Category Archives: Featured

WSO2 Named a Leader in The Forrester Wave™: API Management Solutions, Q4 2018 Report

Today, The Forrester Wave™: API Management Solutions, Q4 2018 was released and WSO2 is named a leader!

You can download the report (without filling in a form) here.

This recognition is a major achievement. Congratulations to the many internal teams, partners and customers that participated in the efforts to make WSO2 the only open source vendor evaluated in the report.

Nuwan Dias, WSO2’s product lead for APIM gave a tour-de-force 2-hour non-stop demo demonstrating raw software athleticism. Also, I’d like to tip my hat to Randy Heffner and the Forrester team for structuring a thorough (and frankly, exhausting) analysis that assuredly left no stone unturned from any vendor.

The API management market is growing because IT professionals see APIs as a critical foundation for agile software to support customer engagement, operational excellence, digital transformation, and business agility.

Forrester states why APIs are essential: “The API management solutions market is growing because more AD&D pros see APIs as a critical foundation for agile software to support customer engagement, operational excellence, digital transformation, and business agility.”

API management has become an essential part of every integration strategy and it’s why WSO2’s APIM solution is fundamental to how we help organizations become integration agile.

What Forrester Says About WSO2

  1. “WSO2’s open source solution provides a solid base for a variety of API strategies.”
  2. “[WSO2 is] the only fully open source solution in our Forrester Wave analysis.”
  3. “WSO2 provides good breadth across all evaluation criteria.”
  4. “[WSO2’s] strengths include formal life-cycle management and non-REST APIs, both of which facilitate mature and disciplined enterprise API strategies.”
  5. “WSO2’s solution provides flexibility to address a variety of approaches to APIs.”
  6. “The reference customers provided by WSO2 are highly satisfied with its solution and very satisfied with the vendor.”
  7. “[Customers] tend to be very to extremely satisfied with the product’s detailed features and functions.”
  8. “Customer comments include“[WSO2’s] partnership attitude inspires confidence and trust.”
  9. And “[WSO2’s] solution is easy to use.”

What Is Special About WSO2

In addition to the demo and a (many 100s) questionnaire, we delivered a summary presentation to Forrester’s team discussing our market penetration, product composition, and long term thinking.

WSO2 API Manager: The only comprehensive open source solution has been shipping for 6 years

API Management provides full lifecycle management of APIs for a variety of scenarios, whether B2B access, internal development, shared libraries, or monetization. WSO2 has been shipping our offering for 6 years and it has expanded to include a macro and micro gateway, embedded analytics and API identity, and API development tooling. WSO2 was the only vendor whose entire stack was both open source and available in on-premises or cloud offerings.

Embedded identity and integration makes legacy asset transformation into APIs possible without buying other products.

WSO2 provides a complete set of capabilities that allow customers to pursue any kind of API strategy. We front-end our offering with our ESB, identity server, and embedded analytics offerings to provide means to digitally transform legacy infrastructure into APIs.

More than 100 billion transactions run through WSO2 each day.

We are fortunate to have customers that participate in our conferences, give case studies and act as references. More than 30% of our API customers are financial services institutions. Starting small, our API management business is growing more than 75% each year and makes up 1/3 of our business.

What Are WSO2’s Big Bets

Forrester evaluates 26 criterion around the vendor’s current offering, strategy, and market presence.

WSO2’s long term strategy and roadmap are largely influenced by what we are seeing across the projects that we are working. Our observations are influenced by exploding endpoint issues on how integration has been preventing many organizations from realizing their agility goals.

  • Expect an increasing proliferation of digital endpoints, APIs, and applications that consume APIs. There is an integration economy that will grow exponentially with endpoints in the trillions, driven by edge computing, IoT, SaaS-SaaS integration, AI, machine learning, cloud computing and serverless.
  • APIs and digital endpoints will have an increasing diversity of origin. Different groups and personas will be creating APIs whether they are developers, knowledge workers or self-actualizing systems. There will be different locations where APIs reside, internal, external, on the edge, or in the cloud. And the structure of APIs will diversify taking construction from streams, events, async, and new protocols.
  • Expect the rise of dynamic APIs: short-lived, with frequent changes to facility agility. Microservices drive needs for fast-boot, low footprint, containerized services and some architectures requiring a microgateway per API. This creates change management and deployment problems for DevOps.
  • A need for adaptive management of APIs due to their proliferation and dynamism. Integral monitoring and management needed across diverse API origins. This amplifies demand for dynamic and federated identity, token swapping and SSO integration along with decentralized observability and monitoring with tools that keep pace with API rate-of-change.

These dynamic conditions allow us to invest into features that enable micro API management in environments that have thousands of constantly changing and distributed APIs.

WSO2 API Manager roadmap focuses on diversity and micro-ization of distributed APIs

Rethinking API Development and Lifecycle With Ballerina

Starting three years ago, WSO2 began working on Ballerina. It’s a new programming language that is designed to be the best language for writing services that need to talk over the network. Ballerina’s launch earlier this year has received a number of accolades, has grown in adoption, and now has multiple enterprises using it to build service-based architectures.

A service, or an API, is a first class concept within the language. Ballerina is a compiled, strongly and statically typed, concurrent language. The language provides modern benefits of structural programming without requiring significant scaffolding to resiliently (load balance, fail over, transaction, payload management, and error conditions) build and talk to APIs.

Ballerina dramatically improves developer productivity by making API iterations fast and agile. Ballerina has a built-in API gateway and is designed to plug any services built by Ballerina into an API management solution, or drag along a micro gateway. Essentially, the Ballerina language and compiler are distributed systems aware, and prepare the artifacts made by developers to be API management ready.

Get Started with WSO2’s API Management Offering

WSO2 is now the world’s 6th largest open source software company. Our significant size and staff (600 employees!) allow us to run a 24/7 operation with a global reach. We have sold and delivered into 63 different countries with offices in the United Kingdom, Brazil, Mexico, United States, Sri Lanka, Australia, and Germany.

And as usual, if you have any questions about open source, our API management offerings, or WSO2 (we are hiring, a lot!), you can reach me at tyler@wso2.com.

WSO2 API Management Strategy: Industry Observations and Implications

Recently we at WSO2 were asked by a leading analyst to outline our vision and strategy for the future of API management. We felt that our response captured much of our current and planned execution, so much so that we felt we needed to share it. Our culture at WSO2 has always been one of transparency, and in the past, we’ve even shared our financials.

Following are some of our positions on API management and additional market insights, as well as our vision of the composable enterprise. Stay tuned for additional strategy-related posts that dive more deeply into our technology “big bets” and direction.

How digital transformation is changing the landscape of APIs and digital connections

Current IT trends show that over the next few years, enterprises will find they need to deal with more than 1 trillion programmable endpoints and APIs. These will consist of traditional application APIs, data APIs, data streams, software component APIs, microservices, sensors, and IoT inputs as well. Indeed, everything may become an API.

Knowledge workers know this, and will want/need access to all these APIs/endpoints whether it’s only to create a basic SaaS-to-SaaS connection, or to create a more complex integration. Therefore, over the next 2 to 5 years, we expect that tools and processes will necessarily evolve to address this level of scale and complexity.

Additionally, infrastructures to support this huge quantity of endpoints will gravitate toward those optimized for microservices and serverless underpinnings. From a development perspective, current low-code integration approaches that involve centralized IT orgs and/or waterfall style processes simply will not scale. As a result, architectures will necessarily tend toward more decentralized, cell-based approaches underpinned by microservices and serverless.

