Google Cloud Anthos update brings support for on-prem, bare metal

When Google announced Anthos last year at Google Cloud Next, it was a pretty big deal. Here was a cloud company releasing a product that purported to help you move your applications between cloud companies like AWS and Azure — GCP’s competitors — because it’s what customers demanded.

Google tapped into genuine anxiety that tech leaders at customer companies are having over vendor lock-in in the cloud. Back in the client-server days, most of these folks got locked into a tech stack where they were at the mercy of the vendor. It’s something companies desperately want to avoid this go-round.

With Anthos, Google claimed you could take an application, package it in a container and then move it freely between clouds without having to rewrite it for the underlying infrastructure. It was and remains a compelling idea.

This year, the company is updating the product to include a couple of specialty workloads that didn’t get into version 1.0 last year. For starters, many customers aren’t just multi-cloud, meaning they have workloads on various infrastructure cloud vendors, they are also hybrid. That means they still have workloads on-prem in their own data centers, as well as in the cloud, and Google wanted to provide a way to include these workloads in Anthos.

Pali Bhat, VP of product and design at Google Cloud, says they have heard customers still have plenty of applications on premises and they want a way to package them as containerized, cloud-native workloads.

“They do want to be able to bring all of the benefits of cloud to both their own data centers, but also to any cloud they choose to use. And what Anthos enables them to do is go on this journey of modernization and digital transformation and be able to take advantage of it by writing once and running it anywhere, and that’s a really cool vision,” Bhat said.

And while some companies have made the move from on prem to the cloud, they still want the comfort of working on bare metal where they are the only tenant. The cloud typically offers a multi-tenant environment where users share space on servers, but bare metal gives a customer the benefits of being in the cloud with the ability to control their own destiny as they do on prem.

Customers were asking for Anthos to support bare metal, and so Google gave the people what they wanted and are releasing a beta of Anthos for bare metal this week, which Bhat says provides the answer for companies looking to have the benefits of Anthos at the edge.

“[The bare metal support] lets customers run Anthos […] at edge locations without using any hypervisor. So this is a huge benefit for customers who are looking to minimize unnecessary overhead and unlock new use cases, especially both in the cloud and on the edge,” Bhat said.

Anthos is part of a broader cloud modernization platform that Google Cloud is offering customers that includes GKE (the Kubernetes engine), Cloud Functions (the serverless offering) and Cloud Run (container run time platform). Bhat says this set of products taps into a couple of trends they are seeing with customers. First of all, as we move deeper into the pandemic, companies are looking for ways to cut costs while making a faster push to the cloud. The second is taking advantage of that push by becoming more agile and innovative.

It seems to be working. Bhat reports that in Q2, the company has seen a lot of interest. “One of the things in Q2 of 2020 that we’ve seen is that just Q2, over 100,000 companies used our application modernization platform and services,” he said.

MIT CSAIL grad launches machine learning platform with $10M Series A

Manasi Vartak, founder and CEO of Verta, conceived of the idea of the open-source project ModelDB database as a way to track versions of machine models while she was still in grad school at MIT. After she graduated, she decided to expand on that vision to build a product that could not only track model versions, but provide a way to operationalize them — and Verta was born.

Today, that company emerged from stealth with a $10 million Series A led by Intel Capital with participation from General Catalyst, which also led the company’s $1.7 million seed round.

Beyond providing a place to track model versioning, which ModelDB gave users, Vartak wanted to build a platform for data scientists to deploy those models into production, which has been difficult to do for many companies. She also wanted to make sure that once in production, they were still accurately reflecting the current data and not working with yesterday’s playbook.

“Verta can track if models are still valid and send out alarms when model performance changes unexpectedly,” the company explained.

Verta interface

Image Credits: Verta

Vartak says having that open-source project helped sell the company to investors early on, and acts as a way to attract possible customers now. “So for our seed round, it was definitely different because I was raising as a solo founder, a first-time founder right out of school, and that’s where having the open-source project was a huge win,” she said.

Certainly Mark Rostick, VP and senior managing director at lead investor Intel Capital, recognized that Verta was trying to solve a fundamental problem around machine learning model production. “Verta is addressing one of the key challenges companies face when adopting AI — bridging the gap between data scientists and developers to accelerate the deployment of machine learning models,” Rostick said.

While Vartak wasn’t ready to talk about how many customers she has just yet at this early stage of the company, she did say there were companies using the platform and getting models into production much faster.

Today, the company has 9 employees, and even at this early stage, she is taking diversity very seriously. In fact, her current employee makeup includes four Indian, three Caucasian, one Latino and one Asian, for a highly diverse mix. Her goal is to continue on this path as she builds the company. She is looking at getting to 15 employees this year, then doubling that by next year.

One thing Vartak also wants to do is have a 50/50 gender split, something she was able to achieve while at MIT in her various projects, and she wants to carry on with her company. She is also working with a third party, Sweat Equity Ventures, to help with recruiting diverse candidates.

She says that she likes to work iteratively to build the platform, while experimenting with new features, even with her small team. Right now, that involves interoperability with different machine learning tools out there like Amazon SageMaker or Kubeflow, the open-source machine learning pipeline tool.

