Hydrolix snares $10M seed to lower the cost of processing log data at scale

/0 Comments/in /by

Many companies spend a significant amount of money and resources processing data from logs, traces and metrics, forcing them to make trade-offs about how much to collect and store. Hydrolix, an early-stage startup, announced a $10 million seed round today to help tackle logging at scale, while using unique technology to lower the cost of storing and querying this data.

Wing Venture Capital led the round with help from AV8 Ventures, Oregon Venture Fund and Silicon Valley Data Capital.

Company CEO and co-founder Marty Kagan noted that in his previous roles, he saw organizations with tons of data in logs, metrics and traces that could be valuable to various parts of the company, but most organizations couldn’t afford the high cost to maintain these records for very long due to the incredible volume of data involved. He started Hydrolix because he wanted to change the economics to make it easier to store and query this valuable data.

“The classic problem with these cluster-based databases is that they’ve got locally attached storage. So as the data set gets larger, you have no choice but to either spend a ton of money to grow your cluster or separate your hot and cold data to keep your costs under control,” Kagan told me.

What’s more, he says that when it comes to querying, the solutions out there like BigQuery and Snowflake are not well-suited for this kind of data. “They rely really heavily on caching and bulk column scans, so they’re not really useful for […] these infrastructure plays where you want to do livestream ingest, and you want to be able to do ad hoc data exploration,” he said.

Hydrolix wanted to create a more cost-effective way of storing and querying log data, while solving these issues with other tooling. “So we built a new storage layer which delivers […] SSD-like performance using nothing but cloud storage and diskless spot instances,” Kagan explained. He says that this means that there is no caching or column scales, enabling them to do index searches. “You’re getting the low cost, unlimited retention benefits of cloud storage, but with the interactive performance of fully indexed search,” he added.

Scalyr scores $20M Series A for super-fast log reading tool

Peter Wagner, founding partner at investor Wing Venture Capital, says that the beauty of this tool is that it eliminates trade-offs, while lowering customers’ overall data processing costs. “The Hydrolix team has built a real-time data platform optimized not only to deliver superior performance at a fraction of the cost of current analytics solutions, but one architected to offer those same advantages as data volumes grow by orders of magnitude,” Wagner said in a statement.

It’s worth pointing out that in the past couple of weeks SentinelOne bought high-speed logging platform Scalyr for $155 million, then CrowdStrike grabbed Humio, another high-speed logging tool for $400 million, so this category is getting attention.

The product is currently compatible with AWS and offered through the Amazon Marketplace, but Kagan says they are working on versions for Azure and Google Cloud and expect to have those available later this year. The company was founded at the end of 2018 and currently has 20 employees spread out over six countries, with headquarters in Portland, Oregon.

Logging startups are suddenly hot as CrowdStrike nabs Humio for $400M

VCs are chasing Hopin upwards of $5-6B valuation

/0 Comments/in /by

Virtual events platform Hopin is hopin’ for a mega valuation.

According to multiple sources who spoke with TechCrunch, the company, which was founded in mid-2019, is running around the fundraise circuit and perhaps nearing the end of a fundraise in which it is looking to raise roughly $400 million at a pre-money valuation of $5 billion for its Series C. The two names out in front, likely part of a joint ticket, are thought to be Andreessen Horowitz and General Catalyst.

Two sources implied that the valuation could have gone as high as $6 billion, but with greater dilution based on some offered terms the company has received. The deal is in flux, and both the round size and valuation are subject to change.

One source told TechCrunch that the company’s ARR has grown to $60 million, implying a valuation multiple of 80-100x if the valuation we’re hearing pans out. That sort of multiple wouldn’t be out of line with other major fundraises for star companies with SaaS-based business models.

Hopin has been on a fundraise tear in recent months. The company raised $125 million at a $2.125 billion valuation late last year for its Series B, which came just a few months after it raised a Series A of $40 million over the summer and a $6.5 million seed round last winter. All told, the roughly 20-month-old company has raised a known $171.4 million in VC according to Crunchbase.

Hopin raises $125M for its online events platform on the back of surging growth

When we last reported on the company, Hopin’s ARR had gone from $0 to $20 million, while its overall userbase had grown from essentially zero to 3.5 million users in November. The company reported then that it had 50,000 groups using its platform.

Hopin’s platform is designed to translate the in-person events experience into a virtual one, providing tools to recreate the experience of walking exhibition floors, networking one-on-one and spontaneously joining fireside chats and panels. It’s become a darling in the midst of the COVID-19 pandemic, which has seen most business and educational conferences canceled in the midst of mass restrictions on domestic and international travel worldwide.

It’s probably also useful to note that our business team uses Hopin to run all of TechCrunch’s editorial events, including Disrupt, Early Stage, Extra Crunch Live and next week’s TechCrunch Sessions: Justice 2021 event (these software selections and their costs are — thankfully — outside the purview of our editorial team).

