Rubrik

Auto Added by WPeMatico

Google acquires Actifio to step into the area of data management and business continuity

In the same week that Amazon is holding its big AWS confab, Google is also announcing a move to raise its own enterprise game with Google Cloud. Today the company announced that it is acquiring Actifio, a data management company that helps companies with data continuity to be better prepared in the event of a security breach or other need for disaster recovery. The deal squares Google up as a competitor against the likes of Rubrik, another big player in data continuity.

The terms of the deal were not disclosed in the announcement; we’re looking and will update as we learn more. Notably, when the company was valued at over $1 billion in a funding round back in 2014, it had said it was preparing for an IPO (which never happened). PitchBook data estimated its value at $1.3 billion in 2018, but earlier this year it appeared to be raising money at about a 60% discount to its recent valuation, according to data provided to us by Prime Unicorn Index.

The company was also involved in a patent infringement suit against Rubrik, which it also filed earlier this year.

It had raised around $461 million, with investors including Andreessen Horowitz, TCV, Tiger, 83 North, and more.

With Actifio, Google is moving into what is one of the key investment areas for enterprises in recent years. The growth of increasingly sophisticated security breaches, coupled with stronger data protection regulation, has given a new priority to the task of holding and using business data more responsibly, and business continuity is a cornerstone of that.

Google describes the startup as as a “leader in backup and disaster recovery” providing virtual copies of data that can be managed and updated for storage, testing, and more. The fact that it covers data in a number of environments — including SAP HANA, Oracle, Microsoft SQL Server, PostgreSQL, and MySQL, virtual machines (VMs) in VMware, Hyper-V, physical servers, and of course Google Compute Engine — means that it also gives Google a strong play to work with companies in hybrid and multi-vendor environments rather than just all-Google shops.

“We know that customers have many options when it comes to cloud solutions, including backup and DR, and the acquisition of Actifio will help us to better serve enterprises as they deploy and manage business-critical workloads, including in hybrid scenarios,” writes Brad Calder, VP, engineering, in the blog post. :In addition, we are committed to supporting our backup and DR technology and channel partner ecosystem, providing customers with a variety of options so they can choose the solution that best fits their needs.”

The company will join Google Cloud.

“We’re excited to join Google Cloud and build on the success we’ve had as partners over the past four years,” said Ash Ashutosh, CEO at Actifio, in a statement. “Backup and recovery is essential to enterprise cloud adoption and, together with Google Cloud, we are well-positioned to serve the needs of data-driven customers across industries.”

Powered by WPeMatico

Join Greylock’s Asheem Chandna on November 5 at noon PST/3 pm EST/8 pm GMT to discuss the future of enterprise and cybersecurity investing

The world of enterprise software and cybersecurity has taken multiple body blows since COVID-19 demolished the in-person office, flinging employees across the world and forcing companies to adapt to an all-remote productivity model. The shift has required companies to rethink not only collaboration software, but also the infrastructure that powers it and the best way to protect assets once their security perimeters have been destroyed.

The pandemic has also dramatically increased the usage of digital services, forcing cloud providers to keep up with crushing demands for performance and reliability.

In short — it’s never been a better time to be an enterprise investor (or, possibly, a founder).

So I’m excited to announce our next guest in our Extra Crunch Live interview series: Asheem Chandna from Greylock, one of the top enterprise investors of the past two decades who has worked with multiple important founding teams from whiteboard to IPO. We’re scheduled for Thursday, November 5 at noon PST/3 p.m. EST/8 p.m. GMT (check that daylight savings time math!)

Login details are below the fold for EC members, and if you don’t have an Extra Crunch membership, click through to sign up.

For nearly two decades, Asheem Chandna has invested in enterprise and security startups at Greylock, with massive investment wins in Palo Alto Networks, AppDynamics and Sumo Logic. These days, he continues to invest in cybersecurity with companies like Awake Security and Abnormal Security, data platforms like Rubrik and Delphix, and the stealthy search engine company Neeva. As a leading early-stage investor and mentor in the space, he’s seen a multitude of companies transition from inception to product-market fit to IPO.

We’ll talk about what all the turbulence in enterprise means for the future of startups in the space, how cybersecurity is evolving given the new threat landscape and also discuss a bit about how the public markets and their aggressive multiples for Silicon Valley enterprise startups is changing the strategy of venture capitalists. Plus, we’ll talk about company building, developing founders as leaders and more.

