Run:AI brings virtualization to GPUs running Kubernetes workloads

In the early 2000s, VMware introduced the world to virtual servers that allowed IT to make more efficient use of idle server capacity. Today, Run:AI is introducing that same concept to GPUs running containerized machine learning projects on Kubernetes.

This should enable data science teams to have access to more resources than they would normally get were they simply allocated a certain number of available GPUs. Company CEO and co-founder Omri Geller says his company believes that part of the issue in getting AI projects to market is due to static resource allocation holding back data science teams.

“There are many times when those important and expensive computer sources are sitting idle, while at the same time, other users that might need more compute power since they need to run more experiments and don’t have access to available resources because they are part of a static assignment,” Geller explained.

To solve that issue of static resource allocation, Run:AI came up with a solution to virtualize those GPU resources, whether on prem or in the cloud, and let IT define by policy how those resources should be divided.

“There is a need for a specific virtualization approaches for AI and actively managed orchestration and scheduling of those GPU resources, while providing the visibility and control over those compute resources to IT organizations and AI administrators,” he said.

Run:AI creates a resource pool, which allocates based on need. Image Credits Run:AI

Run:AI built a solution to bridge this gap between the resources IT is providing to data science teams and what they require to run a given job, while still giving IT some control over defining how that works.

“We really help companies get much more out of their infrastructure, and we do it by really abstracting the hardware from the data science, meaning you can simply run your experiment without thinking about the underlying hardware, and at any moment in time you can consume as much compute power as you need,” he said.

While the company is still in its early stages, and the current economic situation is hitting everyone hard, Geller sees a place for a solution like Run:AI because it gives customers the capacity to make the most out of existing resources, while making data science teams run more efficiently.

He also is taking a realistic long view when it comes to customer acquisition during this time. “These are challenging times for everyone,” he says. “We have plans for longer time partnerships with our customers that are not optimized for short term revenues.”

Run:AI was founded in 2018. It has raised $13 million, according to Geller. The company is based in Israel with offices in the United States. It currently has 25 employees and a few dozen customers.

GitHub gets a built-in IDE with Codespaces, discussion forums and more

Under different circumstances, GitHub would be hosting its Satellite conference in Paris this week. Like so many other events, GitHub decided to switch Satellite to a virtual event, but that isn’t stopping the Microsoft-owned company from announcing quite a bit of news this week.

The highlight of GitHub’s announcement is surely the launch of GitHub Codespaces, which gives developers a full cloud-hosted development environment in the cloud, based on Microsoft’s VS Code editor. If that name sounds familiar, that’s likely because Microsoft itself rebranded Visual Studio Code Online to Visual Studio Codespaces a week ago — and GitHub is essentially taking the same concepts and technology and is now integrating it directly inside its service. If you’ve seen VS Online/Codespaces before, the GitHub environment will look very similar.

Contributing code to a community can be hard. Every repository has its own way of configuring a dev environment, which often requires dozens of steps before you can write any code,” writes Shanku Niyogi, GitHub’s SVP of Product, in today’s announcement. “Even worse, sometimes the environment of two projects you are working on conflict with one another. GitHub Codespaces gives you a fully-featured cloud-hosted dev environment that spins up in seconds, directly within GitHub, so you can start contributing to a project right away.”

Currently, GitHub Codespaces is in beta and available for free. The company hasn’t set any pricing for the service once it goes live, but Niyogi says the pricing will look similar to that of GitHub Actions, where it charges for computationally intensive tasks like builds. Microsoft currently charges VS Codespaces users by the hour and depending on the kind of virtual machine they are using.

The other major new feature the company is announcing today is GitHub Discussions. These are essentially discussion forums for a given project. While GitHub already allowed for some degree of conversation around code through issues and pull requests, Discussions are meant to enable unstructured threaded conversations. They also lend themselves to Q&As, and GitHub notes that they can be a good place for maintaining FAQs and other documents.

Currently, Discussions are in beta for open-source communities and will be available for other projects soon.

On the security front, GitHub is also announcing two new features: code scanning and secret scanning. Code scanning checks your code for potential security vulnerabilities. It’s powered by CodeQL and free for open-source projects. Secret scanning is now available for private repositories (a similar feature has been available for public projects since 2018). Both of these features are part of GitHub Advanced Security.

As for GitHub’s enterprise customers, the company today announced the launch of Private Instances, a new fully managed service for enterprise customers that want to use GitHub in the cloud but know that their code is fully isolated from the rest of the company’s users. “Private Instances provides enhanced security, compliance, and policy features including bring-your-own-key encryption, backup archiving, and compliance with regional data sovereignty requirements,” GitHub explains in today’s announcement.

