The emerging client-side SaaS infrastructure stack

The dominance of the Software as a Service (SaaS) business model has become undeniable over the past two decades. Leading identity and single sign-on provider Okta estimates that the average company today uses 89 applications, with large companies deploying an average of 187. These numbers continue to climb every year as companies shift more and more of their workflows into specialty software and increasingly rely on third-party SaaS applications rather than homegrown solutions to run mission-critical aspects of their business.

Part of the early appeal of SaaS for many companies was the ability to shift responsibility for infrastructure into the cloud and on to a third party. In many instances, this allowed companies to reduce capital expenditures and IT spend while offering better delivery and maintenance of software. However, now many companies are realizing that adopting SaaS applications doesn’t absolve them of needing to build any infrastructure in-house. It has simply shifted the type of software infrastructure that a company needs to build in order to properly support these applications.

Implementing infrastructure for a company’s SaaS stack means building the scaffolding to properly manage and connect these disparate applications. Today, there are three main layers where companies are making significant investments to unify and support their SaaS deployments. The first is cybersecurity, where companies need to make sure that their third-party applications and data are as safe as their own-hosted solutions. Second is a layer of SaaS Management tools that replicate certain elements of the traditional IT stack, such as asset tracking, monitoring, deployment, and backup. At the highest level, a new set of software tools is helping productize the application integration activities that used to be the domain of expensive third-party consultants.

The market opportunity for each of these SaaS infrastructure segments is quite large. For example, the backup and recovery market for the Salesforce ecosystem alone could be a $3–5B opportunity today. Extending similar capabilities across other leading SaaS applications unlocks a $25B+ market opportunity. As a general rule of thumb, cybersecurity tools capture 5–10% of the spend of the software they are designed to protect, which would represent a $10–15B market opportunity for SaaS security today. Of course, these figures will continue expand dramatically as overall SaaS spend continues to grow at double-digit annual rates.

Within these three layers of SaaS infrastructure, we have seen half a dozen discrete sectors emerge so far:

Low-code/No-code Development — Many SaaS applications today have adopted a platform approach, allowing users to run custom applications and modules to extend their products’ core functionality for unique use cases. Traditionally, clients would rely on internal development resources or outsourced contractors to customize and extend these applications, but in the past few years the demand for this technical talent has rapidly outpaced supply. This has led to the emergence of Low-code and No-code development tools with pre-built SaaS integrations to speed development time and reduce the skillset necessary to deploy custom solutions.

Integration & Automation — The lack of integration between disparate software systems is one of the biggest missed opportunities for efficiency gains in large companies today. SnapLogic claims that companies lose $140B per year due to disconnected data. Likewise, Deloitte estimates that properly implemented automation can cut business process costs by 25 to 40%. Just as with the emergence of Low-Code & No-Code development tools, the shortage of technical talent is leading to a new class of tools to dramatically simplify and democratize application integration and workflow automation.

Procurement and Spend Management — Because of the explosion in SaaS application usage, companies are increasingly struggling to understand their total SaaS utilization. It can be quite easy for employees to sign up for free versions of SaaS applications or pay with corporate credit cards rather than going through a centralized procurement process with enterprise contracts. This creates “shadow IT” of applications, just as we’ve seen the growth of shadow IT in infrastructure. The result is overlooked applications, miscategorized expenses, and unused licenses. This means that large companies increasingly need a system of record for managing their systems of record.

Backup and Recovery — Under the common “shared responsibility” model for SaaS applications, the service provider owns the software and its underlying infrastructure, but responsibility for protecting and backing up data falls on the end customer. While SaaS application providers may provide some rudimentary backup functionality, the customer must ensure its own ability to access or restore data in the event of data loss or application downtime. Traditional infrastructure backup players, even of the cloud-native sort, typically do not have the integrations required to understand and properly restore data in SaaS applications, necessitating new set of SaaS-specific tools.

DevOps — As companies leverage the platform capabilities of their SaaS applications to deploy custom code, they increasingly need to replicate traditional DevOps processes to manage these new applications and extensions. While there is already a large market for DevOps tools designed to work with the leading cloud infrastructure providers, most of these tools are not integrated with the leading SaaS platforms. This has created an opening for SaaS-focused DevOps tools that can replicate the full CI/CD pipeline for these platforms, including key steps such as planning, version control, testing, compliance, and analytics.

Cybersecurity — SaaS adoption means pushing a company’s perimeter far beyond its on-prem systems or cloud infrastructure. Early generations of SaaS cybersecurity primarily focused on access controls, such as centralizing user management through single sign-on tools and gating access through Cloud Access Security Brokers (CASB). Today, access controls are shifting to a holistic SASE (Secure Access Service Edge) approach, there is an emerging set of tools focused on maintaining proper configuration and governance of SaaS applications, and companies are beginning to recognize the need for specialized data security tools to protect the mission critical data that resides within or transits through third-party applications.

Although these have been the first sectors with multiple SaaS infrastructure startups to emerge, newer spaces are sure to come as large companies continue to struggle with scaling their SaaS adoption.