Security
Auto Added by WPeMatico
Auto Added by WPeMatico
As a parent of teenagers, I’m used to having tough, sometimes even awkward, conversations about topics that are complex but important. Most parents will likely agree with me when I say those types of conversations never get easier, but over time, you tend to develop a roadmap of how to approach the subject, how to make sure you’re being clear and how to answer hard questions.
And like many parents, I quickly learned that my children have just as much to teach me as I can teach them. I’ve learned that tough conversations build trust.
I’ve applied this lesson about trust-building conversations to an extremely important aspect of my role as the chief legal officer at Foursquare: Conducting “The Privacy Talk.”
The discussion should convey an understanding of how the legislative and regulatory environment are going to affect product offerings, including what’s being done to get ahead of that change.
It’s the conversation that goes beyond the written, publicly posted privacy policy and dives deep into a customer, vendor, supplier or partner’s approach to ethics. This conversation seeks to convey and align the expectations that two companies must have at the beginning of a new engagement.
RFIs may ask a lot of questions about privacy compliance, information security and data ethics. But it’s no match for asking your prospective partner to hop on a Zoom to walk you through their broader approach. Unless you hear it firsthand, it can be hard to discern whether a partner is thinking strategically about privacy, if they are truly committed to data ethics and how compliance is woven into their organization’s culture.
Powered by WPeMatico
Snyk, the Boston-based late-stage startup that is trying to help developers deliver more secure code, announced another mega-round today. This one was for $530 million, with $300 million in new money and $230 million in secondary funding, the latter of which is to help employees and early investors cash in some of their stock options.
The long list of investors includes an interesting mix of public investors, VC firms and strategics. Sands Capital Ventures and Tiger Global led the round, with participation from new investors Baillie Gifford, Koch Industries, Lone Pine Capital, T. Rowe Price and Whale Rock Capital Management. Existing investors also came along for the ride, including Accel, Addition, Alkeon, Atlassian Ventures, BlackRock, Boldstart Ventures, Canaan Partners, Coatue, Franklin Templeton, Geodesic Capital, Salesforce Ventures and Temasek.
This round brings the total raised in funding to $775 million, excluding secondary rounds, according to the company. With secondary rounds, it’s up to $1.3 billion, according to Crunchbase data. The company has been raising funds at a rapid clip (note that the last three rounds include the Snyk money plus secondary rounds):

While the company wouldn’t share specific revenue figures, it did say that ARR has grown 158% YoY; given the confidence of this list of investors and the valuation, it would suggest the company is making decent money.
Snyk CEO Peter McKay says that the additional money gives him flexibility to make some acquisitions if the right opportunity comes along, what companies often refer to as “inorganic” growth. “We do believe that a portion of this money will be for inorganic expansion. We’ve made three acquisitions at this point and all three have been very, very successful for us. So it’s definitely a muscle that we’ve been developing,” McKay told me.
The company started this year with 400 people and McKay says they expect to double that number by the end of this year. He says that when it comes to diversity, the work is never really done, but it’s something he is working hard at.
“We’ve been able to build a lot of good programs around the world to increase that diversity and our culture has always been inclusive by nature because we’re highly distributed.” He added, “I’m not by any means saying we’re even remotely close to where we want to be. So I want to make that clear. There’s a lot we still have to do,” he said.
McKay says that today’s investment gives him added flexibility to decide when to take the company public because whenever that happens it won’t have to be because they need another fundraising event. “This raise has allowed us to set up with strong, highly reputable public investors, and it gives us the financial resources to pick the timing. We are in control of when we do it and we will do it when it’s right,” he said.
Powered by WPeMatico
As companies try to navigate an ever-changing security landscape, it can be challenging to protect everything. Security startup TrueFort has built a zero trust solution focusing on protecting enterprise applications. Today, the company announced a $30 million Series B.
