The CockroachDB EC-1

Every application is a palimpsest of technologies, each layer forming a base that enables the next layer to function. Web front ends rely on JavaScript and browser DOM, which rely on back-end APIs, which themselves rely on databases.

As one goes deeper down the stack, engineering decisions become ever more conservative — changing the location of a button in a web app is an inconvenience; changing a database engine can radically upend an entire project.

It’s little surprise then that database technologies are among the longest-lasting engineering projects in the modern software developer toolkit. MySQL, which remains one of the most popular database engines in the world, was first released in the mid-1990s, and Oracle Database, launched more than four decades ago, is still widely used in high-performance corporate environments.

Database technology can change the world, but the world in these parts changes very, very slowly. That’s made building a startup in the sector a tough equation: Sales cycles can be painfully slow, even when new features can dramatically expand a developer’s capabilities. Competition is stiff and comes from some of the largest and most entrenched tech companies in the world. Exits have also been few and far between.

That challenge — and opportunity — is what makes studying Cockroach Labs so interesting. The company behind CockroachDB attempts to solve a long-standing problem in large-scale, distributed database architecture: How to make it so that data created in one place on the planet is always available for consumption by applications that are thousands of miles away, immediately and accurately. Making global data always available immediately and accurately might sound like a simple use case, but in reality it’s quite the herculean task. Cockroach Labs’ story is one of an uphill struggle, but one that saw it turn into a next-generation, $2-billion-valued database contender.

The lead writer of this EC-1 is Bob Reselman. Reselman has been writing about the enterprise software market for more than two decades, with a particular emphasis on teaching and educating engineers on technology. The lead editor for this package was Danny Crichton, the assistant editor was Ram Iyer, the copy editor was Richard Dal Porto, figures were designed by Bob Reselman and stylized by Bryce Durbin, and illustrations were drawn by Nigel Sussman.

CockroachDB had no say in the content of this analysis and did not get advance access to it. Reselman has no financial ties to CockroachDB or other conflicts of interest to disclose.

The CockroachDB EC-1 comprises four main articles numbering 9,100 words and a reading time of 37 minutes. Here’s what we’ll be crawling over:

We’re always iterating on the EC-1 format. If you have questions, comments or ideas, please send an email to TechCrunch Managing Editor Danny Crichton at danny@techcrunch.com.

PrintNightmare | Latest Patch Almost Puts Microsoft Vulnerability to Bed

Executive Summary

  • A remote code execution vulnerability is being dubbed ‘PrintNightmare’ (CVE-2021-34527 and CVE-2021-1675).
  • The vulnerabilities are present in the Windows Spooler Service present on all Windows versions.
  • Microsoft has released two patches to address these vulnerabilities (an Out-of_Band update on July 1 as well as the July 13th monthly update).
  • Exploit code is readily available and has already been folded into popular hacking tools like Mimikatz and the Metasploit framework.
  • SentinelOne has provided DeepVisibility queries to detect attempts to exploit PrintNightmare in customer environments.

What Happened?

On June 29, 2021, details emerged of a remotely exploitable vulnerability in the Microsoft Windows Print Spooler service affecting all versions of Windows to date. The vulnerability was originally discovered by security researchers at Sangfor Technologies and responsibly disclosed to Microsoft. Variants of the vulnerability, appropriately dubbed ‘PrintNightmare’, are tracked under CVE-2021-34527 and CVE-2021-1675. They allow Remote Code Execution and have now been folded into popular attack tools like Mimikatz and Metasploit. Microsoft has released updated versions of their patches and guidance as of July 13th. That said, if Microsoft’s instructions are not carefully followed, hosts may still be left exposed to exploitation.

The PrintNightmare Rapidly Escalates

Initially, it was believed that the vulnerability could only be exploited on Windows Servers; however, researchers found an alternative call flow to the vulnerable function that allows attacking any Windows machine running the Print Spooler service. Much of the severity lies in the ease of exploitation: it is network exploitable, requires no user interaction, and can be initiated from a lower-privileged context. All of that is a recipe for quick adoption by attackers of all stripes.

In this flaw, the Windows Print Spooler service improperly governs access to RpcAddPrinterDriverEx(), resulting in the ability to achieve SYSTEM privileges, and subsequently execute code within that context. The vulnerability was first exploited using the RpcAddPrinterDriverEx API. Subsequently, newer versions of the exploit began using an alternative execution flow calling the function RpcAsyncAddPrinterDriver to bypass detections. Ultimately, the flaw allows for the loading of a malicious DLL of the attacker’s choice, making the vulnerability ideal for multiple stages in the attack chain.

The vulnerability affects all supported versions of Microsoft Windows (servers and workstations alike). Hosts with the Windows Print Spooler Service running are exposed to potential exploitation.

