open source
Auto Added by WPeMatico
Auto Added by WPeMatico
VMware announced today that it intends to buy early-stage Kubernetes security startup Octarine and fold it into Carbon Black, a security company it bought last year for $2.1 billion. The company did not reveal the price of today’s acquisition.
According to a blog post announcing the deal, from Patrick Morley, general manager and senior vice president at VMware’s Security Business Unit, Octarine should fit in with what Carbon Black calls its “intrinsic security strategy” — that is, protecting content and applications wherever they live. In the case of Octarine, that is cloud native containers in Kubernetes environments.
“Acquiring Octarine enables us to advance intrinsic security for containers (and Kubernetes environments), by embedding the Octarine technology into the VMware Carbon Black Cloud, and via deep hooks and integrations with the VMware Tanzu platform,” Morley wrote in a blog post.
This also fits in with VMware’s Kubernetes strategy, having purchased Heptio, an early Kubernetes company started by Craig McLuckie and Joe Beda, two folks who helped develop Kubernetes while at Google before starting their own company,
We covered Octarine last year when it released a couple of open-source tools to help companies define the Kubernetes security parameters. As we quoted head of product Julien Sobrier at the time:
Kubernetes gives a lot of flexibility and a lot of power to developers. There are over 30 security settings, and understanding how they interact with each other, which settings make security worse, which make it better, and the impact of each selection is not something that’s easy to measure or explain.
As for the startup, it now gets folded into VMware’s security business. While the CEO tried to put a happy face on the acquisition in a blog post, it seems its days as an independent entity are over. “VMware’s commitment to cloud native computing and intrinsic security, which have been demonstrated by its product announcements and by recent acquisitions, makes it an ideal home for Octarine,” the company CEO Shemer Schwarz wrote in the post.
Octarine was founded in 2017 and has raised $9 million, according to PitchBook data.
Powered by WPeMatico
We find ourselves in a time when certain businesses are being asked to scale to levels they never imagined. Sometimes that increased usage comes in bursts, which means you don’t want to pay for permanent extra capacity you might not always need. Today, Confluent introduced a new scale-on-demand feature for its Apache Kafka cloud service that will scale up and down as needed, automatically.
Confluent CEO Jay Kreps says that elasticity is arguably one of the most important features of cloud computing, and this ability to scale up and down is one of the primary factors that has attracted organizations to the cloud. By automating that capability, they give DevOps one less major thing to worry about.
“This new functionality allows users to dynamically scale Kafka and the other key ecosystem components like KSQL and Kafka Connect. This is a key missing capability that no other service provides,” Kreps explained.
He points out that this is particularly relevant right now with people working at home. Systems are being taxed more than perhaps ever before, and this automated elasticity is going to come in handy, making it more cost-effective and efficient than was previously possible.
“These capabilities let customers add capacity as they need it, or scale down to save money, all without having to pre-plan in advance,” he said.
The new elasticity feature in Confluent is part of a series of updates to the platform, known as Project Metamorphosis, that Confluent is planning to roll out throughout this year on a regular basis.
“Through the rest of the year we’ll be doing a sequence of releases that bring the capabilities of modern cloud data systems to the Kafka ecosystem in Confluent Cloud. We’ll be announcing one major capability each month, starting with elasticity,” he said.
Kreps first announced Metamorphosis last month when the company also announced a massive $250 million funding round on a $4.5 billion valuation. In spite of the current economic situation, driven by the ongoing pandemic, Confluent plans to continue to build out the product, as today’s announcement attests.
Powered by WPeMatico
Cockroach Labs, the NYC enterprise database company, announced an $86.6 million Series D funding round today. The company was in no mood to talk valuations, but was happy to have a big chunk of money to help build on its recent success and ride out the current economic malaise.
Altimeter Capital and Bond co-led the round with participation from Benchmark, GV, Index Ventures, Redpoint Ventures, Sequoia Capital, Tiger Capital and FirstMark Capital. Today’s funding comes on top of a $55 million Series C last August, and brings the total raised to $195 million, according to the company.
Cockroach has a tough job. It’s battling both traditional databases like Oracle and modern ones from the likes of Amazon, but investors see a company with a lot of potential market building an open source, on prem and cloud database product. In particular, the open source product provides a way to attract users and turn some percentage of those into potential customers, an approach investors tend to favor.
