Feature Spotlight: Fully Custom Role-Based Access Control

/0 Comments/in /by

We are delighted to announce the next step in SentinelOne’s role-based access control (RBAC) capability: supporting fully custom roles. After collecting customer feedback for this new feature, we are now delivering it to the benefit of our global customer base, including but not limited to multi-site enterprises spanning multiple geographies.

Admins now have the flexibility to create unique roles with custom permission settings tuned to the specific needs of their organization, directly from the SentinelOne management console. The six (6) predefined roles – Viewer, C-Level, IT, SOC, IR Team, and Admin – remain unchanged and immediately available, to assist customers with a quick start. Administrators can also create granular API orchestration roles specific to an XDR workflow.

Custom RBAC Roles

Each SentinelOne customer can now customize permissions so that user experience is optimized for diverse groups of user personas in their organization. Building upon the principle of least privileges, administrators can build and fine-tune the right access level to the minimum set of resources which users need to do their job effectively, striking the right balance between business agility and security. For example, an administrator would not likely grant configuration change privileges for production assets to security analysts, who would instead alert the application owner for follow-up, or perhaps a persona in one site requires different permissions than a similar role at another.

Creating a Custom Role

Creating a custom role is simple. Before starting, make sure you have the appropriate scope selected. Then, from the Settings Panel, select the Users tab. Click Roles, and under Actions, New Role. Give it a unique name and description, then click to select/deselect the various permissions for this role. Once saved, you can assign users to the new role. It’s even easier than it sounds.

Editing a Custom Role

Perhaps you had an oversight or need to make a change. No problem. Modifying a role is equally straightforward. Click on a role name from the list, make the change, and save.

Duplicating a Custom Role

As an extra level of convenience when creating new roles, customers can copy a similar role and make the few permissions changes necessary. This helps admins move forward quickly.

Delete a Custom Role, Reassign Users

Sometimes, a custom role outlives its usefulness. Of course, when deleting a custom role, consideration should be given to the users who have been previously assigned to this role. SentinelOne understands this, so we made it easy for admins to delete a role and reassign users in the same breath.

To delete a role, simply select the role name checkbox, go to Actions > Delete Role. Then select the role to which you wish to reassociate affected users, and click Reassign & Delete. And, for the astute reader: the six aforementioned predefined roles can never be edited or deleted.

Summary

SentinelOne remains fully committed to customer success. Part of that commitment is listening and responding to customer feedback, which we are always grooming within our product innovation backlog. We hope that this fully customizable role capability helps simplify your cybersecurity journey.

To learn more about how SentinelOne has extended autonomous cybersecurity beyond the user endpoint to cloud workloads and IoT devices, feel free to visit our Singularity Cloud and Singularity Ranger pages.

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Customer experience startup Sprinklr files confidential S-1 with SEC

/0 Comments/in /by

Sprinklr, a New York-based customer experience company, announced today it has filed a confidential S-1 ahead of a possible IPO.

“Sprinklr today announced that it has confidentially submitted a draft registration statement on Form S-1 with the Securities and Exchange Commission (the ‘SEC”) relating to the proposed initial public offering of its common stock,” the company said in a statement.

It also indicated that it will determine the exact number of shares and the price range at a later point after it receives approval from the SEC to go public.

The company most recently raised $200 million on a $2.7 billion valuation last year. It was its first fundraise in 4 years. At the time, founder and CEO Ragy Thomas said his company expected to end 2020 with $400 million in ARR, certainly a healthy number on which to embark as a public company.

Sprinklr launches major push into customer experience

He also said that Sprinklr’s next fundraise would be an IPO, making him true to his word. “I’ve been public about the pathway around this, and the path is that the next financial milestone will be an IPO,” he told me at the time of the $200 million round. He said that with COVID, it probably was a year or so away, but the timing appears to have sped up.

Sprinklr sees customer experience management as a natural extension of CRM, and as such a huge market potentially worth $100 billion, according to Thomas. But he also admitted that he was up against some big competitors like Salesforce and Adobe, helping explain why he fundraised last year.

Sprinklr was founded in 2009 with a focus on social media listening, but it announced a hard push into customer experience in 2017 when it added marketing, advertising, research, customer and e-commerce to its social efforts.

The company has raised $585 million to date, and has also been highly acquisitive, buying 11 companies along the way as it added functionality to the base platform, according to Crunchbase data.