Several days after Microsoft Emergency patch (KB5005010) was published, researchers published a full bypass which still allows full remote exploitation of a fully patched and rebooted system. The PrintNightmare attack was quickly integrated into mainstream attack tools such as MetaSploit, Mimikatz, and WinPwn.

One Demo/PoC of PrintNightmare Exploitation (by cube0x0)

This case continues to highlight vulnerabilities in older aspects of the Windows codebase, and the printing infrastructure in particular. During 2020-2021 multiple previous vulnerabilities were discovered in the Print Spooler/Fax code including: FaxHell (Oct 2020), CVE-2020-1337 (Aug 2020), Evil Printer (Jun 2020), PrintDemon (May 2020). In addition, it is critical to note that attackers will continue looking for systems exposed to this vulnerability for years to come. It is probable that this flaw will fall in with MS08-067 and other ‘commodity’ vulnerabilities that seem to linger far past their welcome.

Mitigation and Workarounds

In addition to applying the revised update from Microsoft, there are multiple Microsoft remediation suggestions with registry changes and GPO policies.

  1. Install the official updates from Microsoft
  2. Follow additional guidance from Microsoft regarding registry settings and/or GPO updates:
    • HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTPrintersPointAndPrint (set to 0)
    • NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)
    • UpdatePromptSettings = 0 (DWORD) or not defined (default setting)

Additional Workarounds

If you are unable to apply the latest patch or use the suggestions above, it is also possible to disable inbound remote printing via Group Policy. This can be done via PowerShell

Stop-Service -Name Spooler -Force
Set-Service -Name Spooler -StartupType Disabled

or via gpedit.msc:

Computer Configuration / Administrative Templates / PrintersAllow Print Spooler to accept client connections Disabled

Note: The Print Spooler service will need to be restarted following this change.

Disable remote printing via gpedit.msc

Finding Drivers Vulnerable to PrintNightmare

SentinelOne customers can also proactively search for vulnerable drivers using the following Deep Visibility query:

EventType In ( "File Rename","File Creation" ) AND TgtFilePath Contains Anycase "spooldriversx64" AND TgtFilePath Contains Anycase "Old" AND TgtFilePath Contains Anycase "dll" AND TgtFileIsSigned != "signed" AND AgentMachineType In ( "Server" )
Hunting for PrintNightmare in Deep Visibility

Conclusion

PrintNightmare (CVE-2021-34527) is a critical, high impact, and easily exploitable vulnerability, which has already found its way into the toolsets of cybercriminals. We recommend expediting the deployment and installation of Microsoft’s official security update. In addition, there are a number of workarounds available that can help mitigate some of the risk.

This is a sobering example of how quickly these flaws can unravel once released into the wild. The challenge lies in our ability to rapidly pivot, manage the risk, and employ available countermeasures. Modern endpoint security products like SentinelOne’s Singularity Platform, which proactively provide rapid threat hunting packs, are key in providing the visibility and protection around new and emerging threats.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Railsbank raises $70M to build out its fintech-as-a-service platform

Financial services as a service — where entities like neobanks, retailers and others can create and sell their own financial products by way of a few lines of code and APIs — has been one of the bigger trends in the world of fintech in recent years, with embedded finance on its way to being a $7.2 trillion market by 2030, according to a forecast from Bain Capital. Now, one of the companies building and providing those APIs is announcing some growth funding to expand.

Railsbank, which builds APIs for banking, payment cards and credit products for use by fintechs but also a wide range of other kinds of businesses, has raised $70 million in new equity funding, money that the London startup plans to use to continue growing internationally and to add more features to its product set.

“Our mission is to reinvent, unbundle and democratise access to the complex, opaque and byzantine 70-year-old credit card market, which is worth $4 trillion in the U.S. alone,” Nigel Verdon, CEO and co-founder of Railsbank, told TechCrunch in an interview last year. Verdon is a repeat entrepreneur, with one of his previous companies being Currency Cloud.

Railsbank not disclosing its valuation, but Verdon hints that it is in the high hundreds of millions and close to $1 billion.

“As a policy, we rarely talk about valuation as we prefer to talk about customers,” he told TechCrunch today. “Valuation is a very inward-facing and self-centered metric. Saying that, near-unicorn would best describe us today.”

As a point of comparison data from PitchBook noted that the company was valued at just under $200 million in its last round at the end of last year (we reported on it here).

This latest round is being led by Anthos Capital, a previous backer of the company, with Central Capital, Cohen and Company, and Chris Adelsbach’s fund Outrun Ventures, as well as other unnamed previous backers also participating. Central Capital is a strategic investor: It’s the VC arm of the largest privately held bank in Indonesia, while Cohen and Company is the founder of Bancorp. Those backers speak to where Railsbank is targeting its services and who is interested in potentially working with it.

Banking as a service, and other financial products as a service, has become one of the most significant building blocks not just in the world of fintech, but in financial services overall. As with Twilio or Sinch in communications, or Stripe in payments, the idea here is that financial specialists have built out the complicated infrastructure and partnerships that underpin a product like a credit card, or a banking account.

