Several clear trends emerged as we reviewed hundreds of startups in the course of researching this article. Venture capitalists have poured smart money into a host of enterprise technology areas, but security, virtualization, and -- cutting across tech categories -- open source have been the big winners.
The triple whammy of Sept. 11, corporate financial scandals, and the explosion of such Internet crimes as phishing and spoofing have created a huge need for, and opportunity to make money in, security and compliance solutions. “That’s where enterprises have had sizable budgets,” notes Robin Vasan, managing director of the VC firm Mayfield Fund. No surprise, then, that four of the 15 startups we selected focus on security concerns.
“Security breaches and regulators have companies looking in all different directions to reduce risk,” says Richard Gincel, associate editor at InfoWorld. “Startups that target the source-code level are going after another layer of vulnerability. Fortify, for example, automates security at the dev cycle.” Meanwhile, our picks ConSentry and Sxip focus on authentication and identity, while Determina plumbs application behavior to identify hack attacks.
Other factors have driven investments virtualization and datacenter management. Many organizations have consolidated their datacenters to save IT overhead costs during lean years and are looking to virtualization, policy-based automation, and remote monitoring and control to leverage what they’ve got. “I see software virtualization and operating system virtualization as very intriguing [investment] areas,” Mayfield’s Vasan says. Two companies described here, Fabric7 and Xenprise, provide system virtualization solutions, whereas Gigamon provides a way to manage traffic to monitoring tools, whether deployed as appliances or as applications.
Regardless of specific technologies, the open source movement is commanding a lot of VC attention. Fundamentally, commercial open source startups are not about creating new technology per se, but about putting a management and services structure around existing technology developed through open source efforts.
Some VCs see commercial open source as a quick way to enter markets formerly dominated by established vendors -- such as XenSource, which competes with virtualization solutions from Microsoft and VMware. Others aren’t so sure that the commercial open source model is a clear win, chalking up early successes such as JBoss and SugarCRM to a void in the market that the vendor happened to fill. Based on the startups he's examined, "I question the economic advantage of the commercial open source model," says Eric O'Brien, general partner at VC firm Lightspeed Venture Partners. "We haven't yet found the right [candidates] for investment, though we remain open to this business model."
Already, VCs are starting to shift their attention to a few new areas. The biggest of these is VoIP. Once voice is just another kind of data, voice-oriented services can be integrated with other enterprise applications to enable new activities. What might those services be? That’s what VCs are hoping to find out from the next generation of would-be startups, Lightspeed’s O’Brien says.
Longer term, VCs are interested in SaaS (software as a service) plays, a la Salesforce.com. “Originally, we expected to find a ton of SaaS ventures. They’re out there, all right, but so far they target SMBs primarily,” says InfoWorld Executive Editor Eric Knorr. This will change, Knorr believes, because enterprise software titans Oracle and SAP have validated the SaaS delivery model by offering it as an alternative to conventional licensing -- and because IBM is seeking to partner with SaaS startups to accelerate time-to-market in its business processes outsourcing efforts.
Two things about the future are clear: The cost of entry will continue to drop, and the innovation will be ever more targeted. Those two factors combined will shorten time to market -- and virtually guarantee that the most compelling new enterprise tech startups are the ones we can’t anticipate at all.