AWS Startups Blog

For Tigera’s Ratan Tipirneni, technology is the easy part

Tigera, a San Francisco-based software company founded in 2016, helps businesses secure and provide compliance for their container-based applications. The company provides zero-trust network security and compliance for Kubernetes platforms, the open-source container-orchestration system that was developed at Google and released in 2015. Kubernetes is one of the fastest growing open-source projects in the history of software, and while that’s exciting, Tigera’s CEO Ratan Tipirneni says that Kubernetes, while extremely popular, is not the only means of deploying cloud-native applications. “We’re definitely making a bet on Kubernetes,” says Tipirneni, “but to be clear, the underlying technology that we built does not depend on Kubernetes. If other container orchestration engines gain popularity, everything we built could be easily be adapted to support those environments.” Tipirneni says it’s a mistake to think that any one technology won’t eventually be superceded by another solution. So their approach is to develop deep expertise in modern application development but to remember that each technology is an implementation decision. “We’re customer obsessed and listen to our customers, what they care about, and the problems they have.” Tipirneni says.

Tigera’s three key services are networking, security, and compliance. Each area offers its own challenges. In the networking realm, Tipirneni says, there are many companies operating on networking principles that were formulated twenty or thirty years ago. “That’s why you see them shipping these big boxes,” he says. Instead, Tigera takes an approach to networking that does not assume any static architecture, designing networks built for cloud-native applications where everything is transient or dynamic. Their engineering team, he says, focuses on building solutions that look more like software than traditional networking.

In the area of security, Tipirneni is all about supplementing the use of static firewalls, which he says serves a purpose but is not sufficient for cloud-native applications, and implementing authentication, authorization, and encryption with a zero-trust network security model. “You have to assume that some part of your network, infrastructure, or application has already been compromised. You have to work with that assumption.”

When it comes to compliance for dynamic and constantly changing microservices, the traditional periodic audits aren’t enough to demonstrate that policies have been enforced, so Tigera offers continuous compliance that demonstrates evidence reports that show that security controls have been enforced now and historically. Some customers don’t even realize how badly they need this help. Tipirneni mentions one customer, a large company, who had a 64-point checklist that they had to meet for compliance, and there was no way to move into production until that was done—even though the customer hadn’t originally seen compliance as a top priority.

Before his work at Tigera, Tipirneni, who has an MBA, an MS in Computer Science, and a BS in Electrical Engineering, founded two software-as-a-service companies, IPTouch and PersonalMD.com. In this field, he says, the technology is just the tip of the iceberg. “I’ll say this as a software engineer. The technology is the easy part. The hardest part, and unfortunately most enterprises underestimate the problem, is about organizational change management. What they don’t really anticipate is they have about two to three decades worth of calcified business processes.” Running a business worthy of its cutting-edge tech means training employees in efficient habits, often undoing or changing the ways they may be accustomed to working. And while that part of business management is often overlooked, says Tipirneni, it’s crucial to success.