This is then packaged up in a service that can be integrated into another one by way of an API, and the small amount of code needed to add it to another platform. In turn, that API can be used not just by another financial services company that is consumer- or business-facing, but by any kind of company that sees offering a financial product as part of a bigger customer service and loyalty play. That could mean a retailer offering its own-brand credit card, but also a “neobank” that is building a slick front end with great customer service and personalization, without needing to build the now-commoditized banking infrastructure underneath it to run it.

Railsbank is far from being the only company that has identified and built around this concept. Other big players include Rapyd, which raised a big round at a $2.5 billion valuation earlier this year; Unit, which also has been picking up funding and growing; FintechOS, which really does what its name says; and the startup 10x was even built for incumbent players to also have access to lighter fintech as a service.

Railsbank believes its distinct from many of its would-be competitors in part because it has built a lot of its own infrastructure from the ground up (hence the “rails” in its name), “bypassing” legacy players, in contrast to others that are built as software that still ultimately runs on top of stacks (and inefficiencies) of those older providers. This also means that it is regulated as a financial institution.

Railsbank is also in the business of making some acquisitions in order to grow its business, for example acquiring the U.K. business of German fintech Wirecard when it was crashing due to financial malpractices. And it doesn’t build everything from scratch: Earlier this year it also partnered with Plaid to embed some of its services within Railsbank’s.

Railsbank does not disclose a full list of customer names but has case studies on a number of smaller clients that speak to just how widely proliferated financial services are today. They include GoSolo, Kyshi and SimpledCard.

“The market has evolved so rapidly since we founded the world’s first BaaS business, the Bancorp,” noted Betsy Cohen, chairman of Fintech Masala and founder of Bancorp, in a statement. “As we move into the $7 trillion embedded finance market, it has been great watching Railsbank’s growth story. With this investment, it’s a privilege to continue to be part of the journey with a global leader like Railsbank.”

YuLife nabs $70M at a $346M valuation for its gamified, wellness-oriented approach to life insurance

Life insurance — financial protection you buy against your death — may not read like the liveliest of industries on paper. But a life insurance startup that believes it can turn that stigma around, by infusing the concept with gamification and a push toward wellness and health — and change the life insurance industry in the process — is today announcing significant funding, a sign of the traction it’s getting for its big ideas.

YuLife, a London startup that has built a new kind of life insurance concept — it incentivizes and rewards users to focus on their physical and mental health through a gamified interface — has raised $70 million in what is, to date, one of the largest Series Bs raised by an insurtech startup in Europe.

Led by Target Global, the round also included Eurazeo, Latitude and previous backers Creandum, Notion Capital, Anthemis, MMC Ventures, and OurCrowd. Sammy Rubin, YuLife’s CEO and founder, confirmed that the round values YuLife at $346 million (£250 million).

The company will be using the funding to continue expanding its business, build more products on its platform, and importantly continue to invest in the technology that it uses to run its service and determine how its policies should run.

“Our insurance is about helping people live healthier and longer lives,” Rubin said in an interview. “If we can help to reduce claims while incentivizing people to do that, it’s a win-win.” But it’s about more than that, he added. “We are building a new type of risk model where we are able to create new actuarial tables, which have not been updated in 200 years. Actually, I think smoker rates and how they’ve changed was the last update. So, most will just look at your age and whether you are a smoker and that’s it.”

YuLife is currently active only in the U.K. and is only sold directly to organizations, who in turn provide it to their employees. That business currently — which also includes income protection and critical illness cover — provides $15 billion of coverage and has seen 10x growth in the last year — a bumper one for life insurance policies, possibly for the worst reasons (hello, pandemic; goodbye, predicting what the future might look like). Customers include Capital One, Co-op, Curve, Havas Media, Severn Trent and Sodexo.

That $15 billion is just a drop in the bucket in an industry that is currently estimated to be worth some $2.2 trillion.

The company got its start on the back of a persistent problem that Rubin experienced at his previous insurance startup PruProtect (which is now called Vitality Life).

“Usually insurance benefits just sit on a shelf and never get used,” he said. YuLife set out to change that by making the policy “all about engagement.”

The app — built by veterans of the gaming industry — is designed around the concept of different environments, currently covering forest, ocean, desert and mountains, which YuLife collectively terms its “Yuniverse.” (This incidentally also became a template for the company’s HQ design in London.)

Within each of these environments, users are encouraged to walk, cycle, meditate and do other activities to get around their environments in a healthy way, while at the same time being able to compare their progress against other co-workers. There is a degree of personalization in everyone’s experience, in that one person leaning into one activity over another seems to produce different subsequent scenarios.

Along with this, users are offered discounts on third-party products to further engage with the game within YuLife, which could include a subscription to meditation app Calm, FitBit and Garmin devices, and more.