With the trend toward trillions of endpoints, WSO2 believes much of what is today considered part of the “development” organizations will evolve to include API integration. The trend will be particularly strong where APIs serve as the core of digital apps and applications that rely on Internet of Things (IoT) data and artificial intelligence (AI). This is at the core of the disruption WSO2 sees in the coming years: that IT organizations tend less toward “development”, and more toward being “API integrators.” We call this new disruptive IT phase the composable enterprise, which will be fueled by the explosive availability and use of APIs and programmable endpoints.

The future of digital connections across enterprise boundaries

WSO2’s position is that API ecosystems across enterprises will expand as today’s software disaggregation (componentization) trends continue. Thus the composable enterprise will become a combination of both internal and external API-based services, each front-ended by private and/or public APIs. This API diversity—and dynamism—will inherently require hybrid API integration capabilities and distributed (rather than centralized) forms of management and governance.

To accomplish this, we see the use of distributed integration technologies, such as microgateways and micro ESBs, which necessarily operate in a decentralized fashion, bridging services from different sources, vendors, and enterprises.

From a business perspective, WSO2 sees ever-tighter service integrations across enterprises, suppliers, partners, and customers—all underpinned by API integration technologies. IT departments will become the “services supply chain managers.”

A perfect example is WSO2 customer Wells Fargo, which has successfully front-ended its organizations and systems with public APIs and gateways to accelerate new product and service delivery, as well as speed integrations with business partners. This form of API marketplace is being adopted by digitally driven organizations that are encouraging partners, suppliers, and even customers, to work more closely with their offerings.

Enter: the composable enterprise

The WSO2 vision of the composable enterprise does not imply a purely internal IT model, but rather an approach that spans the enterprise’s complete external service ecosystem as well.

The notion of the composable enterprise will involve closer, more secure, and more real-time digital interactions between vendors, suppliers, and customers—as well as for internal integrations. API-based interactions will also result in more rapid product and service innovation among all parties, creating new forms of value for customers, partners, and internal business units alike. Already, multiple forms of storefronts, macro-gateways, and monetization models are arising where enterprises are brokering their internal services for use by external entities.

Today, WSO2 customers are pursuing this vision. Wells Fargo, BNY Mellon, and StubHub are just three of many enterprises that are publishing their APIs, as well as basing their internal architectures on disaggregated components front-ended with APIs, gateways, etc.

Indeed, many leading companies are already basing the bulk of their revenue on the API economy, capitalizing on the business wave highlighted in by the Harvard Business Review back in 2015:

“…Salesforce.com generates 50% of its revenue through APIs, Expedia.com generates 90%, and eBay, 60%. Salesforce.com has a marketplace (AppExchange) for apps created by its partners that work on its platform; they now number more than 300. Expedia’s APIs allow people using third-party websites to tap its functionality in order to book flights, cars, and hotels. And APIs allow eBay to list its auctions on other websites, get bidder information about sold items, collect feedback on transactions, and list new items for sale-all of which give additional exposure to eBay items and increase revenue.”

Future drivers and shapers of API management

WSO2 sees the major pressures driving the future of the API management space as grouped into two main categories: the market drivers led by the demand for API business and the technology shapers, led by vendors and innovators.

Drivers of API demand aren’t entirely new, but they have recently risen in their influence on IT behavior:

  1. The trillion endpoints future: the trend toward every digital asset becoming a programmable endpoint and causing IT to create strategies to access these assets.
  2. Digital business competitive pressures: forcing organizations to more quickly find ways to digitally interact with suppliers, partners, and customers.
  3. Knowledge worker information consumption: where organic demand for nearly every digital asset begins with line-of-business users looking for new data and conveniences.
  4. SaaS-to-SaaS app integration: a trend increasing exponentially where every new SaaS app or component is more valuable each time it’s integrated with another.
  5. Machine learning: with applications of ML forcing both data at rest and data streams to become accessible and front-ended with APIs.

Similarly, API management is being shaped by adjacent systems and technologies, quickly maturing the use (and re-use) of software endpoint components:

  1. Microservices and serverless technologies: these are (and will be) driving massive app disaggregation because of the abstractions and simplicities they create for software deployment, directly leading to a world of more broadly distributed micro APIs and microgateways.
  2. Cloud native dynamic systems: growing class of distributed and dynamically changing microservices will cause API discovery and surveillance to become dynamic as well.
  3. Configuration-based integration tools (e.g. ESBs) and code-based integration programming languages (e.g. Ballerina): because, “Software is eating the world,” every company is being forced to make software and agile integration to become a core competency. This creates a world where forms of API integration need to become as agile as developers and organizations want them to be.
  4. API security, access and governance: these requirements are leading to the native integration between integration, access Management, and API management.
  5. The advent of distributed cell-based architectures: these new architectures will allow for decentralized development, test and deployment, speeding integration activities across organizations.

Implications WSO2 sees for the future of API management solutions

  • Implications for architecture: there will be a growing shift toward cloud-native architectures and a need for decentralized composable units of architecture. Each composable unit is what WSO2 terms a “cell”. Cells are defined by, and interfaced through, APIs; are governed by micro- and macro-gateways; include embedded control planes like service meshes; and are developed by decentralized, independent teams.
  • Implications for development agility: with the need to develop and maintain an increasing number of connections across the enterprise, an organization’s ability to remain agile while supporting this expanded connectivity, faces pressures. WSO2’s vision is not only enabling organizations to make these connections, but to empower development teams, DevOps, and operations to increase their adaptive agility while doing integration. Integration teams must become integration agile, adopting the tools, organization, and processes similar to agile development.
  • Implications for tools: all API management and integration tools will need to involve some form of distributed technology, and all will necessarily evolve to be microservice and serverless friendly, i.e.:
    • Provide distributed forms of observability and security
    • Offer multiple control planes
    • Support service meshes
    • Support hybrid orchestration architectures

In closing…

Here at WSO2, we’re betting that all developer organizations will eventually have to adopt integration skills as well — especially as all digital assets become accessible and programmable.

We’re also anticipating the result will be the composable enterprise, shifting business onto a digital ecosystem. And to facilitate that, we’re building open source integration tools, integration agile methodologies, and even programming languages, to help digitally driven organizations achieve this future.

Stay tuned for more of our technical “big bets” in a future blog.

Introducing the WSO2 Integration Agile Platform

Integration has become the sexiest sector of enterprise software. We are on a mission to make every customer’s integration as agile as they want it to be.

Integration isn’t uncool anymore. It’s no longer the murky “middleware” that was once considered a non-critical component of enterprise infrastructure. It’s no longer simply EAI or an ESB.

The enterprise integration market is nearly $34 billion and growing. As the demand for cloud services, SaaS app consumption, scaling services through application architecture disaggregation, the pervasiveness of containerized apps, and the mass adoption of serverless infrastructure, the more we’ll see, and need, integration.

The markets and vendors know this too, with funding for, and acquisition of, more integration-related firms than ever.

