Stairwell secures $20M Series A to help organizations outsmart attackers

Back when Stairwell emerged from stealth in 2020, the startup was shrouded in secrecy. Now with $20 million in Series A funding, its founder and CEO Mike Wiacek — who previously served as chief security officer at Chronicle, Google’s moonshot cybersecurity company — is ready to talk.

As well as raising $20M, an investment round co-led by Sequoia Capital and Accel, Stairwell is launching Inception, a threat hunting platform that aims to help organizations determine if they were compromised now or in the past. Unlike other threat detection platforms, Inception takes an “inside out” approach to cybersecurity, which starts by looking inwards at a company’s data.

“This helps you study what’s in your environment first before you start thinking about what’s happening in the outside world,” Wiacek tells TechCrunch. “The beautiful thing about that approach is that’s not information that outside parties, a.k.a. the bad guys, are privy to.”

This data, all of which is treated as suspicious, is continuously evaluated in light of new indicators and new threat intelligence. Stairwell claims this enables organizations to detect anomalies within just days, rather than the industry average of 280 days, as well as to “bootstrap” future detections.

“If you go and buy a threat intelligence feed from Vendor X, do you really think that someone who’s spending hundreds of thousands, or even millions of dollars to conduct an offensive campaign isn’t going to make sure that whatever they’re using isn’t in that field?,” said Wiacek. “They know what McAfee knows and they know other antivirus engines know, but they don’t know what you know and that’s a very powerful advantage that you have there.”

Stairwell’s $20 million in Series A funding, which comes less than 12 months after it secured $4.5 million in seed funding, will be used to further advance the Inception platform and to increase the startup’s headcount; the Palo Alto-based firm currently has a modest headcount of 21.

The Inception platform, which the startup claims finally enables enterprises to “outsmart the bad guys”, is launching in early release for a limited number of customers, with full general availability scheduled for 2022.

“I just wish we had a product to market when SolarWinds happened,” Wiacek added.

#accel, #anomali, #ceo, #computer-security, #computing, #google-cloud, #inception, #information-technology, #mcafee, #palo-alto, #security, #sequoia-capital, #solarwinds, #stairwell, #system-administration

Stonehenge Technology Labs bags $2M, gives CPG companies one-touch access to metrics

Stonehenge Technology Labs wants consumer packaged goods companies to gain meaningful use from all of the data they collect. It announced $2 million in seed funding for its STOPWATCH commerce enhancement software.

The round was led by Irish Angels, with participation from Bread and Butter Ventures, Gaingels, Angeles Investors, Bonfire Ventures and Red Tail Venture Capital.

CEO Meagan Kinmonth Bowman founded the Arkansas-based company in 2019 after working at Hallmark, where she was tasked with the digital transformation of the company.

“This was not a consequence of them not being good marketers or connected to mom, but they didn’t have the technology to connect their back end with retailers like Amazon, Walmart or Hobby Lobby,” she told TechCrunch. “There are so many smart people building products to connect with consumers. The challenge is the big guys are doing things the same way and not thinking like the 13-year-olds on social media that are actually winning the space.”

Kinmonth Bowman and her team recognized that there was a missing middle layer connecting the world of dotcom with brick and mortar. If the middle layer could be applied to the enterprise resource plans and integrate public and private data feeds, a company could be just as profitable online as it could be in traditional retail, she said.

Stonehenge’s answer to that is STOPWATCH, which takes in over 100 million rows of data per workspace per day, analyzes the data points, adds real-time alerts and provides the right data to the right people at the right time.

Dan Rossignol, a B2B SaaS investor, said the CPG world is also about consumerizing our life, and the global pandemic showed that even at home, people could have a productive day and business. Rossignol likes to invest in underestimated founders and saw in Stonehenge a company that is getting CPGs out from underneath antiquated technologies.

“What Meagan and her team are doing is really interesting,” he added. “At this stage, it is all about the people, and the ability to bet on doing something larger.”

Kinmonth Bowman said she had the opportunity to base the company in Silicon Valley, but chose Bentonville, Arkansas instead to be closer to the more than 1,000 CPG companies based there that she felt were the prime customer base for STOPWATCH.

The platform was originally created as a subsidiary of a consulting company, but in 2018, one of their clients told them they just wanted the software rather than also paying for the consulting piece. The business was split, and Stonehenge went underground for eight months to make a software product specifically for the client.

Kinmonth Bowman admits the technology itself is not that sexy — it is using exact transfer loads to extract data from hundreds of systems into a “lake house,” and then siloing it by retailer and other factors and then presenting the data in different ways. For example, the CEO will want different metrics than product teams.

Over the past year, the company has doubled its revenue and also doubled the amount of contracts. It already counts multiple Fortune 100 companies and emerging brands as some of its early users and plans to use the new funding to hire a sales team and go after some strategic relationships.

Stonehenge is also working on putting together a diverse workforce that mimics the users of the software, Kinmonth Bowman said. One of the challenges has been to get unique talent to move to Arkansas, but she said it is one she is eager to take on.

Meanwhile, Brett Brohl, managing partner at Bread and Butter Ventures, said the Stonehenge team “is just crazy enough, smart and driven” to build something great.

“All of the biggest companies have been around for a long time, but not a lot of large organizations have done a good job digitizing their businesses,” he said. “Even pre-COVID, they were building fill-in-the-blank digital transformations, but COVID accelerated technology and hit a lot of companies in the face. That was made more obvious to end consumers, which puts more pressure on companies to understand the need, which is good for STOPWATCH. It went from paper to Excel spreadsheets to the next cloud modification. The time is right for the next leap and how to use data.”

#angeles-investors, #arkansas, #bonfire-ventures, #bread-and-butter-ventures, #brett-brohl, #dan-rossignol, #ecommerce, #enterprise, #funding, #gaingels, #information-technology, #irish-angels, #meagan-kinmoth-bowman, #recent-funding, #red-tail-venture-capital, #saas, #social-media, #startups, #stonehenge-technology-labs, #tc

Monad emerges from stealth with $17M to solve the cybersecurity big data problem

Cloud security startup Monad, which offers a platform for extracting and connecting data from various security tools, has launched from stealth with $17 million in Series A funding led by Index Ventures. 

Monad was founded on the belief that enterprise cybersecurity is a growing data management challenge, as organizations try to understand and interpret the masses of information that’s siloed within disconnected logs and databases. Once an organization has extracted data from their security tools, Monad’s Security Data Platform enables them to centralize that data within a data warehouse of choice, and normalize and enrich the data so that security teams have the insights they need to secure their systems and data effectively.

“Security is fundamentally a big data problem,” said Christian Almenar, CEO and co-founder of Monad. “Customers are often unable to access their security data in the streamlined manner that DevOps and cloud engineering teams need to build their apps quickly while also addressing their most pressing security and compliance challenges. We founded Monad to solve this security data challenge and liberate customers’ security data from siloed tools to make it accessible via any data warehouse of choice.”

The startup’s Series A funding round, which was also backed by Sequoia Capital, brings its total amount of investment raised to  $19 million and comes 12 months after its Sequoia-led seed round. The funds will enable Monad to scale its development efforts for its security data cloud platform, the startup said.

Monad was founded in May 2020 by security veterans Christian Almenar and Jacolon Walker. Almenar previously co-founded serverless security startup Intrinsic which was acquired by VMware in 2019, while Walker served as CISO and security engineer at OpenDoor, Collective Health, and Palantir.

#big-data, #cloud-computing, #cloud-infrastructure, #computer-security, #computing, #data-management, #data-warehouse, #devops, #funding, #information-technology, #intrinsic, #opendoor, #palantir, #security, #security-tools, #sequoia-capital, #serverless-computing, #technology, #vmware

Cribl raises $200M to help enterprises do more with their data

At a time when remote work, cybersecurity attacks and increased privacy and compliance requirements threaten a company’s data, more companies are collecting and storing their observability data, but are being locked in with vendors or have difficulty accessing the data.

Enter Cribl. The San Francisco-based company is developing an “open ecosystem of data” for enterprises that utilizes unified data pipelines, called “observability pipelines,” to parse and route any type of data that flows through a corporate IT system. Users can then choose their own analytics tools and storage destinations like Splunk, Datadog and Exabeam, but without becoming dependent on a vendor.

The company announced Wednesday a $200 million round of Series C funding to value Cribl at $1.5 billion, according to a source close to the company. Greylock and Redpoint Ventures co-led the round and were joined by new investor IVP, existing investors Sequoia and CRV and strategic investment from Citi Ventures and CrowdStrike. The new capital infusion gives Cribl a total of $254 million in funding since the company was started in 2017, Cribl co-founder and CEO Clint Sharp told TechCrunch.

Sharp did not discuss the valuation; however, he believes that the round is “validation that the observability pipeline category is legit.” Data is growing at a compound annual growth rate of 25%, and organizations are collecting five times more data today than they did 10 years ago, he explained.

“Ultimately, they want to ask and answer questions, especially for IT and security people,” Sharp added. “When Zoom sends data on who started a phone call, that might be data I need to know so I know who is on the call from a security perspective and who they are communicating with. Also, who is sending files to whom and what machines are communicating together in case there is a malicious actor. We can also find out who is having a bad experience with the system and what resources they can access to try and troubleshoot the problem.”

Cribl also enables users to choose how they want to store their data, which is different from competitors that often lock companies into using only their products. Instead, customers can buy the best products from different categories and they will all talk to each other through Cribl, Sharp said.

