a growing trend for middleware as an open source model. They use complex code, support a wide variety of use cases, and are used by many.”

5. How did you start working in stream processing?

A long time ago, in 2007, while I was doing a Ph.D, we worked on a paper comparing Complex Event Processors (or CEPs, which is an older name for stream processing) and rule-based systems. I was fascinated by the technology, and after I joined WSO2, I supervised an undergraduate thesis project to build an open-source CEP engine. This was in 2011 – well before stream processing became cool! It was called WSO2 Complex Event Processor back then and was later renamed WSO2 Stream Processor.

6. What is your proudest accomplishment in recent times?

In general, it is the role I have played with Apache Axis2. However, if you want me to choose something recent, I suppose my work with the WSO2 Research Team stands out. Some good work will be made public soon. I have also worked with Paul Fremantle, WSO2’s CTO, to build a framework to evaluate different emerging technologies. You will hear more about this too soon.

7. What advice would you like to give a budding developer or an architect to better their career?

I would say learn to think, question, and see beyond the obvious.”

There is this quote that I love, “Wisdom is tolerance of cognitive dissonance.” It took me awhile to understand what it meant. We all interpret how the world works, but when we discover things that do not match our way of thinking, we ignore them. However, the world is more complicated than that. By understanding those mismatches and by learning through struggle and discomfort, we achieve true wisdom. That is what that quote conveys.

I would say learn to think, question, and see beyond the obvious. I refuse to tell people I work with how to solve something. Instead, I tell them, “Tell me how you will solve it and then I will complain.” I think they are used to it now. That way, we all use put our critical thinking skills to good use and one day, they will not need me for guidance.

To learn more about Srinath’s work, follow him on Twitter and read his blog.

Four Warning Signs an Integration Wall is Approaching

The Integration and API Management markets are growing, expanding in both popularity and use. Enterprise App integration will surpass $33b by 2020, and other markets like iPaaS and Data Integration are growing at double-digit CAGRs. Enablers, such as containers and serverless technologies are only accelerating the move toward increased disaggregation of applications.

All seems rosy. And it mostly is.

But with the explosive growth of APIs and endpoints, traditional centralized tools like ESBs will become unsuitable, and simple low-code snap-together tools won’t scale to address the broader scope. We’re potentially about to hit an “integration wall” at high speed.

Consider the following four warning signs – some technical, some process – that I find are beginning to plague the integration market:

1. Waterfall Development for integration is hitting a wall.

Although most code development has shifted to an Agile Development model, the same can’t be said for Integration tools. As the quantity and diversity of endpoints increases, and as Integration projects become more diverse and complex, use of the waterfall model is beginning to slow down integration projects. And with a future where there will be billions of Integratable endpoints, it’s obvious that an Agile Development model for integration will need to become the norm.

2. Existing tools and programming languages aren’t optimized for Integration-at-scale.

Enterprises that currently use low-code, snap-together, centralized integration technologies (including iPaaS) will not be optimized for orchestrating, integrating, observing and governing the expansion of constantly-changing endpoints. Nor are traditional centralized approaches (think: EDI and older ESBs) prepared to handle increasing endpoint scale or diversity. Many of these existing tools are well-adapted for Line-of-Business or Citizen Integrators of relatively small-scale implementations but are far from well adapted for more complex integration-at-scale projects.

3. Current programming languages are not optimized for Integration.

With languages like Java/Spring or JavaScript/Node, developers can engineer flow, but must take responsibility for solving the hard problems of integration. With these languages, developers have to write their own integration logic or use bolt-on frameworks. Clearly a new programming paradigm will be needed long term.

4. The Exploding Endpoint Problem is very real.

As I referenced above, IT is ill-prepared to address the oncoming wave of service disaggregation, the diverse types of APIs, differing sources of service endpoints, challenges from Big Data, and multiple approaches to serverless IT. The industry is about to hit a scale and diversity wall. To wit,

  • 917 apps in use per enterprise (Netscope, 2016)
  • 893-1206 average cloud services used per employee (Kleiner Perkins, April 2017)
  • 19,000 APIs as-of January 2018 (Programmable Web, 2018)

And if you don’t believe those numbers, Matt Eastwood of IDC recently pointed out that the number of containerized services has expanding well beyond where VMs ever were. Yep, billions of programmable endpoints aren’t kid’s stuff.

Where does this leave us?

A new approach to addressing the future of integrating thousands-or millions-of endpoints could lie in a new programming language, Ballerina.

