Can APIs fix the biggest unsolved problem in tech?

Q&A with MuleSoft CEO Gregg Schott on making IT investments work.
Written by Colin Barker, Contributor

MuleSoft aims to help companies better integrate their IT systems and services by using application programming interfaces (APIs) to manage and secure data flows between systems.


Schott: "We just talk about painkillers and vitamins. We want to give them painkillers for what they are dealing with today and here's the vitamins for how you get stronger."

Photo: Colin Barker

ZDNet spoke to MuleSoft CEO Greg Schott at the company's recent conference in London.

ZDNet: When we spoke to you last year, there were ambitious things being talked about. Have they come to fruition?

When you talk about our market space -- when people are buying software -- they talk about how, for every dollar they spend on software, they will spend another five or seven dollars on making it all work.

Now that plays out. If you look at the Gartner numbers, there is about $400bn spent each year on externals with systems integrators and the like trying to make all this stuff work.

Hundreds of billions of dollars more spent internally. So you get $600bn or $700bn spent each year trying to make all this stuff work.

We see that as the biggest unsolved problem in IT. We've solved databases, we've solved compute, we've solved storage, we've solved networking, so we've solved all these other things. But once it gets back into a hospital, an insurance company, a big bank, then the money and pain is about how do you fit all this together and make it all work?

So, we see the opportunity as taking all that hundreds of billions of dollars in spend and using a platform to build that and then shrinking that dramatically.

We don't see that as the market, we see it as a fraction of that.

For us, we're going to keep going after the same point platform, we're going to keep going after every company's connectivity challenges -- where it's SaaS, IoT, and so on. That's the near-term, so over the next five or ten years you are going to be seeing that.

[What] you are going to see coming out in the next year -- and that's also going to be part of the long-term roadmap -- will be around security and analytics, because we're sitting on top of all these end points and you see them all. It will be about providing analytics, so that you can see all these systems in real time, because you see the data. Or, you have will the ability to see the data through your system that is up and running.

Then there is security, because the concept of a network firewall doesn't make any sense anymore, because all your employees are dialling in from outside and coming in as are all your customers, all your partners around Europe, and so your firewall is being penetrated by tens of thousands of people.

So, when you look at your firewall, you've got to protect. You've got to protect every single application, every single data store, so we're going to be offering capabilities from a security standpoint.

How far down that route are you?

It really depends on a customer-by-customer basis. We have some customers that would say 'we've laid it all out and everything we have is a service and everything is an API and we are connecting it all together and we are doing it all this way -- it's our fabric'. That would be a minority of customers.

The majority are still getting started on the journey. So, they will be saying 'hey, we've got this mobile app, and we want to build it out because we've got to connect it to 25 different things'.

Now, that's part of the system but then it's 'hey, we've got this new SaaS app that we've brought in and we've got to connect it to this bunch of mainframes'. So, there is that type of application.

You know, when you think about it, we're similar to a computer network. Back in around, say, 1980 you would say 'look, I've got to go build this computer network so I know that this thing needs this and this other thing needs that'. So, over time, they bought more and more Cisco gear and finally in '95 or 2000 we could say 'look, we've got this computer network here and everything just plugs in. My printers plug in, my servers plug in, my voicemail plugs in, it's all part of an IP network'.

But you didn't start off saying 'I'm going to build this big computer network for my laptops, my phones and so on'.

What we do is a little bit like that, so if they go in, initiative by initiative, and if they do it the right way -- they build it the right way -- everything should just go in because, now, everything is just a node on the network, and now everything is consumable by somebody else. That's how we are trying to get them to think.

Does that make you an education company?

Well to some extent, yes. When you see me up on stage, like today, telling people about what we do there is definitely some evangelising. A lot of people might be saying 'I've got this problem that I am trying to solve', and really, what they are saying is 'I'm just trying to get the pain solved', right?

So, we just talk about painkillers and vitamins. We want to give them painkillers for what they are dealing with today, and here's the vitamins for how you get stronger.

The pain's usually pretty easy, they are trying to solve it. But on the vitamins, there is a lot of evangelising and we definitely understand that there is a lot of work that we've got to do.

Is security the most important thing you need to do?

Security if just table stakes. You can't even get in the game if you don't have the core security nailed down. When I talk about where we are going with security, I talk about where we're providing additional sets of capabilities around locking down these services over time.

They have to have secure systems right now, but we just believe that we are in this unique position because we see the topography of all these systems. We can do anomaly detection where we tell them things like 'Why is this system over here asking for credit card information?'

If that system is just saying 'Hey, I've got this valid password and somebody is in here asking for credit card information', then we have the ability to traverse the network and say 'hey, this system is asking for it'. What happens then is up to your system. It's an interesting place for us to be from a security standpoint.

Outside of security, what's the biggest issue that you want to drive?

It's security, analytics, and ease of use. Those are the three big areas that we are trying to drive forward. We've taken our technology from a very sophisticated Java developer, all the way down to somebody who doesn't have a lot of coding experience. Anyone can pick it up. We want to continue to lower that watermark so that more and more people can use it.

Related coverage

Mulesoft: Using APIs to unlock the enterprise

Mulesoft's founder Ross Mason on making connections quicker using APIs.

MuleSoft sets 2017 revenue targets; Arista Networks, LogMeIn, Hortonworks, Zendesk report

The latest batch of technology vendor earnings were solid as MuleSoft, Arista and others see strong demand ahead.

Read more on APIs

Editorial standards