CEO and co-founder Spenser Kimball says that the company had been growing fast before the pandemic hit. “I think the biggest change between now and last year has just been our go to market which is seeing pretty explosive growth. By number of customers, we’ve grown by almost 300%,” Kimball told TechCrunch.
He says having that three-pronged approach of open source, cloud an on-prem products has really helped fuel that growth. The company launched the cloud service in 2018, and it has helped expand its market. Whereas the on-prem version was mostly aimed at larger customers, the managed service puts Cockroach in reach of individual developers and teams who might not want to deal with all of the overhead of managing a complex database on their own.
Kimball says it’s really too soon to say what impact the pandemic will have on his business. He recognizes that certain verticals like travel, hospitality and some retail business are probably going to suffer, but other businesses that are accelerating in the crisis could make use of a highly scalable database like CockroachDB.
“Obviously it’s a new world right now. I think there are going to be some losers and some winners, but on balance I think [our] momentum will continue to grow for something that really does represent a best in class solution for businesses, whether they are startups or big enterprises, as they’re trying to figure out how to build for a cloud native future,” Kimball said.
The company intends to keep hiring through this, but is being careful and regularly evaluating what its needs are much more carefully than it might have done prior to this crisis with a much more open mind toward remote work.
Kimball certainly recognizes that it’s not an easy time to be raising this kind of cash, and he is grateful to have the confidence of investors to keep growing his company, come what may.
Powered by WPeMatico
The pandemic may feel all-encompassing at the moment, but Confluent announced a $250 million Series E today, showing that major investment continues in spite of the dire economic situation at the moment. The company is now valued at $4.5 billion.
Today’s round follows last year’s $125 million Series D. At that point the company was valued at a mere $2.5 billion. Investors obviously see a lot of potential here.
Coatue Management led the round, with help from Altimeter Capital and Franklin Templeton. Existing investors Index Ventures and Sequoia Capital also participated. Today’s investment brings the total raised to $456 million.
The company is based on Apache Kafka, the open-source streaming data project that emerged from LinkedIn in 2011. Confluent launched in 2014 and has gained steam, funding and gaudy valuations along the way.
CEO and co-founder Jay Kreps reports that growth continued last year when sales grew 100% over the previous year. A big part of that is the cloud product the company launched in 2017. It added a free tier last September, which feels pretty prescient right about now.
But the company isn’t making money giving stuff away, so much as attracting users, who can become customers at some point as they make their way through the sales funnel. The beauty of the cloud product is that you can buy by the sip.
The company has big plans for the product this year. Although Kreps was loath to go into detail, he says that there will be a series of changes coming up this year that will add significantly to the product’s capabilities.
“As part of this we’re going to have a major new set of capabilities for our cloud service, and for open-source Kafka, and for our product that we’re going to announce every month for the rest of the year,” Kreps told TechCrunch. These will start rolling out the first week in May.
While he wouldn’t get specific, he says that it relates to the changing nature of cloud infrastructure deployment. “This whole infrastructure area is really evolving as it moves to the cloud. And so it has to become much, much more elastic and scalable as it really changes how it works. And we’re going to have announcements around what we think are the core capabilities of event streaming in the cloud,” he said.
While a round this big with a valuation this high and an institutional investor like Franklin Templeton involved typically means an IPO could be the next step, Kreps was not ready to talk about that, except to say the company does plan to begin behaving in the cadence of a public company with a set of quarterly earnings, just not for public consumption yet.
The company was founded in 2014. It has 1,000 employees and has plans to continue to hire and to expand the product. Kreps sees plenty of opportunity here in spite of the current economics.
“I don’t think you want to just turtle up and hang on to your existing customers and not expand if you’re in a market that’s really growing. What really got this round of investors excited is the fact that we’re onto something that has a huge market, and we want to continue to advance, even in these really weird uncertain times,” he said.
Powered by WPeMatico
Mozilla Corporation announced today that it has chosen long-time chairwoman Mitchell Baker to be CEO, replacing Chris Beard, who announced last August he would be stepping down at the end of the year.
Baker represents a logical choice to lead the company. At a time of great turmoil in the world at large, she brings the stability of someone who has been with Mozilla Corporation since 2003. Writing in a company blog post, she certainly recognized the challenges ahead, navigating the current economic uncertainty and the competitive challenges the company faces with its flagship Firefox browser.