Shasta Ventures led today’s round with participation from new firms Canaan and Ericsson Ventures along with existing investors Evolution Equity Partners, Lytical Ventures and Emerald Development Managers. Under the terms of the agreement Nitin Chopra, managing director at Shasta Ventures, will be joining the company board. Today’s investment brings the total raised to almost $48 million.
CEO and co-founder Sameer Malhotra says that TrueFort protects customers by analyzing at each application and figuring out what normal behavior looks like. Once it understands that, it will flag anything that falls outside of the norm. The company achieves this by gathering data from partners like CrowdStrike and from multiple points within the application and infrastructure.
“Once we get this telemetry, whether it’s networks, endpoints, servers or third-party partners, we then help the customer build a picture of what those applications are doing and what’s normal behavior. We then help them baseline that, and monitor that in real time with response and real-time controls to continue those applications through their normal life cycle,” he said.
Zero trust is a concept where as a matter of policy you assume that you cannot trust any individual or device until the entity proves it belongs on your systems. Malhotra says that customers are becoming more comfortable with the concept and in 2020 the company saw massive 650% YoY revenue growth, with it up 120% YoY this year so far.
“We are seeing the demand, especially as zero trust is becoming a more familiar vernacular amongst the security community […]. Again, it’s having the visibility and understanding, and then being able to then reduce it to the limited number of acceptable relationships or executions,” he said. And he believes that it all comes down to understanding your applications and how they operate.
TrueFort co-founders Nazario Parsacala and Sameer Malhotra. Image Credits: TrueFort
The company currently has 60 employees, with hopes of reaching 85 or 90 by the end of the year. Malhotra says that as they build the employee base, they are driving to make it diverse at every level.
“We look at diversity across our whole management team, all the way from the board down to our different levels. We are quite aggressive in hiring diverse candidates, whether they’re women or LGBTQ or people of color. And we have focused programs where we work with different universities […] to bring on new employees from a diverse talent pool. We also work with different recruiters from that perspective, and our focus is always to look at a different palette and to make sure that we’re as diverse an organization as we can,” he said.
The company was founded in 2015 by Malhotra and his partner Nazario Parsacala, both of whom spent more than 20 years working at big financial services companies — Goldman Sachs and JP Morgan. They worked for a couple of years building the program, launching the first beta in 2017 before bringing the first generally available product to market the following year.
Currently customers can install the solution on prem or in the cloud of their choice, but the company has a SaaS solution in the works as well, that will be ready in the next couple of months.
Powered by WPeMatico
Linux is set for a big release this Sunday August 29, setting the stage for enterprise and cloud applications for months to come. The 5.14 kernel update will include security and performance improvements.
A particular area of interest for both enterprise and cloud users is always security and to that end, Linux 5.14 will help with several new capabilities. Mike McGrath, vice president, Linux Engineering at Red Hat told TechCrunch that the kernel update includes a feature known as core scheduling, which is intended to help mitigate processor-level vulnerabilities like Spectre and Meltdown, which first surfaced in 2018. One of the ways that Linux users have had to mitigate those vulnerabilities is by disabling hyper-threading on CPUs and therefore taking a performance hit.
“More specifically, the feature helps to split trusted and untrusted tasks so that they don’t share a core, limiting the overall threat surface while keeping cloud-scale performance relatively unchanged,” McGrath explained.
Another area of security innovation in Linux 5.14 is a feature that has been in development for over a year and a half that will help to protect system memory in a better way than before. Attacks against Linux and other operating systems often target memory as a primary attack surface to exploit. With the new kernel, there is a capability known as memfd_secret () that will enable an application running on a Linux system to create a memory range that is inaccessible to anyone else, including the kernel.
“This means cryptographic keys, sensitive data and other secrets can be stored there to limit exposure to other users or system activities,” McGrath said.
At the heart of the open source Linux operating system that powers much of the cloud and enterprise application delivery is what is known as the Linux kernel. The kernel is the component that provides the core functionality for system operations.
