How Salesforce paved the way for the SaaS platform approach

When we think of enterprise SaaS companies today, just about every startup in the space aspires to be a platform. That means they want people using their stack of services to build entirely new applications, either to enhance the base product, or even build entirely independent companies. But when Salesforce launched Force.com, the company’s Platform as a Service, in 2007, there wasn’t any model.

It turns out that Force.com was actually the culmination of a series of incremental steps after the launch of the first version of Salesforce in February, 2000, all of which were designed to make the software more flexible for customers. Company co-founder and CTO Parker Harris says they didn’t have this goal to be a platform early on. “We were a solution first, I would say. We didn’t say ‘let’s build a platform and then build sales-force automation on top of it.’ We wanted a solution that people could actually use,” Harris told TechCrunch.

The march toward becoming a full-fledged platform started with simple customization. That first version of Salesforce was pretty basic, and the company learned over time that customers didn’t always use the same language it did to describe customers and accounts — and that was something that would need to change.

Customizing the product

Alleged Child Porn Lord Faces US Extradition

In 2013, the FBI exploited a zero-day vulnerability in Firefox to seize control over a Dark Web network of child pornography sites. The alleged owner of that ring – 33-year-old Freedom Hosting operator Eric Eoin Marques – was arrested in Ireland later that year on a U.S. warrant and has been in custody ever since. This week, Ireland’s Supreme Court cleared the way for Marques to be extradited to the United States.

Eric Eoin Marques. Photo: Irishtimes.com

The FBI has called Marques the world’s largest facilitator of child porn. He is wanted on four charges linked to hidden child porn sites like “Lolita City” and “PedoEmpire,” which the government says were extremely violent, graphic and depicting the rape and torture of pre-pubescent children. Investigators allege that sites on Freedom Hosting had thousands of customers, and earned Marques more than $1.5 million.

For years Freedom Hosting had developed a reputation as a safe haven for hosting child porn. Marques allegedly operated Freedom Hosting as a turnkey solution for Web sites that hide their true location using Tor, an online anonymity tool.

The sites could only be accessed using the Tor Browser Bundle, which is built on the Firefox Web browser. On Aug. 4, 2013, U.S. federal agents exploited a previously unknown vulnerability in Firefox version 17 that allowed them to identify the true Internet addresses and computer names of people using Tor Browser to visit the child porn sites at Freedom Hosting.

Irish public media service RTE reported in 2013 that Marques briefly regained access to one of his hosting servers even after the FBI had seized control over it and changed the password, briefly locking the feds out of the system.

As Wired.com observed at the time, “in addition to the wrestling match over Freedom Hosting’s servers, Marques allegedly dove for his laptop when the police raided him, in an effort to shut it down.”

Marques, who holds dual Irish-US citizenship, was denied bail and held pending his nearly six-year appeal process to contest his extradition. FBI investigators told the courts they feared he would try to destroy evidence and/or flee the country. FBI agents testified that Marques had made inquiries about how to get a visa and entry into Russia and set up residence and citizenship there.

“My suspicion is he was trying to look for a place to reside to make it the most difficult to be extradited to the US,” FBI Special Agent Brooke Donahue reportedly told an Irish court in 2013.

Even before the FBI testified in court about its actions, clues began to emerge that the Firefox exploit used to record the true Internet address of Freedom Hosting visitors was developed specifically for U.S. federal investigators. In an analysis posted on Aug. 4, reverse engineer Vlad Tsrklevich concluded that because the payload of the Firefox exploit didn’t download or execute any secondary backdoor or commands “it’s very likely that this is being operated by an [law enforcement agency] and not by blackhats.”

According to The Irish Times, in a few days Marques is likely to be escorted from Cloverhill Prison to Dublin Airport where he will be put on a US-bound flight and handcuffed to a waiting US marshal. If convicted of all four charges, he faces life in prison (3o years for each count).

Don’t Get Left Behind – Why Apple’s macOS Isn’t Secure Without Next Gen Protection

Have you ever had malware on your Mac? The chances are you haven’t, but then again, the same could be said for the majority of the estimated 800 million Windows 10 users out there, too, if you think about it. Similarly, most people haven’t been struck with malaria, but you still wouldn’t risk going for a walk in the jungle without taking anti-malarial precautions, we hope! Enterprises know they can’t risk being “in the jungle” without endpoint protection across their entire Windows fleet, but is the same true for devices running macOS? Just how dangerous is it out there for macOS devices?

