Microsoft launches Open Service Mesh

Microsoft today announced the launch of a new open-source service mesh based on the Envoy proxy. The Open Service Mesh is meant to be a reference implementation of the Service Mesh Interface (SMI) spec, a standard interface for service meshes on Kubernetes that has the backing of most of the players in this ecosystem.

The company plans to donate Open Service Mesh to the Cloud Native Computing Foundation (CNCF) to ensure that it is community-led and has open governance.

“SMI is really resonating with folks and so we really thought that there was room in the ecosystem for a reference implementation of SMI where the mesh technology was first and foremost implementing those SMI APIs and making it the best possible SMI experience for customers,” Microsoft partner program manager (and CNCF board member) Gabe Monroy told me.

Image Credits: Microsoft

He also added that, because SMI provides the lowest common denominator API design, Open Service Mesh gives users the ability to “bail out” to raw Envoy if they need some more advanced features. This “no cliffs” design, Monroy noted, is core to the philosophy behind Open Service Mesh.

As for its feature set, SMI handles all of the standard service mesh features you’d expect, including securing communications between services using mTLS, managing access control policies, service monitoring and more.

Image Credits: Microsoft

There are plenty of other service mesh technologies in the market today, though. So why would Microsoft launch this?

“What our customers have been telling us is that solutions that are out there today, Istio being a good example, are extremely complex,” he said. “It’s not just me saying this. We see the data in the AKS support queue of customers who are trying to use this stuff — and they’re struggling right here. This is just hard technology to use, hard technology to build at scale. And so the solutions that were out there all had something that wasn’t quite right and we really felt like something lighter weight and something with more of an SMI focus was what was going to hit the sweet spot for the customers that are dabbling in this technology today.”

Monroy also noted that Open Service Mesh can sit alongside other solutions like Linkerd, for example.

A lot of pundits expected Google to also donate its Istio service mesh to the CNCF. That move didn’t materialize. “It’s funny. A lot of people are very focused on the governance aspect of this,” he said. “I think when people over-focus on that, you lose sight of how are customers doing with this technology. And the truth is that customers are not having a great time with Istio in the wild today. I think even folks who are deep in that community will acknowledge that and that’s really the reason why we’re not interested in contributing to that ecosystem at the moment.”

PandaDoc announces second Series B extension worth $30M

PandaDoc, the startup that provides a fully digital sales document workflow from proposal to electronic signature to collecting payment, announced a $30 million Series B extension today, making it the the second such extension the company has taken since taking its original $15 million Series B in 2017. The total for the three B investments is $50 million.

Company co-founder and CEO Mikita Mikado says that he took this approach, taking the original money in 2017, then $5 million last year along with the money announced today because it made more sense financially for the company than taking a huge chunk of money all at once.

“Basically when we do little chunks of cash frequently, [we found that] you dilute yourself less,” Mikado told TechCrunch. He said that they’ve grown comfortable with this approach because the business became more predictable once it passed 10,000 customers. In fact today it has 20,000.

“With a high velocity in-bound sales model, you can predict what’s going to happen next month or [say] six months out. So you kind of have this luxury of raising as much money as you need when you need it, minimizing dilution just like public companies do,” he said.

While he wouldn’t discuss specifics in terms of valuations he did say that the B1 had 2x the valuation of the original B round and the B2 had double the valuation of the B1.

For this round, One Peak led the investment with participation from Microsoft’s Venture Fund (M12), Savano Capital Partners, Rembrandt Venture Partners and EBRD Venture Capital Investment Programme.

Part of the company’s growth strategy is using their eSignature tool to move people to the platform. They made that tool free in March just as the pandemic was hitting hard in the U.S., and it has proven to be what Mikado called “a lead magnet” to get more people familiar with the company.

Once they do that he says, they start to look at the broader set of tools and they can become paying customers. “This launch helped us validate that businesses need a broader workflow solution. Businesses used to think of the eSignature as the holy grail in getting a deal done. Now they are realizing that eSignature is just a moment in time. The full value is what happens before, during and after the eSignature in order to get deals done,” Mikado said.