Though Cribl is developing a pipeline for data, Sharp sees it more as an “observability lake,” as more companies have differing data storage needs. He explains that the lake is where all of the data will go that doesn’t need to go into an existing storage solution. The pipelines will send the data to specific tools and then collect the data, and what doesn’t fit will go back into the lake so companies have it to go back to later. Companies can keep the data for longer and more cost effectively.

Cribl said it is seven times more efficient at processing event data and boasts a customer list that includes Whole Foods, Vodafone, FINRA, Fannie Mae and Cox Automotive.

Sharp went after additional funding after seeing huge traction in its existing customer base, saying that “when you see that kind of traction, you want to keep doubling down.” His aim is to have a presence in every North American city and in Europe, to continue launching new products and growing the engineering team.

Up next, the company is focusing on go-to-market and engineering growth. Its headcount is 150 currently, and Sharp expects to grow that to 250 by the end of the year.

Over the last fiscal year, Cribl grew its revenue 293%, and Sharp expects that same trajectory for this year. The company is now at a growth stage, and with the new investment, he believes Cribl is the “future leader in observability.”

“This is a great investment for us, and every dollar, we believe, is going to create an outsized return as we are the only commercial company in this space,” he added.

Scott Raney, managing director at Redpoint Ventures, said his firm is a big enterprise investor in software, particularly in companies that help organizations leverage data to protect themselves, a sweet spot that Cribl falls into.

He feels Sharp is leading a team, having come from Splunk, that has accomplished a lot, has a vision and a handle on the business and knows the market well. Where Splunk is capturing the machine data and using its systems to extract the data, Cribl is doing something similar in directing the data where it needs to go, while also enabling companies to utilize multiple vendors and build apps to sit on top of its infrastructure.

“Cribl is adding opportunity by enriching the data flowing through, and the benefits are going to be meaningful in cost reduction,” Raney said. “The attitude out there is to put data in cheaper places, and afford more flexibility to extract data. Step one is to make that transition, and step two is how to drive the data sitting there. Cribl is doing something that will go from being a big business to a legacy company 30 years from now.”

#citi-ventures, #clint-sharp, #cloud, #computing, #cribl, #crowdstrike, #crv, #data-security, #datadog, #developer, #enterprise, #exabeam, #funding, #greylock, #information-technology, #ivp, #recent-funding, #redpoint-ventures, #scott-raney, #sequoia, #splunk, #startups, #storage-solution, #tc

Employee talent predictor retrain.ai raised another $7M, adds Splunk as strategic investor

Automation will displace 85 million jobs while simultaneously creating 97 million new jobs by 2025, according to the World Economic Forum. Although that sounds like good news, the hard reality is that millions of people will have to retrain in the jobs of the future.

A number of startups are addressing these problems of employee skills, so looking at talent development, neuroscience-based assessments, and prediction technologies for staffing. These include Pymetrics (raised $56.6M), Eightfold (raised $396.8M) and EmPath (raised $1M). But this sector is by no means done yet.

retrain.ai bills itself as a ‘Talent Intelligence Platform’ and it’s now closed an additional $7 million from its current investors Square Peg, Hetz Ventures, TechAviv, .406 Ventures and Schusterman Family Investments. It’s also now added Splunk Ventures as a strategic investor. The new round of funding takes its total raised to $20 million.

retrain.ai says it uses AI and machine learning to help governments and organizations retrain and upskill talent for jobs of the future, enable diversity initiatives, and that it helps employees and jobseekers manage their careers.
 
Dr. Shay David, Co-Founder and CEO of retrain.ai said: “We are thrilled to have Splunk Ventures join us on this exciting journey as we use the power of data to solve the widening skills gap in the global labor markets.”

The company says it helps companies tackle future workforce strategies by “analyzing millions of data sources to understand the demand and supply of skill sets.”
 
retrain.ai new funding will be used for U.S. expansion, hiring talent and product development.

#406-ventures, #artificial-intelligence, #computing, #data-security, #europe, #hetz, #information-technology, #machine-learning, #neuroscience, #software, #splunk, #square-peg, #system-administration, #tc, #united-states, #world-economic-forum

Salesforce’s Kathy Baxter is coming to TC Sessions: SaaS to talk AI

As the use of AI has grown and developed over the last several years, companies like Salesforce have tried to tap into it to improve their software and help customers operate faster and more efficiently. Kathy Baxter, principal architect for the ethical AI practice at Salesforce will be joining us at TechCrunch Sessions: SaaS on October 27th to talk about the impact of AI on SaaS.

Baxter, who has more than 20 years of experience as a software architect, joined Salesforce in 2017 after more than a decade at Google in a similar role. We’re going to tap into her expertise on a panel discussing AI’s growing role in software.

Salesforce was one of the earlier SaaS adherents to AI, announcing its artificial intelligence tooling, which the company dubbed Einstein, in 2016. While the positioning makes it sound like a product, it’s actually much more than a single entity. It’s a platform component, which the various pieces of the Salesforce platform can tap into to take advantage of various types of AI to help improve the user experience.

That could involve feeding information to customer service reps on Service Cloud to make the call move along more efficiently, helping salespeople find the customers most likely to close a deal soon in the Sales Cloud or helping marketing understand the optimal time to send an email in the Marketing Cloud.

The company began building out its AI tooling early on with the help of 175 data scientists and has been expanding on that initial idea since. Other companies, both startups and established companies like SAP, Oracle and Microsoft have continued to build AI into their platforms as Salesforce has. Today, many SaaS companies have some underlying AI built into their service.

Baxter will join us to discuss the role of AI in software today and how that helps improve the operations of the service itself, and what the implications are of using AI in your software service as it becomes a mainstream part of the SaaS development process.

In addition to our discussion with Baxter, the conference will also include Databricks’ Ali Ghodsi, UiPath’s Daniel Dines, Puppet’s Abby Kearns, and investors Casey Aylward and Sarah Guo, among others. We hope you’ll join us. It’s going to be a stimulating day.

Buy your pass now to save up to $100, and use CrunchMatch to make expanding your empire quick, easy and efficient. We can’t wait to see you in October!

Is your company interested in sponsoring or exhibiting at TC Sessions: SaaS 2021? Contact our sponsorship sales team by filling out this form.

#abby-kearns, #ali-ghodsi, #artificial-intelligence, #casey-aylward, #cloud, #cloud-applications, #computing, #daniel-dines, #databricks, #enterprise, #google, #information-technology, #kathy-baxter, #microsoft, #oracle, #salesforce, #sap, #sarah-guo, #tc, #tc-sessions-saas-2021, #uipath

Sophos extends its spending spree with Refactr buy

Thoma Bravo-owned Sophos has announced its second takeover in as many weeks with the acquisition of Seattle-based DevSecOps startup Refactr.

Refactr was founded in 2017 and offers an automation platform that helps cybersecurity and DevOps teams to collaboratively operate. The platform, which is used by the non-profit Center for Internet Security and the U.S. Air Force’s Platform One, features a drag-and-drop low-code pipeline builder and DevOps-friendly features that encourage disparate teams to collaborate on the same agile workflow process, according to the company.

“Our mission is to enable DevSecOps to become the modern approach to automation, where cybersecurity use cases like Security Operation, Automation and Response (SOAR), Extended Detection and Response (XDR), compliance, cloud security, and Identity and Access Management (IAM) become building blocks for DevSecOps solutions,” said Michael Fraser, CEO and co-founder of Refactr.

The deal, the terms of which were not disclosed, will see Refactr’s entire team of developers and engineers join Sophos. While Sophos says it will continue to develop and offer Refactr’s DevSecOps automation platform to existing customers, it will also embed its SOAR capabilities to its own managed threat response (MTR) and XDR solutions.

“With Refactr, Sophos will fast track the integration of such advanced SOAR capabilities into our adaptive cybersecurity ecosystem, the basis for our XDR product and MTR service,” said Joe Levy, chief technology officer at Sophos.

Sophos’ acquisition of Refactr lands shortly after it announced plans to buy Braintrace, a cybersecurity startup that provides organizations visibility into suspicious network traffic patterns. Thoma Bravo completed its $3.9 billion takeover of Sophos in 2020 as the company continues to increase its reach in the cybersecurity space. Since then, the private equity firm has acquired security vendor Proofpoint for $12.3 billion and led a $225 million funding round in zero-trust unicorn Illumio.

#braintrace, #chief-technology-officer, #computing, #cybercrime, #cybersecurity-startup, #devops, #illumio, #information-technology, #ma, #proofpoint, #seattle, #security, #security-software, #sophos, #technology, #thoma-bravo, #u-s-air-force

Noetic Cyber emerges from stealth with $15M led by Energy Impact Partners

Noetic Cyber, a cloud-based continuous cyber asset management and controls platform, has launched from stealth with a Series A funding round of $15 million led by Energy Impact Partners.

The round was also backed by Noetic’s existing investors, TenEleven Ventures and GlassWing Ventures, and brings the total amount of funds raised by the startup to $20 million following a $5 million seed round. Shawn Cherian, a partner at Energy Impact Partners, will join the Noetic board, while Niloofar Razi Howe, a senior operating partner at the investment firm, will join Noetic’s advisory board.

“Noetic is a true market disruptor, offering an innovative way to fix the cyber asset visibility problem — a growing and persistent challenge in today’s threat landscape,” said Howe.

