Manchester City smart scarf wraps data-collecting sensors around fans’ necks

Manchester City smart scarf wraps data-collecting sensors around fans’ necks

Enlarge (credit: Manchester City)

England’s Manchester City soccer club wants to know how its fans really feel, and it has gone so far as to pilot The Connected Scarf, a “smart scarf” stuffed with sensors that the organization says enables it to gauge fan emotions.

According to Manchester City’s page for the scarf, the club has been piloting the accessory with six fans thus far and has recorded “over 120 moments of interest across the 90 minutes of a match.”

“The scarf records a range of physiological measures, including heart rate, body temperature, and emotional arousal—giving us concrete information to analyze how fans are feeling at different moments in the match,” the page says.

Read 6 remaining paragraphs | Comments

#cisco, #smart-devices, #tech, #wearables

Y42 sammelt 31 Millionen ein – Cisco übernimmt replex – ClimateTech-VC World Fund geht an den Start


Im aktuellen #DealMonitor für den 26. Oktober werfen wir wieder einen Blick auf die wichtigsten, spannendsten und interessantesten Investments und Exits des Tages in der DACH-Region. Alle Deals der Vortage gibt es im großen und übersichtlichen #DealMonitor-Archiv.

INVESTMENTS

Y42
+++ Jetzt offiziell: Insight Partners und Atomico investieren – wie bereits im Insider-Podcast berichtet – 31 Millionen US-Dollar in Y42.  Die Bewertung soll nach unseren Informationen bei rund 150 Millionen (Pre-Money) liegen. La Famiglia sowie die Gründer von Foodspring, Personio, AeroMobil und Petlab investierten erst im März dieses Jahres 2,9 Millionen US-Dollar in das Unternehmen, das früher als Datos Intelligence bekannt war. Insgesamt flossen nun schon 34 Millionen Dollar in das Unternehmen. Die Jungfirma beschreibt sich so: “y42 is a no-code business intelligence platform for loading, cleaning, connecting, visualizing and sharing data”. y42 wurde 2020 von Hung Dang gegründet. “Mit Hilfe der Series-A-Finanzierungsrunde will Y42 die Entwicklung seiner Plattform weiter vorantreiben, das Team vergrößern und den eigenen Kundenstamm ausbauen”, heißt es in der Presseaussendung. Mehr über Y42

CUREosity
+++
Der TechVision Fonds investiert gemeinsam mit mehreren Business Angels 3,5 Millionen Euro in CUREosity. Das Düsseldorfer Startup, das 2018 von Thomas Saur, Stefan Arand und Marco Faulhammer gegründet wurde, entwickelt eine Therapie-Software unter Nutzung von Virtual Reality (VR). “Im virtuellen Raum und mit spielerischen Inhalten können Patienten mit neurologischen oder muskuloskelettalen Beeinträchtigungen ihre kognitiven und motorischen Fähigkeiten wiederherstellen und verbessern – beispielsweise nach einem Schlaganfall oder bei Parkinson”, teilt das Startup mit.

DiscoEat
+++ 468 Capital, IBB Capital und Hevella Capital investieren eine siebenstellige Summe in DiscoEat. Das Berliner Startup, das 2018 von Moritz Heininger, Nicolò Luti und Szymon Madzielewski gegründet wurde, bietet leere Tische in Restaurants und seit Ende 2020 neben Reservierungen auch Lieferung und Abholung an. Im Herbst 2019 schlitterte die Jungfirma in die Insolvenz, wagte danach aber einen Neustart. “Die neue Finanzierung soll dafür verwendet werden, weiter geografisch zu expandieren sowie weitere wichtige Features für Gastronomen zu entwickeln, den gesamten Prozess und damit Dining-Experience sowohl für den Gastronomen als auch die Gäste effektiver zu gestalten”, teilt das Unternehmen mit. Mehr über DiscoEat

Veertly
+++ coparion und mehrere Business Angels investieren 2 Millionen Schweizer Franken in Veertly. Das deutsch-schweizer Startup, das 2020 von Joao Aguiam, Alexander Spahn und Joschka Finkbeiner gegründet wurde, positioniert sich als “flexible Plattform für hybride un online Events sowie digitale Kollaborationen”. Zu den Kunden der Jungfirma gehören unter anderem Personio, die ETH Zürich und der BVMW.

MERGERS & ACQUISITIONS

replex
+++ Netzwerk-Riese Cisco übernimmt replex, das auf eine Software zum Management von IT-Infrastrukturen setzt. “The acquisition of replex will help AppDynamics grow its product and engineering talent with a view toward accelerating and expanding product capabilities that observe enterprise-scale, cloud-native environments. Replex’s deep expertise in Kubernetes, real-time data extraction and analytics will further strengthen AppDynamics’ world-class product and engineering team as we accelerate the delivery of Cisco’s Full-Stack Observability vision”, teilt das Unternehmen mit. Der Technologiegründerfonds Sachsen (TGFS), EnBW New Ventures, der High-Tech Gründerfonds (HTGF) und eValue investierten in den vergangenen Jahren 4,5 Millionen Euro in das Unternehmen, das 2016 von Patrick Kirchhoff, Costantino Lattarulo, Christian Falk, Patrick Gruhn und Dennis Jacobfeuerborn in Duisburg gegründet wurde, zuletzt aber in Leipzig residierte. In Leipzig war replex auch beim Accelerator Spinlab an Bord. Der Kaufpreis ist nicht bekannt. Zuletzt interessierte sich auch der Berliner Kapitalgeber Project A Ventures für replex. Mehr über replex

MERGERS & ACQUISITIONS

World Fund
+++ Der neue ClimateTech-Geldgeber World Fund, über den wir bereits im Juli im Insider-Podcast berichtet haben, geht offiziell an den Start. Hinter dem neuen Kapitalgeber, der von Ecosia, der Suchmaschine, die Bäume pflanzt, ins Leben gerufen wurde, stecken insbesondere Tim Schumacher (sedo, eyeo und Saas.group), Daria Saharova (zuletzt Vito One), Danijel Visevic (früher unter anderem Project A Ventures), Craig Douglas (SET Ventures) und Ecosia-Gründer Christian Kroll. Zielgröße des World Fund sind 350 Millionen Euro. “Mehr als die Hälfte der Mittel wurde bereits zugesagt und das erste Closing ist für das erste Halbjahr 2022 geplant”, teilt der Geldgeber mit. Der World Fund investiert in Startups aus den Segmenten Energie, Verkehr, Food, Produktion und Immobilien, die den CO2-Ausstoß reduzieren wollen. Im Portfolio des World Fund befinden sich bereits das Mehrwegbechersystem Recup und Qoa, eine Kakao-freie Schokolade.

DIE HÖHLE DER LÖWEN

Saatgutkonfetti
+++ Regal-Löwe Ralf Dümmel investiert in der achten Folge der zehnten Staffel 200.000 Euro in Saatgutkonfetti und sichert sich dabei 15 % am Unternehmen. Das Startup, das von Christoph Trimborn, Katia Filippenko und Philip Weyer gegründet wurde, bietet ein ökologische Alternative zu dem herkömmlichen Konfetti. Der Deal kam nach der Show bisher nicht zustande.

DeWok
+++ Regal-Löwe Ralf Dümmel investiert in der achten Folge der zehnten Staffel 100.000 Euro in DeWok und sichert sich dabei 20 % am Unternehmen. Das Startup aus Köln, das von Steve Müller gegründet wurde, setzt auf ein transportables Wok-System.

colorsafe
+++ Pharma-Löwe Nils Glagau investiert in der achten Folge der zehnten Staffel 100.000 Euro in colorsafe und sichert sich dabei 24 % am Unternehmen. Das Startup aus Köln, das von Katrin Klein gegründet wurde, setzt auf eine farbige Seife für Erwachsene und Kinder, mit der sich visuell nachvollziehen lässt, ob die kompletten Hände mit Seife benetzt sind.

Grundriss in Lebensgröße
+++ Beauty-Löwin Judith Williams und Sales-Löwe Carsten Maschmeyer investieren in der achten Folge der zehnten Staffel 300.000 Euro in Grundriss in Lebensgröße und sichern sich dabei 25,1 % am Unternehmen. Das Unternehmen bietet “maßstabsgetreue, virtuelle Grundrisse in Lebensgröße”. Mit Hilfe von echten Möbeln und Wänden auf Rollen entsteht so ein virtuelles Abbild der Traumimmobilie. Zielgruppe sind unter anderem private Bauherren, Bauträger und Immobilienmakler.

Achtung! Wir freuen uns über Tipps, Infos und Hinweise, was wir in unserem #DealMonitor alles so aufgreifen sollten. Schreibt uns eure Vorschläge entweder ganz klassisch per E-Mail oder nutzt unsere “Stille Post“, unseren Briefkasten für Insider-Infos.

Startup-Jobs: Auf der Suche nach einer neuen Herausforderung? In der unserer Jobbörse findet Ihr Stellenanzeigen von Startups und Unternehmen.

Foto (oben): azrael74

#468-capital, #aktuell, #atomico, #berlin, #cisco, #colorsafe, #cureosity, #dewok, #discoeat, #duisburg, #dusseldorf, #grundriss-in-lebensgrose, #hevella-capital, #ibb-capital, #insight-partners, #koln, #qoa, #recup, #replex, #ruhrgebiet, #saatgutkonfetti, #techvision-fonds, #veertly, #world-fund, #y42

Confluent CEO Jay Kreps is coming to TC Sessions: SaaS for a fireside chat

As companies process ever-increasing amounts of data, moving it in real time is a huge challenge for organizations. Confluent is a streaming data platform built on top of the open source Apache Kafka project that’s been designed to process massive numbers of events. To discuss this, and more, Confluent CEO and co-founder Jay Kreps will be joining us at TC Sessions: SaaS on Oct 27th for a fireside chat.