As users make their way through their worlds, they get rewards, in the form of something called YuCoins. The YuCoins can in turn be used to redeem vouchers from the likes of Amazon and Asos to buy things … consumerism being another way to improve happiness for some of us.

All of this sums up as more than just a policy aimed at giving people peace of mind for their families should they depart this world.

“Long term, it’s not just about health, it’s about lifestyle,” Rubin said.

It’s also about YuLife’s business: The various products that it offers are built around an affiliate model, so there is a business interest for the company around offering and seeing items purchased and redeemed. However, this is not essential to using the app as a policy holder.

The win-win theme runs strong, but so too does the fact that YuLife is taking a different approach altogether, in an industry where most of the “disruption” has up to now been more about how to buy life insurance, rather than reassessing what life insurance actually is. For others in the space doing just that, see DeadHappy, BIMA, and the Jay-Z-backed Ethos. That being said, it’s also not the only one tackling “lifestyle” as part of life insurance: Sproutt is another rethinking that area as well.

“YuLife is redefining life insurance, using the most innovative technologies to transform a largely traditional industry,” said Ben Kaminski, partner, Target Global, in a statement. “With health and well-being increasingly thrust into the limelight in the wake of COVID-19, YuLife is fundamentally changing insurance by incentivizing people to lead healthier lifestyles. YuLife is ideally positioned to build on its tenfold growth during the pandemic and lead the way in helping its clients respond to the challenges posed by an ever-changing working environment. We are very proud to partner with YuLife on its journey of becoming a global leader in life insurance.”

Former Nutanix execs launch new startup with $50M seed round

Today a new software company from two former Nutanix executives called DevRev emerged from stealth with a $50 million seed round from Mayfield Fund, Khosla Ventures and several industry luminaries. The company, which aims to bring the coding and revenue processes closer together, already has 75 employees working on the new software platform, which they hope to have ready to launch later this year.

It’s not every day you see a $50 million seed round, but perhaps the fact that former Nutanix co-founder and CEO Dheeraj Pandey and his former SVP of engineering Manoj Agarwal are involved, could help explain the investor enthusiasm for the new project.

Pandey says that he has seen a gap between developers and the revenue the applications they create are supposed to generate. The idea behind the new company is to break down the silos that exist between the front of the office and the back of the office and give developers a deeper understanding of the customers using their products, or at least that’s the theory.

“Dev and rev are yin and yang to each other. In today’s world they are really far apart with tons of bureaucracy between these two parties. Our goal to bring dev and rev to get rid of the bureaucracy,” Pandey told me

The company intends to build an API to help developers pull this information from existing systems for companies already working with a CRM tool like Salesforce, while helping gather that customer information for younger companies who might lack a tool. Regardless, the idea is to bring that info where the developer can see it to help build better products.

The way it works in most companies is customer service or sales hears complaints or suggestions about the product, and tickets get generated, but putting these issues in front of the people building the software isn’t always easy or direct. DevRev hopes to change that.

Navin Chaddha, managing director at Mayfield, whose firm is investing in DevRev, sees a need to bring these different parts of the company together in a more direct way. “The code that developers work on today is used by support as well as marketing and sales. By bringing the world of issues and tickets closer to the world of revenue and growth, DevRev’s unified platform bridges the gap between developer and customer and elevates the developer to a business leader,” Chaddha said.

With 75 employees working on the problem, DevRev is already a substantial startup. As experienced founders Pandey and Agarwal certainly understand the importance of building a diverse and inclusive company. Pandey sees the top of the employment funnel really being focused on engineering, design and business schools and the company is working to bring in a diverse group of young employees.

“[We are looking at ways] to search for talent and to promote talent, to make them into leaders. I think we have an empty canvas by the way, and we have this idea of COVID, and being able to do remote work has really grown the top of the funnel, the mouth of the funnel now can be anything and everything. […] [Colleges and universities] are I would say the real source of all diversity at the end of the day. We have seen how engineering schools, design schools and business schools are actually getting so diverse,” he said.

The company is working to build the product now and reaching out to developer communities on Discord, GitHub and other places that developers gather online to get their input, while testing and improving the product in-house and with design partners.

Nutanix, the founders’ previous company, launched in 2009 and raised over a $1 billion before going public in 2016. Pandey and Agarwal left Nutanix at the end of last year to launch the new company.

Simpplr raises $32M for its intranet platform

Simpplr, a modern platform for building intranet sites (or “employee communications and enablement platforms,” as the company calls it), today announced that it has raised a $32 million Series C round led by Tola Capital. Norwest Ventures, which led the company’s Series B round last year, as well as Salesforce Ventures and George Still Ventures also participated. This brings Simpplr’s total funding to just over $61 million.

