Lightspeed leads Laiye’s $42M round to bet on Chinese enterprise IT

Laiye, a Chinese startup that offers robotic process automation services to several major tech firms in the nation and government agencies, has raised $42 million in a new funding round as it looks to scale its business.

The new financing round, Series C, was co-led by Lightspeed Venture Partners and Lightspeed China Partners. Cathay Innovation, which led the startup’s Series B+ round and Wu Capital, which led the Series B round, also participated in the new round.

China has been the hub for some of the cheapest labor in the world. But in recent years, a number of companies and government agencies have started to improve their efficiency with the help of technology.

That’s where Laiye comes into play. Robotic process automation (RPA) allows software to mimic several human behaviors such as keyboard strokes and mouse clicks.

“For instance, a number of banks did not previously offer APIs, so humans had to sign in and fetch the data and then feed it into some other software. Processes like these could be automated by our platform,” said Arvid Wang, co-founder and co-chief executive of Laiye, in an interview with TechCrunch.

The four-and-a-half-year-old startup, which has raised more than $100 million to date, will use the fresh capital to hire talent from across the globe and expand its services. “We believe robotic process automation will achieve its full potential when it combines AI and the best human talent,” he said.

Laiye’s announcement today comes as the market for robotic automation process is still in nascent stage in China. There are a handful of startups looking into this space, but Laiye, which counts Microsoft as an investor, and Sequoia-backed UiPath are the two clear leaders in the market.

As my colleague Rita Liao wrote last year, it was only recently that some entrepreneurs and investors in China started to shift their attention from consumer-facing products to business applications.

Globally, RPA has emerged as the fastest growing market in enterprise space. A Gartner report found last year that RPA market grew over 63% in 2018. Recent surveys have shown that most enterprises in China today are also showing interest in enhancing their RPA projects and AI capabilities.

Laiye today has more than 200 partners and more than 200,000 developers have registered to use its multilingual UiBot RPA platform. UiBot enables integration with Laiye’s native and third-party AI capabilities such as natural language processing, optical character recognition, computer vision, chatbot and machine learning.

“We are very bullish on China, and the opportunities there are massive,” said Lightspeed partner Amy Wu in an interview. “Laiye is doing phenomenally there, and with this new fundraise, they can look to expand globally,” she said.

Databricks makes bringing data into its ‘lakehouse’ easier

Databricks today announced the launch of its new Data Ingestion Network of partners and the launch of its Databricks Ingest service. The idea here is to make it easier for businesses to combine the best of data warehouses and data lakes into a single platform — a concept Databricks likes to call “lakehouse.”

At the core of the company’s lakehouse is Delta Lake, Databricks’ Linux Foundation-managed open-source project that brings a new storage layer to data lakes that helps users manage the lifecycle of their data and ensures data quality through schema enforcement, log records and more. Databricks users can now work with the first five partners in the Ingestion Network — Fivetran, Qlik, Infoworks, StreamSets, Syncsort — to automatically load their data into Delta Lake. To ingest data from these partners, Databricks customers don’t have to set up any triggers or schedules — instead, data automatically flows into Delta Lake.

“Until now, companies have been forced to split up their data into traditional structured data and big data, and use them separately for BI and ML use cases. This results in siloed data in data lakes and data warehouses, slow processing and partial results that are too delayed or too incomplete to be effectively utilized,” says Ali Ghodsi, co-founder and CEO of Databricks. “This is one of the many drivers behind the shift to a Lakehouse paradigm, which aspires to combine the reliability of data warehouses with the scale of data lakes to support every kind of use case. In order for this architecture to work well, it needs to be easy for every type of data to be pulled in. Databricks Ingest is an important step in making that possible.”

Databricks VP of Product Marketing Bharath Gowda also tells me that this will make it easier for businesses to perform analytics on their most recent data and hence be more responsive when new information comes in. He also noted that users will be able to better leverage their structured and unstructured data for building better machine learning models, as well as to perform more traditional analytics on all of their data instead of just a small slice that’s available in their data warehouse.

Zyxel Fixes 0day in Network Storage Devices

Patch comes amid active exploitation by ransomware gangs

Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground.

Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.

