π SUCCESS STORIES: Dari Open Source ke Karir Sukses
βKalau Mereka Bisa, Kenapa Kamu Tidak?β
Filosofi: Setiap project open source yang sukses dimulai dari satu orang yang frustasi dengan tools existing dan memutuskan untuk build sendiri. Yang membedakan βproject matiβ dan βproject suksesβ adalah konsistensi, komunitas, dan positioning.
π Tier 1: Legenda β Dari Project ke Perusahaan Besar
1. Wazuh β Santiago Bassett (Spain β Silicon Valley)
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β WAZUH β Open Source SIEM/XDR β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β FOUNDER: Santiago Bassett β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β’ Background: Industrial Engineer (tidak lulus), Spain β
β β’ Kerja: Cybersecurity engineer di perusahaan kecil β
β β’ Pindah: Silicon Valley untuk kerja di AlienVault β
β β’ Pivot: 2015 β lihat OSSEC (open source) punya 20K users β
β β’ Action: "Kenapa tidak buat bisnis di sekitar ini?" β
β β
β JOURNEY: β
β 2015 β Start Wazuh sendirian, no funding, no MBA β
β 2016 β First enterprise customer (Fortune 500 company) β
β 2018 β 20,000 users, mulai hire team β
β 2020 β Launch Wazuh Cloud (SaaS) β
β 2023 β 100,000+ users, 700+ paying customers β
β Customers: Salesforce, NASA, Walgreens, PWC β
β Revenue: Cashflow positive, 40% YoY growth β
β Team: ~200 employees, mostly Argentina β
β Goal: IPO dalam 5-7 tahun (tanpa VC funding!) β
β β
β BUSINESS MODEL: β
β β’ Software: 100% FREE (GPL v2) β
β β’ Revenue: Professional services + Cloud hosting (SaaS) β
β β’ Split: 50% SaaS, 50% services β
β β
β KEY INSIGHT: β
β "Our goal to make this free to anyone... I feel like I am β
β betraying my users by charging them for a feature." β
β β Santiago Bassett β
β β
β LESSON: Build trust dengan community dulu, monetize later. β
β Jangan pernah charge untuk core software. β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Relevansi untuk Anda:
- Santiago bukan CS degree β Industrial Engineer yang tidak lulus
- Tidak punya funding β bootstrap dari nol
- Tidak punya experience bisnis β belajar on the job
- Tapi: Punya domain expertise (cybersecurity), lihat opportunity, dan execute
2. Falco β Loris Degioanni (Italy β Sysdig CTO)
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β FALCO β eBPF Runtime Security (CNCF Graduate) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β FOUNDER: Loris Degioanni β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β’ Background: Italian engineer β
β β’ Previous: CREATOR OF WIRESHARK (1998!) β
β β’ 2016: Create Falco di Sysdig β
β β’ 2018: Donate ke CNCF (Cloud Native Computing Foundation) β
β β’ 2024: CNCF Graduate β same level as Kubernetes, Prometheusβ
β β
β JOURNEY: β
β 1998 β Create Wireshark (network protocol analyzer) β
β β Most popular network tool in the world β
β β Di-acquire oleh Riverbed, tapi tetap open source β
β β
β 2013 β Found Sysdig (container visibility) β
β β Pivot ke cloud native security β
β β
β 2016 β Create Falco (runtime security with eBPF) β
β β "Insane to think about using eBPF for security" β
β β Submit patches ke Linux kernel untuk enable eBPF β
β β Open source dari hari pertama β
β β
β 2018 β CNCF Sandbox β Incubator β Graduate (2024) β
β β 30+ public adopters: Cisco, Shopify, GitLab β
β β 400% increase in contributors since incubation β
β β 526% increase in downloads β
β β
β 2024 β Sysdig unicorn (valued >$1B) β
β β Falco = core differentiator β
β β
β KEY INSIGHT: β
β "The fact that Falco graduated is a testament to how CNCF β
β is becoming an important repository of projects that are β
β more or less what the community agrees them to be as the β
β default step." β
β β Loris Degioanni β
β β
β LESSON: Open source + CNCF = credibility + adoption. β
β eBPF = future of security (Anda di jalur yang benar)β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Relevansi untuk Anda:
- Loris create 2 tools legendaris: Wireshark + Falco
- Pattern: βBuild tool yang saya sendiri butuhkanβ
- eBPF = teknologi yang sama dengan Aegis (Anda di jalur yang benar!)
