Slapdash raises $3.7M seed to ship a workplace apps command bar

/0 Comments/in /by

The explosion in productivity software amid a broader remote work boom has been one of the pandemic’s clearest tech impacts. But learning to use a dozen new programs while having to decipher which data is hosted where can sometimes seem to have an adverse effect on worker productivity. It’s all time that users can take for granted, even when carrying out common tasks like navigating to the calendar to view more info to click a link to open the browser to redirect to the native app to open a Zoom call.

Slapdash is aiming to carve a new niche out for itself among workplace software tools, pushing a desire for peak performance to the forefront with a product that shaves seconds off each instance where a user needs to find data hosted in a cloud app or carry out an action. While most of the integration-heavy software suites to emerge during the remote work boom have focused on promoting visibility or re-skinning workflows across the tangled weave of SaaS apps, Slapdash founder Ivan Kanevski hopes that the company’s efforts to engineer a quicker path to information will push tech workers to integrate another tool into their workflow.

Wall Street needs to relax, as startups show remote work is here to stay

The team tells TechCrunch that they’ve raised $3.7 million in seed funding from investors that include S28 Capital, Quiet Capital, Quarry Ventures, UP2398 and Twenty Two Ventures. Angels participating in the round include co-founders at companies like Patreon, Docker and Zynga.

Image Credits: Slapdash

Kanevski says the team sought to emulate the success of popular apps like Superhuman, which have pushed low-latency command line interface navigation while emulating some of the sleek internal tools used at companies like Facebook, where he spent nearly six years as a software engineer.

Slapdash’s command line widget can be pulled up anywhere, once installed, with a quick keyboard shortcut. From there, users can search through a laundry list of indexable apps including Slack, Zoom, Jira and about 20 others. Beyond command line access, users can create folders of files and actions inside the full desktop app or create their own keyboard shortcuts to quickly hammer out a task. The app is available on Mac, Windows, Linux and the web.

“We’re not trying to displace the applications that you connect to Slapdash,” he says. “You won’t see us, for example, building document editing, you won’t see us building project management, just because our sort of philosophy is that we’re a neutral platform.”

The company offers a free tier for users indexing up to five apps and creating 10 commands and spaces; any more than that and you level up into a $12 per month paid plan. Things look more customized for enterprise-wide pricing. As the team hopes to make the tool essential to startups, Kanevski sees the app’s hefty utility for individual users as a clear asset in scaling up.

“If you anticipate rolling this out to larger organizations, you would want the people that are using the software to have a blast with it,” he says. “We have quite a lot of confidence that even at this sort of individual atomic level, we built something pretty joyful and helpful.”

Early Stage is the premier ‘how-to’ event for startup entrepreneurs and investors. You’ll hear first-hand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company-building: Fundraising, recruiting, sales, product market fit, PR, marketing and brand building. Each session also has audience participation built-in – there’s ample time included for audience questions and discussion. Use code “TCARTICLE” at checkout to get 20 percent off tickets right here.

Nigeria’s Termii raises $1.4M seed led by Future Africa and Kepple Africa Ventures

/0 Comments/in /by

Ideally, it is expected of every business to reach its customers effectively. However, that’s not the case as limiting factors that hinder proper digital communication come into play at different growth stages. Termii, a Nigerian communications platform-as-a-service startup that solves this problem for African businesses, announced today that it has closed a $1.4 million seed round.

The round was co-led by African early-stage VC firm Future Africa and Japanese but Africa-focused VC Kepple Africa Ventures. Other investors include Acuity Ventures, Aidi Ventures, Assembly Capital, Kairos Angels, Nama Ventures, RallyCap Ventures, and Remapped Ventures.

Angel investors like Ham Serunjogi, co-founder and CEO of Chipper Cash; Josh Jones, former co-founder and CTO, Dreamhost; and Tayo Oviosu, co-founder and CEO of Paga also participated.

Gbolade Emmanuel and Ayomide Awe launched Termii after Emmanuel’s experience as a digital marketer helped him recognize the need for businesses to have exceptional communication channels. The CEO consulted for these companies and leveraged emails to retain customers, but as he found out that this process was lethargic, he sought other channels as a replacement.

“That got me to start thinking about multichannel messaging. What it meant was that we needed to find how to allow companies to use WhatsApp, voice, SMS effectively,” he said to TechCrunch. “And we had to make the process simple because in the African market, you can’t do complex stuff. You have to be as simple as possible.”

