Ethos picks up $100M at a $2.7B+ valuation for a big data platform to improve life insurance accessibility

/0 Comments/in /by

More than half of the U.S. population has stayed away from considering life insurance because they believe it’s probably too expensive, and the most common way to buy it today is in person. A startup that’s built a platform that aims to break down those conventions and democratize the process by making life insurance (and the benefits of it) more accessible is today announcing significant funding to fuel its rapidly growing business.

Ethos, which uses more than 300,000 data points online to determine a person’s eligibility for life insurance policies, which are offered as either term or whole life packages starting at $8/month, has picked up $100 million from a single investor, SoftBank Vision Fund 2. Peter Colis, Ethos’s CEO and co-founder, said that the funding brings the startup’s valuation to over $2.7 billion.

This is a quick jump for the company: It was only two months ago that Ethos picked up a $200 million equity round at a valuation of just over $2 billion.

It has now raised $400 million to date and has amassed a very illustrious group of backers. In addition to SoftBank they include General Catalyst, Sequoia Capital, Accel, GV, Jay-Z’s Roc Nation, Glade Brook Capital Partners, Will Smith and Robert Downey Jr.

This latest injection of funding — which will be used to hire more people and continue to expand its product set into adjacent areas of insurance like critical illness coverage — was unsolicited, Colis said, but comes on the heels of very rapid growth.

Ethos — which is sold currently only in the U.S. across 49 states — has seen both revenues and user numbers grow by over 500% compared to a year ago, and it’s on track to issue some $20 billion in life insurance coverage this year. And it is approaching $100 million in annualized growth profit. Ethos itself is not yet profitable, Colis said.

Insurtech is hot on both sides of the Atlantic

There are a couple of trends going on that speak to a wide opportunity for Ethos at the moment.

The first of these is the current market climate: Globally we are still battling the COVID-19 global health pandemic, and one impact of that — in particular given how COVID-19 has not spared any age group or demographic — has been more awareness of our mortality. That inevitably leads at least some part of the population to considering something like life insurance coverage that might not have thought about it previously.

However, Colis is a little skeptical on the lasting impact of that particular trend. “We saw an initial surge of demand in the COVID period, but then it regressed back to normal,” he said in an interview. Those who were more inclined to think about life insurance around COVID-19 might have come around to considering it regardless: It was being driven, he said, by those with pre-existing health conditions going into the pandemic.

That, interestingly, brings up the second trend, which goes beyond our present circumstances, and Colis believes will have the more lasting impact.

While there have been a number of startups, and even incumbent providers, looking to rethink other areas of insurance such as car, health and property coverage, life insurance has been relatively untouched, especially in some markets like the U.S. Traditionally, someone taking out life insurance goes through a long vetting process, which is not all carried out online and can involve medical examinations and more, and yes, it can be expensive: The stereotype you might best know is that only wealthier people take out life insurance policies.

Much like companies in fintech that have rethought how loan applications (and payback terms) can be rethought and evaluated afresh using big data — pulling in a new range of information to form a picture of the applicant and the likelihood of default or not — Ethos is among the companies that is applying that same concept to a different problem. The end result is a much faster turnaround for applications, a considerably cheaper and more flexible offer (term life insurance lasts only as long as a person pays for it), and generally a lot more accessibility for everyone potentially interested. That pool of data is growing all the time.

“Every month, we get more intelligent,” said Colis.

There is also the matter of what Ethos is actually selling. The company itself is not an insurance provider but an “insuretech” — similar to how neobanks use APIs to integrate banking services that have been built by others, which they then wrap with their own customer service, personalization and more — Ethos integrates with third-party insurance underwriters, providing customer service, more efficient onboarding (no in-person medical exams for example) and personalization (both in packages and pricing) around them. Given how staid and hard it is to get more traditional policies, it’s essentially meant completely open water for Ethos in terms of finding and securing new customers.

Ethos’s rise comes at a time when we are seeing other startups approaching and rethinking life insurance also in the U.S. and further afield. Last week, YuLife in the U.K. raised a big round to further build out its own take on life insurance, which is to sell policies that are linked to an individual’s own health and wellness practices — the idea being that this will make you happier and give more reason to pay for a policy that otherwise feels like some dormant investment; but also that it could help you live longer (Sproutt is another also looking at how to emphasize the “life” aspect of life insurance). Others like  DeadHappy and BIMA are, like Ethos, rethinking accessibility of life insurance for a wider set of demographics.

YuLife nabs $70M at a $346M valuation for its gamified, wellness-oriented approach to life insurance

There are some signs that Ethos is catching on with its mission to expand that pool, not just grow business among the kind of users who might have already been considering and would have taken out life insurance policies. The startup said that more than 40% of its new policy holders in the first half of 2021 had incomes of $60,000 or less, and nearly 40% of new policy holders were under the age of 40. The professions of those customers also speak to that democratization: The top five occupations, it said, were homemaker, insurance agent, business owner, teacher and registered nurse.

That traction is likely one reason why SoftBank came knocking.

“Ethos is leveraging data and its vertically integrated tech stack to fundamentally transform life insurance in the U.S.,” said Munish Varma, managing partner at SoftBank Investment Advisers, in a statement. “Through a fast and user-friendly online application process, the company can accurately underwrite and insure a broad segment of customers quickly. We are excited to partner with Peter Colis and the exceptional team at Ethos.”

Yoobic raises $50M for its chat and communications app app aimed at frontline and service workers

/0 Comments/in /by

Slack set the standard in many ways for what knowledge workers want and expect out of a workplace collaboration app these days, but a lot has been left on the table when it comes to frontline workers. Today, one of the software companies that has built a popular app for that frontline crowd to become a part of the conversation is announcing a funding round that speaks to the opportunity to do more.

Yoobic, which provides an app for frontline and service workers to manage tasks, communicate with each other and management, and also go through training, development and and other e-learning tasks, has picked up $50 million.