T2D3 Software Update: Embracing the Founder to CEO (F2C) Journey

Sprinklr raises $200M on $2.7B valuation four years after last investment

Genesis raises $45M to expand its fintech-focussed low-code platform to more verticals

/0 Comments/in /by

Low-code and no-code tools have been a huge hit with enterprises keen to give their operations more of a tech boost, but often lack the resources to handle more complex integrations. Today, one of the startups that has been building low-code finance tools is announcing funding to tap into that trend and expand its business.

Genesis — which has to date primarily worked with financial services companies, giving non-technical employees the tools to create ways to monitor and manage real-time risk, high-frequency trades and other activities — has picked up $45 million. It plans to use the funding to bring the tools it has already built to a wider set of verticals that have some of the same needs to manage risk, compliance and other factors as finance — healthcare and manufacturing are two examples — as well as to continue building more into the stack. 

This Series B includes a mix of financial investors along with strategic backers that speak to who already integrates with Genesis’ tools on their own platforms.

Led by Accel, it also includes participation from new backers GV (formerly Google Ventures) and Salesforce Ventures, in addition to existing investors Citi, Illuminate Financial and Tribeca Venture Partners, who also invested in this round. To give you an idea of who it works with, Citi, ING, London Clearing House and XP Investments are some of Genesis’ customers.

Originally conceived in 2012 in Brazil by a pair of British co-founders — Stephen Murphy (CEO) and James Harrison (CTO), who cut their teeth in the world of investment banking — Genesis had raised less than $5 million before this round, mostly bootstrapping its business and leaning on Murphy and Harrison’s existing relationships in the world of finance to grow its customer base.

Today, Murphy lives in and leads the business from Miami — where he moved from New York just as the COVID-19 pandemic was starting to gain steam last year — while James Harrison (CTO) leads part of the team based out of the U.K.

Five VCs discuss how no-code is going horizontal across the world’s industries

As you might imagine with so little funding before now for a company going on nine years old, Genesis was doing fine financially before this Series B, so the plan is to use the funding specifically to grow faster than it could have on its own steam. The startup is not disclosing its valuation with this round.

“We were not really fixated on valuation,” said Murphy in an interview, who said the funding came about after a number of VCs had approached the startup. “The most important thing is the future opportunity and where we could take the company with additional funding… this will help us hyper scale up.” He did note that the term sheets contained “some amazing numbers and multiples,” given the current interest in no-code and low-code technology.

Indeed, the vogue for no-code and low-code tech — other well-funded names in the crowded space include startups like Zapier, Airtable, Rows, Gyana, Bryter, Ushur, Creatio and EasySend, as well as significant launches from Google and Microsoft and other bigger players — is coming out of two trends colliding.

On one side, we’ve well and truly entered an era in enterprise technology — with the same trend playing out in consumer tech, too — where smart developers are taking sophisticated and complex services and putting “wrappers” around them by way of APIs and simpler (low- or no-code) interfaces, so that those sophisticated tools can in turn be integrated and implemented in more places. This saves needing to build or integrate that complexity from scratch and expands access to the processes within those wrappers.

On the other side, the thirst for tech knowledge has become well and truly mainstream and as a result is getting far more democratized. Working in a variety of applications, using different digital tools and devices and seeing the fruits of tech pay off are all second nature to today’s working world — whether or not you are a technologist. So it’s no surprise to see more proactive, non-technical people looking for more ways to get their hands on these tools themselves.

“You now have a whole citizen developer world, for example business analysts who understand the solution you want but might not know how to get there,” Murphy said. “We play to seasoned developers first but the investment will help us put more low-code and no-code tools into place to widen the tools out to them.”

Starting out in finance made sense not just because that was where the two founders had previously worked, but also because of the history of how different software tools were already being used. Specifically, he noted that the ubiquity of microservices — which themselves are collections of services as apps — laid the groundwork for more low-code. “We saw that if we could build a low-code entry point to microservices, that would be powerful.”

On top of that, investment banks, he said, have a history of wanting to build things themselves to tailor to their specific needs. “Buying off the shelf means you are at the mercy of the vendor,” he said. These factors made financial services companies very receptive to what Genesis was offering.

While a lot of the no/low-code players are coming at the concept with specific verticals in mind — no surprise, since different verticals have very specific use cases and needs — what’s interesting with Genesis is how the company is leveraging what it already knows about finance, and then looking at other industries that have similar demands, structures and rules.

