The fintech endgame: New supercompanies combine the best of software and financials

If money is the ultimate commodity, how can fintechs — which sell money, move money or sell insurance against monetary loss — build products that remain differentiated and create lasting value over time?

And why are so many software companies — which already boast highly differentiated offerings and serve huge markets— moving to offer financial services embedded within their products?

A new and attractive hybrid category of company is emerging at the intersection of software and financial services, creating buzz in the investment and entrepreneurial communities, as we discussed at our “Fintech: The Endgame” virtual conference and accompanying report this week.

These specialized companies — in some cases, software companies that also process payments and hold funds on behalf of their customers, and in others, financial-first companies that integrate workflow and features more reminiscent of software companies — combine some of the best attributes of both categories.

Image Credits: Battery Ventures

From software, they design for strong user engagement linked to helpful, intuitive products that drive retention over the long term. From financials, they draw on the ability to earn revenues indexed to the growth of a customer’s business.

Fintech is poised to revolutionize financial services, both through reinventing existing products and driving new business models as financial services become more pervasive within other sectors.

The powerful combination of these two models is rapidly driving both public and private market value as investors grant these “super” companies premium valuations — in the public sphere, nearly twice the median multiple of pure software companies, according to a Battery analysis.

The near-perfect example of this phenomenon is Shopify, the company that made its name selling software to help business owners launch and manage online stores. Despite achieving notable scale with this original SaaS product, Shopify today makes twice as much revenue from payments as it does from software by enabling those business owners to accept credit card payments and acting as its own payment processor.

The combination of a software solution indexed to e-commerce growth, combined with a profitable payments stream growing even faster than its software revenues, has investors granting Shopify a 31x multiple on its forward revenues, according to CapIQ data as of May 26.

How should we value these fintech companies, anyway?

Before even talking about how investors should value these hybrid companies, it’s worth making the point that in both private and public markets, fintechs have been notoriously hard to value, fomenting controversy and debate in the investment community.

Securing Hybrid Cloud Containerized Workloads in AWS ECS Anywhere with SentinelOne Singularity

SentinelOne Announces Day 1 Support for Amazon ECS Anywhere

As a further commitment to AWS customers, SentinelOne has announced Day 1 support for AWS’ new Amazon Elastic Container Service (ECS) Anywhere. ECS Anywhere is an evolution of Amazon’s popular Elastic Container Service – a fully managed container orchestration service that helps quickly deploy, manage and scale containerized applications. ECS Anywhere extends the container orchestration capabilities of Amazon ECS to containers running in hybrid cloud environments.

Securing Hybrid Cloud

Many organizations are leaning into a cloud-first approach; however, some critical workloads remain on-premise due to business or compliance requirements and many still have existing investments in on-premise data center infrastructure. According to Flexera’s 2021 State of the Cloud Report, 82 percent of organizations have a hybrid cloud strategy. Hybrid cloud gives the best of both worlds – the scalability, elasticity, and cost benefits of the public cloud with a bridge to leverage existing multi-cloud and on-premises infrastructure investments.

Singularity Cloud Workload Security extends security and visibility to assets running on public clouds, private clouds, and on-premises data centers. Security teams can manage both Linux and Windows servers and Docker/Kubernetes containers from one platform.  Singularity Cloud brings industry-leading protection and EDR to cloud workloads, as evidenced by the 2020 MITRE Engenuity ATT&CK evaluation, where SentinelOne delivered 100% visibility and zero misses across emulated activity from the Carbanak/FIN7 advanced threat groups.

How Does ECS Anywhere Work?

ECS Anywhere extends the rich capabilities of Amazon ECS to on-premise infrastructure, enabling the easy deployment and management of containerized workloads no matter where they run. The ECS Anywhere solution is a hybrid cloud control plane to manage containers anywhere with no complex orchestration needed. Whether run in AWS or on-premise, customers will have the same cluster management, workload scheduling, and monitoring they are familiar with in Amazon ECS. The homogeneous management enables consistent operational models across cloud and on-prem environments.

Additionally, ECS Anywhere brings elastic scalability to the data center to accommodate spikes in workload demand. ECS Anywhere enables containerized applications running on-premise to use existing infrastructure as base capacity and burst excess demand to ECS containers running in AWS. The hybrid operating model optimizes utilization of sunk CapEx investments in existing infrastructure while providing the hyper-scale of the AWS cloud. This model makes it easier to containerize existing on-premise applications, with the flexibility to migrate to the cloud later.