Hopin may be the mega-leader of the virtual events space right now, but it isn’t the only startup trying to take on this suddenly vital industry. Run The World raised capital last year, Welcome wants to be the “Ritz-Carlton for event platforms,” Spotify is getting into the business, Clubhouse is arguably a contender here, InEvent raised a seed earlier this month and Hubilo is another entrant, which nabbed a check from Lightspeed a few months ago. Plus, quite literally dozens of other startups have either started in the space or are pivoting toward it.

We have reached out to Hopin for comment.

Post updated to report that Andreessen Horowitz and General Catalyst are in the lead.

Hubilo raises $4.5 million, led by Lightspeed, to focus on virtual events

Aquarium scores $2.6M seed to refine machine learning model data

/0 Comments/in /by

Aquarium, a startup from two former Cruise employees, wants to help companies refine their machine learning model data more easily and move the models into production faster. Today the company announced a $2.6 million seed led by Sequoia with participation from Y Combinator and a bunch of angel investors, including Cruise co-founders Kyle Vogt and Dan Kan.

When the two co-founders, CEO Peter Gao and head of engineering Quinn Johnson, were at Cruise they learned that finding areas of weakness in the model data was often the problem that prevented it from getting into production. Aquarium aims to solve this issue.

“Aquarium is a machine learning data management system that helps people improve model performance by improving the data that it’s trained on, which is usually the most important part of making the model work in production,” Gao told me.

He says that they are seeing a lot of different models being built across a variety of industries, but teams are getting stuck because iterating on the data set and continually finding relevant data is a hard problem to solve. That’s why Aquarium’s founders decided to focus on this.

“It turns out that most of the improvement to your model, and most of the work that it takes to get it into production is about deciding, ‘Here’s what I need to go and collect next. Here’s what I need to go label. Here’s what I need to go and retrain my model on and analyze it for errors and repeat that iteration cycle,” Gao explained.

The idea is to get a model into production that outperforms humans. One customer, Sterblue, offers a good example. They provide drone inspection services for wind turbines. Their customers used to send out humans to inspect the turbines for damage, but with a set of drone data, they were able to train a machine learning model to find issues. Using Aquarium, they refined their model and improved accuracy by 13%, while cutting the cost of human reviews in half, Gao said.

The 7 person Aquarium startup team.

The Aquarium team. Image: Aquarium

Aquarium currently has seven employees, including the founders, of which three are women. Gao says that they are being diverse by design. He understands the issues of bias inherent in machine learning model creation, and creating a diverse team for this kind of tooling is one way to help mitigate that bias.

The company launched last February and spent part of the year participating in the Y Combinator Summer 2020 cohort. They worked on refining the product throughout 2020, and recently opened it up from beta to generally available.

Datasaur snags $3.9M investment to build intelligent machine learning labeling platform

Select Star raises seed to automatically document datasets for data scientists

/0 Comments/in /by

Back when I was a wee lad with a very security-compromised MySQL installation, I used to answer every web request with multiple “SELECT *” database requests — give me all the data and I’ll figure out what to do with it myself.

Today in a modern, data-intensive org, “SELECT *” will kill you. With petabytes of information, tens of thousands of tables (on the small side!), and millions and perhaps billions of calls flung at the database server, data science teams can no longer just ask for all the data and start working with it immediately.

Big data has led to the rise of data warehouses and data lakes (and apparently data lake houses), infrastructure to make accessing data more robust and easy. There is still a cataloguing and discovery problem though — just because you have all of your data in one place doesn’t mean a data scientist knows what the data represents, who owns it or what that data might affect in the myriad web and corporate reporting apps built on top of it.

A lake house architect, a Miami VC and a homeowner walk into a wine bar

That’s where Select Star comes in. The startup, which was founded about a year ago (in March 2020), is designed to automatically build out metadata within the context of a data warehouse. From there, it offers a full-text search that allows users to quickly find data as well as “heat map” signals in its search results, which can quickly pinpoint which columns of a data set are most used by applications within a company and have the most queries that reference them.

The product is SaaS, and it is designed to allow for quick onboarding by connecting to a customer’s data warehouse or business intelligence (BI) tool.

Select Star’s interface allows data scientists to understand what data they are looking at. Image via Select Star.

Shinji Kim, the sole founder and CEO, explained that the tool is a solution to a problem she has seen directly in corporate data science teams. She formerly founded Concord Systems, a real-time data processing startup that was acquired by Akamai in 2016. “The part that I noticed is that we now have all the data and we have the ability to compute, but now the next challenge is to know what the data is and how to use it,” she explained.

She said that “tribal knowledge is starting to become more wasteful [in] time and pain in growing companies,” and pointed out that large companies like Facebook, Airbnb, Uber, Lyft, Spotify and others have built out their own homebrewed data discovery tools. Her mission for Select Star is to allow any corporation to quickly tap into an easy-to-use platform to solve this problem.

