Five years after creating Traefik application proxy, open-source project hits 2B downloads

Five years ago, Traefik Labs founder and CEO Emile Vauge was working on a project deploying thousands of microservices and he was lacking a cloud-native application proxy that could handle this kind of scale. So like any good developer, he created one himself, and Traefik was born.

If you go back five years, the notion of cloud native was still in its infancy. Docker has been doing containers for just a couple of years, and Kubernetes would only be released that year. There wasn’t much cloud-native tooling around, so Vauge decided to build a cloud-native reverse proxy out of pure necessity.

“At that time, five years ago, there was no reverse proxy that was good at managing the complexity of microservices at cloud scale. So that was really the origin of Traefik. And one of the big innovations was its automation and its simplicity,” he said.

As he explained it, a reverse proxy needs to have several features, like traffic management, load balancing, observability and security, but much of this had to be done manually with the tools available at the time. As it turns out, Vauge had stumbled onto a major pain point.

“Initially I created Traefik for myself. It was a side project but it turned out that there was a huge interest and very quickly a community gathered around the project,” he said. After a few months, he realized he could build a company around this and left his job to start a company called Containous.

Today, he changed the name of that company to Traefik Labs and the open-source project he developed has become wildly popular. “Five years later we are at 2 billion downloads. It’s in the top 10 most downloaded projects on Docker. We have 30,000 stars on GitHub. So basically it’s one of the largest open-source projects in the world,” he said. In addition, he said there are more than 550 individuals contributing to the project today.

When he formed Containous, he developed an open core-based commercial project designed for enterprise needs around scaling, high availability and more security features. Today, that includes the Traefik Proxy and an open-source service mesh called Traefik Mesh.

Among the companies using the open-source project today are Conde Nast, eBay Classifieds and Mailchimp.

Vauge certainly was in the right place at the right time five years ago, which he modestly attributes to luck because he was working at one of the few companies at the time that was dealing with microservices at scale. “We had to build a lot of things, and Traefik was one of those things. So I was basically lucky because I created Traefik at the right time,” he said.

Not surprisingly, a company with that kind of open-source traction has attracted the interest of venture capitalists, and Vauge has raised $16 million since he launched his company in 2015, including $10 million led by Balderton Capital in January.

Yext launches Hitchhikers, a self-serve version of its site search tool

Yext is making its site search product Yext Answers available to a broader set of customers today with the launch of a new program that it calls Hitchhikers.

The company launched Yext Answers in October 2019 with the goal of making a brand’s website — rather than whatever shows up via Google search — the authoritative source of information about that brand. And earlier this year, Yext also introduced a 90-day free trial, which CEO Howard Lerman said was designed to help more partners deliver coronavirus-related answers.

However, Lerman told me this week that Yext Answers has still been constrained by a setup process that requires a Yext employee “to understand our own software and build your knowledge graph,” which meant that the company had to turn away many potential customers. With Hitchhikers, that’s no longer the case.

Chief Strategy Officer Marc Ferrentino said the program is designed for digital marketers, SEO specialists and IT professionals. The goal is to provide everything they need to create their own site search experience — including starter “knowledge graphs” customized to specific industries that customers can populate with their own content.

And there’s an educational focus — Ferrentino said Hitchhikers should be accessible to “someone who is a novice when it comes to technology,” quickly getting them up to speed on topics like HTML, CSS and JavaScript, with different tracks and modules all brought to life with “hands-on learning” and quizzes.

Yext Hitchhikers

Image Credits: Yext

Like Yext Answers, Hitchhikers is available through a 90-day free trial. And if you’re wondering about the name, Lerman said it’s a reference to Douglas Adams’ classic novel “The Hitchhikers Guide to the Galaxy,” specifically the idea of The Ultimate Question. Hitchhikers, then, is designed to help businesses answers their own Ultimate Questions.

One of the recurring themes in my recent conversations with Lerman has been the importance of brands and businesses as a source of knowledge and authoritative information. It’s something he emphasized again when discussing Hitchhikers. For example, he pointed to a Google search about what qualifies as essential travel — the top result was an article from a popular travel blogger, rather than the official definition from the U.S. State Department (a Yext Answers customer).