Highland Europe led the round, a Series C, with previous investors Felix Capital, Insight Partners, and a family office advised by BNF Capital Limited also participating. (Felix led Yoobic’s Series A, while Insight Partners led the Series B in 2019.) Yoobic is not discussing valuation but from what I understand from a reliable source, it is now between $300 million and $400 million.

The funding comes at a time of strong growth for the company.

Yoobic works with some 300 big brands in 80 countries altogether covering a mammoth 335,000 locations in sectors like retail, hospitality, distribution and manufacturing. Its customers include the likes of the Boots pharmacy chain, Carrefour supermarkets, Lancôme, Lacoste, Logitech, Lidl, Peloton, Puma, Vans, VF Corp, Sanofi, Untuckit, Roots, Canada Goose, Longchamp, Lidl, Zadig & Voltaire, and Athletico.

But that is just the tip of the iceberg. It’s estimated that there are 2.7 billion “deskless” (frontline and service) workers globally, accounting for no less than 80% of the world’s workforce. But here is the shocker: only 1% of IT budgets is currently spent on them. That speaks of huge opportunity for startups to build more here, but only if they (or the workers themselves( can manage to convince those holding the purse strings that it’s worth the investment.

So to that end, the funding will be used to hire more talent, to expand geographically — founded in London, the company is now headquartered in New York — and to expand its product. Specifically, Yoobic plans to build more predictive analytics to improve responsiveness and give more insight to companies about their usage, and to build out more tools to cater to specific verticals in the world of frontline work, such as manufacturing, logistics and transportation, Fabrice Haiat, CEO and co-founder of YOOBIC, told TechCrunch in an interview.

Yoobic started life several years ago with a focus specifically on retail — an area that it was concentrating on as recently as its last round in 2019, providing tools to help with merchandizing, communicating about stock between stores and more. While retail is still a sizeable part of its business, Yoobic saw an opening to expand into a wider pool of verticals with frontline and service employees that had many of the same demands as retail.

That turned out to be a fortunate pivot as the pandemic struck.

“Covid-19 had a big impact on us,” said Haiat, who co-founded the company with brothers Avi and Gilles. “The first two months we were in panic mode. But what happened was that businesses realized that frontline employees were critical to the success of their operations.”

Since Covid hit last year, he said that activity on the platform rose by 200%, and earlier this year it passed 1 million activities per month on its platform. “We are growing like crazy,” Haiat said.

There are a number of reasons why building for frontline workers is important. Roaming round without a fixed desk, spending more time with customers than looking at a screen or in meetings, and generally having different business priorities and practices are just a few of the reasons why software built for the former doesn’t necessarily work for the latter.

There have been a number of companies that have aimed to build services to address that gap — they stretch back years, in fact. And there have been some interesting moves to consolidate in the market among those building some of the more successful tools for people in the field: Crew recently got acquired by Square; ServiceMax acquired Zinc; and Facebook’s Workplace has been on a march to amass some of the world’s biggest companies as customers of its own communications platform with a strong play for frontline workers.

Haiat argues that while all of these are fine and well, none of them understand the full scope of the kinds of tools that those in the field really need. That ranges from practical features (such as a way to handle inventory management), through to features that companies would love to have for their employees as long as they can be delivered in an easy way (such as professional development and training). In that context, the basic communications that all of the current crop of apps for frontline workers offer feel like basic tablestakes.

That close understanding of the gap in the market and what is needed to fix it is one reason why the company has seen such strong growth, as well as interest from investors.

“We’re excited to partner with YOOBIC, which, thanks to the highly impressive team led by Fabrice, Avi and Gilles, has clearly established itself as a leader in the digital workplace space with demonstrable market traction and impressive growth.” said Jean Tardy-Joubert, partner at Highland Europe, in a statement. “While companies have historically focused on digital investments for deskbound employees, the world is becoming distributed and decentralized.  We anticipate a seismic shift that will see huge resources, technology, and capital shifted toward frontline teams.” Tardy-Joubert will be joining the YOOBIC Board with this round.

Serial Swatter Who Caused Death Gets Five Years in Prison

/0 Comments/in /by

A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that led to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today.

60-year-old Mark Herring died of a heart attack after police surrounded his home in response to a swatting attack.

Shane Sonderman, of Lauderdale County, Tenn. admitted to conspiring with a group of criminals that’s been “swatting” and harassing people for months in a bid to coerce targets into giving up their valuable Twitter and Instagram usernames.

At Sonderman’s sentencing hearing today, prosecutors told the court the defendant and his co-conspirators would text and call targets and their families, posting their personal information online and sending them pizzas and other deliveries of food as a harassment technique.

Other victims of the group told prosecutors their tormentors further harassed them by making false reports of child abuse to social services local to the target’s area, and false reports in the target’s name to local suicide prevention hotlines.

Eventually, when subjects of their harassment refused to sell or give up their Twitter and Instagram usernames, Sonderman and others would swat their targets — or make a false report to authorities in the target’s name with the intention of sending a heavily armed police response to that person’s address.

For weeks throughout March and April 2020, 60-year-old Mark Herring of Bethpage, Tenn. was inundated with text messages asking him to give up his @Tennessee Twitter handle. When he ignored the requests, Sonderman and his buddies began having food delivered to Herring’s home via cash on delivery.

At one point, Sonderman posted Herring’s home address in a Discord chat room used by the group, and a minor in the United Kingdom quickly followed up by directing a swatting attack on Herring’s home.

Ann Billings was dating Mr. Herring and was present when the police surrounded his home. She recalled for the Tennessee court today how her friend died shortly thereafter of a heart attack.

Billings said she first learned of the swatting when a neighbor called and asked why the street was lined with police cars. When Mr. Herring stepped out on the back porch to investigate, police told him to put his hands up and to come to the street.

Unable to disengage a lock on his back fence, Herring was instructed to somehow climb over the fence with his hands up.