The company currently has 334 employees with plans to hit 380 by year’s end and is aiming for 470 by next year. With the office in San Francisco, Belarus and Manila, it has geographic diversity built in, but Mikado says it’s something they are still working at and includes anti-bias programs and training and leadership programs to give more people a chance to be hired or promoted into management.

When it came to shutting down offices and working from home, Mikado admits it was a challenge, especially since some of the geographies they operate in might not have access to a good internet connection at home or face other challenges, but overall he says it has worked out in terms of maintaining productivity across the company. And he points out being geographically diverse, they have had to deal with online communications for some time.

Kubermatic launches open source service hub to enable complex service management

As Kubernetes and cloud native technologies proliferate, developers and IT have found a growing set of technical challenges they need to address, and new concepts and projects have popped up to deal with them. For instance, operators provide a way to package, deploy and manage your cloud native application in an automated way. Kubermatic wants to take that concept a step further, and today the German startup announced KubeCarrier, a new open source, cloud native service management hub.

Kubermatic co-founder Sebastian Scheele says three or four years ago, the cloud native community needed to solve a bunch of technical problems around deploying Kubernetes clusters such as overlay networking, service meshes and authentication. He sees a similar set of problems arising today where developers need more tools to manage the growing complexity of running Kubernetes clusters at scale.

Kubermatic has developed KubeCarrier to help solve one aspect of this. “What we’re currently focusing on is how to provision and manage workloads across multiple clusters, and how IT organizations can have a service hub where they can provide those services to their organizations in a centralized way,” Scheele explained.

Scheele says that KubeCarrier provides a way to manage and implement all of this, giving organizations much greater flexibility beyond purely managing Kubernetes. While he sees organizations with lots of Kubernetes operators, he says that as he sees it, it doesn’t stop there. “We have lots of Kubernetes operators now, but how do we manage them, especially when there are multiple operators, [along with] the services they are provisioning,” he asked.

This could involve provisioning something like Database as a Service inside the organization or for external customers, while combining or provisioning multiple services, which are working on multiple levels and a need a way to communicate with each other.

“That is where Kubecarrier comes in. Now, we can help our customers to build this kind of automation around provisioning, and service capability so that different teams can provide different services inside the organization or to external customers,” he said.

As the company explains it, “KubeCarrier addresses these complexities by harnessing the Kubernetes API and Operators into a central framework allowing enterprises and service providers to deliver cloud native service management from one multi-cloud, multi-cluster hub.”

KubeCarrier is available  on GitHub, and Scheele says the company is hoping to get feedback from the community about how to improve it. In parallel, the company is looking for ways to incorporate this technology into its commercial offerings and that should be available in the next 3-6 months, he said.

Harness makes first acquisition, snagging open source CI company Drone.io

Harness has made a name for itself creating tools like continuous delivery (CD) for software engineers to give them the kind of power that has been traditionally reserved for companies with large engineering teams like Google, Facebook and Netflix. Today, the company announced it has acquired Drone.io, an open source continuous integration (CI) company, marking the company’s first steps into open source, as well as its first acquisition.

The companies did not share the purchase price.

“Drone is a continuous integration software. It helps developers to continuously build, test and deploy their code. The project was started in 2012, and it was the first cloud native, container native continuous integration solution on the market, and we open sourced it,” company co- founder Brad Rydzewski told TechCrunch.

Drone delivers pipeline configuration information as code in a Docker container. Image: Drone.io

While Harness had previously lacked a CI tool to go with its continuous delivery tooling, founder and CEO Jyoti Bansal said this was less about filling in a hole than expanding the current platform.

“I would call it an expansion of our vision and where we were going. As you and I have talked in the past, the mission of Harness is to be a next generation software delivery platform for everyone,” he said. He added that buying Drone had a lot of upside.”It’s all of those things — the size of the open source community, the simplicity of the product — and it [made sense], for Harness and Drone to come together and bring this integrated CI/CD to the market.”

While this is Harness’ first foray into open source, Bansal says it’s just the starting point and they want to embrace open source as a company moving forward. “We are committed togetting more and more involved in open source and actually making even more parts of Harness, our original products, open source over time as well,” he said.