The Threat Within

Let’s start from the inside out, as it were. You implicitly trust your users, but bad apples aren’t unknown and protecting the enterprise from insider threats is an important part of your security stance. If you’re familiar with macOS, you’ll know that it has some built-in protections that appear to allow you to control what users can and can’t do. Don’t want them running unauthorised software? No problem, Apple say. Keep your users on Standard accounts to limit their options and rely on Gatekeeper.

Image of macOS Gatekeeper

Unfortunately, that won’t protect your device, or your network. Any Standard user can override Gatekeeper settings with a one-liner from the Terminal. It’s no secret, so we’re happy to make sure you know what your users can find out with a simple internet search. A Standard user can override the system-wide policy set up by an Administrator simply by removing the quarantine bit that the browser attaches to downloads. Importantly, this does not require elevated privileges on any currently shipping version of macOS:

Image of bypassing Gatekeeper via xattrs

But even this isn’t really necessary to bypass Gatekeeper. A user could avoid the inconvenience of removing the quarantine bit simply by downloading an app directly with cURL rather than using a browser. Even with Gatekeeper set to “App Store only” this method will allow a Standard user to run an unsigned app from any source (spoiler: DIE isn’t malware! It’s a file inspection utility that also isn’t code signed!).

curl -s -L -o die.zip https://github.com/horsicq/DIE-engine/releases/download/2.02/die_mac_portable_2.02.zip

If we list the extended attributes on the downloaded file with xattr -l, we’ll see that there is no quarantine bit attached and we can run the application without triggering either Gatekeeper or, for that matter, XProtect. This is because Gatekeeper doesn’t know about apps that come in via the command line, and that includes items from package managers like brew and MacPorts, too. So if your user has access to those without admin rights, they’ll be able to run anything they can find on the internet regardless of your Gatekeeper policy.

This raises another question that the built-in tools like Gatekeeper and XProtect can’t address. Suppose that a user does circumvent your company policy in one of the ways mentioned, how would you even know, before it was too late? Like Windows, and Linux, there’s no built-in visibility tools on macOS that let you see what’s happening or that can generate alerts according to your own criteria. That’s a large reason why EDR software was invented in the first place.

The Wild, Wild Web

It’s not just a matter of trust. We can all click on something we didn’t intend to or get phished by a targeted attack. How well does macOS stand up to threats that are known? We’ve explained before how easy it is to bypass XProtect. You may also know that macOS has a built-in Application Firewall (OK, you might not know because it’s turned off by default), but what exactly does that do? Surprisingly, not much. Unlike a true firewall, the built-in macOS Firewall can only block incoming connections, so any malware that gets onto your system can punch straight through it and connect to the attackers Command & Control server without raising any alerts from macOS.

Image of Firewall in macOS security preferences

What’s more, since the Firewall’s default settings basically whitelist pretty much everything, including SSH, just flipping the switch to “On” isn’t going to block any software that’s signed from receiving connections from the internet either.

Image of Firewall defaults

But signed software is safe, right? Well, it might be if it isn’t a trojan for something else, compromised in a supply chain attack or signed by a malicious actor. Do malware authors really have access to developer signatures? Of course! At $99 per signature, it’s a cheap buy-in for malware authors and AppleIDs are traded openly on the dark web and even the regular internet.

Image of developer IDs trading on the internet

Data That Won’t Rest

Apple are rightly proud of the security provided by FileVault (also known as FileVault 2), which provides unbreakable encryption to protect your data when your Mac is at rest – sleeping, or better still, powered off. What Apple are less vocal about is the increased danger that the current implementation of FileVault presents when your macOS-powered endpoint is in use.

FileVault does not encrypt data per user; it only encrypts and decrypts the entire disk all at once, meaning that once some user is logged in, every users’ data is equally unencrypted.

Image of Filevault on macOS

It’s a common business case to have more than one user account on a single Mac, and we all understand that users need to be protected from each other. If you’re an Admin user with other users on the same Mac, you don’t want anyone logging into those accounts to have the opportunity to steal unencrypted data from your account, but that scenario isn’t prevented by the current implementation of FileVault. This is a regression from the older, and original version of FileVault that was implemented on OSX up until 2010, which encrypted each user’s data individually.