As Simpplr CEO and founder Dhiraj Sharma told me, the Series B round was meant to help the team accelerate product innovation and development. Unsurprisingly, the COVID-19 pandemic only increased demand for digital workplace solutions like Simpplr. As Sharma noted, the company’s thesis was always that the world was moving toward remote/hybrid work. The pandemic only accelerated this process and with that, the sense of urgency in its customer base to modernize their own platforms for communicating with their employees. To keep up with this growth, the company doubled its team since last August (though Sharma, just like many other startup founders I’ve recently talked to, also bemoaned that it’s becoming increasingly hard to find talent).

The company says that it added 100 enterprise customers over the course of the last year. Today, its customer base includes a number of early adopters like Splunk or Nutanix, which were always building toward a global workforce and always had a need for a product like Simpplr. But due to the pandemic, more traditional businesses like Fox, AAA insurance or Renewal by Andersen also needed to quickly find ways to support their newly remote workforces.

“When this pandemic happened, there were lots of traditional companies who didn’t think that they would be doing remote work as much in the near future as they had to,” Sharma said. “For them, things changed and then what they realized is that they did not have effective means of formal employee communication and also lacked the digital employee experience — and they realized that very quickly.”

Simpplr is obviously not the only intranet solution on the market, but Sharma argues that the service isn’t just recognized by analyst firms like Gartner and Forrester, but also highly reviewed by its customers, in large part thanks to its focus on user experience. “UX is our number one strength and differentiator. We have been pushing the boundaries of intranet for the last five years,” he said and cited features like the company’s auto-governance engine, which he likened to a “Roomba for your intranet.”

Image Credits: Simpplr

Analytics, too, is another area where Simpplr is trying to differentiate itself. “Our company’s mission is to help companies build a better workplace — and unless we can show the areas of improvement and provide insights like how to do something better, we just become a dumb tool,” he said. “For us, what is very important is not only that you are communicating but helping our customers to understand what’s working and what’s not working. What’s the impact of the communication and how are your employees feeling about it?”

Looking ahead, the company is working on building more AI into its tools — including its analytics — to help companies better communicate with their employees and understand the impact of those messages.

As for the new funding round, Sharma noted that he bootstrapped his previous two companies, which has made him take a somewhat conservative approach to fundraising. “When I used to hear that your investors or VCs expect growth at all costs, I just could never understand that,” he said. “So while building this company, even though this is a venture-funded company, I still wanted to make sure that I use the finances responsibly and I build a business in a sustainable manner. I wanted to make sure that if we raised a large investment, we have a proper use for that investment and that this investment will bring the right results.”

Tola Capital principal Eddie Kang will now join Simpplr’s board. “The future of work is hybrid and Simpplr is essential to a company’s ability to engage with employees,” he said. “As enterprise software investors, what excites us about Simpplr’s platform is that it allows leadership teams to streamline communications across channels and provides a turnkey platform that drives value to customers very quickly. Our partnership with Simpplr will accelerate its roadmap to meet the needs of global business leaders and communications teams.”

You can see fires, but now Qwake wants firefighters to see through them

When it comes to tough environments to build new technology, firefighting has to be among the most difficult. Smoke and heat can quickly damage hardware, and interference from fires will disrupt most forms of wireless communications, rendering software all but useless. From a technology perspective, not all that much has really changed today when it comes to how people respond to blazes.

Qwake Technologies, a startup based in San Francisco, is looking to upgrade the firefighting game with a hardware augmented reality headset named C-THRU. Worn by responders, the device scans surrounding and uploads key environmental data to the cloud, allowing all responders and incident commanders to have one common operating picture of their situation. The goal is to improve situational awareness and increase the effectiveness of firefighters, all while minimizing potential injuries and casualties.

The company, which was founded in 2015, just raised about $5.5 million in financing this week. The company’s CEO, Sam Cossman, declined to name the lead investor, citing a confidentiality clause in the term sheet. He characterized the strategic investor as a publicly-traded company, and Qwake is the first startup investment this company has made.

(Normally, I’d ignore fundings without these sorts of details, but given that I am obsessed with DisasterTech these days, why the hell not).

Qwake has had success in recent months with netting large government contracts as it approaches a wider release of its product in late-2021. It secured a $1.4 million contract from the Department of Homeland Security last year, and also secured a partnership with the U.S. Air Force along with RSA in April. In addition, it raised a bit of angel funding and participated in Verizon’s 5G First Responder Lab as part of its inaugural cohort (reminder that TechCrunch is still owned by Verizon).

Cossman, who founded Qwake along with John Long, Mike Ralston, and Omer Haciomeroglu, has long been interested in fires, and specifically, volcanos. For years, he has been an expeditionary videographer and innovator who climbed calderas and attempted to bridge the gap between audiences, humanitarian response, and science.

“A lot of the work that I have done up until this point was focused on earth science and volcanoes,” he said. “A lot of projects were focused on predicting volcanic eruptions and looking at using sensor networks and different things of that nature to make people who live in those regions that are exposed to volcanic threats safer.”

