MuleSoft is looking to expand its security and analytics capabilities, alongside its core API management AnyPoint platform, as it looks to expand its reach within the enterprise market.
Speaking to Computerworld UK during the MuleSoft Summit in London yesterday, CEO Greg Schott said: "The other two areas that are going to lay on top of the AnyPoint platform are security and analytics."
"We believe that because we are seeing all of the data flowing through these systems, we are in a perfect position to provide a lot of analytics capabilities as to what is happening in real-time.
"The second one is around security. So the concept of protecting your network at the firewall is going away because everyone is inside now, so how do you protect every single data source and application at that level? So we are working on security capabilities too."
More specifically, Schott sees custom point-to-point integration code as a serious issue for enterprise security which MuleSoft can solve.
He gives the example of an SAP ERP that's behind a wall with "400 holes in it and a load of broken windows" because of custom point-to-point integration code.
"Everything is penetrating it," he says. "So what if you put the AnyPoint platform at the edge of everything? Now you have one way in and one way out, and we can install a security camera, so there's a lot we can do by securing the endpoints themselves."
Schott compared MuleSoft in this instance to machine data specialists, and a fellow publicly listed tech company, Splunk.
He admits that MuleSoft isn't a security company by a long shot. But: "I look at Splunk and think about how they weren't either but were sitting in this perfect position and we feel like we are in the same spot."
Read next: How Splunk pivoted to security
Looking further forward, CTO Uri Sarid wants to start incorporating artificial intelligence capabilities within MuleSoft to do more predictive analytics for its users.
He told Computerworld UK: "I think platforms like ours will get a lot better over time in helping you isolate what might go wrong and how to react to it. So when you connect to an API we will automatically help you. We should tell you in advance all of the things the API may return so you can make a decision on what to do."
Sarid also spoke specifically about an issue developers often face, which he calls 'cascading errors', caused by unforeseen dependencies between various enterprise systems.
"To the effect that we have visibility across the application network we can start to model some of these cascades and help you prevent things that are very hard to see," Sarid said.
He also spoke about leveraging machine learning to improve discoverability within the AnyPoint platform. "So surfacing existing assets and what developers have already done," he said. "That will make developers much more productive."
Lastly, Sarid is investigating leveraging machine learning for anomaly detection: "Particularly in the security space where you will see us using the power of the data flowing through MuleSoft and the metadata we have acquired around what the MuleFlow has inside of it, who the developer that created it is and what it connects to, by putting all of that rich data together you can start to see what is going awry."
In practice this has meant hiring more data scientists to start building out this sort of predictive capability for future iterations of the MuleSoft platform.
Sarid is also aware that his team doesn't have to build a lot of this capability from scratch: "I think in many cases what we find is that we shouldn't have to build some of this stuff but we can actually repurpose existing capabilities that are perhaps a little generic and leverage them for the kind of problems we have." That could look like TensorFlow or Azure machine learning libraries.
After a successful initial public offering in March the San Francisco-based company certainly isn't short of cash, and Schott admits that its moves into security and analytics will be driven by both "acquisitions and some home-grown".
During the company's Q2 earnings call back in July, Schott also said: "A lot of those folks will be working on core roadmap. We also have teams that we have broadened the company as well as hired into the company, that are working on our security and analytics."
When it comes to customer acquisitions, Schott is keenly aware that the company must attract decision makers higher up the stack than the company has traditionally.
"We are always going to win the hearts and minds of the developers and architects and will never lose sight of that," he said. "But we also need to help the CIO and other C-level people the value and agility they will get by doing things this way. You really need to get that buy-in as an organisation to make it all go the way you want it to."
This is the telling comment for me. If there is one thing a CIO understands it is the value of security and analytics, so if MuleSoft is looking to win over this audience now, as well as the developers that are dealing with APIs and integrations day in, day out, then this is the natural progression for the company.