So, Do Macs Get Malware?

Let’s get to the really juicy question, then. There was a bit of a Twitter storm this week when a user asked this question:

Image of a Tweet about macOS malware

The discussion was picked up in a number of forums and Slack channels where debate continued to rage, so let’s answer that question clearly. The last time I saw an infection on macOS was the very same day that the tweet was posted, and I pretty much see infections on a daily basis on machines unprotected by Next Gen security software. Here’s what that infection looked like from userland:

Image of apollosearch malware on macOS

In this case, the user was operating a Mac that was not protected by a Next-Gen security solution. They downloaded a signed installer app that appeared to be an Adobe Flash Player, but was in fact a trojan installer. The installer was signed with a valid Apple Developer ID, so it waltzed by Gatekeeper, and then downloaded a malicious, encrypted zip file, enabling the malware to also stroll past legacy AV solutions that rely on scanning files for strings or hashes when they are written to disk.

As we can see, the malware installs itself deeply and invisibly at the root level. It sets up a LaunchDaemon for persistence that runs for all users. MacOS doesn’t have any built-in mechanism for monitoring persistence, though savvy users can roll-their-own with something like Folder Actions to monitor some of the common persistence locations. Unfortunately, these are neither convenient nor reliable, and offer no means to monitor what’s happening across your network.

The process spawned by the malware runs a python script that leverages a popular man-in-the-middle github project to intercept and modify web traffic.

Image of importing mitm proxy

This is just one example of the many I see from users running macOS without endpoint protection. How much malware is there for macOS? We rounded up the threats from last year, noting that the biggest threats to Apple’s operating system outside of targeted APT attacks come from cryptominers and publically available exploit kits like empire that allow anyone to become a malware author without needing to be super hackers or coding gurus. Script kiddies are now more powerful than ever.

Conclusion

Whether you need to add protection to your endpoints isn’t really about the overall percentage of machines that get infected but about whether you can afford to have even one of your machines vulnerable to attack.

As we’ve seen in this post, the collection of user tools that Apple provides under “Security & Privacy” are hardly up to the task of enterprise security. Whether it’s defending against banking trojans, phishing scams or keeping an eye on every kind of device on your network, the only sensible choice is a Next Gen solution like SentinelOne.


Like this article? Follow us on LinkedInTwitter, YouTube or Facebook to see the content we post.

Read more about macOS Security

HoneyBook, a client management platform for creative businesses, raises $28M Series C led by Citi Ventures

HoneyBook co-founders Oz and Naama Alon

HoneyBook, a customer-relationship management platform aimed at small businesses in creative fields, announced today it has raised a $28 million Series C led by Citi Ventures. All of its existing investors, including Norwest Venture Partners, Aleph, Vintage Investment Partners and Hillsven Capital, also returned for the round. Citi is a strategic partner for HoneyBook and this will enable it to offer new financial products to freelancers, its co-founder and CEO Oz Alon told TechCrunch.

This brings HoneyBook’s total raised so far to $72 million. It is using the funds to grow its teams in San Francisco and Tel Aviv and build new features for its user base, including small companies, people who work by themselves (“solopreneurs”) and freelancers. Like other CRMs, HoneyBook helps them develop relationships with potential new clients, manage projects, send invoices and accept payments, but with tools scaled for their business’ needs.

Alon told TechCrunch in an email that one segment HoneyBook is focused on is millennials (he cites a survey that found 49 percent of people under 40 plan to start their own business). HoneyBook currently claims tens of thousands of customers and has passed $1 billion in business booked using its software, along with 75,000 members in Rising Tide, the company’s online community for creative entrepreneurs.

Other management software platforms competing for the attention of entrepreneurs and freelancers include Tave, Dubsado and 17hats. One of the main ways HoneyBook differentiates is by enabling its users to accept online payments without integrating with a third-party service. Thanks to this, its users “transact more than 80 percent of their business online, significantly more than any other payments platform serving this audience, Alon said. Its partnership with Citi will also allow the company to develop more unique services for its target customers, he added.

In a prepared statement, Citi Ventures’ Israel director and venture investing lead Omit Shinar said, “We are in the midst of a period of extensive changes in societal structures and economic models. The fintech ecosystem is producing more and more breakthrough innovations that serve the needs of modern consumers, and we believe, as a pioneer in its space, HoneyBook can become a market leader in the U.S.”

Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years

Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data.

Facebook is probing a series of security failures in which employees built applications that logged unencrypted password data for Facebook users and stored it in plain text on internal company servers. That’s according to a senior Facebook employee who is familiar with the investigation and who spoke on condition of anonymity because they were not authorized to speak to the press.

The Facebook source said the investigation so far indicates between 200 million and 600 million Facebook users may have had their account passwords stored in plain text and searchable by more than 20,000 Facebook employees. The source said Facebook is still trying to determine how many passwords were exposed and for how long, but so far the inquiry has uncovered archives with plain text user passwords dating back to 2012.

My Facebook insider said access logs showed some 2,000 engineers or developers made approximately nine million internal queries for data elements that contained plain text user passwords.

“The longer we go into this analysis the more comfortable the legal people [at Facebook] are going with the lower bounds” of affected users, the source said. “Right now they’re working on an effort to reduce that number even more by only counting things we have currently in our data warehouse.”

In an interview with KrebsOnSecurity, Facebook software engineer Scott Renfro said the company wasn’t ready to talk about specific numbers — such as the number of Facebook employees who could have accessed the data.

Renfro said the company planned to alert affected Facebook users, but that no password resets would be required.

“We’ve not found any cases so far in our investigations where someone was looking intentionally for passwords, nor have we found signs of misuse of this data,” Renfro said. “In this situation what we’ve found is these passwords were inadvertently logged but that there was no actual risk that’s come from this. We want to make sure we’re reserving those steps and only force a password change in cases where there’s definitely been signs of abuse.”

A written statement from Facebook provided to KrebsOnSecurity says the company expects to notify “hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users.” Facebook Lite is a version of Facebook designed for low speed connections and low-spec phones.

Both Github and Twitter were forced to admit similar stumbles in recent months, but in both of those cases the plain text user passwords were available to a relatively small number of people within those organizations, and for far shorter periods of time.

Renfro said the issue first came to light in January 2019 when security engineers reviewing some new code noticed passwords were being inadvertently logged in plain text.

“This prompted the team to set up a small task force to make sure we did a broad-based review of anywhere this might be happening,” Renfro said. “We have a bunch of controls in place to try to mitigate these problems, and we’re in the process of investigating long-term infrastructure changes to prevent this going forward. We’re now reviewing any logs we have to see if there has been abuse or other access to that data.”

Facebook’s password woes come amid a tough month for the social network. Last week, The New York Times reported that federal prosecutors are conducting a criminal investigation into data deals Facebook struck with some of the world’s largest tech companies.

Earlier in March, Facebook came under fire from security and privacy experts for using phone numbers provided for security reasons — like two-factor authentication — for other things (like marketing, advertising and making users searchable by their phone numbers across the social network’s different platforms).

Update, 11:43 a.m.: Facebook has posted a statement about this incident here.

Movius raises $45M for its business communications service

Atlanta-based Movius, a company that allows companies to assign a separate business number for voice calls and texting to any phone, today announced that it has raised a $45 million Series D round led by JPMorgan Chase, with participation from existing investors PointGuard Ventures, New Enterprise Associates and Anschutz Investment company. With this, the company has now raised a total of $100 million.

In addition to the new funding, Movius also today announced that it has brought on former Adobe and Sun executive John Loiacono as its new CEO. Loiacono was also the founding CEO of network analytics startup Jolata.

“The Movius opportunity is pervasive. Almost every company on planet Earth is mobilizing their workforce but are challenged to find a way to securely interact with their customers and constituents using all the preferred communication vehicles – be that voice, SMS or any other channel they use in their daily lives,” said Loiacono. “I’m thrilled because I’m joining a team that features highly passionate and proven innovators who are maniacally focused on delivering this very solution. I look forward to leading this next chapter of growth for the company.”

Sanjay Jain, the chief strategy officer at Hyperloop Transportation Technologies, and Larry Feinsmith, the head of JPMorgan Chase’s Technology Innovation, Strategy & Partnerships office, are joining the company’s board.

Movius currently counts more than 1,400 businesses as its customers, and its carrier partners include Sprint, Telstra and Telefonica. What’s important to note is that Movius is more than a basic VoIP app on your phone. What the company promises is a carrier-grade network that allows businesses to assign a second number to their employees’ phones. That way, the employer remains in charge, even as employees bring their own devices to work.