Join us next week with Asheem on Thursday, November 5 at noon PST/3 p.m. EST/8 p.m. GMT. Login details and calendar invite are below.

Event Details

Powered by WPeMatico

Dozens of companies leaked sensitive data thanks to misconfigured Box accounts

Security researchers have found dozens of companies inadvertently leaking sensitive corporate and customer data because staff are sharing public links to files in their Box enterprise storage accounts that can easily be discovered.

The discoveries were made by Adversis, a cybersecurity firm, which found major tech companies and corporate giants had left data inadvertently exposed. Although data stored in Box enterprise accounts is private by default, users can share files and folders with anyone, making data publicly accessible with a single link. But Adversis said these secret links can be discovered by others. Using a script to scan for and enumerate Box accounts with lists of company names and wildcard searches, Adversis found more than 90 companies with publicly accessible folders.

Not even Box’s own staff were immune from leaking data.

The company said while much of the data is legitimately public and Box advises users how to minimize risks, many employees may not know the sensitive data they share can be found by others.

Worse, some public folders were scraped and indexed by search engines, making the data found more easily.

In a blog post, Adversis said Box administrators should reconfigure the default access for shared links to “people in your company” to reduce accidental exposure of data to the public.

Adversis said it found passport photos, bank account and Social Security numbers, passwords, employee lists, financial data like invoices and receipts and customer data among the data found. The company contacted Box to warn of the larger exposures of sensitive data, but noted that there was little overall improvement six months after its initial disclosure.

“There is simply too much out there and not enough time to resolve each individually,” he said.

Adversis provided TechCrunch with a list of known exposed Box accounts. We contacted several of the big companies named, as well as those known to have highly sensitive data, including:

  • Amadeus, the flight reservation system maker, which left a folder full of documents and application files associated with Singapore Airlines. Earlier this year, researchers found flaws that made it easy to change reservations booked with Amadeus.
  • Apple had several folders exposed, containing what appeared to be non-sensitive internal data, such as logs and regional price lists.
  • Television network Discovery had more than a dozen folders listed, including database dumps of millions of customers names and email addresses. The folders also contained some demographic information and developer project files, including casting contracts and notes and tax documents.
  • Edelman, the global public relations firm, had an entire project proposal for working with the New York City mass transit division, including detailed proposal plans and more than a dozen resumes of potential staff for the project — including their names, email addresses, and phone numbers.
  • Nutrition giant Herbalife left several folders exposed containing files and spreadsheets on about 100,000 customers, including their names, email addresses and phone numbers.
  • Opportunity International, a nonprofit aimed at ending global poverty, exposed in a massive spreadsheet a list of donor names, addresses and amount given.
  • Schneider Electric left dozens of customer orders accessible to anyone, including sludge works and pump stations for several towns and cities. Each folder had an installation “sequence of operation” document, which included both default passwords and in some cases “backdoor” access passwords in case of forgotten passwords.
  • PointCare, a medical insurance coverage management software company, had thousands of patient names and insurance information exposed. Some of the data included the last four digits of Social Security numbers.
  • United Tissue Network, a whole-body donation nonprofit, exposed body donor information and personal information of donors in a vast spreadsheet, including the prices of body parts.

Box, which initially had no comment when we reached out, had several folders exposed. The company exposed signed non-disclosure agreements on their clients, including several U.S. schools, as well as performance metrics of its own staff, the researchers said.

Box spokesperson Denis Roy said in a statement: “We take our customers’ security seriously and we provide controls that allow our customers to choose the right level of security based on the sensitivity of the content they are sharing. In some cases, users may want to share files or folders broadly and will set the permissions for a custom or shared link to public or ‘open’. We are taking steps to make these settings more clear, better help users understand how their files or folders can be shared, and reduce the potential for content to be shared unintentionally, including both improving admin policies and introducing additional controls for shared links.”

The cloud giant said it plans to reduce the unintended discovery of public files and folders.

Amadeus, Apple, Box, Discovery, Herbalife, Edelman and PointCare all reconfigured their enterprise accounts to prevent access to their leaking files after TechCrunch reached out.