Ballerina is a simple programming language whose syntax and runtime have been optimized for the hard problems of integration. Its focus is integration – bringing concepts, ideas and tools of distributed system integration into the language. Based on the concepts of interactions within sequence diagrams, Ballerina has built-in support for common integration patterns and connectors, including distributed transactions, compensation and circuit breakers. And it supports JSON and XML, making it simple and effective to build robust integration across distributed network endpoints.

So, watch this space for future developments. And in the meantime, beware of the approaching wall.

WSO2’s Growth Story and Why Open Source is the Only Way to Solve Your Integration Challenges

Last week, Ken Oestreich, WSO2’s VP Product Marketing, and I were at the AGC Growth Conference, where we discussed WSO2’s growth story. WSO2 continues to be relatively unknown in business development circles, and this was a wonderful opportunity to report on our traction and understand how the broader ecosystem views integration.

Here is that presentation in full.

WSO2 is the largest open source integration vendor by revenue and customers.

WSO2 is the largest open source integration vendor by revenue and customers. We are EBIT and cash flow positive, with subscription growth approaching 60%.

Integration turns out to be the hottest market even though it’s the uncoolest thing.

Integration is everywhere, and it’s $30 billion annually dominated by three types of integration. All three segments will have billion dollar growth in the next decade. While iPaaS gets significant market attention, it’s not sufficient for most kinds of integration. iPaaS is a metaphor for the line of business, which is departmental-driven, repeatable forms of integration. There are 150 competitors in this space and is prime for a shakeout. iPaaS vendors template-based approaches are not well suited to app integration as they cannot expand to reach the breadth and depth of integrations required—they only work in templated formats where the same integration can be repeatedly done, which is ideal for some types of SaaS to SaaS workflows.

In app integration, old vendors like Tibco, Software AG, and Oracle will suffer as the rotational movement to microservices and open source accelerates. In order to meet significant demand, software vendors are disaggregating their architecture in order to scale. The approaches to integration that service highly disaggregated architectures are shifting, and pure open source vendors have modern architectures to address this.

For the past 5 years, WSO2 has been engineering our approach to integration, with a focus on highly disaggregated architectures due to the rise of APIs and microservices.

WSO2 uniquely offers a suite of technologies because point solutions do not address the full integration problem.

Integration historically is the movement of data between two points, for which we do exceedingly well with our WSO2 Enterprise Integrator solution, but integrations complexity has increased because:

  1. every integration is an API—so WSO2 API Manager required,
  2. every integration must be governed—so federated WSO2 Identity Server required,
  3. data is moving from at rest to real time in-motion—so WSO2 Stream Processor required,
  4. as industries understand the power of becoming a digital native enterprise, vertical API solutions for compliance and regulation appear such as WSO2 for GDPR, WSO2 for Open Banking, and WSO2 for Telco.

If software is eating the world, then you can no longer be a software organization with also being an integration organization.

Our integration opportunity increases as 50 billion integratable endpoints grows to 1 trillion over the next decade. Everything will become an endpoint, and when those endpoints are exposed as APIs they will become programmable. Integration becomes a problem for all software integrations as its the discipline for resiliently communicating between these endpoints.

Integration is the unspoken challenge of the cloud, AI, data, and cyber security future.

If you follow Marc Andreesen’s hypothesis of software is eating the world, then you can no longer be a software organization without also becoming an integration org.

Closed source, open core, and iPaaS vendors do not have the community reach or contributions to address the full scope of integration problems.

The protocols, data formats, and APIs of endpoints change frequently. A centralized approach to integration, such as those offered by proprietary or open core vendors, are limited to the support they can provide by the resources they fund themselves. This is limiting and cannot address the full breadth of differences that must be addressed.

Community, collaboration, and shared experiences, such as what we provide with WSO2 open source, are the only way to integrate every type of endpoint that is coming.

WSO2 is one of the largest open source companies. We have received more than 1 million contributions that have lead to improvements in our open source integration runtimes and into connectors and adapters used to integrate the rest of the community.

WSO2 contributes to more than 100 open source projects, which reciprocate by contributing back, making WSO2 the 69th largest contributor to GitHub.

Integration is still waterfall, so we are investing into Ballerina to make integration agile.

Integration technology forces development teams to follow waterfall lifecycle practices. This doesn’t scale, so we are also investing in Ballerina—a cloud native programming language for integration—to give developers quick, agile development for integration. With Ballerina, every developer can integrate anything, with a learning curve in hours, unlike the months required for Java / Spring or JavaScript / Node.

