FireEye Breached: Taking Action and Staying Protected

/0 Comments/in /by

To Our Customers, Prospects, Partners, and the Cybersecurity Community:

It’s not every day we see a fellow cybersecurity company, especially one with a significant presence serving the federal government, as the subject of a breach. On December 8, FireEye disclosed a sophisticated attack which led to the “unauthorized access of their red team tools.” The statement went on to say the company does not know whether the attacker intends to use the stolen tools themselves or publicly disclose them.

We are sad to hear the news; all cybersecurity vendors at some level share a unified purpose of making the world a more secure place. Our thoughts are with our colleagues at FireEye and with their customers. SentinelOne’s commitment to keep customers protected remains unwavering. We innovate to raise the cybersecurity bar to defend our digital way of life.

In this blog, we update on the actions SentinelOne has taken across our SentinelLabs security research team, Vigilance MDR team, and product team in response to the FireEye breach. Our platform is able to detect the known malware samples associated with the FireEye breach. 

Detection is Foundational to Visibility & Protection

We continue to monitor and hunt for relevant IOCs and artifacts related to the breach. We can also confirm that all assets that are seen so far in the wild are detected by the SentinelOne agents, with no upgrade needed. If there are parts of your network that are not protected with SentinelOne, we encourage you to close that gap, even if you need to exceed the number of licenses you have at the moment. We recommend the use of our Rogue system detection to identify the systems that should have an agent deployed. Below this blog, please find a list of hashes based on FireEye’s reporting and our own research that we confirm are covered.

Hunting Pack Released for Every SentinelOne Customer

We’ve already released a bespoke and ready-to-use hunting pack in every customer’s SentinelOne console for retrospective hunting missions. SentinelOne’s industry-leading data retention periods enable lengthy lookbacks for thorough investigations. This customized hunting package enables our customers to know if any of the artifacts related to this breach exist – or have existed – within your enterprise.

We’re Here to Help

SentinelOne is committed to doing the right thing – and we stand by ready to help at no cost. Here are several actionable steps our team suggests:

  1. SentinelOne Customers: if you’re a Core, Control, or Complete customer and desire custom hunting assistance, our Vigilance MDR team and our Customer Success organizations stand ready to assist. If you need additional agents, we’re ready to assist with rapid deployment. Our 24/7/365 team is ready to help via phone or console.
  2. Non-SentinelOne Customers: if you need assistance conducting a risk assessment as it relates to the FireEye breach or securing unprotected devices, SentinelOne is ready. We can deploy in minutes without business interruption or restarts. Our team of experts can help quickly determine if any traces of the FireEye beach are in your environment for compliance and executive briefing purposes.

We’re here to help. We’re here to protect. We’re in this together.

Webinar: Communicating With Your Team & Leadership
The FireEye Breach

Save Your Spot

Latest FireEye Indicators of Compromise (IOCs)

