Microsoft Azure CTO Mark Russinovich will join us for TC Sessions: Enterprise on September 5

Being the CTO for one of the three major hypercloud providers may seem like enough of a job for most people, but Mark Russinovich, the CTO of Microsoft Azure, has a few other talents in his back pocket. Russinovich, who will join us for a fireside chat at our TechCrunch Sessions: Enterprise event in San Francisco on September 5 (p.s. early-bird sale ends Friday), is also an accomplished novelist who has published four novels, all of which center around tech and cybersecurity.

At our event, though, we won’t focus on his literary accomplishments (except for maybe his books about Windows Server) as much as on the trends he’s seeing in enterprise cloud adoption. Microsoft, maybe more so than its competitors, always made enterprise customers and their needs the focus of its cloud initiatives from the outset. Today, as the majority of enterprises is looking to move at least some of their legacy workloads into the cloud, they are often stumped by the sheer complexity of that undertaking.

In our fireside chat, we’ll talk about what Microsoft is doing to reduce this complexity and how enterprises can maximize their current investments into the cloud, both for running new cloud-native applications and for bringing legacy applications into the future. We’ll also talk about new technologies that can make the move to the cloud more attractive to enterprises, including the current buzz around edge computing, IoT, AI and more.

Before joining Microsoft, Russinovich, who has a Ph.D. in computer engineering from Carnegie Mellon, was the co-founder and chief architect of Winternals Software, which Microsoft acquired in 2006. During his time at Winternals, Russinovich discovered the infamous Sony rootkit. Over his 13 years at Microsoft, he moved from Technical Fellow up to the CTO position for Azure, which continues to grow at a rapid clip as it looks to challenge AWS’s leadership in total cloud revenue.

Tomorrow, Friday, August 16 is your last day to save $100 on tickets before prices go up. Book your early-bird tickets now and keep that Benjamin in your pocket.

If you’re an early-stage startup, we only have three demo table packages left! Each demo package comes with four tickets and a great location for your company to get in front of attendees. Book your demo package today before we sell out!

Slack announces new admin features for larger organizations

Slack has been working to beef up the product recently for its larger customers. A couple of weeks ago that involved more sophisticated security tools. Today, it was the admins’ turn to get a couple of new tools that help make it easier to manage Slack in larger settings.

For starters, Slack has created an Announcements channel as a way to send a message to the entire organization. It would typically be used to communicate about administrative matters like changes in HR policy or software updates. The Announcements channel allows admins to limit who can send messages, and who can respond, so the channels stay clean and limit chatter.

Ilan Frank, director of product for enterprise at Slack, says that companies have been demanding this ability because they need a clean channel with reliable information from a trusted source.

“With this feature, [admins] can set this channel up as an announcement-only channel with the right folks in [IT or HR] who can who make announcements, and now this is a clean, controlled environment for important announcements and updates,” Frank explained.

The other piece Slack is announcing today is new APIs for creating templated workspaces. This is especially useful in environments where users have to create a bevy of new spaces frequently. Picture a university with professors setting up spaces for each of their classes with a set of tools for students, who all have to join the space.

Doing this manually, especially when everybody is setting them up at the same time at the beginning of a semester, could be tedious and chaotic, but by providing programmatic templated workflows, it brings a level of automation to the process.

Frank says while workspaces in and of themselves are not new, the automation layer is. “What is new about this is the API and the ability to automate the creation and management of these connectors [programmatically with code],” he said.

For starters, it will allow automated workspace creation based on information in Web forms. Later, the company will be adding scripting capabilities to build even more sophisticated workflows with automated configuration, apps and content.

Finally, Slack is automating the approval process for tools used inside Slack channels or workspaces. Pre-approved applications can be added to Slack automatically, while those not on the approved list would have to go through a separate process to get approved.

The Announcements tool is available starting today for customers with Plus and Enterprise Grid plans. The API and approval tools will be available soon for Enterprise Grid customers.

Why chipmaker Broadcom is spending big bucks for aging enterprise software companies

Last year Broadcom, a chipmaker, raised eyebrows when it acquired CA Technologies, an enterprise software company with a broad portfolio of products, including a sizable mainframe software tools business. It paid close to $19 billion for the privilege.