“The ultimate authority how to claim your gift card from Krispy Kreme is Krispy Kreme,” Lerman said. “The ultimate authority on an internet outage in a certain area is Cox … Getting that information to the user is even more important in this terrible year of misinformation and disinformation.”

Airship acquires SMS commerce company ReplyBuy

Airship is announcing that it has acquired mobile commerce startup ReplyBuy.

The startup (which was a finalist at TechCrunch’s 1st and Future competition in 2016) works with customers like entertainment venues and professional and college sports teams to send messages and sell tickets to fans via SMS. It raised $4 million in funding from Sand Hill Angels, Kosinski Ventures, SEAG Ventures, Enspire Capital, MRTNZ Ventures and others, according to Crunchbase.

Airship, meanwhile, has been expanding its platform beyond push notifications to cover customer communication across SMS, email, mobile wallets and more. But CEO Brett Caine said this is the first time the company is moving into commerce.

While sports and concerts tickets might not be a booming market right now, Caine suggested that the company is actually seeing increased purchasing activity “in and around the Airship platform” as businesses try to drive more in-app purchases. He also suggested that both the COVID-19 pandemic and increased restrictions on mobile data collection and ad targeting are going to “accelerate direct-to-consumer motion by large brands.”

Airship isn’t disclosing the deal price, but Caine said the seven-person ReplyBuy team will be joining the company, with CEO Brandon O’Halloran becoming Airship’s general manager of commerce and CTO Anthony Saia leading the commerce engineering team.

“Nobody directly connects more brands to mobile consumers than Airship,” O’Halloran said in a statement. “Joining Airship offers ReplyBuy the opportunity to serve the global market with a more comprehensive solution across more industries, and provide more valuable mobile customer experiences.”

Caine added, “These are really key roles, demonstrating the importance, in our view, of extending commerce to the customer engagement experience.”

He also said that Airship will continue to support ReplyBuy as a standalone product, while also integrating and extending its capabilities to other areas of the Airship platform.

“This one-to-one commerce at scale is a key part of the ReplyBuy solution,” he said. “We’re going to bring it into all the digital channels that Airship powers [to create] a seamless, fast, easy experience around commerce.”

NUVIA raises $240M from Mithril to make climate-ready enterprise chips

Climate change is on everyone’s minds these days, what with the outer Bay Area on fire, orange skies above San Francisco, and a hurricane season that is bearing down on the East Coast with alacrity (and that’s just the United States in the past two weeks).

A major — and growing — source of those emissions is data centers, the cloud infrastructure that powers most of our devices and experiences. That’s led to some novel ideas, such as Microsoft’s underwater data center Project Natick, which just came back to the surface for testing a bit more than a week ago.

Yet, for all the fun experiments, there is a bit more of an obvious solution: just make the chips more energy efficient.

That’s the thesis of NUVIA, which was founded by three ex-Apple chip designers who led the design of the “A” series chip line for the company’s iPhones and iPads for years. Those chips are wicked fast within a very tight energy envelope, and NUVIA’s premise is essentially what happens when you take those sorts of energy constraints (and the experience of its chip design team) and apply them to the data center.

We did a deep profile of the company last year when it announced its $53 million Series A, so definitely read that to understand the founding story and the company’s mission. Now about one year later, it’s coming back to us with news of a whole bunch of more funding.

NUVIA announced today that it has closed on a $240 million Series B round led by Mithril Capital, with a bunch of others involved listed below.

Since we last chatted with the company, we now have a bit more detail of what it’s working on. It has two products under development, a system-on-chip (SoC) unit dubbed “Orion” and a CPU core dubbed “Phoenix.” The company previewed a bit of Phoenix’s performance last month, although as with most chip companies, it is almost certainly too early to make any long-term predictions about how the technology will settle in with existing and future chips coming to the market.

NUVIA’s view is that chips are limited to about 250-300 watts of power given the cooling and power constraints of most data centers. As more cores become common pre chip, each core is going to have to make do with less power availability while maintaining performance. NUVIA’s tech is trying to solve that problem, lowering total cost of ownership for data center operators while also improving overall energy efficiency.