Amadeus spokesperson Alba Redondo said the company decommissioned Box in October and blamed the exposure on an account that was “misconfigured in public mode,” which has now been corrected and external access to it is now closed. “We continue to investigate this issue and confirm there has been no unauthorized access of our system,” said the spokesperson, without explanation. “There is no evidence that confidential information or any information containing personal data was impacted by this issue,” the spokesperson added.

When we asked Amadeus how it concluded there was no improper access, another spokesperson, Ben Hunt, said: “We have the full audit trail for Box and access of these files — none of the files have been downloaded outside of either Amadeus or authorized customers.”

The spokesperson declined to explain its statement when told files were downloaded to verify their contents.

PointCare chief executive Everett Lebherz confirmed its leaking files had been “removed and Box settings adjusted.” Edelman’s global marketing chief Michael Bush said the company was “looking into this matter.”

Herbalife spokesperson Jennifer Butler said the company was “looking into it,” but we did not hear back after several follow-ups. (Butler declared her email “off the record,” which requires both parties agree to the terms in advance, but we are printing the reply as we were given no opportunity to reject the terms.)

When reached, an Apple spokesperson did not comment by the time of publication.

Discovery, Opportunity International, Schneider Electric and United Tissue Network did not return a request for comment.

Data “dumpster diving” is not a new hobby for the skilled, but it’s a necessary sub-industry to fix an emerging category of data breaches: leaking, public and exposed data that shouldn’t be. It’s a growing space that we predicted would grow as more security researchers look to find and report data leaks.

This year alone, we’ve reported data leaks at Dow Jones, Rubrik, NASA, AIESEC, Uber, the State Bank of India, two massive batches of Indian Aadhaar numbers, a huge leak of mortgage and loan data and several Chinese government surveillance systems.

Adversis has open-sourced and published its scanning tool.

Powered by WPeMatico

Startups Weekly: Squad’s screen-shares and Slack’s swastika

We’re three weeks into January. We’ve recovered from our CES hangover and, hopefully, from the CES flu. We’ve started writing the correct year, 2019, not 2018.

Venture capitalists have gone full steam ahead with fundraising efforts, several startups have closed multi-hundred million dollar rounds, a virtual influencer raised equity funding and yet, all anyone wants to talk about is Slack’s new logo… As part of its public listing prep, Slack announced some changes to its branding this week, including a vaguely different looking logo. Considering the flack the $7 billion startup received instantaneously and accusations that the negative space in the logo resembled a swastika — Slack would’ve been better off leaving its original logo alone; alas…

On to more important matters.

Rubrik more than doubled its valuation

The data management startup raised a $261 million Series E funding at a $3.3 billion valuation, an increase from the $1.3 billion valuation it garnered with a previous round. In true unicorn form, Rubrik’s CEO told TechCrunch’s Ingrid Lunden it’s intentionally unprofitable: “Our goal is to build a long-term, iconic company, and so we want to become profitable but not at the cost of growth,” he said. “We are leading this market transformation while it continues to grow.”

Deal of the week: Knock gets $400M to take on Opendoor

Will 2019 be a banner year for real estate tech investment? As $4.65 billion was funneled into the space in 2018 across more than 350 deals and with high-flying startups attracting investors (Compass, Opendoor, Knock), the excitement is poised to continue. This week, Knock brought in $400 million at an undisclosed valuation to accelerate its national expansion. “We are trying to make it as easy to trade in your house as it is to trade in your car,” Knock CEO Sean Black told me.

Cybersecurity stays hot

While we’re on the subject of VCs’ favorite industries, TechCrunch cybersecurity reporter Zack Whittaker highlights some new data on venture investment in the industry. Strategic Cyber Ventures says more than $5.3 billion was funneled into companies focused on protecting networks, systems and data across the world, despite fewer deals done during the year. We can thank Tanium, CrowdStrike and Anchorfree’s massive deals for a good chunk of that activity.