For Drone community members who might be concerned about the acquisition, Bansal said he was “100% committed” to continuing to support the open source Drone product. In fact, Rydzewski said he wanted to team with Harness because he felt he could do so much more with them than he could have done continuing as a stand-alone company.

“Drone was a growing community, a growing project and a growing business. It really came down to I think the timing being right and wanting to partner with a company like Harness to build the future. Drone laid a lot of the groundwork, but it’s a matter of taking it to the next level,” he said.

Bansal says that Harness intends to also offer a commercial version of Drone with some enterprise features on the Harness platform, even while continuing to support the open source side of it.

Drone was founded in 2012. The only money it raised was $28,000 when it participated in the Alchemist Accelerator in 2013, according to Crunchbase data. The deal has closed and Rydzewski has joined the Harness team,

Amazon inks cloud deal with Airtel in India

Amazon has found a new partner to expand the reach of its cloud services business AWS in India, the world’s second largest internet market.

On Wednesday, the e-commerce giant announced it has partnered with Bharti Airtel, the third-largest telecom operator in India with more than 300 million subscribers, to sell a wide-range of AWS offerings under Airtel Cloud brand to small, medium, and large-sized businesses in the country.

The deal could help AWS, which leads the cloud market in India, further expand its dominance in the country. The move follows a similar deal Reliance Jio, India’s largest telecom operator, struck with Microsoft last year to sell cloud services to small businesses. The two announced a 10-year partnership to “serve millions of customers.”

Airtel, which serves over 2,500 large enterprises and more than a million emerging businesses, itself signed a similar cloud deal with Google in January this year. That partnership is still in place.

“AWS brings over 175 services. We pretty much support any workload on the cloud. We have the largest and the most vibrant community of customers,” said Puneet Chandok, President of AWS in India and South Asia, said on a call with reporters.

The two companies, which had a similar partnership in 2015, will also collaborate on building new services and help existing customers migrate to Airtel Cloud, they said.

Today’s deal illustrates Airtel’s push to build businesses beyond its telecom venture, said Harmeen Mehta, Global CIO and Head of Cloud and Security Business at Airtel, said on the call. Last month, Airtel partnered with Verizon — which is TechCrunch’s parent company — to sell BlueJeans video conferencing service to business customers in India.

Deals with carriers were very common a decade ago in India as tech giants looked to acquire new users in the country. Replicating a similar strategy now illustrates the phase of the cloud adoption in the nation.

Nearly half a billion people in India came online last decade. And slowly, small businesses and merchants are also beginning to use digital tools, storage services, and accept online payments.

India has emerged as one of the emerging leading grounds for cloud services. The public cloud services market of the country is estimated to reach $7.1 billion by 2024, according to research firm IDC.

Software stocks set new records despite earnings, pandemic

You might have missed it, but amidst the current political-M&A-pandemic-election-disinformation news cycle we find ourselves in this week, SaaS and cloud companies reached new public market records.

Yesterday, the Bessemer-Nasdaq cloud index closed at 2,035.54, a new record finish for the basket of software companies. And, today, the index broached the 2,040 mark before ceding some ground.


The Exchange explores startups, markets and money. You can read it every morning on Extra Crunch, or get The Exchange newsletter every Saturday.


What matters for our purposes is that with a good chunk of the Q2 earnings cycle behind us, software companies are not only holding onto their gains from earlier in the year, they are managing to add to them, albeit modestly. Of course, valuation expansion during earnings season could still lead to gently falling multiples; as companies grow, if their shares gain value at a slower pace, their price/sales ratio can lose ground.

Regardless, for our purposes it’s notable that recent public market gains are not dissipating. Tech valuation boosts have helped major American indices regain ground lost early in the year, and Q2 earnings were a possible threat to prior progress. So far earnings-related dents are thin on the ground.

So, what’s going on? Why are SaaS and cloud stocks doing so well? Leaning on notes from two VCs — Jamin Ball from Redpoint and Mary D’Onofrio from Bessemer — we can unspool recent valuation highs.

Vectrix is developing cloud security marketplace built for and by security pros

In a typical security team, engineers write one-off scripts to track a particular problem on a cloud vendor such as an unauthorized user on your GitHub account, and while engineers are capable of writing such scripts, it’s not exactly an efficient or scalable way to deal with the range of security problems these pros need to track.