Data is a big part of the story we are telling at the SaaS event, as it has such a critical role in every business. Kreps has said in the past the data streams are at the core of every business, from sales to orders to customer experiences. As he wrote in a company blog post announcing the company’s $250 million Series E in April 2020, Confluent is working to process all of this data in real time — and that was a big reason why investors were willing to pour so much money into the company.

“The reason is simple: though new data technologies come and go, event streaming is emerging as a major new category that is on a path to be as important and foundational in the architecture of a modern digital company as databases have been,” Kreps wrote at the time.

The company’s streaming data platform takes a multi-faceted approach to streaming and builds on the open source Kafka project. While anyone can download and use Kafka, as with many open source projects, companies may lack the resources or expertise to deal with the raw open source code. Many a startup have been built on open source to help simplify whatever the project does, and Confluent and Kafka are no different.

Kreps told us in 2017 that companies using Kafka as a core technology include Netflix, Uber, Cisco and Goldman Sachs. But those companies have the resources to manage complex software like this. Mere mortal companies can pay Confluent to access a managed cloud version or they can manage it themselves and install it in the cloud infrastructure provider of choice.

The project was actually born at LinkedIn in 2011 when their engineers were tasked with building a tool to process the enormous number of events flowing through the platform. The company eventually open sourced the technology it had created and Apache Kafka was born.

Confluent launched in 2014 and raised over $450 million along the way. In its last private round in April 2020, the company scored a $4.5 billion valuation on a $250 million investment. As of today, it has a market cap of over $17 billion.

In addition to our discussion with Kreps, the conference will also include Google’s Javier Soltero, Amplitude’s Olivia Rose, as well as investors Kobie Fuller and Casey Aylward, among others. We hope you’ll join us. It’s going to be a thought-provoking lineup.

Buy your pass now to save up to $100 when you book by October 1. We can’t wait to see you in October!

#apache-kafka, #casey-aylward, #cisco, #cloud, #cloud-computing, #computing, #confluent, #developer, #enterprise, #event-streaming, #free-software, #goldman-sachs, #google, #javier-soltero, #jay-kreps, #kobie-fuller, #linkedin, #microsoft, #netflix, #open-source, #saas, #software, #software-as-a-service, #tc, #tc-sessions-saas-2021, #uber

Rezilion raises $30M help security operations teams with tools to automate their busywork

Security operations teams face a daunting task these days, fending off malicious hackers and their increasingly sophisticated approaches to cracking into networks. That also represents a gap in the market: building tools to help those security teams do their jobs. Today, an Israeli startup called Rezilion that is doing just that — building automation tools for DevSecOps, the area of IT that addresses the needs of security teams and the technical work that they need to do in their jobs — is announcing $30 million in funding.

Guggenheim Investments is leading the round with JVP and Kindred Capital also contributing. Rezilion said that unnamed executives from Google, Microsoft, CrowdStrike, IBM, Cisco, PayPal, JP Morgan Chase, Nasdaq, eBay, Symantec, RedHat, RSA and Tenable are also in the round. Previously, the company had raised $8 million.

Rezilion’s funding is coming on the back of strong initial growth for the startup in its first two years of operations.

Its customer base is made up of some of the world’s biggest companies, including two of the “Fortune 10” (the top 10 of the Fortune 500). CEO Liran Tancman, who co-founded Rezilion with CTO Shlomi Boutnaru, said that one of those two is one of the world’s biggest software companies, and the other is a major connected device vendor, but he declined to say which. (For the record, the top 10 includes Amazon, Apple, Alphabet/Google, Walmart and CVS.)

Tancman and Boutnaru had previously co-founded another security startup, CyActive, which was acquired by PayPal in 2015; the pair worked there together until leaving to start Rezilion.

There are a lot of tools out in the market now to help automate different aspects of developer and security operations. Rezilion focuses on a specific part of DevSecOps: large businesses have over the years put in place a lot of processes that they need to follow to try to triage and make the most thorough efforts possible to detect security threats. Today, that might involve inspecting every single suspicious piece of activity to determine what the implications might be.

The problem is that with the volume of information coming in, taking the time to inspect and understand each piece of suspicious activity can put enormous strain on an organization: it’s time-consuming, and as it turns out, not the best use of that time because of the signal to noise ratio involved. Typically, each vulnerability can take 6-9 hours to properly investigate, Tancman said. “But usually about 70-80% of them are not exploitable,” meaning they may be bad for some, but not for this particular organization and the code it’s using today. That represents a very inefficient use of the security team’s time and energy.

“Eight of out ten patches tend to be a waste of time,” Tancman said of the approach that is typically made today. He believes that as its AI continues to grow and its knowledge and solution becomes more sophisticated, “it might soon be 9 out of 10.”

Rezilion has built a taxonomy and an AI-based system that essentially does that inspection work as a human would do: it spots any new, or suspicious, code, figures out what it is trying to do, and runs it against a company’s existing code and systems to see how and if it might actually be a threat to it or create further problems down the line. If it’s all good, it essentially whitelists the code. If not, it flags it to the team.

The stickiness of the product has come out of how Tancman and Boutnaru understand large enterprises, especially those heavy with technology stacks, operate these days in what has become a very challenging environment for cybersecurity teams.

“They are using us to accelerate their delivery processes while staying safe,” Tancman said. “They have strict compliance departments and have to adhere to certain standards,” in terms of the protocols they take around security work, he added. “They want to leverage DevOps to release that.”

He said Rezilion has generally won over customers in large part for simply understanding that culture and process and helping them work better within that: “Companies become users of our product because we showed them that, at a fraction of the effort, they can be more secure.” This has special resonance in the world of tech, although financial services, and other verticals that essentially leverage technology as a significant foundation for how they operate, are also among the startup’s user base.

Down the line, Rezilion plans to add remediation and mitigation into the mix to further extend what it can do with its automation tools, which is part of where the funding will be going, too, Boutnaru said. But he doesn’t believe it will ever replace the human in the equation altogether.

“It will just focus them on the places where you need more human thinking,” he said. “We’re just removing the need for tedious work.”

In that grand tradition of enterprise automation, then, it will be interesting to watch which other automation-centric platforms might make a move into security alongside the other automation they are building. For now, Rezilion is forging out an interesting enough area for itself to get investors interested.

“Rezilion’s product suite is a game changer for security teams,” said Rusty Parks, senior MD of Guggenheim Investments, in a statement. “It creates a win-win, allowing companies to speed innovative products and features to market while enhancing their security posture. We believe Rezilion has created a truly compelling value proposition for security teams, one that greatly increases return on time while thoroughly protecting one’s core infrastructure.”

#agile-software-development, #alphabet, #amazon, #apple, #articles, #artificial-intelligence, #automation, #ceo, #cisco, #computer-security, #crowdstrike, #cto, #cyactive, #devops, #ebay, #energy, #entrepreneurship, #europe, #financial-services, #funding, #google, #ibm, #jp-morgan-chase, #kindred-capital, #maryland, #microsoft, #paypal, #security, #software, #software-development, #startup-company, #symantec, #technology

Extra Crunch roundup: Zūm CEO interview, Cisco’s M&A ethos, neoinsurance bad romance

It was once common practice for doctors to visit sick patients in their homes: In 1930, 40% of all consultations were house calls. By 1980, that figure was less than 1%.

Today, urgent care centers occupy Main Street storefronts and 33% of all medical expenditures occur in hospitals. It’s clear that the additional overhead is generating higher prices, but not necessarily better results, according to Sumi Das and Nina Gerson, who lead healthcare investments at Capital G.

“We can improve both outcomes and costs by moving care from the hospital back to the place it started — at home,” they write in a post that explores five innovations enabling at-home care and identifies investment opportunities like acute care and infrastructure development.

Today, in-home care comprises just 3% of overall healthcare spending, but Gerson and Das estimate that will expand to 10% in the next 10 years.

“To make these improvements, in-home healthcare strategies will need to leverage next-generation technology and value-based care strategies. Fortunately, the window of opportunity for change is open right now.”


Full Extra Crunch articles are only available to members.
Use discount code ECFriday to save 20% off a one- or two-year subscription.


Image Credits: Cowboy Ventures / Guild Education

Tomorrow’s episode of Extra Crunch Live will feature guests VC Aileen Lee of Cowboy Ventures and Rachel Carlson, CEO and co-founder of Guild Education.

Among other topics, Lee will talk about how Guild Education met her criteria for investment before the duo offer feedback on startup pitches submitted by audience members.

Register now to join the free chat on Hopin on Wednesday, August 25, at 11:30 a.m. PDT/2:30 p.m. EDT.

Thanks very much for reading Extra Crunch; have a great week!

Walter Thompson
Senior Editor, TechCrunch
@yourprotagonist

Zūm CEO Ritu Narayan explains why equity and accessibility works for mobility services

Image Credits: Bryce Durbin

Ritu Narayan founded Zūm with her two brothers in 2016 to disrupt student transportation, a space that hasn’t seen much innovation since pupils began finding their way to and from little red schoolhouses.

Since then, Zūm has inked partnerships with school districts around the country to create more efficient routes and reduce vehicle emissions.

By 2025, Narayan says her company will have 10,000 electric school buses and plans to put the fleet into service to generate power and feed it back to the grid.

To learn more about the company’s development, its immediate plans for the future and how the pandemic impacted operations, read on.

Bird shows improving scooter economics, long march to profitability

For The Exchange, Alex Wilhelm looked at recent financial data from scooter sharing service Bird, which — like Lyft, Uber, Airbnb and others — took a beating during the pandemic as potential riders stayed home.

Bird flipped its business model and its results improved, but it still has a ways to go. “In the bull case, Bird can get rid of its adjusted losses in a few years,” Alex writes.

