Atlanta’s SalesLoft raises $100M for its digital sales platform, now valued at $1.1B

The COVID-19 pandemic and specifically need for social distancing to slow the spread of the virus have continued to keep many of us away from the office. Now, increasingly, many organizations and people believe that it could usher in a more permanent shift to remote, distributed and virtual work. Today, a startup that has built a set of tools specifically to help salespeople with that change — by way of digital sales — has raised a substantial growth round to meet that demand.

SalesLoft, a sales platform based out of Atlanta, Georgia that provides AI-based tools to help salespeople run their sales process virtually — from finding and following up on leads, through to helping them sell with virtual coaching tools, and then assisting in the post-sales process — has closed $100 million in funding.

The company’s co-founder and CEO Kyle Porter confirmed to TechCrunch that the company is now valued at $1.1 billion post-money, a substantial hike on its previous valuation. In April 2019, well before any global health pandemics, the company had raised a Series D of $70 million at around a $600 million valuation (a figure we confirmed at the time with sources close to the company).

This latest round is being led by Owl Rock Capital, with previous investors Insight Partners, HarbourVest, and Emergence Capital — a VC focused specifically on enterprise startups, which notably was an early backer of Zoom and many others — also participating.

SalesLoft has now raised some $245 million, an impressive sum for any startup, but also worth pointing out for the fact that it’s not based out of the Valley but Atlanta, Georgia (a state in the news for other reasons at the moment, as the focus of a hotly contested U.S. Senate runoff election).

The company has been on a growth tear for several years now, as one of the big players in the area of so-called sales engagement: tools to help salespeople sell better to clients (or would-be clients), which can include real-time monitoring of interactions to provide coaching to improve the process, suggestions for supplementary content to enhance the pitch and more basic software simply to manage records and communications.

Even before the pandemic hit, this was a key growth area in enterprise software, with both in-person and online/digital salespeople relying on these kinds of products to help them get more of an edge with their work, but a lot of the focus had really been on inside sales (B2B sales focusing on bigger purchases). Porter described the effect of COVID-19 as a “tailwind” propelling that already strong trend.

“The effects of COVID have been a tailwind due to the effects of digital selling,” he said. “All sellers immediately became remote. But now the genie is out of the bottle and not going back in. It’s meant that inside sales are now all sales. Whether the opportunities are mid-funnel or upgrades or renewals, we are establishing ourselves as the engagement platform of record because it’s all becoming digital and all sellers are finding more success.”

He added that SalesLoft’s own sales cycle has improved by 40% since the pandemic, a reflection, he said, of the “urgency and need” for tools like those that the startup develops.

Another shift has been in terms of the kinds of customers SalesLoft works with. The company originally was focused on the mid-market, but that has changed with more larger enterprises also coming on board. Google, LinkedIn (which backs SalesLoft and is in a strategic partnership with it), Cisco, Dell and IBM are all customers, and Porter said that more “mainstream” businesses like Cargil, 3M and Standard & Poor are also increasingly becoming clients.

That is leading the startup to building out bigger solutions, beyond the basic pitch of “sales engagement” that has been SalesLoft’s mainstay up to now. The company competes against a plethora of others, including ClariChorus.aiGongConversicaAfiniti and Outreach, as well as biggies like Salesforce. Outreach, notably, had a big mid-COVID round of its own, raising at a $1.3 billion valuation in June last year, a mark of that wider market demand. Porter notes that SalesLoft’s big selling point is that it offers an increasingly end-to-end sales solution to customers, meaning less shopping around.

Chronosphere nabs $43M Series B to expand cloud native monitoring tool

Chronosphere, the scalable cloud native monitoring tool launched in 2019 by two former Uber engineers, announced a $43.4 million Series B today. The company also announced that their service was generally available starting today.

Greylock, Lux Capital and venture capitalist Lee Fixel, all of whom participated in the startup’s $11 million Series A in 2019, led the round with participation from new investor General Atlantic. The company has raised $54.4 million.