Ballerina represents a unique, new, and improved approach from typical EI and iPaaS products. Their either agile or integration simple, but never both. A programming language and platform whose syntax is integration simple, but works with a developer’s favorite tool chain in an iterative flow creates true agility. This makes it impossible for developers to integrate at scale to adapt to changing requirements and deal with increasingly disaggregated architectures.

Open source is the best defense for mega-cloud and proprietary vendor lock-in.

Open source is the best defense for addressing lock-in that comes from data lock-in of clouds, API lock-in of mega-clouds, and vendor lock-in from proprietary licenses. Almost 90% of operators are focused on avoiding lock-in. Open source solutions offer a great way to provide try-before-you-buy and substitution options to those that adopt it. WSO2’s solutions also deploy in any environment, and we deliver WSO2 on any public, hybrid, and private cloud infrastructure.

Wherever you may be on your digital native journey, WSO2’s subscriptions include the practices, methodologies, & technologies to transform you from integration waterfall to integration agile.

Companies and governments engage us through our consulting and subscriptions that accelerate the evolution of any digital native initiative.

We have 450 enterprise customers reflecting the world’s best brands that already process more than 5 trillion transactions through us each year.

Open source is more efficient than closed-source—with growth, net retention, and NPS rates equal to MuleSoft, but higher profitability and employee efficiency.

We have a unique open source software business model that has fueled our growth. We release our code with an Apache license. However, we package and ship support patch binaries with a WSO2 license to those who maintain a subscription. This offers a balance between the best freedoms of open source and measurable added value.

And, wonderfully, our internal teams do not compromise productivity by perpetually wrestling with where the “for free/for pay” line must be drawn. It is expensive for an enterprise vendor to determine the best model of where for-fee options reside. Not only does the vendor have to develop a strategy, but they must communicate this to all their employees and then justify it to the open market. These costs are passed along to customers and require significantly higher forms of capital from investors. This line does not stay static, either. The nature of open source is that is erodes and impedes upon the areas where a vendor is selling their proprietary extensions. This means the “for free/for pay” line must be rethought. This is a continual process, and this is time where inefficiencies are introduced.

  1. Many companies take credit for open source, but only a few, like WSO2, have all their published software as open source, which allows any company to consume or use the software without first having a relationship with the vendor.
  2. WSO2’s open source software business model is innovative and unique because of the IP we have built around patch distribution and support engagement. This consequently encourages customers to get and maintain a long term subscription. Customers only maintain a subscription with us through the period where we provide immense value, forcing WSO2 to create business practices that embrace a customer’s needs more wholly.
  3. The proof of this is that WSO2’s net retention rates are identical to MuleSoft’s, which is an open core vendor, effectively only selling proprietary solutions, while having much higher profitability.

We take our offerings to market with a territory and inbound sales model that combines channel partners, resellers, distributors, and our customer success team.

We take our offerings to market with a sales model that combines channel partners, resellers, distributors, and our territory-based customer success teams to engage, win, expand, and satisfy every customer.

  • By swarming the customer throughout their lifecycle, we reduce the chance of churn and help derisk the customer’s initiative. This is why we can maintain a 40 Net Promoter Score (NPS).
  • We now have 550 people in Mountain View, Colombo, Manhattan, Sao Paolo, and London. We are opening offices in Australia, Mexico, and Europe this year.
  • The forces shifting the sector rotation from proprietary software to open source are strongest in emerging economies, which is why we shortly anticipate opening offices throughout eastern Europe, the middle east, Africa, LATAM, and APAC.

This is an impressive set of financials…

The market has rewarded us with 52% subscription growth, which has been accelerating, and also a dollar-based customer retention rate which is equal to MuleSoft’s, but with a community and business operating model that is more efficient letting us have EBITDA profitability and positive cash flow. If you are an investor, we will be a 58 this year on the rule of 40.

Our success has largely been organic, with a minimum of outbound marketing and a small sales channel. This is going to change as we step on the accelerator in the coming years.

Our growth story is not ours alone, we can work together with you to growth faster, together.

We communicate our growth story to our customers, employees, investors, partners and ecosystem to help us discover ways to have a bigger impact, and potentially grow faster. Our growth story is not ours alone to be had. We can work together with you to grow faster, together.

We are building relationships that more aggressively expand our territory and technology partnerships, while also building upon our strategic initiatives with Ballerina and connectors.