“We realized that we need to meet customers where they are at their level of maturity. So we focused a lot the last couple of quarters on building a system that was interoperable so you can pick and choose the components kind of like Lego blocks and have a system that works end to end seamlessly.”

Cisco acquiring BabbleLabs to filter out the lawn mower screeching during your video conference

We’ve all been in a video conference, especially this year, when the neighbor started mowing the lawn or kids were playing outside your window — and it can get pretty loud. Cisco, which owns the WebEx video conferencing service, wants to do something about that, and late yesterday it announced it was going to acquire BabbleLabs, a startup that can help filter out background noise.

BabbleLabs has a very particular set of skills. It uses artificial intelligence to enhance the speaking voice, while filtering out those unwanted background noises that seem to occur whenever you happen to be in a meeting.

Interestingly enough, Cisco also sees this as a kind of privacy play by removing background conversation. Jeetu Patel, senior vice president and general manager in the Cisco Security and Applications Business Unit, says that this should go a long way toward improving the meeting experience for Cisco users.

“Their technology is going to provide our customers with yet another important innovation — automatically removing unwanted noise — to continue enabling exceptional Webex meeting experiences,” Patel, who was at Box for many years before joining Cisco, recently said in a statement.

In a blog post, BabbleLabs CEO and co-founder Chris Rowen wrote that conversations about being acquired by Cisco began just recently, and the deal came together pretty quickly. “We quickly reached a common view that merging BabbleLabs into the Cisco Collaboration team could accelerate our common vision dramatically,” he wrote.

BabbleLabs, which launched three years ago and raised $18 million, according to Crunchbase, had an interesting, but highly technical idea. That can sometimes be difficult to translate into a viable commercial product, but makes a highly attractive acquisition target for a company like Cisco.

Brent Leary, founder and principal analyst at CRM Essentials, says this acquisition could be seen as part of a broader industry consolidation. “We’re seeing consolidation taking place as the big web conferencing players are snapping up smaller players to round out their platforms,” he said.

He added, “WebEx may not be getting the attention that Zoom is, but it still has a significant presence in the enterprise, and this acquisition will allow them to keep improving their offering.”

The deal is expected to close in the current quarter after regulatory approval. Upon closing, BabbleLabs employees will become part of Cisco’s Collaboration Group.

LaunchNotes raises a $1.8M seed round to help companies communicate their software updates

LaunchNotes, a startup founded by the team behind Statuspage (which Atlassian later acquired) and the former head of marketing for Jira, today announced that it has raised a $1.8 million seed round co-led by Cowboy Ventures and Bull City Ventures. In addition, Tim Chen (general partner, Essence Ventures), Eric Wittman (chief growth officer, JLL Technologies), Kamakshi Sivaramakrishnan (VP Product, LinkedIn), Scot Wingo (co-founder and CEO, Spiffy), Lin-Hua Wu (chief communications officer, Dropbox) and Steve Klein (co-founder, Statuspage) are participating in this round.

The general idea behind LaunchNotes is to help businesses communicate their software updates to internal and external customers, something that has become increasingly important as the speed of software developments — and launches — has increased.

In addition to announcing the new funding round, LaunchNotes also today said that it will revamp its free tier to include the ability to communicate updates externally through public embeds as well. Previously, users needed to be on a paid plan to do so. The team also now allows businesses to customize the look and feel of these public streams more and it did away with subscriber limits.

“The reason we’re doing this is largely because [ … ] our long-term goal is to drive this shift in how release communications is done,” LaunchNotes co-founder Jake Brereton told me. “And the easiest way we can do that and get as many teams on board as possible is to lower the barrier to entry. Right now, that barrier to entry is asking users to pay for it.”

As Brereton told me, the company gained about 100 active users since it launched three months ago.

Image Credits: LaunchNotes

“I think, more than anything, our original thesis has been validated much more than I expected,” co-founder and CEO Tyler Davis added. “This problem really does scale with team size and in a very linear way and the interest that we’ve had has largely been on the much larger, enterprise team side. It’s just become very clear that that specific problem — while it is an issue for smaller teams — is much more of a critical problem as you grow and as you scale out into multiple teams and multiple business units.”

It’s maybe no surprise then that many of the next items on the team’s roadmap include features that large companies would want from a tool like this, including integrations with issue trackers, starting with Jira, single sign-on solutions and better team management tools.

“With that initial cohort being on the larger team size and more toward enterprise, issue tracker integration is a natural first step into our integrations platform, because a lot of change status currently lives in all these different tools and all these different processes and LaunchNotes is kind of the layer on top of that,” explained co-founder Tony Ramirez. “There are other integrations with things like feature flagging systems or git tools, where we want LaunchNotes to be the one place where people can go. And for these larger teams, that pain is more acute.”

The fact that LaunchNotes is essentially trying to create a system of record for product teams was also part of what attracted Cowboy Ventures founder Aileen Lee to the company.

Image Credits: LaunchNotes

“One of the things that I thought was kind of exciting is that this is potentially a new system of record for product people to use that kind of lives in different places right now — you might have some of it in Jira and some in Trello, or Asana, and some of that in Sheets and some of it in Airtable or Slack,” she said. She also believes that LaunchNotes will make a useful tool when bringing on new team members or handing off a product to another developer.