00f866a2d0eda84ed2488ead86bc8acaa3700b3f
049f5f5ec6e34d2e40e445c0bc188be420e287c6
066954007501c38187ffa0877b02013a4d4dc0ba
092cbf66bd6a548d7baf6f8b215c2a3483a2564c
0bbe8738281328778b4cf5404cc866ebedbe4ca1
0e0aede7d4f97f0d054733baba3c8313864e187f
0f923286d803aaade3bf28fdb923f6917ebb0b20
1049eb7d4ddfbc895848a3680fa332f0fec10def
218651ac5b575c3f9642c2e9a5928aa22fab8483
22109552d6af71d392de199e21ae272009db608a
23b1e73bf4cc07cd31b92a8c294b341740484d3e
23e93aa315f9a1268077131d68429055ac102b25
28a15a0b532c47110297aa6f4f46bad4d72235a2
2a5b9098d073406ecb3fffe8d6cba6b5ed26ce5a
32687a64efe5246f9b7284b5ae9adedc31605fdc
345da4a23cf56c22d218301ec461bfc3ca8e2cc2
390496bbd3f71d1ba08d7c86867d62b67597257d
43268f6f01a1aab72b62b63211ec1daef7ce34c0
46a6c17e1ec6d3aa4e931247c38a9219d71977a5
472af2b122c23bf0ca10c78d389a5a7f030a3536
5179d4d2fb102427e73ccd0cffa54a64405f41fb
562f4a310f37fafd5f66f460f79dc80912d2dad1
58cdc7d8e6175ef48d85a1b0602ed4024bf75019
599b70211175f44e7c651f0322cdc11084cc838e
5a69157821b615d11820036feb64d479009f6970
5adc9856172203858f5b93f67f4bf5814ad0df8a
5d358567e549a6f8e471697f7c78bc8bdf2a6534
5e6a5c287c9a8c412f1868b6f86bc23b75e1d1b9
6d44aa3772738143f26493caa6996dbdd1dcc048
7358ef9186c6fdf11016739496af19c5d3ecc193
73b98fd25755cd509ad5e4db4332ea18b651a0b5
780b6854d2d97834a068220e9060a874434161be
81ae80a486081e626a853d8759b37cdb36683f1a
82739c78f7b351bbe80a582fd46b0ba4f1c8c02b
8ae7c7830eb38b19c516df52db98b8abdb3df68d
8c58a1918f24473e55c7b239ca0f890f78fc17b9
8ec6fedc9ac60ee42ca93cc0aebfa55f572a1473
903de96e966183883ae1c1ccaa0d30e8684ad0d9
9577be0570e464af72f385479bae9ee9c2a082d4
9c21dc8726acd445b4defccfdecc14fad6e6ac78
9f595dc903e24c6a03ba95a701037b6532050667
a199a5b6584f1ce713753d1b2767d02f166948a4
aded10ffd74bc07e1aa622911389a31d3bee605a
b2d98ac491b2a60f29991bd858f62594b85ddcfb
b98cded462dfd80c682c953830e3df744cac756d
ba8f4a2c864ea2031f95c49c43dd7f1cc22d72f5
c1a031b4725cd740df986d29c3e94992813fccc8
c47021b5fc733b1a21e837fd34f849e0559b1ace
c7d1f8ad918ae32c5eee34ed4571775aa00cf3ad
c968672b966086fb9fa8b5e6b7124dec6a4119f3
cc542c0f873470b3eb292f082771eec61c16b3d7
cd3bb41346fdc37053dc6b5a83f2c77fe4e2c3bf
d04afd993d41fe68d31a7a9848d9ab31f7933991
d16c01db635b05a219ae8eef3728fae55adfcb4e
d535de08875cef1c49bfa2532281fa1254a8cb93
daedb9d53501dcb655044ce4cbb5d39a645070b4
e384c7371f681af5d4fc167f3f66bf68ac1f3bdb
e4fbc8961cb54d27d834f5789c7b4d1f4819fd34
e54f5737847287e49a306f312995c9aba38314d4
f590b00fd30a653a833be42974f9f714d3c8d595
f871d7a9fd37f2250db8658beb6b5ef6e794a08b
f9881d2380363cb7b3d316bbf2bde6c2d7089681

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Firebolt raises $37M to take on Snowflake, Amazon and Google with a new approach to data warehousing

/0 Comments/in /by

For many organizations, the shift to cloud computing has played out more realistically as a shift to hybrid architectures, where a company’s data is just as likely to reside in one of a number of clouds as it might in an on-premise deployment, in a data warehouse or in a data lake. Today, a startup that has built a more comprehensive way to assess, analyse and use that data is announcing funding as it looks to take on Snowflake, Amazon, Google and others in the area of enterprise data analytics.

Firebolt, which has redesigned the concept of a data warehouse to work more efficiently and at a lower cost, is today announcing that it has raised $37 million from Zeev Ventures, TLV Partners, Bessemer Venture Partners and Angular Ventures. It plans to use the funding to continue developing its product and bring on more customers.

The company is officially “launching” today but — as is the case with so many enterprise startups these days operating in stealth — it has been around for two years already building its platform and signing commercial deals. It now has some 12 large enterprise customers and is “really busy” with new business, said CEO Eldad Farkash in an interview.

The funding may sound like a large amount for a company that has not really been out in the open, but part of the reason is because of the track record of the founders. Farkash was one of the founders of Sisense, the successful business intelligence startup, and he has co-founded Firebolt with two others who were on Sisense’s founding team, Saar Bitner as COO and Ariel Yaroshevich as CTO.

At Sisense, these three were coming up against an issue: When you are dealing in terabytes of data, cloud data warehouses were straining to deliver good performance to power its analytics and other tools, and the only way to potentially continue to mitigate that was by piling on more cloud capacity.

Sisense nabs $100M at a $1B+ valuation for accessible big data business analytics

Farkash is something of a technical savant and said that he decided to move on and build Firebolt to see if he could tackle this, which he described as a new, difficult and “meaningful” problem. “The only thing I know how to do is build startups,” he joked.