- CNCF graduation = validasi industri tertinggi
3. Leonardo Di Donato β Dari Open Source ke Sysdig
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β LEONARDO DI DONATO β kubectl trace β Sysdig β Falco β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β BACKGROUND: β
β β’ Kerja di startup (Kubernetes 1.3 era) β startup gagal β
β β’ Move ke InfluxData β kerja dengan eBPF daily β
β β’ Open source: kubectl trace (eBPF tracing untuk K8s) β
β β
β HOW HE GOT HIRED BY SYSDIG: β
β 1. Build kubectl trace (open source, GitHub) β
β 2. Sysdig lihat project-nya ("cool things with eBPF") β
β 3. Sysdig reach out β mau hire untuk commercial product β
β 4. Leonardo: "Saya cuma mau kerja open source" β
β 5. Sysdig: "OK, kami punya open source project (Falco)" β
β 6. Hired sebagai core maintainer Falco + creator kubectl traceβ
β β
β KEY QUOTE: β
β "I was in love with eBPF. And I've always been in love β
β with open-source. I just want to do open-source and do β
β cutting-edge things with eBPF." β
β β Leonardo Di Donato β
β β
β LESSON: Build project yang Anda passionate, publish ke β
β GitHub, company akan datang ke Anda (bukan Anda β
β apply ke company). β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Relevansi untuk Anda:
- Leonardo = contoh paling mirip dengan posisi Anda sekarang
- Build tool di waktu luang β di-notice oleh company besar β hired
- Tidak apply kerja β company yang reach out ke dia!
π₯ Tier 2: Sukses Besar β Dari Project ke Company/Karir
4. Daniel Brandao β Dari Homelab ke T-Mobile
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β DANIEL BRANDAO β NetWiz β T-Mobile Engineer β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β PROJECT: NetWiz β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β’ Built di Meta hackathon (2 hari) β
β β’ Tools: Home lab ThinkCenters + Proxmox β
β β’ Function: Network change detection + auto-rollback β
β β
β PORTFOLIO: β
β β’ GitHub: Living showcase (bukan sekadar class assignments)β
β β’ CI/CD: Build pipeline sendiri untuk personal website β
β β’ Homelab: Infrastructure as code β
β β
β INTERVIEW T-MOBILE: β
β β’ Tidak cuma sebut coursework β
β β’ Walk through GitHub portfolio secara intentional β
β β’ Highlight: NetWiz, CI/CD pipeline, homelab β
β β’ Result: HIRED β
β β
β KEY QUOTE: β
β "Post anything that shows your skills in cybersecurity. β
β It could be code, it could be documentation." β
β β Daniel Brandao β
β β
β LESSON: Portfolio > Resume. Homelab > GPA. β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
5. Suricata β Victor Julien & OISF
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β SURICATA β Open Source IDS/IPS β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β FOUNDERS: Victor Julien, Matt Jonkman, Will Metcalf β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β’ 2007: Victor experiment dengan code sendiri β
β β’ 2008: Meet di conference US, share prototype β
β β’ Funding: DHS (Department of Homeland Security) seed β
β β’ Organization: OISF (Open Information Security Foundation) β
β β’ License: GPLv2 (anti-corporate acquisition) β
β β
β GROWTH: β
β β’ 15+ years journey β
β β’ Adopted by: AWS (network firewall), enterprise worldwide β
β β’ Model: Vendor membership (sustainable funding) β
β β’ Community: Core team + contributors global β
β β
β KEY INSIGHT: β
β "We wanted to establish an organization that would make β
β Suricata safe from acquisition, which we'd seen happen to β
β other open-source projects." β
β β Victor Julien β
β β
β LESSON: Foundation/organization = longevity. β
β GPLv2 = protection dari corporate takeover. β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
π₯ Tier 3: Realistis untuk Anda β Path Mahasiswa