She also noted that the founding team, which she believes has the ideal background for building this product, was quite upfront about the fact that it needs to bring more diversity to the company. “They recognized, even in the first meeting, ‘Hey, we understand we’re three guys, and it’s really important to us to actually build out [diversity] on our cap table and in our investing team, but then also in all of our future hires so that we are setting our company up to be able to attract all kinds of people,” she said.

Confessions of an ID Theft Kingpin, Part I

At the height of his cybercriminal career, the hacker known as “Hieupc” was earning $125,000 a month running a bustling identity theft service that siphoned consumer dossiers from some of the world’s top data brokers. That is, until his greed and ambition played straight into an elaborate snare set by the U.S. Secret Service. Now, after more than seven years in prison Hieupc is back in his home country and hoping to convince other would-be cybercrooks to use their computer skills for good.

Hieu Minh Ngo, in his teens.

For several years beginning around 2010, a lone teenager in Vietnam named Hieu Minh Ngo ran one of the Internet’s most profitable and popular services for selling “fullz,” stolen identity records that included a consumer’s name, date of birth, Social Security number and email and physical address.

Ngo got his treasure trove of consumer data by hacking and social engineering his way into a string of major data brokers. By the time the Secret Service caught up with him in 2013, he’d made over $3 million selling fullz data to identity thieves and organized crime rings operating throughout the United States.

Matt O’Neill is the Secret Service agent who in February 2013 successfully executed a scheme to lure Ngo out of Vietnam and into Guam, where the young hacker was arrested and sent to the mainland U.S. to face prosecution. O’Neill now heads the agency’s Global Investigative Operations Center, which supports investigations into transnational organized criminal groups.

O’Neill said he opened the investigation into Ngo’s identity theft business after reading about it in a 2011 KrebsOnSecurity story, “How Much is Your Identity Worth?” According to O’Neill, what’s remarkable about Ngo is that to this day his name is virtually unknown among the pantheon of infamous convicted cybercriminals, the majority of whom were busted for trafficking in huge quantities of stolen credit cards.

Ngo’s businesses enabled an entire generation of cybercriminals to commit an estimated $1 billion worth of new account fraud, and to sully the credit histories of countless Americans in the process.

“I don’t know of any other cybercriminal who has caused more material financial harm to more Americans than Ngo,” O’Neill told KrebsOnSecurity. “He was selling the personal information on more than 200 million Americans and allowing anyone to buy it for pennies apiece.”

Freshly released from the U.S. prison system and deported back to Vietnam, Ngo is currently finishing up a mandatory three-week COVID-19 quarantine at a government-run facility. He contacted KrebsOnSecurity from inside this facility with the stated aim of telling his little-known story, and to warn others away from following in his footsteps.

BEGINNINGS

Ten years ago, then 19-year-old hacker Ngo was a regular on the Vietnamese-language computer hacking forums. Ngo says he came from a middle-class family that owned an electronics store, and that his parents bought him a computer when he was around 12 years old. From then on out, he was hooked.

In his late teens, he traveled to New Zealand to study English at a university there. By that time, he was already an administrator of several dark web hacker forums, and between his studies he discovered a vulnerability in the school’s network that exposed payment card data.

“I did contact the IT technician there to fix it, but nobody cared so I hacked the whole system,” Ngo recalled. “Then I used the same vulnerability to hack other websites. I was stealing lots of credit cards.”

Ngo said he decided to use the card data to buy concert and event tickets from Ticketmaster, and then sell the tickets at a New Zealand auction site called TradeMe. The university later learned of the intrusion and Ngo’s role in it, and the Auckland police got involved. Ngo’s travel visa was not renewed after his first semester ended, and in retribution he attacked the university’s site, shutting it down for at least two days.

Ngo said he started taking classes again back in Vietnam, but soon found he was spending most of his time on cybercrime forums.

“I went from hacking for fun to hacking for profits when I saw how easy it was to make money stealing customer databases,” Ngo said. “I was hanging out with some of my friends from the underground forums and we talked about planning a new criminal activity.”

“My friends said doing credit cards and bank information is very dangerous, so I started thinking about selling identities,” Ngo continued. “At first I thought well, it’s just information, maybe it’s not that bad because it’s not related to bank accounts directly. But I was wrong, and the money I started making very fast just blinded me to a lot of things.”

MICROBILT

His first big target was a consumer credit reporting company in New Jersey called MicroBilt.

“I was hacking into their platform and stealing their customer database so I could use their customer logins to access their [consumer] databases,” Ngo said. “I was in their systems for almost a year without them knowing.”

Very soon after gaining access to MicroBilt, Ngo says, he stood up Superget[.]info, a website that advertised the sale of individual consumer records. Ngo said initially his service was quite manual, requiring customers to request specific states or consumers they wanted information on, and he would conduct the lookups by hand.

Ngo’s former identity theft service, superget[.]info

“I was trying to get more records at once, but the speed of our Internet in Vietnam then was very slow,” Ngo recalled. “I couldn’t download it because the database was so huge. So I just manually search for whoever need identities.”