“It’s a time of challenge on many levels, there’s no question about that. Mozilla’s flagship product remains excellent, but the competition is stiff. The increasing vertical integration of internet experience remains a deep challenge. It’s also a time of need, and of opportunity. Increasingly, numbers of people recognize that the internet needs attention,” Baker wrote.
Baker has been acting as interim CEO since December when Beard officially left the company. In a blog post from the board announcing Baker’s official new title, they certainly recognized that it would take someone with her unique combination of skills and experience to guide the company through this next phase.
“Mitchell’s deep understanding of Mozilla’s existing businesses gives her the ability to provide direction and support to drive this important work forward,” they wrote. Adding, “And her leadership style grounded in openness and honesty is helping the organization navigate through the uncertainty that COVID-19 has created for Mozillians at work and at home.”
Mozilla Corporation was founded in 1998 and is best known for its flagship, open-source Firefox browser. The company faces stiff competition in the browser market from Google, Apple and Microsoft.
Powered by WPeMatico
The Cloud Foundry Foundation (CFF), the home of the Cloud Foundry open-source developer platform, today announced that its executive director Abby Kearns is stepping down from her role to pursue an executive role elsewhere.
If you’ve followed the development of the CFF for a while, it won’t come as a surprise that its current CTO, Chip Childers, is stepping into the executive director role. For the last few years, Kearns and Childers shared duties hosting the foundation’s bi-annual conferences and were essentially the public faces of the organization.
Both Kearns and Childers stepped into their roles in 2016 after CFF founding CEO Sam Ramji departed the organization for a role at Google . Before joining the Cloud Foundry Foundation, Kearns worked on Pivotal Cloud Foundry and spent over eight years as head of product management for integration services at Verizon (which, full disclosure, is also the corporate parent of TechCrunch).
Today, according to its own data, the Linux Foundation-based Cloud Foundry project is used by more than half the Fortune 500 enterprises. And while some use the open-source code to run and manage their own Cloud Foundry platforms, most work with a partner like the now VMware-owned Pivotal.
“I am tremendously proud of Cloud Foundry and of the Foundation we have all built together,” said Kearns in today’s announcement. “Cloud Foundry offers the premier developer experience for the cloud native landscape and has seen massive adoption in the enterprise. It also has one of the strongest, kindest, most diverse communities (and staff) in open source. I leave the organization in the best hands possible. Chip was the first Foundation staff member and has served as CTO for more than four years. There is literally nobody else in the world more qualified for this job.”
During her role as executive director, Kearns helped shepherd the project through a number of changes. The most important of those was surely the rise of Kubernetes and containers in general, which quickly changed the DevOps landscape. Unlike other organizations, the CFF adapted to these changing times and started integrating these new technologies. Over the course of the last two years, the Cloud Foundry community started to deeply integrate these cloud-native technologies into its own platform, despite the fact that the community had already built its own container orchestration system in the past.
As Childers told me last year, though, the point of Cloud Foundry isn’t any specific technology, though. Instead, it’s about the developer experience. Ideally, the developers who use it don’t have to care about the underlying infrastructure and can simply integrate it into their DevOps workflow. With a lot of the recent technical changes behind it,
“We as a Foundation are turning the page to a new chapter; raising the profiles of our technical contributors, highlighting the community’s accomplishments and redefining the Cloud Foundry platform as the best Kubernetes experience for enterprise developers,” said Childers today. “Abby has done a tremendous job leading the Foundation through a period of massive growth and upheaval in the cloud native world. Her leadership was instrumental in building Cloud Foundry as a leading cloud development tool.”
As the CFF also today announced, Paul Fazzone, SVP Tanzu R&D at VMware, has been named Chairman of the Board of Directors, where he replaces Dell EMC global CTO John Roese.
“This next chapter for Cloud Foundry will be a shift forward in focusing on evolving the technology to a Kubernetes-based platform and supporting the diverse set of contributors who will make that outcome possible,” said Fazzone. “In my new role as Chairman of the Board, I look forward to helping guide the Foundation toward its goal of expanding and bolstering the ecosystem, its community and its core of users.”
Powered by WPeMatico
Today, DataStax, the commercial company behind the open source Apache Cassandra project, announced an open source Kubernetes operator developed by the company to run a cloud native version of the database.
When Sam Ramji, chief strategy officer at DataStax, came over from Google last year, the first thing he did was take the pulse of customers, partners and community members around Kubernetes and Cassandra, and they found there was surprisingly limited support.