Vectrix, a member of the Y Combinator Summer 2020 cohort started by three security veterans, wants to fix that problem. It has created a security marketplace where fellow security pros write modules to automate these kinds of fixes, and other security pros can take advantage without reinventing the script writing wheel every time.

Alex Dunbrack, company co-founder and COO, says that he and fellow co-founders, CTO Matthew Lewis and CEO Corey Mahan saw this problem first-hand in their previous jobs at PlanGrid, Vimeo and Uber. So like so many YC company founders, they decided to build a solution.

“It’s a marketplace of automated security tools that monitor tech and have response capabilities for any security issues that a company may have within their cloud vendors,” Dunbrack explained. He says this could be on GitHub, AWS, G Suite, potentially any cloud service.

The idea is to have security professionals build these modules, then give them a “royalty” and bragging rights for coming up with a viable solution. Dunbrack says it’s not unlike the HackerOne model, which provides a financial incentive and community recognition to find vulnerabilities in code.

Users don’t actually download anything. They simply select a module, enter their cloud service credentials and provide an output like Slack or Jira for any alerts the module generates.

Image Credits: Vectrix

The startup vets the modules and the developers before allowing them in the marketplace. While this is a manual process at the moment, he says they are working on bringing more automation to it. For now, each person that wants to contribute modules, they do an interview, a reference check, employment background check and similar types of investigation.

Once they pass this, and the security pro writes the module, it has to pass further scrutiny. “We basically scope exactly what they’re going to build and the kinds of alerts that will come out of it. And then from there, we have an extremely templated logic scheme on the code side where they’re just writing the logic to go do the scan,” he said.

Module writers can’t see any user information on the service, and Vectrix makes sure there are no issues like outbound requests for data. Presently they have 10 modules with plans to add several more soon. While they are working on the pricing model, today customers pay a flat fee for access to the entire marketplace, rather than paying per module.

The company is currently just the three co-founders, but they hope to expand, and when they do they have already given a lot of thought about how to build a diverse and inclusive company. He says, for starters, they are not swayed by the Silicon Valley network effect.

“A lot of people will say ‘we simply want the best people,’ but our interpretation of the best people is really a collective of differing thoughts and experiences that really make someone’s perspective unique. That comes from diversity in the way that we see it, so in a lot of senses bringing the best people on is bringing the widest range of thinking processes, and that comes with diversity and being inclusive, and kind of taking all of those factors into account,” he said.

As for the YC experience, Dunbrack says he was mostly looking forward to learning from the network of companies that came before him, and he says that even virtually the company has succeeded in giving him that experience.

So far, the company has bootstrapped and used the money from Y Combinator, but it intends to do a fundraising round soon. “We’re cognizant of what we’re bringing to the industry and the value there. So bringing on strategic partners is really how we’re going to be approaching this,” he said.

GreyNoise announces $4.8M seed investment to filter harmless security alerts

Security professionals are constantly dealing with an onslaught of information as their various tools trigger alerts, some of which require their attention and some which don’t. Unfortunately, it requires addressing the alert to find that out. GreyNoise wants to help by filtering out benign security alerts, leaving security pros to deal with the ones that matter.

Today, the company announced a $4.8 million seed investment led by CRV with participation from Paladin Capital Group and several individual tech executive investors.

“Usually about 20% of the alerts that you’re looking at [don’t require your attention]. And those alerts are generated by both good guys and bad guys who are opportunistically scanning and crawling and probing and attacking every single device all around the internet,” GreyNoise founder Andrew Morris told TechCrunch.

He adds, “It creates this background noise problem, so we basically collect all of that data from all of those people who are scanning and crawling everybody on the entire internet, analyze it and we filter it out from what our customers see. So what they end up with is about 20%, fewer alerts.”

Surprisingly, the company is not using machine learning to do this (although adding machine learning elements is on the roadmap). Instead, Morris says it involves a lot of automated analysis of sensor data.