Creatio raises $68M as the low-code space keeps attracting huge checks

Murphy said that Genesis will stay “very focused on financial markets for 2021” but that it’s identified a number of other verticals similar to it, and is actually already seeing some inbound interest from them.

“A number of people have already approached us from the world of healthcare,” he said, pointing out that these organizations, like financial services, face challenges around how to audit data and regulations around performing transactions. Manufacturing, meanwhile, has some parallels around the area of complex event processing similar to equity algorithmic trading, he said. (In short, this relates to how external events might trigger more transactions, not unlike how external factors affect manufacturing operations.)

The trend is one that analysts forecast will only grow in the coming years: Gartner, for example, says that by 2024, low-code platforms will account for no less than 65% of all app development activity.

“Low-code promises business users the autonomy to make their own technology usage and purchase decisions while enabling them to actually build their own applications without having to rely on IT,” said Andrei Brasoveanu, a partner at Accel, said in a statement. “By bringing one of the most transformative innovations in software development to financial services, Steve and the Genesis team are taking on a huge market of legacy vendors — and winning too — while delivering on the promise of low-code. The confidence they’ve gained from serving such large institutions is proof that there’s a real and urgent need for a purpose-built low-code solution for financial markets. We’re excited to partner with Genesis and support them in delivering this across the world.” Brasoveanu is joining the startup’s board with this round.

Airtable is now valued at $5.77B with a fresh $270 million in Series E funding

/0 Comments/in /by

Airtable, the no-code relational database that has amassed a customer base that spans 250,000 different organizations, has today announced the close of $270 million in Series E funding. The valuation comes out to $5.77 billion post-money, more than doubling its valuation from September, when it raised $185 million in Series D funding.

This latest round was led by Greenoaks Capital, with participation from WndrCo, as well as existing investors Caffeinated Capital, CRV and Thrive.

The company says it plans to use the funding to accelerate the development of its enterprise product and growing the team. Also of note: Founder and CEO Howie Liu told Forbes that he was approached by Greenoaks, rather than actively seeking funding.

Airtable is a relational database that many describe as a souped-up version of Excel or Google Sheets. Being such, and having the infrastructure to support an app ecosystem on top of that, means that this no-code tool can actually be used to write software. In other words, the use cases are nearly infinite, and so is the potential customer base.

Bottom-up SaaS: A framework for mapping pricing to customer value

Greenoaks Capital partner Neil Mehta basically said as much in the press release:

We believe Airtable is chasing a massive opportunity to become the ‘residual’ software platform for every bespoke and custom use case that is either performed manually today or structurally underserved by rigid third-party software. By equipping business users with fundamental software primitives that can be assembled together into powerful business applications, Airtable has become central to its users’ everyday workflows but at the same time is scalable and extensible enough to support incredibly complex enterprise use cases like ticketing, content management, and CRM.

Airtable has raised a total of $617 million since inception, according to Crunchbase.

Early Stage is the premier “how-to” event for startup entrepreneurs and investors. You’ll hear firsthand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company building: Fundraising, recruiting, sales, product-market fit, PR, marketing and brand building. Each session also has audience participation built-in — there’s ample time included for audience questions and discussion. Use code “TCARTICLE” at checkout to get 20% off tickets right here.

Cyware nabs $30M to help organizations detect and stop advanced cyber attacks

/0 Comments/in /by

Malicious hacking has become a pernicious and dogged fact of life for more organizations, and it’s a threat that has seemingly grown more complicated and sophisticated over time. One one effective approach to tackling that has been collaboration: not just applying an array of services to address the issue, but creating environments to help those building cybersecurity to work better together. Today one of the startups building tools to do just that is announcing a round of funding, underscoring the opportunity and its own growth within that.

Cyware, a New York startup that has created a platform for organizations to build and operate virtual “cyber fusion centers” —
spaces for people to share threat intelligence, run end-to-end security automation, and orchestrate and execute 360-degree threat responses — has picked up $30 million in funding, a Series B that it will use to continue growing its business.

The funding is being co-led by Advent International and Ten Eleven Ventures. Advent made some waves in the cybersecurity industry last year when it partnered with Crosspoint to acquire Forescout for $1.9 billion. Ten Eleven, meanwhile, is a VC that specializes in cybersecurity startups. Prelude Fund (the venture practice at Mercato Partners), Emerald Development Managers, Great Road Holdings and cloud security firm Zscaler — a mix of financial and strategic investors — also participated. Before this, the startup had raised around $13 million, and it is not disclosing its valuation.