What Does SentinelOne Bring To ECS Anywhere?

The SentinelOne solution works flawlessly with the new ECS Anywhere service. Simply install the SentinelOne agent onto the Linux compute resources being used to power your ECS Anywhere clusters and enjoy all the best that SentinelOne has to offer.

A single featherweight Sentinel agent delivers runtime, AI-driven protection, detection, and response at machine speed across the hybrid cloud estate. The Kubernetes Sentinel brings ActiveEDR™ to Docker containers and both self-managed and managed Kubernetes services like EKS, ECS and ECS Anywhere with automated kill and quarantine, application control, and complete remote shell forensics.

Our agent is DevOps friendly – auto-deployed as a DaemonSet, a single, resource-efficient Kubernetes Sentinel agent that protects the K8s worker, its pods, and containers without any container instrumentation to gum up the works. Plus, our agent operates entirely in user space: no tainted kernels, no kernel panics, and freedom to update your AMI at will without fear of conflicting with the Sentinel agent.

SentinelOne gathers cloud metadata from the workload, making it easy to tag, group and manage policy based on the workload characteristics. In this case, the agent can see the information about the workload and its underlying Docker container. To simplify management, we can take all instances with a particular image ID and apply a more granular or hardened policy.

“Since Amazon ECS Anywhere is about choice, flexibility, and simplicity to fuel customer innovation, it is only natural that SentinelOne partners with AWS to secure customers’ digital transformation,” says Ric Smith, Chief Technology Officer, SentinelOne. “Our Singularity™ Platform delivers industry-leading protection and XDR to containerized workloads, whether on-premises or in AWS.”

Customers around the world choose SentinelOne to secure their digital transformation. SentinelOne was recently named a Leader in the 2021 Gartner Magic Quadrant for Endpoint Protection Platforms1 and was the only vendor to score highest across all three critical capabilities use cases in the 2021 Gartner Critical Capabilities for Endpoint Protection Platforms2. No matter your organizational needs, when it comes to delivering autonomous cybersecurity for endpoint, cloud, and IoT, SentinelOne is the right choice.

SentinelOne delivers cloud security outcomes, including:

  • Consolidation
    • The Singularity platform consolidates security functions for protecting, detecting, and responding to threats across endpoints, cloud workloads, and IoT. Manage multi-cloud security with a single, SaaS platform built on AWS to remove friction and increase productivity.
  • Enterprise-Grade EDR for Virtual Machines and Containers
    • Cloud VMs and containers are just as vulnerable to zero-day attacks and malware as user endpoints.  Runtime protection, detection, and response are key to cloud workload security. SentinelOne delivers full-featured workload protection and EDR, with cloud metadata integration to facilitate remote forensics and cloud ops management.
  • Agility
    • SentinelOne operates entirely in user space: no tainted kernels, no kernel panics, and freedom to update your AMI at will without fear of conflicting with the Sentinel agent. Keeps your users’ endpoints and workloads secured so that they can continue to innovate at full throttle.

SentinelOne is powered by AWS and is available on the AWS Marketplace. Learn more about SentinelOne and AWS or join our upcoming webinar to see how SentinelOne brings AI-powered threat prevention, detection, and response to AWS workloads.


GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

1. Gartner, Magic Quadrant for Endpoint Protection Platforms, Paul Webber, Peter Firstbrook, Rob Smith, Mark Harris Prateek Bhajanka, 5 May 2021.
2. Gartner, Critical Capabilities for Endpoint Protection Platforms, Mark Harris, Peter Firstbrook, Rob Smith, Paul Webber Prateek Bhajanka, 6 May 2021.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Whatfix nabs $90M to help workers onboard and get the most out of their IT stacks

“Digital transformation” has been on the mind of many an organization in the last year: the pandemic and the shift it’s brought to how we work are speeding up investments in new apps, infrastructure and work practices to improve productivity regardless of where we sit all day. Now, it looks like we’re on to the next stage of that journey: actually figuring out how to adopt and run with all that new tech.