In 2017, the company officially launched and subsequently secured investment from Lagos-based VC Microtraction. Emmanuel says the company found product-market fit two years later after collating enough data from companies in different industries to understand what they really wanted.

Termii found out that in addition to assisting businesses to retain customers, there was a clear need to verify, authenticate and engage them.

“Many of these businesses we started engaging said they required tools to effectively communicate and verify customers because they were losing money at those points. For us, we saw it was a bigger problem,” Emmanuel added.

After making some tweaks, the team began to see an increase in customers numbers, especially amongst fintech startups. Positioning itself in the fast-moving space, Termii created an API-based communication infrastructure that caters to over 500 fintech startups across the continent. That’s not all. More than 1,000 businesses and developers are also using Termii’s API.

Some of these businesses include uLesson, Yassir, Helium Health, Piggyvest, Bankly, Paga, and TeamApt.

Playing in a $3.6 billion B2C communications market estimated to grow 6% annually, Termii runs a B2B2C model. But how does it make money? While a subscription-based model would’ve made sense, the two years spent by the company trying to find PMF made them think otherwise.

So the company leverages a virtual wallet system tied to a bank account and customers can make payments to the platform using mobile money, bank transfer, and credit cards. The startup charges these wallets on a per-message basis. It also does the same on every successful customer verification made towards customers’ contacts.

The Termii team

In early 2020, Termii started seeing immense progress and this coincided with their acceptance into Y Combinator. The growth continued throughout the year, growing its messaging transactions by 1000% and experiencing a 400% increase in its ARR.

Spilling into this year, Emmanuel says the company’s revenue is growing 60% month-on-month as a result of the surge in online financial transactions which to date makes up for 68% of the company’s total messaging transactions.

The seed investment that is coming a year after Termii graduated from the YC will be used for expansion and launch more messaging offerings across Africa.

Emmanuel says the company has its sights on North Africa with a physical presence in Algeria for the expansion. The reason lies behind the fact that in this quarter, Nigeria has accounted for 76% of the company’s messaging transactions, while Algeria currently accounts for 15%.

With this new fundraising, the company plans to tap into the wealth of experience from some of its new investors like Oviosu and Serunjogi who have also taken local companies into expansion phases.

Termii’s round is also noteworthy because it strays away from the usual fintech, mobility, agritech and cleantech sectors that investors typically notice. In fact, there are only a handful of venture-backed communications platform-as-a-service companies on the continent. A notable example is Kenya’s Africa Talking. It might be a stretch to say we might see more funding activity from this segment but one thing is apparent — investors are willing to place bets on less popular sectors.

Another highlight of Termii’s investment is that while foreign investors continue to dominate rounds in African tech startups, local and Africa-focused firms are beginning to step up by leading some which is a good sign for the bubbling ecosystem.

Nigerian founders-turned-investors are now running syndicate funds

This round is also a big step for Future Africa. According to publicly available information, the firm is leading a million-dollar round for the first time since officially launching last year. This achievement is a continuation of its work over the past three quarters having invested in more than 10 African startups in the last three quarters and 30 startups in general. 

Kepple Africa Ventures, the co-lead, is also an active investor and can be argued to be the most early-stage VC firm on the continent — in terms of the number of deals made. So far, the firm has invested in 79 companies across 11 countries. 

Speaking on the investment for Kepple Africa, Satoshi Shinada, a partner at the firm, said, “Fragmented and unstable communication channels are one of the biggest challenges for the digitization of businesses in Africa. Emmanuel has proven that with his visionary goals and solid implementation of iterations on the ground, his team is unparalleled to build an innovative solution in this space.”

Early Stage is the premier ‘how-to’ event for startup entrepreneurs and investors. You’ll hear first-hand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company-building: Fundraising, recruiting, sales, product market fit, PR, marketing and brand building. Each session also has audience participation built-in – there’s ample time included for audience questions and discussion. Use code “TCARTICLE” at checkout to get 20 percent off tickets right here.

New Relic expands its AIOps services

/0 Comments/in /by

In recent years, the publicly traded observability service New Relic started adding more machine learning-based tools to its platform for AI-assisted incident response when things don’t quite go as planned. Today, it is expanding this feature set with the launch of a number of new capabilities for what it calls its “New Relic Applied Intelligence Service.”