There’s a lot more work to be done of course, so expect to see more product announcements and previews from the company as it gets its technology further finalized. With $240 million more dollars in the bank though, it certainly has the resources to make some progress.

Shortly after we chatted with the company last year, Apple sued company founder and CEO Gerald Williams III for breach of contract, with the company arguing that its former chip designer was trying to poach employees for his nascent startup. Williams counter-sued earlier this year, and the two parties are now in the discovery phase of their lawsuit, which remains ongoing.

In addition to lead Mithril, the round was done “in partnership with” the founders of semiconductor giant Marvell (Sehat Sutardja and Weili Dai), funds managed by BlackRock, Fidelity, and Temasek, plus Atlantic Bridge and Redline Capital along with Series A investors Capricorn Investment Group, Dell Technologies Capital, Mayfield, Nepenthe LLC, and WRVI Capital.

Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw

Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsoft’s warning comes just days after the U.S. Department of Homeland Security issued an emergency directive instructing all federal agencies to patch the vulnerability by Sept. 21 at the latest.

DHS’s Cybersecurity and Infrastructure Agency (CISA) said in the directive that it expected imminent exploitation of the flaw — CVE-2020-1472 and dubbed “ZeroLogon” — because exploit code which can be used to take advantage of it was circulating online.

Last night, Microsoft’s Security Intelligence unit tweeted that the company is “tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon vulnerability.”

“We have observed attacks where public exploits have been incorporated into attacker playbooks,” Microsoft said. “We strongly recommend customers to immediately apply security updates.”

Microsoft released a patch for the vulnerability in August, but it is not uncommon for businesses to delay deploying updates for days or weeks while testing to ensure the fixes do not interfere with or disrupt specific applications and software.

CVE-2020-1472 earned Microsoft’s most-dire “critical” severity rating, meaning attackers can exploit it with little or no help from users. The flaw is present in most supported versions of Windows Server, from Server 2008 through Server 2019.

The vulnerability could let an unauthenticated attacker gain administrative access to a Windows domain controller and run an application of their choosing. A domain controller is a server that responds to security authentication requests in a Windows environment, and a compromised domain controller can give attackers the keys to the kingdom inside a corporate network.

Scott Caveza, research engineering manager at security firm Tenable, said several samples of malicious .NET executables with the filename ‘SharpZeroLogon.exe’ have been uploaded to VirusTotal, a service owned by Google that scans suspicious files against dozens of antivirus products.

“Given the flaw is easily exploitable and would allow an attacker to completely take over a Windows domain, it should come as no surprise that we’re seeing attacks in the wild,” Caveza said. “Administrators should prioritize patching this flaw as soon as possible. Based on the rapid speed of exploitation already, we anticipate this flaw will be a popular choice amongst attackers and integrated into malicious campaigns.”

Unifying Endpoint Security for Enterprise | An Interview With Migo Kedem

The importance of endpoint security in the context of emerging zero trust security is clearly recognized—and this is reflected in the growing number of choices enterprise teams have in the selection of a suitable endpoint protection solution. Commercial tools focused on prevention, on detection, or on the related functions of remediation and response are readily available and this can lead to confusion for enterprise teams.

A new goal has thus emerged to unify and introduce greater commonality for the required endpoint security functions in an enterprise. The goal of uniting prevention, detection, and response has therefore become an important priority—and this is not just for management simplification. It also increases the effectiveness of the endpoint controls and can help reduce operating and capital expense investments by the security group. Having a solution capable of distributing intelligence and coordination actions across the prevent, detect, and respond lifecycle—regardless of attack surface— is extremely powerful for a SOC.

The TAG Cyber team recently sat down with Migo Kedem of SentinelOne to learn more about how the company is working to unite and unify endpoint security into a next-generation cyber security platform that can address many of the goals mentioned above.

TAG Cyber: What’s promoted the increase in attention to endpoint security in our community?