What’s driving integration’s growth? There are three drivers:

  1. SaaS to SaaS Integration: with 300K different SaaS apps adopted by enterprises globally, integration is how these systems now interoperate.
  2. Artificial Intelligence: as companies view recommendations powered by machine learning algorithms as a competitive weapon, the power of their analysis is correlated to the richness of the data feeding their algorithms. Integration has become the backbone necessary to feed ever larger pools that feed AI systems.
  3. Scaling Apps: as demands to scale applications globally, instantly, spread from the uber vendors (think Netflix or AWS) to the rest of us, our development teams are disaggregating their architectures to achieve higher forms of iterative deployment and elasticity. This hyper componentization is leading to a trillion programmable endpoints and making integration the glue that brings our APIs and microservices together as a whole.

The componentization trend driven by scaling demand allows development teams to innovate asynchronously. It allows line-of-business leaders to plan newer competitive moves without having to build infrastructures from scratch. With future applications containing 100s of components, integration provides the “glue”, workflow, resiliency, reassembly, and re-use. In other words, innovation is driven by integration.

We are not the only ones to recognize this. Gartner says about half the time and cost of building a digital platform will be integration. Development, platforms, and integration will increasingly coexist for organizations that see software as a core competency (which, according to Marc Andreesen, every company must become a software company).

Integration is not just hot, it’s the foundation of how any digitally-driven organization will innovate in the future.

The “Integration Gap”

WSO2 is about to celebrate our 13th anniversary. During that time we have worked on 2000 integration projects with customers.

Collaboration on over 2000 integration projects that now fuel 6 trillion transactions each year

Over that time, we’ve made an interesting observation: release cycles have improved, but they have not become agile. Our customers have steadily improved the release cycle for their projects, but that improvement has plateaued.

Over the past five years, we’ve seen our customers plateau in improvements to release iterations

Furthermore, the 2018 State of Agile report observed that only 4% of companies pursuing agile were seeing adaptive market benefits, even though more than 75% of enterprises are actively practicing agile. The 2018 Forrester Developer Survey implies that we are collectively undoing any agility gains made over the past decade.

The progress made over the past two decades from iterative development practices may be reversing

Why is this? It stems from the best practices and patterns that we’ve collectively advocated as an industry, from Service-Oriented Architecture, the API economy, and bi-modal forms of IT. The architectures we have advocated have created consequences across people, process, and technology.

  1. PEOPLE: Center of Excellence teams add governance barriers.
  2. PROCESS: middleware forces app dev teams to work through trickle-down “gates” to enter production.
  3. TECHNOLOGY: middleware is a dependency slowing application development teams.

Agility happens when people, process and technology are functioning to enable continuous, iterative improvements. Dependencies, whether through organizational limitations, management processes, or technology libraries create higher and higher gates that must be overcome prior to every release.

Although many development organizations may be using agile principles, few integration organizations achieve agility.

This is the heart of the “integration gap,” integration is everywhere, but its best practice implementation inhibits the adoption of agile practices.

Integration Agile

At WSO2, we are the largest open source integration vendor. We see healthy demand for our products, but we have learned that we need to help every organization view software as their core competency. With integration as your data and scaling backbone, your competitiveness is tied to how agile you will be with integration.

This puts on a new mission where we must make integration a tailwind to agility, not its headwind.

We will help every organization become as integration agile was you want to be.

Integration Agile: a mission that will make every organization view software as their core competency

We call this mission, “Integration Agile” and we will do it by helping your organization to align your people, process and technology to overcome the integration agility gap.

The WSO2 Integration Agile Platform

We are introducing the evolution of our offerings designed to help any organization become as agile as they want to be.

WSO2 Integration Agile Platform: people, process, and open source technology to make integration agile

At WSO2Con in San Francisco, we’re unveiling our new platform as a unified offering consisting of

  • WSO2 Maturity Model for Agility: Agility is a journey, and each team can achieve different levels integration agility. We are introducing a 5-phase maturity model for agility, where organizations can self-assess, as well as plan for their own transformation to whatever level of agility they desire.
  • WSO2 Methodology for Agility: To guide each organization about how to adopt integration agility practices, we are introducing a reference methodology that guides each organization to best practices for people, process, and architecture to achieve their ideal form of agility. Underlying this methodology are best practices of how to develop, reuse, run and manage integrations.
  • WSO2 Architecture for Agility: We’ve standardized the patterns for integration deployment. As technology has evolved, we’ve helped organizations deploy layered, segmented, and now, cell-based architectures each of which provide different forms of scalability, governance, and agility.
  • WSO2 Open Source Products: Our award-winning product pillars for Integration, Identity and Access Management, API Management, and Analytics & Streaming. We are announcing our quarterly release of these products, integrated and interoperable, with this quarter’s theme tied to microservices architectures.

Microservices are essential to advancing integration technology to iterative deployment necessary for agility

Today at WSO2Con, WSO2 announced the summer release of our platform with a focus on driving microservices innovation. By delivering WSO2 functionality on a cloud native, open source platform, WSO2 facilitate agility by extending platform-wide support for the development and deployment of distributed, lightweight microservices. These capabilities include:

Management of microservices APIs is addressed by WSO2 API Microgateway, which provides secure, low-latency access to microservices and eliminates the need for a central gateway by enabling enterprises to apply API management policies in a decentralized fashion.

Real-time microservices analytics are enabled by WSO2 Stream Processor, a lightweight runtime that can run in distributed deployments using Kafka and container-native environments, such as Kubernetes. It adds support for message tracing across microservices using the OpenTracing standard for better insights into performance.

Microservices integration is optimized using the MicroESB in WSO2 Enterprise Integrator. The MicroESB is a lightweight mediation runtime that includes all core mediation capabilities and offers a significantly faster startup time, making it ideal for containers.

Secure microservices are provided by WSO2 Identity Server which now supports role-based access control (RBAC) and validation using the Java Web Token (JWT) standard that has been widely adopted for microservices.

WSO2 Maturity Model for Agility

Our maturity model addresses the alignment of people, process and technology to help transform your development and integration capability. We’ve defined 5 phases that describe your agility alignment with both internal and external customer needs.

We are offering maturity assessments, and self-assessments. We can aide your organization understand where they are at on this curve and what is required to achieve higher forms of agility.

WSO2 Reference Architecture for Agility

The architectural pattern that an organization deploys directly impacts the maximum level of agility that you can achieve. We are introducing a reference architecture for agility that defines the best practices and patterns that organizations deploy for two types of commonly deployed architecture and one new one:

  1. Layered Architecture: functional capabilities grouped in layers by following a System of Systems view. It is a centralized system where data moves from layer to layer.
  2. Segmented Architecture: functional capabilities sub-grouped within layers based on organizational ownership. It is a centralized system where data flow moves from layer to layer.
  3. Cell-Based Architecture: functional capabilities grouped in an architecture unit based on scope and ownership. It is a decentralized where data moves within and across cells and governance is transparently applied through a control plane embedded within cells.

The architecture that you define will create a ceiling on the level of agility that you can achieve

Asanka Abeysinghe, our VP of Architecture out of CTO Office, has collected our experiences across customers to prepare our vision of these architectures. You can learn about these patterns and learn how to apply them to your projects with this white paper.

Cell-Based Architecture for the Composable Enterprise

What happens if teams can self-organize to produce units of architecture which are continuously deployed and incrementally updated without the organizational or technological dependencies that create gates to releases?

We call an approach to achieve this a cell-based architecture.