While some companies had built Kubernetes support themselves, DataStax lacked one to call its own. Given that Kubernetes was born inside Google, and the company has widely embraced the notion of containerization in general, Ramji wanted there to be an operator specifically designed by the company to give customers a general starting point with Kubernetes.
“What’s special about the Kube operator that we’re offering to the community as an option — one of many — is that we have done the work to generalize the operator to Cassandra wherever it might be implemented,” Ramji told TechCrunch.
Ramji says that most companies that have created their own Kubernetes operators tend to specialize for their own particular requirements, which is fine, but as the company built on top of Cassandra, they wanted to come up with a general version that could appeal broader range of use cases.
In Kubernetes, the operator is how the DevOps team packages, manages and deploys an application, giving it the instructions it needs to run correctly. DataStax has created this operator specifically to run Cassandra with a broad set of assumptions.
Cassandra is a powerful database because it stays running when many others fall down. As such it is used by companies as varied as Apple, eBay and Netflix to run their key services. This new Kubernetes implementation will enable anyone who wishes to run Cassandra as a containerized application, helping push it into a modern development realm.
The company also announced a free help service for engineers trying to cope with increased usage on their databases due to COVID-19. They are calling the program, “Keep calm and Cassandra on.” The engineers charged with keeping systems like Cassandra running are called Site Reliability Engineers or SREs.
“The new service is completely free SRE-to-SRE support calls. So our SREs are taking calls from Apache Cassandra users anywhere in the world, no matter what version they’re using if they’re trying to figure out how to keep it up to stand up to the increased demand,” Ramji explained.
DataStax was founded in 2010 and has raised over $190 million, according to PitchBook data.
Powered by WPeMatico
Deviceplane, a member of the Y Combinator Winter 2020 class, is developing an open-source toolset to manage, monitor and update Linux devices running at the edge.
“We solve the hard infrastructure problems that all these companies face, including network conductivity, SSH access, orchestrating and deployment of remote updates, hosting, application monitoring and access and security controls. It’s 100% open source, available under an Apache License. You can either host it yourself or you can run on the hosted version,” company founder and CEO Josh Curl told TechCrunch.
He could see this working with a variety of hardware, including robotics, consumer appliances, drones, autonomous vehicles and medical devices.
Curl, who has a background in software engineering, was drawn to this problem and found that most companies were going with home-grown solutions. He said once he studied the issue, he found that the set of infrastructure resources required to manage, monitor and update these devices didn’t change that much across industries.
The over-the-air updates are a big part of keeping these devices secure, a major concern with edge devices. “Security is challenging, and one of the core tenets of security is just the ability to update things. So if you as a company are hesitant to update because you’re afraid that things are going to break, or you don’t have a proper infrastructure to do those upgrades, that makes you more hesitant to do upgrades, and it slows down development velocity,” Curl said.
Customers can connect to the Deviceplane API via Wi-Fi, cellular or ethernet. If you’re worried about someone tapping into that, Curl says the software assigns the device a unique identity that is difficult to spoof.
“Devices are assigned an identity in Deviceplane and this identity is what authorizes it to make API calls to Deviceplane. The access key for this identity is stored only on the device, which makes it impossible for someone else to spoof this device without physical access to it.
“Even if someone were able to spoof this identity, they would not be able to deploy malicious code to the spoofed device. Devices never have access to control what software they’re running — this is something that can be done only by the developer pushing out updates to devices,” Curl explained.
The company intends to offer both the hosted version and installed versions of the software as open source, something that he considers key. He hopes to make money supporting companies with more complex installations, but he believes that by offering the software as open source, it will drive developer interest and help build a community around the project.
As for joining YC, Curl said he has friends that had been through the program in the past, and had recommended he join as well. Curl sees being part of the cohort as a way to build his business. “We were excited to be tapping into the YC network — and then being able to tap into that network in the future. I think that YC has funded many companies in the past that can be Deviceplane customers, and that can accelerate going forward.”
Curl wasn’t ready to share download numbers just yet, but it’s still an early-stage startup looking to build the company. It’s using an open-source model to drive interest, while helping solve a sticky problem.
Powered by WPeMatico
Tozny, a Portland, Oregon startup that wants to help companies more easily incorporate encryption into programs and processes, introduced TozID today. It is an identity and access control tool that can work independently or in conjunction with the company’s other encryption tools.
“Basically we have a Security as a Service platform, and it’s designed to help developers and IT departments add defense in depth by [combining] centralized user management with an end-to-end encryption platform,” Tozny CEO and founder Isaac Potoczny-Jones told TechCrunch.