This expansion includes an anomaly detection service that is even available for free users, the ability to group alerts from multiple tools when the models think it’s a single issue that is triggering all of these alerts and new ML-based root cause analysis to help eliminate some of the guesswork when problems occur. Also new (and in public beta) is New Relic’s ability to detect patterns and outliers in log data that is stored in the company’s data platform.

The main idea here, New Relic’s director of product marketing Michael Olson told me, is to make it easier for companies of all sizes to reap the benefits of AI-enhanced ops.

Image Credits: New Relic

“It’s been about a year since we introduced our first set of AIops capabilities with New Relic Applied Intelligence to the market,” he said. “During that time, we’ve seen significant growth in adoption of AIops capabilities through New Relic. But one of the things that we’ve heard from organizations that have yet to foray into adopting AIops capabilities as part of their incident response practice is that they often find that things like steep learning curves and long implementation and training times — and sometimes lack of confidence, or knowledge of AI and machine learning — often stand in the way.”

The new platform should be able to detect emerging problems in real time — without the team having to pre-configure alerts. And when it does so, it’ll smartly group all of the alerts from New Relic and other tools together to cut down on the alert noise and let engineers focus on the incident.

“Instead of an alert storm when a problem occurs across multiple tools, engineers get one actionable issue with alerts automatically grouped based on things like time and frequency, based on the context that they can read in the alert messages. And then now with this launch, we’re also able to look at relationship data across your systems to intelligently group and correlate alerts,” Olson explained.

Image Credits: New Relic

Maybe the highlight for the ops teams that will use these new features, though, is New Relic’s ability to pinpoint the probable root cause of a problem. As Guy Fighel, the general manager of applied intelligence and vice president of product engineering at New Relic, told me, the idea here is not to replace humans but to augment teams.

“We provide a non-black-box experience for teams to craft the decisions and correlation and logic based on their own knowledge and infuse the system with their own knowledge,” Fighel noted. “So you can get very specific based on your environment and needs. And so because of that and because we see a lot of data coming from different tools — all going into New Relic One as the data platform — our probable root cause is very accurate. Having said that, it is still a probable root cause. So although we are opinionated about it, we will never tell you, ‘hey, go fix that, because we’re 100% sure that’s the case.’ You’re the human, you’re in control.”

Amid shift to remote work, application performance monitoring is IT’s big moment

The AI system also asks users for feedback, so that the model gets refined with every new incident, too.

Fighel tells me that New Relic’s tools rely on a variety of statistical analysis methods and machine learning models. Some of those are unique to individual users while others are used across the company’s user base. He also stressed that all of the engineers who worked on this project have a background in site reliability engineering — so they are intimately familiar with the problems in this space.

With today’s launch, New Relic is also adding a new integration with PagerDuty and other incident management tools so that the state of a given issue can be synchronized bi-directionally between them.

“We want to meet our customers where they are and really be data source agnostic and enable customers to pull in data from any source, where we can then enrich that data, reduce noise and ultimately help our customers solve problems faster,” said Olson.

Early Stage is the premier “how-to” event for startup entrepreneurs and investors. You’ll hear firsthand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company building: Fundraising, recruiting, sales, product-market fit, PR, marketing and brand building. Each session also has audience participation built-in — there’s ample time included for audience questions and discussion. Use code “TCARTICLE at checkout to get 20% off tickets right here.

OctoML raises $28M Series B for its machine learning acceleration platform

/0 Comments/in /by

OctoML, a Seattle-based startup that offers a machine learning acceleration platform built on top of the open-source Apache TVM compiler framework project, today announced that it has raised a $28 million Series B funding round led by Addition. Previous investors Madrona Venture Group and Amplify Partners also participated in this round, which brings the company’s total funding to $47 million. The company last raised in April 2020, when it announced its $15 million Series A round led by Amplify

The promise of OctoML, which was founded by the team that also created TVM, is that developers can bring their models to its platform and the service will automatically optimize that model’s performance for any given cloud or edge device.

As Brazil-born OctoML co-founder and CEO Luis Ceze told me, since raising its Series A round, the company started onboarding some early adopters to its “Octomizer” SaaS platform.

