The Latest

Apruve Raises $2.25 Million Round Led by TTV Capital

  |   Portfolio News, The Latest

The funding will help the technology platform grow the future of B2B ecommerce fintech

 

Logo_iReach

MINNEAPOLIS, June 22, 2016 /PRNewswire-iReach/ — B2B financial technology platform Apruve, Inc., announced today it has raised $2.25 million in a Series A funding round. The round was led by TTV Capital, with participation from Allegis Capital.

Based in Minneapolis, Apruve was founded with a mission to make it easier for businesses to sell to other businesses. Apruve’s corporate account management and financing solution was launched at the beginning of this year. The solution allows online B2B sellers to give their business customers a revolving line of credit without any accounts receivable or cash flow risk.

“Businesses don’t buy things online like consumers do,” said Michael Noble, CEO of Apruve. “Within B2B, sellers offering their customers credit terms on their purchases is an industry norm. The problem is that it is difficult to manage and expensive to do. With Apruve, online sellers get a turnkey solution to manage all aspects of credit approval, invoicing and collections, plus sellers are paid within 24 hours of any order placed online by their buyers, completely eliminating the need to act like a bank for their customers.”

“We believe Apruve is solving a fundamental problem that will enable more businesses to ride the $1.3 trillion wave of B2B eCommerce that is currently unfolding,” said Tom Smith, Managing Director at TTV.  “Their solution takes an outdated A/R process, automates it and then underwrites the credit risk for the seller.  The ROI they can deliver is extremely strong.”

The round of funding will be used to expand the development, sales, and marketing teams in Minneapolis, as well as build integrations with even more ecommerce platforms.

About Apruve, Inc.

Apruve is dedicated to making B2B ecommerce between buyers and sellers as efficient, easy and safe as possible. Its turnkey corporate account management and financing solution allows online B2B sellers to give their customers a revolving line of credit without any accounts receivable or cash flow risk. Learn more at www.apruve.com

About TTV Capital

Based in Atlanta, TTV Capital invests in technology-enabled financial services businesses with disruptive technologies, software-as-a-service solutions or cloud applications that have scalable business models and exceptional growth opportunities. To learn more, visit www.ttvcapital.com

About Allegis Capital

Allegis Capital is a seed and early-stage venture capital investor in companies building disruptive and innovative cyber security solutions for the global digital economy. Founded in 1996, the firm has more than $700 million in capital under management and has been active in cyber security investing since 2000. For more information, visit www.allegiscap.com

Media Contact: Melissa Buening, Apruve, Inc., 608-780-9914, hello@apruve.com

News distributed by PR Newswire iReach: https://ireach.prnewswire.com

SOURCE  |  Apruve, Inc.

Find More: http://www.apruve.com

Article Found here:  http://www.ireachcontent.com/news-releases

 

Read More

vArmour Raises $41 Million to Expand Data Center and Cloud Security Leadership Globally Through Strategic Distribution Partners

  |   Portfolio News, The Latest

Funding to accelerate the distribution of vArmour’s simple, scalable and economical data center and cloud security solution    

vArmour-Logo-ColorMOUNTAIN VIEW, Calif. – May 24, 2016 — vArmour, the leading data center and cloud security company providing application-aware micro-segmentation with advanced security analytics, announced today that the company has raised $41 million in Series D funding. The round was led by Redline Capital, Telstra and other strategic investors, bringing total company funding to $83 million. vArmour will use the capital for global expansion and to accelerate worldwide software distribution of its Distributed Security System (DSS) through strategic partners in Asia-Pacific, EMEA and in North America. With DSS, organizations can gain application-layer visibility and control of their network, applications and users to prevent, detect and respond to cyber attacks and breaches in data center and cloud environments.

vArmour has deployed its distributed security system at hundreds of organizations across the globe, including a significant number of the world’s largest banks, telecom service providers, government agencies, healthcare providers and retailers. The rapid customer growth validates vArmour’s vision and product leadership as well as strategic initiatives unveiled over the last year addressing organizations’ security challenges, including:

“We are solving real problems for real people. vArmour is now segmenting and protecting critical data for some of the largest national infrastructure and financial institutions in the world,” said Tim Eades, CEO of vArmour. “We have proven that our product and model are extremely effective, cost efficient and scalable, and this new round of funding and investment from global distribution partners will propel company growth.”

With shrinking IT budgets and the costs of cybercrime estimated to rise from today’s $500 billion to $2 trillion by 2019, organizations are under extreme pressure to do more with less. vArmour’s funding event comes at a perfect time to help organizations across the globe protect themselves against advanced threats and security breaches, since traditional hardware-centric and agent-based approaches to security are failing.*

According to Gartner analysts Neil MacDonald, Lawrence Pingree and Peter Firstbrook, organizations in regards to firewalls and unified threat management should “consider greater network segmentation or micro-segmentation of east-west traffic in both on-premises and cloud environments to not only provide greater granularity of access between application tiers, but also slow the lateral spread of attacks.” Organizations, in regards to SaaS and public/private clouds, should also “prefer solutions that unify security policy and configuration, no matter what deployment option is being used in a consolidated interface.”**

See what recent investors, customers, industry partners and influencers are saying about the news:

“We believe that vArmour’s genuinely agile and scalable architecture, protecting up to 100,000 workloads across 1,000 hosts in a single solution, is a unique product offering which is perfectly aligned with the rapidly-changing data center and cloud landscape,” said Alastair Cookson, partner at Redline Capital. “We are particularly impressed by the early and deep adoption by demanding customers in many verticals and across the globe, and see this as great validation of vArmour’s approach and technology.”