“If any issues arise at the top of the company’s table — say, for example, that rides per scooter do not scale as the company rolls out more hardware, or merely slower than expected — the anticipated profitability results could evaporate or be pushed into the future.”

India’s path to SaaS leadership is clear, but challenges remain

Image Credits: Thitima Thongkham / Getty Images

By 2030, India’s SaaS industry is estimated to comprise 4%-6% of the global market and generate between $50 billion and $70 billion in yearly revenue, according to a SaaSBOOMi/McKinsey report.

“With the right approach, it won’t be long before the Indian SaaS community becomes a large-scale employer of talent, a significant contributor to India’s GDP and a creator of unmatched products,” says Manav Garg, CEO and founder of Eka Software Solutions.

In a guest post, he lays out several key growth drivers, which include “the largest concentration of developers in the world” and the fact that “SaaS is not a winner-take-all market.”

Even so, the region still faces challenges, since “growth requires a growth mindset.”

Why have the markets spurned public neoinsurance startups?

As Alex Wilhelm has repeatedly noted in The Exchange, neoinsurance companies, from healthcare to auto to home and rental, have taken a whacking by the market.

But he hadn’t quite figured out why until he chatted with Pie Insurance co-founder and CEO John Swigart, who had an interesting hypothesis.

Summing up their conversation in a single sentence: “From the public markets’ perspective, it’s the results, stupid.”

How Cisco keeps its startup acquisition engine humming

The Cisco Systems logo is displayed at the Mobile World Congress (MWC) in Barcelona on February 25, 2019. - Phone makers will focus on foldable screens and the introduction of blazing fast 5G wireless networks at the world's biggest mobile fair starting February 25 in Spain as they try to reverse a decline in sales of smartphones. (Photo by Josep LAGO / AFP) (Photo credit should read JOSEP LAGO/AFP via Getty Images)

Image Credits: Josep LAGO /AFP/ Getty Images

Ron Miller interviewed three Cisco executives to learn more about the company’s “rich history of buying its way to global success”:

  • CFO Scott Herren
  • Derek Idemoto, SVP for corporate development and Cisco investments
  • Jeetu Patel, EVP and GM, Security and Collaboration

Since its founding, Cisco has acquired 229 companies, buying more than 30 startups in the last four years that focus on everything from edtech to event management.

“Indeed, one of the big reasons for all these acquisitions could be about maintaining growth,” writes Ron.

Future tech exits have a lot to live up to

Image Credits: Sam Salek/EyeEm (opens in a new window) / Getty Images (Image has been modified)

“Inflation may or may not prove transitory when it comes to consumer prices, but startup valuations are definitely rising — and noticeably so — in recent quarters.”

That’s Alex Wilhelm’s summation of a recent PitchBook report rounding up valuation data from U.S. startup funding events.

He dug into the report and analyzed what the numbers mean for startup valuations and potential exits.

#cisco, #ec-roundup, #extra-crunch-roundup, #health, #healthtech, #india, #john-swigart, #ma, #pitchbook-data, #ritu-narayan, #saas, #startups, #tc, #transportation, #venture-capital

How Cisco keeps its startup acquisition engine humming

Enterprise startups have several viable exit strategies: Some will go public, but most successful outcomes will be via acquisition, often by one of the highly acquisitive large competitors like Salesforce, Microsoft, Amazon, Oracle, SAP, Adobe or Cisco.

From rivals to “spin-ins,” Cisco has a particularly rich history of buying its way to global success. It has remained quite active, acquiring more than 30 startups over the last four years for a total of 229 over the life of the company. The most recent was Epsagon earlier this month, with five more in its most recent quarter (Q4 FY2021): Slido, Sedona Systems, Kenna Security, Involvio and Socio. It even announced three of them in the same week.

It begins by identifying targets; Cisco does that by being intimately involved with a list of up to 1,000 startups that could be a fit for acquisition.

What’s the secret sauce? How it is going faster than ever? For startups that encounter a company like Cisco, what do you need to know if you have talks that go places with it? We spoke to the company CFO, senior vice president of corporate development, and the general manager and executive vice president of security and collaboration to help us understand how all of the pieces fit together, why they acquire so many companies and what startups can learn from their process.

Cisco, as you would expect, has developed a rigorous methodology over the years to identify startups that could fit its vision. That involves product, of course, but also team and price, all coming together to make a successful deal. From targeting to negotiating to closing to incorporating the company into the corporate fold, a startup can expect a well-tested process.

Even with all this experience, chances are it won’t work perfectly every time. But since Cisco started doing M&A nine years into its history with the purchase of LAN switcher Crescendo Communications in 1993 — leading to its massive switching business today — the approach clearly works well enough that they keep doing it.

It starts with cash

If you want to be an acquisitive company, chances are you have a fair amount of cash on hand. That is certainly the case with Cisco, which currently has more than $24.5 billion in cash and equivalents, albeit down from $46 billion in 2017.

CFO Scott Herren says that the company’s cash position gives it the flexibility to make strategic acquisitions when it sees opportunities.

“We generate free cash flow net of our capex in round numbers in the $14 billion a year range, so it’s a fair amount of free cash flow. The dividend consumes about $6 billion a year,” Herren said. “We do share buybacks to offset our equity grant programs, but that still leaves us with a fair amount of cash that we generate year on year.”

He sees acquisitions as a way to drive top-line company growth while helping to push the company’s overall strategic goals. “As I think about where our acquisition strategy fits into the overall company strategy, it’s really finding the innovation we need and finding the companies that fit nicely and that marry to our strategy,” he said.

“And then let’s talk about the deal … and does it make sense or is there a … seller price point that we can meet and is it clearly something that I think will continue to be a core part of our strategy as a company in terms of finding innovation and driving top-line growth there,” he said.

The company says examples of acquisitions that both drove innovation and top-line growth include Duo Security in 2018, ThousandEyes in 2020 and Acacia Communications this year. Each offers some component that helps drive Cisco’s strategy — security, observability and next-generation internet infrastructure — while contributing to growth. Indeed, one of the big reasons for all these acquisitions could be about maintaining growth.

Playing the match game

Cisco is at its core still a networking equipment company, but it has been looking to expand its markets and diversify outside its core networking roots for years by moving into areas like communications and security. Consider that along the way it has spent billions on companies like WebEx, which it bought in 2007 for $3.2 billion, or AppDynamics, which it bought in 2017 for $3.7 billion just before it was going to IPO. It has also made more modest purchases (by comparison at least), such as MindMeld for $125 million and countless deals that were too small to require them to report the purchase price.

Derek Idemoto, SVP for corporate development and Cisco investments, has been with the company for 100 of those acquisitions and has been involved in helping scout companies of interest. His team begins the process of identifying possible targets and where they fall within a number of categories, such as whether it allows them to enter new markets (as WebEx did), extend their markets (as with Duo Security), or acqui-hire top technical talent and get some cool tech, as they did when they purchased BabbleLabs last year.

#appdynamics, #babblelabs, #cisco, #ec-enterprise-applications, #enterprise, #jeetu-patel, #ma, #mergers-and-acquisitions, #mindmeld, #tc, #webex

API platform Postman valued at $5.6 billion in $225 million fundraise

San Francisco-based Postman, which operates a collaborative platform for developers to help them build, design, test and iterate their APIs, said on Wednesday it has raised $225 million in a new financing round that values it at $5.6 billion, up from $2 billion a year ago.

The startup’s new financing round — a Series D — was led by existing investor New York-headquartered Insight Partners. New investors including Coatue, Battery Ventures, and BOND also participated in the new round, which brings total raise across rounds to over $430 million. Existing investors Nexus Venture Partners and CRV also participated in the new round.

APIs provide a way for developers to connect their applications to other internal and external applications. But it’s a space that until the past decade not many firms have attempted to streamline. (Developers relied on — and many continue to do so — open source CLI tools such as curl and HTTPie. That said, Postman now has a number of competitors including Stoplight, and A16z and Tiger Global-backed Kong.)

Abhinav Asthana, a former intern at Yahoo, faced this frustration first hand and built a Chrome extension for himself and friends.

Little did he know just how many developers and firms needed it, too.

The six-year-old startup’s product, which began its journey in India, is today used by over 17 million developers and over 500,000 organizations including Microsoft, Salesforce, Stripe, Shopify, Cisco, and PayPal.

The list is big: Postman co-founder and chief executive Asthana told TechCrunch that 98% of the Fortune 500 companies are customers of Postman.

“We are solving a fundamental problem for the technology landscape. Big companies tend to be slower as they have many other things on their plate,” he told me two years ago.

Postman API Platform’s offerings

“Every company in every industry in the world today uses APIs and needs an API platform. This trend is only growing with the move to cloud and digital experiences,” he said in an interview with TechCrunch Tuesday.

The startup today leads the market and doesn’t compete with many players. Which would explain the investors’ excitement. The startup, which declined to share its revenue, raised the new round at over 100 multiple of its revenue, according to an investor with knowledge of the matter.

Postman’s platform is crucial for developers, but it was only recently that the startup expanded to create a public marketplace for developers and firms to find ready-made APIs to use.

“The Postman Public API Network connects millions of developers around the world and provides them with a space dedicated to discovering, exploring, and sharing of APIs. This was ultimately driven by our creation of public workspaces, which allows users to connect across different organizations,” Asthana said.

“With the emergence of APIs, we believe that this will usher in the next generation of no-code and ‘citizen developers.’ We encourage a world filled with innovation for everyone with different backgrounds and varying levels of technical experience. More and more, we’re seeing people in sales, marketing, and finance become more comfortable with APIs and become the champions of this technology,” he said.

The startup, which employs over 425 people, plans to deploy the fresh funding to hire more employees across sales, marketing, product, and engineering divisions.