But Ngo would soon work out how to use more powerful servers in the United States to automate the collection of larger amounts of consumer data from MicroBilt’s systems, and from other data brokers. As I wrote of Ngo’s service back in November 2011:

“Superget lets users search for specific individuals by name, city, and state. Each “credit” costs USD$1, and a successful hit on a Social Security number or date of birth costs 3 credits each. The more credits you buy, the cheaper the searches are per credit: Six credits cost $4.99; 35 credits cost $20.99, and $100.99 buys you 230 credits. Customers with special needs can avail themselves of the “reseller plan,” which promises 1,500 credits for $500.99, and 3,500 credits for $1000.99.

“Our Databases are updated EVERY DAY,” the site’s owner enthuses. “About 99% nearly 100% US people could be found, more than any sites on the internet now.”

Ngo’s intrusion into MicroBilt eventually was detected, and the company kicked him out of their systems. But he says he got back in using another vulnerability.

“I was hacking them and it was back and forth for months,” Ngo said. “They would discover [my accounts] and fix it, and I would discover a new vulnerability and hack them again.”

COURT (AD)VENTURES, AND EXPERIAN

This game of cat and mouse continued until Ngo found a much more reliable and stable source of consumer data: A U.S. based company called Court Ventures, which aggregated public records from court documents. Ngo wasn’t interested in the data collected by Court Ventures, but rather in its data sharing agreement with a third-party data broker called U.S. Info Search, which had access to far more sensitive consumer records.

Using forged documents and more than a few lies, Ngo was able to convince Court Ventures that he was a private investigator based in the United States.

“At first [when] I sign up they asked for some documents to verify,” Ngo said. “So I just used some skill about social engineering and went through the security check.”

Then, in March 2012, something even more remarkable happened: Court Ventures was purchased by Experian, one of the big three major consumer credit bureaus in the United States. And for nine months after the acquisition, Ngo was able to maintain his access.

“After that, the database was under control by Experian,” he said. “I was paying Experian good money, thousands of dollars a month.”

Whether anyone at Experian ever performed due diligence on the accounts grandfathered in from Court Ventures is unclear. But it wouldn’t have taken a rocket surgeon to figure out that this particular customer was up to something fishy.

For one thing, Ngo paid the monthly invoices for his customers’ data requests using wire transfers from a multitude of banks around the world, but mostly from new accounts at financial institutions in China, Malaysia and Singapore.

O’Neill said Ngo’s identity theft website generated tens of thousands of queries each month. For example, the first invoice Court Ventures sent Ngo in December 2010 was for 60,000 queries. By the time Experian acquired the company, Ngo’s service had attracted more than 1,400 regular customers, and was averaging 160,000 monthly queries.

More importantly, Ngo’s profit margins were enormous.

“His service was quite the racket,” he said. “Court Ventures charged him 14 cents per lookup, but he charged his customers about $1 for each query.”

By this time, O’Neill and his fellow Secret Service agents had served dozens of subpoenas tied to Ngo’s identity theft service, including one that granted them access to the email account he used to communicate with customers and administer his site. The agents discovered several emails from Ngo instructing an accomplice to pay Experian using wire transfers from different Asian banks.

TLO

Working with the Secret Service, Experian quickly zeroed in on Ngo’s accounts and shut them down. Aware of an opportunity here, the Secret Service contacted Ngo through an intermediary in the United Kingdom — a known, convicted cybercriminal who agreed to play along. The U.K.-based collaborator told Ngo he had personally shut down Ngo’s access to Experian because he had been there first and Ngo was interfering with his business.

“The U.K. guy told Ngo, ‘Hey, you’re treading on my turf, and I decided to lock you out. But as long as you’re paying a vig through me, your access won’t go away’,” O’Neill recalled.

The U.K. cybercriminal, acting at the behest of the Secret Service and U.K. authorities, told Ngo that if he wanted to maintain his access, he could agree to meet up in person. But Ngo didn’t immediately bite on the offer.

Instead, he weaseled his way into another huge data store. In much the same way he’d gained access to Court Ventures, Ngo got an account at a company called TLO, another data broker that sells access to extremely detailed and sensitive information on most Americans.

TLO’s service is accessible to law enforcement agencies and to a limited number of vetted professionals who can demonstrate they have a lawful reason to access such information. In 2014, TLO was acquired by Trans Union, one of the other three big U.S. consumer credit reporting bureaus.

And for a short time, Ngo used his access to TLO to power a new iteration of his business — an identity theft service rebranded as usearching[.]info. This site also pulled consumer data from a payday loan company that Ngo hacked into, as documented in my Sept. 2012 story, ID Theft Service Tied to Payday Loan Sites. Ngo said the hacked payday loans site gave him instant access to roughly 1,000 new fullz records each day.

Ngo’s former ID theft service usearching[.]info.

BLINDED BY GREED

By this time, Ngo was a multi-millionaire: His various sites and reselling agreements with three Russian-language cybercriminal stores online had earned him more than USD $3 million. He told his parents his money came from helping companies develop websites, and even used some of his ill-gotten gains to pay off the family’s debts (its electronics business had gone belly up, and a family member had borrowed but never paid back a significant sum of money).

But mostly, Ngo said, he spent his money on frivolous things, although he says he’s never touched drugs or alcohol.

“I spent it on vacations and cars and a lot of other stupid stuff,” he said.