“The move to multi-cloud requires a completely different approach to security,” said Mark Sherman, managing director at Telstra Ventures. “We are very excited to be investing in vArmour, as we believe they sit at the forefront of this rapidly growing market. With vArmour’s distributed security system that delivers massive scale, coverage and control that agent or traditional perimeter-based solutions cannot support, the company is in a great position to help customers realize the full potential of multi-clouds.”

“Our No. 1 priority is serving our patient community with the best care possible, which means keeping their data safe with the most cutting-edge security solutions,” said Jon Russell, CIO at John Muir Health. “As healthcare is undergoing a massive digital transformation with IT acting as the underpinning for this shift, vArmour is helping us re-think our security architecture to protect patient information without sacrificing speed for service delivery.”

To see learn more about vArmour and Project Ice Cream, visit here. To get up and running quickly with vArmour’s application-aware micro-segmentation, visit http://www.varmour.com to start your trial today.

*Forbes, Cyber Crime Costs Projected To Reach $2 Trillion by 2019, Steve Morgan, 17 January 2016

**Gartner: Best Practices for Detecting and Mitigating Advanced Threats, 29 March 2016

About vArmour

Based in Mountain View, CA, vArmour is the data center and cloud security company, and the leader in application-aware micro-segmentation with advanced security analytics. The company was founded in 2011 and is backed by top investors including Highland Capital Partners, Menlo Ventures, Columbus Nova Technology Partners, Citi Ventures, Work-Bench Ventures, Allegis Capital, Redline Capital and Telstra. The vArmour DSS Distributed Security System is deployed in a significant number of the world’s largest banks, telecom service providers, government agencies, healthcare providers, and retailers, and is leading the industry with a new patented, distributed approach to data security that allows organizations to deliver IT at the speed of business. vArmour partners with companies including AWS, Cisco and HPE to secure many of the largest data center and cloud environments in the world.

vArmour Media Contact:

  Denise Schenasi

  Highwire PR for vArmour

  (415) 963-4174 x22

  vArmour@HighwirePR.com

Find More:

https://www.varmour.com/past-press/253-varmour-raises-41-million-to-expand-data-center-and-cloud-security-leadership-globally-through-strategic-distribution-partners

Read More

Meet the 2016 CNBC Disruptor 50 companies

  |   Portfolio News, The Latest

Logo_CNBC

 

Meet the 2016 CNBC Disruptor 50 companies

Tuesday, 7 Jun 2016 | 6:06 AM ET

#20 : Synack – Getting there before the hackers do

 

In the fourth annual Disruptor 50 list, CNBC features private companies in 15 industries — from aerospace to financial services to cybersecurity to retail — whose innovations are revolutionizing the business landscape. These forward-thinking starts-ups have identified unexploited niches in the marketplace that have the potential to become billion-dollar businesses, and they rushed to fill them. Some have already passed the billion-dollar mark at a speed that is unprecedented. In the process, they are creating new ecosystems for their products and services. Unseating corporate giants is no easy feat. But we ranked those venture capital–backed companies doing the best job. In aggregate, these 50 companies have raised $41 billion in venture capital at an implied Disruptor 50 list market valuation of $242 billion, according to PitchBook data. Already it’s hard to think of the world without them. Read more about the consumer and business trends that stand out in the 2016 list ranking and the methodology used to select this year’s Disruptor companies.

Synack-Logo-ColorFounders: Jay Kaplan & Mark Kuhr
Launched: 2013
Funding: $34.2 million
Valuation: n/a
Disrupting: Penetration testing, automated tools
Rival: IBM

This Redwood City, California-based company combines the best of human knowledge and know-how with cutting-edge technology to help its customers guard against debilitating cyberattacks. Synack was started in 2013 by former National Security Agency agents Jay Kaplan, CEO, and Mark Kuhr, CTO, who specialized in counterterrorism before founding the company.

One of its most potent advantages over other security firms is its Red Team — a private crowd of highly-skilled ethical hackers from all over the world who can go in and prove where a customer is vulnerable before the bad guys find out. That’s become a growing industry. Reports from Gartner predict the cybersecurity market will grow 10 percent a year between now and 2020 to over $170 billion.

With so many businesses, big and small, desperate for a security solution that really protects them, Synack is in an ideal position and claims it has been able to increase revenue by nearly 300 percent over the past year. As a result, the company has raised $34 million in venture capital from Kleiner Perkins Caufield & Byers, Google Ventures and Greylock Partners since getting started.