In his opinion, while data warehousing has been a big breakthrough in how to handle the mass of data that companies now amass and want to use better, it has started to feel like a dated solution.

“Data warehouses are solving yesterday’s problem, which was, ‘How do I migrate to the cloud and deal with scale?’ ” he said, citing Google’s BigQuery, Amazon’s RedShift and Snowflake as fitting answers for that issue. “We see Firebolt as the new entrant in that space, with a new take on design on technology. We change the discussion from one of scale to one of speed and efficiency.”

The startup claims that its performance is up to 182 times faster than that of other data warehouses. It’s a SQL-based system that works on principles that Farkash said came out of academic research that had yet to be applied anywhere, around how to handle data in a lighter way, using new techniques in compression and how data is parsed. Data lakes in turn can be connected with a wider data ecosystem, and what it translates to is a much smaller requirement for cloud capacity.

This is not just a problem at Sisense. With enterprise data continuing to grow exponentially, cloud analytics is growing with it, and is estimated by 2025 to be a $65 billion market, Firebolt estimates.

Still, Farkash said the Firebolt concept was initially a challenging sell even to the engineers that it eventually hired to build out the business: It required building completely new warehouses from the ground up to run the platform, five of which exist today and will be augmented with more, on the back of this funding, he said.

And it should be pointed out that its competitors are not exactly sitting still either. Just yesterday, Dataform announced that it had been acquired by Google to help it build out and run better performance at BigQuery.

“Firebolt created a SaaS product that changes the analytics experience over big data sets,” Oren Zeev of Zeev Ventures said in a statement. “The pace of innovation in the big data space has lagged the explosion in data growth rendering most data warehousing solutions too slow, too expensive, or too complex to scale. Firebolt takes cloud data warehousing to the next level by offering the world’s most powerful analytical engine. This means companies can now analyze multi Terabyte / Petabyte data sets easily at significantly lower costs and provide a truly interactive user experience to their employees, customers or anyone who needs to access the data.”

AWS expands on SageMaker capabilities with end-to-end features for machine learning

/0 Comments/in /by

Nearly three years after it was first launched, Amazon Web Services’ SageMaker platform has gotten a significant upgrade in the form of new features, making it easier for developers to automate and scale each step of the process to build new automation and machine learning capabilities, the company said.

As machine learning moves into the mainstream, business units across organizations will find applications for automation, and AWS is trying to make the development of those bespoke applications easier for its customers.

“One of the best parts of having such a widely adopted service like SageMaker is that we get lots of customer suggestions which fuel our next set of deliverables,” said AWS vice president of machine learning, Swami Sivasubramanian. “Today, we are announcing a set of tools for Amazon SageMaker that makes it much easier for developers to build end-to-end machine learning pipelines to prepare, build, train, explain, inspect, monitor, debug and run custom machine learning models with greater visibility, explainability and automation at scale.”

Already companies like 3M, ADP, AstraZeneca, Avis, Bayer, Capital One, Cerner, Domino’s Pizza, Fidelity Investments, Lenovo, Lyft, T-Mobile and Thomson Reuters are using SageMaker tools in their own operations, according to AWS.

The company’s new products include Amazon SageMaker Data Wrangler, which the company said was providing a way to normalize data from disparate sources so the data is consistently easy to use. Data Wrangler can also ease the process of grouping disparate data sources into features to highlight certain types of data. The Data Wrangler tool contains more than 300 built-in data transformers that can help customers normalize, transform and combine features without having to write any code.

AWS launches SageMaker Data Wrangler, a new data preparation service for machine learning

Amazon also unveiled the Feature Store, which allows customers to create repositories that make it easier to store, update, retrieve and share machine learning features for training and inference.

Another new tool that Amazon Web Services touted was Pipelines, its workflow management and automation toolkit. The Pipelines tech is designed to provide orchestration and automation features not dissimilar from traditional programming. Using pipelines, developers can define each step of an end-to-end machine learning workflow, the company said in a statement. Developers can use the tools to re-run an end-to-end workflow from SageMaker Studio using the same settings to get the same model every time, or they can re-run the workflow with new data to update their models.

To address the longstanding issues with data bias in artificial intelligence and machine learning models, Amazon launched SageMaker Clarify. First announced today, this tool allegedly provides bias detection across the machine learning workflow, so developers can build with an eye toward better transparency on how models were set up. There are open-source tools that can do these tests, Amazon acknowledged, but the tools are manual and require a lot of lifting from developers, according to the company.