During one project in Nicaragua, his team suddenly found itself lost amidst the smoke of an active volcano. There were “thick, dense superheated volcanic gases that prevented us from navigating correctly,” Cossman said. He wanted to find technology that might help them navigate in those conditions in the future, so he explored the products available to firefighters. “We figured, ‘Surely these men and women have figured out how do you see in austere environments, how do you make quick decisions, etc.’”

He was left disappointed, but also with a new vision: to build such technology himself. And thus, Qwake was born. “I was pissed off that the men and women who arguably need this stuff more than anybody — certainly more than a consumer — didn’t have anywhere to get it, and yet it was entirely possible,” he said. “But it was only being talked about in science fiction, so I’ve dedicated the last six years or so to make this thing real.”

Building such a product required a diverse set of talent, including hardware engineering, neuroscience, firefighting, product design and more. “We started tinkering and building this prototype. And it very interestingly got the attention of the firefighting community,” Cossman said.

Qwake offers a helmet-based IoT product that firefighters wear to collect data from environments. Image Credits: Qwake Technologies

Qwake at the time didn’t know any firefighters, and as the founders did customer calls, they learned that sensors and cameras weren’t really what responders needed. Instead, they wanted more operational clarity: not just more data inputs, but systems that can take all that noise, synthesize it, and relay critical information to them about exactly what’s going on in an environment and what the next steps should be.

Ultimately, Qwake built a full solution, including both an IoT device that attaches to a firefighter’s helmet and also a tablet-based application that processes the sensor data coming in and attempts to synchronize information from all teams simultaneously. The cloud ties it all together.

So far, the company has design customers with the fire departments of Menlo Park, California and Boston. With the new funding, the team is looking to advance the state of its prototype and get it ready for wider distribution by readying it for scalable manufacturing as it approaches a more public launch later this year.

Remote raises $150M on a $1B+ valuation to manage payroll and more for organizations’ global workforces

For many of us, going to work these days no longer means going into a specific office like it used to; and today one of the startups that’s built a platform to help cater to that new, bigger world of employment — wherever talent might be — is announcing a major round of funding on the back of strong demand for its tools.

Remote, which provides tools to manage onboarding, payroll, benefits and other services for tech and other knowledge workers located in remote countries — be they contractors or full-time employees — has raised $150 million. Job van der Voort, the Dutch-based CEO and co-founder of New York-based Remote, confirmed in an interview that funding values Remote at over $1 billion.

Accel is leading this Series B, with participation also from previous investors Sequoia, Index Ventures, Two Sigma, General Catalyst and Day One Ventures.

The funding will be used in a couple of areas. First and foremost, it will go toward expanding its business to more markets. The startup has been built from the ground up in a fully integrated way, and in contrast to a number of others that it competes with in providing Employer of Record services, Remote fully owns all of its infrastructure. It now provides its HR services, as fully operational legal entities, for 50 countries (it has a target of growing that to 80 by the end of this year). The platform is also set to be enhanced with more tools around areas like benefits, equity incentive planning, visa and immigration support and employee relocation.

“We are doubling down on our approach,” van der Voort said. “We try to fully own the entire stack: entity, operations, experts in house, payroll, benefits and visa and immigration — all of the items that come up most often. We want to to build infrastructure products, foundational products because those have a higher level of quality and ultimately a lower price.”

In addition, Remote will be using the funding to continue building more tools and partnerships to integrate with other providers of services in what is a very fragmented human resources market. Two of these are being announced today to coincide with the funding news: Remote has launched a Global Employee API that HR platforms that focus on domestic payroll can integrate to provide their own international offering powered by Remote. HR platform Rippling (Parker Conrad’s latest act) is one of its first customers. And Remote is also getting cosier with other parts of the HR chain of services: applicant tracking system Greenhouse is now integrating with it to help with the onboarding process for new hires.

Indeed, $150 million at a $1 billion+ valuation is a very, very sizable Series B, even by today’s flush-market standards, but it comes after a bumper year for the company, and in particular since November last year when it raised a Series A of $35 million. In the last nine months, customer numbers have grown seven-fold, with users on the platform increasing 10 times. Most interestingly, perhaps, is that Remote’s revenues — its packages start at $149 per month but go up from there — have increased by a much bigger amount: 65x, the company said. That basically points to the fact that engagement from those users — how much they are leaning on Remote’s tech — has skyrocketed.

Although there are a lot of competitors in the same space as Remote — they include a number of more local players alongside a pretty big range of startups like Oyster (which announced $50 million in funding in June), Deel, which is now valued at $1.25 billionTuring; Papaya Global (now also valued at over $1 billion); and many more — the opportunity they are collectively tackling is a massive one that, if anything, appears to be growing.