The story of the last year in the world of business has been about how everything has gone online: people and their companies have been working remotely; consumers are browsing, buying and entertaining themselves over the internet and with apps. Digital is where all the traffic is.

Unsurprisingly that has also played out in the world of cybersecurity: the threat landscape has grown, and so cybersecurity responses have grown with them. Cyware said that in the last year it saw 120% year-over-year growth in annual recurring revenue — although it doesn’t disclose actual revenue figures. Its customers are a mix of large enterprises, but also those who both collaborate with others to manage cyber security, such as information sharing communities (ISACs), as well as organizations that manage cybersecurity on behalf of a number of others, such as managed security service providers and computer emergency response teams.

Although many might have a stereotype of a malicious hacker in their heads who sits alone in a darkened room with a determined look in his/her eye, the reality is more likely to be a collaboration between a number of people, providing tips, technology, threads that are developed and so on. Cyware, in its focus on providing a platform for collaboration and creating operations centers, seems to take the same approach in what it has built, a platform to make collaborating easier and part of the solution.

It does so through security orchestration, automation and response (known as SOAR), used by teams to collaborate better and make more informed threat scoring, and to respond better to threat alerts. Indeed, a key part of the challenge for a lot of security services is that they cross multiple parts of organizations, including IT, compliance, trust and safety, and indeed security itself. One aim of Cyware is to create a platform for these all to meet and exchange information that could be helpful to others in one place.

“Over the past decade, security operations teams have had difficulty with trying to sift through copious amounts of threat data and lacked the humans’ role as part of their security orchestration strategies,” said Anuj Goel, Ph.D., cofounder and CEO of Cyware, in a statement. “Our goal with our Virtual Cyber Fusion platform is to help our customers unite their security teams to efficiently respond to high-priority threats by connecting the dots in their environments, and the momentum we’re experiencing is proof that we are executing on that mission. This Series B financing will help us continue to overdeliver for customers, expand our team, improve our platform and truly revolutionize how security operations and threat intelligence teams work together.”

Goel, who cofounded the company with CTO Akshat Jain, cut his teeth in a big security team, as head of global cyber strategy for Citi. He is also an advisor for the Centre for Strategic Cyberspace in London and has worked with other organizations on collaborative approaches to the problem and consequences of malicious hacking.

Investors will have not just been looking at the company’s growth, but also the list of customers — themselves also leaders in cyber — that are trusting Cyware.

“In our increasingly connected environment, companies of all sizes are demanding new and innovative cybersecurity solutions,” said Eric Noeth, Principal, Advent International, in a statement. “Cyware’s early traction among leading enterprises and major ISACs reflects its unique ability to bring together all key security functions to seamlessly anticipate, contextualize and remediate threats. We look forward to drawing on our experience in this sector to help the talented Cyware team make its Virtual Cyber Fusion platform the gold standard technology for enterprises around the world.”

Noogata raises $12M seed round for its no-code enterprise AI platform

/0 Comments/in /by

Noogata, a startup that offers a no-code AI solution for enterprises, today announced that it has raised a $12 million seed round led by Team8, with participation from Skylake Capital. The company, which was founded in 2019 and counts Colgate and PepsiCo among its customers, currently focuses on e-commerce, retail and financial services, but it notes that it will use the new funding to power its product development and expand into new industries.

The company’s platform offers a collection of what are essentially pre-built AI building blocks that enterprises can then connect to third-party tools like their data warehouse, Salesforce, Stripe and other data sources. An e-commerce retailer could use this to optimize its pricing, for example, thanks to recommendations from the Noogata platform, while a brick-and-mortar retailer could use it to plan which assortment to allocate to a given location.

Image Credits: Noogata

“We believe data teams are at the epicenter of digital transformation and that to drive impact, they need to be able to unlock the value of data. They need access to relevant, continuous and explainable insights and predictions that are reliable and up-to-date,” said Noogata co-founder and CEO Assaf Egozi. “Noogata unlocks the value of data by providing contextual, business-focused blocks that integrate seamlessly into enterprise data environments to generate actionable insights, predictions and recommendations. This empowers users to go far beyond traditional business intelligence by leveraging AI in their self-serve analytics as well as in their data solutions.”