Then last week, the company opened up its wallet again and forked over $10.7 billion for Symantec’s enterprise security business. That’s almost $30 billion for two aging enterprise software companies. There has to be some sound strategy behind these purchases, right? Maybe.

Here’s the thing about older software companies. They may not out-innovate the competition anymore, but what they have going for them is a backlog of licensing revenue that appears to have value.

Every TC Sessions: Enterprise 2019 ticket includes a free pass to Disrupt SF

Shout out to all the savvy enterprise software startuppers. Here’s a quick, two-part money-saving reminder. Part one: TC Sessions: Enterprise 2019 is right around the corner on September 5, and you have only two days left to buy an early-bird ticket and save yourself $100. Part two: for every Session ticket you buy, you get one free Expo-only pass to TechCrunch Disrupt SF 2019.

Save money and increase your ROI by completing one simple task: buy your early-bird ticket today.

About 1,000 members of enterprise software’s powerhouse community will join us for a full day dedicated to exploring the current and future state of enterprise software. It’s certainly tech’s 800-pound gorilla — a $500 billion industry. Some of the biggest names and brightest minds will be on hand to discuss critical issues all players face — from early-stage startups to multinational conglomerates.

The day’s agenda features panel discussions, main-stage talks, break-out sessions and speaker Q&As on hot topics including intelligent marketing automation, the cloud, data security, AI and quantum computing, just to name a few. You’ll hear from people like SAP CEO Bill McDermott; Aaron Levie, Box co-founder; Jim Clarke, director of Quantum Hardware at Intel and many, many more.

Customer experience is always a hot topic, so be sure to catch this main-stage panel discussion with Amit Ahuja (Adobe), Julie Larson-Green (Qualtrics) and Peter Reinhardt (Segment):

The Trials and Tribulations of Experience Management: As companies gather more data about their customers and employees, it should theoretically improve their experience, but myriad challenges face companies as they try to pull together information from a variety of vendors across disparate systems, both in the cloud and on prem. How do you pull together a coherent picture of your customers, while respecting their privacy and overcoming the technical challenges?

TC Sessions: Enterprise 2019 takes place in San Francisco on September 5. Take advantage of this two-part money-saving opportunity. Buy your early-bird ticket by August 16 at 11:59 p.m. (PT) to save $100. And score a free Expo-only pass to TechCrunch Disrupt SF 2019 for every ticket you buy. We can’t wait to see you in September!

Interested in sponsoring TC Sessions: Enterprise? Fill out this form and a member of our sales team will contact you.

VMware says it’s looking to acquire Pivotal

VMware today confirmed that it is in talks to acquire software development platform Pivotal Software, the service best known for commercializing the open-source Cloud Foundry platform. The proposed transaction would see VMware acquire all outstanding Pivotal Class A stock for $15 per share, a significant markup over Pivotal’s current share price (which unsurprisingly shot up right after the announcement).

Pivotal’s shares have struggled since the company’s IPO in April 2018. The company was originally spun out of EMC Corporation (now DellEMC) and VMware in 2012 to focus on Cloud Foundry, an open-source software development platform that is currently in use by the majority of Fortune 500 companies. A lot of these enterprises are working with Pivotal to support their Cloud Foundry efforts. Dell itself continues to own the majority of VMware and Pivotal, and VMware also owns an interest in Pivotal already and sells Pivotal’s services to its customers, as well. It’s a bit of an ouroboros of a transaction.

Pivotal Cloud Foundry was always the company’s main product, but it also offered additional consulting services on top of that. Despite improving its execution since going public, Pivotal still lost $31.7 million in its last financial quarter as its stock price traded at just over half of the IPO price. Indeed, the $15 per share VMware is offering is identical to Pivotal’s IPO price.

An acquisition by VMware would bring Pivotal’s journey full circle, though this is surely not the journey the Pivotal team expected. VMware is a Cloud Foundry Foundation platinum member, together with Pivotal, DellEMC, IBM, SAP and Suse, so I wouldn’t expect any major changes in VMware’s support of the overall open-source ecosystem behind Pivotal’s core platform.

