We are a part of our civilization’s ongoing evolution as brilliant brains seek out novel technology and large organizations, like corporations and NGOs, speed their acceptance. Although this concept initially looks utopian, reality is harsher: ideas also go through the same natural selection process that affects all living species competing for scarce resources.
Up until 2011, phones featuring a full-featured QUERTY keyboard were popular. With 50 million devices sold during that year, Blackberry experienced its highest sales volume. However, at the same time, smartphones with touchscreens have gained popularity. When Blackberry began to lose customers in 2012, Apple nearly doubled the number of iPhones it sold.
Startup ideas, for example, could die more abruptly than other ideas. One well-known rough estimation states that only one startup out of every ten succeeds. This occurs as a result of a lack of market demand, insufficient funding, unfit teams, or faulty products.
The key takeaway is that all ideas have a finite life span and either get ingrained in society or perish. Or, in the words of Frank Herbert, that “every revolution carries within it the seeds of its own destruction”.
MutableSecurity in a Nutshell
Everything began at the University Politehnica of Bucharest in the fall of the previous year. We were a team of seven students that were passionate about cybersecurity and came together for a semester project. The concept for MutableSecurity, an automated platform for cybersecurity solutions, emerged. We intended to make it as simple as possible for IT and security professionals to install, configure, test, and monitor the tools they require to safeguard their IT infrastructures.
To cut a long story short, the following memorable moments occurred during the course of the story:
- Entering startup programs such as Innovation Labs, StepFWD, and Startup School;
- Winning the Innovation Labs IdeaJAM because of our talented pitcher;
- Launching an open source, well documented project;
- Developing a distributed reporting architecture, with agents and a visualization dashboard;
- Testing our software into an international cybersecurity exercise, CWIX;
- Presenting the idea on DefCamp; and
- Meeting a lot of great people.
Coming to an End
We regretfully announce the closure of MutableSecurity, but we have far higher hopes for the future. After all these months of work, the primary concern we had in the most recent period was not whether we could (technically) complete the product, but whether we still wanted to.
We were particularly worried about the validation. Although we conducted informal interviews and discussions with potential customers, the perception of a constantly contracting total addressable market persisted.
The technology stack appears to be continuously abstracted: services that were before controlled at the operating system level (on which MutableSecurity resided) are now moving into containers that are managed by solutions like Kubernetes. Additionally, working with low-level notions is further abstracted via serverless functions and no-code solutions. It does not mean that the operating system is no longer important, but it is already managed at scale by cloud providers or managed service providers using de facto configuration management standards such as Ansible.
The principles below can be used to describe further conclusions we came to from this experience:
- Engage end consumers in conversation, even if they are corporate representatives.
- Select technologies that are future-proof, eventually from current industry standards.
- Pick programming languages with strong packaging and testing features. If you do the reverse, you’ll stop testing your code and release buggy software, or spend too much time creating deployable packages.
- Distinguish between the opinions of well-known individuals to whom you pitch the idea and those of your target audience. The former are nice and inspiring, but they don’t provide validation.
What’s Next for MutableSecurity
Despite our decision, MutableSecurity is not being shut down immediately today. The three months’ worth of plans are:
- Publishing a stable version of the source code (currently closed source) for agents and Dash, the online visualization dashboard; and
- Deleting the package from PyPi and archiving the repositories at the end of a three-month maintenance phase, during which we will resolve reported bugs.
We’ll continue to use LinkedIn and Twitter as our primary social media platforms for posting updates on the above-mentioned actionables. We make available the credentials needed to access Dash so that you can get a brief idea of how MutableSecurity was intended to function.
We’d want to end by thanking all the wonderful folks we met over this time ❤️. We know that without the help we received (crash courses, workshops, direct feedback, advices, and suggestions), our journey would not have been as beautiful as it was.