RudderStack raises $5M seed round for its open-source Segment competitor

RudderStack, a startup that offers an open-source alternative to customer data management platforms like Segment, today announced that it has raised a $5 million seed round led by S28 Capital. Salil Deshpande of Uncorrelated Ventures and Mesosphere/D2iQ co-founder Florian Leibert (through 468 Capital) also participated in this round.

In addition, the company also today announced that it has acquired Blendo, an integration platform that helps businesses transform and move data from their data sources to databases.

Like its larger competitors, RudderStack helps businesses consolidate all of their customer data, which is now typically generated and managed in multiple places — and then extract value from this more holistic view. The company was founded by Soumyadeb Mitra, who has a Ph.D. in database systems and worked on similar problems previously when he was at 8×8 after his previous startup, MairinaIQ, was acquired by that company.

Mitra argues that RudderStack is different from its competitors thanks to its focus on developers, its privacy and security options and its focus on being a data warehouse first, without creating yet another data silo.

“Our competitors provide tools for analytics, audience segmentation, etc. on top of the data they keep,” he said. “That works well if you are a small startup, but larger enterprises have a ton of other data sources — at 8×8 we had our own internal billing system, for example — and you want to combine this internal data with the event stream data — that you collect via RudderStack or competitors — to create a 360-degree view of the customer and act on that. This becomes very difficult with the SaaS-hosted data model of our competitors — you won’t be sending all your internal data to these cloud vendors.”

Part of its appeal, of course, is the open-source nature of RudderStack, whose GitHub repository now has more than 1,700 stars for the main RudderStack server. Mitra credits getting on the front page of HackerNews for its first sale. On that day, it received over 500 GitHub stars, a few thousand clones and a lot of signups for its hosted app. “One of those signups turned out to be our first paid customer. They were already a competitor’s customer, but it wasn’t scaling up so were looking to build something in-house. That’s when they found us and started working with us,” he said.

Because it is open source, companies can run RudderStack anyway they want, but like most similar open-source companies, RudderStack offers multiple hosting options itself, too, that include cloud hosting, starting at $2,000 per month, with unlimited sources and destination.

Current users include IFTTT, Mattermost, MarineTraffic, Torpedo and Wynn Las Vegas.

As for the Blendo acquisition, it’s worth noting that the company only raised a small amount of money in its seed round. The two companies did not disclose the price of the acquisition.

“With Blendo, I had the opportunity to be part of a great team that executed on the vision of turning any company into a data-driven organization,” said Blendo founder Kostas Pardalis, who has joined RudderStack as head of Growth. “We’ve combined the talented Blendo and RudderStack teams together with the technology that both companies have created, at a time when the customer data market is ripe for the next wave of innovation. I’m excited to help drive RudderStack forward.”

Mitra tells me that RudderStack acquired Blendo instead of building its own version of this technology because “it is not a trivial technology to build — cloud sources are really complicated and have weird schemas and API challenges and it would have taken us a lot of time to figure it out. There are independent large companies doing the ETL piece.”

Docker expands relationship with Microsoft to ease developer experience across platforms

When Docker sold off its enterprise division to Mirantis last fall, that didn’t mark the end of the company. In fact, Docker still exists and has refocused as a cloud-native developer tools vendor. Today it announced an expanded partnership with Microsoft around simplifying running Docker containers in Azure.

As its new mission suggests, it involves tighter integration between Docker and a couple of Azure developer tools including Visual Studio Code and Azure Container Instances (ACI). According to Docker, it can take developers hours or even days to set up their containerized environment across the two sets of tools.

The idea of the integration is to make it easier, faster and more efficient to include Docker containers when developing applications with the Microsoft tool set. Docker CEO Scott Johnston says it’s a matter of giving developers a better experience.

“Extending our strategic relationship with Microsoft will further reduce the complexity of building, sharing and running cloud-native, microservices-based applications for developers. Docker and VS Code are two of the most beloved developer tools and we are proud to bring them together to deliver a better experience for developers building container-based apps for Azure Container Instances,” Johnston said in a statement.