Skedulo raises $28M for its mobile workforce management service

Skedulo, a service that helps businesses manage their mobile employees, today announced that it has raised a $28 million Series B funding round led by M12, Microsoft’s venture fund. Existing investors Blackbird and Castanoa Ventures also participated in this round.

The company’s service offers businesses all the necessary tools to manage their mobile employees, including their schedules. A lot of small businesses still use basic spreadsheets and email to do this, but that’s obviously not the most efficient way to match the right employee to the right job, for example.

“Workforce management has traditionally been focused on employees that are sitting at a desk for the majority of their day,” Skedulo CEO and co-founder Matt Fairhurst told me. “The overwhelming majority — 80 percent — of workers will be deskless by 2020 and so far, there has been no one that has addressed the needs of this growing population at scale. We’re excited to help enterprises confront these challenges head-on so they can compete and lean into rapidly changing customer and employee expectations.”

At the core of Skedulo, which offers both a mobile app and web-based interface, is the company’s so-called “Mastermind” engine that helps businesses automatically match the right employee to a job based on the priorities the company has specified. The company plans to use the new funding to enhance this tool through new machine learning capabilities. Skedulo will also soon offer new analytics tools and integrations with third-party services like HR and financial management tools, as well as payroll systems.

The company also plans to use the new funding to double its headcount, which includes hiring at least 60 new employees in its Australian offices in Brisbane and Sydney.

As part of this round, Priya Saiprasad, principal of M12, will join Skedulo’s board of directors. “We found a strong sense of aligned purpose with Priya Saiprasad and the team at M12 — and their desire to invest in companies that help reduce cycles in a person’s working day,” Fairhurst said. “Fundamentally, Skedulo is a productivity company. We help companies, the back-office and mobile workforce, reduce the number of cycles it takes to get work done. This gives them time back to focus on the work that matters most.”

Microsoft Defender comes to the Mac

Microsoft today announced that it is bringing its Microsoft Defender Advanced Threat Protection (ATP) to the Mac. Previously, this was a Windows solution for protecting the machines of Microsoft 365 subscribers and assets the IT admins that try to keep them safe. It was also previously called Windows Defender ATP, but given that it is now on the Mac, too, Microsoft decided to drop the ‘Windows Defender’ moniker in favor or ‘Microsoft Defender.’

“For us, it’s all about experiences that follow the person and help the individual be more productive,” Jared Spataro, Microsoft’s corporate VP for Office and Windows, told me. “Just like we did with Office back in the day — that was a big move for us to move it off of Windows-only — but it was absolutely the right thing. So that’s where we’re headed.”

He stressed that this means that Microsoft is moving off its “Windows-centric approach to life.” He likened it to bringing the Office apps to the iPad and Android. “We’re just headed in that same direction of saying that it’s our intent that we can secure every endpoint so that this Microsoft 365 experience is not just Windows-centric,” Spataro said. Indeed, he argued that the news here isn’t even so much the launch of this service for the Mac but that Microsoft is reorienting the way it thinks about how it can deliver value for Microsoft 365 clients.

Given that Microsoft Defender is part of the Microsoft 365 package, you may wonder why those users would even care about the Mac, but there are plenty of enterprises that use a mix of Windows machines and Mac, and which provide all of their employees with Office already. Having a security solution that spans both systems can greatly reduce complexity for IT departments — and keeping up with security vulnerabilities on one system is hard enough to begin with.

In addition to the launch of the Mac version of Microsoft Defender ATP, the company also today announced the launch of new threat and vulnerability management capabilities for the service. Over the last few months, Microsoft had already launched a number of new features that help businesses proactively monitor and identify security threats.

“What we’re hearing from customers now, is that the landscape is getting increasingly sophisticated, the volume of alerts that we’re starting to get is pretty overwhelming,” Spataro said. “We really don’t have the budget to hire the thousands of people required to sort through all this and figure out what to do.”

So with this new tool, Microsoft uses its machine learning smarts to prioritize threads and present them to its customers for remediation.