In a sign of the times, today a startup called Whatfix — which has built a platform that helps make better use of tech investments by giving chatbot-style guidance to users on how to use apps, with the option also to apply AI to understand what a person is doing to suggest what actions to take next — is announcing $90 million in funding. It will use the money to continue expanding its tech platform and hiring more talent to meet demand, said CEO Khadim Batti, who co-founded the company with Vara Kumar (CTO), in an interview this week.

Sources close to the company — co-headquartered in San Jose and Bangalore — confirmed that the Series D round was made at a valuation of around $600 million, triple Whatfix’s value in its Series C round last year.

That sharp rise is due in part to the state of the market today, but also the company’s growth within that bigger trend. Whatfix today has some 500 global customers on its books, The Netherlands Red Cross, Experian, Sentry Financial Services, Cardinal Health Canada, BMC Software Inc., and Bausch & Lomb among them. Some 75% of its business is coming out of the U.S., with another 18% from Europe. Revenues in the last six months have been growing at a rate of 100% quarter-on-quarter.

“This pandemic has proven an inflection point for adoption,” said Batti (pictured above, left with Kumar, right).

This latest tranche of equity funding is coming from a mix of financial and strategic investors.

SoftBank’s Vision Fund 2 is leading the round, with Eight Roads Ventures, Sequoia Capital India, Dragoneer Investment Group, F-Prime Capital and Cisco Investments also investing. The company has raised just under $140 million in total.

“Digital adoption solutions” — the general term describing what Whatfix has built — have become a popular solution for enterprises that have found themselves in an IT pickle, Batti said.

“We’ve seen more than $500 billion spent on enterprise software, with areas like SaaS growing very fast. There is so much there, and every employee has access to do better work. But most are not adopting or using that software. This means a lot [of inefficiency] in ‘digital transformation,’” said Batti. “We are focusing on fixing this problem.”

Digital adoption and digital experience overall can come in many forms these days.

They include assistants that are embedded directly into apps themselves (with some versions of this — such as Clippy on Word — nearly as old as software itself). The category also includes separate platforms that integrate at the back end with the apps that you use, providing not just a single ingestion point for data but intelligence on how best to use it, and what to use. (Dooly for sales teams is an example of that, although I don’t know if it would describe itself as a “digital adoption solution” per se.)

Others like Pendo are geared more at observing how your sites and apps are being adopted and used by others. And there are a number of others out there specifically looking at digital adoption by enterprises and competing directly with Whatfix: they include Apty, Userlane, Applearn.

One of the biggest — WalkMe — yesterday announced an IPO at an estimated $2.5 billion valuation.

Overall digital adoption and digital experience are big businesses: one analyst estimates that the market is growing currently at a rate of just under 11% annually and will be worth $15.8 billion by 2025.

Whatfix is built around the premise that it sits on top of whatever apps a company may choose to use, and will work with just about any piece of modern software, Batti said. That includes Whatfix being able to provide assistance on apps even when they have been customised for a particular workplace. It most commonly appears like a little chatbot on the user’s screen, like the one in this paragraph, which can expand with more details and information as needed, like this:

The company works with the most popular software packages — including Salesforce, MS Dynamics, Oracle’s CRM platform, ServiceNow, SuccessFactors, SharePoint, Workday — but, since it is used in the form of a browser extension or an overlay integrated by a company’s IT department, it can be used to help guide people with any application that’s available over the web. Batti said that one priority the startup has is to build deeper integrations with specific apps so that Whatfix can be used better across mobile and with local apps in future, not just via the web.

Many might think of “digital adoption” as training someone to use a particular software package, and while Whatfix is used for that, the company has also found a lot of traction as a tool beyond it, providing support on a more regular basis and across a wider variety of use cases, whether it’s to help guide people through app usage, or to monitor what they are doing in order to help suggest what to do next, and even populate relevant fields if “next” means using a different app.

The platform can be used to create usage guides, multilingual support, multi-device support, user tracking and more, and it comes with low-code options (it can be intergrated into an app with a single line of code, the company says).

The company claims its assistants can increase employee productivity by 35%, reduce training time and costs by 60%, reduce employee case tickets by 50% and increase application data accuracy by 20%.

While the field for digital adoption is very crowded today, it’s numbers like these, Whatfix’s own growth, and the fact that software is continuing to get more capable, but also more complex, that have interested investors.

