Inherits leadership in SPIFFE and SPIRE open-source projects
Hewlett Packard Enterprise is bolstering its cloud-native security expertise and its open-source bona fides with the acquisition of Scytale, a 3-year-old start-up with impressive engineering experience.
The Lowdown: Scytale was launched in 2017 by a group of engineers from such cloud-based companies as Amazon Web Services, Google, Duo Security (now owned by Cisco), Splunk, Okta, and PagerDuty.
The Details: The San Francisco-based company put a focus on identity management for increasingly hybrid IT environments that use infrastructures both in on-premises data centers and in the cloud, with the goal of improving how services within both authenticate with each other.
Scytale also was the primary maintainer of the SPIFFE and SPIRE open-source projects, which went under the auspices of the Cloud-Native Computing Foundation (CNCF) in 2018. The SPIFFE (Secure Production Identity Framework for Everyone) protocol and SPIRE (SPIFFE Runtime Environment) will become the de facto standards for identifying and securing enterprise workloads in the cloud, containers, and data centers, according to HPE officials.
HPE will continue to support the two projects, highlighting its commitment to open-source efforts and the CNCF.
No financial details about the acquisition were disclosed.
The Impact: Enterprises continue to work to adapt to an IT world that is both increasingly decentralized and hyper-connected, with applications and data being generated and stored in the data center, cloud, and edge. The goal is to make these environments work seamlessly and securely together, leading to the rise of such advanced technologies as containers, Kubernetes, and APIs. Cloud-native development is a key part of this and foundational to HPE’s Cloudless Computing effort.
Background: HPE has been building out its data center-to-cloud-and-edge strategy through both in-house innovation and acquisitions. Those include its acquisitions of MapR and BlueData (for containers and Kubernetes) and infrastructure players like Cray and Plexxi.
The Buzz: “Digital transformation is creating countless possibilities in a world that is hyper-connected and increasingly distributed. The applications and data that create and run our enterprises live everywhere – in the data center, the cloud, and increasingly at the edge. Customers need a seamless edge-to-cloud architecture and experience that is also autonomous, open, and secure,” said Dave Husak, HPE fellow and general manager of its cloudless initiative. “However, legacy and proprietary security models have failed to scale and keep pace in an ecosystem that’s increasingly API-driven, containerized, dynamic, and spans from edge-to-cloud. As HPE progresses into this next chapter, delivering on our differentiated, edge to cloud platform as-a-service strategy, security will continue to play a fundamental role….”
“Early in Scytale’s history, I met Antonio Neri before he became HPE’s CEO. Our discussion left me with a strong understanding of the company’s deep roots in helping customers bridge complex and ever-changing enterprise IT infrastructure,” Scytale CEO Sunil James said. “This understanding was reinforced last year when I met Dave Husak and Dave Larson (I call them ‘the Daves’), two leaders within Hewlett Packard Labs. They impressed me with their clearsightedness as to the importance of ZT [zero trust] to HPE customers, citing that every HPE ProLiant Gen10 server shipped with an embedded silicon root of trust….”