The Massachusetts-based startup claims to be taking a new approach to the cyber asset management problem. Unlike traditional solutions, Noetic is not agent-based, instead using API aggregation and correlation to draw insights from multiple security and IT management tools.

“What makes us different is that we’re putting orchestration and automation at the heart of the solution, so we’re not just showing security leaders that they have problems, but we’re helping them to fix them,” Paul Ayers, CEO and co-founder of Noetic Cyber tells TechCrunch.

Ayer was previously a top exec at PGP Corporation (acquired by Symantec for $370 million) and Vormetric (acquired by Thales for $400 million) and founded Noetic Cyber with Allen Roger and Allen Hadden, who have previously worked at cybersecurity vendors including Authentica, Raptor and Axent. All three were also integral to the development of Resilient Systems, which was acquired by IBM.

“The founding team’s experience in the security, orchestration, automation and response market gives us unique experience and insights to make automation a key pillar of the solution,” Ayers said. “Our model gives you the certainty to make automation possible, the goal is to find and fix problems continuously, getting assets back to a secure state.”

“The development of the technology has been impacted by the current cyber landscape, and the pandemic, as some of the market drivers we’ve seen around the adoption of cloud services, and the increased use of unmanaged devices by remote workers, are driving a great need for accurate cyber asset discovery and management.”

The company, which currently has 20 employees, says it plans to use the newly raised funds to double its headcount by the end of the year, as well as increase its go-to-market capability in the U.S. and the U.K. to grow its customer base and revenue growth.

“In terms of technology development, this investment allows us to continue to add development and product management talent to the team to build on our cyber asset management platform,” Ayers said. 

“The beauty of our approach is that it allows us to easily add more applications and use cases on top of our core asset visibility and management model. We will continue to add more connectors to support customer use cases and will be bringing a comprehensive controls package to market later in 2021, as well as a community edition in 2022.”

#api, #cloud-services, #computer-security, #computing, #cryptography, #cybercrime, #cyberwarfare, #data-security, #energy-impact-partners, #funding, #glasswing-ventures, #ibm, #information-technology, #malware, #massachusetts, #partner, #raptor, #resilient-systems, #security, #shawn-cherian, #symantec, #technology-development, #teneleven-ventures, #thales, #united-kingdom, #united-states, #vormetric

DNSFilter secures $30M Series A to step up fight against DNS-based threats

DNSFilter, an artificial intelligence startup that provides DNS protection to enterprises, has secured $30 million in Series A funding from Insight Partners.

DNSFilter, as its name suggests, offers DNS-based web content filtering and threat protection. Unlike the majority of its competitors, which includes the likes of Palo Alto Networks and Webroot, the startup uses proprietary AI technology to continuously scan billions of domains daily, identifying anomalies and potential vectors for malware, ransomware, phishing, and fraud. 

“Most of our competitors either rent or lease a database from some third party,” Ken Carnesi, co-founder and CEO of DNSFilter tells TechCrunch. “We do that in-house, and it’s through artificial intelligence that’s scanning these pages in real-time.” 

The company, which counts the likes of Lenovo, Newegg, and Nvidia among its 14,000 customers, claims this industry-first technology catches threats an average of five days before competitors and is capable of identifying 76% of domain-based threats. By the end of 2021, DNSFilter says it will block more than 1.1 million threats daily.

DNSFilter has seen rapid growth over the past 12 months as a result of the mass shift to remote working and the increase in cyber threats and ransomware attacks that followed. The startup saw eightfold growth in customer activity, doubled its global headcount to just over 50 employees, and partnered with Canadian software house N-Able to push into the lucrative channel market.  

“DNSFilter’s rapid growth and efficient customer acquisition are a testament to the benefits and ease of use compared to incumbents,” Thomas Krane, principal at Insight Partners, who has been appointed as a director on DNSFilter’s board. “The traditional model of top-down, hardware-centric network security is disappearing in favor of solutions that readily plug in at the device level and can cater to highly distributed workforces”

Prior to this latest funding round, which was also backed by Arthur Ventures (the lead investor in DNSFilter’s seed round), CrowdStrike co-founder and former chief technology officer  Dmitri Alperovitch also joined DNSFilter’s board of directors. 

Carnesi said the addition of Alperovitch to the board will help the company get its technology into the hands of enterprise customers. “He’s helping us to shape the product to be a good fit for enterprise organizations, which is something that we’re doing as part of this round — shifting focus to be primarily mid-market and enterprise,” he said.

The company also recently added former CrowdStrike vice president Jen Ayers as its chief operating officer. “She used to manage their entire managed threat hunting team, so she’s definitely coming on for the security side of things as we build out our domain intelligence team further,” Carnesi said.

With its newly-raised funds, DNSFilter will further expand its headcount, with plans to add more than 80 new employees globally over the next 12 months.

“There’s a lot more that we can do for security via DNS, and we haven’t really started on that yet,” Carnesi said. “We plan to do things that people won’t believe were possible via DNS.”

The company, which acquired Web Shrinker in 2018, also expects there to be more acquisitions on the cards going forward. “There are some potential companies that we’d be looking to acquire to speed up our advancement in certain areas,” Carnesi said.

#arthur-ventures, #artificial-intelligence, #co-founder, #computing, #coo, #crowdstrike, #cto, #cyberwarfare, #director, #dns, #funding, #information-technology, #insight-partners, #lenovo, #newegg, #nvidia, #palo-alto-networks, #ransomware, #security, #startup-company, #techcrunch, #vp, #webroot

Breach simulation startup AttackIQ raises $44M to fuel expansion

AttackIQ, a cybersecurity startup that provides organizations with breach and attack simulation solutions, has raised $44 million in Series C funding as it looks to ramp up its international expansion.

The funding round was led by Atlantic Bridge, Saudi Aramco Energy Ventures (SAEV), and Gaingels, with existing vendors — including Index Ventures, Khosla Ventures, Salesforce Ventures, and Telstra Ventures — also participating. The round brings the company’s total funding raised to date to $79 million. 

AttackIQ was founded in 2013 and is based out of San Diego, California. It provides an automated validation platform that runs scenarios to detect any gaps in a company’s defenses, enabling organizations to test and measure the effectiveness of their security posture and receive guidance on how to fix what’s broken. Broadly, AttackIQ’s platform helps an organization’s security teams to anticipate, prepare, and hunt for threats that may impact their business, before hackers get there first.

Its Security Optimization Platform platform, which supports Windows, Linux, and macOS across public, private, and on-premises cloud environments, is based on the MITRE ATT&CK framework, a curated knowledge base of known adversary threats, tactics, and techniques. This is used by a number of cybersecurity companies also building continuous validation services including FireEye, Palo Alto Networks, and Cymulate.

AttackIQ says this latest round of funding, which comes more than two years after its last, arrives at a “dynamic time” for the company. Not only has cybersecurity become more of a priority for organizations as a result of a major uptick in both ransomware and supply-chain attacks, the company also recently accelerated its international expansion efforts through a partnership with technology distributor Westcon.

The startup says it’s planning to use these new funds to further expand internationally through its newfound partnership with Atlantic Bridge, which will also see Kevin Dillon, the company’s co-founder and managing director, join the AttackIQ board of directors. 

“AttackIQ has established itself as a category leader with a formidable enterprise customer base that includes four of the Fortune 20,” said Dillon. “We believe deeply in the company’s vision and potential to become the next billion-dollar cybersecurity software company and look forward to helping the company turn early traction in Europe and the Middle East into robust, long-term expansion.”

Brett Galloway, CEO of AttackIQ, said the round “reaffirms the strength” of its platform.

As well as enabling organizations to review the robustness of their security defenses, the startup also runs the AttackIQ Academy, which provides free entry-level and advanced cybersecurity training. It has accumulated 17,200 registered students to date across 176 countries.

#atlantic-bridge, #california, #ceo, #computer-security, #computing, #cybersecurity-startup, #cymulate, #europe, #fireeye, #funding, #gaingels, #information-technology, #khosla-ventures, #linux, #microsoft-windows, #middle-east, #palo-alto-networks, #salesforce-ventures, #san-diego, #security, #simulation, #telstra-ventures

Arctic Wolf secures $150M at Series F, tripling its valuation

Arctic Wolf, a managed cybersecurity company that offers “security operations-as-a-concierge” service, has raised $150 million at Series F.

This round was led by Viking Global Investors, Owl Rock, and other existing investors, and lands less than a year after the company’s last round of investment when it became the first managed detection and response (MDR) companies to secure a valuation of over $1 billion. This latest round brings its total amount of funding raised to date to just shy of $500 million, and sees the company’s valuation soar from $1.3 billion to $4.3 billion.

“This is a recognition on our part, and our investors’ part, of the challenge that our industry is facing,” Arctic Wolf CEO Brian NeSmith told TechCrunch.

As a result of this challenging cybersecurity landscape, fueled by pandemic turbulence and a mass shift to remote working, Arctic Wolf has seen impressive growth over the last 12 months. The company, which provides round-the-clock security monitoring for small and mid-sized organizations through its cloud security operations platform, saw its revenues double on rapid platform adoption growth, with nearly 60% of its 3,000 customers using at least three of its security operations solutions. This, the company claims, makes it fastest-growing company at scale in the fastest-growing area of the cybersecurity market.

The company’s headcount has also increased dramatically: the company onboard approximately 400 employees over the past 12 months and plans to add 500 new roles in the coming year. 