Image Credits: OctoML

“It’s still in early access, but we are we have close to 1,000 early access sign-ups on the waitlist,” Ceze said. “That was a pretty strong signal for us to end up taking this [funding]. The Series B was pre-emptive. We were planning on starting to raise money right about now. We had barely started spending our Series A money — we still had a lot of that left. But since we saw this growth and we had more paying customers than we anticipated, there were a lot of signals like, ‘hey, now we can accelerate the go-to-market machinery, build a customer success team and continue expanding the engineering team to build new features.’ ”

Ceze tells me that the team also saw strong growth signals in the overall community around the TVM project (with about 1,000 people attending its virtual conference last year). As for its customer base (and companies on its waitlist), Ceze says it represents a wide range of verticals that range from defense contractors to financial services and life science companies, automotive firms and startups in a variety of fields.

Recently, OctoML also launched support for the Apple M1 chip — and saw very good performance from that.

The company has also formed partnerships with industry heavyweights like Microsoft (which is also a customer), Qualcomm and AMD to build out the open-source components and optimize its service for an even wider range of models (and larger ones, too).

Deep Science: Using machine learning to study anatomy, weather and earthquakes

On the engineering side, Ceze tells me that the team is looking at not just optimizing and tuning models but also the training process. Training ML models can quickly become costly and any service that can speed up that process leads to direct savings for its users — which in turn makes OctoML an easier sell. The plan here, Ceze tells me, is to offer an end-to-end solution where people can optimize their ML training and the resulting models and then push their models out to their preferred platform. Right now, its users still have to take the artifact that the Octomizer creates and deploy that themselves, but deployment support is on OctoML’s roadmap.

“When we first met Luis and the OctoML team, we knew they were poised to transform the way ML teams deploy their machine learning models,” said Lee Fixel, founder of Addition. “They have the vision, the talent and the technology to drive ML transformation across every major enterprise. They launched Octomizer six months ago and it’s already becoming the go-to solution developers and data scientists use to maximize ML model performance. We look forward to supporting the company’s continued growth.”

OctoML raises $15M to make optimizing ML models easier

Early Stage is the premier “how-to” event for startup entrepreneurs and investors. You’ll hear firsthand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company building: Fundraising, recruiting, sales, product-market fit, PR, marketing and brand building. Each session also has audience participation built-in — there’s ample time included for audience questions and discussion. Use code “TCARTICLE at checkout to get 20% off tickets right here.

Amazon will expand its Amazon Care on-demand healthcare offering US-wide this summer

/0 Comments/in /by

Amazon is apparently pleased with how its Amazon Care pilot in Seattle has gone, since it announced this morning that it will be expanding the offering across the U.S. this summer, and opening it up to companies of all sizes, in addition to its own employees. The Amazon Care model combines on-demand and in-person care, and is meant as a solution from the search giant to address shortfalls in current offerings for employer-sponsored healthcare.

In a blog post announcing the expansion, Amazon touted the speed of access to care made possible for its employees and their families via the remote, chat and video-based features of Amazon Care. These are facilitated via a dedicated Amazon Care app, which provides direct, live chats via a nurse or doctor. Issues that then require in-person care are then handled via a house call, so a medical professional is actually sent to your home to take care of things like administering blood tests or doing a chest exam, and prescriptions are delivered to your door as well.

The expansion is being handled differently across both in-person and remote variants of care; remote services will be available starting this summer to Amazon’s own employees, as well as other companies that sign on as customers, starting this summer. The in-person side will be rolling out more slowly, starting with availability in Washington, D.C., Baltimore, and “other cities in the coming months” according to the company.

As of today, Amazon Care is expanding in its home state of Washington to begin serving other companies. The idea is that others will sign on to make Amazon Care part of an overall benefits package for employees. Amazon is touting as a major strength of the service the speed advantages of testing services, including results delivery, for things including COVID-19.

The Amazon Care model has a surprisingly Amazon twist, too — when using the in-person care option, the app will provide an updated ETA for when to expect your physician or medical technician, which is eerily similar to how its primary app treats package delivery.

While the Amazon Care pilot in Washington only launched a year-and-a-half ago, the company has had its collective mind set on upending the corporate healthcare industry for some time now. It announced a partnership with Berkshire Hathaway and JPMorgan back at the beginning of 2018 to form a joint venture specifically to address the gaps they saw in the private corporate healthcare provider market.