Among the features they are announcing is the ability to log into Azure directly from the Docker command line interface, a big simplification that reduces going back and forth between the two sets of tools. What’s more, developers can set up a Microsoft ACI environment complete with a set of configuration defaults. Developers will also be able to switch easily between their local desktop instance and the cloud to run applications.

These and other integrations are designed to make it easier for Azure and Docker common users to work in in the Microsoft cloud service without having to jump through a lot of extra hoops to do it.

It’s worth noting that these integrations are starting in Beta, but the company promises they should be released some time in the second half of this year.

Verizon CEO Hans Vestberg shares his COVID-19 strategy and tactics

This week, Verizon Communications CEO Hans Vestberg joined us for an episode of Extra Crunch Live.

Vestberg is leading the company through the midst of one its biggest rollouts to date with the push into 5G connectivity. In our discussion, he spoke about how he’s managing the organization during this global crisis, his thoughts on work from home and acquisition strategy, and the ways in which 5G will change the way we work and live.

(Disclosure: Verizon Communications is TechCrunch’s parent company.)

Extra Crunch members can check out a partial transcript of the conversation (edited for length and clarity) or watch it in its entirety via YouTube video below.


Extra Crunch Live features some of the brightest minds in tech and VC, including Aileen Lee, Roelof Botha, Kirsten Green and Mark Cuban. Upcoming episodes will include Aaron Levie from Box, GGV’s Hans Tung and Jeff Richards, Eventbrite’s Julia Hartz and others. Extra Crunch members can submit questions to speakers in real time, so please sign up here if you haven’t already.


His initial reaction to news of the lockdown

We’re a large company with 135,000 employees in 70 different countries around the globe. So, of course, we had an early warning when it started actually in Asia. We have employees in Asia, so we got the feeling that this could be really serious. It was early in the first week of February, we moved to the highest emergency or crisis level in the company. That means that we go to a certain crisis mode on how we organized and how we galvanized the company.

That’s usually put into place every time there is a big national disaster because you need to split between people taking care of the crisis and people taking care of running the business. So we were very early on with that. In the beginning of February, we started the emergency crisis operations center that was taking care of employee questions and prioritization of important things. At the same time, we continued to run the business. That was the first thing we did very early on.

Upcoming Extra Crunch Live episodes include discussions with Aaron Levie from Box, GGV’s Hans Tung and Jeff Richards, and Eventbrite’s Julia Hartz.

The other thing we did very early on is that we understood that this was something unprecedented. I mean, you have been in crisis before. I mean, I’ve been in the telecom crisis, and we’ve been in the banking crisis when everything just went boom. This is something totally different. You cannot use any of your historical experience when it comes to this pandemic, which actually impacts each and every one of us when it comes to health. So I was honest, and thought that they’re going to be a lot of questions. We decided very early on to run our noon live webcast to our employees. We are on our… I think it’s the 11th week, where at noon every day, we run the webcast for all our employees. That was two of the first things we did.

We didn’t think we were going to run for 11 weeks on the new live webcast, but we have done it because we see there’s a very good tool to communicate with all our employees.

Wasabi announces $30M Series B as cloud storage business continues to grow

We may be in the thick of a pandemic with all of the economic fallout that comes from that, but certain aspects of technology don’t change no matter the external factors. Storage is one of them. In fact, we are generating more digital stuff than ever, and Wasabi, a Boston-based startup that has figured out a way to drive down the cost of cloud storage is benefiting from that.

Today it announced a $30 million Series B led led by Forestay Capital, the technology innovation arm of Waypoint Capital with help from previous investors. As with the previous round, Wasabi is going with home office investors, rather than traditional venture capital firms. Today’s round brings the total raised to $110 million, according to the company.

While founder and CEO David Friend wouldn’t discuss the specific valuation, he did say it was in the hundreds of millions of dollars.

