software vendors

Auto Added by WPeMatico

Secureframe raises $4.5M to help businesses speed up their compliance audits

While certifications for security management practices like SOC 2 and ISO 27001 have been around for a while, the number of companies that now request that their software vendors go through (and pass) the audits to be in compliance with these continues to increase. For a lot of companies, that’s a harrowing process, so it’s maybe no surprise that we are also seeing an increase in startups that aim to make this process easier. Earlier this month, Strike Graph, which helps automate security audits, announced its $3.9 million round, and today, Secureframe, which also helps businesses get and maintain their SOC 2 and ISO 27001 certifications, is announcing a $4.5 million round.

Secureframe’s round was co-led by Base10 Partners and Google’s AI-focused Gradient Ventures fund. BoxGroup, Village Global, Soma Capital, Liquid2, Chapter One, Worklife Ventures and Backend Capital participated. Current customers include Stream, Hasura and Benepass.

Image Credits: Secureframe

Shrav Mehta, the company’s co-founder and CEO, spent time at a number of different companies, but he tells me the idea for Secureframe was mostly born during his time at direct-mail service Lob.

“When I was at Lob, we dealt with a lot of issues around security and compliance because we were sometimes dealing with very sensitive data, and we’d hop on calls with customers, had to complete thousand-line security questionnaires, do exhaustive security reviews, and this was a lot for a startup of our size at the time. But it’s just what our customers needed. So I started to see that pain,” Mehta said.

Secureframe co-founder and CEO Shrav Mehta

Secureframe co-founder and CEO Shrav Mehta

After stints at Pilot and Scale AI after he left Lob in 2017 — and informally helping other companies manage the certification process — he co-founded Secureframe together with the company’s CTO, Natasja Nielsen.

“Because Secureframe is basically adding a lot of automation with our software — and making the process so much simpler and easier — we’re able to bring the cost down to a point where this is something that a lot more companies can afford,” Mehta explained. “This is something that everyone can get in place from day one, and not really have to worry that, ‘hey, this is going to take all of our time, it’s going to take a year, it’s going to cost a lot of money.’ […] We’re trying to solve that problem to make it super easy for every organization to be secure from day one.”

The main idea here is to make the arcane certification process more transparent and streamline the process by automating many of the more labor-intensive tasks of getting ready for an audit (and it’s virtually always the pre-audit process that takes up most of the time). Secureframe does so by integrating with the most-often used cloud and SaaS tools (it currently connects to about 25 services) and pulling in data from them to check up on your security posture.

“It feels a lot like a QuickBooks or TurboTax-like experience, where we’ll essentially ask you to enter basic details about your business. We try to autofill as much of it as possible from third-party sources — then we ask you to connect up all the integrations your business uses,” Mehta explained.

The company plans to use much of the new funding to staff up and build out these integrations. Over time, it will also add support for other certifications like PCI, HITRUST and HIPAA.

Powered by WPeMatico

The race to building a fully functional quantum stack

David Cowan
Contributor

David Cowan is a partner at Bessemer Venture Partners and one of the world’s leading investors across cloud infrastructure, cybersecurity, consumer and space technology.

Tomer Diari
Contributor

Tomer Diari is a vice president at Bessemer Venture Partners, where he focuses primarily on cybersecurity, big data and deep tech opportunities.

Quantum computers exploit the seemingly bizarre yet proven nature of the universe that until a particle interacts with another, its position, speed, color, spin and other quantum properties coexist simultaneously as a probability distribution over all possibilities in a state known as superposition. Quantum computers use isolated particles as their most basic building blocks, relying on any one of these quantum properties to represent the state of a quantum bit (or “qubit”). So while classical computer bits always exist in a mutually exclusive state of either 0 (low energy) or 1 (high energy), qubits in superposition coexist simultaneously in both states as 0 and 1.

Things get interesting at a larger scale, as QC systems are capable of isolating a group of entangled particles, which all share a single state of superposition. While a single qubit coexists in two states, a set of eight entangled qubits (or “8Q”), for example, simultaneously occupies all 2^8 (or 256) possible states, effectively processing all these states in parallel. It would take 57Q (representing 2^57 parallel states) for a QC to outperform even the world’s strongest classical supercomputer. A 64Q computer would surpass it by 100x (clearly achieving quantum advantage) and a 128Q computer would surpass it a quintillion times.

In the race to develop these computers, nature has inserted two major speed bumps. First, isolated quantum particles are highly unstable, and so quantum circuits must execute within extremely short periods of coherence. Second, measuring the output energy level of subatomic qubits requires extreme levels of accuracy that tiny deviations commonly thwart. Informed by university research, leading QC companies like IBM, Google, Honeywell and Rigetti develop quantum engineering and error-correction methods to overcome these challenges as they scale the number of qubits they can process.

Following the challenge to create working hardware, software must be developed to harvest the benefits of parallelism even though we cannot see what is happening inside a quantum circuit without losing superposition. When we measure the output value of a quantum circuit’s entangled qubits, the superposition collapses into just one of the many possible outcomes. Sometimes, though, the output yields clues that qubits weirdly interfered with themselves (that is, with their probabilistic counterparts) inside the circuit.

QC scientists at UC Berkeley, University of Toronto, University of Waterloo, UT Sydney and elsewhere are now developing a fundamentally new class of algorithms that detect the absence or presence of interference patterns in QC output to cleverly glean information about what happened inside.

The QC stack

A fully functional QC must, therefore, incorporate several layers of a novel technology stack, incorporating both hardware and software components. At the top of the stack sits the application software for solving problems in chemistry, logistics, etc. The application typically makes API calls to a software layer beneath it (loosely referred to as a “compiler”) that translates function calls into circuits to implement them. Beneath the compiler sits a classical computer that feeds circuit changes and inputs to the Quantum Processing Unit (QPU) beneath it. The QPU typically has an error-correction layer, an analog processing unit to transmit analog inputs to the quantum circuit and measure its analog outputs, and the quantum processor itself, which houses the isolated, entangled particles.

Powered by WPeMatico

Microsoft is giving ISVs new incentives to deploy on Azure

 As part of its Build developer conference, Microsoft is launching a new program for independent software vendors (ISVs) today that aims to make its Azure platform more attractive to them: If they deploy their applications on Azure and make them available on its AppSource marketplace, Microsoft will allow its users to access them from tools like PowerApps and its IFTTT competitor Flow… Read More

Powered by WPeMatico