The two founders, CEO Martin Mao and CTO Rob Skillington, created the open-source M3 monitoring project while they were working at Uber, and left in 2019 to launch Chronosphere, a startup based on that project. As Mao told me at the time of the A round, the company wanted to simplify the management of running the open source project:

M3 itself is a fairly complex piece of technology to run. It is solving a fairly complex problem at large scale, and running it actually requires a decent amount of investment to run at large scale, so the first thing we’re doing is taking care of that management,

He said that the company spent most of last year iterating the product and working with beta customers, adding that they certainly benefited from building the commercial service on top of the open-source project.

“I think we’re lucky that we have the foundation already from the open-source project, but we really wanted to focus a lot on building a product on top of that technology and really have this product be differentiated, so that was most of the focus of 2020 for us,” he said.

Mao points out that he and Skillington weren’t looking for this new round of funding as they still had money left from the A round, but the company’s previous investors approached them and they decided to strike to add additional money to the balance sheet, which would help grow the company, attract employees and help reassure customers they had plenty of capital to continue building the product and the company.

As the company has developed over the last year, it has been adding employees at a rapid clip, growing from 13 at the time of the A round in 2019 to 50 today with plans to double that by the end of next year. Mao says the founders have been thinking about how to build a diverse company from its early days.

“So [ … ] beginning last year we were making sure we were hiring the right leaders, and the right recruiting team who also care about diversity, then following that we made company-wide goals and targets for both gender and ethnic diversity, and then [we have been] holding ourselves accountable on these particular goals and tracking against them,” Mao said.

The company has been spread out from the beginning, even before COVID, with offices in Seattle, New York and Lithuania, and that has helped in terms of having a broader base to recruit from. Mao wants to remain mostly remote whenever it’s possible to return to the office, but maintain hubs on each coast where employees can meet and see each other in person.

With the product generally available today, the company will look to expand its customer base, and with the open-source project to drive interest, they have a proven way to attract new customers to the commercial product.

How Segment redesigned its core systems to solve an existential scaling crisis

Segment, the startup Twilio bought last fall for $3.2 billion, was just beginning to take off in 2015 when it ran into a scaling problem: It was growing so quickly, the tools it had built to process marketing data on its platform were starting to outgrow the original system design.

Inaction would cause the company to hit a technology wall, managers feared. Every early-stage startup craves growth and Segment was no exception, but it also needed to begin thinking about how to make its data platform more resilient or reach a point where it could no longer handle the data it was moving through the system. It was — in a real sense — an existential crisis for the young business.

The project that came out of their efforts was called Centrifuge, and its purpose was to move data through Segment’s data pipes to wherever customers needed it quickly and efficiently at the lowest operating cost.

Segment’s engineering team began thinking hard about what a more robust and scalable system would look like. As it turned out, their vision would evolve in a number of ways between the end of 2015 and today, and with each iteration, they would take a leap in terms of how efficiently they allocated resources and processed data moving through its systems.

The project that came out of their efforts was called Centrifuge, and its purpose was to move data through Segment’s data pipes to wherever customers needed it quickly and efficiently at the lowest operating cost. This is the story of how that system came together.

Growing pains

The systemic issues became apparent the way they often do — when customers began complaining. When Tido Carriero, Segment’s chief product development officer, came on board at the end of 2015, he was charged with finding a solution. The issue involved the original system design, which like many early iterations from startups was designed to get the product to market with little thought given to future growth and the technical debt payment was coming due.

“We had [designed] our initial integrations architecture in a way that just wasn’t scalable in a number of different ways. We had been experiencing massive growth, and our CEO [Peter Reinhardt] came to me maybe three times within a month and reported various scaling challenges that either customers or partners of ours had alerted him to,” said Carriero.

The good news was that it was attracting customers and partners to the platform at a rapid clip, but it could all have come crashing down if the company didn’t improve the underlying system architecture to support the robust growth. As Carriero reports, that made it a stressful time, but having come from Dropbox, he was actually in a position to understand that it’s possible to completely rearchitect the business’s technology platform and live to tell about it.