Friend says the company needs the funds to keep up with the rapid growth. “We’ve got about 15,000 customers today, hundreds of petabytes of storage, 2500 channel partners, 250 technology partners — so we’ve been busy,” he said.

He says that revenue continues to grow in spite of the impact of COVID-19 on other parts of the economy. “Revenue grew 5x last year. It’ll probably grow 3.5x this year. We haven’t seen any real slowdown from the Coronavirus. Quarter over quarter growth will be in excess of 40% — this quarter over Q1 — so it’s just continuing on a torrid pace,” he said.

The challenge for a company like Wasabi, which is looking to capture a large chunk of the growing cloud storage market is the infrastructure piece. It needs to keep building more to meet increasing demand, while keeping costs down, which remains its primary value proposition with customers.

The money will be used mostly to continue to expand its growing infrastructure requirements. The more they store, the more data centers they need and that takes money. It will also help the company expand into new markets where countries have data sovereignty laws that require data to be stored in-country.

The company launched in 2015. It previously raised $68 million in 2018.

Note: This article originally stated this was a debt financing round. The company has clarified that it is an equity round.

7 Common Ways Ransomware Can Infect Your Organization

Understanding how ransomware infects a device and spreads across a network is crucial to ensuring that your organization does not become the next victim of an attack. As recent trends have shown, the danger of losing access to your data, devices and services is compounded by threat actors that are now exfiltrating data and threatening to leak it on public sites if victims don’t pay up. Ransomware operators have become wise to the threat to their business model from their own success: increased public attention of the ransomware threat has pushed (at least some) businesses to invest in backup and recovery. But those techniques become redundant when the perpetrators are holding your most sensitive customer and corporate data over your head.

Post infection, ransomware can spread to other machines or encrypt shared filers in the organization’s network. In some cases, it can spread across organizational boundaries to infect supply chains, customers and other organizations, and indeed, some malware campaigns have specifically targeted MSPs. The real answer to ransomware lies in prevention rather than cure. So just how does this devastating malware commonly infect devices?

1. Breaches Through Phishing & Social Engineering

Still the most common method for hackers to initially infect an endpoint with ransomware is through phishing emails. Increasingly targeted, personalised and specific information is used to craft emails to gain trust and trick potential victims into opening attachments or clicking on links to download malicious PDF and other document files. These can look indistinguishable to normal files, and attackers may take advantage of a default Windows configuration that hides the file’s true extension. For example, an attachment may appear to be called ‘filename.pdf’, but revealing the full extension shows it to be an executable, ‘filename.pdf.exe’.

Files can take the form of standard formats like MS Office attachments, PDF files or JavaScript. Clicking on these files or enabling macros allows the file to execute, starting the process of encrypting data on the victim’s machine.

2. Infection via Compromised Websites

Not all ransomware attacks have to be packaged in a maliciously-crafted email. Compromised websites are easy places to insert malicious code. All it takes is for an unsuspecting victim to visit the site, perhaps one they frequent often. The compromised site then reroutes to a page that prompts the user to download a newer version of some software, such as the web browser, plugin, or media player.

Web redirections like this are particularly difficult for users to spot without digging into the code underneath every site they visit.

If the site has been primed to deliver ransomware, the malware could be either activated directly or more commonly run an installer that downloads and drops the ransomware.

3. Malvertising & Breaching The Browser

If a user has an unpatched vulnerability in his or her browser, a malvertising attack can occur. Using common advertisements on websites, cybercriminals can insert malicious code that will download the ransomware once an advertisement is displayed. While this is a less common ransomware vector, it still poses a danger since it doesn’t require the victim to take any overt action such as downloading a file and enabling macros.

4. Exploit Kits That Deliver Custom Malware

Angler, Neutrino, and Nuclear are exploit kits that have been widely used in ransomware attacks. These frameworks are a type of malicious toolkit with pre-written exploits that target vulnerabilities in browser plugins like Java and Adobe Flash. Microsoft Internet Explorer and Microsoft Silverlight are also common targets. Ransomware like Locky and CryptoWall have been delivered through exploit kits on booby-trapped sites and through malvertising campaigns.