If you are interested in learning more about WSO2 or to potentially become a partner, you can reach me at tyler@wso2.com.

Announcing Our 2018 Spring Release Which Brings Platform-Wide Support for Fast-Tracking GDPR Compliance

The clock is ticking toward the May 2018 deadline to comply with the General Data Protection Regulation (GDPR), which harmonizes data privacy laws across Europe to protect all data belonging to EU citizens and residents. The regulation applies to organizations that operate within the EU as well as those that sell or market to the EU—essentially the rest of the world.

Some enterprises may only see the immediate burden of meeting GDPR’s requirements. However, savvy organizations understand that the technology platform they implement to comply with the regulation can set the stage for new digital business models that drive revenue and growth. To help these enterprises accelerate these efforts, WSO2 today debuted its Spring 2018 Release, featuring product developments designed to offer platform-wide support for GDPR.

The Spring 2018 Release is the first set of synchronized product updates being rolled out as part of WSO2’s new quarterly release of new and enhanced capabilities across the platform aimed at addressing the real-world business and technology demands enterprises face today.

Let’s take a closer look at the challenges and opportunities that GDPR brings, as well how WSO2’s product features and services empower organizations to fast-track their GDPR compliance and enable agile digital transformation initiatives.

The Immediate GDPR Challenge

GDPR requires that organizations conducting business in the EU adopt internal policies and implement measures that meet, in particular, the principles of data protection by design and data protection by default. What this essentially means is that enterprises need to ensure all personal data collection, processing, storage and destruction measures are designed to secure privacy. It doesn’t just end there. Organizations must also be able to demonstrate proof of consent and allow individuals to review the status of their consent and opt out if they choose to do so.

The immediate challenge for enterprises is finding a solution to help tune their identity and access management (IAM) and ensure secure API management quickly so that they can address the new requirements of GDPR. These include customer data privacy, a self-care portal to enable customer rights defined by GDPR, and full-scale consent lifecycle management. The solution also must support secure identity provisioning across systems in a GDPR-compliant manner.

The Long-Term Benefit

While meeting their near-term GDPR requirements, organizations have the potential to look beyond compliance and leverage the strong data protection fostered by GDPR to support their digital transformation efforts aimed innovating new services and building brand loyalty with customers. To make this move, organizations need a cohesive platform that has the capabilities to make businesses programmable through APIs, program the business using integration systems, maintain solid identity and security practices, and increase agility through the adoption of open source and cloud systems.

The WSO2 Advantage for Capitalizing on GDPR

WSO2 has the expertise to be your trusted technology partner, not just to make sure you clear the GDPR hurdle, but also to ensure your organization has the ability to leverage the wider benefits brought by this regulation. With the Spring 2018 Release of the WSO2 platform, you have a digital transformation solution that capitalizes on the data protection measures of GDPR to accelerate your business growth via a digital innovation platform.

Using the WSO2 platform, you can capitalize on the technology trusted by globally recognized brands across a range of industries—including eBay, Experian, Verifone, BNY Mellon, West Interactive, Motorola, Transport for London, and StubHub—to:

  • Comply with the GDPR regulations quickly via platform-wide support that helps you to ensure all personal data collection, processing, storage, and destruction messages are designed to secure privacy.
  • Look beyond compliance and enhance digital transformation with a cloud-native, open source platform composed of the key technology enablers required for the agility and innovation you need to maximize your competitiveness.

Technology Enablers for GDPR and Digital Transformation

Within the WSO2 platform, key technology enablers for meeting GDPR regulatory requirements and setting the stage for digital transformation include:

  • Identity and access management in the Spring 2018 Release is delivered via a solution that supports secure identity provisioning across systems in a GDPR-compliant manner. Consent management and privacy toolkit in WSO2 Identity Server enable enterprise data controllers to accelerate their organization’s GDPR compliance. It also introduces personal information export capabilities and support for encrypting OpenID Connect identity tokens. Together, these new features address the different aspects of individual rights defined in GDPR, such as the “right to be forgotten” and the “right to personal data portability” among others, in order to ensure the protection of personal information.
  • Secure API management in the Spring 2018 Release addresses the new requirements of GDPR, such as customer data privacy, a self-care portal to enable the customer rights defined by GDPR, and full-scale consent lifecycle management. These capabilities can now be deployed via a hybrid cloud solution that provides organizations a local gateway rather than a cloud API gateway. This enables users to have the best of both worlds and ensures all API calls happen locally, thus increasing security and minimizing latency. Moreover, it’s easy to maintain as users; just supply their cloud credentials, and it pulls configuration and changes from the cloud.
  • Integration capabilities in the Spring 2018 Release provide the ability to seamlessly connect and manage multiple identities across legacy systems, SaaS applications, services, and APIs. This enables organizations to support even the most demanding integration requirements across services. Key capabilities include the required tools to connect to a wide variety of protocols and security mechanisms as well as streamline integration APIs in a secure manner.
  • Streaming analytics capabilities empower organizations to derive meaningful insights with available data. The Spring 2018 version of the product includes functionality to support GDPR compliance, such as the ability to anonymize both login user information and any data stored in databases.
  • A customized open banking solution, first launched for the financial industry in August 2017, provides the functionality to comply with both GDPR and the European Union’s second Payment Services Directive (PSD2). It also empowers companies to go beyond traditional banking by offering third-party services and innovating new digital offerings.