AWS announces SageMaker Clarify to help reduce bias in machine learning models

Other products designed to simplify the machine learning application development process include SageMaker Debugger, which enables developers to train models faster by monitoring system resource utilization and alerting developers to potential bottlenecks; Distributed Training, which makes it possible to train large, complex, deep learning models faster than current approaches by automatically splitting data across multiple GPUs to accelerate training times; and SageMaker Edge Manager, a machine learning model management tool for edge devices, which allows developers to optimize, secure, monitor and manage models deployed on fleets of edge devices.

Last but not least, Amazon unveiled SageMaker JumpStart, which provides developers with a searchable interface to find algorithms and sample notebooks so they can get started on their machine learning journey. The company said it would give developers new to machine learning the option to select several pre-built machine learning solutions and deploy them into SageMaker environments.

HealNow raises $1.3 million to bring online payments to pharmacies

/0 Comments/in /by

As the health tech landscape rapidly evolves, another startup is making its presence known. HealNow has closed a $1.3 million round of funding from SoftBank Opportunity Fund and Alabama Futures Fund.

The company was founded by Halston Prox and Joshua Smith. Prox has worked in healthcare for more than a decade with major organizations such as Providence Health, Mount Sinai and Baylor Scott & White, mostly focused on digitizing health records and designing and implementing software for doctors, nurses, etc. Smith, CTO at the company, has been a developer since 2012.

The duo founded HealNow to become the central nervous system for order and delivery of prescriptions, according to Prox. Your average payments processing system isn’t necessarily applicable to pharmacies large and small because of the complexities of health insurance and the regulatory landscape.

Not only is it costly to facilitate online payments for pharmacies, but they also have their own pharmacy management systems and workflows that can be easily disrupted by moving to a new payments system.

HealNow has built a system that’s specifically tailored to pharmacies of any shape or size, from grocery stores to mom and pop pharmacies and everything in between. It’s a white label solution, meaning that any pharmacy can put their brand language on the product.

“We’re embedded in their current workflows and pharmacies don’t have to do anything manual, even if they’re using a pharmacy management system,” said Prox.

When a user looks to get a prescription from their pharmacy, they are sent a link that allows them to securely answer any questions that may be necessary for the pickup, enter insurance info, make a payment and schedule a curbside pickup or a delivery. The tech also integrates with third-party delivery services for pharmacies that offer deliveries.

This technology has been particularly important during the COVID-19 pandemic, giving smaller pharmacies the chance to compete with bigger chains who have digital solutions already set up that allow for curbside pick up. This is especially true now that Amazon has gotten into the space with the launch of Amazon Pharmacy.

Amazon launches Amazon Pharmacy, a delivery service for prescription medications

HealNow is a SaaS company, charging a monthly subscription fee for use of the platform, as well as a service fee for prescriptions purchased on the platform. However, that service fee is a flat rate that never changes based on the cost of the prescription.

The space is crowded and growing more crowded, with competitors like NimbleRX and Capsule offering their own spin on simplifying and digitizing the pharmacy. One big difference for HealNow, says Prox, is that the startup has no intention of ever being a pharmacy, but rather serving pharmacies in a way that doesn’t disrupt their current workflow or system.

“We’re not a pharmacy, and we want to enable all these pharmacies to be online,” said Prox. “To do that we have to do that in an unbiased way by focusing on being a complete tech company.”

The funding is going primarily toward building out the sales and marketing arms of the company to continue fueling growth. HealNow has a foothold in the West, Southwest and Middle America, and is opening an office in Birmingham to sprint across the East Coast. Prox says the company is processing thousands of orders a day and tens of thousands of orders each month.

HealNow launched in 2018 after graduating from the Entrepreneurs Roundtable Accelerator .

WorkRamp raises $17M to ramp up its enterprise learning platform

/0 Comments/in /by

Remote learning and training have become a large priority this year for organizations looking to keep employees engaged and up to date on work practices at a time when many of them are not working in an office — and, in the case of those who have joined in 2020, may have never met any of their work colleagues in person, ever. Today one of the startups that’s built a new, more user-friendly approach to creating and provisioning those learning materials is announcing some funding as it experiences a boost in its growth.

WorkRamp, which has built a platform that helps organizations build their own training materials, and then distribute them both to their workforce and to partners, has raised $17 million, a Series B round of funding that’s being led by OMERS Ventures, with Bow Capital also participating.

Its big pitch is that it has built the tools to make it easy for companies to build their own training and learning materials, incorporating tests, videos, slide shows and more, and by making it easier for companies to build these themselves, the materials themselves become more engaging and less stiff.