The company raised a $2.5 million seed round led by Bowery Capital, with participation from Background Capital and a number of prominent angels including Spencer Kimball, Scott Belsky, Nick Caldwell, Michael Li, Ryan Denehy and TLC Collective.

Data discovery tools have been around in some form for years, with popular companies like Alation having raised tens of millions of VC dollars over the years. Kim sees an opportunity to compete by offering a better onboarding experience and also automating large parts of the workflow that remain manual for many alternative data discovery tools. With many of these tools, “they don’t do the work of connecting and building the relationship,” between data she said, adding that “documentation is still important, but being able to automatically generate [metadata] allows data teams to get value right away.”

Select Star’s team, with CEO and founder Shinji Kim in top row, middle. Image via Select Star.

In addition to just understanding data, Select Star can help data engineers begin to figure out how to change their databases without leading to cascading errors. The platform can identify how columns are used and how a change to one may affect other applications or even other data sets.

Select Star is coming out of private beta today. The company’s team currently has seven people, and Kim says they are focused on growing the team and making it even easier to onboard users by the end of the year.

Google Cloud puts its Kubernetes Engine on autopilot

/0 Comments/in /by

Google Cloud today announced a new operating mode for its Kubernetes Engine (GKE) that turns over the management of much of the day-to-day operations of a container cluster to Google’s own engineers and automated tools. With Autopilot, as the new mode is called, Google manages all of the Day 2 operations of managing these clusters and their nodes, all while implementing best practices for operating and securing them.

This new mode augments the existing GKE experience, which already managed most of the infrastructure of standing up a cluster. This “standard” experience, as Google Cloud now calls it, is still available and allows users to customize their configurations to their heart’s content and manually provision and manage their node infrastructure.

Drew Bradstock, the group product manager for GKE, told me that the idea behind Autopilot was to bring together all of the tools that Google already had for GKE and bring them together with its SRE teams who know how to run these clusters in production — and have long done so inside of the company.

“Autopilot stitches together auto-scaling, auto-upgrades, maintenance, Day 2 operations and — just as importantly — does it in a hardened fashion,” Bradstock noted. “[ … ] What this has allowed our initial customers to do is very quickly offer a better environment for developers or dev and test, as well as production, because they can go from Day Zero and the end of that five-minute cluster creation time, and actually have Day 2 done as well.”

Image Credits: Google

From a developer’s perspective, nothing really changes here, but this new mode does free up teams to focus on the actual workloads and less on managing Kubernetes clusters. With Autopilot, businesses still get the benefits of Kubernetes, but without all of the routine management and maintenance work that comes with that. And that’s definitely a trend we’ve been seeing as the Kubernetes ecosystem has evolved. Few companies, after all, see their ability to effectively manage Kubernetes as their real competitive differentiator.

All of that comes at a price, of course, in addition to the standard GKE flat fee of $0.10 per hour and cluster (there’s also a free GKE tier that provides $74.40 in billing credits), plus additional fees for resources that your clusters and pods consume. Google offers a 99.95% SLA for the control plane of its Autopilot clusters and a 99.9% SLA for Autopilot pods in multiple zones.

Image Credits: Google

Autopilot for GKE joins a set of container-centric products in the Google Cloud portfolio that also include Anthos for running in multicloud environments and Cloud Run, Google’s serverless offering. “[Autopilot] is really [about] bringing the automation aspects in GKE we have for running on Google Cloud, and bringing it all together in an easy-to-use package, so that if you’re newer to Kubernetes, or you’ve got a very large fleet, it drastically reduces the amount of time, operations and even compute you need to use,” Bradstock explained.

And while GKE is a key part of Anthos, that service is more about brining Google’s config management, service mesh and other tools to an enterprise’s own data center. Autopilot of GKE is, at least for now, only available on Google Cloud.

“On the serverless side, Cloud Run is really, really great for an opinionated development experience,” Bradstock added. “So you can get going really fast if you want an app to be able to go from zero to 1,000 and back to zero — and not worry about anything at all and have it managed entirely by Google. That’s highly valuable and ideal for a lot of development. Autopilot is more about simplifying the entire platform people work on when they want to leverage the Kubernetes ecosystem, be a lot more in control and have a whole bunch of apps running within one environment.”

Rapid7 acquires Kubernetes security startup Alcide for $50M

Rows, formerly dashdash, raises $16M to build and populate web apps using only spreadsheet skills

/0 Comments/in /by

Spreadsheet software — led by products like Microsoft’s Excel, Google’s Sheets and Apple’s Numbers — continues to be one of the most-used categories of business apps, with Excel alone clocking up more than a billion users just on its Android version. Now, a startup called Rows that’s built on that ubiquity, with a low-code platform that lets people populate and analyze web apps using just spreadsheet interfaces, is announcing funding and launching a freemium open beta of its expanded service.