It remains to be seen whether the acquisition will indeed happen, though. In a press release, VMware acknowledged the discussion between the two companies but noted that “there can be no assurance that any such agreement regarding the potential transaction will occur, and VMware does not intend to communicate further on this matter unless and until a definitive agreement is reached.” That’s the kind of sentence lawyers like to write. I would be quite surprised if this deal didn’t happen, though.

Buying Pivotal would also make sense in the grand scheme of VMware’s recent acquisitions. Earlier this year, the company acquired Bitnami, and last year it acquired Heptio, the startup founded by two of the three co-founders of the Kubernetes project, which now forms the basis of many new enterprise cloud deployments and, most recently, Pivotal Cloud Foundry.

Incorta raises $30M Series C for ETL-free data processing solution

Incorta, a startup founded by former Oracle executives who want to change the way we process large amounts data, announced a $30 million Series C today led by Sorenson Capital.

Other investors participating in the round included GV (formerly Google Ventures), Kleiner Perkins, M12 (formerly Microsoft Ventures), Telstra Ventures and Ron Wohl. Today’s investment brings the total raised to $75 million, according to the company.

Incorta CEO and co-founder Osama Elkady says he and his co-founders were compelled to start Inccorta because they saw so many companies spending big bucks for data projects that were doomed to fail. “The reason that drove me and three other guys to leave Oracle and start Incorta is because we found out with all the investment that companies were making around data warehousing and implementing advanced projects, very few of these projects succeeded,” Elkady told TechCrunch.

A typical data project of involves ETL (extract, transform, load). It’s a process that takes data out of one database, changes the data to make it compatible with the target database and adds it to the target database.

It takes time to do all of that, and Incorta is trying to give access to the data much faster by stripping out this step. Elkady says that this allows customers to make use of the data much more quickly, claiming they are reducing the process from one that took hours to one that takes just seconds. That kind of performance enhancement is garnering attention.

Rob Rueckert, managing director for lead investor Sorenson Capital sees a company that’s innovating in a mature space. “Incorta is poised to upend the data warehousing market with innovative technology that will end 30 years of archaic and slow data warehouse infrastructure,” he said in a statement.

The company says revenue is growing by leaps and bounds, reporting 284% year over year growth (although they did not share specific numbers). Customers include Starbucks, Shutterfly and Broadcom.

The startup, which launched in 2013, currently has 250 employees with developers in Egypt and main operations in San Mateo, California. They recently also added offices in Chicago, Dubai and Bangalore.

Reversing macOS malware eBook Intro By Patrick Wardle

Attacks on the macOS platform are on the rise, but there’s a lack of material for those who want to learn about macOS malware analysis. SentinelOne is delighted to release this eBook to help security researchers learn about this increasingly important topic – Reversing Malware on macOS.

I’m strangely fascinated by malware. At a young age, tales of programs that could autonomously infect systems across the globe all the while stealthily avoiding detection seemed like the closest thing to “life” in cyberspace.

I craved more insight into these malicious creations, seeking answers to questions such as:

“How does malware infect computer systems?”
“To remain undetected, what stealth mechanism does the malware employ?”
“How can we generally detect such threats to ensure users remain protected?”

A job in the “Malicious Code Analysis” branch within the National Security Agency (NSA) gave me insight to many of these questions through the analysis of sophisticated “nation-state” malware designed to penetrate US government networks.

Since that time I’ve continually studied malware, though now I exclusively focus on specimens that target Apple’s macOS platform. And though malware continues to evolve, the methods used to analyze it remain largely the same. Analyzing Mac malware comes with a few unique challenges. First and foremost, the amount of malware that targets Cupertino’s desktop OS is far less than that which infects Microsoft PCs. This means fewer samples to analyze, limited analysis tools, and a smaller community of researchers publishing research or analysis on such threats.

These challenges inspired me to create the Mac security website “Objective-See.com” and the World’s only Mac security conference, “Objective by the Sea.”

Both the site and conference seek to bring together knowledge and resources on Mac security topics such as Mac malware. The conference talks, website blogs, and comprehensive Mac malware collection are invaluable resources for both advanced Mac malware analysts and those that are just starting out.

However, one essential piece of the “malware analysis puzzle” was (until now!) missing. That piece, quite simply, was: where and how to begin malware analysis on the Mac platform?