Microsoft to open first data center in New Zealand as cloud usage grows

In spite of being in the midst of a pandemic sowing economic uncertainty, one area that continues to thrive is cloud computing. Perhaps that explains why Microsoft, which saw Azure grow 59% in its most recent earnings report, announced plans to open a new data center in New Zealand once it receives approval from the Overseas Investment Office.

“This significant investment in New Zealand’s digital infrastructure is a testament to the remarkable spirit of New Zealand’s innovation and reflects how we’re pushing the boundaries of what is possible as a nation,” Vanessa Sorenson, general manager at Microsoft New Zealand said in a statement.

The company sees this project against the backdrop of accelerating digital transformation that we are seeing as the pandemic forces companies to move to the cloud more quickly with employees often spread out and unable to work in offices around the world.

As CEO Satya Nadella noted on Twitter, this should help companies in New Zealand that are in the midst of this transformation. “Now more than ever, we’re seeing the power of digital transformation, and today we’re announcing a new datacenter region in New Zealand to help every organization in the country build their own digital capability,” Nadella tweeted.

The company wants to do more than simply build a data center. It will make this part of a broader investment across the country, including skills training and reducing the environmental footprint of the data center.

Once New Zealand comes on board, the company will boast 60 regions covering 140 countries around the world. The new data center won’t just be about Azure, either. It will help fuel usage of Office 365 and the Dynamics 365 back-office products, as well.

Confluent introduces scale on demand for Apache Kafka cloud customers

We find ourselves in a time when certain businesses are being asked to scale to levels they never imagined. Sometimes that increased usage comes in bursts, which means you don’t want to pay for permanent extra capacity you might not always need. Today, Confluent introduced a new scale-on-demand feature for its Apache Kafka cloud service that will scale up and down as needed, automatically.

Confluent CEO Jay Kreps says that elasticity is arguably one of the most important features of cloud computing, and this ability to scale up and down is one of the primary factors that has attracted organizations to the cloud. By automating that capability, they give DevOps one less major thing to worry about.

“This new functionality allows users to dynamically scale Kafka and the other key ecosystem components like KSQL and Kafka Connect. This is a key missing capability that no other service provides,” Kreps explained.

He points out that this is particularly relevant right now with people working at home. Systems are being taxed more than perhaps ever before, and this automated elasticity is going to come in handy, making it more cost-effective and efficient than was previously possible.

“These capabilities let customers add capacity as they need it, or scale down to save money, all without having to pre-plan in advance,” he said.

The new elasticity feature in Confluent is part of a series of updates to the platform, known as Project Metamorphosis, that Confluent is planning to roll out throughout this year on a regular basis.

“Through the rest of the year we’ll be doing a sequence of releases that bring the capabilities of modern cloud data systems to the Kafka ecosystem in Confluent Cloud. We’ll be announcing one major capability each month, starting with elasticity,” he said.

Kreps first announced Metamorphosis last month when the company also announced a massive $250 million funding round on a $4.5 billion valuation. In spite of the current economic situation, driven by the ongoing pandemic, Confluent plans to continue to build out the product, as today’s announcement attests.

Equinix just recorded its 69th straight positive quarter

There’s something to be said for consistency through good times and bad, and one company that has had a staggeringly consistent track record is international data center vendor, Equinix. It just recorded its 69th straight positive quarter, according to the company.

That’s an astonishing record, and covers over 17 years of positive returns. That means this streak goes back to 2003. Not too shabby.

The company had a decent quarter, too. Even in the middle of an economic mess, it was still up 6% YoY to $1.445 billion and up 2% over last quarter. The company runs data centers where companies can rent space for their servers. Equinix handles all of the infrastructure providing racks, wiring and cooling — and customers can purchase as many racks as they need.

If you’re managing your own servers for even part of your workload, it can be much more cost-effective to rent space from a vendor like Equinix than trying to run a facility on your own.

Among its new customers this quarter are Zoom, which is buying capacity all over the place, having also announced a partnership with Oracle earlier this month, and TikTok. Both of those companies deal in video and require lots of different types of resources to keep things running.

This report comes against a backdrop of a huge increase in resource demand for certain sectors like streaming video and video conferencing, with millions of people working and studying at home or looking for distractions.

And if you’re wondering if they can keep it going, they believe they can. Their guidance calls for 2020 revenue of $5.877-$5.985 billion, a 6-8% increase over the previous year.

