| ▲ | jacquesm a day ago | |||||||
> All values in the risk assessment systems must be reassessed if an American partner is involved. For two companies, this must be done on a monthly basis. Very similar to what I'm coming across, including parties that are out of nowhere tasked with making everything they've got as cloud agnostic as they can with budgets available that they could not have dreamed of less than a year ago. As long as it gets done, not so that they will move out tomorrow morning but so that they could move out if they wanted to. I'd love to see some internal figures from AWS or MS about their serverless offerings and other such lock in mechanisms, what the trend in adoption is. | ||||||||
| ▲ | alephnerd a day ago | parent [-] | |||||||
> from AWS or MS about their serverless offerings and other such lock in mechanisms IME in Cybersecurity/Enterprise SaaS, F1000s largely eschewed serverless capabilities and control plane lock-in features (eg. Fargate, Autopilot) because they wanted to be able to reduce single vendor risks as well as negotiate better contracts. Most firms I've dealt with that size tend to have at least 2 hyperscalers used internally, plus an on-prem footprint that is increasingly being reduced. The firms I've seen use serverless and lock-in features the most tended to be smaller shops (eg. Mid-markets, hyper scaling startups) that simply don't have the bandwidth to invest in a large DevSecOps org but are also technical enough to not get locked into an MSSP contract. Also, OCI is on an absolute warpath right now - a LOT of very large tech-first F500s are getting and signing OCI sweetheart deals as we speak. They've replicated GCP's GTM approach, which is ironic because Thomas Kurian is ex-Oracle and was the de facto "keeps the lights on" guy there, until Catz and Ellison pushed him out. | ||||||||
| ||||||||