Ox Security lands $34M in seed funding to strengthen software supply chains

The rise in software supply chain attacks, like the SolarWinds hack, prompted last year’s executive order from the Biden Administration requiring vendors to provide a software bill of materials (SBOM). SBOMs can help security teams understand if a newly disclosed vulnerability impacts them — in theory. But industry experts caution that they aren’t always comprehensive enough to prevent attacks or address the challenges of securing supply chains.

One startup, Ox Security, is forging ahead with an alternative to SBOMs it’s calling Pipeline Bill of Materials (PBOM), which Ox claims goes further by covering not only the code in final software products but also the procedures and processes that impacted the software throughout its development. PBOM seems to be gaining traction. Despite being founded less than a year ago, Ox has raised $34 million in seed funding — a fact that it disclosed today — and has 30 customers including FICO, Kaltura and Marqeta.

Investors to date include Evolution Equity Partners, Team8, Rain Capital and M12, Microsoft’s venture fund.

“When the infamous SolarWinds attack took place, I recall the amount of stress that was felt across the industry,” CEO Neatsun Ziv, a former Check Point executive, told TechCrunch in an email interview. “When brainstorming on ideas with my co-founder Lior Arzi, we talked about the need for an end-to-end supply chain solution — something that doesn’t only look at the code that goes into the end product but also at all of the procedures and processes that could have impacted the software throughout the whole development lifecycle. At the end of 2021, we founded Ox Security to build this solution.”

In developing PBOM, Ziv claims that Ox undertook “extensive” research on the root causes of more than 70 attacks from the past year. PBOM was designed to contain information that might’ve prevented the attacks had it been readily available at the time, he says, and to be shared with stakeholders so that they can verify that the software they’re using is derived from a trusted, secure build.

Ox Security

Image Credits: Ox Security

Ox’s platform, leveraging PBOM, integrates with existing software development tools and infrastructure to record actions affecting software throughout the development lifecycle. It connects to an organization’s code repository and performs a scan of the environment from “code to cloud,” producing a map of detectable assets, apps and pipelines.

Ox also attempts to identify which security tools are in use, verify that they’re operational, and determine if additional tools are needed. Then, the platform highlights any security issues it found, prioritized by their business impact alongside automated fixes and recommendations.

“Most IT departments are understaffed, lack visibility and are struggling to prioritize security projects across engineering and DevOps. This results in ‘shadow dev’ and DevOps — where software development tools and processes are outside of the control and ownership of the security teams,” Ziv continued. “There is also a severe lack of automation that results in manual work and causes a high attrition rate for people in these roles. The Ox platform solves these issues by providing continuous visibility, prioritizing risks, automating manual workflows and securing the posture of [software development] elements like GitLab, Jenkins, artifact registry and production.”

PBOM is — at least at present — a voluntary spec. And Ox competes with vendors like Legit Security, Cycode, and Apiiro, the last of which Palo Alto Networks is reportedly close to acquiring for $550 million. But Ziv asserts that OX is gaining mindshare, pointing to the startup’s client base of just over 30 brands.

“We are fully focused on building the company and scaling the number of customers we serve. So far we only see an increase in demand due to the increasing number of attacks,” Ziv said. “If you look at previous downturns, there were very successful companies that got started in each one of them. So we try to obsess about solving the security risk, rather than what could happen with the market. We are going on this journey with strong partners who want to see this vision come to life.”

Added M12 managing partner Mony Hassid in an emailed statement: “Supply chain attacks are on the rise, and the attack surface is growing. When it comes to software security and integrity, you have to look beyond which components were used and consider the overall security posture throughout the development process. Ox is pioneering a standard that will be transformative for supply chain security. We’re proud to work with OX to improve software security.”

With the proceeds from the seed round, Ox plans to double its 30-employee headcount by the end of 2023.

Ox Security lands $34M in seed funding to strengthen software supply chains by Kyle Wiggers originally published on TechCrunch

Airplane lands $32M in new cash to make it easier for companies to build internal dev tools

Software-as-a-service dev platform Airplane today closed a $32 million Series B funding round led by Thrive Capital with participation from Benchmark, bringing the startup’s total raised to $40.5 million. Ravi Parikh says that the new funds will be put toward growing Airplane’s 19-person team while expanding its product to new markets.

Airplane was founded in 2020 by Parikh and Josh Ma, who was formerly the CTO at Benchling, a cloud-based platform for biotechnology R&D. Parikh previously co-founded analytics startup Heap, which offers tools to analyze customer journeys online. Parikh and Ma left their respective companies in 2020 after realizing that one of the biggest challenges in software development is a lack of internal tooling.