Hiring internationally has always been a costly, time-consuming and organizationally challenged endeavor, so much so that many companies have opted not to do it at all, or to reserve it for very unique cases. That paradigm has drastically shifted in recent years, however.

Even before COVID-19 hit, there was a shortage of talent, resulting in a competitive struggle for good people, in companies’ home markets, which encouraged companies to look further afield when hiring. Then, once looking further afield, those employers had to give consideration to employing those people remotely — that is, letting them work from afar — because the process of relocating them had also become more expensive and harder to work through.

Then COVID-19 happened, and everyone, including people working in a company’s HQ, started to work remotely, changing the goalposts yet again on what is expected by workers, and what organizations are willing to consider when bringing on a new person, or managing someone it already knows, just from a much farther distance.

While a lot of that has played out in the idea of relocating to different cities in the same country — Miami and Austin getting a big wave of Silicon Valley “expats” being two examples of that — it seems just a short leap to consider that now that sourcing and managing is taking on a much more international slant. A lot of new hires, as well as existing employees who are possibly not from the U.S. to begin with, or simply want to see another part of the world, are now also a part of the mix. That is where companies like Remote are coming in and lowering the barriers to entry by making it as easy to hire and manage a person abroad as it is in your own city.

“Remote is at the center of a profound shift in the way that companies hire,” said Miles Clements, a partner at Accel, in a statement. “Their new Global Employee API opens up access to Remote’s robust global employment infrastructure and knowledge map, and will help any HR provider expand internationally at a speed impossible before. Remote’s future vision as a financial services provider will consolidate complicated processes into one trusted platform, and we’re excited to partner with the global leader in the quickly emerging category of remote work.”

And it’s interesting to see it now partnering with the likes of Rippling. It was a no-brainer that as the latter company matured and grew, it would have to consider how to handle the international component. Using an API from Remote is an example of how the model that has played out in communications (led by companies like Twilio and Sinch) and fintech (hello, Stripe) also has an analogue in HR, with Remote taking the charge on that.

And to be clear, for now Remote has no plans to build a product that it would sell directly to individuals.

“Individuals are reaching out to us, saying, ‘I found this job and can you help me and make sure I get paid?’ That’s been interesting,” van der Voort said. “We thought about [building a product for them] but we have so much to do with employers first.” One thing that’s heartening in Remote’s approach is that it wouldn’t want to provide this service unless it could completely follow through on it, which in the case of an individual would mean “vetting every major employer,” he said, which is too big a task for it right now.

In the meantime, Remote itself has walked the walk when it comes to remote working. Originally co-founded by two European transplants to San Francisco, the pair had firsthand experience of the paradoxical pains and opportunities of being in an organization that uses remote workforces.

Van der Voort had been the VP of product for GitLab, which he scaled from five to 450 employees working remotely (it’s now a customer of Remote’s); and before co-founding Remote, CTO Marcelo Lebre had been VP of engineering for Unbabel — another startup focused on reducing international barriers, this time between how companies and global customers communicate.

Today, not only is the CEO based out of Amsterdam in The Netherlands, with the CTO in Lisbon, Portugal, but New York-based Remote itself has grown to 220 from 50 employees, and this wider group has also been working remotely across 47 countries since November 2020.

“The world is looking very different today,” van der Voort said. “The biggest change for us has been the size of the organization. We’ve gone from 50 to more than 200 employees, and I haven’t met any of them! We have tried to follow our values of bringing opportunity everywhere so we hire everywhere as we solve that for our customers, too.”

Product-led sales startup Endgame raises over $17M

Endgame, enabling software companies to turn customer observations into go-to-market strategies, announced Tuesday it raised a total of $17 million in back-to-back seed and Series A funding rounds.

The $12.25 million Series A was led by Menlo Ventures, while the $5 million seed round was led by Upfront Ventures. Also participating in the round are a group of investors including Todd and Rahul’s Fund, Liquid 2 Ventures and Gainsight CEO Nick Mehta.

Los Angeles-based Endgame was founded in 2020 and provides a self-service look at what’s happening in a software trial so that a sales team can prioritize accounts based on user behavior signals and act on them faster without having to be a data scientist or engineer.

Company CEO Alex Bilmes told TechCrunch that the concepts of product-led sales and product-led growth have taken over the sale of software. Today’s customers sign up for a trial, and if they like it, they invite their friends to try it.

However, at a certain point, some sales pressure is needed to close the deal. That’s where Endgame comes in: It shows who is doing what, and what features are being used — data that is typically opaque to sales and revenue teams.

Traditional customer relationship management systems are designed to be rep-driven, meaning the sales rep is responsible for adding notes. It’s simpler if a rep only has a few accounts, but across tens of millions of users, Endgame analyzes the data and identifies which accounts are most likely to convert, who are the users to engage, what makes a good customer and how to take action with the right people.

Endgame is not competing against other companies so much as in-house developers that are cobbling a bunch of apps together in efforts to create a system that works for them, Bilmes said.