“We’re disrupting the legacy LMS [learning management system] providers, the Cornerstones of the world, with our bite-size training platform,” said CEO and founder Ted Blosser in an interview. “We want to do what Peloton did for the exercise market, but with corporate training. We are aiming for a consumer-grade experience.”

The company, originally incubated in Y Combinator, has now raised $27 million.

The funding comes on the back of strong growth for WorkRamp . Blosser said that it now has around 250 customers, with 1 million courses collectively created on its platform. That list includes fast-growing tech companies like Zoom, Box, Reddit and Intercom, as well as Disney, GlobalData and PayPal. As it continues to expand, it will be interesting to see how and if it can also snag more legacy, late adopters who are not as focused on tech in their own DNA.

WorkRamp estimates that there is some $20 billion spent annually by organizations on corporate training. Unsurprisingly, that has meant the proliferation of a number of companies building tools to address that market.

Just Google WorkRamp and you’re likely to encounter a number of its competitors who have bought its name as a keyword to snag a little more attention. There are both big and small players in the space, including Leapsome, Capterra, Lessonly, LearnUpon (which itself recently raised a big round), SuccessFactors and TalentLMS.

Dublin’s LearnUpon raises $56M for its online learning management system for enterprises

The interesting thing about what WorkRamp has built is that it plays on the idea of the “creator,” which really has been a huge development in our digital world. YouTube may have kicked things off with the concept of “user-generated content.” but today we have TikTok, Snapchat, Facebook, Twitter and so many more platforms — not to mention smartphones themselves, with their easy facilities to shoot videos and photos of others, or of yourself, and then share with others — which have made the idea of building your own work, and looking at that of others, extremely accessible.

That has effectively laid the groundwork for a new way of conceiving of even more prosaic things, like corporate training. (Can there really be anything more comedically prosaic than that?) Other startups like Kahoot have also played on this idea, by making it easy for enterprises to build their own games to help train their staff.

This is what WorkRamp has aimed to tap into with its own take on the learning market, to help its customers eschew the idea of hiring outside production companies to make training materials, or expect WorkRamp to build those materials for them: Instead, the people who are going to use the training now have the control.

“I think it’s critical to be able to build your own customer education,” Blosser said. “That’s a big trend for clients that want both to rapidly onboard people but also reduce costs.”

The company’s platform includes user-friendly drag-and-drop functionality, which also lets people build slide shows, flip cards and questions that viewers can answer. The plan is to bring on more “Accenture” style consultants, Blosser said, for bigger customers who may not be as tech savvy to help them take better advantage of the tools. It also integrates with third-party packages like Salesforce.com, Workday and Zoom both to build out training as well as distribute it.

“Since 2000, we have seen three major technology shifts in the enterprise: the transition from on-premise to SaaS, the growth of mobile, and the most recent – sweeping digital transformation across almost every part of every business,” said Eugene Lee of OMERS Ventures, in a statement. “The pandemic has forced adoption of a digital-first approach towards customers and employees across virtually all industries. WorkRamp’s platform is foundational to empowering both of these important audiences today and in the future. We are bullish on the massive opportunity in front of the company and are excited to get involved.” Lee is joining the board with this round.

Arthur.ai snags $15M Series A to grow machine learning monitoring tool

/0 Comments/in /by

At a time when more companies are building machine learning models, Arthur.ai wants to help by ensuring the model accuracy doesn’t begin slipping over time, thereby losing its ability to precisely measure what it was supposed to. As demand for this type of tool has increased this year, in spite of the pandemic, the startup announced a $15 million Series A today.

The investment was led by Index Ventures with help from newcomers Acrew and Plexo Capital, along with previous investors Homebrew, AME Ventures and Work-Bench. The round comes almost exactly a year after its $3.3 million seed round.

As CEO and co-founder Adam Wenchel explains, data scientists build and test machine learning models in the lab under ideal conditions, but as these models are put into production, the performance can begin to deteriorate under real-world scrutiny. Arthur.ai is designed to root out when that happens.

Even as COVID has wreaked havoc throughout much of this year, the company has grown revenue 300% in the last six months smack dab in the middle of all that. “Over the course of 2020, we have begun to open up more and talk to [more] customers. And so we are starting to get some really nice initial customer traction, both in traditional enterprises as well as digital tech companies,” Wenchel told me. With 15 customers, the company is finding that the solution is resonating with companies.