The newly-raised funds will be used to keep its momentum going, NeSmith said, and to step up its mergers and acquisitions strategy. Arctic Wolf has made three acquisitions since it was founded 2012 — including cybersecurity vulnerability assessment startup RootSecure in 2018 — and it’s planning to increase this number significantly over the next 12 months.

“We’ve got letters of intent for a couple more, and I expect that over the next year we’ll probably do between 5 and 10 acquisitions,” said NeSmith.

With Series F funding under its belt, Arctic Wolf is now starting to think about its exit strategy. NeSmith tells TechCrunch that while the company is weighing up its options, an IPO is likely the next logical move for the company. 

“I think ultimately the exit is IPO. That’s the most likely outcome,” he says. “Frankly, from some of the companies I’ve seen IPO over the last 3-6 months, we could be a public company today. We’re a little more measured, so we want to realize that not being public is an end point, you’re just changing the way you run the company.”

Read more:

#ceo, #computing, #funding, #information-technology, #security, #techcrunch, #viking-global-investors

The Accellion data breach continues to get messier

Morgan Stanley has joined the growing list of Accellion hack victims — more than six months after attackers first breached the vendor’s 20-year-old file-sharing product. 

The investment banking firm — which is no stranger to data breaches — confirmed in a letter this week that attackers stole personal information belonging to its customers by hacking into the Accellion FTA server of its third-party vendor, Guidehouse. In a letter sent to those affected, first reported by Bleeping Computer, Morgan Stanley admitted that threat actors stole an unknown number of documents containing customers’ addresses and Social Security numbers.

The documents were encrypted, but the letter said that the hackers also obtained the decryption key, though Morgan Stanley said the files did not contain passwords that could be used to access customers’ financial accounts.

“The protection of client data is of the utmost importance and is something we take very seriously,” a Morgan Stanley spokesperson told TechCrunch. “We are in close contact with Guidehouse and are taking steps to mitigate potential risks to clients.”

Just days before news of the Morgan Stanley data breach came to light, an Arkansas-based healthcare provider confirmed it had also suffered a data breach as a result of the Accellion attack. Just weeks before that, so did UC Berkely. While data breaches tend to grow past initially reported figures, the fact that organizations are still coming out as Accellion victims more than six months later shows that the business software provider still hasn’t managed to get a handle on it. 

The cyberattack was first uncovered on December 23, and Accellion initially claimed the FTA vulnerability was patched within 72 hours before it was later forced to explain that new vulnerabilities were discovered. Accellion’s next (and final) update came in March, when the company claimed that all known FTA vulnerabilities — which authorities say were exploited by the FIN11 and the Clop ransomware gang — have been remediated.

But incident responders said Accellion’s response to the incident wasn’t as smooth as the company let on, claiming the company was slow to raise the alarm in regards to the potential danger to FTA customers.

The Reserve Bank of New Zealand, for example, raised concerns about the timeliness of alerts it received from Accellion. In a statement, the bank said it was reliant on Accellion to alert it to any vulnerabilities in the system — but never received any warnings in December or January.

“In this instance, their notifications to us did not leave their system and hence did not reach the Reserve Bank in advance of the breach. We received no advance warning,” said RBNZ governor Adrian Orr.

This, according to a discovery made by KPMG International, was due to the fact that the email tool used by Accellion failed to work: “Software updates to address the issue were released by the vendor in December 2020 soon after it discovered the vulnerability. The email tool used by the vendor, however, failed to send the email notifications and consequently the Bank was not notified until 6 January 2021,” the KPMG’s assessment said. 

“We have not sighted evidence that the vendor informed the Bank that the System vulnerability was being actively exploited at other customers. This information, if provided in a timely manner is highly likely to have significantly influenced key decisions that were being made by the Bank at the time.”

In March, back when it was releasing updates about the ongoing breach, Accellion was keen to emphasize that it was planning to retire the 20-year-old FTA product in April and that it had been working for three years to transition clients onto its new platform, Kiteworks. A press release from the company in May says 75% of Accellion customers have already migrated to Kiteworks, a figure that also highlights the fact that 25% are still clinging to its now-retired FTA product. 

This, along with Accellion now taking a more hands-off approach to the incident, means that the list of victims could keep growing. It’s currently unclear how many the attack has claimed so far, though recent tallies put the list at around 300. This list includes Qualys, Bombardier, Shell, Singtel, the University of Colorado, the University of California, Transport for New South Wales, Office of the Washington State Auditor, grocery giant Kroger and law firm Jones Day.

“When a patch is issued for software that has been actively exploited, simply patching the software and moving on isn’t the best path,” Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Center, told TechCrunch. “Since the goal of patch management is protecting systems from compromise, patch management strategies should include reviews for indications of previous compromise.”

Accellion declined to comment.

#accellion, #arkansas, #bank, #business-software, #california, #colorado, #computer-security, #computing, #data-breach, #governor, #healthcare, #information-technology, #investment-banking, #kroger, #law, #morgan-stanley, #qualys, #security, #security-breaches, #singtel, #spokesperson, #synopsys, #transport, #university-of-california

Edge Delta raises $15M Series A to take on Splunk

Seattle-based Edge Delta, a startup that is building a modern distributed monitoring stack that is competing directly with industry heavyweights like Splunk, New Relic and Datadog, today announced that it has raised a $15 million Series A funding round led by Menlo Ventures and Tim Tully, the former CTO of Splunk. Previous investors MaC Venture Capital and Amity Ventures also participated in this round, which brings the company’s total funding to date to $18 million.

“Our thesis is that there’s no way that enterprises today can continue to analyze all their data in real time,” said Edge Delta co-founder and CEO Ozan Unlu, who has worked in the observability space for about 15 years already (including at Microsoft and Sumo Logic). “The way that it was traditionally done with these primitive, centralized models — there’s just too much data. It worked 10 years ago, but gigabytes turned into terabytes and now terabytes are turning into petabytes. That whole model is breaking down.”

Image Credits: Edge Delta

He acknowledges that traditional big data warehousing works quite well for business intelligence and analytics use cases. But that’s not real-time and also involves moving a lot of data from where it’s generated to a centralized warehouse. The promise of Edge Delta is that it can offer all of the capabilities of this centralized model by allowing enterprises to start to analyze their logs, metrics, traces and other telemetry right at the source. This, in turn, also allows them to get visibility into all of the data that’s generated there, instead of many of today’s systems, which only provide insights into a small slice of this information.

While competing services tend to have agents that run on a customer’s machine, but typically only compress the data, encrypt it and then send it on to its final destination, Edge Delta’s agent starts analyzing the data right at the local level. With that, if you want to, for example, graph error rates from your Kubernetes cluster, you wouldn’t have to gather all of this data and send it off to your data warehouse where it has to be indexed before it can be analyzed and graphed.

With Edge Delta, you could instead have every single node draw its own graph, which Edge Delta can then combine later on. With this, Edge Delta argues, its agent is able to offer significant performance benefits, often by orders of magnitude. This also allows businesses to run their machine learning models at the edge, as well.

Image Credits: Edge Delta

“What I saw before I was leaving Splunk was that people were sort of being choosy about where they put workloads for a variety of reasons, including cost control,” said Menlo Ventures’ Tim Tully, who joined the firm only a couple of months ago. “So this idea that you can move some of the compute down to the edge and lower latency and do machine learning at the edge in a distributed way was incredibly fascinating to me.”

Edge Delta is able to offer a significantly cheaper service, in large part because it doesn’t have to run a lot of compute and manage huge storage pools itself since a lot of that is handled at the edge. And while the customers obviously still incur some overhead to provision this compute power, it’s still significantly less than what they would be paying for a comparable service. The company argues that it typically sees about a 90 percent improvement in total cost of ownership compared to traditional centralized services.

Image Credits: Edge Delta

Edge Delta charges based on volume and it is not shy to compare its prices with Splunk’s and does so right on its pricing calculator. Indeed, in talking to Tully and Unlu, Splunk was clearly on everybody’s mind.

“There’s kind of this concept of unbundling of Splunk,” Unlu said. “You have Snowflake and the data warehouse solutions coming in from one side, and they’re saying, ‘hey, if you don’t care about real time, go use us.’ And then we’re the other half of the equation, which is: actually there’s a lot of real-time operational use cases and this model is actually better for those massive stream processing datasets that you required to analyze in real time.”

But despite this competition, Edge Delta can still integrate with Splunk and similar services. Users can still take their data, ingest it through Edge Delta and then pass it on to the likes of Sumo Logic, Splunk, AWS’s S3 and other solutions.

Image Credits: Edge Delta

“If you follow the trajectory of Splunk, we had this whole idea of building this business around IoT and Splunk at the Edge — and we never really quite got there,” Tully said. “I think what we’re winding up seeing collectively is the edge actually means something a little bit different. […] The advances in distributed computing and sophistication of hardware at the edge allows these types of problems to be solved at a lower cost and lower latency.”

The Edge Delta team plans to use the new funding to expand its team and support all of the new customers that have shown interest in the product. For that, it is building out its go-to-market and marketing teams, as well as its customer success and support teams.