“Digital Adoption Solutions are enhancing the growth and importance of SaaS products for enterprises globally,” said Munish Varma, Managing Partner, SoftBank Investment Advisers, in a statement. “Whatfix makes it easier for companies to use SaaS products, which increases productivity. Whatfix, with its roster of global clients, is well placed to become a DAS leader, and we are excited to be part of their journey.” Sumer Juneja, Partner, SoftBank Investment Advisers, added: “Enterprises spend billions on applications across multiple functions and yet employee adoption is low. Quick adoption ensures payback on software investments. Whatfix’s solutions will be a key driver for enterprises to achieve this goal, which is reflected in their growth.”

What will be interesting to watch is how platforms like Whatfix’s will evolve over time, and what further functions they might take on. For example, in enterprises, one of the biggest vulnerabilities in security has been how people mistakenly click on dodgy links in emails or otherwise inadvertently pass on information to malicious hackers. Could there be a role for digital adoption assistants to identify when this might happen and alert people before they click the wrong way? Regardless, the question and very existence of loopholes like that are signals for why we’ll probably why we’ll continue to see tools like Whatfix’s around for some time to come.

Network security startup ExtraHop skips and jumps to $900M exit

Last year, Seattle-based network security startup ExtraHop was riding high, quickly approaching $100 million in ARR and even making noises about a possible IPO in 2021. But there will be no IPO, at least for now, as the company announced this morning it has been acquired by a pair of private equity firms for $900 million.

The firms, Bain Capital Private Equity and Crosspoint Capital Partners, are buying a security solution that provides controls across a hybrid environment, something that could be useful as more companies find themselves in a position where they have some assets on-site and some in the cloud.

The company is part of the narrower Network Detection and Response (NDR) market. According to Jesse Rothstein, ExtraHop’s chief technology officer and co-founder, it’s a technology that is suited to today’s threat landscape, “I will say that ExtraHop’s north star has always really remained the same, and that has been around extracting intelligence from all of the network traffic in the wire data. This is where I think the network detection and response space is particularly well suited to protecting against advanced threats,” he told TechCrunch.

The company uses analytics and machine learning to figure out if there are threats and where they are coming from, regardless of how customers are deploying infrastructure. Rothstein said he envisions a world where environments have become more distributed with less defined perimeters and more porous networks.

“So the ability to have this high-quality detection and response capability utilizing next generation machine learning technology and behavioral analytics is so very important,” he said.

Max de Groen, managing director at Bain, says his company was attracted to the NDR space, and saw ExtraHop as a key player. “As we looked at the NDR market, ExtraHop, which [ … ] has spent 14 years building the product, really stood out as the best individual technology in the space,” de Groen told us.

Security remains a frothy market with lots of growth potential. We continue to see a mix of startups and established platform players jockeying for position, and private equity firms often try to establish a package of services. Last week, Symphony Technology Group bought FireEye’s product group for $1.2 billion, just a couple of months after snagging McAfee’s enterprise business for $4 billion as it tries to cobble together a comprehensive enterprise security solution.

Sinch snaps up MessageMedia for $1.3B to compete with Twilio in business SMS services

Sinch — the Swedish company that provides a suite of services for companies to build communications and specifically “customer engagement” into their services by way of APIs — has made yet another acquisition in its global march to scale up its business and compete more squarely with Twilio. The company today announced that it has acquired MessageMedia, a provider of SMS and other messaging services for businesses to manage customer relations, user authentication, alerts and more.

The acquisition is being made for $1.3 billion — comprised of $1.1 billion in cash and the rest in shares (or in Sweden’s currency, SEK10,745 million in total based on Sinch’s share price and yesterdays exchange rate). The deal is expected to close in the second half of this year.

The deal is notable not just for giving Sinch a major inroad into the world of business SMS, but also because of the timing. Less than a month ago, Sinch’s big rival Twilio announced that it would acquire ZipWhip, another big player in the same area of business SMS, for $850 million.

MessageMedia, based out of Melbourne, Australia, is currently operational also in New Zealand, the U.S. and Europe, and it focuses on providing services primarily to the SMB market with a self-service platform where customers can build and operate services, with the option of using a web portal provided by MessageMedia to handle the traffic.

It has some 60,000 customers and handles 5 billion+ messages annually, Sinch said. Growth is particularly strong in the U.S. market, where MessageMedia is adding 1,500 new customers each month. Alongside SMS, it also provides tech for companies to build MMS experiences and mobile landing pages, and it also provides them with tools to integrate other features as well as an API gateway.