Headshot_JayKaplan_Synack

Jay Kaplan: CEO & CoFounder of Synack

 

Find More:  http://www.cnbc.com/2016/06/06/synack-2016-disruptor-50.html

Read More

New York Times | The Chinese Hackers in the Back Office

  |   Portfolio News, The Latest

 

The New York Times      |     By NICOLE PERLROTH     |    June 11, 2016

BELLEVILLE, Wis. — Drive past the dairy farms, cornfields and horse pastures here and you will eventually arrive at Cate Machine & Welding, a small-town business run by Gene and Lori Cate and their sons. For 46 years, the Cates have welded many things — fertilizer tanks, jet-fighter parts, cheese molds, even a farmer’s broken glasses.

And like many small businesses, they have a dusty old computer humming away in the back office. On this one, however, an unusual spy-versus-spy battle is playing out: The machine has been taken over by Chinese hackers.

hacker machineThe hackers use it to plan and stage attacks. But unbeknown to them, a Silicon Valley start-up is tracking them here, in real time, watching their every move and, in some cases, blocking their efforts.

“When they first told us, we said, ‘No way,’” Mr. Cate said one afternoon recently over pizza and cheese curds, recalling when he first learned the computer server his family used to manage its welding business had been secretly repurposed. “We were totally freaked out,” Ms. Cate said. “We had no idea we could be used as an infiltration unit for Chinese attacks.”

On a recent Thursday, the hackers’ targets appeared to be a Silicon Valley food delivery start-up, a major Manhattan law firm, one of the world’s biggest airlines, a prominent Southern university and a smattering of targets across Thailand and Malaysia. The New York Times viewed the action on the Cates’ computer on the condition that it not name the targets.

The activity had the hallmarks of Chinese hackers known as the C0d0s0 group, a collection of hackers for hire that the security industry has been tracking for years. Over the years, the group has breached banks, law firms and tech companies, and once hijacked the Forbes website to try to infect visitors’ computers with malware.

There is a murky and much hyped emerging industry in selling intelligence about attack groups like the C0d0s0 group. Until recently, companies typically adopted a defensive strategy of trying to make their networks as impermeable as possible in hopes of repelling attacks. Today, so-called threat intelligence providers sell services that promise to go on the offensive. They track hackers, and for annual fees that can climb into the seven figures, they try to spot and thwart attacks before they happen.

These companies have a mixed record of success. Still, after years of highly publicized incidents, Gartner, a market research company, expects the market for threat intelligence to reach $1 billion next year, up from $255 million in 2013.

Remarkably, many attacks rely on a tangled maze of compromised computers including those mom-and-pop shops like Cate Machine & Welding. The hackers aren’t after the Cates’ data. Rather, they have converted their server, and others like it, into launchpads for their attacks.

These servers offer the perfect cover. They aren’t terribly well protected, and rarely, if ever, do the owners discover that their computers have become conduits for spies and digital thieves. And who would suspect the Cate family?

Two years ago, the Cates received a visit from men informing them that their server had become a conduit for Chinese spies. The Cates asked: “Are you from the N.S.A.?”

One of the men had, in fact, worked at the National Security Agency years before joining a start-up company, Area 1, that focuses on tracking digital attacks against businesses. “It’s like being a priest,” said Blake Darché, Area 1’s chief security officer, of his N.S.A. background. “In other people’s minds, you never quite leave the profession.”

weldingMr. Darché wanted to add the Cates’ server to Area 1’s network of 50 others that had been co-opted by hackers. Area 1 monitors the activity flowing into and out of these computers to glean insights into attackers’ methods, tools and websites so that it can block them from hitting its clients’ networks, or give them a heads-up days, weeks or even months before they hit.

The Cates called a family meeting. “People work really hard to make products, and they’re getting stolen,” Ms. Cate said. “It seemed like the least we could do.” Area 1 paid for the installation cost, about $150.

Shortly after installing a sensor on the machine, Mr. Darché said his hunch was confirmed: The sensor lit up with attacks. Area 1 began to make out the patterns of a familiar adversary: the C0d0s0 group.

Area 1 was founded by three former N.S.A. analysts, Mr. Darché, Oren Falkowitz and Phil Syme. The three sat side by side at Fort Meade, tracking and, in some cases, penetrating adversaries’ weapons systems for intelligence. A little over two years ago, they decided to start their own company and raised $25.5 million in funding from major venture capitalists and security entrepreneurs in Silicon Valley, including Kleiner Perkins Caulfield & Byers and Cowboy Ventures, and security veterans like Ray Rothrock, the chief executive of RedSeal, and Derek Smith, the chief executive of Shape Security.

Area 1 is a new player in threat intelligence, a nascent subsector of the security business that includes companies like iSight Partners and Recorded Future that track attackers in underground web forums and on social media, gleaning intelligence about them.

Threat intelligence is still more art than science. The jury is still out on whether companies are equipped to use that intelligence to thwart hackers. Area 1 claims that it can head off attacks through the compromised servers it is tracking. It can also use its vantage point to see where attackers are setting up shop on the web and how they plan to target their intended victims.

A handful of Area 1 customers confirmed that its technology had helped head off attackers. One client, a chief information security officer at a large health care provider, said the health care sector had been slammed by digital criminals and governments in recent years. He asked that the company not be named, to avoid becoming a more visible target.