Cells are independently deployed by self organizing teams, and then used to construct applications through composition

A cell is a collection of components, grouped from design and implementation into deployment. A cell is independently deployable, manageable, and observable. Components inside the cell can communicate with each other using supported transports for intra-cell communication. And all external communication must happen through the edge-gateway or proxy, which provides APIs, events, or streams via governed network endpoints using standard network protocols.

Every cell has its own Gateway for ingress and egress along with a control plane for distributed governance

Self-organizing teams producing cells is the best way to achieve maximum agility. It is the self-containment of people, process and technology dependencies that eliminate the gates that slow down process.

Cells can be built with a variety of technologies and programming languages, including Java and Node.JS.

At WSO2, we are making it easy and simple to generate cells with Ballerina, a cloud native programming language. Ballerina programs have these integration properties as part of the cell’s code, embedded within it. And soon, Ballerina will generate cells (with Gateways, observability, deployment and dependencies included) as part of every build from a developer.

When cell-based architectures are combined with an event-based hybrid integration platform, such as what we offer with WSO2 Enterprise Integration deployed with Kubernetes, your organization transitions into the Composable Enterprise. You are not just adopting the cloud, you have become cloud native giving you autonomous releases without compromising on change-control authority.

Composable Enterprise with Cloud Native approaches allow IT to reallocate budget from Center of Excellence to development and operations

With the Composable Enterprise, middleware Center-of-Excellence (CoE) silos are removed. This allows enterprise IT to reallocate budget into development and operations, which are the drivers of innovation. By shifting traditional integration operations into code, we accelerate the development cycle and eliminate gates.

The Future of Development is Integration

WSO2 now much more than a product company. We believe, like Gartner, that all development organizations are now integration organizations. And to deliver that, we built on our customer experience where we consistently helped transform them to become Integration Agile.

As you, our customers, now look at the integration needs (and opportunities) ahead, we hope you now ask yourself questions like why shouldn’t your integration now be as agile as your development?

Well, we’re here to help. Send me an email and let’s get the conversation started.

tyler@wso2.com

Announcing the WSO2 Serverless Solution

Most enterprises today looking for serverless solutions have few options without cloud lock-in. Remember that public serverless offerings will capture a customer’s data, lock out external event streams, and likely limit developer language choice. This lock-in hinders application migration, multi-cloud scaling, and the use of private cloud resources. A more palatable solution ought to allow organizations to tap serverless for disaggregated architectures, and allow them to utilize both public and private cloud resources, event models, and programming paradigms.

In response, customers today are mostly forced to use public serverless offerings from AWS (Lambda), MSFT, GOOG, etc., with limitations placed on the supported programming languages for each. Users are further locked-in because of the need to use adjacent proprietary services like the cloud’s storage services. And if a company wants to use an alternative, they’ll require considerable investment to manage.

Enter the WSO2 serverless solution

Today we’re introducing the WSO2 Serverless Solution, a private function hosting environment based on Apache OpenWhisk and Kubernetes. And it’s immediately available, though on a limited-access basis.

To develop the solution, WSO2 has been working with Rodric Rabbah and Perry Cheng, co-founders of CASM LLC and co-creators of Apache OpenWhisk. They bring in-depth knowledge on custom deployments and backend optimizations to the overall solution, and both continue to be active members of the OpenWhisk community.

The solution allows organizations to leverage their existing event sources and programming languages. Underlying the open source function platform, Apache OpenWhisk allows developers to plug existing event sources into the solution. It also allows developers to use their preferred programming language as a function runtime which will allow them to re-use most existing code, and allows users to define their own custom resource limits. These combine to provide greater overall agility to a serverless solution. And you’ll have freedom from cloud lock-in.

And the best part is that the WSO2 Serverless Solution is a private hosted platform managed by WSO2, so it ought to significantly reduce learning, set-up and maintenance overhead for DevOps teams.

A little more detail…

The serverless solution is fundamentally powered by Apache OpenWhisk and Kubernetes to allow IT orgs to provide a uniform, elastic, and secure platform for reactive, event-based, and batch workloads.

The Solution offers several unique capabilities:

  • Private function platform – powered by Apache OpenWhisk deployed on top of Kubernetes
  • Managed hosting environment – provided by WSO2, mapped to internal private resources and events, with customized elasticity.
  • Private, dedicated servers and operations – provides segregated tenancy
  • Support for any programming language – broader support than any single public cloud vendor
  • Leverage any existing event source – no matter where you deploy
  • Transparent computational elasticity – to support both short and long running computation
  • Guaranteed computational capacity – because it is a private function environment
  • Secure platform, plus service isolation, and encryption of data in motion
  • Local development environment – for developer teams
  • Dev tracing and operations of event-driven apps with logging, monitoring, and analytics

Why did we do this?

WSO2’s mission is to help digitally-driven organizations become integration-agile. And we do that with a platform of open-source Integration, API Management, Identity Management and related products. One core motive of ours (and of the overall open source model) is freedom from lock-in… So it stood to reason that if we wanted to simplify integration tasks, it would require simplifying deployment tasks too. So we developed this cloud-vendor-neutral deployment approach to complement our products.

Availability

As mentioned, the solution is immediately available on an early-access basis. Pricing is offered at a flat rate, on either a monthly or annual billing. For more information see the WSO2 Serverless Solution.

Ask an Expert: Catching up with Srinath Perera

Srinath Perera is vice president of research at WSO2. He is a scientist, software architect, author, and speaker. He is also a key architect behind Apache Axis2 and WSO2 Stream Processor. We caught up with Srinath recently to get his take on the significance of Streaming SQL, the future of open source stream processing solutions, and why we must learn to think, question, and see beyond the obvious.

1. What has your journey at WSO2 been like?

This is my ninth year at WSO2, but I have been working with Sanjiva Weerawarana on similar technologies since 2003. Yes, it’s been close to 15 years, and it’s been a lot of fun. I have worked on a wide variety of challenging problems, and have worked with many brilliant individuals who will make good stories for one’s grandchildren one day. I have done a lot more than I imagined years ago.

2. For agile digital businesses, the availability of business insights is a significant factor in gaining a competitive advantage. How does WSO2 Stream Processor help?

Our product can easily plug-in to a user’s system and collect data. You could then write queries using Streaming SQL to detect important conditions. Streaming SQL is similar to SQL, but works on data streams instead of data tables. The former is flowing, while the latter is stored on a disk.

Compared to what our competitors offer, we have very powerful Streaming SQL with operators most others do not have. We enable you to use machine learning models within Streaming SQL itself. Also, if you are looking for a small deployment, our server can run a HA deployment with only two nodes and process about 100,000 events/second. If you are looking for a large deployment, we can run on top of Kafka. In the event you are unsure or undecided, you can always start small and later switch to Kafka without changing any code.

Streaming SQL is similar to SQL, but works on data streams instead of data tables. The former is flowing, while the latter is stored on a disk.”

3. What does the future hold for open source stream processing solutions?

In my opinion, stream processing has not become mainstream yet. People are still figuring out analytics. It’s not easy to find developers who excel in analytics. Stream processing has to wait for that adoption to play out. No one will try to do real-time before they figure out basic analytics; that is unless you have specialized use cases such as for stock markets, surveillance, and anomaly detection.

People are still figuring out analytics. It’s not easy to find developers who excel in analytics. Stream processing has to wait for that adoption to play out.”

4. What are the benefits of an open source stream processing solution?

I think there’s a growing trend for middleware as an open source model. They use complex code, support a wide variety of use cases, and are used by many. We are increasingly made aware that products are best built using the open source model. I think there’s no better testament than Microsoft, a company that hated open-source, but has now embraced it.

