The state of configuration management

Posted by Cody Valle
July 6, 2022

Since joining the CFEngine team in 2019 I’ve heard and read numerous times that the configuration management market is dying and becoming obsolete. While I and many others don’t personally adopt this line of thinking, I can understand why one would come to this conclusion being that we’re in an ever-changing industry and talking about solutions that have been around for decades. Configuration management solutions like CFEngine are certainly not a new concept, however there are many changes that are happening across the industry that will continue to drive usage and will ultimately pave the way for a new era in this market.

First, let’s look at the market holistically. If you take a look at the technology adoption curve below most would probably agree that the configuration management market is currently in either the “Late Majority” or “Laggard” phase. If true, then based on the graph, adoption is near its end, right?… It’s not that simple.

Most everyone has heard the saying, “the more things change, the more they stay the same.” That’s especially true when it comes to configuration management. Over the last several years, newer technologies like containers have created a lot of hype, some of it very real and useful. On the other hand, in the early days of containers we were reading about how they would displace “the cloud”. However, we know that in IT one size doesn’t fit all. In fact, according to a 2020 survey by O’Reilly, almost 50% of organizations surveyed continue to run traditional, on-premise infrastructure and more than 90% of organizations expect their cloud based infrastructure to increase. IT environments are only becoming more heterogenous and showing no signs of changing in the near future, creating more of a need for tools like CFEngine that can help minimize complexity vs. multiple point solutions that only increase complexity.

Config management is definitely not dead. Infrastructure-as-code is also not dead, but it all is evolving.

-Kris Buytaert, Founder of CfgMgmtCamp

We’ve also seen an expansion in use cases for configuration management solutions. Improving efficiency through automation has always been and continues to be a key use case, but as needs & requirements of organizations have evolved and the increasing threat of security breaches, the scope of configuration management solutions has only expanded to become a more critical component of infrastructure environments. Trend Micro claims that 65-70% of all security challenges arise from simple misconfigurations. In this same report, they also break down the 12 most significant breaches in recent years, including Capital One, US DoD, Accenture, etc. What do each of these 12 breaches have in common? Every one of them was caused by at least one misconfiguration. These types of security concerns have been the driver for various compliance frameworks such as CIS, NIST, PCI, HIPAA, and others.

Mix all this with the consolidations and acquisitions in the space and it’s clear that we are entering a new era in configuration management that encompasses Development, Security & Operations, more commonly known as DevSecOps. While the days of seeking “hockey stick” growth that many main stream configuration management solutions aim to achieve may be behind them, this was never the intention for CFEngine. Born out of academic research and the concept of promise theory, CFEngine has always embraced being a little different. Of course generating revenue to sustain a profitable company is necessary to continue innovating, however we have prioritized customer satisfaction over the traditional milestones of endless VC funding and/or “going public”. This strategy has served us well as we continue to scale organically. Because of our unique position in the market, we are now in an equally unique position for continued success as the needs & requirements of organizations mature and the new era of configuration management is ushered in.