version control

Auto Added by WPeMatico

Inside GitLab’s IPO filing

While the technology and business world worked towards the weekend, developer operations (DevOps) firm GitLab filed to go public. Before we get into our time off, we need to pause, digest the company’s S-1 filing, and come to some early conclusions.

GitLab competes with GitHub, which Microsoft purchased for $7.5 billion back in 2018.

The company is notable for its long-held, remote-first stance, and for being more public with its metrics than most unicorns — for some time, GitLab had a November 18, 2020 IPO target in its public plans, to pick an example. We also knew when it crossed the $100 million recurring revenue threshold.

Considering GitLab’s more recent results, a narrowing operating loss in the last two quarters is good news for the company.

The company’s IPO has therefore been long expected. In its last primary transaction, GitLab raised $286 million at a post-money valuation of $2.75 billion, per Pitchbook data. The same information source also notes that GitLab executed a secondary transaction earlier this year worth $195 million, which gave the company a $6 billion valuation.

Let’s parse GitLab’s growth rate, its final pre-IPO scale, its SaaS metrics, and then ask if we think it can surpass its most recent private-market price. Sound good? Let’s rock.

The GitLab S-1

GitLab intends to list on the Nasdaq under the symbol “GTLB.” Its IPO filing lists a placeholder $100 million raise estimate, though that figure will change when the company sets an initial price range for its shares. Its fiscal year ends January 31, meaning that its quarters are offset from traditional calendar periods by a single month.

Let’s start with the big numbers.

In its fiscal year ended January 2020, GitLab posted revenues of $81.2 million, gross profit of $71.9 million, an operating loss of $128.4 million, and a modestly greater net loss of $130.7 million.

And in the year ended January 31, 2021, GitLab’s revenue rose roughly 87% to $152.2 million from a year earlier. The company’s gross profit rose around 86% to $133.7 million, and operating loss widened nearly 67% to $213.9 million. Its net loss totaled $192.2 million.

This paints a picture of a SaaS company growing quickly at scale, with essentially flat gross margins (88%). Growth has not been inexpensive either — GitLab spent more on sales and marketing than it generated in gross profit in the past two fiscal years.

Powered by WPeMatico

Iterative raises $20M for its MLOps platform

Iterative, an open-source startup that is building an enterprise AI platform to help companies operationalize their models, today announced that it has raised a $20 million Series A round led by 468 Capital and Mesosphere co-founder Florian Leibert. Previous investors True Ventures and Afore Capital also participated in this round, which brings the company’s total funding to $25 million.

The core idea behind Iterative is to provide data scientists and data engineers with a platform that closely resembles a modern GitOps-driven development stack.

After spending time in academia, Iterative co-founder and CEO Dmitry Petrov joined Microsoft as a data scientist on the Bing team in 2013. He noted that the industry has changed quite a bit since then. While early on, the questions were about how to build machine learning models, today the problem is how to build predictable processes around machine learning, especially in large organizations with sizable teams. “How can we make the team productive, not the person? This is a new challenge for the entire industry,” he said.

Big companies (like Microsoft) were able to build their own proprietary tooling and processes to build their AI operations, Petrov noted, but that’s not an option for smaller companies.

Currently, Iterative’s stack consists of a couple of different components that sit on top of tools like GitLab and GitHub. These include DVC for running experiments and data and model versioning, CML, the company’s CI/CD platform for machine learning, and the company’s newest product, Studio, its SaaS platform for enabling collaboration between teams. Instead of reinventing the wheel, Iterative essentially provides data scientists who already use GitHub or GitLab to collaborate on their source code with a tool like DVC Studio that extends this to help them collaborate on data and metrics, too.

Image Credits: Iterative

“DVC Studio enables machine learning developers to run hundreds of experiments with full transparency, giving other developers in the organization the ability to collaborate fully in the process,” said Petrov. “The funding today will help us bring more innovative products and services into our ecosystem.”

Petrov stressed that he wants to build an ecosystem of tools, not a monolithic platform. When the company closed this current funding round about three months ago, Iterative had about 30 employees, many of whom were previously active in the open-source community around its projects. Today, that number is already closer to 60.

“Data, ML and AI are becoming an essential part of the industry and IT infrastructure,” said Leibert, general partner at 468 Capital. “Companies with great open-source adoption and bottom-up market strategy, like Iterative, are going to define the standards for AI tools and processes around building ML models.”

Powered by WPeMatico

Cycode raises $20M to secure DevOps pipelines

Israeli security startup Cycode, which specializes in helping enterprises secure their DevOps pipelines and prevent code tampering, today announced that it has raised a $20 million Series A funding round led by Insight Partners. Seed investor YL Ventures also participated in this round, which brings the total funding in the company to $24.6 million.

Cycode’s focus was squarely on securing source code in its early days, but thanks to the advent of infrastructure as code (IaC), policies as code and similar processes, it has expanded its scope. In this context, it’s worth noting that Cycode’s tools are language and use case agnostic. To its tools, code is code.