Sinch itself says it handles some 150 billion mobile customer engagements for its customers annually, and it has eight of the 10 biggest tech companies as customers.

Sinch is publicly traded in Sweden and currently has a market cap of $13.6 billion, and the deal comes just weeks after the company announced that it would be raising $1.1 billion for more acquisitions, with a big chunk of the money coming from SoftBank, one of its major backers.

Given the size of this deal announced today, now we know which deal Sinch had in mind. It would be interesting to know whether Sinch’s move to buy MessageMedia predated Twilio’s for ZipWhip, which definitely does not feel like a coincidence.

“Sinch powers mobile customer engagement for some of the largest brands and technology platforms in the world. With the acquisition of MessageMedia, Sinch will now be able to bring the benefits of enhanced mobile customer engagement to every small business on the planet,” CEO Oscar Werner said to TechCrunch. “No longer will you need the deep pockets of an enterprise or the technical skills of an engineer to deliver first-class customer experiences.”

Sinch has been on a fast pace of buying up companies in recent times to scale up its existing business, tapping not just into the huge surge of people using phones and the internet to communicate in these pandemic-stricken times, but also to bulk up and have more economies of scale in the communications industry, essentially a business built on aggregating incremental revenues.

That fact has led to a lot of consolidation, with Twilio also buying up strategic, smaller businesses in quick order.

In this regard, MessageMedia is a strong buy for Sinch because it’s generating strong cash. MessageMedia is expected to make $151 million in profits for the year ending June 30, with gross profits of $94 million and EBITDA of $51 million, Sinch said. Sinch itself is also profitable.

Sinch’s other deals have included Inteliquent for $1.14 billion, ACL in India for $70 million and SAP’s digital interconnect business for $250 million.

For its part, MessageMedia very much plays into and is a product of the same API economy that has lifted the likes of Twilio, Stripe and many others built on the premise of knitting together very complex services, which customers can then use by way of simple lines of code that they integrate into their own digital operations, be it websites, apps, or internal systems.

Communications, and specifically messaging API-based systems are estimated to be a $9-13 billion market, Sinch said, with the U.S. accounting for 30% of that, and the global market projected to grow between 25-30% until 2024. SMBs, who might lack the resources to build such tools from the ground up, are a big part of that activity.

“Mobile messaging delivers tremendous ROI but smaller businesses often lack tools that cater to their specific needs,” said Paul Perrett, MessageMedia CEO, in a statement. “Serving these customers presents a tremendous opportunity, and with Sinch we can build a global leader in our field.”

Carlyle acquires 1E.com, an endpoint and hybrid working specialist, in $270M deal

Remote work was the order of the day for the past 16 months, but as we (fingers crossed) move out of the pandemic, it’s looking like a lot of people may move into a new era of hybrid work: less focus being present in offices to feel like you are getting things done, less time commuting and more time to be productive. To help better address that opportunity, a company called 1E, which builds solutions for companies to enable hybrid working along with managing the wider space of endpoint management, has been acquired by Carlyle on the heels of a strong year of business.

The private equity firm has picked up the London-based company in a deal that values the company at $270 million.

The acquisition is coming in the form of a majority stake with CEO and co-founder Sumir Karayi maintaining a significant minority stake, along with employees of the company. The firm is completely bootstrapped — no outside investors, no VCs on the cap table prior to this deal — and profitable, with growth of 28% in the last year.

The birth and now exit of 1E is an interesting counterpoint to that of most of the enterprise startups that you will read about on the pages of TechCrunch, or maybe in tech press overall.

The company was started in 1997 when Karayi and co-founders Phil Wilcock and Mark Blackburn were at Microsoft working as in-house consultants helping enterprises adopt and adapt to Microsoft software. Karayi decided he wanted to start something of his own, rather than, in his words, “working for Microsoft forever.”

Given his background, his business started first as a consultancy, but he said that it didn’t take long to pivot, since “We realized that the problems we were looking to solve we needed to build technology to do that, so we started to write our own software.”

The company got its start as a Microsoft shop, building endpoint technology management, along with tools to help companies manage their computer terminals and networks better. That included products like NightWatchman, a power management tool for PCs and servers that helped save energy consumption for businesses; Nomad, a bandwidth management tool that helps reduce server usage; and Shopping, a platform for companies to build app store-like experiences for internal employees or customer-facing tools.