“One of the things I learned from my past life [at Dropbox] is when you have a problem that’s just so core to your business, at a certain point you start to realize that you are the only company in the world kind of experiencing this problem at this kind of scale,” he said. For Dropbox that was related to storage, and for Segment it was processing large amounts of data concurrently.

In the build-versus-buy equation, Carriero knew that he had to build his way out of the problem. There was nothing out there that could solve Segment’s unique scaling issues. “Obviously that led us to believe that we really need to think about this a little bit differently, and that was when our Centrifuge V2 architecture was born,” he said.

Building the imperfect beast

The company began measuring system performance, at the time processing 8,442 events per second. When it began building V2 of its architecture, that number had grown to an average of 18,907 events per second.

Hamas May Be Threat to 8chan, QAnon Online

In October 2020, KrebsOnSecurity looked at how a web of sites connected to conspiracy theory movements QAnon and 8chan were being kept online by DDoS-Guard, a dodgy Russian firm that also hosts the official site for the terrorist group Hamas. New research shows DDoS-Guard relies on data centers provided by a U.S.-based publicly traded company, which experts say could be exposed to civil and criminal liabilities as a result of DDoS-Guard’s business with Hamas.

Many of the IP address ranges in in this map of QAnon and 8Chan-related sites — are assigned to VanwaTech. Source: twitter.com/Redrum_of_Crows

Last year’s story examined how a phone call to Oregon-based CNServers was all it took to briefly sideline multiple websites related to 8chan/8kun — a controversial online image board linked to several mass shootings — and QAnon, the far-right conspiracy theory which holds that a cabal of Satanic pedophiles is running a global child sex-trafficking ring and plotting against President Donald Trump.

From that piece:

A large number of 8kun and QAnon-related sites (see map above) are connected to the Web via a single Internet provider in Vancouver, Wash. called VanwaTech (a.k.a. “OrcaTech“). Previous appeals to VanwaTech to disconnect these sites have fallen on deaf ears, as the company’s owner Nick Lim reportedly has been working with 8kun’s administrators to keep the sites online in the name of protecting free speech.

After that story, CNServers and a U.K.-based hosting firm called SpartanHost both cut ties with VanwaTech. Following a brief disconnection, the sites came back online with the help of DDoS-Guard, an Internet company based in Russia. DDoS-Guard is now VanwaTech’s sole connection to the larger Internet.

A review of the several thousand websites hosted by DDoS-Guard is revelatory, as it includes a vast number of phishing sites and domains tied to cybercrime services or forums online.

Replying to requests for comment from a CBSNews reporter following up on my Oct. 2020 story, DDoS-Guard issued a statement saying, “We observe network neutrality and are convinced that any activity not prohibited by law in our country has the right to exist.”

But experts say DDoS-Guard’s business arrangement with a Denver-based publicly traded data center firm could create legal headaches for the latter thanks to the Russian company’s support of Hamas.

In a press release issued in late 2019, DDoS-Guard said its services rely in part on a traffic-scrubbing facility in Los Angeles owned by CoreSite [NYSE:COR], a real estate investment trust which invests in “carrier-neutral data centers and provides colocation and peering services.”

This facilities map published by DDoS-Guard suggests the company’s network actually has at least two points of presence in the United States.

Hamas has long been named by the U.S. Treasury and State departments as a Specially Designated Global Terrorist (SDGT) organization. Under such a designation, any U.S. person or organization that provides money, goods or services to an SDGT entity could face civil and/or criminal prosecution and hefty fines ranging from $250,000 to $1 million per violation.

Sean Buckley, a former Justice Department prosecutor with the law firm Kobre & Kim, said U.S. persons and companies within the United States “are prohibited from any transaction or dealing in property or interests in property blocked pursuant to an entity’s designation as a SDGT, including but not limited to the making or receiving of any contribution of funds, goods, or services to or for the benefit of individuals or entities so designated.”

CoreSite did not respond to multiple requests for comment. But Buckley said companies can incur fines and prosecution for violating SDGT sanctions even when they don’t know that they are doing so.

In 2019, for example, a U.S. based cosmetics company was fined $1 million after investigators determined its eyelash kits were sourcing materials from North Korea, even though the supplier in that case told the cosmetics firm the materials had come from China.