The Linux 5.14 kernel release has gone through seven release candidates over the last two months and benefits from the contributions of 1,650 different developers. Those that contribute to Linux kernel development include individual contributors, as well as large vendors like Intel, AMD, IBM, Oracle and Samsung. One of the largest contributors to any given Linux kernel release is IBM’s Red Hat business unit. IBM acquired Red Hat for $34 billion in a deal that closed in 2019.
“As with pretty much every kernel release, we see some very innovative capabilities in 5.14,” McGrath said.
While Linux 5.14 will be out soon, it often takes time until it is adopted inside of enterprise releases. McGrath said that Linux 5.14 will first appear in Red Hat’s Fedora community Linux distribution and will be a part of the future Red Hat Enterprise Linux 9 release. Gerald Pfeifer, CTO for enterprise Linux vendor SUSE, told TechCrunch that his company’s openSUSE Tumbleweed community release will likely include the Linux 5.14 kernel within “days” of the official release. On the enterprise side, he noted that SUSE Linux Enterprise 15 SP4, due next spring, is scheduled to come with the 5.14 kernel.
The new Linux update follows a major milestone for the open source operating system, as it was 30 years ago this past Wednesday that creator Linus Torvalds (pictured above) first publicly announced the effort. Over that time Linux has gone from being a hobbyist effort to powering the infrastructure of the internet.
McGrath commented that Linux is already the backbone for the modern cloud and Red Hat is also excited about how Linux will be the backbone for edge computing — not just within telecommunications, but broadly across all industries, from manufacturing and healthcare to entertainment and service providers, in the years to come.
The longevity and continued importance of Linux for the next 30 years is assured in Pfeifer’s view. He noted that over the decades Linux and open source have opened up unprecedented potential for innovation, coupled with openness and independence.
“Will Linux, the kernel, still be the leader in 30 years? I don’t know. Will it be relevant? Absolutely,” he said. “Many of the approaches we have created and developed will still be pillars of technological progress 30 years from now. Of that I am certain.”
Powered by WPeMatico
ForgeRock filed its form S-1 with the Securities and Exchange Commission (SEC) this morning as the identity management provider takes the next step toward its IPO.
The company did not provide initial pricing for its shares, which will trade on the New York Stock Exchange under the symbol FORG. The IPO is being led by Morgan Stanley and J.P. Morgan Chase & Co., with the company being valued as high as $4 billion, according to Bloomberg, which is a significant uplift over the $730 million post-money value that PitchBook had for the company after its last round in 2020.
With the ever-increasing volume of cybersecurity attacks against organizations of all sizes, the need to secure and manage user identities is of growing importance. Based in San Francisco, ForgeRock has raised $233 million in funding across multiple rounds. The company’s last round was a $93.5 million Series E announced in April 2020, which was led by Riverwood Capital alongside Accenture Ventures. At that time, CEO Fran Rosch told TechCrunch that the round would be the last before an IPO, which was also what former CEO Mike Ellis told us after the startup’s $88 million Series D in September 2017.
While the timing of its IPO might have been unclear over the last few years, the company has been on a positive trajectory for growth. In its S-1, ForgeRock reported that as of June 30, its annual recurring revenue (ARR) was $155 million, representing 30% year-over-year growth.
While revenue is growing, losses are narrowing as the company reported a $20 million net loss down from $36 million a year ago. There certainly is a whole lot of room to grow, as the company estimates that the total global addressable market for identity services to be worth $71 billion.
Among the many competitors that ForgeRock faces is Okta, which went public in 2017 and has been growing in the years since. In March, Okta acquired cloud identity startup Auth0 for $6.5 billion in a deal that raised a few eyebrows. Another competitor is Ping Identity, which went public in 2019 and is also growing, reporting on August 4 that its ARR hit $279.6 million in its quarter ended June 30, for a 19% year-over-year gain. There have also been a few big exits in the space over the years, including Duo Security, which was acquired by Cisco for $2.35 billion in 2018.