“He was starting to get more upset,” Billings recalled. “He said, ‘I’m a 60-year-old fat man and I can’t do that.’”

Billings said Mr. Herring then offered to crawl under a gap in the fence, but when he did so and stood up, he collapsed of a heart attack. Herring died at a nearby hospital soon after.

Mary Frances Herring, who was married to Mr. Herring for 28 years, said her late husband was something of a computer whiz in his early years who secured the @Tennessee Twitter handle shortly after Twitter came online. Internet archivist Jason Scott says Herring was the creator of the successful software products Sparkware and QWIKMail; Scott has 2 hours worth of interviews with Herring from 20 years ago here.

Perhaps the most poignant testimony today came when Ms. Herring said her husband — who was killed by people who wanted to steal his account — had a habit of registering new Instagram usernames as presents for friends and family members who’d just had children.

“If someone was having a baby, he would ask them, ‘What are your naming the baby?’,” Ms. Herring said. “And he would get them that Instagram name and give it to them as a gift.”

Valerie Dozono also was an early adopter of Instagram, securing the two-letter username “VD” for her initials. When Dozono ignored multiple unsolicited offers to buy the account, she and many family and friends started getting unrequested pizza deliveries at all hours.

When Dozono continued to ignore her tormentors, Sonderman and others targeted her with a “SIM-swapping attack,” a scheme in which fraudsters trick or bribe employees at wireless phone companies into redirecting the target’s text messages and phone calls to a device they control. From there, the attackers can reset the password for any online account that allows password resets via SMS.

But it wasn’t the subsequent bomb threat that Sonderman and friends called in to her home that bothered Dozono most. It was the home invasion that was ordered at her address using strangers on social media.

Dozono said Sonderman created an account on Grindr — the location-based social networking and dating app for gay, bi, trans and queer people — and set up a rendezvous at her address with an unsuspecting Grindr user who was instructed to waltz into her home as if he was invited.

“This gentleman was sent to my home thinking someone was there, and he was given instructions to walk into my home,” Dozono said.

The court heard from multiple other victims targeted by Sonderman and friends over a two-year period. Including Shane Glass, who started getting harassed in 2019 over his @Shane Instagram handle. Glass told the court that endless pizza deliveries, as well as SIM swapping and swatting attacks left him paranoid for months that his assailant could be someone stalking him nearby.

Judge Mark Norris said Sonderman’s agreement to plead to one count of extortion by threat of serious injury or damage carries with it a recommended sentence of 27 to 33 months in prison. However, the judge said other actions by the defendant warranted up to 60 months (5 years) in prison.

Sonderman might have been eligible to knock a few months off his sentence had he cooperated with investigators and refrained from committing further crimes while out on bond.

But prosecutors said that shortly after his release, Sonderman went right back to doing what he was doing when he got caught. Investigators who subpoenaed his online communications found he’d logged into the Instagram account “FreeTheSoldiers,” which was known to have been used by the group to harass people for their social media handles.

Sonderman was promptly re-arrested for violating the terms of his release, and prosecutors played for the court today a recording of a phone call Sonderman made from jail in which he brags to a female acquaintance that he wiped his mobile phone two days before investigators served another search warrant on his home.

Sonderman himself read a lengthy statement in which he apologized for his actions, blaming his “addiction” on several psychiatric conditions — including bipolar disorder. While his recitation was initially monotone and practically devoid of emotion, Sonderman eventually broke down in tears that made the rest of his statement difficult to hear over the phone-based conference system the court made available to reporters.

The bipolar diagnoses was confirmed by his mother, who sobbed as she simultaneously begged the court for mercy while saying her son didn’t deserve any.

Judge Norris said he was giving Sonderman the maximum sentenced allowed by law under the statute — 60 months in prison followed by three years of supervised release, but implied that his sentence would be far harsher if the law permitted.

“Although it may seem inadequate, the law is the law,” Norris said. “The harm it caused, the death and destruction….it’s almost unspeakable. This is not like cases we frequently have that involve guns and carjacking and drugs. This is a whole different level of insidious criminal behavior here.”

Sonderman’s sentence pales in comparison to the 20-year prison time handed down in 2019 to serial swatter Tyler Barriss, a California man who admitted making a phony emergency call to police in late 2017 that led to the shooting death of an innocent Kansas resident.

Zenput raises $27M Series C to keep multiunit operations flowing no matter the location

/0 Comments/in /by

Ensuring food safety compliance can be challenging at one restaurant, let alone across thousands of restaurants. Zenput has developed technology aimed at making sure operating procedures are quickly adapted so that businesses maintain quality.

The San Francisco-based operations execution company raised $27 million in Series C financing, led by Golub Capital, to continue developing its application to automate operation procedures like tracking food safety, public health protocols and changing market conditions.

Restaurants, convenience stores and grocery chain customers can use Zenput to update all of their locations — at the same time — with new processes, promotional campaigns and key initiatives while also gathering data and insights from those locations to find opportunities for improvement.

Joining Golub in the round were existing investors, including Jackson Square Ventures, MHS Capital and Goldcrest Capital. This brings the company’s total funding to more than $47 million, co-founder and CEO Vladik Rikhter told TechCrunch.

Greg Gretsch, founding partner and managing director at Jackson Square Ventures, led Zenput’s Series A round in 2016 and had met Rikhter a year prior. At the time, Rikhter was in the early stages of developing what Gretsch called an organization task manager. While he didn’t invest then, he kept in touch with Rikhter and saw “how much of a grinder he was” in expanding the platform.

“When he sees a problem, he works and works to solve it,” Gretsch said. “Whenever you have a multilocation business, you have a remote management problem. You’re trying to manage everything so your weakest link can perform as best as the best link, but you need a platform to manage that so that you can hold stores accountable to improve the end product.”

Front-line workers use Zenput’s mobile app for onboarding at the beginning of the day and to track safety compliance and fresh food checks, something Rikhter said was historically challenging once a business had thousands of locations. The app can also alert when food has been left out too long to assist in lowering food waste rates.