Migo Kedem: Endpoints were always a lucrative target for cyber attacks, and the reasons are simple: It’s where we work, and humans are vulnerable from a cyber security perspective. For those who work in an enterprise, it’s also where we access, and in many cases store, the data we use and produce to do our jobs. These elements always drive cyber criminals to invest in compromising endpoints. Gaining access to a single endpoint is the key to breaching the enterprise.

TAG Cyber: Do you see unification of endpoint security functions as a requirement coming directly from practitioners?

Migo Kedem: Yes, 100%. Especially since COVID, we see a change in how enterprises allocate budgets, and the consolidation of tools is one of the easiest ways to reduce cost without compromising on security. Automation also helps cut down the inherent costs of responding and investing in manual work. More tools means more labor to manage them, which translates to cost. Solutions which consolidate and automate are getting moved to the top of CISO spending.

TAG Cyber: Tell us about your platform. How does it work?

Migo Kedem: The journey of the SentinelOne product is unique. Even at the beginning, the solution baked in EPP [endpoint protection platforms] and EDR [endpoint detection and response] in a single architecture. Aside from our prevention and detection capabilities, we were the first to introduce the concept of rolling back a ransomware infection, so users who may have seen traces of infection could keep working.

In 2015, we introduced cyber insurance—a term not previously used by a vendor to say, “We are confident enough to stand behind our technology and we will pay if we miss a breach.”

Over time, the platform evolved to answer the new needs of CISOs and security practitioners, like IoT discovery and cloud workload protection. We also introduced capabilities to support an easy switch from legacy AV suites commonly needed by enterprises, like device control (USB), Bluetooth control, and even endpoint firewall control.

The SentinelOne security platform’s most significant evolution was when we introduced Singularity. In short, the platform combines all the capabilities mentioned above into a holistic platform so that enterprises can choose the right solution for their needs. This approach allows enterprises to install one agent, to manage it from a single console, and replace traditional AV with a much better AI-based solution that is cross-platform. It includes an EDR and XDR that allow for automated response (which means that security and incident response teams aren’t fielding calls in the middle of the night); visibility into every asset on your physical and virtual networks; and vulnerability scanning, Bluetooth control, isolation of infected devices, and a long list of features to keep enterprises safe from cyber attacks while maintaining our original single agent and single management console architecture.

The hallmark of Singularity is that all this rich device and user data is stored in a data lake available to each of our customers. This takes SentinelOne beyond a unified EPP and EDR endpoint solution of choice—we also are an IoT security solution, a cloud security solution, and a security/data analytics company—all in one.

TAG Cyber: What trends do you see in the types of threats that endpoint tools are expected to mitigate?

Market Outlook and Industry Insights
TAG Cyber Security Annual | 2021 Edition

Migo Kedem: Several new trends are affecting this market:

1. Ransomware is no longer a decryption play, but downright extortion. Highly organized crimeware groups (such as Dridex and Trickbot) once relied primarily on banking fraud and demonstrated success, utilizing ransomware as their primary attack vectors. Such operators are now using the same capabilities to compromise enterprises, not only to blindly encrypt devices (like the case of the City of Baltimore which cost $17 million in recovery), but to exfiltrate data, post demands on public websites, and to hand data back only after receiving the ransom. The economics of this trend should alert all security practitioners: Enterprises risk facing substantial financial damage by either collaborating with crimeware groups or by having their PII and customer data exposed to the public.

2. The scale of operation and the use of AI. There is no doubt that the capabilities of AI are allowing all kinds of technologies to be more effective. AI has become more accessible to different types of organizations, and at the same time, it has become available to organized crimeware groups. This means that defending using AI is not a luxury but a necessity. Attacks are more lethal and debilitating than ever before, given that the adversary uses AI just like defenders.

3. Ransomware-as-a-Service – Heaven’s gate to criminals. In the past, the bar of creating ransomware for profit was much higher than it is today. This changed in recent years. While Ransomware-as-a-Service does not change the way to defend, it exponentially increases the number of malicious attacks seen today by businesses of all sizes.

TAG Cyber: Is proper use of artificial intelligence an important factor in the success of an endpoint security solution?