“ForgeRock has a good access management tool and they continue to be a strong player in customer identity and access management (CIAM),” commented Michael Kelley, senior research director at Gartner.
Kelley noted that in 2020, ForgeRock converted most of its core access management services to a SaaS delivery model, which helped the company catch up with the rest of the market that already offered access management as SaaS. Also last year the company expanded into identity governance, introducing a brand new identity, governance and administration (IGA) product.
“I think one of the more interesting products that ForgeRock offers is ForgeRock Trees, which is a no-code/low-code orchestration tool for building complex authentication and authorization journeys for customers, which is particularly helpful in the CIAM market,” Kelly added.
ForgeRock was founded in 2010, but its roots go back even further to an open-source single sign-on project known as OpenSSO that was created by Sun Microsystems in 2005. When Oracle acquired Sun Microsystems in early 2010, a number of its open-source efforts were left to languish, which is what led a number of former Sun employees to start ForgeRock.
Over the last decade, ForgeRock has expanded significantly beyond just providing a single sign-on to providing an identity platform that can handle consumer, enterprise and IoT use-cases. The company’s platform today handles identity and access management as well as identity governance.
The ability to scale is a key selling point that ForgeRock makes in the S-1, noting that its platform can handle over 60,000 user-based access transactions per second per customer.
“As of June 30, 2021, we had four customers with 100 million or more licensed identities, the company stated in the S-1. “Our ability to serve mission-critical needs in complex environments for large customers enables us to grow our base of large customers and expand within each of them. “
Powered by WPeMatico
Less than a year after raising its $6 million seed funding round, Tel Aviv and Sunnyvale-based startup build.security is being acquired by Elastic. Financial terms of the deal are not being publicly disclosed at this time. The deal is expected to close in Elastic’s Q2 FY22, ending October 31, 2021.
In an email to TechCrunch, Ash Kulkarni, chief product officer at Elastic, said that once the acquisition closes, the build.security technical team will continue as a unit in the Elastic Security organization. Kulkarni added that the acquisition will also become the foundation for a growing Elastic presence in Israel, with Amit Kanfer, co-founder and CEO of build.security, set to become the site lead for the region.
Build.security is focused on security policy management for applications. A core element of the company’s technology approach is the Open Policy Agent (OPA) open-source project, which is part of the Cloud Native Computing Foundation (CNCF), which is also home to Kubernetes. OPA was originally started by startup Styra, which itself has raised $40 million in funding to help build out policy management and authorization technology. Part of OPA is the Rego query language, which is used to structure security and authorization configuration policies.
“We see policy as a fundamental cornerstone of security,” Kulkarni said. “OPA and Rego provide an open, standards-based way to define, manage and enforce policies everywhere.”
Kulkarni noted that security policy technology is complementary to Elastic’s efforts in security and observability. He added that Elastic sees potential for using OPA and the technology that build.security has built on top of OPA to power deployment time, and in the future, build-time security for cloud-native environments.
YL Venture partner John Brennan, who helped to lead the seed round of build.security, sees the acquisition as being a good fit for both companies, as they are both creating solutions for developers that are based on open-source technologies.
“This move by a market leader like Elastic validates the need for transformation in the authorization space,” Brennan said. “This partnership will accelerate build.security’s shift-left vision of efficiently embedding access protection from the start, rather than trying to bolt it on after the fact or, worse, ignoring it completely.”
Elastic is known for its Elastic Stack, which provides Elasticsearch search capability, Logstash log monitoring and Kibana data visualization. In recent years the company has expanded into the security space, acquiring Endgame Security in 2019 for $234 million. On August 3, Elastic announced its Limitless XDR capabilities, which brings together endpoint security with security information and event management (SIEM).