Since its founding in 2012, Zenput is currently used by customers like Chipotle, Domino’s, P.F. Chang’s, Five Guys, Smart & Final and 7-Eleven in over 60,000 locations across more than 100 countries.

The Series C round comes as the company saw 100% revenue growth over the past year. At the same time, product usage more than doubled at stores, and to date, 1.5 billion questions were answered through Zenput, a figure Rikhter expects to double over the next 12 months as locations aim to find ways to do more things remotely.

“The pandemic inadvertently helped us,” he added. “Initially, it was rough, but then a lot of the brands we dealt with needed to expedite technology and saw an opportunity to invest in our technology. We have more products coming because there is more that can be done to make sure every meal is a safe meal.”

Much of the new funding will go toward building those new products and capabilities and into marketing to expand the customer base. The company recently launched an expansion of its Zenput for Franchisors tool and updates to its food prep labeling and temperature monitoring functions.

Rikhter also plans to double Zenput’s employees over the 16 to 18 months, especially in the product engineering and marketing areas.

All of that is to be ready for customer demand as restaurants, convenience stores and grocery chains do more to change up the way they do business in the future.

“I wouldn’t be surprised to show up at a restaurant and see changes made daily on protocols, which will drive a lot more of the journey than before,” Rikhter said. “We see more operators flexing muscles they didn’t know they had, as it relates to promotions and products, so they can grow faster and run totally different operational features and offer more options for customers.”

As companies accelerate their digital transitions, employees detail a changed workplace

 

Commercial real estate lending startup Lev brings in $30M on a $130M valuation

/0 Comments/in /by

Commercial real estate has been slow to embrace technology; though it has an addressable financing market of more than $40 billion, putting together a deal is still mostly manual, paper-heavy and complicated.

New York-based Lev is taking on this problem by automating workflows online and gathering hundreds of millions of data points into machine learning software to ensure financing accuracy. To do this, the commercial real estate financing transaction platform raised $30 million to give it a $130 million valuation just two years into its inception.

The latest financing comes four months after the company raised $10 million in seed funding led by NFX. Greenspring led the latest round, with participation from First American Title. Existing investors NFX, Canaan Partners, JLL Spark, Animo Ventures and Ludlow Ventures also joined in to give Lev total investments of more than $34 million, according to Crunchbase data.

Lev founder and CEO Yaakov Zar previously co-founded Boston-based Dispatch, which built tools for home services businesses. It was when he and his wife went through the homebuying process — and their mortgage fell through — that Zar decided to look at real estate financing.

He channeled his frustration into becoming a licensed mortgage loan originator. After relocating to New York, Zar was helping a friend at a nonprofit organization refinance their building and got a firsthand look at what he said was a fragmented commercial real estate mortgage industry.

Companies like Blend are addressing the problem of real estate lending, Zar told TechCrunch, but very few are focusing on commercial real estate, where lending is sensitive to interest rates and total amortization. In addition, property owners have a burden of refinancing every five to 10 years.

“Legacy businesses like JLL, which is an investor, Cushman Wakefield and CBRE work on lending, but they are much more ‘relationship focused’ than tech focused,” Zar said. “We think that it is a necessary part because the deals are so large and complex that you need a relationship for them, but transactions less than $1 billion are pretty straightforward. On experience and product, no one is close to us.”

Digital lending platform Blend valued at over $4B in its public debut

Initially, Zar and his team wanted to build the “Rocket Mortgage of commercial real estate lending,” but found that to be difficult because real estate brokers are putting together their own pitch books for lenders. Instead, Lev is building a technology platform of more than 5,000 lenders with information on what projects they like to finance. It then analyzes a customer’s portfolio and connects them in minutes with the right lender, taking 1% of the loan amount for each transaction as payment. Lev is also working to be able to close deals online.

Zar wasn’t looking for funding when he was approached by investors, but said he was introduced to some people who liked the company’s growth and trajectory and decided to accept the funding offer.

He intends to use the new funding on product development, with the aim of giving a term sheet in seconds and closing a loan in seven days. Right now it can take a week or two to get the term sheet and 45 to 90 days to close a loan.

The company has about 40 employees currently in its New York headquarters, Miami R&D center, Los Angeles outpost and remotely. Continued investments will be made to expand the team.

Lev grew 10 times in volume in the past year, closing approximately $100 million of loans in 2020. Zar expects to close over $1 billion in 2021.

“Customers come back to us repeatedly, and there are a ton of referrals,” Zar said. “We want to be the platform on which capital market transactions are processed. You need an advantage to network and find great deals. I don’t want to mess with that, but when you find it, bring it to us, we will close it and provide the asset management with the best option to close online and manage the deal from a single platform.”

Meanwhile, Pete Flint, general partner at NFX, told TechCrunch that he got to know the Lev team over the last 18 months, checking in on the company during various stages of the global pandemic, and was impressed at how the company navigated it.

As co-founder of Trulia, he saw firsthand the problems in the real estate industry over search and discovery, but as that problem was being solved, the focus shifted to financing. NFX is also an investor in Tomo and Ribbon, which both focus on residential financing.

Wanting to see what opportunities were on the commercial real estate side, Flint heard Lev’s name come up more and more among brokers and industry insiders.

“As we got to know the Lev team, we recognized that they were the best team out there to solve this problem,” Flint said. “We are also among an amazing group of people complementing the round. The folks that are deep industry insiders will put a helpful lens on strategy and business development opportunities.”

This is a good time to start a proptech company

 

Pillar VC closes $192M for two funds targeting SaaS, crypto, biotech, manufacturing

/0 Comments/in /by

As its name suggests, venture firm Pillar VC is focused on building “pillar” companies in Boston and across the Northeast.