When TLO locked Ngo out of his account there, the Secret Service used it as another opportunity for their cybercriminal mouthpiece in the U.K. to turn the screws on Ngo yet again.

“He told Ngo he’d locked him out again, and the he could do this all day long,” O’Neill said. “And if he truly wanted lasting access to all of these places he used to have access to, he would agree to meet and form a more secure partnership.”

After several months of conversing with his apparent U.K.-based tormentor, Ngo agreed to meet him in Guam to finalize the deal. Ngo says he understood at the time that Guam is an unincorporated territory of the United States, but that he discounted the chances that this was all some kind of elaborate law enforcement sting operation.

“I was so desperate to have a stable database, and I got blinded by greed and started acting crazy without thinking,” Ngo said. “Lots of people told me ‘Don’t go!,’ but I told them I have to try and see what’s going on.”

But immediately after stepping off of the plane in Guam, he was apprehended by Secret Service agents.

“One of the names of his identity theft services was findget[.]me,” O’Neill said. “We took that seriously, and we did like he asked.”

This is Part I of a multi-part series. Check back tomorrow (Aug. 27) for Part II, which will examine what investigators learned following Ngo’s arrest, and delve into his more recent effort to right the wrongs he’s done.

Microsoft brings transcriptions to Word

Microsoft today launched Transcribe in Word, its new transcription service for Microsoft 365 subscribers, into general availability. It’s now available in the online version of Word, with other platforms launching later. In addition, Word is also getting new dictation features, which now allow you to use your voice to format and edit your text, for example.

As the name implies, this new feature lets you transcribe conversations, both live and pre-recorded, and then edit those transcripts right inside of Word. With this, the company goes head-to-head with startups like Otter and Google’s Recorder app, though they all have their own pros and cons.

Image Credits: Microsoft

To get started with Transcribe in Word, you simply head for the Dictate button in the menu bar and click on “Transcribe.” From there, you can record a conversation as it happens — by recording it directly through a speakerphone and your laptop’s microphone, for example — or by recording it in some other way and then uploading that file. The service accepts .mp3, .wav, .m4a and .mp4 files.

As Dan Parish, Microsoft principal group PM manager for Natural User Interface & Incubation, noted in a press briefing ahead of today’s announcement, when you record a call live, the transcription actually runs in the background while you conduct your interview, for example. The team purposely decided not to show you the live transcript, though, because its user research showed that it was distracting. I admit that I like to see the live transcript in Otter and Recorder, but maybe I’m alone in that.

Like with other services, Transcribe in Word lets you click on individual paragraphs in the transcript and then listen to that at a variety of speeds. Because the automated transcript will inevitably have errors in it, that’s a must-have feature. Sadly, though, Transcribe doesn’t let you click on individual words.

One major limitation of the service right now is that if you like to record offline and then upload your files, you’ll be limited to 300 minutes, without the ability to extend this for an extra fee, for example. I know I often transcribe far more than five hours of interviews in any given month, so that limit seems low, especially given that Otter provides me with 6,000 minutes on its cheapest paid plan. The max length for a transcript on Otter is four hours while Microsoft’s only limit for is a 200MB file upload limit, with no limits on live recordings.

Another issue I noticed here is that if you mistakenly exit the tab with Word in it, the transcription process will stop and there doesn’t seem to be a way to restart it.

It also takes quite a while for the uploaded files to be transcribed. It takes roughly as long as the conversations I’ve tried to transcribe, but the results are very good — and often better than those of competing services. Transcribe for Word also does a nice job separating out the different speakers in a conversation. For privacy reasons, you must assign your own names to those — even when you regularly record the same people.

It’d be nice to get the same feature in something like OneNote, for example, and my guess is Microsoft may expand this to its note-taking app over time. To me, that’s the more natural place for it.

Image Credits: Microsoft

The new dictation features in Word now let you give commands like “bold the last sentence,” for example, and say “percentage sign” or “ampersand” if you need to add those symbols to a text (or “smiley face,” if those are the kinds of texts you write in Word).

Even if you don’t often need to transcribe text, this new feature shows how Microsoft is now using its subscription service to launch new premium features to convert free users to paying ones. I’d be surprised if tools like the Microsoft Editor (which offers more features for paying users), this transcription service, as well as some of the new AI features in the likes of Excel and PowerPoint, didn’t help to convert some users into paying ones, especially now that the company has combined into a single bundle Office 365 and Microsoft 365 for consumers. After all, just a subscription to something like Grammarly and Otter would be significantly more expensive than a Microsoft 365 subscription.

 

Eden intros SaaS tools in a bid to become a more comprehensive office management platform

Eden, the office management platform founded by Joe du Bey and Kyle Wilkinson, is today announcing the launch of several new enterprise software features. The company, which offers a marketplace for office managers to procure services like office cleaning, repairs, etc., is looking to offer a more comprehensive platform.

The software features include a COVID team safety tool that tracks who is coming into the office, and lets them reserve a specific desk to help ensure social distancing precautions are being taken.

“For us, the pandemic really accelerated our plans around enterprise tools,” said Joe du Bey. “We realized by talking to our clients that what they need right now isn’t services. Services are important, but what they really want in this moment is to have software so they can get back into the office.”