You could call them the anti-IBM. At one point Big Blue recorded 22 straight quarters of declining revenue in an ignominious streak that stretched from 2012 to 2018 before it found a way to stop the bleeding.

When you consider that Equnix’s streak includes the period of 2008-2010, the last time the economy hit the skids, it makes the record even more impressive, and certainly one worth pointing out.

Enterprise companies find MLOps critical for reliability and performance

Enterprise startups UIPath and Scale have drawn huge attention in recent years from companies looking to automate workflows, from RPA (robotic process automation) to data labeling.

What’s been overlooked in the wake of such workflow-specific tools has been the base class of products that enterprises are using to build the core of their machine learning (ML) workflows, and the shift in focus toward automating the deployment and governance aspects of the ML workflow.

That’s where MLOps comes in, and its popularity has been fueled by the rise of core ML workflow platforms such as Boston-based DataRobot. The company has raised more than $430 million and reached a $1 billion valuation this past fall serving this very need for enterprise customers. DataRobot’s vision has been simple: enabling a range of users within enterprises, from business and IT users to data scientists, to gather data and build, test and deploy ML models quickly.

Founded in 2012, the company has quietly amassed a customer base that boasts more than a third of the Fortune 50, with triple-digit yearly growth since 2015. DataRobot’s top four industries include finance, retail, healthcare and insurance; its customers have deployed over 1.7 billion models through DataRobot’s platform. The company is not alone, with competitors like H20.ai, which raised a $72.5 million Series D led by Goldman Sachs last August, offering a similar platform.

Why the excitement? As artificial intelligence pushed into the enterprise, the first step was to go from data to a working ML model, which started with data scientists doing this manually, but today is increasingly automated and has become known as “auto ML.” An auto-ML platform like DataRobot’s can let an enterprise user quickly auto-select features based on their data and auto-generate a number of models to see which ones work best.

As auto ML became more popular, improving the deployment phase of the ML workflow has become critical for reliability and performance — and so enters MLOps. It’s quite similar to the way that DevOps has improved the deployment of source code for applications. Companies such as DataRobot and H20.ai, along with other startups and the major cloud providers, are intensifying their efforts on providing MLOps solutions for customers.

We sat down with DataRobot’s team to understand how their platform has been helping enterprises build auto-ML workflows, what MLOps is all about and what’s been driving customers to adopt MLOps practices now.

The rise of MLOps

Dtex, a specialist in insider threat cybersecurity, raises $17.5M

A lot of enterprise cybersecurity efforts focus on malicious hackers that work on behalf of larger organizations, be they criminal groups or state actors — and for good reason, since the majority of incidents these days come from phishing and other malicious techniques that originate outside the enterprise itself.

But there has also been a persistent, and now growing, focus also on “insider threats” — that is, breaches that start from within organizations themselves. And today a startup that specialises in this area is announcing a round of growth funding to expand its reach.

Dtex, which uses machine learning to monitor network activity within the perimeter and around all endpoints to detect unusual patterns or behaviour around passwords, data movement and other network activities, is today announcing that it has raised $17.5 million in funding.

The round is being led by new investor Northgate Capital with Norwest Venture Partners and Four Rivers Group, both previous investors, also participating. Prior to this, the San Jose-based startup had raised $57.5 million, according to data from PitchBook, while CrunchBase puts the total raised at $40 million.

CEO Bahman Mahbod said the startup is not disclosing valuation except to say that it’s “very excited” about it.

For some context, the company works with hundreds of large enterprises, primarily in the financial, critical infrastructure, government and defence sectors. The plan is to now extend further into newer verticals where it’s started to see more activity more recently: pharmaceuticals, life sciences and manufacturing. Dtex says that over the past 12 months, 80% of its top customers have been increasing their level of engagement with the startup.

Dtex’s focus on “insider” threats sounds slightly sinister at first. Is the implication here that people are more dishonest and nefarious these days and thus need to be policed and monitored much more closely for wrongdoing? The answer is no. There are no more dishonest people today than there ever have been, but there are a lot more opportunities to make mistakes that result in security breaches.

The working world has been on a long-term trend of becoming increasingly digitised in all of its interactions, and bringing on a lot more devices onto those networks. Across both “knowledge” and front-line workers, we now have a vastly larger number of devices being used to help workers do their jobs or just keep in touch with the company as they work, with many of them being brought by the workers themselves rather than being provisioned by the companies. There has also been a huge increase in cloud services,

And in the realm of “knowledge” workers, we’re seeing a lot more remote or peripatetic working, where people don’t have fixed desks and often work outside the office altogether — something that has skyrocketed in recent times with stay-at-home orders put in place to mitigate the spread of COVID-19 cases.