It wasn’t just a hunch on their parts. According to one recent vendor survey, developers spent more than 30% of their time building internal apps in 2021. The pandemic worsened matters, with 87% of respondents saying that they increased or maintained their time spent on internal apps in response to the health crises.

“[We’ve spoken] to tons of engineers who spend 25% to 50% of their time responding to customer requests, building and maintaining internal admin panels, maintaining cron jobs, on-call runbooks and more instead of pushing the product forward … At Heap, we had tons of one-off customer requests, like deleting data, merging accounts, GDPR operations and billing operations,” Parikh said. “We created Airplane to make it easy to take these one-off engineering operations and turn them into tools anyone at a company can use.”

Airplane

Building an app using Airplane. Image Credits: Airplane

Parikh acknowledges there are platforms already addressing these internal tooling challenges, like Retool and Superblocks — both of which recently secured tens of millions in venture capital backing. But he argues that Airplane is more developer-centric and “code-first,” eschewing a low-code, drag-and-drop approach to creating apps for more specialized tools and workflows.

With Airplane, developers can select from a library of tables, forms, charts and more to built apps, which can be integrated with APIs and custom components or libraries. The platform supports databases and messaging platforms out of the box and can be deployed on-premises or in the cloud, giving devs the raw tools to launch apps like billing dashboards and content moderation queues.

Airplane today launched Airplane Views, a framework for creating internal tooling visual interfaces. Airplane was previously focused on code-heavy internal apps for tasks like deleting user data, refunding a charge and banning a user. But Airplane Views allows developers to create app components that act like dashboards, for example to display certain key metrics.

“One of the most common use cases is software-as-a-service (SaaS) companies using Airplane Views to build internal admin panels for their customer success and support teams. SaaS companies use Airplane to create [interfaces] where they can look up customer data, view account metrics and make account changes like suspending users or upgrading a customer’s account,” Parikh said. “Another important use case is fraud detection … [W]ith Views, companies can build more sophisticated fraud monitoring [interfaces] where the right user data is displayed contextually next to these operations, making the lives of ops and risk teams significantly easier when using Airplane.”

Eric Vishria, a general partner at Benchmark who recently joined Airplane’s board of directors, highlighted what he sees as the other benefits of the platform, such as controls that allow engineers to grant access to data deletion requests to anyone in a business. In theory, these minimize the need for engineers to get involved with every such request — removing a common bottleneck.

Airplane

Image Credits: Airplane

“Today, virtually every company runs a software service,” Vishria said via email. “Disney used to make content, now it also has to run Disney+. Banks used to store money, now they compete on their apps. Every one of these cloud services has an unmanaged mountain of scripts, cron jobs, SQL statements and internal dashboards that keep it running. Airplane is the first company taking a developer-first approach to bringing order to this 50% of ‘code’ that lives in the wilderness today.”

Parikh cautions that it’s early days; he declined to share revenue metrics. But he revealed that Airplane has almost 100 paying customers currently, including startups Vercel, Panther Labs and Flatfile.

“We’re not yet profitable, but this funding round plus our current revenue gives us several years of runway even with aggressive growth plans … We’re fortunate to have a product that can save a lot of engineering time as well as significantly improve customer experience. During a period when companies are tightening their belts and looking for ways to improve efficiency, Airplane is easy to justify,” Parikh said with confidence. “[But] our product today only solves a small portion of this huge problem and there’s a lot more we need to build to create a broad platform for internal tool development.”

Airplane lands $32M in new cash to make it easier for companies to build internal dev tools by Kyle Wiggers originally published on TechCrunch

Detectify secures $10M more to expand its ethical hacking platform

Detectify, a security platform that employs ethical hackers to conduct attacks designed to highlight vulnerabilities in corporate systems, today announced that it raised $10 million in follow-on funding led by Insight Partners. CEO Richard Carlsson says that the new cash, which brings Detectify’s total raised to $42 million, will be put toward product development and improving the overall user experience.

Detectify was founded by four ethical hackers from Stockholm, including Carlsson, who realized the business potential in combining security research with automation. In an interview with TechCrunch, Carlsson pointed out that product development workflows have changed dramatically over the past few years, with new teams within organizations spinning up internet-facing apps and adding potentially vulnerable assets to their employer’s environment. The trend toward low- and no-code tools has lowered the app development barrier to entry, but it’s also made the jobs of security specialists that much harder.

Illustrating the challenges, a recent Dark Reading survey found that 26% of IT and security experts don’t trust the platforms used to create low- and no-code apps. Roughly as many — 25% — said that they don’t even know which apps within their companies are being created by these tools.