“U.S. persons or companies found to willfully violate these regulations can be subject to criminal penalties under the International Emergency Economic Powers Act,” Buckley said. “However, even in the case that they are unaware they’re violating these regulations, or if the transaction isn’t directly with the sanctioned entity, these companies still run a risk of facing substantial civil and monetary penalties by the Department of Treasury’s Office of Foreign Asset Control if the sanctioned entity stands to benefit from such a transaction.”

DDoS-Guard said its partnership with CoreSite will help its stable of websites load more quickly and reliably for people visiting them from the United States. It is possible that when and if CoreSite decides it’s too risky to continue doing business with DDoS-Guard, sites like those affiliated with Hamas, QAnon and 8Chan may become more difficult to reach.

Meanwhile, DDoS-Guard customer VanwaTech continues to host a slew of sites promoting the conspiracy theory that the U.S. 2020 presidential election was stolen from President Donald Trump via widespread voting fraud and hacked voting machines, including maga[.]host, donaldsarmy[.]us, and donaldwon[.]com.

These sites are being used to help coordinate a protest rally in Washington, D.C. on January 6, 2021, the same day the U.S. Congress is slated to count electoral votes certified by the Electoral College, which in December elected Joseph R. Biden as the 46th president of The United States.

In a tweet late last year, President Trump urged his supporters to attend the Jan. 6 protest, saying the event “will be wild.”

8chan, which has rebranded as 8kun, has been linked to white supremacism, neo-Nazism, antisemitism, multiple mass shootings, and child pornography. The FBI in 2019 identified QAnon as a potential domestic terror threat, noting that some of its followers have been linked to violent incidents motivated by fringe beliefs.

2020 was a record year for Israel’s security startup ecosystem

From COVID-19’s curve to election polls, public temperature checks to stimulus checks, 2020 was dominated by numbers — the guiding compass of any self-respecting venture capital investor.

As a VC exclusively focused on investments in Israeli cybersecurity, the numbers that guide us have become some of the most interesting to watch over the course of the past year.

The start of a new year presents the perfect opportunity to reflect on the annual performance of Israel’s cybersecurity ecosystem and prepare for what the next twelve months of innovation will bring. With the global cybersecurity market outperforming this year’s panic-stricken expectations, we carefully combed through the figures to see how Israel’s market, its strongest performer, compared — and predict what it has in store.

The cybersecurity market continues to draw the confidence of investors, who appear to recognize its heightened importance during times of crisis.

The “cyber nation” not only remained strong throughout the pandemic, but even saw a rise in fundraising, especially around application and cloud security, following the emergence of remote workflow security gaps brought on by social distancing. Encouraged by this, investors have demonstrated committed enthusiasm to its growth and M&A landscape.

Emboldened by the sector’s overall strength and new opportunities, today’s Israeli visionaries are developing stronger convictions to build larger companies; many of them, already successful entrepreneurs, are making their own bets in the industry as serial entrepreneurs and angel investors.

The numbers also reveal how investors are increasingly concentrating their funds on larger seed rounds for serial entrepreneurs and the foremost industry trends. More than $2.75 billion was poured into the industry this year to back companies across all stages, a 97% increase from last year’s $1.39 billion. If its long-term slope is any indication, we can only expect it to continue to grow.

However, though they clearly indicate progress, the numbers still make the need for a demographic reset clear. Like the rest of the industry, Israel’s cybersecurity ecosystem must adapt to the pace of change set out by this year’s social movements, and the time has long passed for true diversity and gender representation in cybersecurity leadership.

Seed rounds reveal fascinating shifts

As the market’s biggest leaders garner experience and expertise, the bar for entry to Israel’s cybersecurity startup ecosystem has gradually risen over the years. However, this did not appear to impact this year’s entrepreneurial breakthroughs. 58% of Israel’s newly founded cybersecurity companies received seed rounds this year, totaling 64 seeded companies in 2020 compared with last year’s 61. The total number of newly founded companies increased by 5%, reversing last year’s downward trend.

