GitLab announced the general availability of GitLab Duo with Amazon Q.
Back in the day when the word “cloud” was only used for those things in the sky, software typically ran on local machines sitting in local datacenters. Often, this software was licensed from a vendor on a per-seat basis. Vendors tried their best to make customers renew their license agreements, and vendor lock-in was a common phenomenon.
Such lock-in could be caused by a variety of factors: sometimes purposely caused by the vendors by making migration to competing products unnecessarily hard, sometimes caused by customers being naïve and betting too much of their software stack or infrastructure on the products of one single vendor.
Over the past decade, two factors have made it significantly easier to escape that legacy lock-in model. Free/open-source software has reached a level of maturity and adoption in almost every area of the industry, offering more and more valid alternatives to commercial products.
Secondly, the commoditization of cloud computing removed the need for companies to run their own datacenter.
A Storms A-Brewin'
Cloud providers often claim to offer the perfect escape path from legacy vendor lock-in by providing modular solutions in which customers only pay for what they use, instead of being tied into complex, long-term, per-seat licensing agreements.
However, most cloud providers (in particular the big players) have extended their portfolio over the past few years, offering a broad variety of services that go beyond computing and storage. They provide everything from load balancing and DNS, to messaging, monitoring, log management, analytics, databases, and much more.
It's very tempting for customers to replace more and more components running in their own colos with these in-cloud solutions. Why? Because they typically are easy to set up and they remove the costs of hardware ownership and datacenter footprint.
It's also an easy purchase because a contract with the cloud provider is already in place, and adding (or removing) a service is not much more than a mouse click — no need to negotiate with a sales rep over complicated long-term license agreements like it used to be with many legacy, on-premise solutions (and no need for the provider to deal with selling through fear attempts and related nuisances).
I Can See Clearly Now …
With so many advantages, it is easy to be blind to (or willingly ignore) that these services have huge lock-in potential, and many providers probably exist for exactly that reason. The more of these services a customer uses, the more difficult it is to move their application stack from one cloud provider to another, or to their own datacenter or a hybrid solution.
Whenever companies make decisions to move services to the cloud, it is worth it to thoroughly review the architecture specifically from the perspective of potential vendor lock-in. It might also be worth it to go with solutions that live and function outside of a specific vendor's cloud, even if it is less convenient and maybe more expensive. It's not unlikely that today's convenience and savings will turn into a nightmare and cost explosion tomorrow. There is no such thing as a harmless, one-vendor dependency, not even in the most comfortable and fluffiest cloud.
Sven Dummer is Senior Director of Product Marketing at Loggly.
Industry News
Perforce Software and Liquibase announced a strategic partnership to enhance secure and compliant database change management for DevOps teams.
Spacelift announced the launch of Saturnhead AI — an enterprise-grade AI assistant that slashes DevOps troubleshooting time by transforming complex infrastructure logs into clear, actionable explanations.
CodeSecure and FOSSA announced a strategic partnership and native product integration that enables organizations to eliminate security blindspots associated with both third party and open source code.
Bauplan, a Python-first serverless data platform that transforms complex infrastructure processes into a few lines of code over data lakes, announced its launch with $7.5 million in seed funding.
Perforce Software announced the launch of the Kafka Service Bundle, a new offering that provides enterprises with managed open source Apache Kafka at a fraction of the cost of traditional managed providers.
LambdaTest announced the launch of the HyperExecute MCP Server, an enhancement to its AI-native test orchestration platform, HyperExecute.
Cloudflare announced Workers VPC and Workers VPC Private Link, new solutions that enable developers to build secure, global cross-cloud applications on Cloudflare Workers.
Nutrient announced a significant expansion of its cloud-based services, as well as a series of updates to its SDK products, aimed at enhancing the developer experience by allowing developers to build, scale, and innovate with less friction.
Check Point® Software Technologies Ltd.(link is external) announced that its Infinity Platform has been named the top-ranked AI-powered cyber security platform in the 2025 Miercom Assessment.
Orca Security announced the Orca Bitbucket App, a cloud-native seamless integration for scanning Bitbucket Repositories.
The Live API for Gemini models is now in Preview, enabling developers to start building and testing more robust, scalable applications with significantly higher rate limits.
Backslash Security(link is external) announced significant adoption of the Backslash App Graph, the industry’s first dynamic digital twin for application code.
SmartBear launched API Hub for Test, a new capability within the company’s API Hub, powered by Swagger.
Akamai Technologies introduced App & API Protector Hybrid.