Amazon, JPMorgan and Berkshire Hathaway to build their own healthcare company

That deep pocketed all-star team ended up officially disbanding at the outset of this year, after having done a whole lot of not very much in the three years in between. One of the stated reasons that Amazon and its partners gave for unpartnering was that each had made a lot of progress on its own in addressing the problems it had faced anyway. While Berkshire Hathaway and JPMorgan’s work in that regard might be less obvious, Amazon was clearly referring to Amazon Care.

It’s not unusual for large tech companies with lots of cash on the balance sheet and a need to attract and retain top-flight talent to spin up their own healthcare benefits for their workforces. Apple and Google both have their own on-campus wellness centers staffed by medical professionals, for instance. But Amazon’s ambitions have clearly exceeded those of its peers, and it looks intent on making a business line out of the work it did to improve its own employee care services — a strategy that isn’t too dissimilar from what happened with AWS, by the way.

Healthcare entrepreneurs should prepare for an upcoming VC/PE bubble

Saleor scores $2.5M seed round for its ‘headless’ e-commerce platform

/0 Comments/in /by

Saleor, a Poland and U.S.-based startup that offers a “headless” e-commerce platform to make it easier for developers to build better online shopping experiences, has raised $2.5 million in seed funding.

The round is led by Berlin’s Cherry Ventures, with participation from various angels. They include Guillermo Rauch (Vercel CEO and inventor of Next.js), Chris Schagen (former CMO of Contentful) and Kevin Mahaffey (co-founder of Lookout).

Saleor says the injection of capital will be invested in further developing Saleor‘s headless e-commerce platform, including a soon-to-launch cloud product and GraphQL API for front-end engineers.

Founded in 2020 but with a history going back to 2013, years before founders Mirek Mencel and Patryk Zawadzki spun out the product separate from their agency, Saleor is described as an “API-first” e-commerce platform that takes a “headless” approach. The idea is that the platform does the back-end heavy lifting so that developers can focus on the front end where most of the value is created for users.

“Saleor was born of necessity when our agency work at Mirumee Software required more modular, flexible and scalable e-commerce software,” Saleor co-founder Mirek Mencel recalls. “Most solutions for bigger brands came with proprietary baggage like vendor lock-in, slow adoption of new technologies and commercial certification programs. On the open-source side, we didn’t enjoy Magento’s developer experience and felt alternatives weren’t viable at scale”.

Mind the gap: E-commerce marketers should revise their TAM and SAM estimates

And so Saleor was conceived as an open-source platform focused on “technical excellence and quality” that could deliver greater scalability and extensibility than existing proprietary software. By 2016, the product had grown from something Mencel and Zawadzki’s agency used internally into a platform used by developers around the world.

“We could have stopped there, but saw brands pressing for more revolutionary front-end experiences,” Mencel says. “Decoupling Saleor’s core from its presentation layer was the obvious path to revolutionary front-ends. As difficult as it was, we tore down what was a rather good open-source e-commerce platform and rebuilt it API-first”.

Contentstack raises $31.5M Series A round for its headless CMS platform

Beyond their early headless conviction, the pair also came to the realisation that GraphQL delivered “more power, precision and developer happiness” than REST. Reasoning that most developers prefer “a few things done superbly to many things done well,” they committed exclusively to Saleor’s GraphQL API. “We have never looked back,” says Mencel.

In 2018, the original six-person team shipped Saleor 2.0. Now with a headcount of 20, Mencel says Saleor has a simple vision of developer-first commerce: open-source, GraphQL and “fair-priced” cloud — a vision that Cherry Ventures has clearly bought into.

“We are currently witnessing a paradigm shift with developers switching to headless commerce solutions, allowing more flexible, differentiated shopping experiences,” says Filip Dames, founding partner of Cherry. “Mirek, Patryk, and their team are at the forefront of this development and will enable innovative merchants to build state-of-the-art shopping experiences that scale across all consumer touch points and devices”.

“We decided to pursue venture backing as a way to increase the Saleor core team size and accelerate buildout of Saleor Cloud, which we’ll launch this year,” adds Mencel.

Contentful raises $80M Series E round for its headless CMS

SecurityScorecard snags $180M Series E to measure a company’s security risk

/0 Comments/in /by

SecurityScorecard has been helping companies understand the security risk of its vendors since 2014 by providing each one with a letter grade based on a number of dimensions. Today, the company announced a $180 million Series E.