The Berlin-based startup — which rebranded from dashdash at the end of last year — closed a Series B round of $16 million, money that it is using to continue investing in its platform as well as in sales and marketing. The platform’s move into an open beta comes with some 50 new integrations with other platforms like LinkedIn, Instagram and more, as well as 200 new features (using known spreadsheet shortcuts) to use in them.

The round was led by Lakestar, with past investors Accel (which led its $8 million Series A in 2018) and Cherry Ventures also participating. Christian Reber has also invested in this round. Reber knows a thing or two about software disrupting legacy productivity software — he is the co-founder and CEO of presentation software startup Pitch and the former CEO and founder of Microsoft-acquired Wunderlist — and notably he is joining Rows’ Advisory Board along with the investment.

A little detail about this Series B: CEO Humberto Ayres Pereira, who is based out of Porto, Portugal, where some of the staff is also based, tells us that this round actually was quietly closed over a year ago, in January 2020 — just ahead of the world shutting down amid the COVID-19 pandemic.

The startup chose to announce that round today to coincide with adding more features to its product and moving it into an open beta, he said.

That open beta is free in its most basic form — the free tier is limited to 10 users or less and a minimal amount of integration usage. Paid tiers, which cover more team members and up to 100,000 integration tasks (which are measured by how many times a spreadsheet queries another service), start at $59 per month.

One strong sign of interest in this latest iteration of the software is the lasting popularity of spreadsheets. Another is Rows’ traction to date: in invite-only mode, it picked up 10,000 users off its waitlist, and hundreds of companies, as customers. Currently most of those are free, Ayres Pereira said.

“Our goal is to have 1,000 paying companies as customers in the 12 months,” he said. That process has only just started, he added, with paying numbers in the modest “dozens” for now. He emphasized though that the company is very cash efficient and has, even without raising more funding, two years of runway on the money it has in the bank now.

The growing appeal of low-code

No-code and low-code software, which let people create and work with apps and other digital content without delving deep into the lines of code that underpin them, have continued to pick up traction in the market in the last several years.

The reason for this is straightforward: non-technical employees may not code, but they are getting increasingly adept at understanding how services function and what can be achieved within an app.

No-code and low-code platforms let them get more hands-on when it comes to customizing and creating the services that they need to use everyday to get their work done, without the time and effort it might take to get an engineer involved.

“People want to create their own tools,” said Ayres Pereira. “They want to understand and test and iterate.” He said that the majority of Rows’ users so far are based out of North America, and typical use cases include marketing and sales teams, as well as companies using Rows spreadsheets as a dynamic interface to manage logistics and other operations.

COVID-19 is driving demand for low-code apps

Stephen Nundy, the partner at Lakestar who led its investment, describes the army of users taking up no-code tools as “citizen developers.”

Rows is precisely the kind of platform that plays into the low-code trend. For people who are already au fait with the kinds of tools that you find in spreadsheets — and something like Excel has hundreds of functions in it — it presents a way of leaning on those familiar functions to trigger integrations with other apps, and to subsequently use a spreadsheet created in Rows to both analyse data from other apps, as well as update them.

Image: Rows

You might ask, why is it more useful, for example, to look at content from Twitter in Rows rather than Twitter itself? A Rows document might let a person search for a set of Tweets using a certain chain of keywords, and then organise those results based on parameters such as how many “likes” those Tweets received.

Or users responding to a call to action for a promotion on Instagram might then be cross-referenced with a company’s existing database of customers, to analyze how those respondents overlap or present new leads.

You might also wonder why existing spreadsheet products may not have already build functionality like this.

Interestingly, Microsoft did dabble in building a way of linking up Excel with some rudimentary computing functions, in the form of Visual Basic for Applications. This however reached the dubious distinction of topping developers’ “most dreaded” languages list for two years running, and so as you might imagine it has somewhat died a death.

However, it does point to an opportunity for incumbents to disrupt their disruptors.

Apart from those most obvious, entrenched competitors, there have been a number of other startups building tools that are providing similar no- and low-code approaches.

Gyana is focusing more on data science, Tray.io provides a graphical interface to integrate how apps work together, Zapier and Notion also provide simple interfaces to integrate apps and APIs together and Airtable has its own take on reinventing the spreadsheet interface. For now, Ayres Pereira sees these more as compatriots than competitors.

“Yes, we overlap with services like Zapier and Notion,” he said. “But I’d say we are friends. We’re all raising awareness about people being able to do more and not having to be stuck using old tools. It’s not a zero sum game for us.”

When we covered Rows’s Series A two years ago, the startup had built a platform to let people who are comfortable working with data in spreadsheets use that interface to create and populate content in web apps. It had a lot of extensibility, but mainly geared at people still willing to do the work to create those links.