Image Credits: Noogata

We’ve obviously seen a plethora of startups in this space lately. The proliferation of data — and the advent of data warehousing — means that most businesses now have the fuel to create machine learning-based predictions. What’s often lacking, though, is the talent. There’s still a shortage of data scientists and developers who can build these models from scratch, so it’s no surprise that we’re seeing more startups that are creating no-code/low-code services in this space. The well-funded Abacus.ai, for example, targets about the same market as Noogata.

Five VCs discuss how no-code is going horizontal across the world’s industries

“Noogata is perfectly positioned to address the significant market need for a best-in-class, no-code data analytics platform to drive decision-making,” writes Team8 managing partner Yuval Shachar. “The innovative platform replaces the need for internal build, which is complex and costly, or the use of out-of-the-box vendor solutions which are limited. The company’s ability to unlock the value of data through AI is a game-changer. Add to that a stellar founding team, and there is no doubt in my mind that Noogata will be enormously successful.”

Abacus.AI raises another $22M and launches new AI modules

WeLeakInfo Leaked Customer Payment Info

/0 Comments/in /by

A little over a year ago, the FBI and law enforcement partners overseas seized WeLeakInfo[.]com, a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to WeLeakInfo let someone plunder and publish account data on 24,000 customers who paid to access the service with a credit card.

For several years, WeLeakInfo was the largest of several services selling access to hacked passwords. Prosecutors said it had indexed, searchable information from more than 10,000 data breaches containing over 12 billion indexed records — including names, email addresses, usernames, phone numbers, and passwords for online accounts.

For a small fee, you could enter an email address and see every password ever associated with that address in a previous breach. Or the reverse — show me all the email accounts that ever used a specific password (see screenshot above). It was a fantastic tool for launching targeted attacks against people, and that’s exactly how the service was viewed by many of its customers.

Now, nearly 24,000 WeLeakInfo’s customers are finding that the personal and payment data they shared with WeLeakInfo over its five-year-run has been leaked online.

WeLeakInfo’s service fees.

In a post on the database leaking forum Raidforums, a regular contributor using the handle “pompompurin” said he stole the WeLeakInfo payment logs and other data after noticing the domain wli[.]design was no longer listed as registered.

“Long story short: FBI let one of weleakinfo’s domains expire that they used for the emails/payments,” pompompurin wrote. “I registered that domain, & was able to [password] reset the stripe.com account & get all the Data. [It’s] only from people that used stripe.com to checkout. If you used paypal or [bitcoin] ur all good.”

Cyber threat intelligence firm Flashpoint obtained a copy of the data leaked by pompompurin, and said it includes partial credit card data, email addresses, full names, IP addresses, browser user agent string data, physical addresses, phone numbers, and amount paid. One forum member commented that they found their own payment data in the logs.

How WeLeakInfo stacked up against its competitors (according to WLI).

According to DomainTools [an advertiser on this site] Wli[.]design was registered on Aug. 24, 2016 with the domain registrar Dynadot. On March 12, the domain was moved to another registrar — Namecheap.

Pompompurin released several screenshots of himself logged in to the WeLeakInfo account at stripe.com, an online payment processor. Under “management and ownership” was listed a Gerald Murphy from Fintona, U.K.

Shortly after WeLeakInfo’s domain was seized by authorities in Jan. 2020, the U.K.’s National Crime Agency (NCA) arrested two individuals in connection with the service, including a 22-year-old from Fintona.


PLENTY OF TIME FOR OPSEC MISTAKES

It’s been a tough few months for denizens of various hacking forums, which are finding themselves on the defensive end of a great many attacks testing the security of their aliases and operational security lately. Over the past few weeks three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked.

In two of the intrusions (against the Russian hacking forums “Mazafaka” and “Verified”) — the attackers made off with the forums’ user databases, including email and Internet addresses and hashed passwords.

“Members of all three forums are worried the incidents could serve as a virtual Rosetta Stone for connecting the real-life identities of the same users across multiple crime forums,” a recent story here explained.

An exposure of 15 years worth of user data from a forum like Mazafaka is a big risk for registrants because investigators often can use common registration details to connect specific individuals who might have used multiple hacker handles over the years.

Many of the domains from the email addresses listed in the Maza dump date to the early 2000s, back when budding cybercriminals typically took fewer precautions to obfuscate or separate the myriad connections to their real-life identities online.