The company is introducing an identity and access solution today with the hope of moving beyond its core developer and government audience to a broader enterprise customer base.
Under the hood, TozID uses standards identity constructs like single sign-on, SAML and OpenID, and it can plug into any existing identity framework, but the key here is that it’s encryption-based and uses Zero Knowledge identification. This allows a user (or application) to control information with a password while reducing the risk of sharing data because Tozny does not store passwords or send them over the network.
In this tool, the password acts as the encryption key, which enables users or applications to control access to data in a very granular way, only unlocking information for people or applications they want to be able to access that information.
As Potoczny-Jones pointed out, this can be as simple as one-to-one communication in an encrypted messaging app, but it can be more complex at the application layer depending on how it’s set up. “It’s really powerful to have a user make that decision, but that’s not the only use case. There are many different ways to enable who gets access to data, and this tool enforces those kinds of decisions with encryption,” he explained.
Regardless of how this is implemented, the user never has to understand encryption or even know that encryption is in play in the application. All they need to do is enter a password as they always have, and then Tozny deals with the complex parts under the hood using standard open source encryption algorithms.
The company also has a data privacy tool geared towards developers to build in end-to-end encryption into applications, whether that’s web, mobile, server and so forth. Developers can use the Tozny SDK to add encryption to their applications without a lot of encryption knowledge.
The company has been around since 2013 and hasn’t taken any private investment. Instead, it has developed an encryption toolkit for government agencies, including NIST and DARPA, that has acted as a funding mechanism.
“This is an open source toolkit on the client side, so that folks can vet it for security — cryptographers like that — and on the server side it’s a SaaS-type platform,” he said. The latter is how the company makes money, by selling the service.
“Our goal really here is to bring the kind of cybersecurity that we’ve been building for government agencies into the commercial market, so this is really work on our side to try to, you might say, bring it down market as the threat landscape moves up market,” he said.
Powered by WPeMatico
As the number of IoT devices proliferate, and machines conduct transactions with machines without humans involved, it becomes increasingly necessary to have a permissionless system that facilitates this kind of communication in a secure way.
Enter the IOTA Foundation, a Berlin-based open-source distributed ledger technology (DLT) project, which has hooked up with the Eclipse Foundation to bring IOTA DLT to the enterprise via the Tangle EE project. For starters, this involves forming a working group.
The distributed ledger idea first emerged as a way to distribute digital currency on the blockchain. Since then, there have been multiple ideas, both open source and commercial, to bring this concept to the enterprise to provide a secure, immutable and frictionless way to share data.
One such open-source project is IOTA, which saw an issue with DLT as it was being implemented by other entities. “IOTA is the first distributed ledger technology that went beyond blockchain with a completely new architecture that resolves the bottleneck problems of blockchain that has prevented real-world adoption,” Dominik Schiener, co-founder of IOTA Foundation, told TechCrunch.
The broad vision is to provide a way for machines and devices to communicate securely. “We provide a protocol layer that enables both humans and machines to bulk transact value without fees, as well as ensure data integrity, which is, of course, increasingly important in the age of Internet of Things, where hundreds of billions of devices are being connected over the next decades,” Schiener said.
Tangle EE is the part of the project aimed at enterprise users — EE stands for Enterprise Edition — that can take this technology and enable larger organizations to build applications on top of the project. For starters the foundation is working with the Eclipse Foundation to bring corporate entities on board who can help better define the requirements of the large business user.
Dell Technologies and STMicroelectronics are the first major companies joining the project, but the hope is that through discussion and dialogue, Tangle EE will begin to gain traction. “The main reason why we created Tangle EE was because of the discussions that we’ve had with corporations. They really understood that we need to have a working group around IOTA to discuss the application layer, to discuss what kind of solutions we can develop broadly across industries, but also really start having more serious discussions about the protocol,” Schiener said.
Much like the Linux Foundation, the Eclipse Foundation will provide a governance framework for the project. “The Eclipse Foundation will provide a vendor-neutral governance framework for open collaboration, with IOTA’s scalable, feeless and permissionless DLT as a base,” Mike Milinkovich, executive director of the Eclipse Foundation, explained in a statement.
If it gains traction, more companies will join in the coming months and years, and begin building out Tangle EE, while developing applications based on the protocol.
Powered by WPeMatico