Send me tips, suggestions and more to kate.clark@techcrunch.com or @KateClarkTweets

Fundraising efforts continue

I would be remiss not to highlight a slew of venture firms that made public their intent to raise new funds this week. Peter Thiel’s Valar Ventures filed to raise $350 million across two new funds and Redpoint Ventures set a $400 million target for two new China-focused funds. Meanwhile, Resolute Ventures closed on $75 million for its fourth early-stage fund, BlueRun Ventures nabbed $130 million for its sixth effort, Maverick Ventures announced a $382 million evergreen fund, First Round Capital introduced a new pre-seed fund that will target recent graduates, Techstars decided to double down on its corporate connections with the launch of a new venture studio and, last but not least, Lance Armstrong wrote his very first check as a VC out of his new fund, Next Ventures.

More money goes toward scooters

In case you were concerned there wasn’t enough VC investment in electric scooter startups, worry no more! Flash, a Berlin-based micro-mobility company, emerged from stealth this week with a whopping €55 million in Series A funding. Flash is already operating in Switzerland and Portugal, with plans to launch into France, Italy and Spain in 2019. Bird and Lime are in the process of raising $700 million between them, too, indicating the scooter funding extravaganza of 2018 will extend into 2019 — oh boy!

Startups secure cash

  • Niantic finally closed its Series C with $245 million in capital commitments and a lofty $4 billion valuation.
  • Outdoorsy, which connects customers with underused RVs, raised $50 million in Series C funding led by Greenspring Associates, with participation from Aviva Ventures, Altos Ventures, AutoTech Ventures and Tandem Capital.
  • Ciitizen, a developer of tools to help cancer patients organize and share their medical records, has raised $17 million in new funding in a round led by Andreessen Horowitz.
  • Footwear startup Birdies — no, I don’t mean Allbirds or Rothy’s — brought in an $8 million Series A led by Norwest Venture Partners, with participation from Slow Ventures and earlier investor Forerunner Ventures.
  • And Brud, the company behind the virtual celebrity Lil Miquela, is now worth $125 million with new funding.

Feature of the week

TechCrunch’s Josh Constine introduced readers to Squad this week, a screensharing app for social phone addicts.

Listen to me talk

If you enjoy this newsletter, be sure to check out TechCrunch’s venture-focused podcast, Equity. In this week’s episode, available here, Crunchbase editor-in-chief Alex Wilhelm and I marveled at the dollars going into scooter startups, discussed Slack’s upcoming direct listing and debated how the government shutdown might impact the IPO market.

Want more TechCrunch newsletters? Sign up here.

Powered by WPeMatico

5 unicorns that will probably go public in 2019 (besides Uber and Lyft)

There’s been plenty of fanfare surrounding Uber and Lyft’s initial public offerings — slated for early 2019 — since the two companies filed confidential IPO paperwork with the U.S. Securities and Exchange Commission in early December. On top of that, public and private investors have had plenty to say about Slack and Pinterest’s rumored 2019 IPOs but those aren’t the only “unicorn” exits we should expect to witness in the year ahead.

Using its proprietary company rating algorithm, data provider CB Insights ranked five billion dollar companies most likely to perform IPOs next year in its latest tech IPO report. The algorithm analyzes non-traditional public signals, including hiring activity, web traffic and mobile app data to make its predictions. These are the startups that topped their list.

 

Peloton

Peloton Co-Founder and CEO John Foley speaks onstage during TechCrunch Disrupt SF 2018 on September 6, 2018 in San Francisco, California. (Photo by Kimberly White/Getty Images for TechCrunch).

Peloton, dubbed the “Netflix of fitness,” has raised nearly $1 billion in venture capital funding in the six years since it was founded by John Foley, most recently raising $550 million at a $4 billion valuation. The manufacturer of tech-enabled exercise equipment is more than doubling in size every year and is “weirdly profitable,” an unusual characteristic for a venture-backed business of its age. Headquartered in New York, Peloton doesn’t have any public IPO plans, though Foley recently told The Wall Street Journal that 2019 “makes a lot of sense” for its stock market debut.

Select investors: L Catterton, True Ventures, Tiger Global

Cloudflare

Cloudflare co-founder and CEO Matthew Prince appears on stage at the 2014 TechCrunch Disrupt Europe/London. (Photo by Anthony Harvey/Getty Images for TechCrunch)

Cybersecurity unicorn Cloudflare is likely to transition to the public markets in the first half of 2019 in what is poised to be a strong year for IPOs in the security industry. The web performance and security platform is said to be preparing for an IPO at a potential valuation of more than $3.5 billion after last raising capital in 2015 at a $1.8 billion valuation. Since it was founded in 2009, the San Francisco-based company has raised just north of $250 million in VC funding. CrowdStrike, another security unicorn, is also on track to go public next year and it wouldn’t be surprising to see Illumio and Lookout make the jump to the public markets as well.

