Making the cloud efficient & secure

Making the cloud efficient & secure

Cloud Enabling Technology: Application Container

2

Application

Application Environment

Local Testing

Enterprise Data Center

Public CloudHuawei Cloud

Public Clouds

Build once,Run anywhere

DevOps

Container

Application Containers are Hot and Getting Hotter!Container market by 2020:$2.7B

Container adoption rate: 50% by 2020

40%/year

3

But containers are NOT secure!

Host Operating System

Containers

Security is the TOP concern for surveyed companies adopting containersContainers: Real Adoption And Use Cases In 2017 – Forrester Consulting 4

Problem: Enterprise cloud customers forced to choose between security and efficiency

High Security

High Efficiency

54% choose security* But 9x performance penaltyAnd 14x more cost in clouds

*Containers: Real Adoption And Use Cases In 2017 – Forrester Consulting

Problem: Enterprise cloud customers forced to choose between security and efficiency

High Security

High Efficiency*Containers: Real Adoption And Use Cases In 2017 – Forrester Consulting

Problem: Enterprise cloud customers forced to choose between security and efficiency

High Security

High Efficiency

46% choose efficiency*But 10x larger attack surface

*Containers: Real Adoption And Use Cases In 2017 – Forrester Consulting

High Security

High Efficiency

Problem: Enterprise cloud customers forced to choose between security and efficiency

Problem: Enterprise cloud customers forced to choose between security and efficiency

High Security

High Efficiency

Fortune 1000 CTO:“We are willing to pay for a secure solution with 25% performance improvement”

Solution: Exotanium X-Containers Offer High Security and High Efficiency!

High Security

High Efficiency

No trade-off!Highly secure &

faster than native

X-Container

Exotanium X-Container Highlights

up to 10x better performanceby automatically improving code

10x better securityby reducing code and attack surface

14x lower costthrough consolidation

No vendor lock-inby providing high portability

Plug-and-playthrough 100% compatibility with

existing platforms11

12

Validation

• Performance• 27X system call throughput• 134% ~ 208% improvement for Memcached• 21% ~ 50% improvement for NGINX• >92% system calls converted to function calls

• Security• >90% reduction in attack surface• >90% reduction in reported vulnerabilities

13

00.5

11.5

Amazon Google

NGINX

Nor

mal

ized

Thro

ughp

ut

1.21x~1.27x

01234

Amazon Google

Memcached 2.64x~3.08x

00.5

11.5

Amazon Google

Redis 1x~1.2x

00.5

11.5

Amazon Google

Apache 0.64x~0.72x

Validation (backup)

14

Interview Count

In-person Video Conf Phone

TOTAL 106 90 14 2

Completed I-Corps Aug. 2019

Priority

Satis

fact

ion

Multi-cloud (Live Migration)

ScanningIsolation

Automation

Compliance

Cloud Customer Satisfaction vs. Priority

HighLow

Modernization

High

Collaboration

Multi-cloud(No vendor lock-in)

Performance (Latency / Throughput)

Modernization

Manage Operational CostsAutomation (Building & Provisioning)

X-Containers offer a unique solution for reducing the

cost!

██ Unique value propositions that X-Containers can provide██ Key value propositions of our MVP

16

Kubernetes is the Top Cloud-Native Container Orchestration Platform• 86% of cloud-native users are using Kubernetes • Virtual Machines (VMs) are used for isolating containers in

Kubernetes

-- Source: https://www.stackrox.com/

Challenges in Kubernetes

Kubernetes

Server

Container

Server

Container

Server

Container

• Difficult to predict resource requirements before deployment• Difficult to change resource allocation after deployment• Common practices:

• Over provisioning -> big resource waste

Solution: Exotanium V-Kube

Kubernetes

Virtual ServerServer

Container

Server

Container

VM

X-Container

VM

X-Container

VM

X-Container

Bin-Packing

Kubernetes

Virtual ServerServer

Container

Server

Container

VM

X

X

VM

X

X

VM

X

X

Bin-Packing

Kubernetes

Virtual ServerServer

Container

Server

Container

VM

X

X

VM

X

X

VM

X

X

Vertical Scaling

Kubernetes

Virtual ServerServer

Container

Server

Container

VM VM

X

X

X

X X

X

Vertical Scaling

Kubernetes

Virtual ServerServer

Container

Server

Container

VM VM

X

X

X

X X X-Container

Automation

Kubernetes

Virtual ServerServer

Container

Server

Container

VM VM• AI-enabled• Real-time• Zero downtime

X

X

X

X X X-Container

Business Model

Customer segments ○ B2B Enterprise SaaS companies: Retail, Finance, Healthcare, & Tech Services

○ Target Customer: Directors of Development Operations

Key value propositions○ Reduce operations resource consumption and cost

○ Simplify resource planning and scheduling

○ Improve performance and user experience

Revenue streams○ Service subscription / license: $50,000 / year

Cost Management Technologies

Online bin-packing

Online vertical scaling

AI-enabled automation

Competition

Milestones & Timeline

SBIR Phase I

Awarded by the National Science Foundation (NSF)

February2019

Patent Filed

PCT / US19/26995 filed with USPTO

April2019

MVP Version 1

Complete updated MVP for manual trial

December2019

Customer POC

Product Trial with Customer

February2020

Seed Round

$1 million round to scale company

June2020

I-Corps Course & SBIR Phase IIWashington D.C., Customer Discovery

August2019

Exotanium Team

Hakim WeatherspoonInterim CEO

Robbert van RenesseCPO

Zhiming ShenCTO

Nick RomanoCOO

3 Exits 15 Software Patents

ACM AwardCloud Storage

Our ask

Research○ Intern or Researchers to assist with quantification of technological impact in

various areas such as Energy, Smart Buildings, IoT, etc.