Two years on, while the spreadsheet has remained the anchor, the platform has grown. Ayres Pereira, who co-founded the company with Torben Schulz (both pictured above), said that there are some 50 new integrations now, including ways to analyse and update content on social media platforms like Instagram, YouTube, CrunchBase, Salesforce, Slack, LinkedIn and Twitter, as well as some 200 new features in the platform itself.

Unqork’s $207M Series C underscores growing enterprise demand for no-code apps

While people can import into Rows data from Google Sheets, he noted that the big daddy of them all, Excel, is not supported right now. The reason, he said, is because the vast majority of users of the product use the desktop version, which does not have APIs.

Meanwhile, Rows also has a number of templates available for people to guide them through simple tasks, such as looking up LinkedIn profiles or emails for a list of people, tracking social media counts and so on.

One of the most common aspects of spreadsheets, however, has yet to be built. The interface is still banked around rows and columns, but with no graphical tools to visualize data in different ways such as pie charts or graphs as you might have in a typical spreadsheet program.

It’s for this reason that Rows has yet to exit beta. The feature is one that is requested a lot, Pereira admitted, describing it as “the final frontier.” When Rows is ready to ship with that functionality, likely by Q3 of this year, it will tick over to general “1.0” release, he added.

“Humberto and Torben have really impressed us with their ambition to disrupt the market with a new spreadsheet paradigm that tackles the significant shortcomings of today’s solutions,” said Nundy at Lakestar. “Data integrations are native, the collaboration experience is first class and the ability to share and publish your work as an application is unique and will create more ‘Citizen developers’ to emerge. This is essential to the growing needs of today’s technology literate workforce. The level of interest they’ve received in their private beta is proof of the desirability of platforms like Rows, and we’re excited to be supporting them through their public beta launch and beyond with this investment.” Nundy is also joining Rows’ board with this round.

Electric raises $40M Series C to put small-business IT in the cloud

/0 Comments/in /by

It would be an understatement to say that enterprise-focused startups have fared well during the pandemic. As organizations look to go remote, and the way we work has been flipped on its head, quickly growing tech companies that simplify this transition are in high demand.

One such startup has, in fact, raised $61.5 million in the last 12 months alone. Electric, a company looking to put IT departments in the cloud, just announced the close of a $40 million Series C round. This comes after an extension of its Series B in March of 2020, when it raised $14.5 million, and then an additional $7 million from 01 Advisors in May of 2020.

This Series C round was led by Greenspring Associates, with participation from existing investors Bessemer Venture Partners, GGV Capital, 01 Advisors and Primary Venture Partners as well as new investors including Atreides Management and Vintage Investment Partners.

Electric gets another $7 million in funding from 01 Advisors and the Slack Fund

Electric launched in 2016 with a mission to make IT much simpler for small and medium-sized businesses. Rather than bringing on a dedicated IT department, or contracting out high-priced local service providers, Electric’s software allows one admin to manage devices, software subscriptions, permissions and more.

According to founder Ryan Denehy, the vast majority of IT’s work is administration, distribution and maintenance of the broad variety of software programs at any given company. Electric does most of that job on behalf of IT, meaning that a smaller business only needs to worry about desk-side troubleshooting when it comes up, rather than the whole kit and caboodle.

Electric charges a flat price per seat per month, and Denehy says the company more than doubled its customer base in the last year. It now supports around 25,000 users across more than 400 individual customer organizations, which puts Electric just shy of $20 million ARR.

This is the first time Denehy has come anywhere close to sharing revenue numbers publicly, but it’s a good time to flex. The company has recently introduced a new lighter-weight offering that includes all of the same functionality as its more expensive product, but without access to chat functionality.

“The name of the game is just simplicity, simplicity, simplicity,” said Denehy. “Part of this is in response to the fact that people are realizing the permanence of hybrid work. During the pandemic, people stopped paying their landlords but they didn’t stop paying us. So in the summer, we started to focus on how we can create more offerings that we can get in the hands of more businesses and let them start their journey with us.”

Denehy says that a little less than half of Electric’s client base are tech startups, which makes sense considering the company launched in New York in a tech and media-centric ecosystem. As a way to expand into other verticals, Electric acquired Sinu, an IT service provider who happened to have an impressive roster of clients outside of Electric’s comfort zone, such as legal, accounting and nonprofit.

Here’s what Denehy said at the time:

Organic market entry, even in adjacent markets can be extremely time consuming and expensive. Sinu’s team has done an excellent job winning and pleasing customers in a lot of industries where we currently don’t play but probably should. The combination of our two companies is a massive shot in the arm to our national expansion strategy.

Alongside growth, both of the Electric team and its customer base, the company is also investing in expanding its diversity programs and philanthropic efforts.

The Electric team is currently made up of just under 250 full-time employees, with 32.5% women and around 30% of employees being non-white. Specifically, nearly 12% of employees are Black and 10% are Latinx.