All of this translates into a much wider threat “horizon” within organizations themselves, before even considering the sophistication of external malicious hackers.

And the current state of business has exacerbated that. Mahbod tells us that Dtex is currently seeing spikes in unusual activity from the rise in home workers, who sometimes circumvent VPNs and other security controls, thus committing policy violations; as well as more problems arising from the fact that home networks have been compromised and that is leaving work networks, accessed from home, more vulnerable. These started, he said, with COVID-19 phishing attacks but have progressed to undetected malware from drive-by downloads.

And, inevitably, he added that there has been a rise in intentional data theft and accidental loss arising in cases where organizations have had to lay people off or run a round of furloughs, but might still result from negligence rather than intentional actions.

There are a number of other cybersecurity companies that provide ways to detect insider threats — they include CloudKnox and Obsidian Security, along with a number of larger and established vendors. But Mabhod says that Dtex “is the only company with ‘next-generation’ capabilities that are cloud-first, AI/ML baked-in, and enterprise scalable to millions of users and devices, which it sells as DMAP+.

“Effectively, Next-Gen Insider Threat solutions must replace legacy Insider Threat point solutions which were borne out of the UAM, DLP and UEBA spaces,” he said.

Those providing legacy approaches of that kind include Forcepoint with its SureView product and Proofpoint with its ObserveIT product. Interestingly, CyberX, which is currently in the process of getting acquired by Microsoft (according to reports and also our sources), also includes insider threats in its services.

This is one reason why investors have been interested.

“Dtex has built a highly scalable platform that utilizes a cloud-first, lightweight endpoint architecture, offering clients a number of use cases including insider threat prevention and business operations intelligence,” said Thorsten Claus, partner, Northgate Capital, in a statement. Northgate has a long list of enterprise startups in its portfolio that represent potential customers but also a track record of experience in assessing the problem at hand and building products to address it. “With Dtex, we have found a fast-growing, long-term, investible operation that is not just a band-aid collection of tools, which would be short-lived and replaced.”

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Fresenius, Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues.

Based in Germany, the Fresenius Group includes four independent businesses: Fresenius Medical Care, a leading provider of care to those suffering from kidney failure; Fresenius Helios, Europe’s largest private hospital operator (according to the company’s Web site); Fresenius Kabi, which supplies pharmaceutical drugs and medical devices; and Fresenius Vamed, which manages healthcare facilities.

Overall, Fresenius employs nearly 300,000 people across more than 100 countries, and is ranked 258th on the Forbes Global 2000. The company provides products and services for dialysis, hospitals, and inpatient and outpatient care, with nearly 40 percent of the market share for dialysis in the United States. This is worrisome because COVID-19 causes many patients to experience kidney failure, which has led to a shortage of dialysis machines and supplies.

On Tuesday, a KrebsOnSecurity reader who asked to remain anonymous said a relative working for Fresenius Kabi’s U.S. operations reported that computers in his company’s building had been roped off, and that a cyber attack had affected every part of the company’s operations around the globe.

The reader said the apparent culprit was the Snake ransomware, a relatively new strain first detailed earlier this year that is being used to shake down large businesses, holding their IT systems and data hostage in exchange for payment in a digital currency such as bitcoin.

Fresenius spokesperson Matt Kuhn confirmed the company was struggling with a computer virus outbreak.

“I can confirm that Fresenius’ IT security detected a computer virus on company computers,” Kuhn said in a written statement shared with KrebsOnSecurity. “As a precautionary measure in accordance with our security protocol drawn up for such cases, steps have been taken to prevent further spread. We have also informed the relevant investigating authorities and while some functions within the company are currently limited, patient care continues. Our IT experts are continuing to work on solving the problem as quickly as possible and ensuring that operations run as smoothly as possible.”

The assault on Fresenius comes amid increasingly targeted attacks against healthcare providers on the front lines of responding to the COVID-19 pandemic. In April, the international police organization INTERPOL warned it “has detected a significant increase in the number of attempted ransomware attacks against key organizations and infrastructure engaged in the virus response. Cybercriminals are using ransomware to hold hospitals and medical services digitally hostage, preventing them from accessing vital files and systems until a ransom is paid.

On Tuesday, the Department of Homeland Security‘s Cybersecurity and Infrastructure Security Agency (CISA) issued an alert along with the U.K.’s National Cyber Security Centre warning that so-called “advanced persistent threat” groups — state-sponsored hacking teams — are actively targeting organizations involved in both national and international COVID-19 responses.