“We have a giant network of collector sensors that are sitting in all these different data centers all around the internet and hundreds of data centers around the internet. And we’re just applying a bunch of rules to the traffic that they all see to end up with the output of our core product,” he said.

As the company moves forward with this new funding, he says primarily he wants to get away from this approach and get more data from customers in exchange for discounts on their subscription costs.

“Moving forward, it’s cost prohibitive for us to collect all of the data that we want firsthand. So we’re going to have to start basically building products that are enabling our users to collect data for us. And that’s something that we’re going to be building out using this funding,” Morris said.

In addition, they will be partnering with other key vendors like ISPs and data center owners to help them collect additional data.

Interestingly, this was an entirely COVID transaction with CRV’s Reid Christian never meeting Morris in person, conducting the entire process over Zoom. “A sign of the times, Andrew and I have never met in person and likely won’t for quite some time. We were connected in the midst of quarantine, both of us holed up in our apartments (DC and SF, respectively) where we sat on countless Zoom calls, mostly getting to know each other and discussing the opportunity ahead of GreyNoise,” Christian wrote in a blog post announcing the deal.

The startup has 7 employees to this point. Morris said that he has plans to hire 10 people in the next year with an emphasis on sales, marketing and engineering. As he hires more people, he says it’s imperative to be thinking about diversity and inclusion in his hiring in the early stages of the company.

“The best way to do this is to hire as diverse as humanly possible from the very beginning, because it’s significantly harder to make a company more diverse after the fact than it is to think about inclusion and diversity from the very beginning. And so that’s how we’ve been thinking about everything right now with every hire that we’re doing,” he said. How that will work as he builds out the company is still something he is considering and he plans work with D&I experts to help flesh out a plan.

Morris founded the company in the Washington, D.C. area in 2017, came to market in 2018 with the first version of the product and today has 40 customers.

Even as cloud infrastructure growth slows, revenue rises over $30B for quarter

The cloud market is coming into its own during the pandemic as the novel coronavirus forced many companies to accelerate plans to move to the cloud, even while the market was beginning to mature on its own.

This week, the big three cloud infrastructure vendors — Amazon, Microsoft and Google — all reported their earnings, and while the numbers showed that growth was beginning to slow down, revenue continued to increase at an impressive rate, surpassing $30 billion for a quarter for the first time, according to Synergy Research Group numbers.

Cisco acquires Modcam to make Meraki smart camera portfolio even smarter

As the Internet of Things, proliferates, security cameras are getting smarter. Today, these devices have machine learning capability that help the camera automatically identify what it’s looking at — for instance an animal or a human intruder? Today, Cisco announced that it’s acquired Swedish startup Modcam and making it part of its Meraki smart camera portfolio with the goal of incorporating Modcam computer vision technology into its portfolio.

The companies did not reveal the purchase price, but Cisco tells us that the acquisition has closed.

In a blog post announcing the deal, Cisco Meraki’s Chris Stori says Modcam is going to up Meraki’s machine learning game, while giving it some key engineering talent, as well.

“In acquiring Modcam, Cisco is investing in a team of highly talented engineers who bring a wealth of expertise in machine learning, computer vision and cloud-managed cameras. Modcam has developed a solution that enables cameras to become even smarter,” he wrote.

What he means is that today, while Meraki has smart cameras that include motion detection and machine learning capabilities, this is limited to single camera operation. What Modcam brings is the added ability to gather information and apply machine learning across multiple cameras, greatly enhancing the camera’s capabilities.

“With Modcam’s technology, this micro-level information can be stitched together, enabling multiple cameras to provide a macro-level view of the real world,” Stori wrote. In practice, as an example, that could provide a more complete view of space availability for facilities management teams, an especially important scenario as businesses try to find safer ways to open during the pandemic. The other scenario Modcam was selling was giving a more complete picture of what was happening on the factory floor.

All of Modcams employees, which Cisco described only as “a small team” have joined Cisco, and the Modcam technology will be folded into the Meraki product line, and will no longer be offered as a stand-alone product, a Cisco spokesperson told TechCrunch.

Modcam was founded in 2013 and has raised $7.6 million, according to Crunchbase data. Cisco acquired Meraki back in 2012 for $1.2 billion.