I think there’s a growing trend for middleware as an open source model. They use complex code, support a wide variety of use cases, and are used by many.”

5. How did you start working in stream processing?

A long time ago, in 2007, while I was doing a Ph.D, we worked on a paper comparing Complex Event Processors (or CEPs, which is an older name for stream processing) and rule-based systems. I was fascinated by the technology, and after I joined WSO2, I supervised an undergraduate thesis project to build an open-source CEP engine. This was in 2011 – well before stream processing became cool! It was called WSO2 Complex Event Processor back then and was later renamed WSO2 Stream Processor.

6. What is your proudest accomplishment in recent times?

In general, it is the role I have played with Apache Axis2. However, if you want me to choose something recent, I suppose my work with the WSO2 Research Team stands out. Some good work will be made public soon. I have also worked with Paul Fremantle, WSO2’s CTO, to build a framework to evaluate different emerging technologies. You will hear more about this too soon.

7. What advice would you like to give a budding developer or an architect to better their career?

I would say learn to think, question, and see beyond the obvious.”

There is this quote that I love, “Wisdom is tolerance of cognitive dissonance.” It took me awhile to understand what it meant. We all interpret how the world works, but when we discover things that do not match our way of thinking, we ignore them. However, the world is more complicated than that. By understanding those mismatches and by learning through struggle and discomfort, we achieve true wisdom. That is what that quote conveys.

I would say learn to think, question, and see beyond the obvious. I refuse to tell people I work with how to solve something. Instead, I tell them, “Tell me how you will solve it and then I will complain.” I think they are used to it now. That way, we all use put our critical thinking skills to good use and one day, they will not need me for guidance.

To learn more about Srinath’s work, follow him on Twitter and read his blog.

Four Warning Signs an Integration Wall is Approaching

The Integration and API Management markets are growing, expanding in both popularity and use. Enterprise App integration will surpass $33b by 2020, and other markets like iPaaS and Data Integration are growing at double-digit CAGRs. Enablers, such as containers and serverless technologies are only accelerating the move toward increased disaggregation of applications.

All seems rosy. And it mostly is.

But with the explosive growth of APIs and endpoints, traditional centralized tools like ESBs will become unsuitable, and simple low-code snap-together tools won’t scale to address the broader scope. We’re potentially about to hit an “integration wall” at high speed.

Consider the following four warning signs – some technical, some process – that I find are beginning to plague the integration market:

1. Waterfall Development for integration is hitting a wall.

Although most code development has shifted to an Agile Development model, the same can’t be said for Integration tools. As the quantity and diversity of endpoints increases, and as Integration projects become more diverse and complex, use of the waterfall model is beginning to slow down integration projects. And with a future where there will be billions of Integratable endpoints, it’s obvious that an Agile Development model for integration will need to become the norm.

2. Existing tools and programming languages aren’t optimized for Integration-at-scale.

Enterprises that currently use low-code, snap-together, centralized integration technologies (including iPaaS) will not be optimized for orchestrating, integrating, observing and governing the expansion of constantly-changing endpoints. Nor are traditional centralized approaches (think: EDI and older ESBs) prepared to handle increasing endpoint scale or diversity. Many of these existing tools are well-adapted for Line-of-Business or Citizen Integrators of relatively small-scale implementations but are far from well adapted for more complex integration-at-scale projects.

3. Current programming languages are not optimized for Integration.

With languages like Java/Spring or JavaScript/Node, developers can engineer flow, but must take responsibility for solving the hard problems of integration. With these languages, developers have to write their own integration logic or use bolt-on frameworks. Clearly a new programming paradigm will be needed long term.

4. The Exploding Endpoint Problem is very real.

As I referenced above, IT is ill-prepared to address the oncoming wave of service disaggregation, the diverse types of APIs, differing sources of service endpoints, challenges from Big Data, and multiple approaches to serverless IT. The industry is about to hit a scale and diversity wall. To wit,

  • 917 apps in use per enterprise (Netscope, 2016)
  • 893-1206 average cloud services used per employee (Kleiner Perkins, April 2017)
  • 19,000 APIs as-of January 2018 (Programmable Web, 2018)

And if you don’t believe those numbers, Matt Eastwood of IDC recently pointed out that the number of containerized services has expanding well beyond where VMs ever were. Yep, billions of programmable endpoints aren’t kid’s stuff.

Where does this leave us?

A new approach to addressing the future of integrating thousands-or millions-of endpoints could lie in a new programming language, Ballerina.

Ballerina is a simple programming language whose syntax and runtime have been optimized for the hard problems of integration. Its focus is integration – bringing concepts, ideas and tools of distributed system integration into the language. Based on the concepts of interactions within sequence diagrams, Ballerina has built-in support for common integration patterns and connectors, including distributed transactions, compensation and circuit breakers. And it supports JSON and XML, making it simple and effective to build robust integration across distributed network endpoints.

So, watch this space for future developments. And in the meantime, beware of the approaching wall.

WSO2’s Growth Story and Why Open Source is the Only Way to Solve Your Integration Challenges

Last week, Ken Oestreich, WSO2’s VP Product Marketing, and I were at the AGC Growth Conference, where we discussed WSO2’s growth story. WSO2 continues to be relatively unknown in business development circles, and this was a wonderful opportunity to report on our traction and understand how the broader ecosystem views integration.

Here is that presentation in full.

WSO2 is the largest open source integration vendor by revenue and customers.

WSO2 is the largest open source integration vendor by revenue and customers. We are EBIT and cash flow positive, with subscription growth approaching 60%.

Integration turns out to be the hottest market even though it’s the uncoolest thing.

Integration is everywhere, and it’s $30 billion annually dominated by three types of integration. All three segments will have billion dollar growth in the next decade. While iPaaS gets significant market attention, it’s not sufficient for most kinds of integration. iPaaS is a metaphor for the line of business, which is departmental-driven, repeatable forms of integration. There are 150 competitors in this space and is prime for a shakeout. iPaaS vendors template-based approaches are not well suited to app integration as they cannot expand to reach the breadth and depth of integrations required—they only work in templated formats where the same integration can be repeatedly done, which is ideal for some types of SaaS to SaaS workflows.

In app integration, old vendors like Tibco, Software AG, and Oracle will suffer as the rotational movement to microservices and open source accelerates. In order to meet significant demand, software vendors are disaggregating their architecture in order to scale. The approaches to integration that service highly disaggregated architectures are shifting, and pure open source vendors have modern architectures to address this.

For the past 5 years, WSO2 has been engineering our approach to integration, with a focus on highly disaggregated architectures due to the rise of APIs and microservices.

WSO2 uniquely offers a suite of technologies because point solutions do not address the full integration problem.

Integration historically is the movement of data between two points, for which we do exceedingly well with our WSO2 Enterprise Integrator solution, but integrations complexity has increased because:

  1. every integration is an API—so WSO2 API Manager required,
  2. every integration must be governed—so federated WSO2 Identity Server required,
  3. data is moving from at rest to real time in-motion—so WSO2 Stream Processor required,
  4. as industries understand the power of becoming a digital native enterprise, vertical API solutions for compliance and regulation appear such as WSO2 for GDPR, WSO2 for Open Banking, and WSO2 for Telco.