Denehy explained that he thinks of the company’s payroll, which is in the tens of millions of dollars, as one of the biggest ways he can make a change in the world.

“We will wait longer to fill a role to make sure that we have the most diverse pipeline of candidates possible,” said Denehy. “A lot of founders will say that nobody applied. Well, the reality is you didn’t look hard enough. We’ve just accepted that it may take us longer to fill certain roles.”

This latest round brings Electric’s total funding to more than $100 million.

Kleeen raises $3.8M to make front-end design for business applications easy

/0 Comments/in /by

Building a front-end for business applications is often a matter of reinventing the wheel, but because every business’ needs are slightly different, it’s also hard to automate. Kleeen is the latest startup to attempt this, with a focus on building the user interface and experience for today’s data-centric applications. The service, which was founded by a team that previously ran a UI/UX studio in the Bay Area, uses a wizard-like interface to build the routine elements of the app and frees a company’s designers and developers to focus on the more custom elements of an application.

The company today announced that it has raised a $3.8 million seed round led by First Ray Venture Partners. Leslie Ventures, Silicon Valley Data Capital, WestWave Capital, Neotribe Ventures, AI Fund and a group of angel investors also participated in the round. Neotribe also led Kleeen’s $1.6 million pre-seed round, bringing the company’s total funding to $5.3 million.

Image Credits: Kleeen

After the startup he worked at sold, Kleeen co-founder, CPO and President Joshua Hailpern told me, he started his own B2B design studio, which focused on front-end design and engineering.

“What we ended up seeing was the same pattern that would happen over and over again,” he said. “We would go into a client, and they would be like: ‘we have the greatest idea ever. We want to do this, this, this and this.’ And they would tell us all these really cool things and we were: ‘hey, we want to be part of that.’ But then what we would end up doing was not that. Because when building products — there’s the showcase of the product and there’s all these parts that support that product that are necessary but you’re not going to win a deal because someone loved that config screen.”

The idea behind Kleeen is that you can essentially tell the system what you are trying to do and what the users need to be able to accomplish — because at the end of the day, there are some variations in what companies need from these basic building blocks, but not a ton. Kleeen can then generate this user interface and workflow for you — and generate the sample data to make this mock-up come to life.

Once that work is done, likely after a few iterations, Kleeen can generate React code, which development teams can then take and work with directly.

Image Credits: Kleeen

As Kleeen co-founder and CEO Matt Fox noted, the platform explicitly doesn’t want to be everything to everybody.

“In the no-code space, to say that you can build any app probably means that you’re not building any app very well if you’re just going to cover every use case. If someone wants to build a Bumble-style phone app where they swipe right and swipe left and find their next mate, we’re not the application platform for you. We’re focused on really data-intensive workflows.” He noted that Kleeen is at its best when developers use it to build applications that help a company analyze and monitor information and, crucially, take action on that information within the app. It’s this last part that also clearly sets it apart from a standard business intelligence platform.

Quill, the messaging app backed by Index, quietly comes out of stealth to take on Slack

/0 Comments/in /by

Slack took the workplace communications landscape by storm after it launched its integration-friendly, GIF-tastic chat platform in 2013. Within the space of a decade it entered into the pantheon of Big Tech: First with massive growth and usage, then a series of giant VC rounds and valuations, spawning controversial competition from incumbents, followed by a public listing and ultimately a $27.7 billion acquisition by Salesforce. Now that the cycle is complete, the decks are clear for a Slack disruptor!

Today, a new app quietly launched out of stealth called Quill, available by way of apps for the web, MacOS, Windows, Linux, Android and iOS.

Like Slack, Quill is a messaging app for co-workers to update each other on what they are doing, have conversations about projects and more. It is (also like Slack) priced as a freemium service, with a $15 per user, per month tier giving users more message history and storage. An enterprise tier is also on the cards.

Unlike Slack — the implication seems to be — the difference is that Quill is about delivering messaging in a nondistracting way that doesn’t take up too much of your time, your concentration and your energy. Quill bills itself as “messaging for people that focus.”

So while you get a lot of the same features you have in Slack for chatting with workers, creating channels, integrating other apps, and having video and voice conversations — one of my colleagues quipped, “It looks like Slack, but more colorful!” — it also includes a bunch of features that put the focus on, well, focus.

“We grew exhausted having to skim thousands of messages every day to keep up, so we built a way to chat that’s even better than how we already communicate in person,” Quill notes on its website. “A more deliberate way to chat. That’s what Quill is all about.”

For example, “structured channels” let you enforce threads in a channel for different conversations rather than view chatter in a waterfall. Automatic sorting in the app moves up active conversations you’re in above others. Limitations on notifications mean you can have more nuance in what ultimately might end up distracting you. For example, senders can alter a setting (with a !!) to notify you if something is critical and needs to ping you. Video chats come automatically with a sidebar to continue texting, too.