Over time — years before the COVID-19 pandemic — that also evolved into software to enable hybrid working environments, which were already emerging as a thing and already posing challenges to businesses and users.

“The challenge was that remote working was a second-class experience,” he said, with technical support, software usage, network connectivity, device issues and just about everything harder to sort out when problems arose for workers not working in the office. So 1E — a play on the last two characters of the error message you get on a failing PC, “STOP 0x0000001E” — built software to address that, too.

Overall the company amassed some 40 patents on its technology, which now is used across more than 11 million devices among 500 large enterprise customers, including AT&T, Nestlé and a number of big banks that can’t be named.

It’s been the remote working software that has seen the company through an especially strong year — no surprise there, given the environment many of us have been working in — where businesses have been buying its tools as part of their “digital transformation” efforts, and it was this that got Karayi thinking that the company — which had largely built the business it had today on an employee base of people who just like building new things, and word-of-mouth between end users — could finally do with an outside investment and cash injection to take the business to the next level.

“We’re going through a seismic change right now and we think it’s a big opportunity for 1E,” he noted, adding that while many of us might feel like remote work is everywhere, he believes this is just the beginning of how to enable better remote working. “I think the office boat has sailed,” he said.

1E went with Carlyle among a number of other bidders as it seemed like the right fit: strong support and understanding of the business, combined with a well-recognized name. The plan more generally is to follow the PE playbook if all goes well: four years of growth, with “all later options open.”

“We were attracted to 1E’s fully integrated digital experience technology, which is differentiated by its advanced remediation and automation capabilities, and are delighted to partner with Sumir as we support the company as it enters its next phase of growth,” said Fernando Chueca, a managing director in the Carlyle Europe Technology Partners (CETP) advisory team. “With strong industry tailwinds, we believe 1E has significant growth opportunities and we look forward to supporting another founder-backed business to scale through investments in product innovation, commercial operations, and international expansion.”

ChartHop raises $35M for its internal org chart and people analytics platform

Human resources is generally a salient cornerstone of any organization, but digitization has democratized a lot of the work that goes into HR, and that’s meant more people in businesses interested in, and using, the kind of data that HR people build and typically manage. Today, a startup called ChartHop that’s built a platform to cater to that trend is announcing $35 million in funding on the heels of strong growth.

The Series B is being led by Andreessen Horowitz, a past backer, with Elad Gil and previous investors Cowboy Ventures and SemperVirens also participating. We understand from sources close to the company that the round values ChartHop at between $300 million and $400 million.

ChartHop was founded in New York by Ian White, now the CEO, who first started building the tools to fill what he felt were gaps in his own knowledge when he founded, ran and eventually sold his previous company, Sailthru (which was acquired by CampaignMonitor).

He said he realized the company could build “all the tech we wanted,” but when it came down to thinking about how to run and scale the business, that was at its heart actually a people question, and also understanding how departments, and the entire organization, looked and worked as a whole.

Image Credits: ChartHop

“It was not as important as hiring, structuring a ‘single you’ of the organization,” he said. (Ian’s pictured here to the right.) Similar to the great analytics tools that have been built for developers, sales teams and others, “What I wanted was people analytics,” he said. “I wanted to understand my team.”

That’s actually a very multifaceted question. It’s not just a matter of an org chart — a big enough task in its own right that the very day that ChartHop came out of stealth in early 2020, another org chart startup, The Org, launched, too. It’s also retention strategy, employee satisfaction, turnover statistics, diversity statistics, predictive visualizations on finances if one area was compensated differently, or if hiring were frozen, etc. “All of those problems became mine and there was no great software out there to solve for it,” White said.

The ChartHop platform is built like all strong structures these days in the world of tech: tons of integrations to feed data into ChartHop to make it richer; tons of integrations also to export and use that data in more dedicated applications when needed; and an easy way for everyone to update data but also put in place easy and strong protections to keep confidential data as it should be.

And while HR still “owns” the platform, White said, it can be accessed and used by anyone in the organization, and it is.

It seems that others have found the talent management software market lacking for it, too. Since 2019 it went from a team of one — White himself — to 75, with 130 corporates now using its services. The list has a strong list of household company names with a heavy emphasis in tech, from what White showed me. Revenues in the last 12 months — a time when the spread-out nature of many of our workplaces has meant an even greater need for a platform to manage all the information has possibly reached a high water mark — have grown at a rate of 17% month-by-month.