The round includes new investors Silver Lake Waterman, T. Rowe Price, Kayne Anderson Rudnick, and Fitch Venture along with existing investors Evolution Equity Partners, Accomplice, Riverwood Capital, Intel Capital, NGP Capital, AXA Venture Partners, GV (Google Ventures) and Boldstart Ventures. The company reports it has now raised $290 million.

Co-founder and CEO Aleksandr Yampolskiy says the company’s mission has not changed since it launched. “The idea that we started the company was a realization that when I was CISO and CTO I had no metrics at my disposal. I invested in all kinds of solutions where I was completely in the dark about how I’m doing compared to the industry and how my vendors and suppliers were doing compared to me,” Yampolskiy told me.

He and his co-founder COO Sam Kassoumeh likened this to a banker looking at a mortgage application and having no credit score to check. The company changed that by starting a system of scoring the security posture of different companies and giving them a letter grade of A-F just like at school.

Today, it has ratings on more than 2 million companies worldwide, giving companies a way to understand how secure their vendors are. Yampolskiy says that his company’s solution can rate a new company not in the data set in just five minutes. Every company can see its own scorecard for free along with advice on how to improve that score.

12 top cybersecurity VCs discuss investing, valuations and no-go zones

He notes that in fact, the disastrous SolarWinds hack was entirely predictable based on SecurityScorecard’s rating system. “SolarWinds’ score has been lagging below the industry average for quite a long time, so we weren’t really particularly surprised about them,” he said.

The industry average is around 85 or a solid B in the letter grade system, whereas SolarWinds was sitting at 70 or a C for quite some time, indicating its security posture was suspect, he reports.

While Yampolskiy didn’t want to discuss valuation or revenue or even growth numbers, he did say the company has 17,000 customers worldwide including 7 of the 10 top pharmaceutical companies in the world.

The company has reached a point where this could be the last private fundraise it does before going public, but Yampolskiy kept his cards close on timing, saying it could happen some time in the next couple of years.

In the NYC enterprise startup scene, security is job one

Fintech Giant Fiserv Used Unclaimed Domain

/0 Comments/in /by

If you sell Web-based software for a living and ship code that references an unregistered domain name, you are asking for trouble. But when the same mistake is made by a Fortune 500 company, the results can range from costly to disastrous. Here’s the story of one such goof committed by Fiserv [NASDAQ:FISV], a $15 billion firm that provides online banking software and other technology solutions to thousands of financial institutions.

In November 2020, KrebsOnSecurity heard from security researcher Abraham Vegh, who noticed something odd while inspecting an email from his financial institution.

Vegh could see the message from his bank referenced a curious domain: defaultinstitution.com. A quick search of WHOIS registration records showed the domain was unregistered. Wondering whether he might receive email communications to that address if he registered the domain, Vegh snapped it up for a few dollars, set up a catch-all email account for it, and waited.

“It appears that the domain is provided as a default, and customer bank IT departments are either assuming they don’t need to change it, or are not aware that they could/should,” Vegh said, noting that a malicious person who stumbled on his discovery earlier could have had a powerful, trusted domain from which to launch email phishing attacks.

At first, only a few wayward emails arrived. Ironically enough, one was from a “quality assurance” manager at Fiserv. The automatic reply message stated that the employee was out of the office “on R&R” and would be back to work on Dec. 14.

Many other emails poured in, including numerous “bounced” messages delivered in reply to missives from Cashedge.com, a money transfer service that Fiserv acquired in 2011.

Emails get bounced — or returned to the sender — when they are sent to an address that doesn’t exist or that is no longer active. The messages had been sent to an email address for a former client solutions director at Fiserv; the “reply-to:” address in those missives was “donotreply@defaultinstitution.com”.

The messages were informing customers of CashEdge’s main service Popmoney — which lets users send, request and receive money directly from bank accounts — that Popmoney was being replaced with Zelle, a more modern bank-to-bank transfer service.

Each CashEdge missive included information about recurring transfers that were being canceled, such as the plan ID, send date, amount to be transferred, the name and last four digits of the account number the money was coming from, and the email address of the recipient account.

Incredibly, at the bottom of every message to CashEdge/Popmoney customers was a boilerplate text: “This email was sent to [recipient name here]. If you have received this email in error, please send an e-mail to customersupport@defaultinstitution.com.”