If software is eating the world, then you can no longer be a software organization with also being an integration organization.

Our integration opportunity increases as 50 billion integratable endpoints grows to 1 trillion over the next decade. Everything will become an endpoint, and when those endpoints are exposed as APIs they will become programmable. Integration becomes a problem for all software integrations as its the discipline for resiliently communicating between these endpoints.

Integration is the unspoken challenge of the cloud, AI, data, and cyber security future.

If you follow Marc Andreesen’s hypothesis of software is eating the world, then you can no longer be a software organization without also becoming an integration org.

Closed source, open core, and iPaaS vendors do not have the community reach or contributions to address the full scope of integration problems.

The protocols, data formats, and APIs of endpoints change frequently. A centralized approach to integration, such as those offered by proprietary or open core vendors, are limited to the support they can provide by the resources they fund themselves. This is limiting and cannot address the full breadth of differences that must be addressed.

Community, collaboration, and shared experiences, such as what we provide with WSO2 open source, are the only way to integrate every type of endpoint that is coming.

WSO2 is one of the largest open source companies. We have received more than 1 million contributions that have lead to improvements in our open source integration runtimes and into connectors and adapters used to integrate the rest of the community.

WSO2 contributes to more than 100 open source projects, which reciprocate by contributing back, making WSO2 the 69th largest contributor to GitHub.

Integration is still waterfall, so we are investing into Ballerina to make integration agile.

Integration technology forces development teams to follow waterfall lifecycle practices. This doesn’t scale, so we are also investing in Ballerina—a cloud native programming language for integration—to give developers quick, agile development for integration. With Ballerina, every developer can integrate anything, with a learning curve in hours, unlike the months required for Java / Spring or JavaScript / Node.

Ballerina represents a unique, new, and improved approach from typical EI and iPaaS products. Their either agile or integration simple, but never both. A programming language and platform whose syntax is integration simple, but works with a developer’s favorite tool chain in an iterative flow creates true agility. This makes it impossible for developers to integrate at scale to adapt to changing requirements and deal with increasingly disaggregated architectures.

Open source is the best defense for mega-cloud and proprietary vendor lock-in.

Open source is the best defense for addressing lock-in that comes from data lock-in of clouds, API lock-in of mega-clouds, and vendor lock-in from proprietary licenses. Almost 90% of operators are focused on avoiding lock-in. Open source solutions offer a great way to provide try-before-you-buy and substitution options to those that adopt it. WSO2’s solutions also deploy in any environment, and we deliver WSO2 on any public, hybrid, and private cloud infrastructure.

Wherever you may be on your digital native journey, WSO2’s subscriptions include the practices, methodologies, & technologies to transform you from integration waterfall to integration agile.

Companies and governments engage us through our consulting and subscriptions that accelerate the evolution of any digital native initiative.

We have 450 enterprise customers reflecting the world’s best brands that already process more than 5 trillion transactions through us each year.

Open source is more efficient than closed-source—with growth, net retention, and NPS rates equal to MuleSoft, but higher profitability and employee efficiency.

We have a unique open source software business model that has fueled our growth. We release our code with an Apache license. However, we package and ship support patch binaries with a WSO2 license to those who maintain a subscription. This offers a balance between the best freedoms of open source and measurable added value.

And, wonderfully, our internal teams do not compromise productivity by perpetually wrestling with where the “for free/for pay” line must be drawn. It is expensive for an enterprise vendor to determine the best model of where for-fee options reside. Not only does the vendor have to develop a strategy, but they must communicate this to all their employees and then justify it to the open market. These costs are passed along to customers and require significantly higher forms of capital from investors. This line does not stay static, either. The nature of open source is that is erodes and impedes upon the areas where a vendor is selling their proprietary extensions. This means the “for free/for pay” line must be rethought. This is a continual process, and this is time where inefficiencies are introduced.

  1. Many companies take credit for open source, but only a few, like WSO2, have all their published software as open source, which allows any company to consume or use the software without first having a relationship with the vendor.
  2. WSO2’s open source software business model is innovative and unique because of the IP we have built around patch distribution and support engagement. This consequently encourages customers to get and maintain a long term subscription. Customers only maintain a subscription with us through the period where we provide immense value, forcing WSO2 to create business practices that embrace a customer’s needs more wholly.
  3. The proof of this is that WSO2’s net retention rates are identical to MuleSoft’s, which is an open core vendor, effectively only selling proprietary solutions, while having much higher profitability.

We take our offerings to market with a territory and inbound sales model that combines channel partners, resellers, distributors, and our customer success team.

We take our offerings to market with a sales model that combines channel partners, resellers, distributors, and our territory-based customer success teams to engage, win, expand, and satisfy every customer.

  • By swarming the customer throughout their lifecycle, we reduce the chance of churn and help derisk the customer’s initiative. This is why we can maintain a 40 Net Promoter Score (NPS).
  • We now have 550 people in Mountain View, Colombo, Manhattan, Sao Paolo, and London. We are opening offices in Australia, Mexico, and Europe this year.
  • The forces shifting the sector rotation from proprietary software to open source are strongest in emerging economies, which is why we shortly anticipate opening offices throughout eastern Europe, the middle east, Africa, LATAM, and APAC.

This is an impressive set of financials…

The market has rewarded us with 52% subscription growth, which has been accelerating, and also a dollar-based customer retention rate which is equal to MuleSoft’s, but with a community and business operating model that is more efficient letting us have EBITDA profitability and positive cash flow. If you are an investor, we will be a 58 this year on the rule of 40.

Our success has largely been organic, with a minimum of outbound marketing and a small sales channel. This is going to change as we step on the accelerator in the coming years.

Our growth story is not ours alone, we can work together with you to growth faster, together.

We communicate our growth story to our customers, employees, investors, partners and ecosystem to help us discover ways to have a bigger impact, and potentially grow faster. Our growth story is not ours alone to be had. We can work together with you to grow faster, together.

We are building relationships that more aggressively expand our territory and technology partnerships, while also building upon our strategic initiatives with Ballerina and connectors.

If you are interested in learning more about WSO2 or to potentially become a partner, you can reach me at tyler@wso2.com.

Announcing Our 2018 Spring Release Which Brings Platform-Wide Support for Fast-Tracking GDPR Compliance

The clock is ticking toward the May 2018 deadline to comply with the General Data Protection Regulation (GDPR), which harmonizes data privacy laws across Europe to protect all data belonging to EU citizens and residents. The regulation applies to organizations that operate within the EU as well as those that sell or market to the EU—essentially the rest of the world.

Some enterprises may only see the immediate burden of meeting GDPR’s requirements. However, savvy organizations understand that the technology platform they implement to comply with the regulation can set the stage for new digital business models that drive revenue and growth. To help these enterprises accelerate these efforts, WSO2 today debuted its Spring 2018 Release, featuring product developments designed to offer platform-wide support for GDPR.

The Spring 2018 Release is the first set of synchronized product updates being rolled out as part of WSO2’s new quarterly release of new and enhanced capabilities across the platform aimed at addressing the real-world business and technology demands enterprises face today.

Let’s take a closer look at the challenges and opportunities that GDPR brings, as well how WSO2’s product features and services empower organizations to fast-track their GDPR compliance and enable agile digital transformation initiatives.