KrebsOnSecurity first learned about the flaw on Feb. 12 from Alex Holden, founder of Milwaukee-based security firm Hold Security. Holden had obtained a copy of the exploit code, which allows an attacker to remotely compromise more than a dozen types of Zyxel NAS products remotely without any help from users.

A snippet from the documentation provided by 500mhz for the Zyxel 0day.

Holden said the seller of the exploit code — a ne’er-do-well who goes by the nickname “500mhz” –is known for being reliable and thorough in his sales of 0day exploits (a.k.a. “zero-days,” these are vulnerabilities in hardware or software products that vendors first learn about when exploit code and/or active exploitation shows up online).

For example, this and previous zero-days for sale by 500mhz came with exhaustive documentation detailing virtually everything about the flaw, including any preconditions needed to exploit it, step-by-step configuration instructions, tips on how to remove traces of exploitation, and example search links that could be used to readily locate thousands of vulnerable devices.

500mhz’s profile on one cybercrime forum states that he is constantly buying, selling and trading various 0day vulnerabilities.

“In some cases, it is possible to exchange your 0day with my existing 0day, or sell mine,” his Russian-language profile reads.

The profile page of 500mhz, translated from Russian to English via Google Chrome.

PARTIAL PATCH

KrebsOnSecurity first contacted Zyxel on Feb. 12, sharing a copy of the exploit code and description of the vulnerability. When four days elapsed without any response from the vendor to notifications sent via multiple methods, this author shared the same information with vulnerability analysts at the U.S. Department of Homeland Security (DHS) and with the CERT Coordination Center (CERT/CC), a partnership between DHS and Carnegie Mellon University.

Less than 24 hours after contacting DHS and CERT/CC, KrebsOnSecurity heard back from Zyxel, which thanked KrebsOnSecurity for the alert without acknowledging its failure to respond until they were sent the same information by others.

“Thanks for flagging,” Zyxel’s team wrote on Feb. 17. “We’ve just received an alert of the same vulnerabilities from US-CERT over the weekend, and we’re now in the process of investigating. Still, we heartily appreciate you bringing it to our attention.”

Earlier today, Zyxel sent a message saying it had published a security advisory and patch for the zero-day exploit in some of its affected products. The vulnerable devices include NAS542, NAS540, NAS520, NAS326, NSA325 v2, NSA325, NSA320S, NSA320, NSA310S, NSA310, NSA221, NSA220+, NSA220, and NSA210. The flaw is designated as CVE-2020-9054.

However, many of these devices are no longer supported by Zyxel and will not be patched. Zyxel’s advice for those users is simply “do not leave the product directly exposed to the internet.”

“If possible, connect it to a security router or firewall for additional protection,” the advisory reads.

Holden said given the simplicity of the exploit — which allows an attacker to seize remote control over an affected device by injecting just two characters to the username field of the login panel for Zyxel NAS devices — it’s likely other Zyxel products may have related vulnerabilities.

“Considering how stupid this exploit is, I’m guessing this is not the only one of its class in their products,” he said.

CERT’s advisory on the flaw rates it at a “10” — its most severe. The advisory includes additional mitigation instructions, including a proof-of-concept exploit that has the ability to power down affected Zyxel devices.

EMOTET GOES IOT?

Holden said recent activity suggests that attackers known for deploying ransomware have been actively working to test the zero-day for use against targets. Specifically, Holden said the exploit is now being used by a group of bad guys who are seeking to fold the exploit into Emotet, a powerful malware tool typically disseminated via spam that is frequently used to seed a target with malcode which holds the victim’s files for ransom.

Holden said 500mhz was offering the Zyxel exploit for $20,000 on cybercrime forums, although it’s not clear whether the Emotet gang paid anywhere near that amount for access to the code. Still, he said, ransomware gangs could easily earn back their investment by successfully compromising a single target with this simple but highly reliable exploit.

“From the attacker’s standpoint simple is better,” he said. “The commercial value of this exploit was set at $20,000, but that’s not much when you consider a ransomware gang could easily make that money back and then some in a short period of time.”

Emotet’s nascent forays into IoT come amid other disturbing developments for the prolific exploitation platform. Earlier this month, security researchers noted that Emotet now has the capability to spread in a worm-like fashion via Wi-Fi networks.