The Boston-based seed-stage firm closed a raise of $192 million of capital that was split into two funds, $169 million for Pillar III and $23 million for Pillar Select. More than 25 investors are backing the new fund, including portfolio founders.

Jamie Goldstein, Sarah Hodges and Russ Wilcox are Pillar VC’s three partners, and all three lead investments for Pillar. The trio all have backgrounds as entrepreneurs: Goldstein, who has spent the past two decades in VC, co-founded speech recognition company PureSpeech, which was acquired by Voice Control Systems; Hodges was at online learning company Pluralsight; and Wilcox was CEO of electronic paper company E Ink, which he sold in 2009.

Pillar typically invests in a range of enterprise and consumer startups and aims to target Pillar III at startups focused on biology, enterprise SaaS, AI/ML, crypto, fintech, hardware, manufacturing and logistics. The firm will make pre-seed investments of $50,000 to $500,000 and seed-round investments of $2 million to $6 million.

One of the unique aspects of the firm is that it will buy common stock so that it will be aligned with founders and take on the same risks, Goldstein told TechCrunch.

The firm, founded in 2016, already has 50 portfolio companies from its first two funds — Pillar I, which raised $57 million, and Pillar $100 million. These include cryptocurrency company Circle, which announced a SPAC earlier this month, 3D printing company Desktop Metal that went public, also via SPAC, last year, and PillPack, which was bought by Amazon in 2018.

Cryptocurrency company Circle to go public in SPAC deal

“Pillar is an experiment, answering the question of ‘what would happen if unicorn CEOs came in and helped bootstrap the next generation’,” Wilcox said. “The experience is working, and Pillar does what VCs ought to do, which is back first-of-its-kind ideas.”

In addition to leading investments, Hodges leads the Pillar VC platform for the firm’s portfolio companies. Many of the portfolio companies are spinouts from universities, and need help turning that technology into a company. Pillar provides guidance to recruit a CEO or partner on the business side, leadership development, recruit talent and makes introductions to potential customers.

Pillar also intends to invest a third of the new fund into that biology category, specifically looking at the convergence of life science and technology, Wilcox said.

In its second fund, the firm started Petri, a pre-seed bio accelerator focused on biotech, and brought in founders using computation and engineering to develop technologies around the areas of agriculture, genetics, cell and gene therapies, medical data and drug discovery. The third fund will continue to support the accelerator through both pre-seed and seed investments.

The first investments from Pillar III are being finalized, but Hodges expects to infuse capital into another 50 companies.

“We are super bullish on Boston,” she added. “So many companies here are growing to be household names, and an exciting energy is coming out.”

How VC and private equity funds can launch portfolio-acceleration platforms

 

How we built an AI unicorn in 6 years

/0 Comments/in /by
Alex Dalyac
Contributor

Alex Dalyac is the CEO and co-founder of Tractable, which develops artificial intelligence for accident and disaster recovery.

Today, Tractable is worth $1 billion. Our AI is used by millions of people across the world to recover faster from road accidents, and it also helps recycle as many cars as Tesla puts on the road.

And yet six years ago, Tractable was just me and Raz (Razvan Ranca, CTO), two college grads coding in a basement. Here’s how we did it, and what we learned along the way.

Build upon a fresh technological breakthrough

In 2013, I was fortunate to get into artificial intelligence (more specifically, deep learning) six months before it blew up internationally. It started when I took a course on Coursera called “Machine learning with neural networks” by Geoffrey Hinton. It was like being love struck. Back then, to me AI was science fiction, like “The Terminator.”

Narrowly focusing on a branch of applied science that was undergoing a paradigm shift which hadn’t yet reached the business world changed everything.

But an article in the tech press said the academic field was amid a resurgence. As a result of 100x larger training data sets and 100x higher compute power becoming available by reprogramming GPUs (graphics cards), a huge leap in predictive performance had been attained in image classification a year earlier. This meant computers were starting to be able to understand what’s in an image — like humans do.

The next step was getting this technology into the real world. While at university — Imperial College London — teaming up with much more skilled people, we built a plant recognition app with deep learning. We walked our professor through Hyde Park, watching him take photos of flowers with the app and laughing from joy as the AI recognized the right plant species. This had previously been impossible.

I started spending every spare moment on image classification with deep learning. Still, no one was talking about it in the news — even Imperial’s computer vision lab wasn’t yet on it! I felt like I was in on a revolutionary secret.

Looking back, narrowly focusing on a branch of applied science undergoing a breakthrough paradigm shift that hadn’t yet reached the business world changed everything.

Search for complementary co-founders who will become your best friends

I’d previously been rejected from Entrepreneur First (EF), one of the world’s best incubators, for not knowing anything about tech. Having changed that, I applied again.

The last interview was a hackathon, where I met Raz. He was doing machine learning research at Cambridge, had topped EF’s technical test, and published papers on reconstructing shredded documents and on poker bots that could detect bluffs. His bare-bones webpage read: “I seek data-driven solutions to currently intractable problems.” Now that had a ring to it (and where we’d get the name for Tractable).

That hackathon, we coded all night. The morning after, he and I knew something special was happening between us. We moved in together and would spend years side by side, 24/7, from waking up to Pantera in the morning to coding marathons at night.

But we also wouldn’t have got where we are without Adrien (Cohen, president), who joined as our third co-founder right after our seed round. Adrien had previously co-founded Lazada, an online supermarket in South East Asia like Amazon and Alibaba, which sold to Alibaba for $1.5 billion. Adrien would teach us how to build a business, inspire trust and hire world-class talent.

Find potential customers early so you can work out market fit

Tractable started at EF with a head start — a paying customer. Our first use case was … plastic pipe welds.

It was as glamorous as it sounds. Pipes that carry water and natural gas to your home are made of plastic. They’re connected by welds (melt the two plastic ends, connect them, let them cool down and solidify again as one). Image classification AI could visually check people’s weld setups to ensure good quality. Most of all, it was real-world value for breakthrough AI.