Today, you’re reading an excellent resource that seeks to provide the foundations, knowledge, and tools needed for you to become a proficient Mac malware analyst. Starting with the (imperative) basics such as setting up a safe analysis environment, it will walk you towards more advanced topics.

Along the way, links to more in depth content and specialized tools will be provided for the more adventurous reader.

So read on to begin (or enhance) your Mac malware analysis journey!

Patrick
@patrickwardle


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Clumio raises $51M to bring enterprise backup into the 21st century

Creating backups for massive enterprise deployments may feel like a solved problem, but for the most part, we’re still talking about complex hardware and software setups. Clumio, which is coming out of stealth today, wants to modernize enterprise data protection by eliminating the on-premise hardware in favor of a flexible, SaaS-style cloud-based backup solution.

For the first time, Clumio also today announced that it has raised a total of $51 million in a Series A and B round since it was founded in 2017. The $11 million Series A round closed in October 2017 and the Series B round in November 2018, Clumio founder and CEO Poojan Kumar told me. Kumar’s previous company, storage startup PernixData, was acquired by Nutanix in 2016. It doesn’t look like the investors made their money back, though.

Clumio is backed by investors like Sutter Hill Ventures, which led the Series A, and Index Ventures, which drove the Series B together with Sutter Hill. Other individual investors include Mark Leslie, founder of Veritas Technologies, and John Thompson, chairman of the board at Microsoft .

2019 08 12 1904

“Enterprise workloads are being ‘SaaS-ified’ because IT can no longer afford the time, complexity and expense of building and managing heavy on-prem hardware and software solutions if they are to successfully deliver against their digital transformation initiatives,” said Kumar. “Unlike legacy backup vendors, Clumio SaaS is born in the cloud. We have leveraged the most secure and innovative cloud services available, now and in the future, within our service to ensure that we can meet customer requirements for backup, regardless of where the data is.”

In its current iteration, Clumio can be used to secure data from on-premise, VMware Cloud for AWS and native AWS service workloads. Given this list, it doesn’t come as a surprise that Clumio’s backend, too, makes extensive use of public cloud services.

The company says that it already has several customers, though it didn’t disclose any in today’s announcement.

Procore brings 3D construction models to iOS

Today, Procore, a construction software company, announced Procore BIM (Building Information Modeling), a new tool that takes advantage of Apple hardware advances to bring the 3D construction model to iOS.

Dave McCool, senior product manager at Procore, says that architects and engineers have been working with 3D models of complex buildings for years on desktop computers and laptops, but these models never made it into the hands of the tradespeople actually working on the building. This forced them to make trips to the job site office to see the big picture whenever they ran into issues, a process that was inefficient and costly.

What Procore has done is created a 3D model that corresponds to a virtual version of the 2D floor plan and runs on an iOS device. Touching a space on the floor plan, opens a corresponding spot in the 3D model. What’s more, Procore has created a video game-like experience, so that contractors can use a virtual joystick to move around a 3D representation of the building, or they can use gestures to move around the rendering.

black iphone in landscape position held by a construction worker with a yellow hat a12584

Procore BIM running on an iPhone. Photo: Procore

The app has been designed so that it can run on an iPhone 7, but for optimal performance, Procore recommends using an iPad Pro. The software takes advantage of Apple Metal, which gives developers “near direct” access to the GPU running on these devices. This ability to tap into GPU power, speeds up performance and allows this level of sophisticated rendering quickly on iOS devices.

McCool says that this enables trades people to find the particular area on the drawing where their part of the project needs to go much more easily and intuitively, whether it’s wiring, ductwork or plumbing. As he pointed out, it can get crowded in the space above a ceiling or inside a utility  room, and the various trades teams need to work together to make sure they are putting their parts in the correct spot. Working with this tool helps make that placement crystal clear.

It’s essentially been designed to gamify the experience in order to help tradespeople who aren’t necessarily technically savvy to operate the tool themselves and find their way around a drawing in 3D, while reducing the number of trips to the office to have a discussion with the architects or engineers to resolve issues.

This is the latest tool from a company that has been producing construction software since 2002. As a company spokesperson said, early on the company founder had to wire routers on the site to allow workers to use the earliest versions. Today, it offers a range of construction software to track financials, project, labor and safety management information.

Procore BIM will be available starting next month.