He credited Area 1’s sensors with blocking several attacks on his network, helping his company avoid the fates of the health insurer Anthem, which was breached by Chinese hackers last year, and a growing number of hospitals hit by attacks that have forced them to pay a ransom to get important information back.

Mr. Smith, the chief executive of Shape Security, said Area 1 gave his company warning of three attacks before they happened, providing time to block them. Mr. Smith said he was impressed enough that he made a small investment in Area 1.

“Many of these mom-and-pop shops are ambivalent because the attacks don’t directly impact their business and revenue,” he said. “Meanwhile, they unwittingly operate this attack infrastructure.”

But Area 1’s business model can pose ethical dilemmas. What does the company do when it sees attacks against prominent companies and government agencies who are not Area 1 customers?

“We
think of ourselves as a bodyguard, not a police force that runs around telling everyone they’re a victim,” said Mr. Falkowitz, Area 1’s chief executive. “We’re in the business of pre-emption.”

They do warn some victims, he said. For instance, they tipped off a law firm, a manufacturer, a financial services firm and electronics company that were attacked via the Cates’ server after they saw the C0d0s0 hackers make off with their intellectual property. Some of those victims, including the law firm, later signed up for Area 1 services.

Not all companies heed the warning. A security consultant for one victim, who spoke on the condition of anonymity because of nondisclosure agreements, said that his client chose not to act on a tip from Area 1 last year out of concern that a scandal over a successful online attack against the company would jeopardize its recent acquisition. It figured its acquirer would not have been thrilled to learn that the start-up’s proprietary technology was now in Chinese hacker’s hands.

Logo_Area1Posted on the wall of Area 1’s headquarters in a historic house in Redwood City, Calif., is a list titled “45 Things That Are Harder Than Cybersecurity.” It includes flight, solar power, the flu vaccine, brain surgery, the internet, heart transplants, skyscrapers, the Thermos and the Q-tip.

Mr. Falkowitz disagrees with a growing concern that it is too difficult or impossible to stop online attacks. As attackers have grown more sophisticated, many security companies have stopped believing they can block attacks with traditional defenses like antivirus software. Instead, many focus on trying to detect an intrusion “in real time,” to catch hackers before they steal too much.

Eighty percent of the time, victims learn they have been breached only when law enforcement or someone else shows up with their stolen data, according to Verizon, which tracks breach data.

At the N.S.A., Mr. Falkowitz had worked with teams that detected North Korean missile launches. Much of that early work was done with satellites that would look for sudden heat blasts.

Eventually, Mr. Falkowitz’s team tried a more proactive approach. If they could hack the computers that controlled the missile launch systems, they could glean launch schedules. Area 1 is now taking a similar approach to digital attacks, tapping into the attackers’ launchpads, as it were, rather than waiting for them to attack.

Hackers don’t just press a big red “attack” button one day. They do reconnaissance, scout out employees on LinkedIn, draft carefully worded emails to trick unsuspecting employees to open them and click on links or email attachments that will try to launch malicious attacks.

Once they persuade a target to click — and 91 percent of attacks start this way, according to Trend Micro, the security firm — it takes time to crawl through a victim’s network to find something worth taking. Then they have to pull that data off the network. The process can take weeks, months, even years and leaves a digital trail.

Area 1 watches for this kind of activity and then teams up with firms like Blue Coat, a web security company, to build what it has learned into security software that can try to block attacks when they come.

The owners of Cate Machine & Welding say that living with Chinese attackers in your office can be a strange feeling. Recently, Area 1 executives visited the shop and showed them some of what they had learned from watching their computer. The C0d0s0 group had used their server to pilfer a law firm’s due diligence on an impending acquisition, a financial services firm’s confidential trading plans, a mobile payment start-up’s proprietary source code, some blueprints and loan applications at a mortgage company.

Hearing that, Mr. Cate expressed pride — and maybe even a hint of schadenfreude. For years, the welding business that is his family’s bread and butter has been migrating to China. Now his family is helping American businesses fight back.

“We want to do the right thing for these businesses,” Mr. Cate said, “For our country.”

Find More:

http://www.nytimes.com/2016/06/12/technology/the-chinese-hackers-in-the-back-office.html?_r=0

Read More

VentureBeat | IMVU’s social avatar powers Kim Kardashian West’s new Kimoji app

  |   Portfolio News, The Latest

By: Dean Takahashi | VentureBeat | June 1, 2016

 

IMVU, the social network with 3D animated avatars, said that it has provided the technology behind a new version of the popular Kimoji paid app created by Kim Kardashian West.

 

kimoji

Redwood City, Calif.-based IMVU operates a social network where users can create their own animated spaces. It created a proprietary Server Side Rendering (SSR) technology that powers its avatars, and that same technology is behind the latest release of the Kimoji app.

“Kanye and I found this amazing social experience company, IMVU, and worked with them on creating some of our latest Kimoji designs and GIFs. They’re such innovators who have helped me really set Kimoji apart,” Kardashian wrote on her site.