“While companies should integrate security best practices earlier in their development cycle and try to catch vulnerabilities in development, production is what truly matters,” Carlsson added via email. “Unless you have a completely linear development process, which no company actually has, you will never catch everything. And this legacy mindset and over-reliance on ‘shifting left’ instills a sense of false confidence in organizations that actually increases their risk level.”

Detectify

Image Credits: Detectify

Detectify’s approach crowdsources real payloads — pieces of code that execute when hacker exploits a vulnerability — from a private community of ethical hackers and uses these contributions for payload-based tests. Carlsson claims that Detectify tests customers’ entire attack surfaces, exposing how malicious attackers might exploit internet-facing apps in production. 

In the near future, Detectify plans to roll out new functionality that’ll give security teams the ability to create custom alert policies. Teams will be notified if attacks on vectors like hosts, domains or DNS records are detected, Carlsson says. 

“With Detectify, organizations can maintain an external point-of-view of exactly how attackers would exploit their attack surface, manage exposure, and prioritize their remediation efforts,” Carlsson said.

Detectify currently has 2,000 customers, including “large government digital services” in Europe, and a user base exceeding 10,000. Carlsson asserts that demand remains robust in the face of competition like Cycognito, Crowdstrike’s Reposify, IBM’s Randori, Google’s Mandiant and Microsoft’s RiskIQ, driven by digital transformation efforts around the pandemic. 

To put it simply, the external attack surface has never been more complicated and harder to defend. This insulates Detectify against market headwinds,” he added. “While no company is immune to market trends, in cybersecurity, the pressure to reduce spend is pitted against cybersecurity teams’ need for best-of-breed solutions to protect the business against nation-state-level attacks.”

Detectify secures $10M more to expand its ethical hacking platform by Kyle Wiggers originally published on TechCrunch

Klaus secures fresh capital to automatically categorize and score customer interactions

Martin Kõiva was at Pipedrive, leading the company’s customer support organization, when he says he came to the realization that the best way to prevent bad customer interactions is to analyze previous ones, give agents regular check-ins and not rely too strictly on customer feedback. But Kõiva was hampered in his efforts to implement these practices at scale because the tools to do so didn’t exist, he says.

Seeking to build them himself, Kõiva teamed up with Kair Käsper (also ex-Pipedrive) and Egon Sale to co-found Klaus, a customer support product that integrates with clients’ customer relationship management platforms (e.g., Zendesk, Salesforce Service Cloud) to automatically review customer support conversations from channels like web chats. Klaus today closed a €12 million (~$11.49 million) Series A equity round led by Acton Capital, which Kõiva says will be used to support the development and further expansion of Klaus’s software.

For large companies that have millions of support tickets, it is crucial that managers are able to find the conversations that have a meaningful impact on performance. It’s a needle in a haystack,” Kõiva told TechCrunch in an email interview. “Klaus is able to automatically analyze the entire customer support volume and pinpoint which conversations require attention.”

Drawing on customer support tickets, input from managers reviewing agent conversations and customer satisfaction feedback, Klaus trains AI algorithms to perform tasks like automatically categorizing comments from customers and sorting conversations by attributes like complexity. Klaus can perform sentiment analysis in a number of languages out of the box, Kõiva claims, a capability the platform uses to score the “quality” of customer-agent conversations. 

Klaus

Image Credits: Klaus

“Klaus [can] piece together what ‘good’ and ‘bad’ looks like for each individual customer and, with the help of data science, deliver actionable insights that improve customer service for companies that have millions of support tickets every month,” Kõiva said. “Klaus technology is currently analyzing two million customer conversations every day.”

Automated scoring systems, particularly those that rely on potentially biased sentiment analysis techniques, raise questions about whether customer agents might be evaluated inaccurately or unfairly. When asked about factors like bias, Kõiva said that Klaus takes mitigating steps like removing color-, region-, and gender-specific emojis in the customer feedback data that its algorithms analyze. 

Klaus competes with companies such as MaestroQA, Playvox and Stella Connect. Beyond those, there’s ScopeAI, acquired by Observe.AI in 2021 for its technology that helps companies analyze customer feedback, and Zendesk-owned Cleverly, which automatically tags incoming customer service requests to help categorize the workflow.

Kõiva believes Klaus is well-positioned, however, with a customer base totaling “hundreds” of companies, including Epic Games, SoundCloud and WordPress.com. To continue to stand out, Klaus recently added customer satisfaction survey functionality with automatic tagging, allowing admins to spot trends that they might otherwise miss.  

Klaus has … seen an uptick in interest from companies that are looking to optimize their customer service operations,” Kõiva continued. “Large enterprises also tend to use more outsourced customer service to keep costs flexible during uncertain [economic] times, and Klaus provides a degree of confidence that the quality of the outsourced service is under control.”