“To me, a 0day exploit in Zyxel is not as scary as who bought it,” he said. “The Emotet guys have been historically targeting PCs, laptops and servers, but their venture now into IoT devices is very disturbing.”

DISCLOSURE DEBATE

This experience was a good reminder that vulnerability reporting and remediation often can be a frustrating process. Twelve days turnaround is fairly quick as these things go, although probably not quick enough for customers using products affected by zero-day vulnerabilities.

It can be tempting when one is not getting any response from a vendor to simply publish an alert detailing one’s findings, and the pressure to do so certainly increases when there is a zero-day flaw involved. KrebsOnSecurity ultimately opted not to do that for three reasons.

Firstly, at the time there was no evidence that the flaws were being actively exploited, and because the vendor had assured DHS and CERT-CC that it would soon have a patch available.

Perhaps most importantly, public disclosure of an unpatched flaw could well have made a bad situation worse, without offering affected users much in the way of information about how to protect their systems.

Many hardware and software vendors include a link from their home pages to /security.txt, which is a proposed standard for allowing security researchers to quickly identify the points of contact at vendors when seeking to report security vulnerabilities. But even vendors who haven’t yet adopted this standard (Zyxel has not) usually will respond to reports at security@[vendordomainhere]; indeed, Zyxel encourages researchers to forward any such reports to security@zyxel.com.tw.

On the subject of full disclosure, I should note that while this author is listed by Hold Security’s site as an advisor, KrebsOnSecurity has never sought nor received remuneration of any kind in connection with this role.

The Good, the Bad and the Ugly in Cybersecurity – Week 8

The Good

“Ring! Ring!”
“Who’s There?”
“Multi-Factor Authentication !!!”

On February 18, Ring (parent company Amazon) announced that they would be implementing new, mandatory layers of security for Ring customer accounts. Specifically, MFA will be required for all customers upon logging in to their Ring accounts. Customers can choose to receive a token via email or SMS as the second method of authentication. These changes come after multiple stories came to light surrounding the hijacking of Ring accounts…and as a result..devices. While not all are accustomed to ‘mandatory’ MFA, this should be viewed as a positive and necessary step forward.

Recent history has already shown that strong controls are required in order to secure these and all other IoT devices. MFA, while not perfect, is a step in the right direction for the ongoing quest to secure IoT devices and services. We all like to resist change, and it can be hard to work against that ‘friction’. However, the same could be said for giving up on floppy disk drives, or headphone jacks, etc. When driving toward the greater-good, a small process change (mandatory MFA), which stands between the good guys and the villains, should be seen as an admirable example of moving forward.

image of tweet of ring adding extra layers of security

The Bad

Critical Plant Shuts Down for Two Days After Ransomware ‘Hits the Gas’

A ransomware attack recently forced the shutdown of a U.S.-based natural gas plant. The infection had a direct effect on safety and operational systems. According to reports, The Department of Homeland Security said that “personnel were prevented from receiving crucial real-time operational data from control and communications equipment”.

It is reported that the attack started with a malicious email. This serves as a great reminder that email is still the top delivery vector for malware. The US Cybersecurity and Infrastructure Security Agency (CISA) released Alert (AA20-049A), providing additional information surrounding the event. The alert confirms the spear-phishing delivery mechanism. This established a foothold on the “IT network” and subsequently pivoted to the OT network, which provided access to HMIs (human machine interfaces), polling servers and historical data storage. CISA states that no PLCs were affected, nor was control lost on any specific system. The shutdown was done in direct response to events as they unfolded, with the decision being made to shutdown the plant’s operations in a deliberate and controlled manner.   

image of US-Cert twitter home page

The Ugly

APT28 and 2019 Attack Campaigns Against Georgia

By now we should all be familiar with APT28 (aka Fancy Bear, G74, Sofacy, Sednit, etc). The state-backed group has been focusing their efforts on high-value targets in the Chemical Engineering, Defense, Government, Industrial Systems, and Intelligence agencies for well over a decade. Notable campaigns include “Pawn Storm”, “Russian Doll”, breaching the International Olympic Committee, and more. This week the UK’s NCSC (National Cyber Security Centre) announced that it was this same group behind a series of cyberattacks against Georgia in October 2019. The NSCS emphasized this claim with “the highest level of probability”. 

image of tweet stating Russian APT GRU behind attacks on Georgia

The attacks in question were focused on a number of Georgian web hosting companies, along with media entities. Multiple Georgian TV stations were forced offline in addition to the defacements and availability attacks. The U.K. has come out strongly on this series of attacks (and subsequent attribution). Britain and Georgia are allies and therefore there are both cyber & political ramifications to the ongoing behavior being observed out of the Russian GRU.