Migo Kedem: Artificial intelligence is a critical element in the fight against malicious threat actors. It is definitely not a silver bullet, but it is a gateway to efficiency and automation. If you ask any AI experts, they will all say the same—the quality of AI-driven security protection is as good as the data you use to train AI. Knowledge accumulated over time helps companies incorporating AI to understand the blind spots of AI. In addition, as mentioned before, the democratization of AI—meaning, it’s being used effectively by both defenders and attackers—has created the reality that using AI is no longer a differentiator, but a baseline of a security stack.

TAG Cyber: Any final predictions about endpoint security and endpoint-related threats?

Migo Kedem: Yes—securing enterprises is an ever-changing battle to overcome threat actors. Today, standing still is effectively moving backwards. The economics of malware, and specifically ransomware, still fuels a vast criminal market that sometimes operates like startups that are capable of innovating and taking advantage of fragmented and vulnerable networks (remote work is one example).

To adequately protect against such challenges, one needs to find a security solution that is trusted and proven in the wild, without creating more burden on the existing cyber security workforce.

These inherent challenges are not going to lessen in the future; on the contrary—we keep adding more and more devices that access our networks and data. By doing so, we increase the attack surface, sometimes without realizing or considering the implications. You don’t find many enterprises capable of coping with this real-world challenge—this is where technology helps close the gaps.

In summary, the need to protect devices of all kinds grows; the challenge—and opportunity—is increasing protection and visibility without impacting overhead and human capacity to manage the evolving and complex enterprise architectures of today and tomorrow.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

WhyLabs brings more transparancy to ML ops

WhyLabs, a new machine learning startup that was spun out of the Allen Institute, is coming out of stealth today. Founded by a group of former Amazon machine learning engineers, Alessya Visnjic, Sam Gracie and Andy Dang, together with Madrona Venture Group principal Maria Karaivanova, WhyLabs’ focus is on ML operations after models have been trained — not on building those models from the ground up.

The team also today announced that it has raised a $4 million seed funding round from Madrona Venture Group, Bezos Expeditions, Defy Partners and Ascend VC.

Visnjic, the company’s CEO, used to work on Amazon’s demand forecasting model.

“The team was all research scientists, and I was the only engineer who had kind of tier-one operating experience,” she told me. “So I thought, “Okay, how bad could it be? I carried the pager for the retail website before. But it was one of the first AI deployments that we’d done at Amazon at scale. The pager duty was extra fun because there were no real tools. So when things would go wrong — like we’d order way too many black socks out of the blue — it was a lot of manual effort to figure out why issues were happening.”

Image Credits: WhyLabs

But while large companies like Amazon have built their own internal tools to help their data scientists and AI practitioners operate their AI systems, most enterprises continue to struggle with this — and a lot of AI projects simply fail and never make it into production. “We believe that one of the big reasons that happens is because of the operating process that remains super manual,” Visnjic said. “So at WhyLabs, we’re building the tools to address that — specifically to monitor and track data quality and alert — you can think of it as Datadog for AI applications.”

The team has brought ambitions, but to get started, it is focusing on observability. The team is building — and open-sourcing — a new tool for continuously logging what’s happening in the AI system, using a low-overhead agent. That platform-agnostic system, dubbed WhyLogs, is meant to help practitioners understand the data that moves through the AI/ML pipeline.

For a lot of businesses, Visnjic noted, the amount of data that flows through these systems is so large that it doesn’t make sense for them to keep “lots of big haystacks with possibly some needles in there for some investigation to come in the future.” So what they do instead is just discard all of this. With its data logging solution, WhyLabs aims to give these companies the tools to investigate their data and find issues right at the start of the pipeline.

Image Credits: WhyLabs

According to Karaivanova, the company doesn’t have paying customers yet, but it is working on a number of proofs of concepts. Among those users is Zulily, which is also a design partner for the company. The company is going after mid-size enterprises for the time being, but as Karaivanova noted, to hit the sweet spot for the company, a customer needs to have an established data science team with 10 to 15 ML practitioners. While the team is still figuring out its pricing model, it’ll likely be a volume-based approach, Karaivanova said.