New Snake Ransomware Adds Itself to the Increasing Collection of Golang Crimeware
The ransomware crime spree continues with threat actors increasingly turning to Golang as their language of choice. New entrant Snake is just the latest.

5. Infected Files and Application Downloads

Any file or application that can be downloaded can also be used for ransomware. Cracked software on illegal file-sharing sites are ripe for compromise, and such software is as often as not laden with malware. Recent cases of MBRLocker, for example, took this route. There is also potential for hackers to exploit legitimate websites to deliver an infected executable. All it takes is for the victim to download the file or application and then the ransomware is injected.

6. Messaging Applications As Infection Vectors

Through messaging apps like WhatsApp and Facebook Messenger, ransomware can be disguised as scalable vector graphics (SVG) to load a file that bypasses traditional extension filters. Since SVG is based on XML, cybercriminals are able to embed any kind of content they please. Once accessed, the infected image file directs victims to a seemingly legitimate site. After loading, the victim is prompted to accept an install, which if completed distributes the payload and goes on to the victim’s contacts to continue the impact.

7. Brute Force Through RDP

Attackers use ransomware like SamSam to directly compromise endpoints using a brute force attack through Internet-facing Remote Desktop Protocol (RDP) servers. RDP enables IT admins to access and control a user’s device remotely, but this also presents an opportunity for attackers to exploit it for malicious purposes.

Hackers can search for vulnerable machines using tools like Shodan and port scanners like Nmap and Zenmap. Once target machines are identified, attackers may gain access by brute-forcing the password to log on as an administrator. A combination of default or weak password credentials and open source password-cracking tools such as Aircrack-ng, John The Ripper, and DaveGrohl help achieve this objective. Once logged on as a trusted admin, attackers have full command of the machine and are able to drop ransomware and encrypt data. They may also be able to disable endpoint protection, delete backups to increase likelihood of payment or pivot to achieve other objectives.

Conclusion

Ransomware continues to evolve, with ransomware-as-a-service now growing in popularity. Malware authors sell custom-built ransomware to cybercriminals in exchange for a percentage of the profit. The buyer of the service decides on the targets and the delivery methods. This division of labor and risk is leading to increasingly targeted malware, innovation in delivery methods and ultimately a higher frequency of ransomware attacks.

Along with the threat of extortion through data leakage, these recent trends make it vital for organizations to invest in securing endpoints and networks and preventing breaches from occurring in the first place through AI-powered behavioral detection engines that do not rely on reputation nor rely on cloud-connectivity. If you would like to see how SentinelOne can help protect your business from ransomware and other threats, contact us today or request a free demo.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Baton raises $10M Series A to organize post-sale implementation

Baton, an early-stage startup that wants to help customers organize the post-sales implementation process, emerged from stealth today with a $10 million Series A investment.

Activant Capital led the round, with help from Global Founders Capital and Hybris founder Carsten Thoma.

Like so many startups, the idea for Baton stemmed from a pain point that founder and CEO Alex Krug experienced first hand. He was and executive at Behance, which was later sold to Adobe, and he saw that there were tools to organize your customers and get you through the sale, but there was something distinctly lacking when it came to implementation post-sale.

Krug said that most companies hacked together a solution consisting of general project management tools, spreadsheets and email, but what was missing was a dedicated platform to help with this part of the process. He put his team to work to build it.

“We reconfigured a lot of the team that I worked with at Behance and Adobe and really started to build a platform around optimizing the implementation, what happens in between your presale and post-sale and how customers get on boarded through a platform,” Krug told TechCrunch.

He says where project management tends to be internally focused, Baton is designed to bring all the parties — from vendor to client to systems integrator — together in one tool, so everyone knows their responsibilities and targets.

While Krug understands that this may not be an optimal time to launch a startup out of stealth, in the middle of a pandemic and corresponding economic crisis, he still sees a real need for a tool like Baton.