It’s worth noting that these attribution stories can be difficult to interpret sometimes. In some cases, their release may be timed in strategic ways so as to coincide with other worldly events. However, we can be sure that the more that is exposed by these state-backed groups, the better. And when we have ally nations pointing the finger, that makes the message far more serious.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

DSP Concepts raises $14.5M for its Audio Weaver platform

DSP Concepts — a startup whose Audio Weaver software is used by companies as varied as Tesla, Porsche, GoPro and Braun Audio — is announcing that it has raised $14.5 million in Series B funding.

The startup goal, as explained to me by CEO Chin Beckmann and CTO Paul Beckmann (yep, they’re a husband-and-wife founding team), is to create the standard framework that companies use to develop their audio processing software.

To that end, Chin told me they were “picky about who we wanted on the B round, we wanted it to represent the support and endorsement of the industry.”

So the round was led by Taiwania Capital, but it also includes investments from the strategic arms of DSP Concepts’ industry partners — BMW i Ventures (which led the Series A), the Sony Innovation Growth Fund by Innovation Growth Ventures, MediaTek Ventures, Porsche Ventures and the ARM IoT Fund.

Paul said Audio Weaver started out as the “secret weapon” of the Beckmanns’ consulting business, which he could use to “whip out” the results of an audio engineering project. At a certain point, consulting customers started asking him, “Hey, how about you teach me how to use that?,” so they decided to launch a startup focused on the Audio Weaver platform.

Audio Weaver - AWE Designer

Paul described the software as a “graphical block diagram editor.” Basically, it provides a way for audio engineers to combine and customize different software modules for audio processing.

“Audio is still in the Stone Ages compared to other industries,” he said. “Suppose you’re building a product with a touchscreen — are you going write the graphics from scratch or use a framework like Qt?”

Similarly, he suggested that while many audio engineers are still “down in the weeds writing code,” they can take advantage of Audio Weaver’s graphical interface to piece everything together, as well as the company’s “hundreds of different modules — pre-written, pre-tested, pre-optimized functions to build up your system.”

For example, Paul said that by using the Audio Weaver platform, DSP Concepts engineers could test out “hundreds of ideas” for algorithms for reducing wind noise in the footage captured by GoPro cameras, then ultimately “hand the algorithms over to GoPro,” whose team could them plug the algorithms into their software and modify it themselves.

The Beckmanns said the company also works closely with chip manufacturers to ensure that audio software will work properly on any device powered by a given chipset.

Other modules include TalkTo, which is designed to give voice assistants like Alexa “super-hearing,” so that they can still isolate voice commands and cancel out all the other noise in loud environments, even rock concerts. (You can watch a TalkTo demo in the video below.)

DSP Concepts has now raised more than $25 million in total funding.

 

Sasa Software Partners with SentinelOne to Offer NextGen AI-driven Security

Attackers never stop innovating. We know that, motivated by the rich prizes that await criminals that can penetrate a business network, threat actors will always look for new solutions and workarounds in their quest to beat enterprise security. It’s why defenders never stand still either, and seamlessly integrating new layers of defense is a key part of staying on top of the cyber security challenge while maintaining business productivity and flexibility. As part of meeting that challenge, we’re pleased to announce that Sasa Software has partnered with SentinelOne to integrate the SentinelOne NextGen AI engine into the Sasa Software GateScanner CDR technology. In this post, we’ll explain what this means and how it works.

image of Sasa partners with Sentinel One

What is Content Disarm and Reconstruction?