To Spataro, these announcements come down to the fact that Microsoft is slowly morphing into more of a security company than ever before. “I think we’ve made a lot more progress than people realize,” he said. “And it’s been driven by the market.” He noted that its customers have long asked Microsoft to help them protect their endpoints. Now, he argues, customers have realized that Microsoft is now moving to this person-centric approach (instead of a Windows-centric one) and that the company may now be able to help them protect large parts of their systems. At the same time, Microsoft realized that it could use all of the billions of signals it gets from its users to better help its customers proactively.

Windows Virtual Desktop is now in public preview

Last year, Microsoft announced the launch of its Windows Virtual Desktop service. At the time, this was a private preview, but starting today, any enterprise user who wants to try out what using a virtual Windows 10 desktop that’s hosted in the Azure cloud looks like will be able to give it a try.

It’s worth noting that this is very much a product for businesses. You’re not going to use this to play Apex Legends on a virtual machine somewhere in the cloud. The idea here is that a service like this, which also includes access to Office 365 ProPlus, makes managing machines and the software that runs on them easier for enterprises. It also allows employers in regulated industries to provide their mobile workers with a virtual desktop that ensures that all of their precious data remains secure.

One stand-out feature here is that businesses can run multiple Windows 10 sessions on a single virtual machine.

It’s also worth noting that many of the features of this service are powered by technology from FSLogix, which Microsoft acquired last year. Specifically, these technologies allow Microsoft to give the non-persistent users relatively fast access to applications like their Outlook and OneDrive applications, for example.

For most Microsoft 365 enterprise customers, access to this service is simply part of the subscription cost they already pay — though they will need an Azure subscription and pay for the virtual machines that run in the cloud.

Right now, the service is only available in the US East 2 and US Central Azure regions. Over time, and once the preview is over, Microsoft will expand it to all of its cloud regions.

Vonage brings number programmability to its business service

Chances are you still mostly think of Vonage as a consumer VOIP player, but in recent years, the company also launched its Vonage Business Cloud (VBC) platform and acquired Nexmo, an API-based communications service that competes directly with many of Twilio’s core services. Today, Vonage is bringing its VBC service and Nexmo a bit closer with the launch of number programmability for its business customers.

What this means is that enterprises can now take any VBC number and extend it with the help of Nexmo’s APIs. To enable this, all they have to do is toggle a switch in their management console and then they’ll be able to programmatically route calls, create custom communications apps and workflows, and integrate third-party systems to build chatbots and other tools.

“About four years ago we made a pretty strong pivot to going from residential — a lot of people know Vonage as a residential player — to the business side,” Vonage senior VP of product management Jay Patel told me. “And through a series of acquisitions [including Nexmo], we’ve kind of built what we think is a very unique offering.” In many ways, those different platforms were always separated from each other, though. With all of the pieces in place now, however, the team started thinking about how it could use the Nexmo APIs to allow its customers in the unified communications and contact center space to more easily customize these services for them.

About a year ago, the team started working on this new functionality that brings the programmability of Nexmo to VBC. “We realized it doesn’t make sense for us to create our own new sets of APIs on our unified communications and contact center space,” said Patel. “Why don’t we use the APIs that Nexmo has already built?”

As Patel also stressed, the phone number is still very much linked to a business or individual employee — and they don’t want to change that just for the sake of having a programmable service. By turning on programmability for these existing numbers, though, and leveraging the existing Nexmo developer ecosystem and the building blocks those users have already created, the company believes that it’s able to offer a differentiated service that allows users to stay on its platform instead of having to forward a call to a third-party service like Twilio, for example, to enable similar capabilities.

In terms of those capabilities, users can pretty much do anything they want with these calls — and that’s important because every company has different processes and requirements. Maybe that’s logging info into multiple CRM systems in parallel or taking a clip of a call and pushing it into a different system for training purposes. Or you could have the system check your calendar when there are incoming calls and then, if it turns out you are in a meeting, offer the caller a callback whenever your calendar says you’re available again. All of that should only take a few lines of code or, if you want to avoid most of the coding, a few clicks in the company’s GUI for building these flows.

Vonage believes that these new capabilities will attract quite a few new customers. “It’s our value-add when we’re selling to new customers,” he said. “They’re looking for this kind of capability or are running into brick walls. We see a lot of companies that have an idea but they don’t know how to do it. They’re not engineers or they don’t have a big staff of developers, but because of the way we’ve implemented this, it brings the barrier of entry to create these solutions much lower than if you had a legacy system on-prem where you had to be a C++ developer to build an app.