In addition to the enabling technologies delivered through the WSO2 platform, WSO2 is offering a series of seven webinars to help organizations accelerate their GDPR compliance.

Now is the time to start complying with GDPR—and lay the groundwork for the new digital business models it will enable. WSO2 brings you the technology, expertise and services to get up and running quickly and cost-effectively, along with the agility to capitalize on digital transformation opportunities as they emerge.

WSO2’s New Approach To Performance Reviews

This morning, WSO2 rolled out a new approach to performance reviews for our employees.

Since software is a creative business, the performance review process for a software company must be a system that furthers the creative careers of the professionals employed by us.

WSO2’s leadership has 250 years of enterprise software experience. We’ve worked at numerous software companies, both large and small, including Oracle, Dell, Quest, IBM, venture capital software startups, and system integration providers. We’ve experienced performance appraisals of many different varieties, but they all emphasize numerical ratings and normalization of individuals into a bell curve. This is fundamentally wrong and a fast way to weaken the creative intelligence that is essential to making a software company great.

We believe our approach better aligns the interests of our employees with the company’s objectives.

Performance Ratings Sabotage Productivity

For the past five years, WSO2 has gone through significant growth. With this growth came an expansion of the employee ranks, and we are now striving to be close to 560 employees by the end of 2018. At one point, WSO2 hired more than 150 people in a single year.

To compensate for this growth-and being engineers-we developed systems to more fairly rate people across the company, especially two people who are performing the same function reporting into different leaders in different departments. Bonuses were tied to the rating achieved. The rating was a numerical rating on a 100-point scale with a unification process to ensure fairness. This was done quarterly. It was fair and balanced.

But we found that numerical performance reviews will ultimately sabotage productivity. In a numerical system, there is usually a bonus leap or compensation jump for those that rate above a certain threshold, in our case 60 and 80. In any system with a high degree of refinement, there will be people that are on the bubble of a numerical threshold. These numerical ratings were the composition of sub-ratings across a wide range of behavioral criteria that were weight averaged into a total score, so minute interpretations of sub-ratings could have big implications to perceived compensation.

When a performance review threshold is numerical, human nature causes everyone to analyze elements to gamify their score.

This opens the door to culture-sapping. Individuals on the bubble between one rating and another will formulate arguments to their benefit. People compare their ratings among one another with subjectivity (while ratings are intended to be private, reality demonstrates that everything is shared through the grapevine). The team leaders who are responsible for ensuring fairness subjectively applied the criteria to their team. Senior executives responsible for 100s of people will strive to develop systems to help measure and unify the ratings leading to a subconscious sense of bureaucracy and big brotherness.

After a couple quarters, savvy employees will learn the nuances of a numerical system and search for ways to gamify it to their advantage. People will change their operating point of view to obtain stronger ratings, even if these actions were not the most constructive to their own or the company’s interests.

We do a quarterly employee survey that asks a variety of questions about culture. Fundamentally, the most important question around whether people would recommend WSO2 as a place to work declined over a couple quarters from a world class rating to something that was in decline.

We felt that we were seeing the early signs of performance gamification that can be caused by numerical performance ratings.

Even though we only introduced the 100 point rating system last year, it was time for a change.

Creative People Need Creative Performance Reviews

Everyone in a software company is a creative individual.