Content Disarm and Reconstruction (CDR) is designed to provide a safe, hassle-free solution for the prevention of file-based attacks. Instead of relying on signature-based scanning or sandbox behavioral analysis, the technology breaks the file into its components and then re-creates them, omitting all the insecure elements before the file enters the organization. 

infographic of content disarm and reconstruction process

This approach, championed by Sasa Software, has proven itself to a point where Gartner mentioned the technology as a “Best Practice” in its recent Hype Cycle for Threat Facing Technologies, noting that “CDR protects against exploits and weaponized content that have not been seen before”.  

How SentinelOne Fits Into the Picture

To pre-emptively block files that are malicious, GateScanner utilizes multiple highly-optimized AV engines that detect known signature-based threats. However, malware can be easily mutated to bypass these “static” AV engines. By introducing the capability to scan the files with the SentinelOne advanced AI engine, it is possible to catch malicious files based on their characteristics even if they are entirely novel, never-seen-before malware.

By incorporating the SentinelOne Nexus Embedded SDK, Sasa Software GateScanner Content Disarm and Reconstruction technology can now leverage SentinelOne’s predictive models to classify files as benign or malicious based on their characteristics, without using signatures or cloud lookup. It is extremely fast (classification is done within milliseconds) and provides information about various characteristics that exist in the analyzed files that are indicative of maliciousness. For example, an executable may be classified as malicious due to its high entropy or unusual binary format.

How SentinelOne Helps With Files That Cannot Be Disarmed

Technically, the SentinelOne Nexus SDK has been embedded as an additional scanning technology in Sasa Software’s CDR engines as part of the “Deep Threat Scans” capability.

The combined process will begin with scanning the files using multiple highly optimized AV engines, including SentinelOne. All files, whenever possible, will then continue to the disarm process, to prevent undetectable attacks. 

In addition, the SentinelOne Nexus SDK provides a significant new capability for enhancing the security of customers using files that cannot be disarmed, including binaries (PEs) and documents containing active content such as MS-Office Macros and PDF scripts. This is especially crucial for OT network users as they often introduce SCADA updates, control files, and other operational files that cannot be disarmed.

SentinelOne’s AI technology is able to extract features from a given file and predict whether the file is a threat or not, based on a statistical model trained on millions of samples to correlate features of both malicious and benign files.

With this technology, customers can be assured that they are getting the best protection available anywhere, today.

image of sentinel one machine learning

Conclusion

Sasa Software engineers have worked closely with the R&D team at SentinelOne to verify the effectiveness and performance of the solution in detecting highly mutated and previously unknown malware. The Sasa Software GateScanner Content Disarm and Reconstruction technology integrated with SentinelOne Advanced AI engine is available to all Sasa Software customers across all solutions: Portable (USB) media security, Email, Appliance Security, APIs, and Sasa’s new multi-route Security Dome. Please contact SentinelOne or Sasa Software to learn how you can enjoy using the SentinelOne AI engine today. 


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Cloud spending said to top $30B in Q4 as Amazon, Microsoft battle for market share

We all know the cloud infrastructure market is extremely lucrative; analyst firm Canalys reports that the sector reached $30.2 billion in revenue for Q4 2019.

Cloud numbers are hard to parse because companies often lump cloud revenue into a single bucket regardless of whether it’s generated by infrastructure or software. What’s interesting about Canalys’s numbers is that it attempts to measure the pure infrastructure results themselves without other cloud incomes mixed in:

As an example, Microsoft reported $12.5 billion in total combined cloud revenue for the quarter, but Canalys estimates that just $5.3 billion comes from infrastructure (Azure). Amazon has the purest number with $9.8 billion of a reported $9.95 billion attributed to its infrastructure business. This helps you understand why in spite of the fact that Microsoft reported bigger overall cloud earnings numbers and a higher growth rate, Amazon still has just less than double Microsoft’s market share in terms of IaaS spend.

That’s not to say Microsoft didn’t still have a good quarter — it garnered 17.6% of revenue for the period. That’s up from 14.5% in the same quarter a year ago. What’s more, Amazon lost a bit of ground, according to Canalys, dropping from 33.4% in Q4 2018 to 32.4% in the most recent quarter.

Part of the reason for that is because Microsoft is growing at close to twice the rate as Amazon — 62.3% versus Amazon’s 33.2%.