Postman will also “heavily” invest in broadening its product roadmap. “We are expanding the Postman platform across areas that technical users need along with supporting the needs of business users. At a high level, we are investing in supporting workflows for all kinds of APIs — whether they are private APIs, partner APIs, or public APIs,” he said.

Some upcoming items on the roadmap include a new version of the Postman API, support for protocols like gRPC, ProtoBuf, and more extensive capabilities for GraphQL. “We are also focusing heavily on integrations with other vendors in the software development lifecycle like AWS, Git hosting providers like GitHub and GitLab. We are also releasing our Flow Runner tool, a no-code API composition tool to enable anyone to build API driven programs.”

The startup also plans to invest in supporting students through API literacy programs and contribute toward open source projects.

“APIs have quickly become the fundamental building blocks of software used by developers in every industry, in every country across the globe—and Postman has firmly established itself as the preferred platform for developers,” said Insight Partners Managing Director Jeff Horing in a statement.

“Postman has the opportunity to become a key pillar of how enterprises build, deliver products, and seamlessly enable partnerships across the ecosystem. Their continued, rapid expansion and strong management team point to a future for Postman with virtually unlimited possibilities.”

#battery-ventures, #bond, #cisco, #coatue, #crv, #funding, #insight-partners, #kong, #microsoft, #nexus-venture-partners, #paypal, #postman, #saas, #salesforce, #shopify, #stripe

Cisco beefing up app monitoring portfolio with acquisition of Epsagon for $500M

Cisco announced on Friday that it’s acquiring Israeli applications monitoring startup Epsagon at a price pegged at $500 million. The purchase gives Cisco a more modern microservices-focused component for its growing applications monitoring portfolio.

The Israeli business publication Globes reported it had gotten confirmation from Cisco that the deal was for $500 million, but Cisco would not confirm that price with TechCrunch.

The acquisition comes on top of a couple other high profile app monitoring deals including AppDynamics, which the company bought in 2018 for $3.7 billion and ThousandEyes, which it nabbed last year for $1 billion.

With Epsagon, the company is getting a way to monitor more modern applications built with containers and Kubernetes. Epsagon’s value proposition is a solution built from the ground up to monitor these kinds of workloads, giving users tracing and metrics, something that’s not always easy to do given the ephemeral nature of containers.

As Cisco’s Liz Centoni wrote in a blog post announcing the deal, Epsagon adds to the company’s concept of a full-stack offering in their applications monitoring portfolio. Instead of having a bunch of different applications monitoring tools for different tasks, the company envisions one that works together.

“Cisco’s approach to full-stack observability gives our customers the ability to move beyond just monitoring to a paradigm that delivers shared context across teams and enables our customers to deliver exceptional digital experiences, optimize for cost, security and performance and maximize digital business revenue,” Centoni wrote.

That experience point is particularly important because when an application isn’t working, it isn’t happening in a vacuum. It has a cascading impact across the company, possibly affecting the core business itself and certainly causing customer distress, which could put pressure on customer service to field complaints, and the site reliability team to fix it. In the worst case, it could result in customer loss and an injured reputation.

If the application monitoring system can act as an early warning system, it could help prevent the site or application from going down in the first place, and when it does go down, help track the root cause to get it up and running more quickly.

The challenge here for Cisco is incorporating Epsagon into the existing components of the application monitoring portfolio and delivering that unified monitoring experience without making it feel like a Frankenstein’s monster of a solution globbed together from the various pieces.

Epsagon launched in 2018 and has raised $30 million. According to a report in the Israeli publication, Calcalist, the company was on the verge of a big Series B round with a valuation in the range of $200 million when it accepted this offer. It certainly seems to have given its early investors a good return. The deal is expected to close later this year.

#applications-performance-monitoring, #cisco, #containers, #enterprise, #epsagon, #exit, #fundings-exits, #israeli-startups, #kubernetes, #ma, #mergers-and-acquisitions, #startups, #tc

A Silicon Valley VC firm with $1.8B in assets was hit by ransomware

Advanced Technology Ventures, a Silicon Valley venture capital firm with more than $1.8 billion in assets under its management, was hit by a ransomware attack in July that saw cybercriminals steal personal information on the company’s private investors, or limited partners (LPs).

In a letter to the Maine attorney general’s office, ATV said it became aware of the attack on July 9 after its servers storing financial information had been encrypted by ransomware. By July 26, the ATV learned that data had been stolen from the servers before the files were encrypted, a common “double extortion” tactic used by ransomware groups, which then threaten to publish the files online if the ransom to decrypt the files is not paid.

The letter said ATV believes the names, email addresses, phone numbers and Social Security numbers of the individual investors in ATV’s funds were stolen in the attack. Some 300 individuals were affected by the incident, including one person in Maine, according to a listing on the Maine attorney general’s data breach notification portal.

Venture capital firms often do not disclose all of their LPs — the investors who have thrown millions into an investment vehicle — to the public. A number of pre-approved names may be included in an announcement, but overall, a company’s private investors try to stay that way: private. The reasons vary, but it comes down to secrecy and a degree of competitive advantage: The firm may not want competitors to know who is backing them, and an investor may not want others to know where their money is going. This particular attack likely stole key information on a hush-hush part of how venture money works.

ATV said it notified the FBI about the attack. A spokesperson for the FBI did not immediately comment when reached by TechCrunch. ATV’s managing director Mike Carusi did not respond to questions sent by TechCrunch on Monday.

The venture capital firm, based in Menlo Park, California with offices in Boston, was founded in 1979 and invests largely in technology, communications, software and services, and healthcare technology. The company was an early investor in many of the startups from the last decade, like software library Fandango, Host Analytics (now Planfun) and Apptegic (now Evergage). Its more recent investments include Tripwire, which was later sold to cybersecurity company Belden for $710 million; Cedexis, a network traffic monitoring startup acquired by Cisco in 2018; and Actifo, which was sold to Google in 2020.


Natasha Mascarenhas contributed reporting. Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send TechCrunch files or documents using our SecureDrop.

#attorney-general, #atv, #boston, #california, #cedexis, #cisco, #cybercrime, #encryption, #fandango, #federal-bureau-of-investigation, #google, #healthcare-technology, #maine, #private-equity, #ransomware, #securedrop, #security, #signal, #software, #spokesperson, #venture-capital

Cyber risk startup Safe Security lands $33M from UK telco BT

Safe Security, a Silicon Valley cyber risk management startup, has secured a $33 million investment from U.K. telco BT. 

Founded in 2012, Safe Security — formerly known as Lucideus — helps organizations to measure and mitigate enterprise-wide cyber risk using its security assessment framework for enterprises (SAFE) platform. The service, which is used by a number of companies including Facebook, Softbank and Xiaomi, helps businesses understand their likelihood of suffering a major cyberattack, calculates a financial cost to customers’ risks and provides actionable insight on the steps that can be taken to address them.

This funding round saw participation from Safe Security’s existing investors, including former Cisco chairman and chief executive John Chambers, and brings the total amount raised by Safe Security to $49.2 million.

BT said the investment, which is its first major third-party investment in cybersecurity since 2006, reflected its plans to grow rapidly in the sector. Philip Jansen, BT CEO said: “Cybersecurity is now at the top of the agenda for businesses and governments, who need to be able to trust that they’re protected against increasing levels of attack. 

“Already one of the world’s leading providers in a highly fragmented security market, this investment is a clear sign of BT’s ambition to grow further.”

The startup’s co-founder and chief executive Saket Modi said he was “delighted” to be working with BT.

“By aligning BT’s global reach and capabilities with SAFE’s ability to provide real-time visibility on cyber risk posture, we are going to fundamentally change how security is measured and managed across the globe,” he said.

As part of the investment, which will see Safe Security double its engineering team by the end of the year, BT will combine the SAFE platform with its managed security services, and gain exclusive rights to use and sell SAFE to businesses and public sector bodies in the UK. BT will also work collaboratively with Safe Security to develop future products, according to an announcement from the company.

Safe Security’s competitors include UpGuard, Exabeam, VisibleRisk.

#bt, #ceo, #cisco, #computer-security, #computing, #cyberattack, #cybercrime, #cyberwarfare, #exabeam, #facebook, #funding, #philip-jansen, #security, #softbank, #united-kingdom, #xiaomi

This tool tells you if NSO’s Pegasus spyware targeted your phone

Over the weekend, an international consortium of news outlets reported that several authoritarian governments — including Mexico, Morocco and the United Arab Emirates — used spyware developed by NSO Group to hack into the phones of thousands of their most vocal critics, including journalists, activists, politicians and business executives.

A leaked list of 50,000 phone numbers of potential surveillance targets was obtained by Paris-based journalism nonprofit Forbidden Stories and Amnesty International and shared with the reporting consortium, including The Washington Post and The Guardian. Researchers analyzed the phones of dozens of victims to confirm they were targeted by the NSO’s Pegasus spyware, which can access all of the data on a person’s phone. The reports also confirm new details of the government customers themselves, which NSO Group closely guards. Hungary, a member of the European Union where privacy from surveillance is supposed to be a fundamental right for its 500 million residents, is named as an NSO customer.

The reporting shows for the first time how many individuals are likely targets of NSO’s intrusive device-level surveillance. Previous reporting had put the number of known victims in the hundreds or more than a thousand.

NSO Group sharply rejected the claims. NSO has long said that it doesn’t know who its customers target, which it reiterated in a statement to TechCrunch on Monday.

Researchers at Amnesty, whose work was reviewed by the Citizen Lab at the University of Toronto, found that NSO can deliver Pegasus by sending a victim a link which when opened infects the phone, or silently and without any interaction at all through a “zero-click” exploit, which takes advantage of vulnerabilities in the iPhone’s software. Citizen Lab researcher Bill Marczak said in a tweet that NSO’s zero-clicks worked on iOS 14.6, which until today was the most up-to-date version.