And yet in the end, they — our only paying customer — stopped working with us, just as we were raising our first round of funding. That was rough. Luckily, the number of pipe weld inspections was too small a market to interest investors, so we explored other use cases — utilities, geology, dermatology and medical imaging.

Spam Kingpin Peter Levashov Gets Time Served

/0 Comments/in /by

Peter Levashov, appearing via Zoom at his sentencing hearing today.

A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov, a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Instead, he will go free under three years of supervised release and a possible fine.

A native of St. Petersburg, Russia, the 40-year-old Levashov operated under the hacker handle “Severa.” Over the course of his 15-year cybercriminal career, Severa would emerge as a pivotal figure in the cybercrime underground, serving as the primary moderator of a spam community that spanned multiple top Russian cybercrime forums.

Severa created and then leased out to others some of the nastiest cybercrime engines in history — including the Storm worm, and the Waledac and Kelihos spam botnets. His central role in the spam forums gave Severa a prime spot to advertise the services tied to his various botnets, while allowing him to keep tabs on the activities of other spammers.

Severa rented out segments of his Waledac botnet to anyone seeking a vehicle for sending spam. For $200, vetted users could hire his botnet to blast one million emails containing malware or ads for male enhancement drugs. Junk email campaigns touting employment or “money mule” scams cost $300 per million, and phishing emails could be blasted out through Severa’s botnet for the bargain price of $500 per million.

Severa was a moderator on the Russian spam community Spamdot[.]biz. In this paid ad from 2004, Severa lists prices to rent his spam botnet.

Early in his career, Severa worked very closely with two major purveyors of spam. One was Alan Ralsky, an American spammer who was convicted in 2009 of paying Severa and other spammers to promote pump-and-dump stock scams.

The other was a major spammer who went by the nickname “Cosma,” the cybercriminal thought to be responsible for managing the Rustock botnet (so named because it was a Russian botnet frequently used to send pump-and-dump stock spam). Microsoft, which has battled to scrub botnets like Rustock off of millions of PCs, later offered a still-unclaimed $250,000 reward for information leading to the arrest and conviction of the Rustock author.

Severa ran several affiliate programs that paid cybercriminals to trick people into installing fake antivirus software. In 2011, KrebsOnSecurity dissected “SevAntivir” — Severa’s eponymous fake antivirus affiliate program  — showing it was used to deploy new copies of the Kelihos spam botnet.

A screenshot of the “SevAntivir” fake antivirus or “scareware” affiliate program run by Severa.

In 2010, Microsoft — in tandem with a number of security researchers — launched a combined technical and legal sneak attack on the Waledac botnet, successfully dismantling it. The company would later do the same to the Kelihos botnet, a global spam machine which shared a great deal of code with Waledac and infected more than 110,000 Microsoft Windows PCs.

Levashov was arrested in 2017 while in Barcelona, Spain with his family. According to a lengthy April 2017 story in Wired.com, he got caught because he violated a basic security no-no: He used the same log-in credentials to both run his criminal enterprise and log into sites like iTunes.

In fighting his extradition to the United States, Levashov famously told the media, “If I go to the U.S., I will die in a year.” But a few months after his extradition, Levashov would plead guilty to four felony counts, including intentional damage to protected computers, conspiracy, wire fraud and aggravated identity theft.

At his sentencing hearing today, Levashov thanked his wife, attorney and the large number of people who wrote the court in support of his character, but otherwise declined to make a statement. His attorney read a lengthy statement explaining that Levashov got into spamming as a way to provide for his family, and that over a period of many years that business saw him supporting countless cybercrime operations.

The plea agreement Levashov approved in 2018 gave Judge Robert Chatigny broad latitude to impose a harsh prison sentence. The government argued that under U.S. federal sentencing guidelines, Levashov’s crimes deserved an “offense level” of 32, which for a first-time offender means a sentence of anywhere from 121 to 151 months (10 to 12 years).

But Judge Chatigny said he had concerns that “the total offense level does overstate the seriousness of Mr. Levashov’s crimes and his criminal culpability,” and said he believed Levashov was unlikely to offend again.

“33 months is a long time and I’m sure it was especially difficult for you considering that you were away from your wife and child and home,” Chatigny told the defendant. “I believe you have a lot to offer and hope that you will do your best to be a positive and contributing member of society.”

Mark Rasch, a former federal prosecutor with the U.S. Justice Department, said the sentencing guidelines are no longer mandatory, but they do reflect the position of Congress, the U.S. Sentencing Commission, and the Administrative Office of the U.S. Courts about what seriousness of the offenses.

“One of the problems you have here is it’s hard enough to catch and prosecute and convict cybercriminals, but at the end of the day the courts often don’t take these offenses seriously,” Rasch said. “One the one hand, sentences like these do tend to diminish the deterrent effect, but also I doubt there are any hackers in St. Petersburg right now who are watching this case and going, ‘Okay, great now I can keep doing what I’m doing.’”

Judge Chatigny deferred ruling on what — if any — financial damages Levashov may have to pay as a result of the plea.

The government acknowledged that it was difficult to come to an accurate accounting of how much Levashov’s various botnets cost companies and consumers. But the plea agreement states a figure of approximately $7 million — which prosecutors say represents a mix of actual damages and ill-gotten gains.

However, the judge delayed ruling on whether to impose a fine because prosecutors had yet to supply a document to back up the defendant’s alleged profit/loss figures. The judge also ordered Levashov to submit to three years of supervised release, which includes constant monitoring of his online communications.

The Rise of Big Data | Solving Today’s Challenges with SentinelOne XDR (Part 1)

/0 Comments/in /by

Extended Detection and Response (XDR) has become a prominent topic amongst security vendors and analysts in recent months. The promise of improved threat detections across a broader range of interconnected hardware and software solutions feels a lot like the early days of SIEM as it expanded beyond simple log management capabilities. Like with most legacy SIEM deployments, early XDR customers have struggled to balance investments in tooling and positive business outcomes. In fact, most enterprises have yet to fully consider the cost and complexity associated with data collection and analytics required by some vendor XDR solutions. Let’s take a look at the challenges in more detail and consider how SentinelOne is revolutionizing the XDR landscape by tackling one of the largest and most complex obstacles threatening successful XDR adoption: data management at scale.