Klaus currently employs around 60 people, a number Kõiva expects will grow to over 100 within the next six months. To date, the startup has raised more than $19 million in venture capital.

Klaus secures fresh capital to automatically categorize and score customer interactions by Kyle Wiggers originally published on TechCrunch

Invisible AI raises $15M to stick worker-monitoring cameras in factories

The rise of so-called “smart factory” technologies is leading to a race to modernize manufacturing plant and warehouse floors. Old equipment is being replaced by newer, more advanced machinery as manufacturers look to keep pace with the competition — and wrestle with high turnover rates. According to a survey by Plex Systems, 50% of manufacturers accelerated their adoption of automation and digital systems during the pandemic. A separate report from The Harris Poll, commissioned by Google, found that two-thirds of manufacturers were using AI in their day-to-day operations as of June 2021.

Take those numbers with a grain of salt — they’re not from impartial sources, after all. (Plex sells manufacturing equipment, while Google sells cloud services to industrial customers.) Still, the success of startups like Invisible AI, which uses AI systems to ostensibly optimize factory processes, suggests there’s some semblance of demand out there.

Invisible AI today announced that it raised $15 million for its product that uses cameras and algorithms to track workers’ body movements as they work through assembly processes. CEO Eric Danziger claims that the platform, which gives feedback to operators as they work, is already being used in eight facilities including some owned by Toyota’s North America division, with an additional eight deployments planned over the next six months.

“Some of the biggest problems that can be solved today with state-of-the-art AI are within manufacturing, where safety, quality and productivity are paramount,” Danziger told TechCrunch in an email interview. “Everything done in manufacturing, from safety audits to continuous improvement cycles, is still based on manual data collection using stop watches and clipboards. We are building intelligent solutions that can help customers optimize their assembly operations.”

Invisible AI

Image Credits: Invisible AI

Danziger co-founded Invisible AI in late 2018 with Prateek Sachdeva, who he met while working at lidar sensor startup Luminar. The two envisioned using thousands of AI-enabled cameras in manufacturing facilities to monitor workers and make sense of large environments and objects, including moving conveyors and the autonomous vehicles that carry pallets from place to place.

Invisible AI’s technology can track workers’ movements out of the box without an internet connection. Leveraging edge computers and stereo cameras, the combination hardware-software platform has a notion of depth, enabling it to detect potential safety incidents (e.g., high-stress injuries) and quality issues across different assembly lines.

Danziger claims that Invisible AI can track any custom body motion or physical activity, or perform searches across a factory for things like product IDs. One recent new app deployed to the platform allows customers to track the movements of forklifts on the facility floor.

“We want to build solutions that use cutting-edge AI tech but are deployable in minutes without any coding or data collection — it needs to just work for scale and adoption,” he added. “It all starts with visibility.”

Workers might rightly wonder about the privacy implications. In the worst case, the tech could be coopted for decidedly invasive purposes, for example enabling managers to chastise employees in the name of productivity. Some companies already use algorithms to do this, albeit not cameras necessarily. Amazon’s notorious “Time Off Task” system dings warehouse employees for spending too much time away from the work they’re assigned to perform, like scanning barcodes or sorting products into bins.

Unsurprisingly, Danziger was adamant that Invisible AI doesn’t condone these use cases. He noted the platform can’t currently perform facial recognition and has optional — emphasis on optional — real-time face blurring capabilities for “customers who are incredibly sensitive on this topic.”

Invisible AI

Image Credits: Invisible AI

“The best part about our system is that it is entirely edge-based and all video processing and storage is inside each camera, and only leaves the camera when an end-user is watching video using the web interface,” Danziger said. “One hundred percent of customer data is within their firewalls, which massively reduces all security risks to this sensitive video data.”

Danziger gave no indication that customers can’t use Invisible AI for surveillance, however — and U.S. laws wouldn’t prevent this either. Each state has its own legislation pertaining to surveillance, but most give wide discretion to employers so long as the equipment they use to track employees is plainly visible (with the exception of California’s AB-701). There’s also no federal legislation that explicitly prohibits companies from monitoring their staff during the workday.

However we might feel about that fact, Invisible AI’s business is expanding — rivaling the growth of competitors like Everguard, Intenseye and Protext AI. Danziger says that Invisible AI has 10 customers across markets like automotive, aerospace and agriculture, with dozens of users per deployment, and is applying for both military and government contracts.

“Business initially slowed down during the pandemic, but the burden of increased product demand and the many labor shortage issues has yielded in increased demand for our product,” Danziger said. “We have incredible customer demand and we are trying to meet that with this funding round now.”