With its new acquisition, Kulkarni said the goal is to go even deeper into security moving toward cloud security enforcement. He explained that after the acquisition closes and as the technology is integrated, users will be able to leverage the Elastic Stack to visualize and manage compliance policies and policy decisions at scale. An initial use-case for the build.security technology will be developing a Kubernetes security and compliance product based on OPA.
Powered by WPeMatico
If you’re a founder who finds yourself in a meeting with a VC, try to remember two things:
Even so, many entrepreneurs squander this opportunity, often because they direct questions or fail to understand their BATNA (best alternative to a negotiated agreement).
“As the venture landscape becomes more a meritocratic environment where resumes and institutional affiliations matter less, these strategies can make the difference between a successful fundraise and a fruitless meeting,” says Agya Ventures co-founder Kunal Lunawat.
Whether you’re already in the fundraising process or plan to be in the future, be sure to read “A crash course on corporate development” that Venrock VP Todd Graham shared with us this week.
“If you’re going to get acquired, chances are you’re going to spend a lot of time with corporate development teams,” says Graham. “With a hot stock market, mountains of cash and cheap debt floating around, the environment for acquisitions is extremely rich.”
Full Extra Crunch articles are only available to members.
Use discount code ECFriday to save 20% off a one- or two-year subscription.

On Wednesday, August 24 at 3 p.m. PDT/6 p.m. EDT/11 p.m GMT, Managing Editor Danny Crichton will host a conversation on Twitter Spaces with Eric Dean Wilson, author of “After Cooling: On Freon, Global Warming, and the Terrible Cost of Comfort.”
Wilson’s book explores the history of freon, a common refrigerant that was later banned due to its devastating impact on the ozone layer. After their discussion, they’ll take questions from the audience.
Thanks very much for reading Extra Crunch this week! I hope you have an excellent weekend.
Walter Thompson
Senior Editor, TechCrunch
@yourprotagonist
Image Credits: Carol Yepes (opens in a new window) / Getty Images
Apple iPhone, Apple Mail and Apple iPad account for nearly half of all email opens, but the privacy features included with iOS 15 will allow consumers to block marketers from seeing their physical location, IP address and tracking data like invisible pixels.
Email marketers rely heavily on these and other metrics, which means they should prepare now for the changes to come, advises Litmus CMO Melissa Sargeant.
In a detailed post, she shares several action items that will help marketing teams leverage their email analytics so they can “continue delivering personalized experiences consumers crave.”
Image Credits: Cimmerian (opens in a new window) / Getty Images
Venrock Vice President Todd Graham has some frank advice for founders at venture-backed startups: “It would be wise to generate a return at some point.”
With that in mind, he authored a primer on corporate development that lays out the three most common categories of acquisitions, tips for dealing with bankers, and explains why striking a partnership with a big company isn’t always the best way forward.
Regardless of the path you choose, “you need to take the meeting,” advises Graham.
“In the worst-case scenario, you’ll get a few new LinkedIn connections and you’re now a known quantity. The best-case scenario will be a second meeting.”
Image Credits: Nigel Sussman (opens in a new window)
The pandemic failed to slow the momentum of venture capitalists pouring money into startups, but Chicago stands out as an “outlying benefactor of accelerating venture capital activity and the rise of remote investing,” Alex Wilhelm and Anna Heim write for The Exchange.
When the world shut down and it didn’t matter if you were in NYC or SF (because everyone was on Zoom), the Windy City was ready to present itself as the venture champion of the Midwest.
Image Credits: Priscila Zambotto (opens in a new window) / Getty Images
The Brazilian Central Bank made a major reform to the way payments are processed that may throw the doors open for e-commerce in South America’s largest market.
Historically, merchants who accepted credit card payments had two options: Receive the full payment distributed over two to 12 installments, or offer a deep discount to receive a smaller sum up front.
But in June 2021, the BCB created new “registration entities” that permit “any interested receivables buyer/acquirer to make an offer for those receivables, forcing buyers to become more competitive in their discount offers,” says Leonardo Lanna, head of payment products at Monkey Exchange.
