Published in


Orchestration — The Unsung Hero in Enterprise Efficiency

Photo by Denys Nevozhai on Unsplash

You can’t read about enterprise trends without being inundated with RPA (Robotic Process Automation) stats. Gartner recently even dubbed RPA as the “fastest-growing segment of the global enterprise software market.”

However, what doesn’t get enough love amidst all the buzz, in our opinion, is orchestration.

If RPA is about automating repetitive actions, orchestration is about optimizing repetitive events.

Orchestration is important because it helps teams become more efficient at working together. It involves creating workflows through data integrations, building checklists by breaking down processes into defined steps/tasks, and involving the right people at the right time to take action.

While from an IT perspective, orchestration has been around for quite some time now, it’s adoption is expanding beyond traditional use cases thanks to the proliferation of APIs as well as the rise in Slack usage across the wider enterprise.

Why now?

The rise of Slack in the enterprise is real. From the many conversations we have had with our in-network contacts, from Tier 1 bank executives to leading media companies to top healthcare companies, everyone seems to agree that Slack is the collaboration tool they need to promote team productivity and to keep their developers happy. It’s like a “CLI for everybody else” that allows people to affect change within the chat application.

Slack’s Enterprise Key Management release back in March solved a key (pun intended) challenge for customers, especially those in regulated industries and we expect to see Slack adoption across F1000 skyrocket this year.

The other piece here is the robust API ecosystem that has evolved in most cloud-native tooling. APIs can build hooks into a variety of applications both for data ingestion and for taking action in the back-end of workflows.

Let’s explore some current areas where this is playing out.

Site Reliability Engineering (SRE)

We live in an age of globally distributed applications, with over hundreds of millions to billions of concurrent users, in which service reliability matters more than ever. Imagine what would happen if applications were to suddenly go down or services failed to maintain uptime. Users always have the choice to switch to a more reliable competitive offering with ease, and they speak with their wallets. Whether we’re talking a mobile bank application, airline reservation system, or even photo sharing app, every single application or service must all be able to guarantee top notch uptime if they don’t want competitors to snag their market share.

SRE is essentially what you get when you treat operations as if it were a software problem, and can to a larger extent be viewed as a prescriptive way of implementing DevOps. SRE best practices from the internet giants are making inroads into large and small organizations because of the reliance on the cloud, and this is a space that keeps us interested.

Earlier this year, we made an investment in a company called FireHydrant that is focusing on orchestration for SREs.

As my colleague Vipin put it in our blog post announcing the investment:

While the current crop of monitoring and alerting tools act as a smoke alarm, there’s a gap in automating post-incident workflows using Site Reliability Engineering best practices to stop the blaze and provide actionable intelligence to prevent it from happening in the first place.

FireHydrant orchestrates the incident response process and has a strong Slack integration. Whether using the Google SRE template or a different preferred model, FireHydrant helps you assign the right teammates with roles like Incident Commander, Ops Lead, Communications Lead and Planning Lead so that everyone can act in a unified manner to resolve the issue quickly. Delegating work in this manner enables the team to manage the process throughout and reduce time to resolution.


Security teams are inundated with alerts — resulting in “alert fatigue.” SOAR technologies such as Phantom and Demisto help Security Operations Centers (SOC) scale their response to these alerts. Alas, automation alone doesn’t address these issues. The key value for these tools is providing a contextual view into an alert and then implementing an orchestrated process to what should be done, how to do it, and by who. These processes can align to guidelines such as the NIST cybersecurity framework or the MITRE ATT&CK framework. Orchestration tools provide a prescriptive way to handling, managing, and responding to incidents across teams and then leverage the power of automation to greatly minimize the amount of manual work once established.

Companies that have done this well have seen great outcomes. Splunk acquired Phantom for $350 million and Palo Alto Networks acquired Demisto for $560 million.


One of the biggest challenges we hear from startup sales teams is the struggle to keep Salesforce up to date. Sales reps want to focus on closing deals and cultivating new prospects, and oftentimes the administrative burden of updating close dates, stages, meeting notes, etc in Salesforce leads them to save that work for another day…which too often doesn’t come.

Troops is an example of a company solving this by building comprehensive workflows with custom actions to update Salesforce directly from Slack. They offer a Salesforce automation workflow which uses Slackbots to remind reps to update records, and gives them an interface to make the tweaks in 1–2 minutes rather than multiples longer.

Between visibility to wins and losses so that the team can discuss learnings in real-time, to alerting reps in Slack to take action on certain accounts, to providing pipeline analytics and reporting, this combination of robust workflow paired with collaboration seems to be a boon for sales teams.

Looking Forward

We’re interested in exploring other areas, which involve multiple stakeholders, are recurring in nature, and where the organization would benefit from building a knowledge base related to these events.

  • Multiple Stakeholders: being incessantly bombarded with alerts and dealing with live incidents is not the most stress-free situation. When you combine stress and multiple stakeholders, inefficiencies are bound to bubble up. By having orchestration tools manage people as well as operational processes we can eliminate duplicative work and ensure that the right people are promptly notified so that no one is erroneously sitting on the sideline waiting for work.
  • Recurring in Nature: Everytime a security incident happens or a new employee gets onboarded, there’s a set of repeatable workflow tasks that need to be completed. Creating workflows for these repeatable events, along with auditing and reporting, is a goldmine opportunity for startups in certain areas.
  • Knowledge Base — One of the most exciting aspects of FireHydrant is how they build up an organizational knowledge base for how to deal with different types of incidents. Today, this data is mainly stored in PDFs/Excel/Sharepoint (pick your poison), and the ability to store all that data into a centralized knowledge hub not only prevents data from getting lost if people leave a company, but it also enables the eventual build-out of an intelligence layer that can deal with similar future incidents. Documenting knowledge that resides in people’s heads or spreadsheets is more important than ever. Turnover at startups and corporations alike is fairly high, and the opportunity cost of not keeping a record of all knowledge that emerges from different situations involving multiple stakeholders and other business impacting situations is huge.

Areas of Opportunity

  • Data Reliability — The rise of data engineers demonstrates the need to adopt mechanisms for collecting and validating data used by data scientists in organizations. What happens when a CEO who is presenting a chart in a VC pitch suddenly realizes that the EBITDA number is wrong? Or a sales leader is kicking off a QBR and notices a wonky revenue forecast figure? What is the process to trace this error back to the root cause, whether an internal change by an engineer or a third-party data feed going on the fritz, and who needs to be involved to remediate the issue?
  • Financial Planning & Analysis (FP&A): There are several areas within FP&A that are ripe for orchestration tools to tap on. For instance, the month-end close process for accountants has a checklist that involves multiple parties (controller, accountant, CFO/VP Finance). Another area worth exploring is budgeting given that this annual process often involves the CEO, CFO/VP Finance, and each functional area leader who owns their budget. The back and forth required to get budgets done every year is highly inefficient and existing software doesn’t ease collaboration between the parties involved
  • What else?? Reach out! Are you a startup working on a company in one of these spaces or something that I didn’t mention? Are you someone who deals with similar issues and are looking for a solution to boost your team’s collaboration and efficiency? If so, please reach out as I’d love to discuss!

Thanks to my Work-Bench colleagues Priyanka and Kelley for their feedback on this post.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jonathan Lehr

Jonathan Lehr

All enterprise tech, all the time || VC @Work_Bench, Founder of @NYETM, and @KauffmanFellows Class 19 || I also tweet (a lot) about the @MiamiHEAT