Eden is also introducing a service desk ticketing tool to allow workers to make requests or file a ticket for a broken piece of equipment from their own desktop, as well as a visitor management tool and a room booking tool.

The company’s acquisition of Managed By Q, its biggest competitor in the services space, also greatly accelerated its ability to deliver software. Managed By Q, which was acquired by WeWork in 2019 for $220 million, was already on the trajectory of building out software well before its acquisition by Eden, and had itself acquired companies like Hivy to offer SaaS-based tools to customers.

As Eden grows its product portfolio, competition still abounds. Envoy (with just under $60 million in funding) has been in the visitor management space since its inception and is looking to broaden its product portfolio beyond office visitors. UpKeep is charging into the service ticket space with a mobile app to make it easier for service workers within an office to do their job and move seamlessly from task to task. Meanwhile, Robin is in the mix with its own room booking platform.

The point? There is clearly a rush to build out a platform that helps folks manage the physical space of an office and the people within it. Eden, with $40 million in total funding, is well positioned to duke it out for the top spot among a variety of competitors who are angling to ‘do it all.’

“This is a board meeting question: are we fighting too many battles or is comprehensiveness our most important asset?” said du Bey. “We have a completeness to our vision. A lot of our customers are saying they want a few tools from one place versus the very fragmented experience they have today. But there are trade offs in comprehensiveness. It means that someone can can spend all day building a hundred integrations for their app that for us might not be possible. So, there are some really interesting trade offs.”

That’s not without hardship, however. Eden had to layoff about 40 percent of its workforce amid the coronavirus pandemic. And though COVID has slowed growth, du Bey says that revenue in April 2020 was still higher than it was the year prior.

Alongside trying to support marketplace partners and customers through the pandemic, Eden has also introduced new ways to search for service providers, including a way to solicit a bid from black-owned businesses in the wake of the Black Lives Matter movement.

The Eden team is 52 percent female. Black employees represent 12 percent of the workforce, and Latinx employees represent 8 percent of the workforce.

New Zendesk dashboard delivers customer service data in real time

Zendesk has been offering customers the ability to track customer service statistics for some time, but it has always been a look back. Today, the company announced a new product called Explore Enterprise that lets customers capture that valuable info in real time, and share it with anyone in the organization, whether they have a Zendesk license or not.

While it has had Explore in place for a couple of years now, Jon Aniano, senior VP of product at Zendesk says the new enterprise product is in response to growing customer data requirements. “We now have a way to deliver what we call Live Team Dashboards, which delivers real-time analytics directly to Zendesk users,” Aniano told TechCrunch.

In the days before COVID that meant displaying these on big monitors throughout the customer service center. Today, as we deal with the pandemic, and customer service reps are just as likely to be working from home, it means giving management the tools they need to understand what’s happening in real time, a growing requirement for Zendesk customers as they scale, regardless of the pandemic.

“What we’ve found over the last few years is that our customers’ appetite for operational analytics is insatiable, and as customers grow, as customer service needs get more complex, the demands on a contact center operator or customer service team are higher and higher, and teams really need new sets of tools and new types of capabilities to meet what they’re trying to do in delivering customer service at scale in the world,” Aniano told TechCrunch.

One of the reasons for this is the shift from phone and email as the primary ways of accessing customer service to messaging tools like WhatsApp. “With the shift to messaging, there are new demands on contact centers to be able to handle real-time interactions at scale with their customers,” he said.

In order to meet that kind of demand, it requires real-time analytics that Zendesk is providing with this announcement. This arms managers with the data they need to put their customer service resources where they are needed most in the moment in real time.

But Zendesk is also giving customers the ability to share these statistics with anyone in the company. “Users can share a dashboard or historical report with anybody in the company regardless of whether they have access to Zendesk. They can share it in Slack, or they can embed a dashboard anywhere where other people in the company would like to have access to those metrics,” Aniano explained.

The new service will be available starting on August 31 for $29 per user per month.

Industry experts say it’s full speed ahead as Snowflake files S-1

When Snowflake filed its S-1 ahead of an upcoming IPO yesterday, it wasn’t exactly a shock. The company which raised $1.4 billion had been valued at $12.4 billion in its last private raise in February. CEO Frank Slootman, who had taken over from Bob Muglia in May last year, didn’t hide the fact that going public was the end game.

When we spoke to him in February at the time of his mega $479 million raise, he was candid about the fact he wanted to take his company to the next level, and predicted it could happen as soon as this summer. In spite of the pandemic and the economic fallout from it, the company decided now was the time to go — as did 4 other companies yesterday including J Frog, Sumo Logic, Unity and Asana.

If you haven’t been following this company as it went through its massive private fund raising process, investors see a company taking a way to store massive amounts of data and moving it to the cloud. This concept is known as a cloud data warehouse as it it stores immense amounts of data.

While the Big 3 cloud companies all offer something similar, Snowflake has the advantage of working on any cloud, and at a time where data portability is highly valued, enables customers to shift data between clouds.

We spoke to several industry experts to get their thoughts on what this filing means for Snowflake, which after taking a blizzard of cash, has to now take a great idea and shift it into the public markets.

Pandemic? What pandemic?