It’s interesting to note that AWS announced a similar tool yesterday at re:Invent called SageMaker Clarify, but Wenchel sees this as more of a validation of what his startup has been trying to do, rather than an existential threat. “I think it helps create awareness, and because this is our 100% focus, our tools go well beyond what the major cloud providers provide,” he said.

Investor Mike Volpi from Index certainly sees the value proposition of this company. “One of the most critical aspects of the AI stack is in the area of performance monitoring and risk mitigation. Simply put, is the AI system behaving like it’s supposed to?” he wrote in a blog post announcing the funding.

AWS announces SageMaker Clarify to help reduce bias in machine learning models

When we spoke a year ago, the company had eight employees. Today it has 17 and it expects to double again by the end of next year. Wenchel says that as a company whose product looks for different types of bias, it’s especially important to have a diverse workforce. He says that starts with having a diverse investment team and board makeup, which he has been able to achieve, and goes from there.

“We’ve sponsored and work with groups that focus on both general sort of coding for different underrepresented groups as well as specifically AI, and that’s something that we’ll continue to do. And actually I think when we can get together for in-person events again, we will really go out there and support great organizations like AI for All and Black Girls Code,” he said. He believes that by working with these groups, it will give the startup a pipeline to underrepresented groups, which they can draw upon for hiring as the needs arise.

Wenchel says that when he can go back to the office, he wants to bring employees back, at least for part of the week for certain kinds of work that will benefit from being in the same space.

Arthur announces $3.3M seed to monitor machine learning model performance

Microsoft brings new process mining features to Power Automate

/0 Comments/in /by

Power Automate is Microsoft’s platform for streamlining repetitive workflows — you may remember it under its original name: Microsoft Flow. The market for these robotic process automation (RPA) tools is hot right now, so it’s no surprise that Microsoft, too, is doubling down on its platform. Only a few months ago, the team launched Power Automate Desktop, based on its acquisition of Softomotive, which helps users automate workflows in legacy desktop-based applications, for example. After a short time in preview, Power Automate Desktop is now generally available.

The real news today, though, is that the team is also launching a new tool, the Process Advisor, which is now in preview as part of the Power Automate platform. This new process mining tool provides users with a new collaborative environment where developers and business users can work together to create new automations.

The idea here is that business users are the ones who know exactly how a certain process works. With Process Advisor, they can now submit recordings of how they process a refund, for example, and then submit that to the developers, who are typically not experts in how these processes usually work.

What’s maybe just as important is that a system like this can identify bottlenecks in existing processes where automation can help speed up existing workflows.

Image Credits: Microsoft

“This goes back to one of the things that we always talk about for Power Platform, which, it’s a corny thing, but it’s that development is a team sport,” Charles Lamanna, Microsoft’s corporate VP for its Low Code Application Platform, told me. “That’s one of our big focuses: how to bring people to collaborate and work together who normally don’t. This is great because it actually brings together the business users who live the process each and every day with a specialist who can build the robot and do the automation.”

The way this works in the backend is that Power Automate’s tools capture exactly what the users do and click on. All this information is then uploaded to the cloud and — with just five or six recordings — Power Automate’s systems can map how the process works. For more complex workflows, or those that have a lot of branches for different edge cases, you likely want more recordings to build out these processes, though.

Image Credits: Microsoft

As Lamanna noted, building out these workflows and process maps can also help businesses better understand the ROI of these automations. “This kind of map is great to go build an automation on top of it, but it’s also great because it helps you capture the ROI of each automation you do because you’ll know for each step how long it took you,” Lamanna said. “We think that this concept of Process Advisor is probably going to be one of the most important engines of adoption for all these low-code/no-code technologies that are coming out. Basically, it can help guide you to where it’s worth spending the energy, where it’s worth training people, where it’s worth building an app, or using AI, or building a robot with our RPA like Power Automate.”

Lamanna likened this to the advent of digital advertising, which for the first time helped marketers quantify the ROI of advertising.

The new process mining capabilities in Power Automate are now available in preview.

Microsoft brings new robotic process automation features to its Power Platform

Nutanix brings in former VMware exec as new CEO

/0 Comments/in /by

Nutanix announced today that it was bringing in former VMware executive Rajiv Ramaswami as president and CEO. Ramaswami replaces co-founder Dheeraj Pandey, who announced his plans to retire in August.

The new CEO brings 30 years of industry experience to the position, including stints with Broadcom, Cisco, Nortel and IBM — in addition to his most recent gig at VMware as chief operating officer of Products and Cloud Services.