Data Is Growing, Exponentially

IDC predicts that by 2025, the total volume of data stored globally will reach 175ZB! That’s a whopping 5-fold increase from 2018 (33ZB). For those that stopped counting at gigabytes, one zettabyte is equal to one trillion GB. Stored on DVD media, that would be a stack of disks spanning to the moon and back 12 times! But how does this data break down, and how much of this can be used to inform better security decisions to keep enterprises safe from targeted attacks? Let’s dig a little deeper into the data.

Of the predicted 175ZB, roughly 85% is enterprise and/or public cloud data storage. More importantly, IDC predicts that by 2025 as much as 30% of this data will be classified as ‘real-time, sensorized’ telemetry from endpoint and IoT devices. This presents an enormous challenge – as well as opportunity – for enterprises looking to improve their security posture by leveraging this abundant wealth of data.

Source: IDC/Seagate DataAge Study

Remember that data alone is not useful and that more data does not magically become more useful by volume. Data must be contextualized and analyzed to become information. By that same understanding, we know that information only becomes knowledge once we apply meaningful linkages between multiple points of information, assembling the contextualized data into actionable results. Therefore, data without context tends to be superfluous, and our human brains quickly try to expel such unimportant bits of data.

Effective Data Management Requires Context

Most enterprises today generate mountains of telemetry data for each and every entity including the activity logs from users, devices, applications and sensors. In this ‘age-of-observability’ we can be certain that nothing important happens without a corresponding record of it having occurred. This typically takes the form of a log or event: a transactional message that describes the entity, action, attributes and possibly a response condition. Additional forms of telemetry can contain simple metrics containing sampled or summarized measurements.

Information security has taught us that even the most innocuous and banal sets of data might somehow be relevant in the scope of an investigation or malicious detection. Frequently, we don’t know what we don’t know until long after a successful breach from a stealthy adversary. While most attacks can be thwarted by an effective endpoint detection and prevention platform before they impact the enterprise, analysis of the breadcrumbs trail left behind can be the only effective means to identify the attackers’ TTPs (tactics, techniques and procedures) as well as possible motivations and the scope of an attack.

Singularity ActiveEDR/XDR leverages the unique capabilities of SentinelOne’s patented Storyline technology to stitch together disparate security events into a single timeline and attack visualization, complete with MITRE ATT&CK technique attribution as well as threat actor details where possible.

Rogue Devices / Shadow IT Creates Information Blind Spots

There’s also much to be learned by what is NOT in the sensor data collected by an enterprise. Attackers are opportunistic and will target any and all exposed devices – not just the ones that are known to the security operations team. As the enterprise attack surface expands (thanks to IoT, cloud transformation, containerized workloads and BYOD) so too does the need to expand our sources of telemetry, minimizing or eliminating any blind spots that inevitably exist.

Most organizations struggle to maintain an accurate inventory of connected devices, and fewer yet have the ability to identify when rogue or orphan devices appear on the network that could pose a potential security risk.

By harnessing the existing sensor grid – and the data collected from it – enterprises can more quickly identify gaps in security coverage to protect  more of the attack surface. When event volumes from existing sensors change without a justified policy modification, security operations can be notified to ensure a configuration change – whether malicious or benign – hasn’t left the device in a state where logging is disabled or reduced.

Singularity Ranger provides enterprises visibility into the entirety of their device estate, enabling security operations teams to quickly identify unmanaged/at-risk devices, fingerprinting their characteristics and highlighting those without protection capabilities. Ranger Deploy can then perform remote agent installation and policy enforcement of supported systems to reduce the enterprise attack surface and improve an organization’s security posture.

Singularity Ranger
Network Visibility & Control. A cloud
delivered, software-defined network discovery solution designed to add global network visibility and control with minimal friction.

Learn More

Accessibility Through Integration

The volume of sensor data is not the only significant challenge facing enterprises today. More important is the location and cross-platform accessibility of discrete data silos. In cybersecurity use cases, this has for years been the purview of a Security Information Event Management (SIEM) platform where logs/events were collected and stored from the most common sources of telemetry, namely firewalls, intrusion detection platforms, legacy antivirus solutions and a short list of critical server assets.

With the advent of Endpoint Detection & Response (EDR) enterprises have access to enormous volumes of high-fidelity, high-value, real-time event data from protected endpoints, but this data typically resides in an entirely separate data repository from SIEM. As more enterprise workloads are moved to PaaS/IaaS solutions, we see yet another disconnected silo of data from a new set of sensors.

Combining these disparate and quite unique sets of endpoint, cloud, network and security data in one location is costly, and the value realized is often difficult if not impossible to justify. As enterprise security architectures become more diverse, it is more important than ever that cross-vendor data analytic models become part of an effective detection and protection arsenal.

The Singularity Marketplace ensures that the growing list of partners in the SentinelOne security ecosystem can be easily integrated into both the data collection pipeline as well as the response and remediation options of a diverse enterprise.

The sheer number of telemetry sources, combined with the unique nature of each data source (different formats, content, context and cardinality) has created a challenging data problem for today’s enterprise. To effectively consume, parse, enrich, normalize, store and analyze this massive set of data is not a cost-effective proposition for most organizations. As a result, most enterprises are faced with the burden of selectively choosing which data sources to process based on the perceived value of each as it relates to business process improvement or greater security efficacy.

Singularity Marketplace
Extend the power of the Singularity XDR Platform with one-click applications for unified prevention, detection, and response.