“Most of this is solved with do-it-yourself,” he added. “I have built Endgame a number of times at other companies using databases and other piece-meals to put together something so I could mash data from lots of places and build subscriptive views for revenue teams. We compete with those data scientists and internal teams stitching together horizontal tools.”

Endgame is pre-revenue and is already catering to a group of beta customers like Figma, Loom, Airtable, Clubhouse, Mode, Retool and Algolia that are looking for a dedicated software platform to capture product-led value.

Bilmes said the customer relationship management market, both huge and fast-growing at 35% annually, is expected to reach $114 billion by 2027. To meet demand, he intends to use the new funds to continue hiring aggressively. He has already tripled the size of the team to nine in the past few months, and expects to double that in the coming year. In addition, funds will go toward R&D and to further define the product-led sales landscape.

Growth over the next year will be customer-focused as Endgame works to get into the hands of the right customers and making it as accessible as possible for people to begin doing product-led motions.

“Our efforts are product-focused,” Bilmes said. “We’ve seen more demand than we can possibly hope to fill given the problem is so real for so many.”

As part of the investment, Upfront Ventures Partner Kara Nortman and Menlo Ventures Partner Naomi Ionita will join Endgame’s board of directors. Sandhya Hegde, partner at Unusual Ventures, which also participated in both rounds, joins as a board observer to create an all-women investor board.

When Endgame was raising its seed fund, it wanted to work with Nortman, who has expertise in applying consumer concepts to enterprise, Bilmes said. When it came to the Series A, Bilmes said he felt Ionita was the perfect partner due to her similar background to Bilmes and expertise in teaching salespeople how to engage.

Ionita told TechCrunch she learned about Endgame from Nortman, with whom she has invested in other startups. The company understands the pain point and is for companies that offer a self-service version for the “why and how.”

“This intelligence doesn’t exist, and I know that because I lived it — building in-house or seeing companies flying blind,” she added. “Alex just gets this, and I see Endgame being the system of record and intelligence for bridging self-serve. They will be the final bridge that needs to exist between product teams and product-facing sales reps for which accounts to address and why.”

 

ZoomInfo drops $575M on Chorus.ai as AI shakes up the sales market

ZoomInfo announced this morning it intends to acquire conversational sales intelligence tool Chorus.ai for $575 million. Shares of ZoomInfo are unchanged in premarket trading following the news, per Yahoo Finance data.

Sales intelligence, Chorus’s market, is a hot space that uses AI to “listen” to sales conversations to help improve interactions between salespeople and customers. ZoomInfo is mostly known for providing information about customers, so the acquisition expands the acquiring company’s platform in a significant way.

The company sees an opportunity to bring together different parts of the sales process in a single platform by “combining ZoomInfo’s historic top-of-the-funnel strength with insights driven from the middle of the funnel in the customer conversations that Chorus captures,” it said in a release.

“With Chorus, the entire organization can make better decisions by surfacing insights and analytics that you would only get if you sat in on every sales or customer success call,” ZoomInfo CEO and founder Henry Schuck said in a blog post announcing the deal.

Ahead of the transaction, ZoomInfo was valued at just under $21 billion.

Chorus looks for what it calls “smart themes” in sales calls, which help managers steer sales teams toward the types of conversation and tone that is likely to drive more revenue. In fact, Chorus holds the largest patent portfolio related to conversational intelligence, according to the company.

Chorus was founded in 2015 and raised more than $100 million along the way, according to PitchBook data. The most recent round was a $45 million Series C last year.

Crunchbase News reports that at the time of its Series C round of funding, Chorus had “doubled its headcount to more than 100 employees and tripled its revenue over the past year.” That’s the sort of growth that venture capitalists covet, making the company’s 2020 funding round a nonsurprise.

Notably PitchBook data indicates that the company’s final private valuation was around the $150 million mark; if accurate, it would imply that the company’s last private round was expensive in dilution terms, and that its investors did well in the exit, quickly more than trebling the capital that was last invested, with investors who put capital in earlier doing even better.

But we’re slightly skeptical of the company’s available valuation history given the growth that it claimed at the time of its Series C; it feels low. If that’s the case, the company’s exit multiple would decrease, making its final sale price slightly less impressive.

Of course, a half-billion-dollar exit is always material, even if venture capitalists in today’s red-hot, and expensive, market are more interested in $1 billion exits and larger.

Chorus.ai will likely not be the final exit in the conversational intelligence space. Its rival Gong (often known by its URL, Gong.io) is one of the hotter startups in this space, having raised over $500 million. Its most recent raise was $250 million on a $7.25 billion valuation last month.

The implication of the Chrous.ai exit and Gong’s enormous private valuation is that the application of AI to audio data in a sales environment is incredibly useful, given the number of customers the two companies’ aggregate valuation implies.