At his position at VMware, Ramaswami had the opportunity to see Nutanix up close as a key competitor, and he now has the opportunity to lead the company into its next phase. “I have long admired Nutanix as a formidable competitor, a pioneer in hyperconverged infrastructure solutions and a leader in cloud software,” he said in a statement. He hopes to build on his industry knowledge to continue growing the company.

Nutanix up 131% on first day of trading

Sohaib Abbasi, lead independent director of Nutanix, says that as a candidate, Ramaswami’s experience really stood out. “Rajiv distinguished himself among the CEO candidates with his rare combination of operational discipline, business acumen, technology vision and inclusive leadership skills,” he said in a statement.

Holger Mueller, an analyst at Constellation Research, says the hiring makes a lot of sense, as VMware is quickly becoming the company’s primary competitor. “Nutanix and VMware want to be the same in the future — the virtualization and workload portability Switzerland across cloud and on premise compute infrastructures,” he told me.

What’s more, it allows Nutanix to grab a talented executive. “So hiring Ramaswami brings both an expert for multi-cloud to the Nutanix helm, as well as weakening a key competitor from a talent perspective,” he said.

Nutanix was founded in 2009. It raised more than $600 million from firms like Khosla Ventures, Lightspeed Ventures, Sapphire Ventures, Fidelity and Wellington Management, according to Crunchbase data. The company went public in 2016. Investors seem pleased by the announcement, with the company stock price up 1.29% as of publication.

Nutanix execs discuss how they built their 2016 IPO roadshow deck

Patch Tuesday, Good Riddance 2020 Edition

/0 Comments/in /by

Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load. Nine of the 58 security vulnerabilities addressed this month earned Microsoft’s most-dire “critical” label, meaning they can be abused by malware or miscreants to seize remote control over PCs without any help from users.

Mercifully, it does not appear that any of the flaws fixed this month are being actively exploited, nor have any them been detailed publicly prior to today.

The critical bits reside in updates for Microsoft Exchange Server, Sharepoint Server, and Windows 10 and Server 2016 systems. Additionally, Microsoft released an advisory on how to minimize the risk from a DNS spoofing weakness in Windows Server 2008 through 2019.

Some of the sub-critical “important” flaws addressed this month also probably deserve prompt patching in enterprise environments, including a trio of updates tackling security issues with Microsoft Office.

“Given the speed with which attackers often weaponize Microsoft Office vulnerabilities, these should be prioritized in patching,” said Allan Liska, senior security architect at Recorded Future. “The vulnerabilities, if exploited, would allow an attacker to execute arbitrary code on a victim’s machine. These vulnerabilities affect Microsoft Excel 2013 through 2019, Microsoft 365 32 and 64 bit versions, Microsoft Office 2019 32 and 64 bit versions, and Microsoft Excel for Mac 2019.”

We also learned this week that Redmond quietly addressed a scary “zero-click” vulnerability in its Microsoft Teams platform that would have let anyone execute code of their choosing just by sending the target a specially-crafted chat message to a Teams users. The bug was cross-platform, meaning it could also have been used to deliver malicious code to people using Teams on non-Windows devices.

Researcher Oskars Vegeris said in a proof-of-concept post to Github that he reported the flaw to Microsoft at the end of August, but that Microsoft didn’t assign the bug a Common Vulnerabilities and Exposure (CVE) rating because it has a policy of not doing so for bugs that can be fixed from Microsoft’s end without user interaction.

According to Vegeris, Microsoft addressed the Teams flaw at the end of October. But he said the bug they fixed was the first of five zero or one-click remote code execution flaws he has found and reported in Teams. Reached via LinkedIn, Vegeris declined to say whether Microsoft has yet addressed the remaining Teams issues.

Separately, Adobe issued security updates for its Prelude, Experience Manager and Lightroom software. There were no security updates for Adobe Flash Player, which is fitting considering Adobe is sunsetting the program at the end of the year. Microsoft is taking steps to remove Flash from its Windows browsers, and Google and Firefox already block Flash by default.

It’s a good idea for Windows users to get in the habit of updating at least once a month, but for regular users (read: not enterprises) it’s usually safe to wait a few days until after the patches are released, so that Microsoft has time to iron out any chinks in the new armor.

But before you update, please make sure you have backed up your system and/or important files. It’s not uncommon for a Windows update package to hose one’s system or prevent it from booting properly, and some updates have been known to erase or corrupt files.

So do yourself a favor and backup before installing any patches. Windows 10 even has some built-in tools to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.

And if you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, see this guide.

As always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there’s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips.

