.jpg)
AuthZed is a prime example of Work-Bench community magic in action.
We first met co-founders Jake Moshenko and Joey Schorr in 2013 when they were working on their first startup, Quay.io. When Quay was acquired by CoreOS in 2014, they ended up working with AuthZed's third co-founder Jimmy Zelinskie and moved their operations into our old Work-Bench office where we got the opportunity to work alongside them for the next five years, including through CoreOS’ acquisition by Red Hat. During that time Jake, Joey, Jimmy, and the broader team were active participants in our community events such as Dev Lunches, Meetups, and more.
Already knowing the team well, we knew they were destined to build another startup and so we stayed in touch on their future plans and the creation of AuthZed.
Recently, we caught up with Jake about the challenges of building and selling to developers, the nuances between that and more traditional sales cycles, and more:
AuthZed provides permissions solutions, helping companies replace their home-grown authorization software with a scalable, flexible solution. We’re trying to disrupt the cycle of developers creating overly-simplistic solutions that end up becoming a feature or scalability bottleneck.
As the former founder of Quay, the first private Docker registry, which was eventually acquired by CoreOS, I have run into permission management problems several times in my career.
At Quay we stored our roles, users, and teams in our main database, and then we joined through those tables to pre-filter data according to what was authorized. Upon reflection, we ended up spending a huge amount of our database capacity on joining with those tables for every request. We also had to cancel features that required more flexible authorization than the implementation would allow. Again at CoreOS, we ran into the need for flexible authorization, with a service that would act as the Amazon IAM to our “unbundled” cloud based on Kubernetes and operators called Tectonic. There were no services available that we could drop in to authorize infrastructure level requests to software that the user brough themselves.
Our mix of developer tooling, distributed systems, systems programming, and empathy for users experiencing the problem makes us uniquely well suited to build a solution in this space.
Developers have a lot of great choices for tooling and open-source services. Developer attention, which leads to curiosity, and eventually mindshare is a super hot commodity. Many vendors realized that developers have a huge amount of influence over what technologies their companies eventually adopt, but developers are notoriously resistant to being “sold to”.
That’s why community is hard. And there is no shortcut for being authentic, helpful, and building really great software that developers love to use.
Our #1 hurdle has been making sure that we’re top of mind when future customers are ready to make a change. Changing a core piece of sensitive infrastructure is never a decision that is made lightly, and businesses don’t make these evaluations regularly. There needs to be a catalyst that causes them to look for a solution in this space: usually a capability or scale challenge. There is only a brief moment in time when someone is actively looking for solutions to compare, and if they don’t already know about your solution then you have an astonishingly small chance of making an impression.
We do a lot of evangelizing and writing content to future customers, knowing that the feedback loop is incredibly long.
Right now we’re helping our customers make fast and easy authorization decisions. In the future we plan to drastically improve the experience for connecting and making data available for permissions decisions from the customer’s entire tech stack. As the most comprehensive, scalable solution in our space, we also plan to continue to scale our service even past our most recent scale test results: one million requests per second over 100 billion permissions relationships.
Selling infrastructure to enterprises is a very thorough process that requires a lot of patience. If you are comparing your company to the hottest B2C companies out there who measure acquisition times in minutes, you’re going to be disappointed. When you land an enterprise customer, you’re almost always getting a champion as part of the package. That champion will be more than willing to help you deeply understand your customers’ needs and make sure that the relationship stays fruitful and lasts.