“We love to invest in great founding teams who have built solutions at scale inside cutting-edge companies, who can then bring products to the broader market at the right time. The WhyLabs team are practitioners building for practitioners. They have intimate, first-hand knowledge of the challenges facing AI builders from their years at Amazon and are putting that experience and insight to work for their customers,” said Tim Porter, managing director at Madrona. “We couldn’t be more excited to invest in WhyLabs and partner with them to bring cross-platform model reliability and observability to this exploding category of MLOps.”

Selling a startup can come with an emotional cost

Every founder dreams of building a substantial company. For those who make it through the myriad challenges, it typically results in an exit. If it’s through an acquisition, that can mean cashing in your equity, paying back investors and rewarding long-time employees, but it also usually results in a loss of power and a substantially reduced role.

Some founders hang around for a while before leaving after an agreed-upon time period, while others depart right away because there is simply no role left for them. However it plays out, being acquired can be an emotional shock: The company you spent years building is no longer under your control,

We spoke to a couple of startup founders who went through this experience to learn what the acquisition process was like, and how it feels to give up something after pouring your heart and soul into building it.

Knowing when it’s time to sell

There has to be some impetus to think about selling: Perhaps you’ve reached a point where growth stalls, or where you need to raise a substantial amount of cash to take you to the next level.

For Tracy Young, co-founder and former CEO at PlanGrid, the forcing event was reaching a point where she needed to raise funds to continue.

After growing a company that helped digitize building plans into a $100 million business, Young ended up selling it to Autodesk for $875 million in 2018. It was a substantial exit, but Young said it was more of a practical matter because the path to further growth was going to be an arduous one.

“When we got the offer from Autodesk, literally we would have had to execute flawlessly and the world had to stay good for the next three years for us to have the same outcome,” she said at a panel on exiting at TechCrunch Disrupt last week.

“As CEO, [my] job is to choose the best path forward for all stakeholders of the company — for our investors, for our team members, for our customers — and that was the path we chose.”

For Rami Essaid, who founded bot mitigation platform Distil Networks in 2011, slowing growth encouraged him to consider an exit. The company had reached around $25 million run rate, but a lack of momentum meant that shifting to a broader product portfolio would have been too heavy a lift.

Ripjar, founded by GCHQ alums, raises $36.8M for AI that detects financial crime

Financial crime as a wider category of cybercrime continues to be one of the most potent of online threats, covering nefarious actives as diverse as fraud, money laundering and funding terrorism. Today, one of the startups that has been building data intelligence solutions to help combat that is announcing a fundraise to continue fueling its growth.

Ripjar, a UK company founded by five data scientists who previously worked together in British intelligence at the Government Communications Headquarters (GCHQ, the UK’s equivalent of the NSA), has raised $36.8 million (£28 million) in a Series B, money that it plans to use to continue expanding the scope of its AI platform — which it calls Labyrinth — and scaling the business.

Labyrinth, as Ripjar describes it, works with both structured and unstructured data, using natural language processing and an API-based platform that lets organizations incorporate any data source they would like to analyse and monitor for activity.

Sources close to the company say that the funding values the startup in the region of £100 million, or about $127 million. Ripjar is currently profitable, the company confirmed.

The funding is being led by Long Ridge Equity Partners, a specialist fintech investor, with previous investors Winton Capital Ltd and Accenture plc also participating. Accenture is a strategic partner: the consultancy/systems integrator uses Ripjar’s tech to work with a number of clients in the financial services sector. Ripjar also has government clients, where its platform is used for counterterrorism work. It declines to disclose any specific names but it does note that its extensive partner list also includes the likes of PWC, BAE Systems, Dow Jones and more.

“We are excited to partner with Long Ridge who bring expertise and resources in scaling fast-growing software companies,” said Jeremy Annis, the co-founder who is both the CEO and CTO of Ripjar. “This investment signals enormous confidence in our world-leading data intelligence technology and ability to protect companies and governments from criminal behaviour which threatens their assets and prosperity. With this funding, we will accelerate the expansion of Ripjar worldwide to provide our customers with the most advanced financial crime solutions, as well as creating new iterations of the Labyrinth platform.”