6. Path A: βAegis β Junior Security Engineerβ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β SCENARIO A: Aegis v1.0 β Kerja di Startup/Scale-up β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β TIMELINE: β
β Semester 6 (Now) β Start Aegis v1.0 β
β βββ Build eBPF firewall + WAF β
β βββ Publish ke GitHub (open source) β
β βββ Tulis blog: "Building eBPF Security from Scratch" β
β βββ Share di Reddit r/homelab, r/netsec, Hacker News β
β β
β Semester 7 β Aegis v1.0 Release β
β βββ 100+ GitHub stars β
β βββ 10+ users (homelab community) β
β βββ Fix bugs, iterate berdasarkan feedback β
β βββ Sertifikasi: CompTIA Security+ β
β β
β Semester 8 β Portfolio Polish β
β βββ Aegis v1.1 (FIM, container security) β
β βββ Blog series: 5-10 technical articles β
β βββ Speaking: Local meetup / campus event β
β βββ LinkedIn: Share journey, build following β
β β
β Apply Kerja: β
β βββ Target: Junior Security Engineer / SOC Analyst β
β βββ Company: Startup cybersecurity / tech scale-up β
β βββ Salary: $40K-60K (Indonesia: Rp 8-15 juta) β
β βββ Differentiator: β
β "Saya build security platform sendiri, ini GitHub-nya" β
β (bukan: "Saya lulusan IT dengan IPK 3.5") β
β β
β Year 1-2 Kerja: β
β βββ Kontribusi ke Aegis sambil kerja (weekend) β
β βββ Belajar dari senior di company β
β βββ Aegis v1.3 (AI detection) β
β βββ Pivot: Senior Security Engineer / Detection Engineer β
β β
β Year 3-5: β
β βββ Aegis v2.0 (multi-agent, enterprise) β
β βββ Pilihan A: Stay di company, naik ke Staff/Principal β
β βββ Pilihan B: Join company besar (CrowdStrike, etc) β
β βββ Pilihan C: Startup sendiri (Wazuh-style) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
7. Path B: βAegis β Hired oleh Company Besarβ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β SCENARIO B: Aegis β Di-notice oleh Company β Hired β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β INSPIRASI: Leonardo Di Donato (kubectl trace β Sysdig) β
β β
β TIMELINE: β
β Semester 6-7 β Build Aegis, publish blog β
β βββ "How I built eBPF firewall in Rust" β Hacker News front β
β βββ "WAF dengan 10K req/sec di single core" β trending β
β βββ "Purple Team module untuk homelab" β r/netsec hot β
β βββ GitHub: 500+ stars, 50+ forks β
β β
β Semester 8 β Di-notice: β
β βββ Email dari recruiter: "Saw your project, interested?" β
β βββ DM di Twitter/LinkedIn dari engineer company β
β βββ Invitation: "Want to chat about your eBPF work?" β
β βββ Options: β
β β’ CrowdStrike (Falcon team) β
β β’ Sysdig (Falco team) β
β β’ Isovalent (Cilium/eBPF) β
β β’ Red Hat (kernel team) β
β β’ Startup eBPF-focused (new) β
β β
β Interview: β
β β’ Tidak: "Tell me about your coursework" β
β β’ Ya: "Walk me through Aegis architecture" β
β β’ Coding: "How would you extend this to Windows?" β
β β’ Result: HIRED sebagai eBPF Security Engineer β
β β
β Salary: $80K-120K (US) / Rp 20-40 juta (Indonesia remote) β
β β
β REALITY CHECK: β
β β’ Butuh: Project yang genuinely useful + technical depth β
β β’ Butuh: Consistent blogging + community engagement β
β β’ Butuh: 6-12 bulan dedicated work β
β β’ Tidak instant β tapi possible! β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
8. Path C: βAegis β Startup Sendiriβ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β SCENARIO C: Aegis β Wazuh-style Bootstrapped Company β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β INSPIRASI: Santiago Bassett (Wazuh β no VC, IPO goal) β
β β
β TIMELINE: β
β Year 0-1 (Now + 12 bulan) β Build + Community β
β βββ Aegis v1.0-1.2 (network + endpoint + container) β
β βββ 1000+ GitHub stars β
β βββ 100+ active users (homelab + small business) β
β βββ Blog + YouTube channel ("Building Security Tools") β