Amnesty’s researchers showed their work by publishing meticulously detailed technical notes and a toolkit that they said may help others identify if their phones have been targeted by Pegasus.

The Mobile Verification Toolkit, or MVT, works on both iPhones and Android devices, but slightly differently. Amnesty said that more forensic traces were found on iPhones than Android devices, which makes it easier to detect on iPhones. MVT will let you take an entire iPhone backup (or a full system dump if you jailbreak your phone) and feed in for any indicators of compromise (IOCs) known to be used by NSO to deliver Pegasus, such as domain names used in NSO’s infrastructure that might be sent by text message or email. If you have an encrypted iPhone backup, you can also use MVT to decrypt your backup without having to make a whole new copy.

The Terminal output from the MVT toolkit, which scans iPhone and Android backup files for indicators of compromise. (Image: TechCrunch)

The toolkit works on the command line, so it’s not a refined and polished user experience and requires some basic knowledge of how to navigate the terminal. We got it working in about 10 minutes, plus the time to create a fresh backup of an iPhone, which you will want to do if you want to check up to the hour. To get the toolkit ready to scan your phone for signs of Pegasus, you’ll need to feed in Amnesty’s IOCs, which it has on its GitHub page. Any time the indicators of compromise file updates, download and use an up-to-date copy.

Once you set off the process, the toolkit scans your iPhone backup file for any evidence of compromise. The process took about a minute or two to run and spit out several files in a folder with the results of the scan. If the toolkit finds a possible compromise, it will say so in the outputted files. In our case, we got one “detection,” which turned out to be a false positive and has been removed from the IOCs after we checked with the Amnesty researchers. A new scan using the updated IOCs returned no signs of compromise.

Given it’s more difficult to detect an Android infection, MVT takes a similar but simpler approach by scanning your Android device backup for text messages with links to domains known to be used by NSO. The toolkit also lets you scan for potentially malicious applications installed on your device.

The toolkit is — as command line tools go — relatively simple to use, though the project is open source so not before long surely someone will build a user interface for it. The project’s detailed documentation will help you — as it did us.

Read more:


You can send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using our SecureDrop. Learn more

#amnesty-international, #android, #cisco, #computing, #espionage, #european-union, #government, #hungary, #iphone, #mexico, #microsoft, #morocco, #nso, #nso-group, #paris, #pegasus, #securedrop, #security, #smartphones, #software, #spyware, #the-guardian, #the-washington-post, #united-arab-emirates, #vmware, #whatsapp

Elisity raises $26M Series A to scale its AI cybersecurity platform

Elisity, a self-styled innovator that provides behavior-based enterprise cybersecurity, has raised $26 million in Series A funding.

The funding round was co-led by Two Bear Capital and AllegisCyber Capital, the latter of which has invested in a number of cybersecurity startups including Panaseer, with previous seed investor Atlantic Bridge also participating.

Elisity, which is led by industry veterans from Cisco, Qualys, and Viptela, says the funding will help it meet growing enterprise demand for its cloud-delivered Cognitive Trust platform, which it claims is the only platform intelligent enough to understand how assets and people connect beyond corporate perimeters.

The platform looks to help organizations transition from legacy access approaches to zero trust, a security model based on maintaining strict access controls and not trusting anyone — even employees — by default, across their entire digital footprint. This enables organizations to adopt a ‘work-from-anywhere’ model, according to the company, which notes that most companies today continue to rely on security and policies based on physical location or low-level networking constructs, such as VLAN, IP and MAC addresses, and VPNs.

Cognitive Trust, the company claims, can analyze the uniquely identify and context of people, apps and devices, including Internet of Things (IoT) and operational technology (OT), wherever they’re working. The company says its AI-driven behavioral intelligence, the platform can also continuously assess risk and instantly optimize access, connectivity and protection policies.

“CISOs are facing ever increasing attack surfaces caused by the shift to remote work, reliance on cloud-based services (and often multi-cloud), and the convergence of IT/OT networks,” said Mike Goguen, founder and managing partner at Two Bear Capital. “Elisity addresses all of these problems by not only enacting a zero trust model, but by doing so at the edge and within the behavioral context of each interaction. We are excited to partner with the CEO, James Winebrenner, and his team as they expand the reach of their revolutionary approach to enterprise security.”

Founded in 2018, Elisity — whose competitors include the likes of Vectra AI and Lastline closed a $7.5 million seed round in August that same year, led by Atlantic Bridge. With its seed round, Elisity began scaling its engineering, sales and marketing teams to ramp up ahead of the platform’s launch. 

Now it’s looking to scale in order to meet growing enterprise demand, which comes as many organizations move to a hybrid working model and seek the tools to help them secure distributed workforces. 

“When the security perimeter is no longer the network, we see an incredible opportunity to evolve the way enterprises connect and protect their people and their assets, moving away from strict network constructs to identity and context as the basis for secure access,” said Winebrenner. 

“With Elisity, customers can dispense with the complexity, cost and protracted timeline enterprises usually encounter. We can onboard a new customer in as little as 45 minutes, rather than months or years, moving them to an identity-based access policy, and expanding to their cloud and on-prem[ise] footprints over time without having to rip and replace existing identity providers and network infrastructure investments. We do this without making tradeoffs between productivity for employees and the network security posture.”

Elisity, which is based in California, currently employs around 30 staff. However, it currently has no women in its leadership team, nor on its board of directors. 

#allegiscyber-capital, #artificial-intelligence, #california, #ceo, #cisco, #cloud-computing, #cloud-infrastructure, #computer-security, #computing, #funding, #lastline, #managing-partner, #operational-technology, #qualys, #security, #technology, #viptela

Cisco strikes again grabbing threat assessment tool Kenna Security as third acquisition this week

Cisco has been busy on the acquisition front this week, and today the company announced it was buying threat assessment platform Kenna Security, the third company it has purchased this week. The two companies did not disclose the purchase price.

With Kenna, Cisco gets a startup that uses machine learning to sort through the massive pile of threat data that comes into a security system on a daily basis and prioritizes the threats most likely to do the most damage. That could be a very useful tool these days when threats abound and it’s not always easy to know where to put your limited security resources. Cisco plans to take that technology and integrate into its SecureX platform.

Gee Rittenhouse, senior vice president and general manager of Cisco’s Security Business Group wrote in a blog post announcing the deal with Kenna, that his company is getting a product that brings together Cisco’s existing threat management capabilities with Kenna’s risk-based vulnerability management skills.

“That is why we are pleased to announce our intent to acquire Kenna Security, Inc., a recognized leader in risk-based vulnerability prioritization with over 14 million assets protected and over 12.7 billion managed vulnerabilities. Using data science and real-world threat intelligence, it has a proven ability to bring data in from a multi-vendor environment and provide a comprehensive view of IT vulnerability risk,” Rittenhouse wrote in the blog post.

The security sphere has been complex for a long time, but with employees moving to work from home because of COVID, it became even more pronounced in the last year. In a world where the threat landscape changes quickly, having a tool that prioritizes what to look at first in its arsenal could be very useful.

Kenna Security CEO Karim Toubba gave a typical executive argument for being acquired: it gives him a much bigger market under Cisco than his company could have built alone.

“Now is our opportunity to change the industry: once the acquisition is complete, we will be one step closer to delivering Kenna’s pioneering Risk-Based Vulnerability Management (RBVM) platform to the more than 7,000 customers using Cisco SecureX today. This single action exponentially increases the impact Kenna’s technology will have on the way the world secures networks, endpoints and infrastructures.,” he wrote in the company blog.

The company, which launched in 2010, claims to be the pioneer in the RBVM space. It raised over $98 million on a $320 million post-money valuation, according to Pitchbook data. Customers include HSBC, Royal Bank of Canada, Mattel and Quest Diagnostics.

For those customers, the product will cease to be stand-alone at some point as the companies work together to integrate Kenna technology into the SecureX platform. When that is complete, the stand-alone customers will have to purchase the Cisco solution to continue using the Kenna tech.

Cisco has had a busy week on the acquisition front. It announced its intent to acquire Sedona Systems on Tuesday, Socio Labs on Wednesday and this announcement today. That’s a lot of activity for any company in a single week. The deal is expected to close in Cisco Q4 FY 2021. The company’s 170 employees will be joining the Security Business Group led by Rittenhouse.

#cisco, #enterprise, #exit, #fundings-exits, #ma, #mergers-and-acquisitions, #security, #startups, #tc

Cisco to acquire Indy startup Socio to bring hybrid events to Webex

Cisco announced this morning that it intends to acquire Indianapolis-based startup Socio, which helps plan hybrid in-person and virtual events. The two companies did not share the purchase price.

Socio provides a missing hybrid event management component for the company to add to its Webex platform. The goal appears to be to combine this with the recent purchase of Slido and transform Webex from an application mostly for video meetings into a more comprehensive event platform.

“As part of Cisco Webex’s vision to deliver inclusive, engaging and intelligent meeting and event experiences, the acquisition of Socio Labs complements Cisco’s recent acquisition of Slido, an industry-leading audience engagement tool, which together will create a comprehensive, cost-effective and easy-to-use event management solution […],” the company explained in a statement.

The impact of the pandemic was not lost on Cisco, and it’s clear that as we can foresee going back to go back to live events, having the ability to combine it with a virtual experience means that you can open up your event to a much wider audience beyond those who can attend in person. That’s likely not something that’s going away, even after we get past COVID.

Jeetu Patel, SVP and GM for security and collaboration at Cisco says that the future of work is going to be hybrid, whether it’s for work meetings or larger events and Cisco is making this acquisition to expand the use cases for the Webex platform.

“Whether it’s a 1:1 call, a small team huddle, a group meeting or a large external event, we want to remove friction and help people engage with each other in an inclusive manner. Slido allows for every voice to be heard — even when you’re not talking. Socio allows for getting your voice heard by a large number of people,” Patel said.

