A month ago, HyTrust, a maker of policy management and access control software for VMware virtual infrastructure, pocketed $12m in its third round of venture funding, with VMware and CIA sugar daddy In-Q-Tel both stuffing the company's pockets. But others wanted to get in on the action, so HyTrust decide to take the money and run - run its software on other virty infrastructure, that is.
At the moment, explains Eric Chiu, founder and president of HyTrust, the company's compliance and security appliance software is certified to lock down VMware's ESXi hypervisor and vSphere extensions. It has also been certified to lock down the vBlock converged systems put together by Cisco Systems and EMC through their VCE partnership as well as physical assets such as Cisco MDS storage switches.
The IT market is, of course much wider than that, and so when Intel Capital and Fortinet, a maker of security appliances (physical, not virtual ones) came knocking on the door with another $6.5m, HyTrust decided to take the money to expand its coverage.
"With the expanded Series C, we will accelerate development around other hypervisors and also expand out to the Amazon Web Services public cloud," says Chiu. HyTrust is not going to pre-announce what hypervisors it will be targeting, but Microsoft's Hyper-V and Red Hat's KVM are the obvious next choices in terms of commercial uptake. And as for clouds, HyTrust is looking at the possibility of expanding to cover Microsoft's Windows Azure and Google's Compute Engine public clouds.
"Today, the 800 pound gorilla in private cloud is VMware and the 800 pound gorilla in public cloud is Amazon. For the near term, these are the two vendors that will drive our revenue," says Chiu.
Having gotten a month further into the year, Chiu is now prognosticating that HyTrust will be able to more than quadruple its revenues in the current 2013 year. That is up from a prediction that it might triple and possibly quadruple.
So business is booming, and thanks in large part to high-profile security breaches that are making the headlines. "The heart of it is that security and compliance are top of mind," says Chiu. "Avoiding breaches and data center disasters is a big deal."
And, as Chiu has said before, instead of trying to build a moat around the organization to try to keep the bad guys out, the new mode of security is to assume that the bad guy is already on your network and then do the auditing on all of the virtual and physical assets in the network to find and track and deal with those bad guys.
The HyTrust virtual compliance appliance runs inside of an ESXi virtual machine and can monitor all changes to the hypervisor, its virtual machines, and their software stacks. It has hooks into LDAP or Active Directory for authentication and supports two-factor authentication with SecurID or smart cards.
The HyTrust appliance is the "system of record" that snoops on all attempted changes in the virtual infrastructure, as well as approving changes that meet policies.
HyTrust has close to a hundred customers, which is not a very large number but not at all surprising for a startup. These are generally very big corporations and government agencies, typically on the scale of a Fortune 1000 company with lots of iron and lots of employees and contractors running around the virty infrastructure.
HyTrust has raised a total of $34.5m in its three funding rounds. Intel, of course, has its own desire to build a big and profitable software business, and it would not be a shocker to see Chipzilla acquire HyTrust at some point. Ditto for Fortinet, which locks down physical assets and could use a tool that locks down virtual ones.
Investors Cisco Systems and VMware are also candidates to buy HyTrust if it gets an offer it cannot refuse. Any of those options, provided the price is right, would no doubt suit initial investors Granite Ventures, Trident Capital, and Epic Ventures. ®