Van Tuyl Companies led Invisible AI’s Series A with participation from FM Capital, 8VC, Sierra Ventures, K9 Ventures and Vest Coast Capital. It brings the 20-employee startup’s total raised to $21 million; Invisible AI plans to hire 10 staffers by the end of the year.

Invisible AI raises $15M to stick worker-monitoring cameras in factories by Kyle Wiggers originally published on TechCrunch

Coalesce lands fresh capital to transform data at ‘enterprise scale’

Coalesce is a startup that offers data transformation tools geared mainly toward enterprise customers. Today the company closed a $26 million Series A funding round led by Emergence Capital with participation from 11.2 Capital and GreatPoint Ventures, bringing the company’s total raised to $31.92 million. Co-founder and CEO Armon Petrossian tells TechCrunch that the cash will be put toward building out Coalesce’s product and ecosystem.

Petrossian met Coalesce’s other co-founder, Satish Jayanthi, at WhereScape, where the two were responsible for solving data warehouse problems for large organizations. (In computing, a “data warehouse” refers to systems used for reporting and data analysis — analysis usually germane to business intelligence.) Their clients often encountered challenges in transforming data, Petrossian says, as well as documenting these transformations in a way that made intuitive sense.

To Petrossian’s point, a survey commissioned by data integration platform Matillion found that as much as 57% of the time involved in analytics projects is spent tackling data transformation hurdles. Moreover, 75% percent of data teams feel that outdated migration and maintenance processes are costing them productivity and capital.

“Companies have been struggling with data transformation and optimization since the early days of data warehousing, and with the enormous growth of the cloud, that challenge has only increased,” he told TechCrunch via email. “We are on a mission to radically improve the analytics landscape by making enterprise-scale data transformations as efficient and flexible as possible.”

Coalesce offers tools designed to simplify modeling, cleansing and governance of data primarily in the Snowflake cloud, powered by what Petrossian describes as a “column-aware” architecture that leverages metadata to manage data transformations with an understanding of how the data is related or connected. Users can take advantage of data transformation automation templates that can be edited, packaged and shared, either with code or a visual design tool.

Coalesce

Image Credits: Coalesce

Often, companies approach Coalesce with specific problems, Petrossian said, like needing to transform data from different databases, apps and systems to follow a certain spec or standard. Other customers seek to speed up business intelligence queries by removing the need to search across multiple data sources and formats.

“Our product solves the largest bottleneck in analytics today by combining the speed of an intuitive graphical user interface with the flexibility of code, plus a healthy dose of automation, to enable rapid data transformations,” Petrossian continued. “With Coalesce, the data can be organized in an easy to access and read fashion while using automation to streamline the process and limit the amount of time needed by highly skilled engineers to code manually.”

Petrossian sees Coalesce competing with “extract, transform, and load” data integration vendors, including Informatica and Talend. The aforementioned Matillion also occupies that space, as does Incorta and Etleap.

Fortunately for Coalesce, the ETL market is massive, with one estimate putting it at $10.75 million as of early 2021. While demurring when asked about revenue, Petrossian claimed that Coalesce’s business is quite strong, with “multiple” Fortune 500 customers paying for the startup’s services.

“Our company was born during the pandemic and has given us an opportunity to serve enterprise Fortune 500 companies that are resilient to the potential looming recession,” Petrossian added. “The Coalesce platform is easing the burden of companies struggling to find talented data engineers or architects by providing them with a tool that empowers their existing teams to be much more efficient without compromising flexibility at scale.”

Coalesce currently has 40 salaried employees, spread across locations in four different countries. Petrossian wouldn’t commit to hiring a certain number this year but said the plan is to invest generally in Coalesce’s marketing, sales and engineering operations.

Coalesce lands fresh capital to transform data at ‘enterprise scale’ by Kyle Wiggers originally published on TechCrunch

Kumo aims to bring predictive AI to the enterprise with $18M in fresh capital

Kumo, a startup offering an AI-powered platform to tackle predictive problems in business, today announced that it raised $18 million in a Series B round led by Sequoia, with participation from A Capital, SV Angel and several angel investors. Co-founder and CEO Vanja Josifovski says the new funding will be put toward Kumo’s hiring efforts and R&D across the startup’s platform and services, which include data prep, data analytics and model management.

Kumo’s platform works specifically with graph neural networks, a class of AI system for processing data that can be represented as a series of graphs. Graphs in this context refer to mathematical constructs made up of vertices (also called nodes) that are connected by edges (or lines). Graphs can be used to model relations and processes in social, IT and even biological systems. For example, the link structure of a website can be represented by a graph where the vertices stand in for webpages and the edges represent links from one page to another.