The biggest potential gold mine for de-anonymizing Maza members is the leak of user numbers for ICQ, an instant messaging service formerly owned by AOL that was widely used by cybercrime forum members up until around 2010. That’s about when AOL sold the platform in 2010 to Russian investor DST for $187.5 million.

Back then, people often associated their ICQ numbers to different interests, pursuits and commerce tied to their real life identities. In many cases, these associations are on public, Russian language forums, such as discussion sites on topics like cars, music or programming.

In a common inadvertent exposure, a cybercriminal happens to make an innocuous post 15 years ago to a now-defunct Russian-language automobile forum.

That post, preserved in perpetuity by sites like archive.org, includes an ICQ number and says there’s a guy named Sergey in Vladivostok who’s selling his car. And the profile link on the auto forum leads to another now-defunct but still-archived personal site for Sergey.

Interestingly, services like WeLeakInfo can just as easily be used against cybercriminals as by them. For example, it’s likely that the database for the automobile forum where Sergey posted got compromised at some point and is for sale on sites like WeLeakInfo (there are active competitors).

Ditto for any other forum where Sergey used the same email address or password. When researchers start finding password re-use across multiple email addresses that all follow a pattern, it becomes much easier to tie Sergey from Vladivostok to his cybercriminal and real-life identities.

DeepSee.ai raises $22.6M Series A for its AI-centric process automation platform

/0 Comments/in /by

DeepSee.ai, a startup that helps enterprises use AI to automate line-of-business problems, today announced that it has raised a $22.6 million Series A funding round led by led by ForgePoint Capital. Previous investors AllegisCyber Capital and Signal Peak Ventures also participated in this round, which brings the Salt Lake City-based company’s total funding to date to $30.7 million.

The company argues that it offers enterprises a different take on process automation. The industry buzzword these days is ‘robotic process automation,’ but DeepSee.ai argues that what it does is different. I describe its system as ‘knowledge process automation’ (KPA). The company itself defines this as a system that “mines unstructured data, operationalizes AI-powered insights, and automates results into real-time action for the enterprise.” But the company also argues that today’s bots focus on basic task automation that doesn’t offer the kind of deeper insights that sophisticated machine learning models can bring to the table. The company also stresses that it doesn’t aim to replace knowledge workers but help them leverage AI to turn the plethora of data that businesses now collect into actionable insights.

Image Credits: DeepSee.ai

“Executives are telling me they need business outcomes and not science projects,” writes DeepSee.ai CEO Steve Shillingford. “And today, the burgeoning frustration with most AI-centric deployments in large-scale enterprises is they look great in theory but largely fail in production. We think that’s because right now the current ‘AI approach’ lacks a holistic business context relevance. It’s unthinking, rigid, and without the contextual input of subject-matter experts on the ground. We founded DeepSee to bridge the gap between powerful technology and line-of-business, with adaptable solutions that empower our customers to operationalize AI-powered automation – delivering faster, better, and cheaper results for our users.”

To help businesses get started with the platform, DeepSee.ai offers three core tools. There’s DeepSee Assembler, which ingests unstructured data and gets it ready for labeling, model review and analysis. Then, DeepSee Atlas can use this data to train AI models that can understand a company’s business processes and help subject-matter experts define templates, rules and logic for automating a company’s internal processes. The third tool, DeepSee Advisor, meanwhile focuses on using text analysis to help companies better understand and evaluate their business processes.

Currently, the company’s focus is on providing these tools for insurance companies, the public sector and capital markets. In the insurance space, use cases include fraud detection, claims prediction and processing, and using large amounts of unstructured data to identify patterns in agent audits, for example.

That’s a relatively limited number of industries for a startup to operate in, but the company says it will use its new funding to accelerate product development and expand to new verticals.

“Using KPA, line-of-business executives can bridge data science and enterprise outcomes, operationalize AI/ML-powered automation at scale, and use predictive insights in real time to grow revenue, reduce cost, and mitigate risk,” said Sean Cunningham, Managing Director of ForgePoint Capital. “As a leading cybersecurity investor, ForgePoint sees the daily security challenges around insider threat, data visibility, and compliance. This investment in DeepSee accelerates the ability to reduce risk with business automation and delivers much-needed AI transparency required by customers for implementation.”

The Good, the Bad and the Ugly in Cybersecurity – Week 11

/0 Comments/in /by

The Good

It seems as though we have been on a roll the last few months with notable cybercrime arrests. This week, South Korean police announced the arrest of a 20-year old individual suspected of distributing and operating GandCrab ransomware.