Patch Tuesday, August 2019 Edition

Most Microsoft Windows (ab)users probably welcome the monthly ritual of applying security updates about as much as they look forward to going to the dentist: It always seems like you were there just yesterday, and you never quite know how it’s all going to turn out. Fortunately, this month’s patch batch from Redmond is mercifully light, at least compared to last month.

Okay, maybe a trip to the dentist’s office is still preferable. In any case, today is the second Tuesday of the month, which means it’s once again Patch Tuesday (or — depending on your setup and when you’re reading this post — Reboot Wednesday). Microsoft today released patches to fix some 93 vulnerabilities in Windows and related software, 35 of which affect various Server versions of Windows, and another 70 that apply to the Windows 10 operating system.

Although there don’t appear to be any zero-day vulnerabilities fixed this month — i.e. those that get exploited by cybercriminals before an official patch is available — there are several issues that merit attention.

Chief among those are patches to address four moderately terrifying flaws in Microsoft’s Remote Desktop Service, a feature which allows users to remotely access and administer a Windows computer as if they were actually seated in front of the remote computer. Security vendor Qualys says two of these weaknesses can be exploited remotely without any authentication or user interaction.

“According to Microsoft, at least two of these vulnerabilities (CVE-2019-1181 and CVE-2019-1182) can be considered ‘wormable’ and [can be equated] to BlueKeep,” referring to a dangerous bug patched earlier this year that Microsoft warned could be used to spread another WannaCry-like ransomware outbreak. “It is highly likely that at least one of these vulnerabilities will be quickly weaponized, and patching should be prioritized for all Windows systems.”

Fortunately, Remote Desktop is disabled by default in Windows 10, and as such these flaws are more likely to be a threat for enterprises that have enabled the application for various purposes. For those keeping score, this is the fourth time in 2019 Microsoft has had to fix critical security issues with its Remote Desktop service.

For all you Microsoft Edge and Internet Exploiter Explorer users, Microsoft has issued the usual panoply of updates for flaws that could be exploited to install malware after a user merely visits a hacked or booby-trapped Web site. Other equally serious flaws patched in Windows this month could be used to compromise the operating system just by convincing the user to open a malicious file (regardless of which browser the user is running).

As crazy as it may seem, this is the second month in a row that Adobe hasn’t issued a security update for its Flash Player browser plugin, which is bundled in IE/Edge and Chrome (although now hobbled by default in Chrome). However, Adobe did release important updates for its Acrobat and free PDF reader products.

If the tone of this post sounds a wee bit cantankerous, it might be because at least one of the updates I installed last month totally hosed my Windows 10 machine. I consider myself an equal OS abuser, and maintain multiple computers powered by a variety of operating systems, including Windows, Linux and MacOS.

Nevertheless, it is frustrating when being diligent about applying patches introduces so many unfixable problems that you’re forced to completely reinstall the OS and all of the programs that ride on top of it. On the bright side, my newly-refreshed Windows computer is a bit more responsive than it was before crash hell.

So, three words of advice. First off, don’t let Microsoft decide when to apply patches and reboot your computer. On the one hand, it’s nice Microsoft gives us a predictable schedule when it’s going to release patches. On the other, Windows 10 will by default download and install patches whenever it pleases, and then reboot the computer.

Unless you change that setting. Here’s a tutorial on how to do that. For all other Windows OS users, if you’d rather be alerted to new updates when they’re available so you can choose when to install them, there’s a setting for that in Windows Update.

Secondly, it doesn’t hurt to wait a few days to apply updates.  Very often fixes released on Patch Tuesday have glitches that cause problems for an indeterminate number of Windows systems. When this happens, Microsoft then patches their patches to minimize the same problems for users who haven’t yet applied the updates, but it sometimes takes a few days for Redmond to iron out the kinks.

Finally, please have some kind of system for backing up your files before applying any updates. You can use third-party software for this, or just the options built into Windows 10. At some level, it doesn’t matter. Just make sure you’re backing up your files, preferably following the 3-2-1 backup rule. Thankfully, I’m vigilant about backing up my files.

And, as ever, if you experience any problems installing any of these patches this month, please feel free to leave a comment about it below; there’s a good chance other readers have experienced the same and may even chime in here with some helpful tips.