The Immediate GDPR Challenge

GDPR requires that organizations conducting business in the EU adopt internal policies and implement measures that meet, in particular, the principles of data protection by design and data protection by default. What this essentially means is that enterprises need to ensure all personal data collection, processing, storage and destruction measures are designed to secure privacy. It doesn’t just end there. Organizations must also be able to demonstrate proof of consent and allow individuals to review the status of their consent and opt out if they choose to do so.

The immediate challenge for enterprises is finding a solution to help tune their identity and access management (IAM) and ensure secure API management quickly so that they can address the new requirements of GDPR. These include customer data privacy, a self-care portal to enable customer rights defined by GDPR, and full-scale consent lifecycle management. The solution also must support secure identity provisioning across systems in a GDPR-compliant manner.

The Long-Term Benefit

While meeting their near-term GDPR requirements, organizations have the potential to look beyond compliance and leverage the strong data protection fostered by GDPR to support their digital transformation efforts aimed innovating new services and building brand loyalty with customers. To make this move, organizations need a cohesive platform that has the capabilities to make businesses programmable through APIs, program the business using integration systems, maintain solid identity and security practices, and increase agility through the adoption of open source and cloud systems.

The WSO2 Advantage for Capitalizing on GDPR

WSO2 has the expertise to be your trusted technology partner, not just to make sure you clear the GDPR hurdle, but also to ensure your organization has the ability to leverage the wider benefits brought by this regulation. With the Spring 2018 Release of the WSO2 platform, you have a digital transformation solution that capitalizes on the data protection measures of GDPR to accelerate your business growth via a digital innovation platform.

Using the WSO2 platform, you can capitalize on the technology trusted by globally recognized brands across a range of industries—including eBay, Experian, Verifone, BNY Mellon, West Interactive, Motorola, Transport for London, and StubHub—to:

  • Comply with the GDPR regulations quickly via platform-wide support that helps you to ensure all personal data collection, processing, storage, and destruction messages are designed to secure privacy.
  • Look beyond compliance and enhance digital transformation with a cloud-native, open source platform composed of the key technology enablers required for the agility and innovation you need to maximize your competitiveness.

Technology Enablers for GDPR and Digital Transformation

Within the WSO2 platform, key technology enablers for meeting GDPR regulatory requirements and setting the stage for digital transformation include:

  • Identity and access management in the Spring 2018 Release is delivered via a solution that supports secure identity provisioning across systems in a GDPR-compliant manner. Consent management and privacy toolkit in WSO2 Identity Server enable enterprise data controllers to accelerate their organization’s GDPR compliance. It also introduces personal information export capabilities and support for encrypting OpenID Connect identity tokens. Together, these new features address the different aspects of individual rights defined in GDPR, such as the “right to be forgotten” and the “right to personal data portability” among others, in order to ensure the protection of personal information.
  • Secure API management in the Spring 2018 Release addresses the new requirements of GDPR, such as customer data privacy, a self-care portal to enable the customer rights defined by GDPR, and full-scale consent lifecycle management. These capabilities can now be deployed via a hybrid cloud solution that provides organizations a local gateway rather than a cloud API gateway. This enables users to have the best of both worlds and ensures all API calls happen locally, thus increasing security and minimizing latency. Moreover, it’s easy to maintain as users; just supply their cloud credentials, and it pulls configuration and changes from the cloud.
  • Integration capabilities in the Spring 2018 Release provide the ability to seamlessly connect and manage multiple identities across legacy systems, SaaS applications, services, and APIs. This enables organizations to support even the most demanding integration requirements across services. Key capabilities include the required tools to connect to a wide variety of protocols and security mechanisms as well as streamline integration APIs in a secure manner.
  • Streaming analytics capabilities empower organizations to derive meaningful insights with available data. The Spring 2018 version of the product includes functionality to support GDPR compliance, such as the ability to anonymize both login user information and any data stored in databases.
  • A customized open banking solution, first launched for the financial industry in August 2017, provides the functionality to comply with both GDPR and the European Union’s second Payment Services Directive (PSD2). It also empowers companies to go beyond traditional banking by offering third-party services and innovating new digital offerings.

In addition to the enabling technologies delivered through the WSO2 platform, WSO2 is offering a series of seven webinars to help organizations accelerate their GDPR compliance.

Now is the time to start complying with GDPR—and lay the groundwork for the new digital business models it will enable. WSO2 brings you the technology, expertise and services to get up and running quickly and cost-effectively, along with the agility to capitalize on digital transformation opportunities as they emerge.

WSO2’s New Approach To Performance Reviews

This morning, WSO2 rolled out a new approach to performance reviews for our employees.

Since software is a creative business, the performance review process for a software company must be a system that furthers the creative careers of the professionals employed by us.

WSO2’s leadership has 250 years of enterprise software experience. We’ve worked at numerous software companies, both large and small, including Oracle, Dell, Quest, IBM, venture capital software startups, and system integration providers. We’ve experienced performance appraisals of many different varieties, but they all emphasize numerical ratings and normalization of individuals into a bell curve. This is fundamentally wrong and a fast way to weaken the creative intelligence that is essential to making a software company great.

We believe our approach better aligns the interests of our employees with the company’s objectives.

Performance Ratings Sabotage Productivity

For the past five years, WSO2 has gone through significant growth. With this growth came an expansion of the employee ranks, and we are now striving to be close to 560 employees by the end of 2018. At one point, WSO2 hired more than 150 people in a single year.

To compensate for this growth-and being engineers-we developed systems to more fairly rate people across the company, especially two people who are performing the same function reporting into different leaders in different departments. Bonuses were tied to the rating achieved. The rating was a numerical rating on a 100-point scale with a unification process to ensure fairness. This was done quarterly. It was fair and balanced.

But we found that numerical performance reviews will ultimately sabotage productivity. In a numerical system, there is usually a bonus leap or compensation jump for those that rate above a certain threshold, in our case 60 and 80. In any system with a high degree of refinement, there will be people that are on the bubble of a numerical threshold. These numerical ratings were the composition of sub-ratings across a wide range of behavioral criteria that were weight averaged into a total score, so minute interpretations of sub-ratings could have big implications to perceived compensation.

When a performance review threshold is numerical, human nature causes everyone to analyze elements to gamify their score.

This opens the door to culture-sapping. Individuals on the bubble between one rating and another will formulate arguments to their benefit. People compare their ratings among one another with subjectivity (while ratings are intended to be private, reality demonstrates that everything is shared through the grapevine). The team leaders who are responsible for ensuring fairness subjectively applied the criteria to their team. Senior executives responsible for 100s of people will strive to develop systems to help measure and unify the ratings leading to a subconscious sense of bureaucracy and big brotherness.

After a couple quarters, savvy employees will learn the nuances of a numerical system and search for ways to gamify it to their advantage. People will change their operating point of view to obtain stronger ratings, even if these actions were not the most constructive to their own or the company’s interests.

We do a quarterly employee survey that asks a variety of questions about culture. Fundamentally, the most important question around whether people would recommend WSO2 as a place to work declined over a couple quarters from a world class rating to something that was in decline.

We felt that we were seeing the early signs of performance gamification that can be caused by numerical performance ratings.

Even though we only introduced the 100 point rating system last year, it was time for a change.

Creative People Need Creative Performance Reviews

Everyone in a software company is a creative individual.