Authorities did not reveal the name of the individual but say he was an ‘affiliate’ (aka customer) of GandCrab RaaS rather than the developer or primary seller. The unnamed male has been charged with distributing GandCrab, via phising emails, to targets primarily across South Korea. Between February and June of 2019, the suspect allegedly targeted approximately 6,000 addresses with phishing emails pretending to come from official entities such as local police stations, the Constitutional Court and the Bank of Korea. Victims were instructed to pay around $1300 in Bitcoin.

The attacker, who took 7% of the haul from each paying victim with the rest going to the GandCrab operators, is said to have only made about $10,500 (12M Won) from approximately 120 victims. Law enforcement were able to track the activities of the accused via cryptocurrency transactions. Despite common misconceptions, Bitcoin transactions are not anonymous. It would appear as though the suspect did not account for that, allowing authorities to easily determine the source and destination of key transactions. GandCrab is now retired, having been replaced with numerous, more intimidating, threats. However, this is a nice reminder that law enforcement is always on the trail, and they will catch up.

The Bad

The bad news this week is of course the current, ongoing, attacks against Microsoft Exchange servers across the world. The issue is now even more complex. While we have the original actor(s) continuing their campaign of locating and compromising servers, we now also have unrelated attackers attempting to scan for and take advantage of the in-place webshells. In addition to all this, we have started to observe multiple variations of PoC (Proof-of-Concept) code appear for some of the relevant vulnerabilities.

One particular example may have been particularly dangerous had it not been pulled from Github by Microsoft. That particular PoC was a combination attack leveraging CVE-2021-26855 and CVE-2021-27065. It also appears to have been the first functional (with a few tweaks) PoC to accurately exploit the pertinent flaws. Just hours after it was posted, it was pulled from Github. However, it is known that while the code was available it was accessed and pulled more than enough times for variants and reposts to begin appearing.

The bottom line is that priority should be placed on patching these exposed servers ASAP (if it has not been done already). Reducing or eliminating exposure is key. We wish all the infosec warriors out there all the best as they continue to work to ensure coverage from this threat. For those seeking additional guidance on the Hafnium/Exchange issues, we have posted a full blog covering the threat and recommendations for mitigation.

The Ugly

This week a rather disturbing disclosure emerged concerning Silicon Valley surveillance company Verkada, Inc. It is reported that a group of hackers was able to gain access to camera data and live feeds for nearly 150,000 Verkada cameras, some of which were installed in very sensitive locations. These included premises belonging to companies such as Cloudflare, Tesla, Intel, and Nissan. The hackers were also able to gain access to cameras in multiple prisons and healthcare entities, allowing unfettered visibility into some most sensitive areas.

The methodology behind the hack appears to be rather unsophisticated and highlights one of the oldest issues in information security: the use (and leaking) of default credentials or hardcoded “Super User / Super Admin” accounts.

The individuals involved in the breach, a ‘hacking’ collective calling themselves “APT 69420 Arson Cats”, were able to find a working “Super Admin” credential set exposed in the clear on the internet. With that account, they were able to gain access to the myriad data available to Verkada. However, it is also reported that the hackers could have potentially taken things a step further if desired.

In a statement to Bloomberg.com, the group stated that they were “able to obtain “root” access on the cameras, meaning they could use the cameras to execute their own code…in some instances, allow(ing) them to pivot and obtain access to the broader corporate network of Verkada’s customers or hijack the cameras and use them as a platform to launch future hacks”.

At the end of the day, this is a fairly scary reminder that our need for protection extends to all devices…not just traditional endpoints. The scope and definition of IoT is widening everyday, as is the requirement to secure these devices. If you are not already taking steps to ensure full visibility of all your “Smart” devices and their security, this may be a good time to review policies and stay safe!

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Assembled, an operating system for support teams, raises $16.6M

/0 Comments/in /by

From the point of view of a consumer, customer service sometimes feels like a monolith, but behind the scenes it can be a very fragmented business, with dozens of companies providing various different tools to help agents do their jobs.

Today, a startup founded by three Stripe alums that has set out to build a platform that helps organizations manage that spaghetti of customer service IT, and use it more efficiently, is announcing a round of funding to continue growing its business.

Assembled, which has built a platform that it describes as the “operating system” for support teams, has raised $16.6 million, a Series A that it plans to use to continue expanding its team and platform, and to bring on more customers.