“APT actors frequently target organizations in order to collect bulk personal information, intellectual property, and intelligence that aligns with national priorities,” the alert reads. “The pandemic has likely raised additional interest for APT actors to gather information related to COVID-19. For example, actors may seek to obtain intelligence on national and international healthcare policy, or acquire sensitive data on COVID-19-related research.”

Once considered by many to be isolated extortion attacks, ransomware infestations have become de facto data breaches for many victim companies. That’s because some of the more active ransomware gangs have taken to downloading reams of data from targets before launching the ransomware inside their systems. Some or all of this data is then published on victim-shaming sites set up by the ransomware gangs as a way to pressure victim companies into paying up.

Security researchers say the Snake ransomware is somewhat unique in that it seeks to identify IT processes tied to enterprise management tools and large-scale industrial control systems (ICS), such as production and manufacturing networks.

While some ransomware groups targeting businesses have publicly pledged not to single out healthcare providers for the duration of the pandemic, attacks on medical care facilities have continued nonetheless. In late April, Parkview Medical Center in Pueblo, Colo. was hit in a ransomware attack that reportedly rendered inoperable the hospital’s system for storing patient information.

Fresenius declined to answer questions about specifics of the attack, saying it does not provide detailed information or comments on IT security matters. It remains unclear whether the company will pay a ransom demand to recover from the infection. But if it does so, it may not be the first time: According to my reader source, Fresenius paid $1.5 million to resolve a previous ransomware infection.

“This new attack is on a far greater scale, though,” the reader said.

Decrypted: Chegg’s third time unlucky, Okta’s new CSO, Rapid7 beefs up cloud security

Ransomware is getting sneakier and smarter.

The latest example comes from ExecuPharm, a little-known but major outsourced pharmaceutical company that confirmed it was hit by a new type of ransomware last month. The incursion not only encrypted the company’s network and files, hackers also exfiltrated vast amounts of data from the network. The company was handed a two-for-one threat: pay the ransom and get your files back or don’t pay and the hackers will post the files to the internet.

This new tactic is shifting how organizations think of ransomware attacks: it’s no longer just a data-recovery mission; it’s also now a data breach. Now companies are torn between taking the FBI’s advice of not paying the ransom or the fear their intellectual property (or other sensitive internal files) are published online.

Because millions are now working from home, the surface area for attackers to get in is far greater than it was, making the threat of ransomware higher than ever before.

That’s just one of the stories from the week. Here’s what else you need to know.


THE BIG PICTURE

Chegg hacked for the third time in three years

Education giant Chegg confirmed its third data breach in as many years. The latest break-in affected past and present staff after a hacker made off with 700 names and Social Security numbers. It’s a drop in the ocean when compared to the 40 million records stolen in 2018 and an undisclosed number of passwords taken in a breach at Thinkful, which Chegg had just acquired in 2019.

Those 700 names account for about half of its 1,400 full-time employees, per a filing with the Securities and Exchange Commission. But Chegg’s refusal to disclose further details about the breach — beyond a state-mandated notice to the California attorney general’s office — makes it tough to know exactly went wrong this time.

Nvidia acquires Cumulus Networks

Nvidia today announced its plans to acquire Cumulus Networks, an open-source-centric company that specializes in helping enterprises optimize their data center networking stack. Cumulus offers both its own Linux distribution for network switches, as well as tools for managing network operations. With Cumulus Express, the company also offers a hardware solution in the form of its own data center switch.

The two companies did not announce the price of the acquisition, but chances are we are talking about a considerable amount, given that Cumulus had raised $134 million since it was founded in 2010.

Mountain View-based Cumulus already had a previous partnership with Mellanox, which Nvidia acquired for $6.9 billion. That acquisition closed only a few days ago. As Mellanox’s Amit Katz notes in today’s announcement, the two companies first met in 2013, and they formed a first official partnership in 2016. Cumulus, it’s worth noting, was also an early player in the OpenStack ecosystem.

Having both Cumulus and Mellanox in its stable will give Nvidia virtually all the tools it needs to help enterprises and cloud providers build out their high-performance computing and AI workloads in their data centers. While you may mostly think about Nvidia because of its graphics cards, the company has a sizable data center group, which delivered close to $1 billion in revenue in the last quarter, up 43% from a year ago. In comparison, Nvidia’s revenue from gaming was just under $1.5 billion.

“With Cumulus, NVIDIA can innovate and optimize across the entire networking stack from chips and systems to software including analytics like Cumulus NetQ, delivering great performance and value to customers,” writes Katz. “This open networking platform is extensible and allows enterprise and cloud-scale data centers full control over their operations.”