The technology enables personalization of 2D, 3D, and virtual reality (VR) content, allowing users to express themselves as they wish. The IMVU SSR tech brings to life the work of Kardashian and the application technology of Whalerock Technologies, a Los Angeles media company. The app makers approached IMVU to enhance their popular app and introduce KimoGIFs. The Kimoji app and its subsequent updates have topped Apple’s App Store list of highest-grossing paid apps.

“With our Server Side Rendering technology, and with our catalog of 20 million-plus user-generated 2D, 3D, and VR-ready products, we are redefining the way people communicate universally,” said Brett Durrett, CEO of IMVU, in a statement. “Our technology makes it possible for all users to easily create an infinite amount of highly expressive content starring their customized avatar.”

IMVU was founded in 2004 as part of the virtual world craze, but it’s interesting to see how it continues to morph and exploit its technology over time.

iOS users can send their customized 3D Stickers in messaging apps, including Facebook Messenger, iMessage, and Gmail; both Android and iOS users can create and send 3D Stickers within IMVU conversations.

 

 

 

Find More …

Takahashi, Dean. “IMVU’s social avatar powers Kim Kardshain West’s new Kimoji app VentureBeat, 1 June 2016.

Read More

Signifyd Named 2016 “Bay Area Best Place to Work”

  |   Portfolio News, The Latest

signifyd2016

 

Great news!

 

Signifyd has been recognized as a winner of the 2016 Bay Area Best Places To Work, an awards program presented by the San Francisco Business Times and the Silicon Valley Business Journal.

 

Aside from our beloved coffee machine that serves 28 different kinds of drinks, Signifyd was chosen because of our commitment to empower our employees to work on projects that interest them and develop their own individualized career path, and to have fun while doing it.

In the words of one of our employees, “Signifyd is great at being transparent with its objectives and allows people of all levels to contribute ideas for new projects, as well as initiatives to accomplish them. We’re empowered to extend our roles by branching out into surrounding areas of interest, and are able to actively participate in shaping our roles and career paths following our own aspirations.” That, plus our fully-stocked game room, equals a vibrant, collaborative culture where employees are motivated to contribute to the team’s shared vision of protecting e-commerce companies from fraud.

Award applicants were evaluated and ranked across 5 categories according to the number of Bay Area employees. The ranking found companies in the region whose employees rate them as the highest on such values as fun, collaborative culture, solid compensation and benefits offerings and other amenities as well as management practices. The rankings were unveiled yesterday, April 19, 2016, at the awards event in San Francisco. Signifyd placed #7 in the “Bay Area Best Places To Work: Smallest Companies” category.

Thanks to the San Francisco Business Times and Silicon Valley Business Journal for giving us this honor!

About 2016 Bay Area Best Places to Work
Best Places to Work is an innovative publication and awards program produced by the San Francisco Business Times and the Silicon Valley Business Journal. The rankings were determined by surveys that went directly to employees who answered a series of questions. The survey was administered online by the employers and through a service provided by Quantum Workplace, our research partner. The rankings are numeric, based on Quantum’s scoring process. By ranking companies and sharing best practices we facilitate idea sharing and help other companies learn from the best.

Read more at Signifyd.com:

“Signifyd Named 2016 ‘Bay Area Best Place to Work.'” 

Via:

Reyes, Lemery. “The 125 Best Places to Work in the Bay Area.” San Francisco Business Times. 19 April 2016. Web. 21 April 2016.

Read More

Mercury News | Silicon Valley startups stumble, forced into cost cutting

  |   Allegis News, The Latest

By: Marisa Kendall | mkendall@mercurynews.com

Once it seemed there was nowhere to go but up.

Today, with fears of bloated valuations, a rocky stock market and the worst IPO climate since the financial crisis of 2008, startups are coming down from the clouds. And to woo venture capitalists, they are talking about profitability and high gross margins to prove they are building sustainable businesses — not just sexy ones.

“Bottom line is that entrepreneurs and investors alike have discovered that gravity exists after all,” said Robert Ackerman Jr., managing director and founder of Allegis Capital.

Reflecting a more sober Silicon Valley, at least a dozen Bay Area startups have cut costs by laying off staff since November. Others in the saturated on-demand industry, like San Francisco’s Zirx, are changing their focus. And a few have simply shut down, with Berkeley-based SpoonRocket becoming the latest victim.

Those changes are signs of healthy market correction after years of frenzied overspending, said Paul Boyd of San Francisco-based wealth management firm ClearPath Capital Partners. But that doesn’t mean they’re not painful — for everyone. As startups spend less, the slowdown will be felt in other areas as well, he said.

“It’s almost like ink,” Boyd said, “it’s going to slowly spread.”

His team keeps a close eye on the VC and startup ecosystem as an indicator of the health of the overall economy. Right now, the signs aren’t pointing in a positive direction.

Venture capital funding in the U.S. dropped by about 30 percent in the fourth quarter of 2015 compared with the quarter before, according to the MoneyTree Report by PricewaterhouseCoopers and the National Venture Capital Association. Meanwhile, IPO activity has all but dried up. The cash raised by IPOs in the first quarter of 2016 was down almost 90 percent from the quarter before, according to data from Renaissance Capital, and only eight companies went public. The only Silicon Valley offering was a Burlingame pharmaceutical company.