Meanwhile, number-three vendor Google came in at $1.8 billion for pure infrastructure revenue, good for 6% of the market, up from 4.9% a year ago on growth rate 67.6%. Google reported $2.61 billion in overall cloud revenue, but that included software. Despite the smaller results, it was a good quarter for the Mountain View-based company.

Ordway lands $10M Series A to bridge gap between sales and finance

Ordway, a Washington, DC startup, is building a platform to deal with all of the stuff that happens after you make sale. It starts with the order and goes all the way to revenue as a one-time payment or recurring subscription. Today the company announced a $10 million Series A.

CRV led the round with participation from Clocktower Ventures and existing investors Lerer Hippeau and Revolution Rise of the Rest fund. The company has now raised a total of $12.5 million, according to Crunchbase data.

Sameer Gulati, founder and CEO at Ordway, says the company wanted to build a flexible tool to sit between the CRM and financial systems of a company. “So in that sense, we do everything for post-sales from billing automation, payment collection, revenue recognition, analytics, all the way to cash. We have a streamlined workflow for managing order to revenue,” Gulati told TechCrunch.

It sounds a lot like the Quote-to-Cash space where companies like Apttus (acquired by Thoma Bravo in 2018) or SteelBrick (acquired by Salesforce in 2015) tried to stake a claim, but Gulati says while his company’s solution handles the quote-to-cash workflow, it can do much more than that.

“We absolutely can handle the workflow from quote to billing to payments to revenue, for sure. But the reason Ordway has a niche is because we are a lot more configurable and a lot more flexible to accommodate any workflow out there,” he said.

He says his company’s solution connects to the CRM system on one side and the financial systems on the other. They are compatible with all the major CRM tools including Salesforce and Dynamics 365. And they support a range of financial tools like NetSuite or QuickBooks.

“In fact, we can work with any back-end small system to a large scale ERP system, but our value add is automating the movement of data into the ERP. So we are the operational framework between sales and traditional ERP. We will handle everything in between,” he said.

As for the funding, Gulati has the kind of plans you would expect with a Series A investment. “The core goal is definitely to accelerate all aspects of our business from sales and marketing to product and engineering, and most importantly, customer success. Basically, in a sense we are doubling down on making sure our customers are successful in solving their core sales to finance business challenges,” he said.

The company launched in 2018 and has 25 employees today. Gulati says his company’s goal is to grow 4x in the next 12 months and grow employees at a similar rate.

BluBracket scores $6.5M seed to help secure code in distributed environments

BluBracket, a new security startup from the folks who brought you Vera, came out of stealth today and announced a $6.5 million seed investment. Unusual Ventures led the round with participation by Point72 Ventures, SignalFire and Firebolt Ventures.

The company was launched by Ajay Arora and Prakash Linga, who until last year were CEO and CTO respectively at Vera, a security company that helps companies secure documents by having the security profile follow the document wherever it goes.

Arora says he and Linga are entrepreneurs at heart, and they were itching to start something new after more than five years at Vera. While Arora still sits on the Vera board, they decided to attack a new problem.

He says that the idea for BluBracket actually came out of conversations with Vera customers, who wanted something similar to Vera, except to protect code. “About 18-24 months ago, we started hearing from our customers, who were saying, ‘Hey you guys secure documents and files. What’s becoming really important for us is to be able to share code. Do you guys secure source code?’”

That was not a problem Vera was suited to solve, but it was a light bulb moment for Arora and Linga, who saw an opportunity and decided to seize it. Recognizing the way development teams operated has changed, they started BluBracket and developed a pair of products to handle the unique set of problems associated with a distributed set of developers working out of a Git repository — whether that’s GitHub, GitLab or BitBucket.

The first product is BluBracket CodeInsight, which is an auditing tool, available starting today. This tool gives companies full visibility into who has withdrawn the code from the Git repository. “Once they have a repo, and then developers clone it, we can help them understand what clones exist on what devices, what third parties have their code, and even be able to search open source projects for code that might have been pushed into open source. So we’re creating what we call a blueprint of where the enterprise code is,” Arora explained.