The new framework benefits consumers and sellers, but for the region’s startups, “it opens the door to a plethora of opportunities and new business models, from payments to credit.”
Image Credits: Nigel Sussman (opens in a new window)
An inflow of VC dollars, notable acquisitions and rising unicorn counts are all features of the Brazilian tech startup market, Anna Heim and Alex Wilhelm note in The Exchange.
“The IPO market in Brazil is changing,” they write. “TechCrunch noted last year that in the decade leading up to 2020, just two of the 56 IPOs in Brazil were technology companies. More recently, the number of technology companies listed in the country has swelled to at least 16, up from just four in 2019.”
Image Credits: Andriy Onufriyenko / Getty Images
“For good reason, security certifications like the SOC 3 really put you through the wringer,” Waydev CEO Alex Cercei writes in a guest column.
Waydev, a Git analytics tool that helps engineering leaders measure team performance automatically, just attained the SOC 3 certification.
“We learned so much from the process, we felt it was right to share our experience with others that might be daunted by the prospect,” Cercei writes.
“So here’s our advice on how teams can smoothly reach an SOC 3 while simultaneously balancing workloads and minimizing disruption to users.”
Image Credits: Bryce Durbin/TechCrunch
Dear Sophie,
I’m on an H-1B living and working in the U.S. I want to apply for a green card on my own. I’m concerned about only relying on my current employer and I want to be able to easily change jobs or create a startup. I’ve been looking at the EB-1A and EB-2 NIW.
I’m not sure if I would qualify for an EB-1A, but since I was born in India, I face a much longer wait for an EB-2 NIW.
Any tips on how to proceed?
— Inventive from India
Image Credits: Cordelia Molloy Science Photo Library (opens in a new window) / Getty Images
Most startups could use an advisory board, but in health tech, it’s a core requirement.
Founders seeking to innovate in this area have a unique need for mentors who have experience navigating regulations, raising capital and managing R&D, to name just a few areas.
Based on his own experience, Patrick Frank, co-founder and COO of PatientPartner, shared some very specific ideas about who to recruit, where to find them and how to fit them into your cap table.
“You want to leverage these individuals so you are able to focus on the full view of the company to ensure it is something that both the market and investors want at scale,” says Frank.
Image Credits: Nigel Sussman (opens in a new window)
There’s no shortage of tech news to analyze, Alex Wilhelm notes, but this week, he took a fresh look at crypto.
How come?
“Because there are some rather bullish trends that indicate the world of blockchain is maturing and creating a raft of winning players,” he writes.
Image Credits: kentoh (opens in a new window) / Getty Images (Image has been modified)
In one recent survey, 58% of workers said they plan to quit if they’re not allowed to work remotely.
Startups that don’t offer employees work-from-home flexibility are at a competitive disadvantage, but figuring out how to pay hybrid workers raises a complex set of questions:
Powered by WPeMatico
In 2010, Google’s autonomous vehicle project placed self-driving cars on Bay Area streets and freeways, but practical applications were thought to be at least a decade away.
The futurists were right on schedule: In 2020, Mountain View-based Nuro was testing its second-generation R2 robotic vehicle, the first to earn a federal exemption to operate an autonomous vehicle.
But before Nuro could even consider reaching product-market fit, its founders had to overcome technological challenges, win over regulators and strike partnerships with a range of consumer-facing companies.
“Neither JZ nor I think of ourselves as classic entrepreneurs or that starting a company is something we had to do in our lives,” says co-founder Dave Ferguson. “It was much more the result of soul searching and trying to figure out what is the biggest possible impact that we could have.”
Full Extra Crunch articles are only available to members.
Use discount code ECFriday to save 20% off a one- or two-year subscription.
Across four articles, reporter Mark Harris (The Guardian, Wired, MIT Technology Review) explores Nuro’s origins and operations, including the founders’ decision to focus on creating autonomous delivery vehicles instead of entering the passenger EV market.