Big market opportunities usually require big investments to build companies that last, that typically go public, and that’s why investors were willing to pile up the dollars to help Snowflake grow. Blake Murray, a research analyst at Canalys says the pandemic is actually working in the startup’s favor as more companies are shifting workloads to the cloud.

“We know that demand for cloud services is higher than ever during this pandemic, which is an obvious positive for Snowflake. Snowflake also services multi-cloud environments, which we see in increasing adoption. Considering the speed it is growing at and the demand for its services, an IPO should help Snowflake continue its momentum,” Murray told TechCrunch.

Leyla Seka, a partner at Operator Collective, who spent many years at Salesforce agrees that the pandemic is forcing many companies to move to the cloud faster than they might have previously. “COVID is a strange motivator for enterprise SaaS. It is speeding up adoption in a way I have never seen before,” she said.

It’s clear to Seka that we’ve moved quickly past the early cloud adopters, and it’s in the mainstream now where a company like Snowflake is primed to take advantage. “Keep in mind, I was at Salesforce for years telling businesses their data was safe in the cloud. So we certainly have crossed the chasm, so to speak and are now in a rapid adoption phase,” she said.

So much coopetition

The fact is Snowflake is in an odd position when it comes to the big cloud infrastructure vendors. It both competes with them on a product level, and as a company that stores massive amounts of data, it is also an excellent customer for all of them. It’s kind of a strange position to be in says Canalys’ Murray.

“Snowflake both relies on the infrastructure of cloud giants — AWS, Microsoft and Google — and competes with them. It will be important to keep an eye on the competitive dynamic even although Snowflake is a large customer for the giants,” he explained.

Forrester analyst Noel Yuhanna agrees, but says the IPO should help Snowflake take on these companies as they expand their own cloud data warehouse offerings. He added that in spite of that competition, Snowflake is holding its own against the big companies. In fact, he says that it’s the number one cloud data warehouse clients inquire about, other than Amazon RedShift. As he points out, Snowflake has some key advantages over the cloud vendors’ solutions.

“Based on Forrester Wave research that compared over a dozen vendors, Snowflake has been positioned as a Leader. Enterprises like Snowflake’s ease of use, low cost, scalability and performance capabilities. Unlike many cloud data warehouses, Snowflake can run on multiple clouds such as Amazon, Google or Azure, giving enterprises choices to choose their preferred provider.”

Show them more money

In spite of the vast sums of money the company has raised in the private market, it had decided to go public to get one final chunk of capital. Patrick Moorhead, founder and principal analyst at Moor Insight & Strategy says that if the company is going to succeed in the broader market, it needs to expand beyond pure cloud data warehousing, in spite of the huge opportunity there.

“Snowflake needs the funding as it needs to expand its product footprint to encompass more than just data warehousing. It should be focused less on niches and more on the entire data lifecycle including data ingest, engineering, database and AI,” Moorhead said.

Forrester’s Yuhanna agrees that Snowflake needs to look at new markets and the IPO will give it the the money to do that. “The IPO will help Snowflake expand it’s innovation path, especially to support new and emerging business use cases, and possibly look at new market opportunities such as expanding to on-premises to deliver hybrid-cloud capabilities,” he said.

It would make sense for the company to expand beyond its core offerings as it heads into the public markets, but the cloud data warehouse market is quite lucrative on its own. It’s a space that has required a considerable amount of investment to build a company, but as it heads towards its IPO, Snowflake is should be well positioned to be a successful company for years to come.

On Agent: On Time. Every Time.

How deep is your love? How high is the sky? How long is a minute?

We can answer the third one: In the case of Maze ransomware, it’s plenty of time to encrypt tens of thousands of files. Unfortunately, if a business relies on the cloud, for virus signatures or reputation lookups, time is “the biggest gotcha,” according to SentinelOne Senior Threat Researcher Jim Walter.

“Time is a big, sprawling thing,” Walter says. “Even if you’re talking fractions of a second, that’s still plenty of time for bad stuff to keep happening while the machine is trying to make a decision on what’s good or bad.”

Cooking Your Goose Takes a Fraction of a Second

It can be hard to imagine how much damage can occur in 1 minute. In one test, SentinelOne’s Labs recorded 23,969 events triggered by Maze within the span of a mere 60 seconds. Each one of those events is a file being encrypted in preparation for attackers holding a virtual gun to a kidnapped company’s head and demanding a ransom to unlock its data. All this damage underscores why local protection models—as in, those that are located on endpoints and don’t need to pause to fetch marching orders from the cloud—are superior to products that suffer from cloud lag and the dwell time it grants attackers.

Maze is one of many examples that show how and why local endpoint agents are crucial to neutralizing high-velocity attacks. Whereas some EPP (Endpoint Protection) and EDR (Endpoint Detection and Response) technologies have to remote-shell into endpoints and fix them with scripts, SentinelOne’s technology tracks and contextualizes everything on a device, identifying malicious acts in real-time and automating the required responses with local AI (artificial intelligence) agents on every endpoint. They can connect to the cloud, but they don’t have to: the local agents don’t need to be slowed down by that back-and-forth, freeing them from the lag time it takes to check in with the cloud to find out what to do.