Last month Optimizely, which helps companies test and improve their websites and mobile platforms, announced it was laying off 40 people, or 10 percent of its team. Despite raising more than $146 million in funding from some of Silicon Valley’s most prestigious venture capital firms, the company was struggling to break even. In a blog post announcing the layoffs, CEO and co-founder Dan Siroker pointed to a “wake-up call” in February when public cloud companies collectively lost $28 billion in market value in one day, signifying that “the market has clearly shifted.”

Insurance software startup Zenefits announced it cut 250 jobs in February, after revelations that some of the company’s employees were selling insurance without a license. The company, which sells health insurance and provides companies with software to manage employee benefits, once had been revered as the software industry’s fastest-growing startup. In two years the company ballooned from 15 employees to 520, and CB Insights reports it’s now valued at $4.5 billion.

“It’s no secret that Zenefits grew too fast, stretching both our culture and our controls,” CEO David Sacks wrote in an email to employees announcing the layoffs.

Other San Francisco companies that reportedly cut staff in recent months include wearable tech company Jawbone, mobile and web analytics company Mixpanel, dating website Zoosk and Practice Fusion, which digitizes health records. Jumio, a Palo Alto-based credit card authorization company, announced last month that it’s filing for bankruptcy and selling its assets.

The market shift caught Foster City resident Erica Halverson off guard. She spent just four months as marketing director for SenStay, a property management startup for home-sharing rentals, before she was laid off in February along with a handful of other employees.

“It put me literally into a panic,” 39-year-old Halverson said, “because I had a commitment from the company and I had expectations that I was helping them build and get to a certain level. And I felt like the rug was ripped out from under me.”

Now Halverson spends most of her time job hunting, sending out 10 to 15 résumés a day.

The shift is especially noticeable in Silicon Valley’s on-demand industry, where dozens of mobile apps compete to deliver everything from meals to baby sitters. San Francisco restaurant delivery startup DoorDash recently had to slash its valuation in order to raise another round of funding. The company reported a $127 million Series C round in March at a $700 million valuation — falling short of its reported goal to hit a $1 billion “unicorn” valuation.

Berkeley-based SpoonRocket, which prepared and delivered meals to customers, shut down last month. The company failed because it expanded too quickly, said Rahul Ramakrishnan, president of UC Berkeley-based consulting group Venture Strategy Solutions.

Ramakrishnan worked with SpoonRocket to optimize its delivery routes in Berkeley about three years ago. He said the company was doing well in Berkeley, but its business model fell apart when it expanded into San Francisco. The demand was too high, the company didn’t have enough drivers and the couriers had a hard time navigating the city’s traffic, he said.

“They expanded at a rate in which they couldn’t keep up with their promise to deliver food in under five minutes,” Ramakrishnan said. “That made customers very angry.”

San Francisco-based Bento, which prepares and delivers customized Asian meals, recently shifted gears to avoid a fate similar to SpoonRocket’s. Bento’s original on-demand model was too expensive to be sustainable, said CEO Jason Demant, so now the company requires customers to pre-order their lunches in the morning.

“We decided to try something else before we ran out of time,” Demant said. “It’s really tough to raise money.”

Other companies couldn’t distinguish themselves from the competition. In January ride-booking platform Sidecar announced it was shutting down and selling its assets to General Motors.

“We were unable to compete against Uber, a company that raised more capital than any other in history and is infamous for its anti-competitive behavior,” co-founder and CEO Sunil Paul wrote in a blog post.

In February San Francisco-based Zirx shut down its consumer on-demand valet parking service because it was too expensive to buy parking spaces, CEO and co-founder Sean Behr said. Zirx pivoted to a business-to-business model, which includes parking for employees, as well as some new features Behr has yet to reveal.

“Given where I believe the funding market is headed, and has been headed,” Behr said, “it was a tough decision, but the best one for the company.”

Kendall, Marisa. “Silicon Valley startups stumble, forced into cost cutting.” Mercury News. 5 April 2016. Web. 6 April 2016.

Read More

1IT Enterprise | Why Protected Encryption Is Very Important

  |   Allegis News, The Latest

By Robert Ackerman Jr | Founder & Managing Director of Allegis Capital

bobheadshot

As anybody familiar with the computer industry knows, the FBI wants Apple to break security protections on an iPhone linked to the deadly San Bernardino terrorist attacks — and a U.S. district court has ordered Apple to do just that.

Apple is fighting the decision for good reason. If it obeyed the court, the security of the iPhone could be compromised, helping to set in motion a trend that would materially undermine the effectiveness of cybersecurity in every conceivable venue.

Many law enforcement officials do not agree with this view; they believe encryption already allows far too many criminals to go scot free. But why lean on Apple to crack a phone they may able to crack themselves?

Authorities might be able to accomplish this, for example, by using a very precise atomic saw that can cut through the outer structures of the A6 microprocessor inside the phone, according to a recent story in The Wall Street Journal. They could target the portion of the chip that holds the user ID (the UID key). Then they could move the iPhone’s scrambled data to another computer and unlock it by using technology to guess the passcode of San Bernardo killer Syed Rizwan Farook.