Then, you get separate channels for social and nonwork chat; and a series of features that let you manipulate conversations after they’ve already started: You can recast conversations into threads after they’ve already started and you have a fast way to reply to messages. There is an easier and more obvious way to pin important things to the tops of channels; and in addition to creating new threads after a conversation starts, you can also move messages from one channel or thread to another.


You can also interact with Quill chats using SMS and email, and like Slack, it offers the ability to integrate other app notifications into the process.

It’s also working on adding a Clubhouse-like feature for voice channels, end-to-end encryption, context-based search (it already has keyword search), and user profiles.

Managing “high load”

The app has been in stealth mode for nearly three years, and while some projects might never go noticed in that time, this one is a little different because of the pedigree and the context.

For starters, Quill was founded by the former creative director of Stripe, Ludwig Pettersson, who was given a lot of the credit for the simplicity and focus of the payment company’s flagship product and platform (simplicity that became the hallmark of the service and helped it balloon into a commerce behemoth).

His involvement signaled that the effort might get at least a little attention. In a landscape that seemed to be all but dominated by Slack and a few huge, well-funded rivals in the form of Microsoft and Facebook, it’s notable that when Quill was just an idea, it had already picked up $2 million in seed funding from Sam Altman (at the time the head of Y Combinator) and General Catalyst.

Following that it raised a Series A of $12.5 million led by Sarah Cannon of Index Ventures, totaling some $14.5 million in funding in all. The Series A valued the company at $62.5 million, as we reported at the time.

Added to this is the story behind Quill and what brought Pettersson and others on his team to the idea of building it. From what we understand, the idea in its earliest inception was to capture something of the magic of communication that you get from messaging apps, and specifically from workplace communication tools like Slack, but without the distraction and resulting frustration that often come along with them.

By 2018, Slack was already a big product, valued at over $7 billion and attracting millions of users. But there was also a growing number of people criticizing it for being the opposite of productive. “It’s hard to track everything that’s going on in Slack, it can be distracting. Given the network effect, Slack has become powerful, but it was not designed as a high-load system,” Sam Altman, the investor and former head of both Y Combinator and OpenAI, said to me back in 2018 when I asked him what he knew about Quill after I first got wind of it.

He said he was “super impressed” by Ludwig’s work at Stripe, and then OpenAI (where he stayed for a year after leaving Stripe), so much so that when Ludwig suggested building “a better version of Slack,” it seemed like a “credible idea” and one worth backing even without a product yet to be built.

It’s quite fitting that for an app focused on focus, Quill launched today quietly and without much fanfare: Why worry about PR distraction when you can just get something out there?

In any case, we’re hoping to hear more and see what kind of momentum it picks up. We’ve asked Index if we can talk to Sarah Cannon about the investment, and we are still waiting to hear back. We are also trying to see if we can talk to Pettersson. But I should mention we have been trying to talk to him since first getting wind of this app back in August of 2018, so we’re not holding our breath (nor this story).

Salesforce buys Slack in a $27.7B megadeal

Checkout Skimmers Powered by Chip Cards

/0 Comments/in /by

Easily the most sophisticated skimming devices made for hacking terminals at retail self-checkout lanes are a new breed of PIN pad overlay combined with a flexible, paper-thin device that fits inside the terminal’s chip reader slot. What enables these skimmers to be so slim? They draw their power from the low-voltage current that gets triggered when a chip-based card is inserted. As a result, they do not require external batteries, and can remain in operation indefinitely.

A point-of-sale skimming device that consists of a PIN pad overlay (top) and a smart card skimmer (a.k.a. “shimmer”). The entire device folds onto itself, with the bottom end of the flexible card shimmer fed into the mouth of the chip card acceptance slot.

The overlay skimming device pictured above consists of two main components. The one on top is a regular PIN pad overlay designed to record keypresses when a customer enters their debit card PIN. The overlay includes a microcontroller and a small data storage unit (bottom left).

The second component, which is wired to the overlay skimmer, is a flexible card skimmer (often called a “shimmer”) that gets fed into the mouth of the chip card acceptance slot. You’ll notice neither device contains a battery, because there simply isn’t enough space to accommodate one.

Virtually all payment card terminals at self-checkout lanes now accept (if not also require) cards with a chip to be inserted into the machine. When a chip card is inserted, the terminal reads the data stored on the smart card by sending an electric current through the chip.

Incredibly, this skimming apparatus is able to siphon a small amount of that power (a few milliamps) to record any data transmitted by the payment terminal transaction and PIN pad presses. When the terminal is no longer in use, the skimming device remains dormant.