This is not only our software engineers, but also our marketing professionals, lawyers, account managers, solution architects, accountants, and admin staff. Creativity trumps any skill set because the entire business of software is one where problems must be encountered and solutions proposed. Everyone within the company is a problem solver. And every time we release a new piece of software, we must rethink how our business must improve to better embrace that software for our customers. In essence, our company is in a constant state of improvement, and we can only address the problems that we encounter if everyone recognizes that they are on a journey of problem solving. During this journey, the nature, size, and complexity of the problems we must solve constantly shift. Your seniority, experience, and role within the company gives you opportunity to work on increasingly harder problems, making everyone’s journey, my own included, fulfilling and rewarding.

Creative individuals are on a career journey. It is the culmination of software experiences that define a career and create new opportunities for advancement. In exchange for committing to spending time to help the company or their team achieve their goals, the individual is rewarded with experiences that contribute to their career and a reciprocal commitment by the company to provide new, more challenging experiences.

An employment arrangement between a software company and its employees is a shared commitment to participate in and create new experiences that reward one another.

Why then do most companies provide a performance evaluation that attempts to quantify and sometimes monetize skills or tactical results instead of discussing the broader issues tailored to how each individual is on a creative journey?

The WSO2 Performance Evaluation

The performance evaluation is intended to facilitate a career conversation between an individual and the company. We also use the results of the performance evaluation to determine an individuals participation in the company bonus pool.

We want to know three things:

  1. How have you demonstrated your commitment to the company’s mission?
  2. How have you demonstrated your commitment to your team’s objectives?
  3. How have you demonstrated a commitment to your career and self?

Each individual is asked quarterly to self evaluate themselves by answering these three questions. These answers are then melded with a similar assessment from a Team Leader to enable and facilitate a discussion about each individuals software journey.

If each individual is true to themselves and make contributions that play to where they are at on their software journey, then they will have numerous examples of how they have and continue to demonstrate their commitment. The discussion with their Team Leader is then a focus on how to amplify their experiences and help each person better achieve results for themselves, their team, or the company.

We have three resulting ratings:

  1. Exceptional. You are demonstrating a commitment and everyone around you agrees.
  2. Successful. You are demonstrating commitment, but not everyone is aware.
  3. Needs Improvement. You are not demonstrating commitment, and perhaps this job or career is not yet your cup of tea.

Everyone who receives an Exceptional or Successful rating receives a prorata portion of the company’s bonus.

We are excited for and would love it if everyone in the company receives the bonus. There is no concept of unification. We would rather our employees and Team Leaders invest their time in aiding everyone to improve the experiences they have on their software journey.

While rare, and since we have a big commitment to continually hiring entry level talent, some people are not able to demonstrate the commitment to self or the corporate mission. In these situations, we place people on a performance plan and have an open dialogue about their reasons for being in the software industry. More often than nought, people leave WSO2 under these circumstances to pursue new careers having gained an increased awareness of their personal desires.

Demonstrating Commitment

Every creative individual demonstrates their commitment in different ways.

Demonstrating commitment is a reflection of:

  1. Are you engaged and excited by the work that you do?
  2. Are you striving to make the people, products, and systems that you work with better?
  3. Is your attention to detail improving along with identifying ways you, your team, or the company can better itself?
  4. Are you contributing to industry peer group in work groups, standards bodies, open source projects, conferences, networking, and career advancement bodies?

This broad definition of commitment allows each person a wide range of freedom to define how they are contributing to the company and furthering their software career journey.

This definition also allows Team Leaders to have an open dialogue to identify people who are not a great fit for the type of software that we build and sell at WSO2. When an individual’s self assessment is filled with contributions and commitments in areas that fall too far outside the core of our corporate direction, it becomes easy to discuss and relate.

The CEO Self-Assessment

As CEO, I am not above or beyond self-assessment against these ideals.

I have day-to-day responsibilities:

  1. Setting strategy and direction
  2. Modeling and setting the company’s culture, values, and behavior
  3. Building and leading the senior executive team and board of directors
  4. Allocating capital to the company’s priorities

But beyond these items, I demonstrate my commitment in other ways.

Company Commitment

Given my unique historical experiences in product management and DevOps, I personally am taking PM responsibility for Ballerina’s package management registry technology lines. Much of the success of our Ballerina initiative is tied to collaboration among developers and we need a package management system designed that exploits our unique integration qualities of Ballerina married to the best attributes of what other package systems prior to us have created. My background with package managers and connection to other industry contacts offered me a chance to apply my experiences to this domain to the company’s benefit. Delegating this to another PM who was new to the package management discipline might have been a disservice to the company.

Team Commitment

For my executive leadership team, I am working to retain executive coaches that can interact with each member in private 1:1 sessions. These coaches have experience in high growth software startups or within publicly traded companies.