It is true that this tactic would be risky and very expensive. And if anything goes wrong during the process, the data could be lost forever. But why is this a greater risk than forcing Apple to comply with authorities and possibly provide the essence of a “golden key” to unveil encrypted communications to help catch criminals and terrorists?

The authorities always sidestep one extremely important detail — in the domain of cybersecurity and encryption, the bad guys are just as smart as the good guys. Exploiting vulnerabilities is their expertise.  If there is a back door, they will find it, exploit it and seize valuable personal data. And how can we trust government entities, which are regularly breached, to keep such a golden key safe from criminals?

Data is the target of the vast majority of breaches of every stripe. Encryption is the last resort of data defense, one used to protect data 99.999 percent of the time. If encryption is penetrated, the cornerstone of defense disappears and the stage is set for even more hacking mayhem.

Two fundamental issues are at play in the Apple-FBI brouhaha. One is the Fourth Amendment of the Constitution, which protects against unreasonable searches and seizures. Isn’t this the point of encryption? The second issue is whether a back door would, in fact, improve the effectiveness of the FBI and other law enforcement agencies. FBI Director James Comey has suggested that police would have been able to track down the shooter of an Illinois man last year but for encryption built into both of the victim’s two phones. What he failed to mention was that one of the phones – a Samsung Galaxy S6 – isn’t encrypted by default.

Let’s return to the specifics of the dispute. For most iPhones, most danger is poised by criminals. If thieves can break into these phones, victims can easily be exposed to identity theft and perhaps even extortion. This is one of the main reasons Apple designed stronger encryption, starting on the iOS 8 operating system. Any software that by-passes those protections could materially hurt iPhone users.

It’s true that the FBI’s proposed system for Apple has protections to ensure its passcode hack can’t be used by anyone else.  Apple signs any automatic firmware updates before a given iPhone will accept them, and the FBI’s proposed update would be coded to an individual phone. The software wouldn’t install unless the phone’s serial number matches the serial number in the code. The method proposed by the FBI is also specific to iPhone 5c, the one in Farook’s possession. While this doesn’t have the Secure Enclave chip that ties lock screen protections to hardware in newer iPhones, it’s highly likely that the FBI would request similar methods for cracking Enclave-equipped phones if it is successful  in its current feud with Apple.

The software proposed by the FBI can be useful to thieves even though it can’t be used to unlock other phones. If the code falls into the wrong hands, it can potentially be reverse-engineered into a generic version, removing the code that ties the attack to a specific phone.

This reverse-engineered version would still need Apple’s signature before it could be installed – something, of course, thieves are unlikely to have. The fundamental point, however, is that that signature system would be the only thing protecting a stolen iPhone and the information inside it. By itself, this is a huge problem. New vulnerabilities pop up in software all the time, and no single system is ever considered entirely impenetrable. An undisclosed vulnerability could be used in a way that Apple and the FBI can’t predict.

Law enforcement and intelligence communities do important work, and new technology has made their jobs tougher. But the answer is not lowering standards for protecting data. The right answer is to work on new approaches to identify the bad guys. Innovation – not compromised security is the solution.

Read more>>

Ackerman, Jr., Robert. “Why Protected Encryption Is Very Important.” 1ITEnterprise. 30 March 2016. Web. 

 

 

Read More

Financial News | Goldman-backed startup aims to finally get finance into the cloud

  |   Portfolio News, The Latest

By: Anna Irrera | Financial News | Posted: 29 March 2016

 

GoldmanSachs_USAflagIn the past few years, Goldman Sachs has been very active in making investments in young technology companies. Banks make many of these investments to learn about important areas of technology, including cloud computing.

 

In October Goldman Sachs joined a $45 million investment round in Silicon Valley-based cloud computing startup Bracket Computing. Investors also included Fidelity Management, Andreessen Horowitz, Allegis Partners, GE and Qualcomm.

 

Founded in 2011, Bracket seeks to allay security worries about cloud technology, one of the reasons why financial institutions have been slower to move to the cloud than other industries. Bracket has developed software, called the Computing Cell, that essentially wraps an additional security layer around both public and private clouds. This additional layer encrypts the data going through it and is controlled by the user.

This means that banks and other large firms can take advantage of the benefits of moving their applications to public cloud providers such as Amazon Web Services, while applying their own advanced security controls. Bracket’s technology is used by Goldman Sachs and other financial firms including the Blackstone Group.

Tom Gillis, the chief executive of Bracket, said: “You get the physical controls that Amazon and Google put in place, which are world-class because they are so big, while we put in place logical controls. That combination is very strong.”

Gillis believes Bracket’s technology will lead more businesses to use the cloud and eventually to a transformation of data centres. As more and more large companies move their applications onto public clouds operated by large technology firms, their own data centres will shrink and so will their demand for hardware, Gillis believes.

Gillis said: “This is the blueprint of how data centres will be built in the future. In the new world where the physical comes from Amazon and other large providers, implications on the wider IT industry will be profound. The landscape for anyone who sells boxes [hardware] is going to change.”