The skimmer pictured above does not stick out of the payment terminal at all when it’s been seated properly inside the machine. Here’s what the fake PIN pad overlay and card skimmer looks like when fully inserted into the card acceptance slot and viewed head-on:

The insert skimmer fully ensconced inside the compromised payment terminal. Image: KrebsOnSecurity.com

Would you detect an overlay skimmer like this? Here’s what it looks like when attached to a customer-facing payment terminal:

The PIN pad overlay and skimmer, fully seated on a payment terminal.

REALLY SMART CARDS

The fraud investigators I spoke with about this device (who did so on condition of anonymity) said initially they couldn’t figure out how the thieves who plant these devices go about retrieving the stolen data from the skimmer. Normally, overlay skimmers relay this data wirelessly using a built-in Bluetooth circuit board. But that also requires the device to have a substantial internal power supply, such as a somewhat bulky cell phone battery.

The investigators surmised that the crooks would retrieve the stolen data by periodically revisiting the compromised terminals with a specialized smart card that — when inserted — instructs the skimmer to dump all of the saved information onto the card. And indeed, this is exactly what investigators ultimately found was the case.

“Originally it was just speculation,” the source told KrebsOnSecurity. “But a [compromised] merchant found a couple of ‘white’ smartcards with no markings on them [that] were left at one of their stores. They informed us that they had a lab validate that this is how it worked.”

Some readers might reasonably be asking why it would be the case that the card acceptance slot on any chip-based payment terminal would be tall enough to accommodate both a chip card and a flexible skimming device such as this.

The answer, as with many aspects of security systems that decrease in effectiveness over time, has to do with allowances made for purposes of backward compatibility. Most modern chip-based cards are significantly thinner than the average payment card was just a few years ago, but the design specifications for these terminals state that they must be able to allow the use of older, taller cards — such as those that still include embossing (raised numbers and letters). Embossing is a practically stone-age throwback to the way credit cards were originally read, through the use of manual “knuckle-buster” card imprint machines and carbon-copy paper.

“The bad guys are taking advantage of that, because most smart cards are way thinner than the specs for these machines require,” the source explained. “In fact, these slots are so tall that you could fit two cards in there.”

IT’S ALL BACKWARDS

Backward compatibility is a major theme in enabling many types of card skimming, including devices made to compromise automated teller machines (ATMs). Virtually all chip-based cards (at least those issued in the United States) still have much of the same data that’s stored in the chip encoded on a magnetic stripe on the back of the card. This dual functionality also allows cardholders to swipe the stripe if for some reason the card’s chip or a merchant’s smartcard-enabled terminal has malfunctioned.

Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But thieves are adept at exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards.

Many people believe that skimmers are mainly a problem in the United States, where some ATMs still do not require more secure chip-based cards that are far more expensive and difficult for thieves to clone. However, it’s precisely because some U.S. ATMs lack this security requirement that skimming remains so prevalent in other parts of the world.

Mainly for reasons of backward compatibility to accommodate American tourists, a great number of ATMs outside the U.S. allow non-chip-based cards to be inserted into the cash machine. What’s more, many chip-based cards issued by American and European banks alike still have cardholder data encoded on a magnetic stripe in addition to the chip.

When thieves skim non-U.S. ATMs, they generally sell the stolen card and PIN data to fraudsters in Asia and North America. Those fraudsters in turn will encode the card data onto counterfeit cards and withdraw cash at older ATMs here in the United States and elsewhere.

Interestingly, even after most U.S. banks put in place fully chip-capable ATMs, the magnetic stripe will still be needed because it’s an integral part of the way ATMs work: Most ATMs in use today require a magnetic stripe for the card to be accepted into the machine. The main reason for this is to ensure that customers are putting the card into the slot correctly, as embossed letters and numbers running across odd spots in the card reader can take their toll on the machines over time.

And there are the tens of thousands of fuel pumps here in the United States that still allow chip-based card accounts to be swiped. The fuel pump industry has for years won delay after delay in implementing more secure payment requirements for cards (primarily by flexing their ability to favor their own fuel-branded cards, which largely bypass the major credit card networks).

Unsurprisingly, the past two decades have seen the emergence of organized gas theft gangs that take full advantage of the single weakest area of card security in the United States. These thieves use cloned cards to steal hundreds of gallons of gas at multiple filling stations. The gas is pumped into hollowed-out trucks and vans, which ferry the fuel to a giant tanker truck. The criminals then sell and deliver the gas at cut rate prices to shady and complicit fuel station owners and truck stops.

A great many people use debit cards for everyday purchases, but I’ve never been interested in assuming the added risk and pay for everything with cash or a credit card. Armed with your PIN and debit card data, thieves can clone the card and pull money out of your account at an ATM. Having your checking account emptied of cash while your bank sorts out the situation can be a huge hassle and create secondary problems (bounced checks, for instance).

The next skimmer post here will examine an inexpensive and ingenious analog device that helps retail workers quickly check whether their payment terminals have been tampered with by bad guys.