 

#aws, #big-data, #business-intelligence, #cloud, #computing, #cto, #data-security, #data-warehouse, #datadog, #enterprise, #information-technology, #mac-venture-capital, #machine-learning, #menlo-ventures, #microsoft, #new-relic, #real-time, #recent-funding, #seattle, #splunk, #startups, #sumo-logic, #system-administration, #tc, #technology

An internal code repo used by New York State’s IT office was exposed online

A code repository used by the New York state government’s IT department was left exposed on the internet, allowing anyone to access the projects inside, some of which contained secret keys and passwords associated with state government systems.

The exposed GitLab server was discovered on Saturday by Dubai-based SpiderSilk, a cybersecurity company credited with discovering data spills at Samsung, Clearview AI and MoviePass.

Organizations use GitLab to collaboratively develop and store their source code — as well as the secret keys, tokens and passwords needed for the projects to work — on servers that they control. But the exposed server was accessible from the internet and configured so that anyone from outside the organization could create a user account and log in unimpeded, SpiderSilk’s chief security officer Mossab Hussin told TechCrunch.

When TechCrunch visited the GitLab server, the login page showed it was accepting new user accounts. It’s not known exactly how long the GitLab server was accessible in this way, but historic records from Shodan, a search engine for exposed devices and databases, shows the GitLab was first detected on the internet on March 18.

SpiderSilk shared several screenshots showing that the GitLab server contained secret keys and passwords associated with servers and databases belonging to New York State’s Office of Information Technology Services. Fearing the exposed server could be maliciously accessed or tampered with, the startup asked for help in disclosing the security lapse to the state.

TechCrunch alerted the New York governor’s office to the exposure a short time after the server was found. Several emails to the governor’s office with details of the exposed GitLab server were opened but were not responded to. The server went offline on Monday afternoon.

Scot Reif, a spokesperson for New York State’s Office of Information Technology Services, said the server was “a test box set up by a vendor, there is no data whatsoever, and it has already been decommissioned by ITS.” (Reif declared his response “on background” and attributable to a state official, which would require both parties agree to the terms in advance, but we are printing the reply as we were not given the opportunity to reject the terms.)

When asked, Reif would not say who the vendor was or if the passwords on the server were changed. Several projects on the server were marked “prod,” or common shorthand for “production,” a term for servers that are actively use. Reif also would not say if the incident was reported to the state’s Attorney General’s office. When reached, a spokesperson for the Attorney General did not comment by press time.

TechCrunch understands the vendor is Indotronix-Avani, a New York-based company with offices in India, and owned by venture capital firm Nigama Ventures. Several screenshots show some of the GitLab projects were modified by a project manager at Indotronix-Avani. The vendor’s website touts New York State on its website, along with other government customers, including the U.S. State Department and the U.S. Department of Defense.

Indotronix-Avani spokesperson Mark Edmonds did not respond to requests for comment.

Read more:

#attorney-general, #clearview-ai, #continuous-integration, #dubai, #echelon, #free-software, #git, #gitlab, #government, #india, #information-technology, #moviepass, #password, #samsung, #search-engine, #security, #software, #spidersilk, #spokesperson, #venture-capital, #version-control

After raising $10M, Ryte launches ‘Carbon KPI’ to measure the CO2 footprint of web sites

As we become more and more aware of the kind of impact we are having on this planet we call our home, just about everything is having its CO2 impact measured. Who knew, until recently, that streaming Netflix might have a measurable impact on the environment, for instance. But given vast swathes of the internet are populated by websites, as well as streaming services, then they, too, must have some sort of impact.

It transpires that a new service has identified how to gauge that, and now it’s raised venture capital to scale.

Ryte raised €8.5 million ($10 million) in a previously undisclosed round led by Bayern Kapital out of Munich and Octopus Investments out of London earlier this year for its Website User Experience Platform.

It has now launched the ‘Ryte Website Carbon KPI’, which claims to be able to help make 5% of all websites carbon neutral by 2023.

Ryte says it worked with data scientists and environmental experts to develop the ability to accurately measure the carbon impact of clients’ websites. According to carbon transition think tank, the Shift Project, the carbon footprint of our gadgets, the internet, and the systems supporting them account for about 3.7% of global greenhouse emissions. And this trend is rising rapidly as the world digitizes itself, especially post-pandemic.

Ryte has now engaged its data scientist, Katharina Meraner, who has a PhD in climate science and global warming, and input from Climate Partner, to launch this new service.

“There are currently 189 million active websites,” Ryte CEO Andy Bruckschloegl said. “Our goal is to make 5% of all active websites, or 9.5 million websites, climate neutral by the end of 2023 with the help of our platform, strong partners, social media activities, and much more. Time is ticking and making websites carbon neutral is really easy compared to other industries and processes.”

Ryte says it is also collaborating with a reforestation project in San Jose, Nicaragua, to allow its customers to offset their remaining emissions through the purchase of climate certificates.

Using a proprietary algorithm, Ryte says it measures the code of the entire website, average page size, as well as monthly traffic by channel then produces a calculation of the amount of CO2 it uses up.

Admittedly there are similar services, but these are ad-hoc and not connected to a platform. A simple Google search will bring us sites like Websitecarbon, Ecosistant, and academic papers. But as far as I can tell, a startup like this hasn’t put this kind of service into their platform yet.

“Teaming up with Ryte will help raise awareness on how information technology contributes to climate change – while at the same time providing tools to make a difference. Ryte’s industry-leading carbon calculator enables thousands of website owners to understand their carbon footprint, to offset unavoidable carbon emissions and thus lay a basis for a comprehensive climate action strategy,” commented Tristan A. Foerster, Co-CEO ClimatePartner.

 

#carbon-dioxide, #carbon-footprint, #ceo, #chemistry, #co-ceo, #data-scientist, #europe, #greenhouse-gas-emissions, #information-technology, #london, #munich, #netflix, #octopus-investments, #renewable-energy, #san-jose, #streaming-services, #tc

Zero trust unicorn Illumio closes $225M Series F led by Thoma Bravo

Illumio, a self-styled zero trust unicorn, has closed a $225 million Series F funding round at a $2.75 billion valuation. 

The round was led by Thoma Bravo, which recently bought cybersecurity vendor Proofpoint by $12.3 billion, and supported by Franklin Templeton, Hamilton Lane, and Blue Owl Capital. 

The round lands more than two years after Illumio’s Series E funding round in which it raised $65 million, and fueled speculation of an impending IPO. The company’s founder, Andrew Rubin, still isn’t ready to be pressed on whether the company plans to go public, though he told TechCrunch: “If we do our job right, and if we make our customers successful, I’d like to think that would be part of our journey.”

Illumio’s latest funding round is well-timed. Not only does it come amid a huge rise in successful cyberattacks which show that some of the more traditional cybersecurity measures are no longer working, from the SolarWinds hack in early 2020 to the more recent attack on Colonial Pipeline, but it also comes just weeks after President Joe Biden issued an executive order pushing federal agencies to implement significant cybersecurity initiatives, including a zero trust architecture. 

“And just a couple of weeks ago, Anne Neuberger [deputy national security adviser for cybersecurity] put out a memo on White House stationary to all of corporate America saying we’re living through a ransomware pandemic, and here’s six things that we’re imploring you to do,” Rubin says. “One of them was to segment your network.”

Illumio focuses on protecting data centers and cloud networks through something it calls micro-segmentation, which it claims makes it easier to manage and guard against potential breaches, as well as to contain a breach if one occurs. This zero trust approach to security — a concept centered on the belief that businesses should not automatically trust anything inside or outside its perimeters — has never been more important for organizations, according to Illumio. 

“Cyber events are no longer constrained to cyber space,” says Rubin. “That’s why people are finally saying that, after 30 years of relying solely on detection to keep us safe, we cannot rely on it 100% of the time. Zero trust is now becoming the mantra.”

Illumio tells TechCrunch it will use the newly raised funds to make a “huge” investment in its field operations and channel partner network, and to invest in innovation, engineering and its product. 

The late-stage startup, which was founded in 2013 and is based in California, says more than 10% of Fortune 100 companies — including Morgan Stanley, BNP Paribas SA and Salesforce — now use its technology to protect their data centers, networks and other applications. It saw 100% international growth during the pandemic, and says it’s also broadening its customer base across more industries. 

The company has raised more now raised more $550 million from investors include Andreessen Horowitz, General Catalyst and Formation 8.

#america, #andreessen-horowitz, #anne-neuberger, #california, #colonial-pipeline, #computer-security, #computing, #cyberwarfare, #executive, #formation-8, #franklin-templeton, #funding, #general-catalyst, #information-technology, #joe-biden, #morgan-stanley, #network-management, #president, #proofpoint, #salesforce, #security, #solarwinds, #system-administration, #thoma-bravo, #unicorn, #white-house

Extra Crunch roundup: SaaS founder salaries, break-even neobanks, Google Search tips

Usually, a teacher who grades students on a curve is boosting the efforts of those who didn’t perform well on the test. In the case of cloud companies, however, it’s the other way around.

As of Q1 2021, startups in this sector have median Series A rounds around $8 million, reports PitchBook. With $100+ million Series D rounds becoming more common, company valuations are regularly boosted into the billions.

Andy Stinnes, a general partner at Cloud Apps Capital Partners, says founders who are between angel and Series A should seek out investors who are satisfied with $200,000 to $500,000 in ARR.


Full Extra Crunch articles are only available to members.
Use discount code ECFriday to save 20% off a one- or two-year subscription.


Usually a specialist firm, these VCs are open to betting on startups that haven’t yet found product-market fit.

“At this phase of development, you need a committed partner who has both the time and the experience to guide you,” says Stinnes.