Graph neural networks have powerful predictive capabilities. At Pinterest and LinkedIn, they’re used to recommend posts, people and more to hundreds of millions of active users. But as Josifovski notes, they’re computationally expensive to run — making them cost-prohibitive for most companies.

“Many enterprises today attempting to experiment with graph neural networks have been unable to scale beyond training data sets that fit in a single accelerator (memory in a single GPU), dramatically limiting their ability to take advantage of these emerging algorithmic approaches,” he told TechCrunch in an email interview. “Through fundamental infrastructural and algorithmic advancements, we have been able to scale to datasets in the many terabytes, allowing graph neural networks to be applied to customers with larger and more complicated enterprise graphs, such as social networks and multi-sided marketplaces.”

Using Kumo, customers can connect data sources to create a graph neural network that can then be queried in structured query language (SQL). Under the hood, the platform automatically trains the neural network system, evaluating it for accuracy and readying it for deployment to production.

Josifovski says that Kumo can be used for applications like new customer acquisition, customer loyalty and retention, personalization and next best action, abuse detection and financial crime detection. Previously the CTO of Pinterest and Airbnb Homes, Josifovski worked with Kumo’s other co-founders, former Pinterest chief scientist Jure Leskovec and Hema Raghavan, to develop the graph technology through Stanford and Dortmund University research labs.

“Companies spend millions of dollars storing terabytes of data but are able to effectively leverage only a fraction of it to generate the predictions they need to power forward-looking business decisions. The reason for this is major data science capacity gaps as well as the massive time and effort required to get predictions successfully into production,” Josifovski said. “We enable companies to move to a paradigm in which predictive analytics goes from being a scarce resource used sparingly into one in which it is as easy as writing a SQL query, thus enabling predictions to basically become ubiquitous — far more broadly adapted in use cases across the enterprise in a much shorter timeframe.”

Kumo remains in the pilot stage, but Josifovski says that it has “more than a dozen” early adopters in the enterprise. To date, the startup has raised $37 million in capital.

Kumo aims to bring predictive AI to the enterprise with $18M in fresh capital by Kyle Wiggers originally published on TechCrunch

Cloud storage startup Wasabi raises $250M to reach unicorn status

The cloud services sector is still dominated by Amazon and the other so-called “hyperscalers” — e.g. the Microsoft Azures, Google Cloud Platforms and IBM Clouds of the world. According to Synergy Group, an IT market research firm, Amazon, Microsoft and Google together held a 65% share of the global cloud services market as of Q2, up 61% year-over-year.

But that sobering fact hasn’t prevented a few entrepreneurs from trying to shake things up.

Two at the forefront are David Friend and Jeff Flowers, who co-founded Wasabi, a cloud startup offering services competitive with Amazon’s Simple Storage Service (S3). Wasabi launched just a few years ago, in 2015. But despite that fact and in the face of the intense competition, Wasabi has grown its customer base to more than 40,000 organizations and nabbed eye-catchingly large funding tranches — most recently $250 million in a Series D round that closed this morning.

The Series D — which is part equity ($125 million), part debt ($125 million) — brings Wasabi’s total raised to $495 million and values the company at more than $1.1 billion. L2 Point Management led with participation from Cedar Pine and return investors Fidelity Management & Research Company and Forestay Capital.

In an interview with TechCrunch, Friend said that the new equity will help to drive Wasabi’s expansion into additional markets and support existing channel partnerships. As for the debt, he added, it’ll be used to finance equipment and infrastructure in Wasabi’s storage regions while extending the company’s capabilities with industry-specific offerings.

“Over the next 10 years or so, most of the world’s data is going to migrate from on-premises storage to the cloud, and we want as much of it as possible to end up in Wasabi,” Friend said. “I think closing a large up round in this environment speaks to the spectacular growth of Wasabi, the magnitude of the cloud storage opportunity and our leadership as the industry’s largest pure-play cloud storage vendor.”

Friend and Flowers joined forces in 2015 to start Wasabi, when Friend was still the CEO of cloud backup company Carbonite. Flowers, also previously at Carbonite, had been working with several founding engineers to create Wasabi and eventually convinced Friend to join the effort.

From the outset, Friend and Flowers decided to make Wasabi nearly identical to — but in some respects cheaper than — Amazon S3. The platform supports “hot” data (data that’s readily available), active archive “cool” data (data that’s accessed only occasionally) and inactive archive cool data (data that’s retrieved infrequently), with integrations for gateways, apps and third-party platforms.