And the company believes that Webex provides the platform to make it all happen. “It’s a really potent combination of technology to make human interactions more engaging, no matter the type of conversation,” he added.

Brent Leary, founder and principal analyst at CRM Essentials, says that it’s a smart move to take advantage of the changing events landscape and that this acquisition helps make Cisco a serious player in this space.

“As we get closer to a post-pandemic world, the need to create hybrid event experiences is going to quickly accelerate as people start venturing out to attend physical events. So having an event stack that combines local event support/participation with tools to integrate a broader virtual audience will be the future of event management,” Leary told me.

Socio was founded in 2016 and raised around $7 million in investment capital, according to Crunchbase data. It has a prestigious list of enterprise customers that includes Microsoft, Google, Jet Blue, Greenpeace, PepsiCo and Hyundai

The deal is expected to close in Q4 of FY2021. When it does close, Socio’s 135 employees will be joining Cisco. The plan is to incorporate Socio’s tooling into the Webex platform while allowing it to continue as a stand-alone product, according to a Cisco spokesperson.

#cisco, #cloud, #enterprise, #exit, #fundings-exits, #indianapolis-startups, #ma, #mergers-and-acquisitions, #saas, #socio, #startups, #tc

Cloudflare rallies the troops to fight off another so-called patent troll

Nearly four years ago, we wrote about a battle between Cloudflare, the San Francisco-based internet security and performance company, and Blackbird Technologies, a firm that quickly amassed dozens of patents, then began using them to file dozens of patent infringement lawsuits against companies, including Cloudflare.

The suit was typical in every way, except how Cloudflare responded to it. Unlike many targets of similar lawsuits that opt to settle, Cloudflare fought back, asking very publicly for help in locating prior art that would not only invalidate the broad patent that Blackbird was using to sue Cloudflare, but to invalidate all of Blackbird’s patents. The public answered the call, and two years and 275 unique submissions later, the case against Cloudflare was dismissed and Blackbird’s operations were diminished.

One might surmise that given the stink that Cloudflare raised, other patent trolls might choose an easier target. Yet last month, Cloudflare was sued yet again, this time by Sable Networks, a “company that doesn’t appear to have operated a real business in nearly ten years — relying on patents that don’t come close to the nature of our business or the services we provide,” as says Doug Kramer, general counsel of CloudFlare.

Unsurprisingly, Cloudflare isn’t going to take this newest action lying down. This morning, after revealing the lawsuit publicly, it invited the engineering community to again “turn the tables” on patent trolls by inviting them to participate in a crowdsourced effort to find evidence of prior art to invalidate the “ancient, 20-year-old patents” that Cloudlflare says that Sable is is “trying to stretch . . . lightyears beyond what they were meant to cover.”

Cloudflare is also offering a $100,000 bounty to be split among entrants who provide the most useful prior-art references that can be used in challenging the validity of all of Sable’s patents, not just those being asserted against Cloudflare.

The idea is to deal a big enough blow to Sable that not only is its case against Cloudflare hobbled but also future cases against other entities.

“We feel fortunate that we didn’t run into one of these cases earlier in our history, where it might have really taken us off our path,” Kramer tells TechCrunch. “Blackbird came along when we had a bit more stability, and we have even more stability now.”

Given that position of relative strength, he says, “We want to go about this in a way that will force [Sable] to define their claims and stand on their claims, and we want to do it in a way that leaves something behind for other folks, particularly smaller companies that may come behind us, so we want to put [Sable’s] entire patent portfolio under scrutiny.”

Certainly, Cloudflare is not Sable’s only target. Indeed, a quick search shows that Sable has also sued the cybersecurity business Fortinet, the data platform Splunk, and networking giants Juniper Networks and Cisco Systems, among roughly a dozen other companies.

Eight of those cases — including with Juniper and Cisco — have already settled. The reality is that most companies see infringement cases by non-practicing entities like Sable as a nuisance to be quickly resolved because they are a distraction and because the expense of fighting is often equal to or even more than the cost of settling.

The companies also lose oftentimes. Though in 2017, the Supreme Court ruled unanimously that patent holders suing corporations can’t seek out a friendly court — their venue of choice was long the Eastern District of Texas, where 2,500 cases were brought in  2015 alone, 95% of them initiated by non-practicing entities like Sable — business remains brisk in Texas, where legal teams bring in a lot of money and often successfully cast major corporations to local jurors as villainous.

A report in the Houston Chronicle last year noted that businesses and individuals filed 747 patent complaints in Texas during the first six months of 2020 — double the number from a year earlier and twice as many as any other state. To underscore the point, it noted that while patent infringement lawsuits jumped 16 percent nationwide in the first six months of last year, the number of new disputes in Texas soared 96%.

Some of those cases landed in the Eastern District of Texas (and mostly in Marshall, Texas, which boasts a population of 23,000). Some landed in the Southern District, which covers Houston and, according to that same Houston Chronicle report, experienced a 43% jump in new patent violation cases last year.

But Waco, the Western District of Texas, has become the new center for patent infringement cases. That’s largely because the district encompasses Austin, where many tech companies have offices, and notably, a key piece of that 2017 Supreme Court ruling limited filings to venues where the defendants have actual operations.

So-called patent trolls have also found a friend, seemingly, in U.S. District Judge Alan Albright, a former trial attorney who was nominated to become a federal judge in Waco in 2018 by former President Donald Trump. In the two years following his confirmation by the Senate, Albright has come to preside over the most popular court in the country to litigate intellectual property disputes, with a very high percentage of plaintiffs winning their cases.

It’s no wonder that outfits like Sable continue on their path. Scoring early settlement agreements can add up to big business. (Their continued success is also why litigation finance funds continue to spring into existence.)

Cloudflare is a much bigger target now, too. While Blackbird sued while it was still a privately held entity, Cloudflare went public in 2019 and currently boasts a market cap of $26 billion.

Kramer is acutely aware of the upward battle ahead. It’s why despite its resources, Cloudflare is reaching out to the public again. “I don’t mean to sound self-serving, but we have a very intense group of engineers and people in this space who read [our] blog regularly,” Kramer says of the detailed post he published this morning relating to the case. “I also think this really strikes a nerve with some people because they are so bothered by” the practice of patent infringement suits.

Kramer says it’s impossible to overstate the impact of these far-flung engineers in Cloudflare’s fight against Blackbird, “It wasn’t just people who thought, ‘Oh, it’s a chance to make some money and I’m gonna go do this.’ There wasn’t a lot of junk in [what they submitted]. Instead, we had people saying, ‘Hey, listen, I worked on this back in the ’90s when I was over at this company, and it’s crazy that they’re trying to say they invented this,’ and they would send us articles that they had written.

“We had people doing research at libraries and stuff like that,” adds Kramer, “but we also had people who had worked in the industry and said, ‘I worked on this three years before they ever got that patent; there’s no way they should be able to create this [trouble] based something that I did.’”

Cloudflare is hoping again that a lot of its followers will get energized, but “also the exact right people, who are motivated by this and and who are very, very knowledgeable in this space,” says Kramer.

“We’re hoping to get the gang back together.”

#cisco, #cloudflare, #juniper-networks, #lawsuit, #litigation, #patent-infringement, #patent-troll, #patents, #splunk, #tc, #texas

Google’s Anthos multi-cloud platform gets improved logging, Windows container support and more

Google today announced a sizable update to its Anthos multi-cloud platform that lets you build, deploy and manage containerized applications anywhere, including on Amazon’s AWS and (in preview) on Microsoft Azure.

Version 1.7 includes new features like improved metrics and logging for Anthos on AWS, a new Connect gateway to interact with any cluster right from Google Cloud and a preview of Google’s managed control plane for Anthos Service Mesh. Other new features include Windows container support for environments that use VMware’s vSphere platform and new tools for developers to make it easier for them to deploy their applications to any Anthos cluster.

Today’s update comes almost exactly two years after Google CEO Sundar Pichai originally announced Anthos at its Cloud Next event in 2019 (before that, Google called this project the ‘Google Cloud Services Platform,’ which launched three years ago). Hybrid- and multi-cloud, it’s fair to say, takes a key role in the Google Cloud roadmap — and maybe more so for Google than for any of its competitors. And recently, Google brought on industry veteran Jeff Reed to become the VP of Product Management in charge of Anthos.

Reed told me that he believes that there are a lot of factors right now that are putting Anthos in a good position. “The wind is at our back. We bet on Kubernetes, bet on containers — those were good decisions,” he said. Increasingly, customers are also now scaling out their use of Kubernetes and have to figure out how to best scale out their clusters and deploy them in different environments — and to do so, they need a consistent platform across these environments. He also noted that when it comes to bringing on new Anthos customers, it’s really those factors that determine whether a company will look into Anthos or not.

He acknowledged that there are other players in this market, but he argues that Google Cloud’s take on this is also quite different. “I think we’re pretty unique in the sense that we’re from the cloud, cloud-native is our core approach,” he said. “A lot of what we talk about in [Anthos] 1.7 is about how we leverage the power of the cloud and use what we call ‘an anchor in the cloud’ to make your life much easier. We’re more like a cloud vendor there, but because we support on-prem, we see some of those other folks.” Those other folks being IBM/Red Hat’s OpenShift and VMware’s Tanzu, for example. 

The addition of support for Windows containers in vSphere environments also points to the fact that a lot of Anthos customers are classical enterprises that are trying to modernize their infrastructure, yet still rely on a lot of legacy applications that they are now trying to bring to the cloud.

Looking ahead, one thing we’ll likely see is more integrations with a wider range of Google Cloud products into Anthos. And indeed, as Reed noted, inside of Google Cloud, more teams are now building their products on top of Anthos themselves. In turn, that then makes it easier to bring those services to an Anthos-managed environment anywhere. One of the first of these internal services that run on top of Anthos is Apigee. “Your Apigee deployment essentially has Anthos underneath the covers. So Apigee gets all the benefits of a container environment, scalability and all those pieces — and we’ve made it really simple for that whole environment to run kind of as a stack,” he said.