“This era of top line growth is gone. Efficient growth is here to stay and Baton really optimizes processes and standardizes a toolset that allows you to grow efficiently from your fifth customer to your thousandth customer, whereas previous iterations of implementation have been these static spreadsheets and chasing people for manual updates.”

He believes his company is offering a reasonable alternative to that, as does his lead investor Peter McCoy at Activant Capital. “The best SaaS companies are built off of product-led growth, that can be network effects, novel go-to-market strategies or some other distribution advantage. The problem I kept seeing was even companies that had one or a couple of these attributes created operational debt, when they bloated up their services teams to keep up with top line growth. The need for a platform like Baton was super clear to me,” McCoy said in a statement.

Beginning today, the company will set forth on its startup journey as it attempts to carve out a market in difficult times, and help customers with this crucial part of the selling cycle.

Extra Crunch Live: Join Verizon CEO Hans Vestberg for a live Q&A right now

As the leader of a publicly traded corporation with 135,000 employees, Verizon Communications CEO Hans Vestberg has a unique perspective on the state of the world.

When he appears today on Extra Crunch Live, our virtual speaker series for Extra Crunch members, we’ll ask him about this extraordinary moment in history and his plans for seeing the company through a black swan event that’s reshaping the global economy.

The discussion starts at 2 p.m. EDT/11 a.m. PDT/9 p.m. GMT. You can find the full details below.

Vestberg served as president and CEO at Ericsson for six years and joined Verizon as its CTO and president of Global Networks in 2017 before stepping into the CEO role a little more than a year later. (Disclosure: TechCrunch is owned by Verizon).

We’ll talk to Vestberg about his tactics for managing a company at scale through a crisis and will check in on the company’s 5G rollout, a platform inflection point that should change the landscape for founders and entrepreneurs. Verizon recently acquired BlueJeans, which competes directly with Zoom and WebEx, so we’ll also ask Vestberg about the company’s forward-looking investment strategy.

Extra Crunch members are encouraged to ask their own questions during the Zoom call, so please come prepared. If you’re not already a member, sign up on the cheap right here.

You can also check out the full Extra Crunch Live schedule here.

See you soon!

Kentik raises $23.5M for its network intelligence platform

Kentik, the company once known as CloudHelix, today announced that it has raised a $23.5 million growth funding round led by Vistara Capital Partners, with existing investors August Capital, Third Point Ventures, DCVC, and Tahoma Ventures also participating. With this round, Kentik has now raised a total of $61.7 million.

The company’s platform allows enterprises to monitor their networks, no matter whether that’s over the Internet, inside their own data centers or in public clouds.

“The world has become even more internet-centric, and we are seeing growth in traffic levels, product engagement, and revenue across both our enterprise and service provider customers,” said Avi Freedman, the co-founder and CEO of Kentik when I asked him why he was raising a round now. “We’ve seen an increased pace of adoption of the kind of hybrid and internet-centric architectures that Kentik is built for and thought it was a great time to increase investment, especially in product, as well as go-to-market and partner expansion to support market demand.”

Freedman says the company has been growing 100% compounded year-over-year since it launched in 2015 and now has customers in 25 countries. These include leading enterprises, SaaS companies, content providers, gaming companies, content providers, and cloud and communication service providers, he tells me. Current customers include the likes of IBM, Zoom, Dropbox, eBay, Cisco and GoDaddy.

The company says it will use the new funding to invest in its product and for go-to-market investments.

One notable fact about this new round is that it is a combination of equity and growth debt. Why growth debt? “Growth debt is an attractive option for startups with the right scale and strong unit economics, especially with the changes to capital markets in response to current economic conditions,” said Freedman. “Another element that makes long-term debt attractive is that unlike equity financing, long-term debt limits dilution for everyone, but especially benefits our employees who hold common stock.” That, it’s worth noting, is also something that lead investor Vistara Capital has made one of the core tenants of its investment philosophy. “Since Kentik is now at a scale where we have enough data on the business fundamentals to be able to make growth investments using debt while still being able to repay it over time, it made sense to us and our investors,” noted Freedman.