Other services that directed customers to reply to the researcher’s domain included Fiserv customer Netspend.com, a leading provider of prepaid debit cards that require no minimum balance or credit check. The messages from Netspend all were to confirm the email address tied to a new account, and concerned “me-to-me transfers” set up through its service.

Each message included a one-time code that recipients were prompted to enter at the company’s website. But from reading the many replies to these missives, it seems Netspend didn’t make it terribly obvious where users were supposed to input this code. Here’s one of the more profane examples of a customer response:

Many others emailed by Netspend expressed mystification as to why they were receiving such messages, stating they’d never signed up for the service. From the gist of those messages, the respondents were victims of identity fraud.

“My accounts were hacked and if any funding is gone your [sic] sued from me and federal trade commission,” one wrote. “I didn’t create the account. Please stop this account and let me know what’s going on,” replied another. “I never signed up for this service. Someone else is using my information,” wrote a third.

Those messages also concerned me-to-me transfers. Other emails came from Detroit-based TCF National Bank.

New York-based Union Bank also sent customer information to the researcher’s domain. Both of those messages were intended to confirm that the recipient had tied their accounts to those at another bank. And in both cases, the recipients replied that they had not authorized the linkage.

In response to questions from KrebsOnSecurity, Fiserv acknowledged that it had inadvertently included references to defaultinstitution.com as a placeholder in software solutions used by some partners.

“We have identified 5 clients for which auto-generated emails to their customers included the domain name “defaultinstitution.com” in the “reply-to” address,” Fiserv said in a written statement. “This placeholder URL was inadvertently left unchanged during implementation of these solutions. Upon being made aware of the situation we immediately conducted an analysis to locate and replace instances of the placeholder domain name. We have also notified the clients whose customers received these emails.”

Indeed, the last email Vegh’s inbox received was on Feb. 26.

This is not the first time an oversight by Fiserv has jeopardized the security and privacy of its customers. In 2018, KrebsOnSecurity revealed how a programming weakness in a software platform sold to hundreds of banks exposed personal and financial data of countless customers. Fiserv was later sued over the matter by a credit union customer; that lawsuit is still proceeding.

Vegh said he found a similar domain goof while working as a contractor at the Federal Reserve Bank of Philadelphia back in 2015. In that instance, he discovered an unregistered domain invoked by AirWatch, a mobile device management product since acquired by VMWare.

“After registering that domain I started getting traffic from all around the world from Fortune 500 company devices pinging the domain,” Vegh said.

Vegh said he plans to give Fiserv control over defaultinstitution.com, and hand over the messages intercepted by his inbox. He’s not asking for much in return.

“I had been promised a t-shirt and a case of beer for my efforts then, but alas, never received one,” he said of his interaction with AirWatch. “This time, I am hoping to actually receive a t-shirt!”

Update, 12:44 p.m. ET: The lead paragraph has been updated to reflect Fiserv’s 2020 revenues, which were nearly $15 billion.

Rising Team, with $3 million seed, is a platform that combines management tools with training

/0 Comments/in /by

Jennifer Dulski has held her fair share of leadership positions, from being president and COO of Change.org to serving as head of product for Google’s shopping and product ads to leading the team responsible for Facebook Groups.

But she’s identified a problem that most people managers will all too clearly understand: training and tools to be a great manager are at a shortage.

That’s why she founded Rising Team, which is today announcing the raise of a $3 million seed round led by Female Founders Fund, with participation from Peterson Ventures, Burst Capital, Xoogler Ventures, 500 Startups, Roble Ventures, Supernode Ventures and several angels.

Dulski explained that there are some tools for managers, like surveys from Gallup and Glint, and there are training options, like executive coaches. But there aren’t many options out there that combine the two.

“I was lucky enough to have the benefit of getting executive coaches or being sent to training, and those felt like being taught how to fish,” said Dulski. “But then it was like being dropped off at the lake with no fishing pole or bait, because I had learned all these things about how to be a good leader but I had no tools to implement what I had learned.”

Rising Team is a platform that combines tools and training to help managers motivate, organize and ultimately effectively lead their team.

The first layer of the platform is the tools suite, which includes proprietary assessments and 1:1 templates. Most employee surveys focus so heavily on the actual job, with questions about where employees can do their best work. With Rising Team, the assessments are geared toward who team members are personally, with a look at how they want to be appreciated or what they believe their talents and skills are.