For my board team, I am working to improve involvement in strategic decisions and to deepen their access to business analytics. I would like WSO2’s board reporting to become real time and dynamic, so that management and the board can maintain a concise, unified, and current view of the business lowering the frequency of briefing meetings and allowing us to interact more frequently on high impact strategic matters.

Individual Commitment

I am a strong proponent of self-learning and industry networking.

To advance my understanding of technology, I am committed to obtaining committer status on at least one container or serverless related open source project. I continue to contribute lightly to Eclipse Che, a cloud IDE project, and I am working towards committer status rights on Ballerina. Obtaining committers status requires a focused contribution to the project itself, which requires hands-on study, learning, and skill acquisition that allows me to advance my broader understanding of technology.

To advance my understanding of the software industry, I am an avid daily reader of news, analysis, deals, and investments within the enterprise software segment. This is a 1–2 hour / day commitment to overview the day’s activities and proactively discuss with peer groups online (whether on Medium, HackerNews, or in private email groups). It is often these email discussions where insights and true learning develops.
Additionally, I commit to attend at least 1 industry networking event each quarter (outside the dozens of customer meetings, technology conferences, and meetups that we do as part of our day to day). I’m particularly excited about attending the Open Source Software Leadership Conference in a couple weeks.

Be Creative—Enjoy Your Career

We are excited to be releasing this improved performance review system at WSO2. We hope that it will allow creative people to operate creatively in an environment that maximizes their career enjoyment and productivity.
If you are thinking about a career in software, and want to be in an environment surrounded by talented, intelligent professionals passionate about working on large scale problems for open source and enterprise software, you should write me at tyler@wso2.com as we are growing and hiring.

We Did It! WSO2 Identity Server is Now OpenID Certified

We thought turning 10 was a reason enough to celebrate, but we’re not done with the celebrations yet. Our Identity Server (IS) team has been working to keep that momentum going. We just became OpenID certified!

Being OpenID certified by the OpenID foundation is a big deal. What is OpenID? OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. “We’ve been compliant with OpenID standards for a long time,” says an ecstatic Prabath Siriwardena, WSO2’s Senior director of security architecture. “Getting the certification puts a stamp on it and gives the assurance users are looking for,” Prabath explains.

WSO2 Identity Server is the most extensible and fully open source IAM provider that can help connect and manage your identities. It’s a key enabler of digital transformation. Our single sign-on bridges protocols such as OpenID, has been a key component offering solutions to enterprises in education, telecommunication, and health among others.

By becoming OpenID certified, we’re joining a list of industry giants who also have this certification including Yahoo! Japan, University of Chicago, Verizon, Salesforce, Paypal, and Google. Now WSO2 Identity Server can provide the assurance to its users that it really conforms to the profiles of OpenID connect protocol.

Kudos to our IS team on this feat and looking forward to many more successes!

WSO2: The 8th Largest OSS Company – 2017 Results and 2018 Plan

I joined WSO2 because of Open Source Software (OSS)’ potential.

Open source enables a transparent innovation and business model. Intellectual property published with an open source license can be consumed with freedoms not available with commercial licenses. Customers buy WSO2 subscriptions with clarity that our business goal is their successful deployment of open source to address their digital challenges.

Can IBM or Oracle say the same?

We align WSO2’s interests with customers by IP transparency through open source and the Apache-way.

In public markets, a company discloses business and financial information regularly to the public with disclosures to protect investor, facilitate capital formation, and to maintain fair, orderly and efficient markets. Additionally, our customers, by purchasing our subscriptions, are making a dependency upon us. Their awareness and confidence in our business and financial health is necessary to establish an equitable engagement.

To further the alignment we have with customers, WSO2 will now annually report key business and financial results.

We are pleased to share that WSO2 is financially sound.

WSO2 is comprised of two businesses: OSS subscriptions and professional services. Subscriptions are renewable and we use SaaS metrics for tracking KPIs in pro forma financials. The ARR and customer metrics reflect our subscription business and our EBITDA is for the company.

In 2017, we will exit our Annualized Recurring Revenue (ARR) between $24.5 – $25.5M, a growth of 52%, up from 46% growth the previous year. Our gross margin for the recurring business is 88% and will increase in coming years. In 2017, we will turn our first profit with $603K EBITDA and generate $2.7M cash from operations.

We acquired 150 new customers in 2017 and more than 80 new subscription customers. Our new customers start with professional services during their technology evaluation and either continue consuming WSO2 open source or transition to a WSO2 subscription for access to patches, security updates and incident support.