β βββ Community: Discord/Slack dengan 500+ members β
β β
β Year 1-2 β Monetization: β
β βββ Aegis Cloud (SaaS): Managed hosting untuk SMB β
β βββ Professional Services: Setup + tuning untuk enterprise β
β βββ Support Subscription: Priority support + consulting β
β βββ Team: 2-3 people (co-founder + engineer) β
β β
β Year 2-3 β Scale: β
β βββ 50+ paying customers β
β βββ $100K+ ARR (Annual Recurring Revenue) β
β βββ Team: 10-15 people β
β βββ Funding: Bootstrapped (tidak VC) atau angel round β
β β
β Year 3-5 β Enterprise: β
β βββ 500+ customers β
β βββ $1M+ ARR β
β βββ Team: 50+ people β
β βββ Goal: Series A atau profitable bootstrapped β
β β
β REALITY CHECK: β
β β’ 90% open source projects tidak jadi bisnis β
β β’ Butuh: Business sense + technical + persistence β
β β’ Butuh: Network (know people who need your tool) β
β β’ Butuh: 3-5 tahun dedicated work β
β β’ Reward: Independence + impact + potential wealth β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
π Perbandingan Path
| Aspek | Path A (Employee) | Path B (Hired by Big Co) | Path C (Startup) |
|---|---|---|---|
| Timeline | 6-12 bulan | 12-18 bulan | 3-5 tahun |
| Risk | Low | Medium | High |
| Reward | Stable income | High salary + prestige | Uncapped |
| Control | Low (boss decides) | Medium (team decides) | High (you decide) |
| Skill needed | Technical | Technical + visibility | Technical + business |
| Aegis role | Portfolio | Magnet | Product |
| Probability | 70% | 20% | 10% |
| Best for | Stability | Recognition | Independence |
π― Action Plan: Dari Sekarang
Minggu Ini (Week 1)
| # | Action | Output |
|---|---|---|
| 1 | Buat GitHub repo: aegis-security | Repository publik |
| 2 | Tulis README dengan vision | 500+ words |
| 3 | Design logo (simple) | assets/logo.png |
| 4 | Setup project structure | Cargo + Go + React |
| 5 | Tulis blog post #1 | βWhy Iβm building Aegisβ |
Bulan Ini (Month 1)
| # | Action | Output |
|---|---|---|
| 1 | eBPF Hello World (TC mode) | Working code |
| 2 | WAF skeleton (Axum) | Reverse proxy works |
| 3 | Manager API (Gin) | Basic endpoints |
| 4 | Dashboard shell (React) | Navigation works |
| 5 | Blog post #2 | βeBPF for Security: A Beginnerβs Guideβ |
| 6 | Share di Reddit/HN | 100+ views |
Semester Ini (3 bulan)
| # | Action | Output |
|---|---|---|
| 1 | Aegis v1.0 MVP | Working product |
| 2 | 5+ blog posts | Content library |
| 3 | 100+ GitHub stars | Social proof |
| 4 | 10+ users (homelab) | Validation |
| 5 | Sertifikasi Security+ | Credential |
π‘ Golden Rules dari Success Stories
| Rule | Contoh | Aplikasi untuk Anda |
|---|---|---|
| Build what you need | Wireshark (Loris butuh network analyzer) | Aegis (Anda butuh homelab defense) |
| Open source dari hari 1 | Falco, Wazuh | Publish ke GitHub sejak scaffold |
| Blog about journey | Daniel Brandao | 1 post/minggu minimum |
| Community first | Wazuh 100K users gratis | Discord/Slack untuk users |
| Donβt charge for core | Wazuh GPL v2 | MIT/Apache license |
| Monetize services | Wazuh SaaS + support | Aegis Cloud (v2.0) |
| Persistence > Perfection | Suricata 15+ years | Consistent 6-12 bulan |
| Hire slow, fire fast | Wazuh Argentina team | Solo dulu, hire saat revenue |
π Final Motivation
Santiago Bassett: "I started by myself with no funding."
Loris Degioanni: "It was sort of insane to think about using eBPF."
Leonardo Di Donato: "I just want to do open-source and cutting-edge things."
Victor Julien: "We wanted to make Suricata safe from acquisition."
BEDANYA: Mereka execute. Anda juga bisa execute.
Document Version: 1.0
Last Updated: 2026-06-17
Purpose: Motivation + roadmap dari success stories open source cybersecurity