This helps managers understand how to pair team members together, what tasks they should be assigned to and truly grasp what motivates each individual that works for them. Alongside these assessment tools, Rising Team also offers training in the form of videos, articles and audio resources. In the future, the company plans to add AI-based custom training tips that are powered by data from the assessments.

Rising Team is also building out a community that lets managers communicate with one another.

Interestingly, the startup is taking a bottom-up approach when it comes to revenue, pricing the product in a way that will allow individual managers to personally purchase the software, hopefully spreading the word to the rest of their team. But the door is open for organizations to get their full employee base on the product as well.

For now, Rising Team is in a free beta, so pricing has not yet been announced.

The team is currently made up of eight people, 60% of whom are female and 50% of whom are BIPOC.

“It’s really, really important to me and to our team as a whole that we build a diverse team from the start,” said Dulski. “I believe in that so firmly and all the data is really clear that more diverse teams are more successful.”

On the diversity front, 2020 may prove a tipping point

Early Stage is the premier “how-to” event for startup entrepreneurs and investors. You’ll hear firsthand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company building: Fundraising, recruiting, sales, product-market fit, PR, marketing and brand building. Each session also has audience participation built-in — there’s ample time included for audience questions and discussion. Use code “TCARTICLE” at checkout to get 20% off tickets right here.

Docker nabs $23M Series B as new developer focus takes shape

/0 Comments/in /by

It was easy to wonder what would become of Docker after it sold its enterprise business in 2019, but it regrouped last year as a cloud native container company focused on developers, and the new approach appears to be bearing fruit. Today, the company announced a $23 million Series B investment.

Tribe Capital led the round with participation from existing investors Benchmark and Insight Partners. Docker has now raised a total of $58 million including the $35 million investment it landed the same day it announced the deal with Mirantis.

To be sure, the company had a tempestuous 2019 when they changed CEOs twice, sold the enterprise division and looked to reestablish itself with a new strategy. While the pandemic made 2020 a trying time for everyone, Docker CEO Scott Johnston says that in spite of that, the strategy has begun to take shape.

“The results we think speak volumes. Not only was the strategy strong, but the execution of that strategy was strong as well,” Johnston told me. He indicated that the company added 1.7 million new developer registrations for the free version of the product for a total of more than 7.3 million registered users on the community edition.

Docker regroups as cloud-native developer tool company

As with any open-source project, the goal is to popularize the community project and turn a small percentage of those users into paying customers, but Docker’s problem prior to 2019 had been finding ways to do that. While he didn’t share specific numbers, Johnston indicated that annual recurring revenue (ARR) grew 170% last year, suggesting that they are beginning to convert more successfully.

Johnston says that’s because they have found a way to turn a certain class of developer in spite of a free version being available. “Yes, there’s a lot of upstream open-source technologies, and there are users that want to hammer together their own solutions. But we are also seeing these eight to 10 person ‘two-pizza teams’ who want to focus on building applications, and so they’re willing to pay for a service,” he said.

That open-source model tends to get the attention of investors because it comes with that built-in action at the top of the sales funnel. Tribe’s Arjun Sethi, whose firm led the investment, says his company actually was a Docker customer before investing in the company and sees a lot more growth potential.

“Tribe focuses on identifying N-of-1 companies — top-decile private tech firms that are exhibiting inflection points in their growth, with the potential to scale toward outsized outcomes with long-term venture capital. Docker fits squarely into this investment thesis [ … ],” Sethi said in a statement.

Johnston says as they look ahead post-pandemic, he’s learned a lot since his team moved out of the office last year. After surveying employees, they were surprised to learn that most have been happier working at home, having more time to spend with family, while taking away a grueling commute. As a result, he sees going virtual first, even after it’s safe to reopen offices.

That said, he is planning to offer a way to get teams together for in-person gatherings and a full company get-together once a year.

“We’ll be virtual first, but then with the savings of the real estate that we’re no longer paying for, we’re going to bring people together and make sure we have that social glue,” he said.

Where top VCs are investing in open source and dev tools (Part 1 of 2)

After selling enterprise biz, Docker lands $35M investment and new CEO

Early Stage is the premier “how-to” event for startup entrepreneurs and investors. You’ll hear firsthand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company building: Fundraising, recruiting, sales, product-market fit, PR, marketing and brand building. Each session also has audience participation built in — there’s ample time included for audience questions and discussion. Use code “TCARTICLE at checkout to get 20% off tickets right here.