“With HR and people functions so crucial to the growth and success of businesses, it’s unfortunate that most HR teams lack the critical people data to drive organizational decision making,” said David Ulevitch, general partner at Andreessen Horowitz, in a statement. “ChartHop is the solution to this all-too-common problem, and is built by company leaders who have felt this pain personally. ChartHop’s visual approach to people analytics allows leaders to make organizational planning and strategy decisions with confidence. We’re thrilled to lead ChartHop’s Series B because of their impressive growth, the company’s vision, and the terrific, mission-oriented team they’ve assembled.” He also led the company’s seed round in February 2020.

“Since implementing ChartHop earlier this year, we’ve seen significant improvement in our engagement with talent routines as they’re managed via ChartHop,” said Sara Howe, vice president human resources at ZoomInfo, a customer of ChartHop, in a statement. “Our employees have found the simple user interface and the centralized view of their data as the most helpful features. Leaders across ZoomInfo have also leveraged ChartHop to ensure that their organizations are well structured to support our continued rapid growth.”

Segment launches customer journey tool to build fine-grained personal experiences

Twilio Segment announced a tool, which is available starting today, to help marketers create fine-grained customer journeys. Until now the company has enabled marketers to build buyer personas and broader audiences, but this enables users to have much greater control of their interactions with a customer.

Company co-founder and CEO Peter Reinhardt says that marketers have been craving the ability to build more customized customer journeys and this tool gives them that. “It’s basically taking the power that existed in personas and audiences and actually putting it fully in marketers’ hands to build their dream journeys across every channel with the best data,” he said.

This enables marketers to stitch together a whole sequence of audiences. “Say when someone comes to the top of the funnel, they want to do X, then if they want to branch it and use X or Y, then do two different things, and you can keep branching and personalizing via this whole journey to cover the whole lifecycle.”

He says this capability has existed in some tools, but the Twilio Segment offering enables it to be used in more than 300 tools in the Segment ecosystem. “This is the first time that we’re going to be able to really do that and orchestrate this way, not just for a limited subset of channels, but across all of the channels,” he said.

Marketers can build branching by dragging and dropping journey components to send people on different paths depending on things like if they are a regular customer or a first-time customer or just about anything you can think of. Reinhardt says that flexibility is a key attribute of the new feature.

While it’s competing with some major players like Adobe and Salesforce in this space, Reinhardt believes this capability really gives Twilio a leg up over the competitors. “I think if you look at more of the legacy journey builders, [their products] are not built on real-time data, meaning that they’re actually missing basically all of the interesting behavioral data that marketers actually build on,” he said.

Segment was acquired by Twilio last year for $3.2 billion, and part of the reason for that was to increase its customer engagement capabilities. Segment gives Twilio a customer data platform to build on top of its other communications tooling, and today’s announcement expands on that capability.

Honeywell and Cambridge Quantum form joint venture to build a new full-stack quantum business

Honeywell, which only recently announced its entry into the quantum computing race, and Cambridge Quantum Computing (CQ), which focuses on building software for quantum computers, today announced that they are combining Honeywell’s Quantum Solutions (HQS) business with Cambridge Quantum in the form of a new joint venture.

Honeywell has long partnered with CQ, and invested in the company last year, too. The idea here is to combine Honeywell’s hardware expertise with CQ’s software focus to build what the two companies call “the world’s highest-performing quantum computer and a full suite of quantum software, including the first and most advanced quantum operating system.”

The merged companies (or “combination,” as the companies’ press releases calls it) expect the deal to be completed in the third quarter of 2021. Honeywell Chairman and CEO Darius Adamczyk will become the chairman of the new company. CQ founder and CEO Ilyas Khan will become the CEO and current Honeywell Quantum Solutions President Tony Uttley will remain in this role at the new company.

The idea here is for Honeywell to spin off HQS and combine it with CQC to form a new company, while still playing a role in its leadership and finances. Honeywell will own a majority stake in the new company and invest between $270 and $300 million. It will also have a long-term agreement with the new company to build the ion traps at the core of its quantum hardware. CQ’s shareholders will own 45% of the new company.