I guess we can expect to hear more about this in the near future — or at Google Cloud Next 2021.

 

#anthos, #apigee, #aws, #ceo, #chrome-os, #cisco, #cloud, #cloud-computing, #cloud-infrastructure, #computing, #enterprise, #google, #google-cloud, #google-cloud-platform, #ibm, #kubernetes, #microsoft, #microsoft-windows, #red-hat, #sundar-pichai, #vmware

Duo goes passwordless

Duo, the authentication service Cisco acquired for $2.35 billion in 2018, today announced its plans to launch a passwordless authentication service that will allow users to log in to their Duo-protected services through security keys or platform biometrics like Apple’s Face ID or Microsoft’s Windows Hello. The infrastructure-agnostic service will go into public preview in the summer.

“Cisco has strived to develop passwordless authentication that meets the needs of a diverse and evolving workforce and allows the broadest set of enterprises to securely progress towards a passwordless future, regardless of their IT stack,” said Gee Rittenhouse, SVP and GM of Cisco’s Security Business Group. “It’s not an overstatement to say that passwordless authentication will have the most meaningful global impact on how users access data by making the easiest path the most secure.”

If you’re using Duo or a similar product today, chances are that you are using both passwords and a second factor to log into your work applications. But users are notoriously bad about their password hygiene — and to the despair of any IT department, they also keep forgetting them.

In the standard two-factor authentication scheme, the second factor is basically an extra moat around your password. Passwordless is essentially another form of two-factor authentication, but it instead of passwords, it relies on cryptographic key pairs, be that with the help of a hardware security key or biometric authentication.

Duo’s passwordless service relies on the Web Authentication standard which ensures that your data is stored locally and not on a centralized server, too.

According to Duo’s own data, we have now reached a point where the hardware is ready for passwordless, with 80 percent of mobile devices now offering support for biometrics.

“Passwordless is a journey requiring incremental changes in users and IT environments alike, not something enterprises can enable overnight,” said Wolfgang Goerlich, Advisory Chief Information Security Officer, Duo Security at Cisco. “Duo can help enterprises transition their environments and workforces securely and minimize user friction while simultaneously increasing trust in every authentication.”

#access-control, #authentication, #cisco, #computer-security, #cryptography, #microsoft-windows, #multi-factor-authentication, #password, #security-token, #svp, #tc, #work-applications

TikTok parent ByteDance joins patent troll protection group LOT Network

LOT Network, the non-profit that helps businesses of all sizes and across industries defend themselves against patent trolls by creating a shared pool of patents to immunize themselves against them, today announced that TikTik parent ByteDance is joining its group.

ByteDance has acquired its fair share of patents in recent years and is itself embroiled in a patent fight with its rival Triller. That’s not what joining the LOT Network is about, though. ByteDance is joining a group of companies here that includes the likes of IBM, the Coca-Cola Company, Cisco, Lyft, Microsoft, Oracle, Target, Tencent, Tesla, VW, Ford, Waymo, Xiaomi and Zelle. In total, the group now has over 1,300 members.

As LOT CEO Ken Seddon told me, the six-year-old group had a record year in 2020, with 574 companies joining it and bringing its set of immunized patents to over 3 million, including 14% of all patents issued in the U.S.

Among the core features of LOT, which only charges members who make more than $25 million in annual revenue, is that its members aren’t losing control over the patents they add to the pool. They can still buy and trade them as before, but if they decide to sell to what the industry calls a ‘patent assertion entity,’ (PAE) that is, a patent troll, they automatically provide a free licence to that patent to every other member of the group. This essentially turns LOT into what Seddon calls a ‘flu shot ‘ against patent trolls (and one that’s free for startups).

“The conclusion that people are waking up to is, is that we’re basically like a herd, we’re herd immunization, effectively,” Seddon said. “And every time a company joins, people realize that the community of non-members shrinks by one. It’s like those that don’t have the vaccination shrinks — and they are, ‘wait a minute, that makes me a higher risk of getting sued. I’m a bigger target.’ And they’re like, ‘wait a minute, I don’t want to be the target.’”

ByteDance, he argues, is a good example for a company that can profit from membership in LOT. While you may think of patents as purely a sign of a company’s innovativeness, for corporate lawyers, they are also highly effective defense tools (that can be used aggressively as well, if needed). But it can take a small company years to build up a patent portfolio. But a fast-growing, successful company also becomes an obvious target for patent trolls.

“When you are a successful company, you naturally become a target,” Seddon said. “People become jealous and they become threatened by you. And they covet your money and your revenue and your success. One of the ways that companies can defend themselves and protect their innovation is through patents. Some companies grow so fast, they become so successful, that their revenue grows faster than they can grow their patent portfolio organically.” He cited Instacart, which acquired 250 patents from IBM earlier this month, and Airbnb, which was sued by IBM over patent infringement in early 2020 (the companies settled in December), as examples.

ByteDance, thanks to the success of TikTok, now finds itself in a situation where it, too, is likely to become a target of patent trolls. The company has started acquiring patents itself to grow its portfolio faster and now it is joining LOT to strengthen its protection there.

“[ByteDance] is being a visionary and trying to get ahead of the wave,” Seddon noted. “They are a successful global company that needs to develop a global IP strategy. Historically, PAEs were just a US problem, but now ByteDance has to worry about PAEs being an issue in China and Europe as well.  By joining LOT, they protect themselves and their investments from over 3 million patents should they ever fall into the hands of a PAE.”

Lynn Wu, Director and Chief IP Counsel, Global IP and Digital Licensing Strategy at ByteDance, agrees. “Innovation is core to the culture at ByteDance, and we believe it’s important to protect our diverse technical and creative community,” she said in today’s announcement. “As champions for the fair use of IP, we encourage other companies to help us make the industry safer by joining LOT Network. If we work together, we can protect the industry from exploitation and continue advancing innovation, which is key to the growth and success of the entire community.”

There’s another reason companies are so eager to join the group now, though, and that’s because these patent assertion entities, which had faded into the background a bit in the mid- to late-2010s, may be making a comeback. The core assumption here is a bit gloomy: many companies seem to assume we’re in for an economic downturn. If we hit a recession, a lot of patent holders will start looking at their patent portfolios and start selling off some their more valuable patents in order to stay afloat. Since beggars can’t be choosers, that often means they’ll sell to a patent troll if that troll is the highest bidder. Last year, a patent troll sued Uber using a patent sold by IBM, for example (and IBM gets a bit of a bad rap for this, but, hey, it’s business).

That’s what happened after the last recession — though it typically takes a few years for the effect to be felt. Nothing in the patent world moves quickly.

Now, when LOT members sell to a troll, that troll can’t sue other LOT members over it. Take IBM, for example, which joined LOT last year.

“People give IBM a lot of grief and criticism for selling to PAEs, but at least IBM is giving everybody a chance to get a free license,” Seddon told me. “IBM joined LOT last year and what IBM is effectively doing is saying to everybody, ‘look, I joined LOT.’ And they put all of their entire patent portfolio into LOT. And they’re saying to everybody, ‘look, I have the right to sell my patents to anybody I want, and I’m going to sell it to the highest bidder. And if I sell it to a patent troll and you don’t join LOT — and if you get sued by a troll, is that my fault or your fault? Because if you join LOT, you could have gotten a free license.’”

#airbnb, #bytedance, #cisco, #flu, #ford, #ibm, #instacart, #intellectual-property-law, #lawsuit, #lot-network, #lyft, #microsoft, #monopoly, #oracle, #patent, #patent-law, #patent-troll, #software, #tencent, #tesla, #triller, #united-states, #vaccination, #vw, #waymo

VergeSense raises $12M Series B for its workplace analytics service

VergeSense, a startup that uses machine vision to help businesses better understand how their office spaces are being utilized, today announced that it has raised a $12 million Series B funding round led by Tola Capital.

Including the company’s $9 million Series A round, which it raised earlier this year, VergeSense has now raised a total of $22.6 million. Previous investors include JLL Spark, Allegion Ventures, MetaProp, Y Combinator, Pathbreaker Ventures and West Ventures.

Given the COVID-19 pandemic, it’s maybe no surprise that VergeSense would be seeing quite a bit of demand for its service and sensors. While the company was seeing strong growth since its launch in 2017, the pandemic is accelerating the move to smarter office spaces. As VergeSense CEO and co-founder Dan Ryan told me, over the course of the last few months, the company added new features to help businesses manage social distancing, for example, and to better understand where in a given office they should intensify their cleaning protocols.

VergeSense sensor

It’s also becoming increasingly clear that even after we get the pandemic under control, office spaces — and office work — will look radically different. “It’s going to be a sort of a hybrid model of working, which, pre-pandemic, was already something that was happening — companies were experimenting with this — but now it’s been turbocharged,” Ryan said. “We never anticipated any of this, but I think it’s a great example of the possibilities that you can help support when you have this intelligent infrastructure all around you that allows you to almost program the physical world.”

Another new feature the company launched this year allows its tools to register when a seat is likely occupied, even though nobody is in it right now, by looking for backpacks and other signs that would signal that a desk is in use.

VergeSense currently has customers in 29 countries. These include the likes of Shell, Quicken Loans, Roche, Cisco and Telus. In total, the company’s tools watch more than 40 million square feet of space now.

Image Credits: VergeSense

As Ryan told me, the company saw quite a bit of inbound interest from investors this year and the team wanted to capitalize on the current trends. “As we look forward to ’21, especially now that this transition to an agile hybrid seating model is going to be turbocharged, we were preparing for and planning for additional growth there as well. So this was sort of opportunistic opportunity to team up with Tola to help go to the next level,” Ryan explained.