I’ve lived inside the San Francisco Bay Area bubble for most of my adult life, so it’s interesting to see how people in Houston’s Woodland Heights neighborhood react to seeing Nuro’s R2 delivering pizza and prescriptions on a limited basis.
As one Redditor recently posted in r/houston: “With these self-driving cars, it’s only a matter of time before a country song is written about a guy’s truck leaving him.”
Part 1: How Google’s self-driving car project accidentally spawned its robotic delivery rival
Part 2: Why regulators love Nuro’s self-driving delivery vehicles
Part 3: How Nuro became the robotic face of Domino’s
Part 4: Here’s what the inevitable friendly neighborhood robot invasion looks like
Thanks very much for reading Extra Crunch!
Walter Thompson
Senior Editor, TechCrunch
@yourprotagonist
Image Credits: Peter Dazeley (opens in a new window) / Getty Images
Why bother to beat the competition when you can buy them outright?
“It used to be that if you were a fintech startup or, for lack of a better term, a digitally native financial services business, you might be eyeing an acquisition from an incumbent in the industry,” Ryan Lawler writes.
“But lately, fintech upstarts are the ones doing the acquiring.”
Image Credits: Jasmin Merdan (opens in a new window) / Getty Images
“With audiences spread out over so many platforms, reaching cult status requires some level of hacking,” Jenny Wang, a principal investor at Neo, writes in a guest column.
Covering everything from collecting user-generated content to launching splashy guerrilla marketing strategies that can take advantage of someone else’s events, she shares several growth tactics for startups, plus the metrics required to track their success.
Image Credits: ppengcreative / Getty Images
Salesforce announced last week that it plans to launch a video streaming service.
The industry analysts who enterprise reporter Ron Miller interviewed said the initiative has tremendous potential, but one noted that Salesforce will have to dig deep to compete in today’s crowded media landscape.
Salesforce hasn’t released details on the type of programming it plans to offer, but given its vast and diverse customer base, its options are many. Said Brent Leary of CRM Essentials:
“A customer could sponsor a show, advertise a show or possibly collaborate on a show. And have leads generated from the show [which could be] directly tied to the activity from those options and track ROI. And it’s all done on one platform. And the content lives on with ads living on with them.”
Image Credits: Ann Schwede (opens in a new window) / Getty Images
Karl Laughton, president and COO of Insightly, offers best practices for companies looking to make the move to a remote model.
“Employers are at a crucial crossroads when it comes to deciding where and how to let employers do their jobs,” he writes in a guest column. “There are those who will adopt the work-from-anywhere model and those who resist it.
“Those who resist it will likely struggle to keep employees.”
Image Credits: Getty Images under a Olivier Le Moal (opens in a new window) license.
YL Ventures’ Yoav Leitersdorf and Michael Cortez lay out a roadmap for founders of early-stage cybersecurity companies that are heading toward unicorn status.
“The early days of any young startup decide how successful it can be, which is why we’ve developed a focused, value-add program to support cybersecurity founders during this most critical stage and maximize their potential in building market-leading companies,” they write in a guest column.
“It’s never too early to think big, and, with the right support, launch the next industry titan.”
Image Credits: Nigel Sussman (opens in a new window)
Alex Wilhelm considers last week’s funding news from Carta, Chime and Discord and noodles on what the recent rounds mean for startups.
“Understanding why investors are so willing to buy minute stakes in dozens of private companies worth billions of dollars is key to grokking the crush of investment we see among younger technology startups.”
Powered by WPeMatico
If you’re a tech company offering anyone a service, somewhere in your future is a security assessment giving you the seal of approval to manage clients’ data and operate on your devices. No one takes security lightly anymore. The business costs of cyberattacks have now hit an all-time high. Government bodies, companies and consumers need the assurance that the next software they download isn’t going to be an open door for hackers.