The round is being led by Emergence Capital, the VC that specializes in enterprise startups, backing other communications-centric companies in its time like Salesforce, Zoom, Yammer, ServiceMax, SalesLoft and Lithium. Stripe, Basis Set Ventures and Felicis Ventures also participated. Stripe has a strong connection to Assembled. It is a customer. It led Assembled’s $3.1 million seed round a year ago.

And, it was the company where the three co-founders met and built the earliest version of the product it offers today. CEO Brian Sze was one of the first employees, overseeing business operations, where he built the customer support platform that inspired him to eventually leave to found Assembled. His two co-founders, brothers Ryan and John Wang, were engineers at the payments and financial services behemoth.

Assembled’s current platform is priced in tiers starting at $15 per agent per month. Integrating with Salesforce, Zendesk, Intercom, Kustomer, Gladly and other services by way of API integrations, it provides not just a way to manage and view customer support data from different sources in one place, but alongside that it provides tools focused on the support teams themselves. This includes tools to manage and roster teams, analyze team performance, and forecast demand depending on different factors in order to be better prepared.

As with all other aspects of how organizations work, customer service and people management are being digitally transformed. Typically, Sze said that many companies still use spreadsheets to manage and plan customer support rosters. That is now gradually shifting into what he describes as “support ops” where a strategic person is tasked not just with handling what is happening with incoming customer support right now, but also needs to figure out what will happen in the next year, and the tools that might help cope with that. “That is our emergent buyer,” Sze said.

“The sheer number of channels being supported is much bigger, when you consider email, messaging, phone lines, social media and more,” said Sze, adding that the pandemic had a particularly strong effect on Assembled’s business. It saw a big bump in especially in Q3 of last year, when its customer base doubled. “I think it came down to support being one of the most critical teams at the organization.”

Assembled today has a number of tech companies, and tech-first consumer companies as customers, including Stripe, GoFundMe, challenger bank Monzo, Google-owned Looker, D2C clothing brand Everlane and Harrys. It has grown customers five-fold in the last year, said Sze, while revenues have grown 300% (absolute numbers for both were not disclosed).

The concept of an “operating system” for customer support makes a lot of sense when you think about how the role has evolved over the years.

In the decades before the internet and digital interactions became the norm, support either focused on in-person visits, or phone-based interactions where you might find yourself calling toll-free numbers, sitting on hold for a long time, maybe being shuffled from one person to another depending on the nature of your issue.

Over time, those systems picked up some automated responses and companies started getting better systems in place to triage those calls. Then, as marketing became “marketing tech” and sales took on a software life of its own, those customer support people started to pick up more responsibilities, not just listening to customers but turning around and offering to sell them things, too, or take stock of customer satisfaction and overall sentiment. Then more channels for connecting came with the internet. Then came more efficient tools, cloud-based services, mobile services, and more to handle all of the above, and so on.

All of these iterations often came with different pieces of software, and while some companies have set out to build one-stop shops to take everything on, Assembled takes a Slack-like approach, making it easy to bring in data and manage different tools from one place, providing a place to bring them all together to help them work more harmoniously. At the same time, it provides a way to manage the teams of people who are there to work with those pieces of software. This is because, when it comes to customer support, it’s always as much about the teams running it as it is the software they are using (hence: “assmebled”).

The company’s approach has been especially relevant in the last year. Not only have teams — including customer service teams — been forced to work remotely, but they have generally seen a surge of traffic from customers who are going online for all of their services, and using digital tools when they need to get in touch with organizations. Still, the opportunity for Assembled is that by and large, there are still a large proportion of businesses that are still playing catch up here.

“Today’s customer support teams operate in a dynamic, increasingly remote environment vastly different from that of a decade ago,” said Jake Saper, Emergence General Partner, in a statement. “But it’s shocking to learn how many support teams are still operating out of spreadsheets. At Emergence, we believe that Support Ops will become a critical complement to support teams, much like DevOps has become for developers. Having initially built their product to manage Stripe’s support function, we believe the Assembled team is the world’s best to build the core operating platform for Support Ops.”

Valuation is not being disclosed.

Early Stage is the premier ‘how-to’ event for startup entrepreneurs and investors. You’ll hear first-hand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company-building: Fundraising, recruiting, sales, product market fit, PR, marketing and brand building. Each session also has audience participation built-in – there’s ample time included for audience questions and discussion. Use code “TCARTICLE at checkout to get 20 percent off tickets right here.