SingleStore, formerly MemSQL, raises $80M to integrate and leverage companies’ disparate data silos

/0 Comments/in /by

While the enterprise world likes to talk about “big data”, that term belies the real state of how data exists for many organizations: the truth of the matter is that it’s often very fragmented, living in different places and on different systems, making the concept of analysing and using it in a single, effective way a huge challenge.

Today, one of the big up-and-coming startups that has built a platform to get around that predicament is announcing a significant round of funding, a sign of the demand for its services and its success so far in executing on that.

SingleStore, which provides a SQL-based platform to help enterprises manage, parse and use data that lives in silos across multiple cloud and on-premise environments — a key piece of work needed to run applications in risk, fraud prevention, customer user experience, real-time reporting and real-time insights, fast dashboards, data warehouse augmentation, modernization for data warehouses and data architectures and faster insights — has picked up $80 million in funding, a Series E round that brings in new strategic investors alongside its existing list of backers.

The round is being led by Insight Partners, with new backers Dell Technologies Capital, Hercules Capital; and previous backers Accel, Anchorage, Glynn Capital, GV (formerly Google Ventures) and Rev IV also participating.

Alongside the investment, SingleStore is formally announcing a new partnership with analytics powerhouse SAS. I say “formally” because they two have been working together already and it’s resulted in “tremendous uptake,” CEO Raj Verma said in an interview over email.

Verma added that the round came out of inbound interest, not its own fundraising efforts, and as such, it brings the total amount of cash it has on hand to $140 million. The gives the startup money to play with not only to invest in hiring, R&D and business development, but potentially also M&A, given that the market right now seems to be in a period of consolidation.

Verma said the valuation is a “significant upround” compared to its Series D in 2018 but didn’t disclose the figure. PitchBook notes that at the time it was valued at $270 million post-money.

When I last spoke with the startup in May of this year — when it announced a debt facility of $50 million — it was not called SingleStore; it was MemSQL. The company rebranded at the end of October to the new name, but Verma said that the change was a long time in the planning.

“The name change is one of the first conversations I had when I got here,” he said about when he joined the company in 2019 (he’s been there for about 16 months). “The [former] name didn’t exactly flow off the tongue and we found that it no longer suited us, we found ourselves in a tiny shoebox of an offering, in saying our name is MemSQL we were telling our prospects to think of us as in-memory and SQL. SQL we didn’t have a problem with but we had outgrown in-memory years ago. That was really only 5% of our current revenues.”

He also mentioned the hang up many have with in-memory database implementations: they tend to be expensive. “So this implied high TCO, which couldn’t have been further from the truth,” he said. “Typically we are ⅕-⅛ the cost of what a competitive product would be to implement. We were doing ourselves a disservice with prospects and buyers.”

The company liked the name SingleStore because it is based a conceptual idea of its proprietary technology. “We wanted a name that could be a verb. Down the road we hope that when someone asks large enterprises what they do with their data, they will say that they ‘SingleStore It!’ That is the vision. The north star is that we can do all types of data without workload segmentation,” he said.

That effort is being done at a time when there is more competition than ever before in the space. Others also providing tools to manage and run analytics and other work on big data sets include Amazon, Microsoft, Snowflake, PostgreSQL, MySQL and more.

SingleStore is not disclosing any metrics on its growth at the moment but says it has thousands of enterprise customers. Some of the more recent names it’s disclosed include GE, IEX Cloud, Go Guardian, Palo Alto Networks, EOG Resources, SiriusXM + Pandora, with partners including Infosys, HCL and NextGen.

“As industry after industry reinvents itself using software, there will be accelerating market demand for predictive applications that can only be powered by fast, scalable, cloud-native database systems like SingleStore’s,” said Lonne Jaffe, managing director at Insight Partners, in a statement. “Insight Partners has spent the past 25 years helping transformational software companies rapidly scale-up, and we’re looking forward to working with Raj and his management team as they bring SingleStore’s highly differentiated technology to customers and partners across the world.”

“Across industries, SAS is running some of the most demanding and sophisticated machine learning workloads in the world to help organizations make the best decisions. SAS continues to innovate in AI and advanced analytics, and we partner with companies like SingleStore that share our curiosity about how data and analytics can help organizations reimagine their businesses and change the world,” said Oliver Schabenberger, COO and CTO at SAS, added. “Our engineering teams are integrating SingleStore’s scalable SQL-based database platform with the massively parallel analytics engine SAS Viya. We are excited to work with SingleStore to improve performance, reduce cost, and enable our customers to be at the forefront of analytics and decisioning.”