Wasabi

Image Credits: Wasabi

Wasabi’s pay-as-you-go pricing is $5.99 per terabyte per month. The company also offers reserved capacity pricing with a 30-day retention policy that allows customers to purchase 50 terabytes or more for one-, three- or five-year terms.

Wasabi, which doesn’t charge fees for egress or API requests, claims its storage fees work out to one-fifth of the cost of Amazon S3’s. But it’s tough to compare the two directly because the pricing structures for Wasabi and Amazon S3 differ. Amazon S3 levies fees on transferring things in and out of storage, while Wasabi charges customers who store files the full amount even if they delete them.

Endeavoring to better position itself against S3, Wasabi over the past year has added storage regions in London, Paris, Frankfurt, Toronto, Osaka, Sydney and Singapore — bringing its total number to 13 and inching toward Amazon S3’s roughly two dozen. Wasabi also introduced an object lock feature to provide immutable storage for protection against ransomware, human error and other types of data loss.

“[The new regions] helps us optimize our performance for customers and channel partners internationally who are dealing with specific concerns like data sovereignty and thus need their data to be stored close by. Having multiple data centers around the world also means that our customers experience very little latency,” Friend said. “We’ve grown headcount and our partner network to support our presence in these regions.”

On the customer acquisition front, Wasabi now has clients across more than 100 countries, according to Friend, including from higher education, media and entertainment, data protection and disaster recovery and the public sector. Friend says that Wasabi poured outsourced resources into winning over professional sports organizations this year — an effort that seemingly paid dividends. The company recently landed contracts with the Boston Red Sox, Boston Bruins and Liverpool Football Club.

Brian Shield, CTO of the Boston Red Sox, said that Wasabi’s service made sense for the data work that the organization’s executing. “As our data needs continue to evolve, from player analytics, internet of things, digital assets and even security, this presents an enormous learning opportunity for the organization,” he added in a statement. “Wasabi provides a cost-effective cloud-based solution that enables us to retrieve content quickly and improve the level of video analysis and production we do here at the Red Sox.”

Continued Friend: “It’s lucky that we’re in the data storage business. The adoption of cloud storage skyrocketed during the pandemic, fueled by the rise of remote and hybrid work. Cloud storage is no longer a nice-to-have, it’s a necessity — everyone has data, they have more of it every year and it needs to be stored somewhere.”

That statement isn’t necessarily hyperbolic. According to Statista, 60% of all corporate data is now stored in the cloud. That’s up from 30% in 2015, the year the analytics firm began tracking the trend.

When asked about economic headwinds and competition from startups like Cohesity, Datrium, Reduxio and Rubrik, Friend asserted that Wasabi’s pricing model remains highly attractive for the clientele it’s after. That remains to be seen. But with Wasabi’s revenue doubling from 2020 to 2021, the startup’s evidently doing something right.

“Often users can store their data in Wasabi for less than just the maintenance costs alone of on-premises storage hardware … Moving data storage to Wasabi means that data storage becomes an operational expense rather than a capital expense — often a significant advantage for enterprise customers,” Friend said. “While many other tech companies have seen big drop-offs in business, our growth continues at a very robust level.”

Friend didn’t commit to firm hiring plans when asked, but he said that he expects Wasabi’s 250-person headcount to “grow as [the company] expands into additional vertical markets and geographies.”

Cloud storage startup Wasabi raises $250M to reach unicorn status by Kyle Wiggers originally published on TechCrunch

Arjun Sethi’s crypto derivatives protocol Nibiru raises maiden funding at $100M valuation

Nibiru, a new crypto derivatives protocol co-founded by Tribe Capital GP Arjun Sethi, has raised $7.5 million seed funding at a valuation of $100 million, two sources familiar with the matter told TechCrunch.

Tribe Capital, Republic Crypto and Kraken invested in the seed round, a source said, requesting anonymity as the information is not public.

Sethi co-founded the startups with four industry veterans – including Sankha Banerjee, formerly with Credence Capital and Binance; and Boris Revsin, who co-founded Republic Capital. Nibiru has attracted nearly two dozen contributors from firms including Meta, Reddit, JP Morgan and Yahoo, an investor deck obtained by TechCrunch showed.

The crypto market is flooded with centralized (Binance, FTX) and decentralized ETH-based perpetuals and options trading platforms (Dydx, Opyn, Perpetual Protocol). Nibiru is attempting to build the first mainstream decentralized multichain solution, according to its website.

Currently in private testnet, Nibiru’s decentralized protocol unifies derivatives trading, spot trading, staking, and bonded liquidity and aims to serve users across over 40 blockchains, it says on the website.