Read more>>

Irrera, Anna. “Goldman-backed startup aims to finally get finance into the cloud.” Financial News. 29 March 2016. Web. 30 March 2016.

Read More

RSA Conference | The Cybersecurity Act of 2015 is a Necessary Stake in the Ground

  |   Allegis News, The Latest
By: Robert R. Ackerman Jr. | Founder & Managing Director, Allegis Capital

 

The Cybersecurity Act of 2015 is approaching its three-month birthday, but you can be excused if you’re oblivious to that. After all, many people probably don’t know it even exists. Very quietly, the law—the first major piece of Congressional cybersecurity legislation, one designed to address the explosive growth of successful cyberattacks—was signed into law in mid-December 2015 by President Obama.security_pixels

The act didn’t attract much attention because it was embedded in a $1.1 trillion omnibus spending bill to fund the government. The dim spotlight aside, what is the verdict on this historic legislation—a compromise bill based on competing cybersecurity information sharing bills that passed the House and Senate earlier in 2015?

It has some strengths and some weaknesses. Overall, what can be said is that it has insufficient teeth but nonetheless is a good starting point in getting the government involved in the global cybersecurity war—and yes, it is a war. The good guys need all the help they can get against the bad guys. The cost of global cyber espionage has soared to about $500 billion annually, and when you add in the cost of stolen intellectual property, it tops $1 trillion annually. Unfortunately, the bad guys are winning.

Bear in mind that this act is a product of Washington, and so, of course, it is a patchwork of compromise. The victory is modest and lies mostly in the passage itself. The day that occurred—December 18—even President Obama conceded “I’m not wild about everything in it . . .”

As a venture capitalist, I would like to see this legislation become the first step toward a broader and more sophisticated cybersecurity sharing network. That’s because I want the startups I back to push the cybersecurity envelope—and to correctly anticipate the future course of attacks—as much as possible. An improved sharing network would help achieve that goal because a better job could be done protecting against many standard attacks, allowing young cybersecurity companies to focus more on chronically evolving state-of-the-art attacks.

The legislation calls on businesses, government agencies and other organizations to share information about cybersecurity threats with each other. The belief is that, overall, this will help them prepare themselves better to identify and defend against cyber attackers. The Department of Homeland Security is the ring leader and can share the information with other government agencies and companies. It isn’t clear how this information will be shared, however, and, with the notable exception of IBM, some technology companies have said they will not participate because they don’t think there is sufficient consumer identity protection. This is a reasonable concern given the government’s own challenges in protecting sensitive data. The provisions of the law are voluntary.

People can debate the latter point endlessly and reach no clear-cut conclusion. What is much more significant, in fact, is that this legislation is behind the times.

By itself, sharing information about new types of malware, suspicious network activity and other indicators of cyber attacks won’t thwart much cybercrime. Given that the vast majority of cyber attacks are focused on data, what is really needed is the implementation of encryption to secure that data. Also crucial eventually is diligence in patching of outdated software. These steps can go a long way in making systems less vulnerable and lay the foundation for innovation focused on hardening next-generation IT infrastructure against cyberattacks.

As things stand today, even the sponsors of the legislation admit that the new law would not have helped against the highly destructive, allegedly North Korean-orchestrated attack against Sony Pictures Entertainment in 2014. Why? That attack, like many today, was not based on previously known computer viruses or other malicious tools that companies and the government could warn each other about.

Similarly, this law would not have fended off the theft of millions of personnel records from the U.S. Office of Personnel Management. In that case, the government failed to install sufficient cybersecurity protection in the first place. Poor computer hygiene, in fact, is rampant.

Businesses are encouraged to share more information about cyberattacks because the law minimizes the threat of private lawsuits, such as suits over violations of electronic privacy protections. In addition, companies are generally required to strip personal information about customers out of the shared data so that the government cannot amass records on individual behavior. The government is also required to ensure that all personal information, such as customer records, has been scrubbed.

While the law in its current form is lacking, it isn’t altogether ineffective. Take, for example, lower-level cyber-attacks. The notion of companies and governments sharing data about the “signatures” of cybersecurity thieves is worthwhile. This is the digital trail that shows where the attackers came from and what their code looks like. Given that most cyber-attacks are lower-caliber attacks assembled from non-proprietary code or programs and from off-the-shelf components on the black market, how can this not be helpful?

We have to start somewhere to begin improving U.S. cyber defenses. Washington, despite its foibles, has managed to do that. I prefer to look at this ultimately as something good, not bad, and that a stake has been put in the ground in the nation’s capital to step up the U.S. counter-attack against cyber intruders.

Robert Ackerman Jr. is founder and managing director of Allegis Capital, a Palo Alto-based early stage venture capital firm specializing in cybersecurity. Some of Allegis Capital’s cybersecurity investments include Shape Security, vArmour, and Red Owl. 

Find more>>

Ackerman Jr., Robert. “The Cybersecurity Act of 2015 is a Necessary Stake in the Ground.” RSA Conference, 18 March 2016. Web. 

 

 

Read More