Image Credits: Honeywell

“The new company will have the best talent in the industry, the world’s highest-performing quantum computer, the first and most advanced quantum operating system, and comprehensive, hardware-agnostic software that will drive the future of the quantum computing industry,” said Adamczyk. “The new company will be extremely well positioned to create value in the near-term within the quantum computing industry by offering the critical global infrastructure needed to support the sector’s explosive growth.”

The companies argue that a successful quantum business will need to be supported by large-scale investments and offer a one-stop shop for customers that combines hardware and software. By combining the two companies now, they note, they’ll be able to build on their respective leadership positions in their areas of expertise and scale their businesses while also accelerate their R&D and product roadmaps.

“Since we first announced Honeywell’s quantum business in 2018, we have heard from many investors who have been eager to invest directly in our leading technologies at the forefront of this exciting and dynamic industry — now, they will be able to do so,” Adamczyk said. “The new company will provide the best avenue for us to onboard new, diverse sources of capital at scale that will help drive rapid growth.”

CQ launched in 2014 and now has about 150 employees. The company raised a total of $72.8 million, including a $45 million round, which it announced last December. Honeywell, IBM Ventures, JSR Corporation, Serendipity Capital, Alvarium Investments and Talipot Holdings invested in this last round — which also means that IBM, which uses a different technology but, in many ways, directly competes with the new company, now owns a (small) part of it.

Microsoft Patches Six Zero-Day Security Holes

Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks.

June’s Patch Tuesday addresses just 49 security holes — about half the normal number of vulnerabilities lately. But what this month lacks in volume it makes up for in urgency: Microsoft warns that bad guys are leveraging a half-dozen of those weaknesses to break into computers in targeted attacks.

Among the zero-days are:

CVE-2021-33742, a remote code execution bug in a Windows HTML component.
CVE-2021-31955, an information disclosure bug in the Windows Kernel
CVE-2021-31956, an elevation of privilege flaw in Windows NTFS
CVE-2021-33739, an elevation of privilege flaw in the Microsoft Desktop Window Manager
CVE-2021-31201, an elevation of privilege flaw in the Microsoft Enhanced Cryptographic Provider
CVE-2021-31199, an elevation of privilege flaw in the Microsoft Enhanced Cryptographic Provider

Kevin Breen, director of cyber threat research at Immersive Labs, said elevation of privilege flaws are just as valuable to attackers as remote code execution bugs: Once the attacker has gained an initial foothold, he can move laterally across the network and uncover further ways to escalate to system or domain-level access.

“This can be hugely damaging in the event of ransomware attacks, where high privileges can enable the attackers to stop or destroy backups and other security tools,” Breen said. “The ‘exploit detected’ tag means attackers are actively using them, so for me, it’s the most important piece of information we need to prioritize the patches.”

Microsoft also patched five critical bugs — flaws that can be remotely exploited to seize control over the targeted Windows computer without any help from users. CVE-2021-31959 affects everything from Windows 7 through Windows 10 and Server versions 2008, 2012, 2016 and 2019.

Sharepoint also got a critical update in CVE-2021-31963; Microsoft says this one is less likely to be exploited, but then critical Sharepoint flaws are a favorite target of ransomware criminals.

Interestingly, two of the Windows zero-day flaws — CVE-2021-31201 and CVE-2021-31199 — are related to a patch Adobe released recently for CVE-2021-28550, a flaw in Adobe Acrobat and Reader that also is being actively exploited.

“Attackers have been seen exploiting these vulnerabilities by sending victims specially crafted PDFs, often attached in a phishing email, that when opened on the victim’s machine, the attacker is able to gain arbitrary code execution,” said Christopher Hass, director of information security and research at Automox. “There are no workarounds for these vulnerabilities, patching as soon as possible is highly recommended.”

In addition to updating Acrobat and Reader, Adobe patched flaws in a slew of other products today, including Adobe Connect, Photoshop, and Creative Cloud. The full list is here, with links to updates.

The usual disclaimer:

Before you update with this month’s patch batch, please make sure you have backed up your system and/or important files. It’s not uncommon for Windows updates to hose one’s system or prevent it from booting properly, and some updates even have been known to erase or corrupt files.

So do yourself a favor and backup before installing any patches. Windows 10 even has some built-in tools to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.

And if you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, see this guide.

As always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there’s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips.

For a quick visual breakdown of each update released today and its severity level, check out the this Patch Tuesday post from the SANS Internet Storm Center.