These observations aren’t just for active investors: This post is also a framework for new and seasoned founders who are getting ready to knock on doors and ask strangers for money.

Thanks very much for reading Extra Crunch this week!

Walter Thompson
Senior Editor, TechCrunch
@yourprotagonist

Maybe neobanks will break even after all

Alex returned from a week of vacation with a dispatch about the profitability of neobanks Revolut, Chime and Monzo.

“In short, while American consumer fintech Chime has disclosed positive EBITDA — an adjusted profitability metric — many neobanks that we’ve seen numbers from have demonstrated a stark inability to paint a path to profitability,” he writes.

“That could be changing.”

How to land the top spot in Google Search with featured snippets in 2021

Image of colorful scraps of torn paper to represent snippets.

Image Credits: IngaNielsen / Getty Images

“Google search is not what it used to be,” Ryan Sammy, the director of strategy at growth-marketing agency Fractl, writes in a guest post. “We all want to be No. 1 on the search results page, but these days, getting to that position isn’t enough. It might be worth your while to instead go after the top featured snippet position.”

Sammy writes that earning the featured snippet spot is “one of the best things you can do for your SEO.” But how do you land your page in the coveted snippet perch?

 

What does Red Hat’s sale to IBM tell us about Couchbase’s valuation?

Image Credits: Getty Images

After noSQL provider Couchbase filed to go public, joining the ranks of the Great IPO Rush of 2021, Alex Wilhelm looked into its business model and financial performance, with a goal of better understanding the company — and market comps.

Alex used Red Hat, which recently sold to IBM for around $34 billion, as a comp, determining Couchbase “is worth around $900 million” if you use the Red Hat math.

“The Red Hat-Couchbase comparison is not perfect; 2019 is ages ago in technology time, the database company is smaller and other differences exist between the two companies,” Alex notes. “But Red Hat does allow us the confidence to state that Couchbase will be able to best its final private valuation in its public debut.”

How much to pay yourself as a SaaS founder

Piggy bank With a Money Carrot stick

Image Credits: AlenaPaulus (opens in a new window) / Getty Images

Anna Heim interviewed SaaS entrepreneurs and investors to find out how much early-stage founders should pay themselves.

Startups run by CEOs who take home a small salary tend to do better over the long run, but there are other points to consider, such as geography, marital status, and frankly, what quality of life you desire.

Waterly founder Chris Sosnowski raised his own pay to $14/hour last year; at his prior job, his salary topped $100,000.

“We had saved money up for over a year before we cut out my pay,” he told Anna. “I can live my life without entertainment … so that’s what we did for 2020.”

How much are you willing to sacrifice?

The early-stage venture capital market is weird and chaotic

Alex Wilhelm and Anna Heim had been hearing that Series A raises were coming later, while Series Bs were coming in quick succession after startups landed an A.

That piqued their curiosity, so they put feelers out to a bunch of investors to understand what’s going on in early-stage venture capital markets.

In the first of a two-part series, Alex and Anna examine why seed stage is so chaotic, why As are slow, and why Bs are fast. In their first dispatch, they looked at the U.S. market.

Have you worked with a talented individual or agency who helped you find and keep more users? Respond to our survey and help us find the best startup growth marketers!

#advertising-tech, #alex-wilhelm, #chime, #couchbase, #entrepreneurship, #extra-crunch-roundup, #ibm, #information-technology, #red-hat, #revolut, #saas, #startups, #tc, #venture-capital

Vantage raises $4M to help businesses understand their AWS costs

Vantage, a service that helps businesses analyze and reduce their AWS costs, today announced that it has raised a $4 million seed round led by Andreessen Horowitz. A number of angel investors, including Brianne Kimmel, Julia Lipton, Stephanie Friedman, Calvin French Owen, Ben and Moisey Uretsky, Mitch Wainer and Justin Gage, also participated in this round

Vantage started out with a focus on making the AWS console a bit easier to use — and help businesses figure out what they are spending their cloud infrastructure budgets on in the process. But as Vantage co-founder and CEO Ben Schaechter told me, it was the cost transparency features that really caught on with users.

“We were advertising ourselves as being an alternative AWS console with a focus on developer experience and cost transparency,” he said.”What was interesting is — even in the early days of early access before the formal GA launch in January — I would say more than 95% of the feedback that we were getting from customers was entirely around the cost features that we had in Vantage.”

Image Credits: Vantage

Like any good startup, the Vantage team looked at this and decided to double down on these features and highlight them in its marketing, though it kept the existing AWS Console-related tools as well. The reason the other tools didn’t quite take off, Schaechter believes, is because more and more, AWS users have become accustomed to infrastructure-as-code to do their own automatic provisioning. And with that, they spend a lot less time in the AWS Console anyway.

“But one consistent thing — across the board — was that people were having a really, really hard time twelve times a year, where they would get a shock AWS bill and had to figure out what happened. What Vantage is doing today is providing a lot of value on the transparency front there,” he said.

Over the course of the last few months, the team added a number of new features to its cost transparency tools, including machine learning-driven predictions (both on the overall account level and service level) and the ability to share reports across teams.

Image Credits: Vantage

While Vantage expects to add support for other clouds in the future, likely starting with Azure and then GCP, that’s actually not what the team is focused on right now. Instead, Schaechter noted, the team plans to add support for bringing in data from third-party cloud services instead.

“The number one line item for companies tends to be AWS, GCP, Azure,” he said. “But then, after that, it’s Datadog Cloudflare Sumo Logic, things along those lines. Right now, there’s no way to see, P&L or an ROI from a cloud usage-based perspective. Vantage can be the tool where that’s showing you essentially, all of your cloud costs in one space.”

That is likely the vision the investors bought in as well and even though Vantage is now going up against enterprise tools like Apptio’s Cloudability and VMware’s CloudHealth, Schaechter doesn’t seem to be all that worried about the competition. He argues that these are tools that were born in a time when AWS had only a handful of services and only a few ways of interacting with those. He believes that Vantage, as a modern self-service platform, will have quite a few advantages over these older services.

“You can get up and running in a few clicks. You don’t have to talk to a sales team. We’re helping a large number of startups at this stage all the way up to the enterprise, whereas Cloudability and Cloud Health are, in my mind, kind of antiquated enterprise offerings. No startup is choosing to use those at this point, as far as I know,” he said.

The team, which until now mostly consisted of Schaechter and his co-founder and CTO Brooke McKim, bootstrapped to company up to this point. Now they plan to use the new capital to build out its team (and the company is actively hiring right now), both on the development and go-to-market side.

The company offers a free starter plan for businesses that track up to $2,500 in monthly AWS cost, with paid plans starting at $30 per month for those who need to track larger accounts.

#amazon-web-services, #andreessen-horowitz, #apptio, #aws, #brianne-kimmel, #cloud, #cloud-computing, #cloud-infrastructure, #cloud-services, #cloudability, #cloudflare, #computing, #datadog, #enterprise, #information-technology, #machine-learning, #recent-funding, #startups, #sumo-logic, #tc, #technology, #vmware

Recorded Future launches its new $20M Intelligence Fund for early-stage startups

Threat intelligence company Recorded Future is launching a $20 million fund for early-stage startups developing novel data intelligence tools.

The Intelligence Fund will provide seed and Series A funding to startups that already have venture capital funding, Recorded Future says, as well as equip them with resources to help with the development and integration of intelligence applications in order to accelerate their go-to-market strategy. 

Recorded Future, which provides customers with information to help them better understand the external cyber threats they are facing, will invest in startups that aim to tackle significant problems that require novel approaches using datasets and collection platforms, which the company says could be anything from technical internet sensors to satellites. It’s also keen to invest in startups building intelligence analysis toolsets that make use of technologies such as artificial intelligence and machine learning, as well as intelligence-driven applications that can be integrated into its own Intelligence Platform and ecosystem.

Recorded Future co-founder and chief executive Christopher Ahlberg said: “In a world of aggressive uncertainty, intelligence is the only equalizer. With the launch of the Intelligence Fund, we are investing in the next generation of entrepreneurs who share our vision for securing the world with intelligence.” 

So far, the Intelligence Fund has invested in two companies, the first being SecurityTrails, which provides customers with a comprehensive overview of current and historical domain and IP address data. The second investment went to Gemini Advisory, a fraud intelligence platform specializing in finding compromised data on the dark web, which Recorded Future went on to acquire earlier this year for $52 million in a bid to bolster its own threat intelligence capabilities. 

Recorded Future told TechCrunch that future investments could also be made with an eye to acquiring, but added that funding could also be given purely on the basis that the startup would make a good business or technology partner. Recorded Future was itself acquired by private equity firm Insight Partners back in 2019 for $780 million. The acquisition effectively bought out the company’s earlier investors, including Google’s venture arm GV, and In-Q-Tel, the non-profit venture arm of the U.S. intelligence community.

Commenting on the launch of the fund, Michael Triplett, managing partner at Insight Partners, said: “Cyberattacks continue to impact global enterprises across the globe, and we’re excited to see Recorded Future invest in intelligence startups tackling the business-critical issues that organizations face today. 

“The Intelligence Fund will provide the resources needed by entrepreneurs to build applications with data and mathematics at the core.” 