For good reason, security certifications like the SOC 3 really put you through the wringer. My company, Waydev, has just attained the SOC 3 certification, becoming one of the first development analytics tools to receive that accreditation. We learned so much from the process, we felt it was right to share our experience with others that might be daunted by the prospect.
As a non-tech founder, it was hard not only to navigate the process, but to appreciate its value. But by putting our business caps on, our team was able to optimize our approach and minimize the time and effort needed to achieve our goal. In doing so, we were granted SOC 3 compliance in two weeks, as opposed to the two months it takes some companies.
We also turned the assessment into an opportunity to better our product, align our internal teams, boost our brand and even launch partnerships.
So here’s our advice on how teams can smoothly reach an SOC 3 while simultaneously balancing workloads and minimizing disruption to users.
Because we can’t expect employees to stack those hours on top of their regular workdays, as a leader you have to accept — and communicate — that the speed of your output will inevitably decrease.
As a founder, you’ll be acting as captain steering a ship into that SOC 3 port, and you’ll need all members of your crew to join forces. This isn’t a job for a specially designated security team alone and will require deep involvement from your development and other teams, too. That might lead to internal resistance, as they still have a full-time job tending to your product and customers.
That’s why it’s so important to start by being crystal clear with your employees about what this process will mean to their work lives. However, they have to embrace the true benefits that will arise. SOC 3 will immediately raise your brand’s appeal and likely see new customers come in as a result.
Each employee will also come out the other end with well-honed cybersecurity skills — they’ll have a deep understanding of potential cyber threats to the company, and all security initiatives will carry a far lighter burden. There’s also the sense of pride and fulfillment that comes with having an indisputable edge over your competitors.
Powered by WPeMatico
WhatsApp users will finally be able to move their entire chat history between mobile operating systems — something that’s been one of users’ biggest requests to date. The company today introduced a feature that will soon become available to users of both iOS and Android devices, allowing them to move their WhatsApp voice notes, photos and conversations securely between devices when they switch between mobile operating systems.
The company had been rumored to be working on such functionality for some time, but the details of which devices would be initially supported or when it would be released weren’t yet known.
In product leaks, WhatsApp had appeared to be working on an integration into Android’s built-in transfer app, the Google Data Transfer Tool, which lets users move their files from one Android device to another, or switch from iOS to Android.
The feature WhatsApp introduced today, however, works with Samsung devices and Samsung’s own transfer tool, known as Smart Switch. Today, Smart Switch helps users transfer contacts, photos, music, messages, notes, calendars and more to Samsung Galaxy devices. Now, it will transfer WhatsApp chat history, too.
WhatsApp showed off the new tool at Samsung’s Galaxy Unpacked event, and announced Samsung’s newest Galaxy foldable devices would get the feature first in the weeks to come. The feature will later roll out to Android more broadly. WhatsApp didn’t say when iOS users would gain access, but a spokesperson for WhatsApp told TechCrunch the team is working to bring the feature to users worldwide.
To use the feature, WhatsApp users will connect their old and new device via a USB-C to Lightning cable, and launch Smart Switch. The new phone will then prompt you to scan a QR code using your old phone and export your WhatsApp history. To complete the transfer, you’ll sign into WhatsApp on the new device and import the messages.
Building such a feature was non-trivial, the company also explained, as messages across its service are end-to-end encrypted by default and stored on users’ devices. That meant the creation of a tool to move chat history between operating systems required additional work from both WhatsApp as well as operating system and device manufacturers in order to build it in a secure way, the company said.
“Your WhatsApp messages belong to you. That’s why they are stored on your phone by default, and not accessible in the cloud like many other messaging services,” noted Sandeep Paruchuri, product manager at WhatsApp, in a statement about the launch. “We’re excited for the first time to make it easy for people to securely transfer their WhatsApp history from one operating system to another. This has been one of our most requested features from users for years and we worked together with operating systems and device manufacturers to solve it,” he added.
Powered by WPeMatico