Select investors: Pelion Venture Partners, NEA, Venrock

Zoom

San Jose-based Zoom Video Communications has reportedly tapped Morgan Stanley to lead its upcoming IPO.

Zoom, a provider of video conferencing services, online meeting and group messaging tools that’s raised $160 million in VC cash to date, is eyeing a multi-billion IPO in 2019 and has reportedly hired Morgan Stanley to lead the offering. Founded in 2011, the company most recently brought in a $100 million Series D financing, entirely funded by Sequoia, at a $1 billion valuation in early 2017. Based in San Jose, Zoom is hoping to garner a valuation significantly larger than $1 billion when it IPOs, according to Reuters.

Select investors: Sequoia, Emergence Capital Partners, Horizons Ventures

Rubrik

Data management company Rubrik co-founder and CEO Bipul Sinha.

Data management company Rubrik has quietly made moves indicative of an impending IPO. The startup, which provides data backup and recovery services for businesses across cloud and on-premises environments, hired former Atlassian chief financial officer Murray Demo as its CFO earlier this year, as well as its first chief legal officer, Peter McGoff. Palo Alto-based Rubrik was valued at over of $1 billion with a $180 million funding round in 2017. The company has raised nearly $300 million to date.

Select investors: Lightspeed Venture Partners, Greylock, Khosla Ventures

Medallia

Medallia, a customer experience management platform that’s nearly two decades old, may finally become a public company in 2019. The San Mateo-based company, which has been rumored to be planning an IPO for several years, hired a new CEO this year and reported $250 million in GAAP revenue for the year ending Jan. 31, 2018, according to Forbes. Medallia hasn’t raised capital since 2015, when it secured a $150 million funding deal at a $1.2 billion valuation. It has raised a total of just over $250 million.

Select investor: Sequoia

Powered by WPeMatico

Rubrik acquires Datos IO to expand into NoSQL database management support

 Rubrik, the enterprise startup that provides data backup and recovery services across cloud and on-premise environments, is putting some of the funding that it raised last year at a $1.3 billion valuation to use. Rubrik has acquired NoSQL data backup specialist Datos IO, the company announced today, in what appears to be Rubrik’s first acquisition. The financial terms of the deal are… Read More

Powered by WPeMatico

Data management startup Rubrik confirms $180M round at a $1.3B valuation

Data flying over group of laptops to illustrate data integration/sharing. Rubrik, a startup that provides data backup and recovery services for enterprises across both cloud and on-premises environments, has closed a $180 million round of funding that values the company at $1.3 billion. The news confirms a report we ran earlier this week noting that the company was raising between $150 million and $200 million. Read More

Powered by WPeMatico

Backup service Rubrik now works natively in AWS and Azure

Data flying over group of laptops to illustrate data integration/sharing. Rubrik, the startup that provides data management services like backup and recovery to large enterprises, is in the process of raising between $150 million and $200 million on a valuation of $1 billion, as we reported yesterday. And as a measure of how it’s growing, today it’s announcing an expansion of its product set, specifically in cloud services.
Now Rubrik — which… Read More

Powered by WPeMatico

Data management startup Rubrik is raising up to $200M on a $1B valuation

 Make way for another juggernaut amongst enterprise startups: Rubrik, a data backup company that only emerged from stealth in 2015, is in the process of raising between $150 million and $200 million on a valuation of $1 billion as the company enters a period of strong demand for its storage and data management products, according to sources. TechCrunch first learned of the new fundraise via… Read More

Powered by WPeMatico

Rubrik snares $61 million Series C led by Khosla Ventures

Business man sitting on cloud with laptop in hand. In a year where money is harder to come by, especially from conventional venture capital sources, Rubrik is a notable exception, announcing a $61 million Series C round from several brand-named Silicon Valley venture firms. The round was led by Khosla Ventures with participation from existing investors Lightspeed Venture Partners and Greylock Partners, and unnamed angel investors coming… Read More

Powered by WPeMatico