We use dollar-based net retention rate to measure our ability to retain customers and expand their use of our subscriptions. Historically, customers have expanded their use of our IP and subscriptions over time as they realize the benefits of speed and innovation that come with engaging WSO2.

To support growth, we began significantly hiring in support, sales and marketing in Q3 finishing the year with a 482 headcount.

2017, by all accounts, is a successful year for WSO2.

We attribute the results to:

  1. The passion and commitment of the employees and partners that put customer needs ahead of their own. We track our NPS at 25. We are striving for a 50 NPS, which is rare for enterprise software given the spectrum of customer needs.
  2. Product and intellectual property expansion to service cloud-native architectures, which are, along with microservices, dominating customers’ future deployment expectations. This advanced architecture lets us process 5 trillion transactions, 40 million identities, and 200,000 APIs across our customers. We estimate that 25% of our customers are cloud deployments across our public cloud or within megaclouds.
  3. The continued rotation within IT from proprietary to open source software. We have seen a dramatic rise in the number of organizations which have open source mandates, especially in emerging market territories, public sector, and system integrators.
  4. Maturity and continuity of operations. We have 69 employees with >5 years service and 23 with >10 years. More than 2/3 of employees with us five years ago are with us today. Our employee mix is 33:67 for female:male creating a vibrant culture of diversity. Also, other than myself, the WSO2 management team has not changed since 2013. This has allowed a long-term open source vision to nurture in equal measures across the company.

WSO2 is the 8th largest OSS company and largest integration OSS company. An OSS company derives more than 50% of its revenues from OSS support subscriptions. The top OSS companies are:

  1. RedHat
  2. Pivotal
  3. Mozilla
  4. Canonical
  5. Hortonworks
  6. Suse
  7. MongoDB
  8. WSO2

Acquia, MuleSoft, Cloudera, Alfresco, Actian, Sophos, Forgerock, and Datastax were not included due to their open core model and dependency upon proprietary licensing.

We expect the coming year to continue playing to our strengths. Trends tied to growth in programmable endpoints across devices, identities, apps, APIs, and data will increase. Integration is now central to digitization. Every program is an integration and every developer an integration specialist. This compounds the challenges to creating and governing integration endpoints that is the emphasis of our business.

Our 2018 operating plans include:

  1. Continue investing into Ballerina, and relaunch it with a developer GTM that focuses on solving integration problems for the next 20 years.
  2. Expand sales and marketing by opening offices in new territories, establish our first resellers and distributors, and growing our sales, marketing and channel organizations.
  3. Continue our investment in cloud-native architectures with the generational release of API Manager 3 and Enterprise Integrator 7 along with investing into cloud infrastructure installers.
  4. Invest into broadening the value of our subscriptions: launching a Technical Account Manager program, expanding our Long Term Support policies, bundling cloud-native operations tools within our subscriptions, broadening the scope of our managed cloud services, expand test grid coverage to incorporate ecosystem technologies, and exploring the inclusion of a security scanning service.
  5. Launch research initiatives into open source blockchain, AI, machine learning, and General Data Protection Regulation.
  6. Formalize the CTO office. Our co-founder, Paul Fremantle, will return full time as our CTO January 1st after completing his PhD in Computer Science. The CTO office will receive investment to formalize the production of our Corporate Reference Architecture, Corporate Reference Methodology, Global Technology Outlook, and Global Market Outlook.
  7. More than doubling our investments into marketing, enablement, and market education programs.
  8. Renewed focus on open source governance to better engage the community and their involvement in the evolution of our projects.
  9. Expanding our sales territories from 4 to 9 and separating our OEM ISV business.

We expect our ARR growth rate, EBITDA, and cash generation to increase in 2018. We’ll exit the year with approximately 560 employees.

All this means we can – and will – create a lot more open source that helps IT digitize assets.

We will be working to turn WSO2 into an IT-household brand, bringing our form of integration into every application and service you are building. If you are new to WSO2 or open source, 2018 will be a great year for you to learn more about how we can help you solve your digitization challenges. Get in touch with me directly: tyler@wso2.com.

Since this blog post includes future operating plans, predictions, estimates, and forecasts, this is a good time to point out that we have lawyers, and that our lawyers want you to know that this information represents our current judgment on what the future holds and it is subject to risks, uncertainties, and other nightmares. In other words, don’t be crazy by drawing conclusions that have undue reliance on this blog post and understand that we may revise anything.