The company plans to use the new funding to continue to work on its core computer vision capabilities and hardware, but as Ryan noted, one of the focus areas for VergeSense in 2021 will also include new partnerships and integrations with tools for booking desks and rooms, as well as building automation systems. To do so, it plans to double its headcount and hire across all departments.

VergeSense is obviously not the only company playing in this space. Swiss startup Locatee, for example, raised a Series A round for its service earlier this year, though it uses network data to measure occupancy and not the kind of dedicated sensors that VergeSense is developing. Other players include the likes of Density, Basking and SteerPath.

#allegion-ventures, #articles, #artificial-intelligence, #cisco, #locatee, #pathbreaker-ventures, #quicken-loans, #recent-funding, #roche, #startups, #telus, #tola-capital, #vergesense, #y-combinator

Wormable code-execution flaw in Jabber has a severity rating of 9.9 out of 10

Wormable code-execution flaw in Jabber has a severity rating of 9.9 out of 10

Enlarge (credit: Getty Images)

Cisco has patched its Jabber conferencing and messaging application against a critical vulnerability that made it possible for attackers to execute malicious code that would spread from computer to computer with no user interaction required. Again.

The vulnerability, which was first disclosed in September, was the result of several flaws discovered by researchers at security firm Watchcom Security. First, the app failed to properly filter potentially malicious elements contained in user-sent messages. The filter was based on an incomplete blocklist that could be bypassed using a programming attribute known as onanimationstart.

Messages that contained the attribute passed directly to DOM of an embedded browser. Because the browser was based on the Chromium Embedded Framework, it would execute any scripts that made it through the filter.

Read 5 remaining paragraphs | Comments

#biz-it, #cisco, #exploits, #jabber, #tech, #vulnerabilities, #xss

Fylamynt raises $6.5M for its cloud workflow automation platform

Fylamynt, a new service that helps businesses automate their cloud workflows, today announced both the official launch of its platform as well as a $6.5 million seed round. The funding round was led by Google’s AI-focused Gradient Ventures fund. Mango Capital and Point72 Ventures also participated.

At first glance, the idea behind Fylamynt may sound familiar. Workflow automation has become a pretty competitive space, after all, and the service helps developers connect their various cloud tools to create repeatable workflows. We’re not talking about your standard IFTTT- or Zapier -like integrations between SaaS products, though. The focus of Fylamynt is squarely on building infrastructure workflows. And while that may sound familiar, too, with tools like Ansible and Terraform automating a lot of that already, Fylamynt sits on top of those and integrates with them.

Image Credits: Fylamynt

“Some time ago, we used to do Bash and scripting — and then […] came Chef and Puppet in 2006, 2007. SaltStack, as well. Then Terraform and Ansible,” Fylamynt co-founder and CEO Pradeep Padala told me. “They have all done an extremely good job of making it easier to simplify infrastructure operations so you don’t have to write low-level code. You can write a slightly higher-level language. We are not replacing that. What we are doing is connecting that code.”

So if you have a Terraform template, an Ansible playbook and maybe a Python script, you can now use Fylamynt to connect those. In the end, Fylamynt becomes the orchestration engine to run all of your infrastructure code — and then allows you to connect all of that to the likes of DataDog, Splunk, PagerDuty Slack and ServiceNow.

Image Credits: Fylamynt

The service currently connects to Terraform, Ansible, Datadog, Jira, Slack, Instance, CloudWatch, CloudFormation and your Kubernetes clusters. The company notes that some of the standard use cases for its service are automated remediation, governance and compliance, as well as cost and performance management.

The company is already working with a number of design partners, including Snowflake

Fylamynt CEO Padala has quite a bit of experience in the infrastructure space. He co-founded ContainerX, an early container-management platform, which later sold to Cisco. Before starting ContainerX, he was at VMWare and DOCOMO Labs. His co-founders, VP of Engineering Xiaoyun Zhu and CTO David Lee, also have deep expertise in building out cloud infrastructure and operating it.

“If you look at any company — any company building a product — let’s say a SaaS product, and they want to run their operations, infrastructure operations very efficiently,” Padala said. “But there are always challenges. You need a lot of people, it takes time. So what is the bottleneck? If you ask that question and dig deeper, you’ll find that there is one bottleneck for automation: that’s code. Someone has to write code to automate. Everything revolves around that.”

Fylamynt aims to take the effort out of that by allowing developers to either write Python and JSON to automate their workflows (think ‘infrastructure as code’ but for workflows) or to use Fylamynt’s visual no-code drag-and-drop tool. As Padala noted, this gives developers a lot of flexibility in how they want to use the service. If you never want to see the Fylamynt UI, you can go about your merry coding ways, but chances are the UI will allow you to get everything done as well.

One area the team is currently focusing on — and will use the new funding for — is building out its analytics capabilities that can help developers debug their workflows. The service already provides log and audit trails, but the plan is to expand its AI capabilities to also recommend the right workflows based on the alerts you are getting.

“The eventual goal is to help people automate any service and connect any code. That’s the holy grail. And AI is an enabler in that,” Padala said.

Gradient Ventures partner Muzzammil “MZ” Zaveri echoed this. “Fylamynt is at the intersection of applied AI and workflow automation,” he said. “We’re excited to support the Fylamynt team in this uniquely positioned product with a deep bench of integrations and a non-prescriptive builder approach. The vision of automating every part of a cloud workflow is just the beginning.”

The team, which now includes about 20 employees, plans to use the new round of funding, which closed in September, to focus on its R&D, build out its product and expand its go-to-market team. On the product side, that specifically means building more connectors.

The company offers both a free plan as well as enterprise pricing and its platform is now generally available.

#ansible, #articles, #artificial-intelligence, #business, #ceo, #chef, #cisco, #cloud, #cloud-applications, #datadog, #developer, #enterprise, #gradient-ventures, #json, #pagerduty, #partner, #point72-ventures, #python, #servicenow, #splunk, #vmware, #zapier

Cisco rolls out fix for Webex flaws that let hackers eavesdrop on meetings

Promotional image for video-conferencing software.

Enlarge (credit: Cisco)

Cisco is rolling out fixes for three vulnerabilities in its Webex video-conference software that made it possible for interlopers to eavesdrop on meetings as a “ghost,” meaning being able to view, listen, and more without being seen by the organizer or any of the attendees.

The vulnerabilities were discovered by IBM Research and the IBM’s Office of the CISO, which analyzed Webex because it’s the company’s primary tool for remote meetings. The discovery comes as work-from-home routines have driven a more than fivefold increase in the use of Webex between February and June. At its peak, Webex hosted up to 4 million meetings in a single day.

The vulnerabilities made it possible for an attacker to:

Read 8 remaining paragraphs | Comments

#biz-it, #cisco, #vulnerabilities, #webex

Salto raises $27M to let you configure your SaaS platforms with code

Salto, a Tel Aviv-based open-source startup that allows you to configure SaaS platforms like Salesforce, NetSuite and HubSpot with code, is coming out of stealth today and announced that it has raised a $27 million Series A round. This round was led by Bessemer Venture Partners, Lightspeed Venture Partners and Salesforce Ventures.

The general idea here — which is similar to the ‘infrastructure-as-code’ movement — is to allow business operations teams to automate the labor-intensive and error-prone ways they currently use to manage SaaS platforms. While others in this space are betting on no-code solutions for managing these systems, Salto is going the other way and is betting on code instead.

“We realized the challenges BizOps teams face are very similar to the problems encountered by software and DevOps engineers on a daily basis,” writes Salto co-founder and CEO Rami Tamir in today’s announcement. “So we adapted software development fundamentals and best practices to the BizOps field. There’s no need to reinvent the wheel; the same techniques used to make high-quality software can also be applied to keeping control over business applications.”

Image Credits: Salto

Salto makes the core of its service available as open source. This open-source version includes the company’s NaCI language, a declarative configuration language based on the syntax of HashiCorp’s hcl, a command-line interface for deploying configuration changes (and fetching the current configuration state of an application) and a VS Code extension.

In combination with Git, business operations teams can collaborate on writing these configurations and test them in staging environments. The company is essentially taking modern software development practices and applying them to business operations.

Image Credits: Salto

“Defining a company’s business logic as code can make a fundamental change in the way business applications are delivered,” writes Tamir. “We like to think about it as ‘company-as-code,’ much in the same way as ‘infrastructure-as-code’ transformed the way we manage data centers.”

Some of the use cases here are configuring custom Salesforce CPQ fields, and syncing profiles across Salesforce environments and maintaining audio logs for NetSuite. For now, the company only supports connections to Salesforce, HubSpot and NetSuite, with others following soon.

Like other open-source companies, Salto’s business model involved selling a hosted version of its service, which the company is also announcing today.

In terms of raising this new round, it surely helped that the founding team, which includes Benny Schnaider and Gil Hoffer, in addition to Tamir, previously sold the three companies they founded. Pentacom was acquired by Cisco earlier this year; Oracle acquired Ravello Systems in 2016 and Qumranet was acquired by Red Hat in 2008.

“Business agility is more important than ever today, and the alignment of external business services to real business needs is increasing in strategic importance,” said Alex Kayyal, Partner and Head of International at Salesforce Ventures . “BizOps teams are becoming more and more crucial to the success of companies. With Salto they are empowered to meet the tasks they are charged with, equipped with modernized methodologies and a greatly enhanced toolbox.”

#bessemer-venture-partners, #cisco, #cloud-applications, #computing, #devops, #head, #hubspot, #lightspeed-venture-partners, #netsuite, #oracle, #oracle-corporation, #ravello-systems, #red-hat, #salesforce, #salesforce-ventures, #salto, #software, #software-as-a-service, #tc, #tel-aviv