Learn More

All data is not equal in terms of value from a security operations perspective. Sometimes, the easiest data to consume (WMI logs from Windows, for example) can be the least useful in terms of threat detection and security incident triage. More often, the most voluminous logs within an enterprise like network flow data, email transaction logs, DNS request/response events and authentication alerts provide greater value, but the low signal-to-noise ratio makes them too cumbersome to collect and process in real-time without an efficient, performant and scalable data management platform.

Data Retention: The Key to Effective Threat Hunting

Another challenge facing enterprise security teams is the cost implication of long-term retention and searchability of collected telemetry. Consuming high-value, high-volume data but being forced to ‘roll over’ after 30 days certainly fails the SecOps use case of historical hunting.

In fact, most vendors tend to cap retention at between 7 and 30 days! As we saw recently with the SolarWinds supply chain attack, it was months before the security community were made aware of the malicious artifacts and adversarial TTPs. This meant that many organizations were unable to perform the historical hunting across the relevant time window because those logs had already aged out of the platform or had been moved into offline archives making it difficult to triage the scope of the attack.

Customers of the SentinelOne Singularity platform can perform real-time threat hunting across a live 365-day retention period, allowing SOC analysts full artifact and adversarial TTP visibility across an entire year of event collection. 

Automated hunting and alerting rules can be created using SentinelOne patented STAR™ (Storyline Active Response) functionality, triggering on data from real-time and historical EDR and 3rd-party telemetry stored in the Deep Visibility data store. Content packs containing relevant adversarial artifacts (IoCs) are published for automated detection of known threat actor campaigns. For even longer term retention, we will be offering a capability called HindSight, which provides a facility to archive even longer periods of data for limitless retroactive threat hunting across the entire scope and duration of data collected.

Key Takeaways

The solution to the challenges of data management at scale is a data management strategy that democratizes the data generated, collected and analyzed by an enterprise.

As a general rule:

  • No one application should hold your data hostage
  • Duplication of data in multiple repositories is costly and unmanageable
  • Maintaining disparate data silos leads to missed threat detections and blind spots in security incident triage and scoping efforts
  • Enterprises should never be faced with the necessity to collect/store reduced volumes of highly relevant sensor data to justify the Cost:Value equation

In the next post in this blog series on XDR, we will highlight some of the unique capabilities delivered through the SentinelOne Data Platform (formerly Scalyr Event Data Cloud). Stay tuned for a deeper look into how SentinelOne is transforming the XDR landscape with unparalleled sensor collection and processing capabilities, improved signal to noise reduction, meaningful threat detections that span multiple sources and prescriptive and actionable response integrations.

SentinelOne Singularity XDR
See how SentinelOne XDR provides end-to-end enterprise visibility, powerful analytics, and automated response across your complete technology stack.

Learn More

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

JLL, Khosla lead Jones’ $12.5M Series A for real estate vendor compliance

/0 Comments/in /by

Commercial real estate tenants and property managers have to abide by strict liability rules that any vendor entering the property must have insurance certificates and meet other requirements. The approval process for this currently can take days and is still largely done on paper.

Enter Jones. The New York-based commercial real estate startup is curating a marketplace of pre-approved vendors for tenants and property managers to find and hire the people they need in a compliant way.

To continue advancing its network, the company announced Monday it raised $12.5 million in Series A funding led by JLL Spark and Khosla Ventures that also included strategic investors Camber Creek, Rudin Management, DivcoWest and Sage Realty. This new investment brings Jones’ total raised to $20 million, according to Crunchbase data.

Jones, founded in 2017, also manages certifications and approvals, moving the whole process online. Its technology can process an insurance certificate in less than an hour and reduce the overall vendor approval time to 2.5 days — from 12 days — with 99.9% accuracy, co-founder and CEO Omri Stern told TechCrunch.

The accuracy portion is key. With much of the work being done by hand, current accuracy is at about 30%, he added. In addition, the certifications are lengthy, and it is typically up to property managers to parse through the insurance documents to identify what is missing rather than spending time with tenants.

“In the consumer world, a homeowner expects to go on a marketplace and find a service and hire them,” Stern said. “Office managers and tenants can’t get their preferred vendors through the approval process, so we want to provide a similar digital experience that they can consume and use in real estate.”

He says Jones’ differentiator from competitors is that all of the stakeholders are in place: a group of high-profile real estate customers, including Lincoln Property Co., Prologis, DivcoWest, Rudin Management, Sage Realty and JLL.

Yishai Lerner, co-CEO of JLL Spark, agrees, telling TechCrunch that commercial real estate is one of the largest and last asset classes that is undergoing a technology transformation, similar to what fintech was 20 years ago.

He estimates the U.S. market to be $16 trillion, of which technology could unlock a lot of the value. That opportunity was one of the drivers for JLL to create JLL Spark, where Jones is one of the first investments.

Though Lerner spent time with property management teams on the ground, he became up close and personal with the problem when his wife, while moving offices, found out her vendors were not allowed in the building because they didn’t have the right insurance.

“We learned that property managers spend half of their time just working to verify the compliance of vendors coming into their building,” Lerner said. “We wondered why there wasn’t technology for this. Jones was doing construction at the time, and we brought them into commercial real estate because they had an example of how technology could solve the problem.”

Meanwhile, the Series A comes at a time when Stern is seeing Jones’s SaaS tool take off in the past 10 months. He would not get specific with growth metrics, but did say that what is driving growth is “competing against the status quo” as companies are searching for and adapting workflow solutions.

The company intends to use the new funds on product development in both quicker and easier approvals and bringing on new vendors. Jones already works with tens of thousands of vendors. It will also focus on integration, offering an API that could be used in other industry verticals where compliance is necessary.

Stern would also like to continue building the team. Having brought in real estate experts, he is now also looking for people with backgrounds in fintech, cybersecurity and insurtech to bring in additional perspectives.

“We are building an incredible company with the opportunity to be the next big digital marketplace,” he added.

9 top real estate and proptech investors: Cities and offices still have a future