The amount invested at seed hit an all-time high as average deal size in 2020 increased by 11%, amounting to an average of $5.2 million per deal. This continues an upward trend in average seed rounds, which have surged over the last four years due to sizable year-on-year increases. It also provides further support for a shift toward higher caliber seed rounds with a strategically focused and “all-in” approach. In other words, founders that meet the new bar for entry are raising bigger rounds for more ambitious visions.

YL ventures seed trends 2020

Image Credits: YL Ventures

Where is the money going?

2020 proved an exceptional year for application security and cloud security startups. Perhaps the runaway successes of Snyk and Checkmarx left strong impressions. This year saw an explosive 140% increase in application security company seed investments (such as Enso Security, build.security and CloudEssence), as well as a whopping 200% increase in cloud security seed investments (like Solvo and DoControl), from last year.

The Good, the Bad and the Ugly in Cybersecurity – Week 1

The Good

This past week saw cybersecurity end 2020 on a couple of high notes. First, we were delighted to learn that the UK’s National Crime Agency has apprehended 21 individuals in relation to purchasing stolen data from the now defunct online criminal marketplace WeLeakInfo.

The site, which was taken down at the beginning of 2020, had hosted some 12 billion stolen credentials harvested from over 10,000 data breaches. Those arrested were males aged between 18 and 38, suspected of fraud and/or offences against the Computer Misuse Act. Along with the arrests, around $55,000 in Bitcoin was also seized.

Earlier in December, Microsoft shared information about how the recent SolarWinds breach and the nation-state actor thought to be behind it was targeting its Azure/Microsoft 365 customers. Good to hear that this week CISA’s Cloud Forensics team has released an open-source PowerShell tool for incident responders called Sparrow, which helps detect possible compromised accounts. Among other things, the script checks for known IoCs related to SolarWinds, lists Azure AD domains and checks certain API permissions to identify potential malicious activity. The seriousness of this recent APT campaign cannot be underestimated, and CISA’s tool is a welcome addition in the fight to secure enterprises against the consequences of the SolarWinds supply chain attack.

The Bad

We’re all looking forward to better news in 2021, particularly regarding COVID-19 and the continued roll out and development of vaccines, but the lure of easy spoils from organizations focusing on responding to the pandemic continues to be too much to resist for some threat actors. This past week a laboratory in Belgium working on COVID-19 was brought to halt after cyber criminals infected the General Medical Laboratory (ANL) in Antwerp with ransomware.

The AML is a private enterprise handling around 3000 COVID-19 tests daily and ranks as the largest private testing laboratory in the country, handling around 5% of the nation’s cases.

Although similar attacks such as last month’s breach of the European Medicines Agency also targeted data theft, there is as yet no evidence of patient data having been stolen. Details also remain unclear as to which strain of ransomware was involved or what amount the attackers are seeking for the ransom. However, forcing a COVID-19 testing facility into downtime at this stage of the pandemic is already a cost we could all well do without.

The Ugly

Finally this week, another ugly data breach hit the news, this time all the more unsightly as the data exposed belongs to 930,000 US children, teens and college students.

According to reports, GetSchooled, an education charity founded by Viacom and the Bill & Melinda Gates Foundation, exposed the PII (personally identifiable information) of students in a database containing 125 million records with names, addresses, phone numbers, ages, gender, school and graduation details. GetSchooled, however, has stated that the number of leaked records is closer to 250,000, with only 75,000 linked to email addresses that remain active.

It is not known how long the data was exposed for, but there is some concern about the extended timeline. The breach was reported to a UK cyber security company, TurgenSec, by an unidentified third party. The security firm then informed GetSchooled of the issue on November 17th. However, it took until December 21st for the issue to be resolved, and an investigation and review are said to be pending until after the New Year. That timeline has attracted some criticism, and the lack of details regarding the original source that reported the breach is also a worry.

As we’ve seen in the past and noted above in relation to the WeLeakInfo marketplace, this kind of data once exposed can soon end up being dumped in hacker forums or found for sale in darknet market places, where it is traded for use in phishing attacks, identity theft, automated account takeovers, fraud and other criminal activities.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security