At SaltConf19 in Salt Lake City, we took a few moments to sit down with SaltStack CEO Marc Chenn and ask him about the conference as well as future directions for the Salt community and SaltStack.
Q: What’s a key takeaway from this year’s SaltConf?
Marc Chenn: This is our sixth annual user conference for SaltConf. It started off as just a dozen people with an idea out of our very first office here in Utah. We were thinking about how we could have an impact in both the community and with our customers—how we could facilitate a forum for learning and opportunities around the technology that everyone in the community uses so expertly to get things done in IT.
The conference has evolved, it’s changed over the years. It’s gone from different venues and certainly different sponsors and attendees in different seasons of the company. But what I think stands out this particular conference is that this is our last SaltConf as we’ve historically known it. In other words, SaltConf has historically been both community and customer focused and this year, as you may have heard, we’re rolling out two new events that will enable us to reach different constituent audiences that we work with.
So the first one is SaltConf, which is obviously going to be a community focused event going forward. It’s going to be really focused on learning, collaboration, the building and strengthening of our community.
And then we’ve created SecOps Days, regionally focused events that are for IT and security professionals alike. These events will be very much focused on how we can become better security professionals.
Q: There were some important technology announcements at the event as well…
Marc Chenn: The second important takeaway from the conference is some of the innovation we’ve announced with regard to security.
The field of automation is well known and it is also a large and growing space and we’ve always centered ourselves on it. Tom [Hatch] and I both come from automation backgrounds, him from the technical side and I come from the business side. And there’s a very well trodden path to value for a company that sells automation and that works with professionals that are trying to automate things.
Security was a very natural fit for us and I think that this was underscored when we spoke and listened to our customers. We hold an annual customer advisory board and the customers we were speaking to were telling us that they were using our solution to do unique things to patch and secure their environments. If we already have the ability to asses and detect, to know which assets are in the environment and to poll those in real-time to get machine-level attributes and performance behavior, then we know we can use that information in valuable ways and determine how to keep them more secure.
The pieces that we didn’t have were the libraries of content, the industry benchmarks and standards. Now of course you can go out to other vendors. You can pull that information from a Tenable Nessus or Qualys or Rapid7, so that’s fairly commoditized in the market. But what we noticed was lacking in the market was the ability to remediate vulnerabilities inside an enterprise, to actually do closed-loop, continuous compliance. So that’s what we observed and that’s what we determined we could do and do better than anyone else in the market, because of our automation heritage.
There are lots of vendors that block and quarantine based on a firewall scan–so you have this pyramid of technology that all does something valuable. But we kept scratching our heads and saying ‘all of this culminates in a trouble ticket in ServiceNow?’
Q: What about the announcements CTO Thomas Hatch made, about the new pieces that enable pluggable modules that interact directly with each other?
Marc Chenn: First and foremost, SaltStack has always been an innovative company, a company that has prided itself on coming up with new and unique ways to deliver value to our customers or to our community. In the recent path, though, the pendulum swung and we found ourselves very much focused on the commercial adoption of the enterprise products that we’d created. And I wouldn’t say entirely, but to a certain extent, it came at the expense of some of the community involvement that we’d had before. We were uncomfortable with where that was going, so the best way to engage those developers and innovators is to approach them with innovative new technology.
The genesis of Umbra, Heist and Pop was us attempting to re-engage in meaningful ways a community that we think is the strength and the lifeblood of the things that we do.
Q: And you’ve also mentioned that pluggable modules may be a faster way to get to specific business solutions, right?
Marc Chenn: Customers are increasingly looking for a solution that will solve a tangible business problem that they know about, that they struggle with, that is creating pain for the organization. When they zero in on that problem, they need immediate relief.
In other words, they need something that they know will just do what they need it to do. We live in a very fast-paced, fast-moving world of IT automation and security. Companies are having to go faster, their businesses need to move at the pace of their customers. So as we thought about speed to market and making adoption frictionless and lowering the bar of the learning curve and solving specific problems as opposed to general problems, it really lent itself to us thinking about a more object-oriented framework that would allow us to meet those needs head on, by addressing very specific pain points with specific solutions. Because open source is such an effective route for us in terms of getting vitality, adoption — fast, frictionless and free adoption.
Marc Chenn is CEO and co-founder of SaltStack. Prior to SaltStack, he participated in systems management company Altiris’s 2002 IPO and eventual $1 billion acquisition by Symantec. In 2009, Marc joined SaaS provider Compliance11 and in two years grew the client base from 40 to more than 500 clients prior to an acquisition by Charles Schwab in 2011.