Product Testing○ Introduction to Cloud-native Companies to test MVP

Board Development○ Recommendations for individuals with B2B Enterprise Software experience to join

our board

Exotanium is seeking assistance with the following:

http://exotanium.io/

[email protected]

Q&A

Backup Slides

30

Exotanium Competitors

31

Security Performance Cost Vendor Lock-in Plug-n-PlayExotanium Good Good Good Good Good

Docker, Kubernetes

Poor Limited Good Good Good

Google gVisor Good Poor Poor Good Limited

Kata, Amazon Firecracker

Good Limited Poor Limited Good

IBM Nabla, Unikernel

Good Limited Poor Good Poor

Business ModelCustomer Segments

• Directors of Development Operations at cloud-native SaaS companies in Finance, Healthcare, Higher Education, and Government.

Key value propositions• Zero downtime even during scheduled cloud outages.• Security Monitoring (Identify threats and anomalies, scan for outdated and unpatched

software modules).• Automate configuration of the the CI\CD or DevOps process.• Better able to manage costs in the cloud.

Revenue Streams• Tool stack subscription for developers: $40 per user / month• Tool stack license for Business Enterprise: $1,500 per node / month• Container Hosting Services: $0.10 per hour / node

Cloud-Native App Container Market Size: $2.7B

Cloud EnablingTechnology$39B by 2020

15% CAGR

0.6% obtainable$17.3M in 2022

Cloud-Native App Container$2.7B by 2020

40% CAGR

● Tool stack subscription for developers, TAM: $652.8 million

● Tool stack license for Enterprise,TAM: $337 million

● Container Hosting Services,TAM: $788.4 million

Go to Market Strategy

X-Container Community Edition- Free open-source download- Publicize through attending and speaking at conferences- Targeted marketing campaigns to software developers & DevOps team

X-Container Developer & Business Enterprise Edition- It is Estimated that 10%+ of all users that download the Community

Edition will upgrade to a paid subscription or license the Enterprise version

35

Engaging partners and customers to provide significant performance and cost savings

Exotanium Partners and Customers

Exotanium Team

Team Experience• Founded/sold three companies to Microsoft and Amazon• Over 300 peer-reviewed papers and 15 software patents • ACM paper (2000) laid the foundation of cloud storage

In progress now• Assembling Advisory Board• Hiring technical and business experts

36

Hakim WeatherspoonInterim Pres. & CEO

Robbert van RenesseVP of Science

Zhiming ShenVP of Technology

Nick RomanoVP of Operations

Exotanium Milestones

• Exotanium incorporated (April 2018)• Pitched at Cornell Entrepreneurship Summit NYC and RBA lunch (November 2018)• SBIR Phase I grant award by National Science Foundation (February 2019)• PCT# PCT/US19/26995 , filed by Cornell (April 11, 2019)• Cumulative non-dilutive seed funding $300K (May 2019)• Open source community version released (June 2019)• SBIR Phase II application with 2:1 fundraising match (August 2019)

37

Exotanium is seeking $1 million in Seed funding to build the enterprise version that will generate revenue for the company.

Funding Milestones:- Hire two F/T software engineers to build the Toolpak that will be licensed to IT

Departments and DevOps teams ($500K)- Hire F/T business development and sales team to start executing a targeted

marketing and customer sales strategy ($350K)- Hire two F/T technical support personnel to maintain customer service ($150K)

Funding

Thank You!

Contact:

Exotanium Inc., [email protected](435) 830-6502

Appendix

System Call Performance

41

0

5

10

15

20

25

30

Amazon GoogleNor

mal

ized

Per

form

ance

Docker Clear-Container gVisor Xen-Container X-Container

Up to 27X of Docker (patched) and 1.6X of Clear-Container

Scalability

42

Container

Proc

ess

Proc

ess

43

Hardware

Linux Kernel

namespaces cgroups SELinux

ContainerPr

oces

s

Proc

ess

Shared kernel attack surface and TCB

Not allowed to install kernel modules

The Problem

Hard to tune or optimize for a specific container

Security Comparison

Linux

Container

Process

Process

X-Kernel

X-Container

X-LibOS

Process

Process

10X Reduction in Attack Surface, Complexity, and Vulnerabilities

• A new security paradigm for cloud-native containers

• X-Kernel: an exokernel with a small attack surface and TCB• X-LibOS: a LibOS that decouples security isolation from the process model

45

X-Containers

X-Kernel

X-Container

Kernel

Container

Process

Process

Container

Hypervisor

VM

Kernel

Process

Process

Virtual Machine

Hypervisor

VM

Process

LibOS

Unikernel, Dune, EbbRT,

OSv

Exokernel

ProcessLibOS

Library OS (Exokernel)

Process

Microkernel

L4Linux

L4Linux (Microkernel

)

Kernel

Process

Process

X-Container

X-LibOS

Process

Process

Optimizing System Calls

• Existing solutions• Patch source code• Link to another library

• Our solution• Automatic Binary Optimization

Module (ABOM)• Binary level equivalence• Position-independence

46

Kernel Mode X-Kernel

User Mode

X-Container

X-LibOS

Process

Process

System calls Function calls