This is not only our software engineers, but also our marketing professionals, lawyers, account managers, solution architects, accountants, and admin staff. Creativity trumps any skill set because the entire business of software is one where problems must be encountered and solutions proposed. Everyone within the company is a problem solver. And every time we release a new piece of software, we must rethink how our business must improve to better embrace that software for our customers. In essence, our company is in a constant state of improvement, and we can only address the problems that we encounter if everyone recognizes that they are on a journey of problem solving. During this journey, the nature, size, and complexity of the problems we must solve constantly shift. Your seniority, experience, and role within the company gives you opportunity to work on increasingly harder problems, making everyone’s journey, my own included, fulfilling and rewarding.

Creative individuals are on a career journey. It is the culmination of software experiences that define a career and create new opportunities for advancement. In exchange for committing to spending time to help the company or their team achieve their goals, the individual is rewarded with experiences that contribute to their career and a reciprocal commitment by the company to provide new, more challenging experiences.

An employment arrangement between a software company and its employees is a shared commitment to participate in and create new experiences that reward one another.

Why then do most companies provide a performance evaluation that attempts to quantify and sometimes monetize skills or tactical results instead of discussing the broader issues tailored to how each individual is on a creative journey?

The WSO2 Performance Evaluation

The performance evaluation is intended to facilitate a career conversation between an individual and the company. We also use the results of the performance evaluation to determine an individuals participation in the company bonus pool.

We want to know three things:

  1. How have you demonstrated your commitment to the company’s mission?
  2. How have you demonstrated your commitment to your team’s objectives?
  3. How have you demonstrated a commitment to your career and self?

Each individual is asked quarterly to self evaluate themselves by answering these three questions. These answers are then melded with a similar assessment from a Team Leader to enable and facilitate a discussion about each individuals software journey.

If each individual is true to themselves and make contributions that play to where they are at on their software journey, then they will have numerous examples of how they have and continue to demonstrate their commitment. The discussion with their Team Leader is then a focus on how to amplify their experiences and help each person better achieve results for themselves, their team, or the company.

We have three resulting ratings:

  1. Exceptional. You are demonstrating a commitment and everyone around you agrees.
  2. Successful. You are demonstrating commitment, but not everyone is aware.
  3. Needs Improvement. You are not demonstrating commitment, and perhaps this job or career is not yet your cup of tea.

Everyone who receives an Exceptional or Successful rating receives a prorata portion of the company’s bonus.

We are excited for and would love it if everyone in the company receives the bonus. There is no concept of unification. We would rather our employees and Team Leaders invest their time in aiding everyone to improve the experiences they have on their software journey.

While rare, and since we have a big commitment to continually hiring entry level talent, some people are not able to demonstrate the commitment to self or the corporate mission. In these situations, we place people on a performance plan and have an open dialogue about their reasons for being in the software industry. More often than nought, people leave WSO2 under these circumstances to pursue new careers having gained an increased awareness of their personal desires.

Demonstrating Commitment

Every creative individual demonstrates their commitment in different ways.

Demonstrating commitment is a reflection of:

  1. Are you engaged and excited by the work that you do?
  2. Are you striving to make the people, products, and systems that you work with better?
  3. Is your attention to detail improving along with identifying ways you, your team, or the company can better itself?
  4. Are you contributing to industry peer group in work groups, standards bodies, open source projects, conferences, networking, and career advancement bodies?

This broad definition of commitment allows each person a wide range of freedom to define how they are contributing to the company and furthering their software career journey.

This definition also allows Team Leaders to have an open dialogue to identify people who are not a great fit for the type of software that we build and sell at WSO2. When an individual’s self assessment is filled with contributions and commitments in areas that fall too far outside the core of our corporate direction, it becomes easy to discuss and relate.

The CEO Self-Assessment

As CEO, I am not above or beyond self-assessment against these ideals.

I have day-to-day responsibilities:

  1. Setting strategy and direction
  2. Modeling and setting the company’s culture, values, and behavior
  3. Building and leading the senior executive team and board of directors
  4. Allocating capital to the company’s priorities

But beyond these items, I demonstrate my commitment in other ways.

Company Commitment

Given my unique historical experiences in product management and DevOps, I personally am taking PM responsibility for Ballerina’s package management registry technology lines. Much of the success of our Ballerina initiative is tied to collaboration among developers and we need a package management system designed that exploits our unique integration qualities of Ballerina married to the best attributes of what other package systems prior to us have created. My background with package managers and connection to other industry contacts offered me a chance to apply my experiences to this domain to the company’s benefit. Delegating this to another PM who was new to the package management discipline might have been a disservice to the company.

Team Commitment

For my executive leadership team, I am working to retain executive coaches that can interact with each member in private 1:1 sessions. These coaches have experience in high growth software startups or within publicly traded companies.

For my board team, I am working to improve involvement in strategic decisions and to deepen their access to business analytics. I would like WSO2’s board reporting to become real time and dynamic, so that management and the board can maintain a concise, unified, and current view of the business lowering the frequency of briefing meetings and allowing us to interact more frequently on high impact strategic matters.

Individual Commitment

I am a strong proponent of self-learning and industry networking.

To advance my understanding of technology, I am committed to obtaining committer status on at least one container or serverless related open source project. I continue to contribute lightly to Eclipse Che, a cloud IDE project, and I am working towards committer status rights on Ballerina. Obtaining committers status requires a focused contribution to the project itself, which requires hands-on study, learning, and skill acquisition that allows me to advance my broader understanding of technology.

To advance my understanding of the software industry, I am an avid daily reader of news, analysis, deals, and investments within the enterprise software segment. This is a 1–2 hour / day commitment to overview the day’s activities and proactively discuss with peer groups online (whether on Medium, HackerNews, or in private email groups). It is often these email discussions where insights and true learning develops.
Additionally, I commit to attend at least 1 industry networking event each quarter (outside the dozens of customer meetings, technology conferences, and meetups that we do as part of our day to day). I’m particularly excited about attending the Open Source Software Leadership Conference in a couple weeks.

Be Creative—Enjoy Your Career

We are excited to be releasing this improved performance review system at WSO2. We hope that it will allow creative people to operate creatively in an environment that maximizes their career enjoyment and productivity.
If you are thinking about a career in software, and want to be in an environment surrounded by talented, intelligent professionals passionate about working on large scale problems for open source and enterprise software, you should write me at tyler@wso2.com as we are growing and hiring.

We Did It! WSO2 Identity Server is Now OpenID Certified

We thought turning 10 was a reason enough to celebrate, but we’re not done with the celebrations yet. Our Identity Server (IS) team has been working to keep that momentum going. We just became OpenID certified!

Being OpenID certified by the OpenID foundation is a big deal. What is OpenID? OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. “We’ve been compliant with OpenID standards for a long time,” says an ecstatic Prabath Siriwardena, WSO2’s Senior director of security architecture. “Getting the certification puts a stamp on it and gives the assurance users are looking for,” Prabath explains.

WSO2 Identity Server is the most extensible and fully open source IAM provider that can help connect and manage your identities. It’s a key enabler of digital transformation. Our single sign-on bridges protocols such as OpenID, has been a key component offering solutions to enterprises in education, telecommunication, and health among others.

By becoming OpenID certified, we’re joining a list of industry giants who also have this certification including Yahoo! Japan, University of Chicago, Verizon, Salesforce, Paypal, and Google. Now WSO2 Identity Server can provide the assurance to its users that it really conforms to the profiles of OpenID connect protocol.

Kudos to our IS team on this feat and looking forward to many more successes!