The startup says that it’s had its biggest year yet — no surprise, given the circumstances. Not only has there been huge shift to online transactions in 2020 because of the rise of the Covid-19 global health pandemic; but a tightening of the world economy has led to more financial scrambling and new nefarious activity, as well as criminal acts to profit from the instability.

That’s led to inking deals with six new enterprise customers and expanding deals with four existing major clients, and Ripjar said that it now has some 20,000 clients globally.

London, as one of the world’s financial centers, has developed a strong reputation for hatching and growing interesting fintech startups, and that has also meant the UK — which also has a strong talent base in artificial intelligence — has become very fertile ground also for startups building services to help protect those fintechs.

Ripjar’s raise, and rise, come within months of two other companies building AI to combat fraud and financial crime also raising money and growing. In July, ComplyAdvantage, which has also been building a database and platform to help combat financial crime, announced a $50 million raise. And a week before that, another UK company also building AI for financial and other cybercrime detection, Quantexa, raised $64.7 million.

Ripjar counts both of these, as well as bigger targets like Palantir, among its competitors. As is most likely, the big institutions that are grappling with financial crime are most likely using a several companies’ technology at the same time.

Indeed, with the issue of money laundering alone a $2 trillion problem (with only 1-2% of that ever identified and recovered), you can see why, at least for right now, banks, governments and others would be willing to put multiple resources on the problem to try to tackle it.

“Financial institutions, corporates and government agencies face ever-increasing risks associated with financial crime and cyber threats” said Kevin Bhatt, a Managing Partner at Long Ridge, in a statement. “We believe Ripjar is well-positioned to provide artificial intelligence solutions that will allow its clients to reduce the cost of compliance, while uncovering new threats through automation. We are incredibly excited to partner with Ripjar to support their continued growth and look forward to working closely with the Ripjar team as they expand to new geographies, customers, and verticals.”

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Tyler Technologies, a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents.

Plano, Texas-based Tyler Technologies [NYSE:TYL] has some 5,300 employees and brought in revenues of more than $1 billion in 2019. It sells a broad range of services to state and local governments, including appraisal and tax software, integrated software for courts and justice agencies, enterprise financial software systems, public safety software, records/document management software solutions and transportation software solutions for schools.

Earlier today, the normal content on tylertech.com was replaced with a notice saying the site was offline. In a statement provided to KrebsOnSecurity after the markets closed central time, Tyler Tech said early this morning the company became aware that an unauthorized intruder had gained access to its phone and information technology systems.

“Upon discovery and out of an abundance of caution, we shut down points of access to external systems and immediately began investigating and remediating the problem,” Tyler’s Chief Information Officer Matt Bieri said. “We have since engaged outside IT security and forensics experts to conduct a detailed review and help us securely restore affected equipment. We are implementing enhanced monitoring systems, and we have notified law enforcement.”

“At this time and based on the evidence available to us to-date, all indications are that the impact of this incident is limited to our internal network and phone systems,” their statement continues. “We currently have no reason to believe that any client data, client servers, or hosted systems were affected.”

While it may be comforting to hear that last bit, the reality is that it is still early in the company’s investigation. Also, ransomware has moved well past just holding a victim firm’s IT systems hostage in exchange for an extortion payment: These days, ransomware purveyors will offload as much personal and financial data that they can before unleashing their malware, and then often demand a second ransom payment in exchange for a promise to delete the stolen information or to refrain from publishing it online.

Tyler Technologies declined to say how the intrusion is affecting its customers. But several readers who work in IT roles at local government systems that rely on Tyler Tech said the outage had disrupted the ability of people to pay their water bills or court payments.

“Tyler has access to a lot of these servers in cities and counties for remote support, so it was very thoughtful of them to keep everyone in the dark and possibly exposed if the attackers made off with remote support credentials while waiting for the stock market to close,” said one reader who asked to remain anonymous.

Depending on how long it takes for Tyler to recover from this incident, it could have a broad impact on the ability of many states and localities to process payments for services or provide various government resources online.

Tyler Tech has pivoted on the threat of ransomware as a selling point for many of its services, using its presence on social media to promote ransomware survival guides and incident response checklists. With any luck, the company was following some of its own advice and will weather this storm quickly.