#christopher-ahlberg, #computing, #crunchbase, #dark-web, #entrepreneurship, #finance, #information-technology, #insight-partners, #machine-learning, #managing-partner, #prediction, #recorded-future, #security, #startup-company, #startups

CISA launches platform to let hackers report security bugs to US federal agencies

The Cybersecurity and Infrastructure Security Agency has launched a vulnerability disclosure program allowing ethical hackers to report security flaws to federal agencies.

The platform, launched with the help of cybersecurity companies Bugcrowd and Endyna, will allow civilian federal agencies to receive, triage and fix security vulnerabilities from the wider security community.

The move to launch the platform comes less than a year after the federal cybersecurity agency, better known as CISA, directed the civilian federal agencies that it oversees to develop and publish their own vulnerability disclosure policies. These policies are designed to set the rules of engagement for security researchers by outlining what (and how) online systems can be tested, and which can’t be.

It’s not uncommon for private companies to run VDP programs to allow hackers to report bugs, often in conjunction with a bug bounty to pay hackers for their work. The U.S. Department of Defense has for years warmed to hackers, the civilian federal government has been slow to adopt.

Bugcrowd, which last year raised $30 million at Series D, said the platform will “give agencies access to the same commercial technologies, world-class expertise, and global community of helpful ethical hackers currently used to identify security gaps for enterprise businesses.”

The platform will also help CISA share information about security flaws between other agencies.

The platform launches after a bruising few months for government cybersecurity, including a Russian-led espionage campaign against at least nine U.S. federal government agencies by hacking software house SolarWinds, and a China-linked cyberattack that backdoored thousands of Microsoft Exchange servers, including in the federal government.

#bugcrowd, #cisa, #computer-security, #computing, #cyberattack, #cybercrime, #cyberwarfare, #federal-government, #government, #information-technology, #internet-security, #security, #solarwinds, #united-states

FireEye to sell products unit to Symphony-led group for $1.2B

Cybersecurity giant FireEye has agreed to sell its products business to a consortium led by private equity firm Symphony Technology Group for $1.2 billion.

The all-cash deal will split FireEye, the maker of network and email cybersecurity products, from its digital forensics and incident response arm Mandiant.

FireEye’s chief executive Kevin Mandia said the deal unlocks its “high-growth” Mandiant business, allowing it to stand alone as a separate business running incident response and security testing.

The move to split the two companies comes almost a decade after FireEye acquired Mandiant, and made Mandia chief executive.

Mandia said: “STG’s focus on fueling innovative market leaders in software and cybersecurity makes them an ideal partner for FireEye Products. We look forward to our relationship and collaboration on threat intelligence and expertise.”

STG managing partner William Chisholm said there is an “enormous untapped opportunity for the business that we are excited to crystallize by leveraging our significant security software sector experience and our market leading carve-out expertise.”

The company said the deal is expected to close by the end of the fourth quarter.

FireEye has become one of the more prominent names in cybersecurity, known for its research into hacking groups — some linked to governments — and its Mandiant unit for responding to major security incidents. Mandiant was called in to help Colonial Pipeline recover from a recent ransomware attack.

In December, FireEye admitted that its own networks had been hacked, a move praised across the cybersecurity industry for helping to speed up efforts that led to the discovery of the SolarWinds espionage attack, later attributed to Russian foreign intelligence.

FireEye becomes the latest cybersecurity giant to STG’s portfolio. In March, Symphony bought McAfee’s enterprise business for $4 billion and bought RSA for $2 billion.

#colonial-pipeline, #computer-security, #computing, #cybercrime, #cyberwarfare, #fireeye, #information-technology, #kevin-mandia, #mandiant, #mcafee, #partner, #rsa, #rsa-security, #security, #solarwinds, #symphony-technology-group

Security startup Tessian, which uses AI to fight social engineering, trousers $65M

In the latest chunky funding round out of Europe, UK-based email security startup, Tessian, has closed $65 million in Series C funding. The startup applies machine learning to build individual behavior models for enterprise email use that aims to combat human error by flagging problematic patterns which could signify risky stuff is happening — such as phishing or data exfiltration.

The Series C round was led by March Capital. Existing investors Accel, Balderton Capital, Latitude and Sequoia Capital also participated, along with new investor Schroder Adveq.

The latest financing brings Tessian’s total raised to-date to $120M+, and values the company at $500M, it said today.

The 2013 founded startup last raised back in January 2019 when it closed a $40M Series B (news that was scooped by former TCer, Steve O’Hear). Prior to that it grabbed a $13M Series A in mid 2018.

Tessian has around 350 global customers at this stage, across the legal, financial services, healthcare and technology sectors — name-checking the likes of Affirm, Arm, Investec and RealPagem among them.

Over the past year there has been much coverage of the security risks associated with the pandemic-sparked remote working boom, as scores of white collars workers started logging on from home — expanding the attack surface area which enterprises needed to manage.

It’s a risk that’s been good for Tessian’s business: The startup says it tripled its Fortune 500-level customer base last year — “as enterprises required a solution that could protect them against human layer security threats”, as it puts it.

It says the new funding will go on expanding its platform’s capabilities; helping companies replace their secure email gateways and legacy data loss prevention solutions; and on growing its team (it plans to triple headcount in short order with a particular focus on growing its sales team in North America).

The Series C funds will also support a plan to expand beyond email to offer security protections for other interfaces such as messaging, web and collaboration platforms — which it says is on the cards “soon”.

Commenting on the round in a statement, Jamie Montgomery, co-founder and managing partner at March Capital said: “Human activity — whether inadvertent or malicious — is the leading cause of data breaches. In Tessian, we found a best-in-class solution that automatically stops threats in real-time, without disrupting the normal flow of business. It is rare to hear such overwhelmingly positive feedback from CISOs and business users alike. We came to the same conclusion; Tessian is rapidly emerging as the leader in human layer security for the enterprise.”

A number of UK-based AI security startups have been building momentum in recent years, with others like Red Shift and Senseon also getting traction by applying machine learning to tackle risks.

In April, Cambridge-based Darktrace — a category pioneer — led the pack by floating on the London Stock Exchange where it saw its shares pop 32% in the IPO debut.

While, last year, the UK government pledged to ramp up R&D spending on AI as part of a major defense spending hike.

#artificial-intelligence, #balderton-capital, #computer-security, #darktrace, #data-security, #europe, #fundings-exits, #information-technology, #machine-learning, #march-capital, #north-america, #recent-funding, #schroder-adveq, #security, #sequoia-capital, #startup-company, #startups, #tessian, #united-kingdom

Cybersecurity startup Panaseer raises $26.5M Series B led AllegisCyber Capital

Panaseer, which takes a data science approach to cybersecurity, has raised $26.5 million in a Series B funding led by AllegisCyber Capital. Existing investors, including Evolution Equity Partners, Notion Capital, AlbionVC, Cisco Investments and Paladin Capital Group, as well as new investor, National Grid Partners also participated. Panaseer has now raised $43m to date.

Panaseer’s special sauce and sales pitch amount to what it calls ‘Continuous Controls Monitoring’ (CCM). In plainer English that means correlating a great deal of data from all available security tools to check assets, control gaps, you name it.

As a result, the company says it can identify zero-day and other exposures faster, or exposure to, say, FireEye or SolarWinds vulnerabilities.

Jonathan Gill, CEO, Panaseer said: “Most enterprises have the tools and capability to theoretically prevent a breach from occurring. However, one of the key reasons that breaches occur is that there is no technology to monitor and react to failed controls. CCM continuously validates and measures levels of protection and provides notifications of failures. Ultimately, CCM enables these failures to be fixed before they become security incidents.”

Speaking to me on a call he added: “The investment, allows us to scale our organization to meet those demands of customers with a team of people to implement the platform and help them get tremendous value and to evolve the product. To add more and more capability to that technology to support more and more use cases. So they’re the two main directions, and there’s a market we think of 10s of 1000s of organizations of a certain size, who are regulated or they have assets worth protecting and a level of complexity that makes it difficult to solve the problem themselves. And our Advisory Board and the customers I’ve spoken with think maybe there are barely 20 companies in the world who can solve this problem. And everybody else gets stuck on the fact that it’s a really difficult data science problem to solve. So we want to scale that and take that to more organizations.”

And why did they pick these investors: “I think we picked them and they picked us, we’ve been on that journey together. It takes months to find the best combination. The dollars are all the same when it comes to investors, but I think they can help improve as an organization and grow just like the existing investors do. They give us access and reach into parts of the market and help make us better as organizations as well.”

Bob Ackerman, founder and managing director of AllegisCyber Capital, and co-founder of DataTribe said: ‘The emergence of Continuous Controls Monitoring as a new cybersecurity category demonstrates a ‘coming of age’ for cybersecurity. Cyber is the existential threat to the global digital economy. All levels of the enterprise, from the CISO, to Chief Risk Officer, to the Board of Directors are demanding comprehensive visibility, transparency and hard metrics to assess cyber situational awareness.”

#advisory-board, #albionvc, #ceo, #cisco-investments, #co-founder, #computer-security, #computing, #cybercrime, #cyberwarfare, #europe, #evolution-equity-partners, #fireeye, #information-technology, #national-grid-partners, #network-management, #notion-capital, #paladin-capital-group, #security-tools, #solarwinds, #system-administration, #tc

Healthcare is the next wave of data liberation

Why can we see all our bank, credit card and brokerage data on our phones instantaneously in one app, yet walk into a doctor’s office blind to our healthcare records, diagnoses and prescriptions? Our health status should be as accessible as our checking account balance.