Why On Time Matters: To Avoid Getting CryptoWalled

CryptoWall ransomware is an example of how an unknown malware can pop up and use fileless techniques to bypass traditional defenses. Before it encrypted anything, it started by deleting volume shadow copies to make sure that there was no way to recover encrypted files. VSS (Volume Shadow Copy Service) is a built-in Windows feature that can be used to create backup copies or snapshots of files and volumes, even when they’re in use. SentinelOne has also seen malware that disables VSS by using WMI (Windows Management Instrumentation) to evade detection by AV signatures. It’s not just CryptoWall: in fact, deleting shadow copies is a common technique used by ransomware.

In such a situation, local agents beat out cloud-reliant models because they don’t have to rely solely on AV signatures. Rather, they can carefully monitor processes and interrelationships in order to sniff out malicious behavior—including the noxious behavior of nuking shadow copies.

Why Local Matters: To Sniff Out LOLers

More recently, other fileless techniques have cropped up to bypass traditional defenses. A year ago, we saw a new malware threat—Nodersok/Divergent—that downloaded its own LOLBins (Living Off the Land Binaries). LOLBins are non-malicious binaries that researchers or cyber criminals have discovered can be used to hide their tracks and evade cyber defenses.

In September 2019, thousands of machines were infected by the Nodersok malware, which downloaded and installed a copy of the Node.js framework to convert infected systems into proxies and perform click-fraud. It might not sound all that serious, but the fact that its creators managed to infect so many systems means that they could also have pivoted to deploy other, more dangerous modules, such as ransomware or banking Trojans.

Ebook: Understanding Ransomware in the Enterprise
This guide will help you understand, plan for, respond to and protect against this now-prevalent threat. It offers examples, recommendations and advice to ensure you stay unaffected by the constantly evolving ransomware menace.

Why On-Device Detection Matters: Ramsay Trojan’s Air-Gap Skipping

One of the most recent examples of why on-device detection beats cloud reliance comes in the form of the Ramsay Trojan: malware that emerged in late 2019 with a focus on both persistence and data exfiltration from air-gapped systems.

As SentinelOne’s Walter says in his May 2020 writeup of the new malware, (ongoing) analysis suggests that the malware “was developed for advanced targeted campaigns by a threat actor primarily interested in organizations trying to protect the most sensitive of information.” But, he emphasizes, as is often the case with specialized malware, there’s once again the chance that it will pivot to focus on new targets.

Regardless of it being a novel threat, SentinelOne protects against Ramsay. “Even when the network is disconnected such as with an air-gapped device, the SentinelOne agent will detect the malware locally on-device,” Walter says. This video shows how it works:

SentinelOne vs Ramsay Trojan

What Happens When Clouds Evaporate?

Besides the time factor, some attackers directly target cloud connectivity itself. Migo Kedem, SentinelOne’s Senior Director of Products & Marketing, says the company has seen examples of malware that can actually disconnect its targets. While SentinelOne’s local models can use connectivity, it’s a relief that they’re not dead in the water without it. “If the connection is lost, SentinelOne would offer protection in a very similar, though not identical, way,” he says. “We use connectivity when it’s available, primarily to save resources as you don’t need to analyse something that’s already known. But unlike other products, we don’t rely on connectivity to protect the device. Known or unknown, connected to the cloud or not, the local agent will do the work of detecting and protecting against attacks.”

Here’s how it works: Pre-execution, SentinelOne’s single, local agent replaces traditional virus signatures with a Static AI engine to provide protection. It doesn’t stop there. Even if the threat isn’t recognized, SentinelOne’s Behavioral AI engines track all processes and their interrelationships, regardless of how long they’re active. When an agent detects malicious activities, it responds automatically, at machine speed. The local engine is vector-agnostic: it works with file-based malware, scripts, weaponized documents, lateral movement, fileless malware, and even zero-days.

Finally, post-execution, SentinelOne’s ActiveEDR—the behavioral AI model—provides rich forensic data and can mitigate threats automatically, perform network isolation, and auto-immunize the endpoints against newly discovered threats. As a final, last safety measure, SentinelOne can even roll back an endpoint to its pre-infected state.

Go Local to Avoid Getting Hosed

Not to beat a dead horse, but it’s important to emphasize that time matters. A lot.

Any modern ransomware can completely F-up a disk in half a minute,” says SentinelOne’s Walter. “If [any cloud-based protection] response was in a minute, you could be completely hosed.”

Another regrettable aspect of cloud reliance is that “the bad guys are smart,” Walter says. They know how to use antivirus products just like the good guys do. Attackers will take the time to test a given service, whether it’s homegrown protection or otherwise. “If they’re able to do those tests, which predominantly require vendors or services to have cloud lookup mechanisms or API functionality, the bad guys will take advantage of that and, say, not release malware until it can pass those models.”

You don’t want to give the bad guys the time they need to do what they do, whether it’s encrypt files, exploit dwell time by infiltrating other parts of the network, plant spyware, wipe out your VSS shadow copies, deploy secondary malware, or test out whatever AV system you’ve rigged up.

You want local agents because that precious time should be spent stopping attacks before they wreak havoc. You want to spend that time fixing whatever attackers do manage to assault. In short, you want local agents so you can have what the CIA has so memorably referred to as “a colossal pain in the posterior” for attackers.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security