On its investor deck, Nibiru says it will provide customers with unlocked hedging opportunities, extremely low gas costs, MEV resistance, and high futures volume. It is also creating composable yield in rising/falling regimes using decentralized perps and options, the deck added.

A slide from Nibiru’s investor presentation where the startup describes the current state of crypto derivatives and options market

The startup plans to launch NIBIRU on public testnet later this year and mainnet by Q1 2023, the investor deck said. Sethi declined to comment Friday.

Arjun Sethi’s crypto derivatives protocol Nibiru raises maiden funding at $100M valuation by Manish Singh originally published on TechCrunch

Codacy nabs $15M to improve code reviews with automation

Code review is a key step during the software development process — it’s when people check a program by viewing and reading parts of the source code. But despite its importance, not all developers are pleased with the way traditional code reviews work. For example, a Microsoft study found that the outcomes of code reviews often don’t match the motivations, whether because of unrealistic expectations or insufficient developer resources.

Aiming to change code reviews for the better, Jaime Jorge co-founded Codacy, which provides info on code quality, security, compliance and performance. Fresh off the launch of a new product designed to measure engineering performance metrics, Lisbon-based Codacy has closed a $15 million Series B funding round led by Bright Pixel Capital, the corporate VC of one of Portugal’s biggest employers, the Sonae Group.

To date, Codacy has raised $28 million.

“In order to stay competitive in a world where every company is software led, companies need to balance quality with speed of delivery,” Jorge told TechCrunch in an email interview. “The industry adoption of remote work has sent companies into disarray, creating tension between engineers who earn for flexibility and freedom and managers who are accountable for results. Many companies have wrongly taken to monitoring as solutions, which long term deteriorate culture and hinder them from hiring and keeping the best talent possible.”

Jorge did a master’s thesis focused on identifying duplicate code, which piqued his interest in the business of code review. He teamed up with Codacy’s other co-founder, João Caxaria, to launch the startup in 2012.

Codacy

Image Credits: Codacy

Since Codacy’s founding ten years ago, the code review market has grown substantially, with companies like SonarSource and DeepCode — whose platforms scan codebases for bugs — raising hundreds of millions of dollars in venture capital. Incumbents like Amazon have thrown their hats in the ring, too (see: CodeGuru).

But Jorge argues that the scale of Codacy’s platform is indicative of its success. Over the last 12 months, the platform spotted more than 20 million vulnerabilities and, Jorge claims, decreased the time developers spend on quality reviews by up to 60%.

We’ll have to take his word for it — stats like those are tough to independently confirm. But what is verifiable is that Codacy sees a strong business opportunity beyond code reviews in the area of engineering performance monitoring. That’s the focus of Pulse, the company’s second product, which aims to measure things like software deployment frequency, lead time for changes to code and other aspects of software development that correlate with “business impact.”

“Pulse gathers metrics that enable teams to understand performance without compromising a healthy culture,” Jorge said. “We’ve seen firsthand in our customers the struggles of maintaining a healthy performance culture over remote work. Pulse aims to help in this process.”

Surely not every developer will be on board with the idea of close watch over their work. On the other hand, it might not matter if managers see a benefit to quantifying, or at least attempting to quantify, individual contributions to projects.

Jorge said that Codacy “routinely” deletes customer data, including performance metrics, that are “no longer required to maintain the normal functioning operation of [the company’s] product[s].”

“We’ve found over time that … leadership tends to care for metrics that are closer to larger business outcomes. In other words, leadership cares for the forest and not the trees. This is why we designed Pulse: to provide a meaningful, cohesive set of metrics that leadership cares about,” Jorge said, asserting that Pulse isn’t invasive by nature. “This way, they follow what their colleagues in other departments are already doing by measuring performance while not compromising their engineering culture.”

Codacy appears to be doing something right, with a customer base of around 870 brands, including Panasonic and Delivery Hero, and a user base exceeding 300,000 developers. Jorge says that the funding will be put mostly toward product R&D, including adding new capabilities to Codacy’s existing services, bringing new services to market and hiring senior talent across the company’s engineering, support, and success teams as well as sales and marketing. (Codacy’s headcount stands at 100 staffers today.)

“The broader slowdown in tech is proving to be beneficial to us as companies are hoping to automate processes while keeping quality solid and understand their engineering performance. Despite the frequency of layoffs in the industry, we’ve seen many of our customers actually expand in usage of our product suite,” Jorge continued. “We’re really bullish on the timeless, dependent nature of software development. It does not depend on cycles and its momentum is built on the back of a worldwide digital transformation. Now is the time to be greedy on the fact that every company wants to be software-led.”

Codacy nabs $15M to improve code reviews with automation by Kyle Wiggers originally published on TechCrunch