Census raises $4.3M seed to put product info in cloud data warehouses to work

Companies spend inordinate amounts of time and money building data warehouses and moving data from enterprise applications. But once they get the data in, how do they get specific information like product data back out and distribute it to business operations, who can use it to better understand customers? That’s where Census comes in. It builds a layer on top of the data warehouse that makes it easy for the data team to distribute product data it where it’s needed.

The company announced a $4.3 million seed today, although it closed last year while they were still building the product. That round was led by Andreessen Horowitz with help from SV Angel and a number of angel investors.

Census CEO Boris Jabes says the company was founded to solve this problem of data distribution from a cloud data warehouse. He says for starters they are concentrating on product data.

“The product is designed to sync data directly from cloud data warehouses like Snowflake, BigQuery and Redshift […] and the main reason we did that was people really needed to get access to this kind of product data and all this data that’s locked in all their systems and take advantage of it,” Jabes explained.

He says that the first step is to make the product data sitting in the data warehouse actionable for the organization. They are working with data teams at early customers to remove the complexity of getting that data out of the warehouse and putting it to work in a more automated fashion.

They do this by creating a unified schema that sits on top of the data in the warehouse and makes it easier to distribute it to the teams that need it inside the organization. It essentially acts as a middleware layer on top of the warehouse that you can take advantage of without having to write code to decide where data might be most useful.

David Ulevitch, who led the investment at a16z says that removing this manual part of the process is highly valuable. “For years, organizations have had to do the frustrating task of manually syncing data between dozens of apps. This friction is especially painful now that data has become critical to every team in a business, from product to sales. Census sets a new standard for how product-led SaaS companies can operationalize data,” he said in a statement.

Jabes understands these are difficult times for every business, and especially an early stage startup, but he says they are focusing on an aspect of the business that potential customers need.

“We’ve seen companies actually spending time trying to tackle some of these data problems […] so I’m still optimistic,” he says.

Toro snags $4M seed investment to monitor data quality

Toro’s founders started at Uber helping monitor the data quality in the company’s vast data catalogs, and they wanted to put that experience to work for a more general audience. Today, the company announced a $4 million seed round.

The round was co-led by Costanoa Ventures and Point72 Ventures with help from a number of individual investors.

Company co-founder and CEO Kyle Kirwin says the startup wanted to bring the kind of automated monitoring we have in applications performance monitoring products to data. Instead of getting an alert when the application is performing poorly, you would get an alert that there is an issue with the data.

“We’re building a monitoring platform that helps data teams find problems in their data content before that gets into dashboards and machine learning models and other places where problems in the data could cause a lot of damage,” Kirwin told TechCrunch.

When it comes to data, there are specific kinds of issues a product like Toro would be looking at. It might be a figure that falls outside of a specific dollar range that could be indicative of fraud, or it could be simply a mistake in how the data was labeled that is different from previous ways that could break a model.

The founders learned the lessons they use to build Toro while working on the data team at Uber. They had helped build tools there to find these kinds of problems, but in a way that was highly specific to Uber. When they started Toro, they needed to build a more general purpose tool.

The product works by understanding what it’s looking at in terms of data, and what the normal thresholds are for a particular type of data. Anything that falls outside of the threshold for a particular data point would trigger an alert, and the data team would need to go to work to fix the problem.

Casey Aylward, vice president at Costanoa Ventures likes the pedigree of this team and the problem it’s trying to solve. “Despite its importance, data quality has remained a challenge for many enterprise companies,” he said in a statement. He added, “[The co-founders] deep experience building several of Uber’s internal data tools makes them uniquely qualified to build the best solution.”

The company has been at this for just over a year and have been keeping it lean with 4 employees including the two co-founders, but they do have plans to add a couple of data scientists in the coming year as they continue to build out the product.