The second tool, BluBracket CodeSecure, which won’t be available until later in the year, is how you secure that code including the ability to classify code by level importance. Code tagged with the highest level of importance will have special status and companies can attach rules to it like that it can’t be distributed to an open source folder without explicit permission.

They believe the combination of these tools will enable companies to maintain control over the code, even in a distributed system. Arora says they have taken care to make sure that the system provides the needed security layer without affecting the operation of the continuous delivery pipeline.

“When you’re compiling or when you’re going from development to staging to production, in those cases because the code is sitting in Git, and the code itself has not been modified, BluBracket won’t break the chain,” he explained. If you tried to distribute special code outside the system, you might get a message that this requires authorization, depending on how the tags have been configured.

This is very early days for BluBracket, but the company takes its first steps as a startup this week and emerges from stealth next week at the RSA security conference in San Francisco. It will be participating in the RSA Sandbox competition for early security startups at the conference, as well.

Microsoft Dynamics 365 update is focused on harnessing data

Microsoft announced a major update to its Dynamics 365 product line today, which correlates to the growing amount of data in the enterprise and how to collect and understand that data to produce better customer experiences.

This is, in fact, the goal of all vendors in this space, including Salesforce and Adobe, which are also looking to help improve the customer experience. James Philips, who was promoted to president of Microsoft Business Applications just this week, says that Microsoft has also been keenly focused on harnessing the growing amount of data and helping make use of that inside the applications he is in charge of.

“To be frank, every single thing that we’re doing at Microsoft, not just in business applications but across the entire Microsoft Cloud, is on the back of that vision that data is coming out of everything, and that those organizations that can collect that data, harmonize it and reason over it will be in a position to be proactive versus reactive,” Philips told TechCrunch.

New customer engagement tooling

For starters, the company is adding functionality to its customer data platform (CDP), a concept all major vendors (and a growing group of startups) have embraced. It pulls together into one place all of the customer data from various systems, making it easier to understand how the customer interacts with you, with the goal of providing better experiences based on this knowledge. Microsoft’s CDP is called Customer Insights.

The company is adding some new connectors to help complete that picture of the customer. “We’re adding new first and third-party data connections to Customer Insights that allow our customers to understand, for example audience memberships, brand affinities, demographic, psychographic and other characteristics of customers that are stored and then harnessed from Dynamics 365 Customer Insights,” Philips said.

All of this might make you wonder how they can collect this level of data and maintain GDPR/CCPA kind of compliance. Philips says that the company has been working on this for some time. “We did work at the company level to build a system that allows us and our customers to search for and then delete information about customers in each product group within Microsoft, including my organization,” he explained.

The company has also added new sales forecasting tools and Dynamics 365 Sales Engagement Center. The first allows companies to tap into all this data to better predict the customers who sales is engaged with that are most likely to turn into sales. The second gives inside sales teams tools like next best action. These are not revolutionary by any means in the CRM space, but do provide new capabilities for Microsoft customers.

New operations-level tooling

The operations side is related to what happens after the sale, when the company begins to collect money and report revenue. To that end, the company is introducing a new product called Dynamic 365 Finance Insights, which you can think of as Customer Insights, except for money.

“This product is designed to help our customers predict and accelerate their cash flow. It’s designed specifically to identify opportunities where to focus your energy, where you may have the best opportunity to either close accounts payables or receivables or the opportunity to understand where you may have cash shortfalls,” Philips said.

Finally the company is introducing Dynamics 365 Project Operations, which provides a way for project-based business like construction, consulting and law to track the needs of the business.

“Those organizations, who are trying to operate in a project-based way now have with Dynamics 365 Project Operations, what we believe is the most widely used project management capability in Microsoft Project being joined now with all of the back-end capabilities for selling, accounting and planning that Dynamic 365 offers, all built on the same Common Data Platform, so that you can marry your front-end operations and operational planning with your back-end resource planning, workforce planning and operational processes,” he explained.

All of these tools are designed to take advantage of the growing amount of data coming into organizations, and provide ways to run businesses in a more automated and intelligent fashion that removes some of the manual steps involved in running a company.

To be clear, Microsoft is not alone in offering this kind of intelligent functionality. It is part of a growing movement to bring intelligence to all aspects of enterprise software, regardless of vendor.