The liberation of financial data enabled by startups like Plaid is beginning to happen with healthcare data, which will have an even more profound impact on society; it will save and extend lives. This accessibility is quickly approaching.

As early investors in Quovo and PatientPing, two pioneering companies in financial and healthcare data, respectively, it’s evident to us the winners of the healthcare data transformation will look different than they did with financial data, even as we head toward a similar end state.

For over a decade, government agencies and consumers have pushed for this liberation.

In 2009, the Health Information Technology for Economic and Clinical Health Act (HITECH) gave the first big industry push, catalyzing a wave of digitization through electronic health records (EHR). Today, over 98% of medical records are digitized. This market is dominated by multi‐billion‐dollar vendors like Epic, Cerner and Allscripts, which control 70% of patient records. However, these giant vendors have yet to make these records easily accessible.

A second wave of regulation has begun to address the problem of trapped data to make EHRs more interoperable and valuable. Agencies within the Department of Health and Human Services have mandated data sharing among payers and providers using a common standard, the Fast Healthcare Interoperability Resources (FHIR) protocol.

Image Credits: F-Prime Capital

This push for greater data liquidity coincides with demand from consumers for better information about cost and quality. Employers have been steadily shifting a greater share of healthcare expenses to consumers through high-deductible health plans – from 30% in 2012 to 51% in 2018. As consumers pay for more of the costs, they care more about the value of different health options, yet are unable to make those decisions without real-time access to cost and clinical data.

Image Credits: F-Prime Capital

Tech startups have an opportunity to ease the transmission of healthcare data and address the push of regulation and consumer demands. The lessons from fintech make it tempting to assume that a Plaid for healthcare data would be enough to address all of the challenges within healthcare, but it is not the right model. Plaid’s aggregator model benefited from a relatively high concentration of banks, a limited number of data types and low barriers to data access.

By contrast, healthcare data is scattered across tens of thousands of healthcare providers, stored in multiple data formats and systems per provider, and is rarely accessed by patients directly. Many people log into their bank apps frequently, but few log into their healthcare provider portals, if they even know one exists.

HIPPA regulations and strict patient consent requirements also meaningfully increase friction to data access and sharing. Financial data serves mostly one-to-one use cases, while healthcare data is a many-to-many problem. A single patient’s data is spread across many doctors and facilities and is needed by just as many for care coordination.

Because of this landscape, winning healthcare technology companies will need to build around four propositions:

#column, #ec-column, #ec-consumer-health, #enterprise, #health, #healthcare, #healthcare-data, #healthcare-technology, #information-technology, #united-states

Vista Equity takes minority stake in Canada’s Vena with $242M investment

Vena, a Canadian company focused on the Corporate Performance Management (CPM) software space, has raised $242 million in Series C funding from Vista Equity Partners.

As part of the financing, Vista Equity is taking a minority stake in the company. The round follows $25 million in financing from CIBC Innovation Banking last September, and brings Vena’s total raised since its 2011 inception to over $363 million.

Vena declined to provide any financial metrics or the valuation at which the new capital was raised, saying only that its “consistent growth and…strong customer retention and satisfaction metrics created real demand” as it considered raising its C round.

The company was originally founded as a B2B provider of planning, budgeting and forecasting software. Over time, it’s evolved into what it describes as a “fully cloud-native, corporate performance management platform” that aims to empower finance, operations and business leaders to “Plan to Growtheir businesses. Its customers hail from a variety of industries, including banking, SaaS, manufacturing, healthcare, insurance and higher education. Among its over 900 customers are the Kansas City Chiefs, Coca-Cola Consolidated, World Vision International and ELF Cosmetics.

Vena CEO Hunter Madeley told TechCrunch the latest raise is “mostly an acceleration story for Vena, rather than charting new paths.”

The company plans to use its new funds to build out and enable its go-to-market efforts as well as invest in its product development roadmap. It’s not really looking to enter new markets, considering it’s seeing what it describes as “tremendous demand” in the markets it currently serves directly and through its partner network.

“While we support customers across the globe, we’ll stay focused on growing our North American, U.K. and European business in the near term,” Madeley said.

Vena says it leverages the “flexibility and familiarity” of an Excel interface within its “secure” Complete Planning platform. That platform, it adds, brings people, processes and systems into a single source solution to help organizations automate and streamline finance-led processes, accelerate complex business processes and “connect the dots between departments and plan with the power of unified data.”            

Early backers JMI Equity and Centana Growth Partners will remain active, partnering with Vista “to help support Vena’s continued momentum,” the company said. As part of the raise, Vista Equity Managing Director Kim Eaton and Marc Teillon, senior managing director and co-head of Vista’s Foundation Fund, will join the company’s board.

“The pandemic has emphasized the need for agile financial planning processes as companies respond to quickly-changing market conditions, and Vena is uniquely positioned to help businesses address the challenges required to scale their processes through this pandemic and beyond,” said Eaton in a written statement. 

Vena currently has more than 450 employees across the U.S., Canada and the U.K., up from 393 last year at this time.

#banking, #business-process-management, #canada, #coca-cola, #enterprise, #exit, #finance, #funding, #fundings-exits, #healthcare, #information-technology, #ma, #manufacturing, #private-equity, #recent-funding, #startups, #tc, #united-kingdom, #vista-equity-partners

There is no cybersecurity skills gap, but CISOs must think creatively

Those of us who read a lot of tech and business publications have heard for years about the cybersecurity skills gap. Studies often claim that millions of jobs are going unfilled because there aren’t enough qualified candidates available for hire.

I don’t buy it.

The basic laws of supply and demand mean there will always be people in the workforce willing to move into well-paid security jobs. The problem is not that these folks don’t exist. It’s that CIOs or CISOs typically look right past them if their resumes don’t have a very specific list of qualifications.

In many cases, hiring managers expect applicants to be fully trained on all the technologies their organization currently uses. That not only makes it harder to find qualified candidates, but it also reduces the diversity of experience within security teams — which, ultimately, may weaken the company’s security capabilities and its talent pool.

At Netskope, we take a different approach to staffing for security roles. We know we can teach the cybersecurity skills needed to do the job, so instead, there are two traits we consider more important than specific technical expertise: One is a hunger to learn more about security, which suggests the individual will take the initiative to continuously improve their skills. The other is possession of a skill set that no one else on our security team has.

Overemphasis on technical skills creates an artificial talent shortage

To understand why I believe our approach has helped us build a stronger security team, think about the long-term benefits of hiring someone with a specific security skill set: How valuable will that exact knowledge be in several years? Probably not very.

The problem is not that these folks don’t exist. It’s that CIOs or CISOs typically look right past them if their resumes don’t have a very specific list of qualifications.

Even the most basic security technologies are incredibly dynamic. In most companies, the IT infrastructure is currently in the midst of a massive transition from on-premises to cloud-based systems. Security teams are having to learn new technologies. More than that, they are having to adopt an entirely new mindset, shifting from a focus on protecting specific pieces of hardware to a focus on protecting individuals and applications as their workloads increasingly move outside the corporate network.

#ceo, #column, #computer-security, #cybersecurity, #data-security, #ec-column, #ec-cybersecurity, #information-technology, #labor, #security, #startups

Time-strapped IT teams can use low-code software to drive quick growth

Many emerging and mature organizations survive or die based on their ability to scale. Scale quicker. Scale cheaper. Scale right.

Typically the IT team bears that burden — on top of countless other demands. IT teams move mountains for their organizations while scaling the tech platform as fast as possible, putting out the latest infrastructure fire and responding to countless day-to-day requests.

The most helpful gift any chief information officer or chief technology officer can give their IT teams is more time. Many people think that means adding another team member. Maybe it does in some cases (if you can find a developer in this tough job market), but giving my team Boomi’s low-code integration platform was one of the best strategic moves for HealthBridge.

The best time to use low-code is when you need to add something to your organization that isn’t unique or doesn’t drive significant business value.

As the least skilled coder on the team, low-code let me develop and deliver four customer-centric self-service portals a year ahead of schedule while my team focused on building and scaling our revenue-driving, custom platform by hand-writing code.

Low-code is quickly becoming commonplace and a popular topic among IT decision-makers. Over the last few years, the market has exploded. Gartner expects it to total $13.8 billion in 2021. That means low-code technology, which we’ve been hearing about for years, is ready for widespread adoption. Today, low-code enables you to streamline (and scale) everything from integration to artificial intelligence.

It’s a secret only some organizations are clued in on, but it’s a great way to scale fast, save on resources and give your team more time. Here’s how.

When to use low-code and when to write code

The best time to use low-code is when you need to add something to your organization that isn’t unique or doesn’t drive significant business value.

For instance, a customer portal is not unique; don’t waste time hand-coding it.

While it’s certainly an extremely helpful feature for our customers, it’s unlikely to drive significant shareholder or investor value. However, it’s key for scaling. Using low-code for a must-have but undifferentiated feature will allow your team to work on more important projects while scaling.

When we started working on the timeline for a customer portal project at HealthBridge, we estimated it would take several sprints per portal to develop, but more pressing development work kept pushing it down the list in our backlog. Waiting a year for a basic feature didn’t seem reasonable to me, so we looked for a workaround.

#boomi, #chief-information-officer, #cloud-computing, #column, #developer, #ec-cloud-and-enterprise-infrastructure, #ec-column, #information-technology, #low-code, #software-development, #startups