“This ‘everything as code’ notion creates an opportunity because the code repositories, they become a single source of truth of what the operation should look like and how everything should function, Cycode CTO and co-founder Ronen Slavin told me. “So if we look at that and we understand it — the next phase is to verify this is indeed what’s happening, and then whenever something deviates from it, it’s probably something that you should look at and investigate.”

Cycode Dashboard

Cycode Dashboard. Image Credits: Cycode

The company’s service already provides the tools for managing code governance, leak detection, secret detection and access management. Recently it added its features for securing code that defines a business’ infrastructure; looking ahead, the team plans to add features like drift detection, integrity monitoring and alert prioritization.

“Cycode is here to protect the entire CI/CD pipeline — the development infrastructure — from end to end, from code to cloud,” Cycode CEO and co-founder Lior Levy told me.

“If we look at the landscape today, we can say that existing solutions in the market are kind of siloed, just like the DevOps stages used to be,” Levy explained. “They don’t really see the bigger picture, they don’t look at the pipeline from a holistic perspective. Essentially, this is causing them to generate thousands of alerts, which amplifies the problem even further, because not only don’t you get a holistic view, but also the noise level that comes from those thousands of alerts causes a lot of valuable time to get wasted on chasing down some irrelevant issues.”

What Cycode wants to do then is to break down these silos and integrate the relevant data from across a company’s CI/CD infrastructure, starting with the source code itself, which ideally allows the company to anticipate issues early on in the software life cycle. To do so, Cycode can pull in data from services like GitHub, GitLab, Bitbucket and Jenkins (among others) and scan it for security issues. Later this year, the company plans to integrate data from third-party security tools like Snyk and Checkmarx as well.

“The problem of protecting CI/CD tools like GitHub, Jenkins and AWS is a gap for virtually every enterprise,” said Jon Rosenbaum, principal at Insight Partners, who will join Cycode’s board of directors. “Cycode secures CI/CD pipelines in an elegant, developer-centric manner. This positions the company to be a leader within the new breed of application security companies — those that are rapidly expanding the market with solutions which secure every release without sacrificing velocity.”

The company plans to use the new funding to accelerate its R&D efforts, and expand its sales and marketing teams. Levy and Slavin expect that the company will grow to about 65 employees this year, spread between the development team in Israel and its sales and marketing operations in the U.S.

Powered by WPeMatico

Render raises $4.5M for its DevOps platform

Render, the winner of our Disrupt SF 2019 Startup Battlefield, today announced that it has added another $4.5 million onto its existing seed funding round, bringing total investment into the company to $6.75 million.

The round was led by General Catalyst, with participation from previous investors South Park Commons Fund and a group of angels that includes Lee Fixel, Elad Gil and GitHub CTO (and former VP of Engineering at Heroku) Jason Warner.

The company, which describes itself as a “Zero DevOps alternative to AWS, Azure and Google Cloud,” originally raised a $2.25 million seed round in April 2019, but it got a lot of inbound interest after winning the Disrupt Battlefield. In the end, though, the team decided to simply raise more money from its existing investors.

Current Render users include Cypress.io, Mux, Bloomscape, Zelos, 99designs and Stripe.

“We spoke to a bunch of people after Disrupt, including Ashton Kutcher’s firm, because he was one of the judges,” Render co-founder and CEO Anurag Goel explained. “In the end, we decided that we would just raise more money from our existing investors because we like them and it helped us get a better deal from our existing investors. And they were all super interested in continuing to invest.”

What makes Render stand out is that it fulfills many of the promises of Heroku and maybe Google Cloud’s App Engine. You simply tell it what kind of service you are going to deploy and it handles the deployment and manages the infrastructure for you.

“Our customers are all people who are writing code. And they just want to deploy this code really easily without having to worry about servers, or maintenance, or depending on DevOps teams — or, in many cases, hiring DevOps teams,” Goel said. “DevOps engineers are extremely expensive to hire and extremely hard to find, especially good ones. Our goal is to eliminate all of that work that DevOps people do at every company, because it’s very similar at every company.”

Image Credits: Render

One new feature the company is launching today is preview environments. You can think of them as disposable staging or development environments that developers can spin up to test their code — and Render promises that the testing environment will look the same as your production environment (or you can specify changes, too). Developers can then test their updates collaboratively with QA or their product and sales teams in this environment.

Development teams on Render specify their infrastructure environments in a YAML file and turning on these new preview environments is as easy as setting a flag in that file.

Image Credits: Render

“Once they do that, then for every pull request — because we’re integrated with GitHub and GitLab — we automatically spin up a copy of that environment. That can include anything you have in production, or things like a Redis instance, or managed Postgres database, or Elasticsearch instance, or obviously APIs and web services and static sites,” Goel said. Every time you push a change to that branch or pull request, the environment is automatically updated, too. Once the pull request is closed or merged, Render destroys the environment automatically.

The company will use the new funding to grow its team and build out its service. The plan, Goel tells me, is to raise a larger Series A round next year.

Powered by WPeMatico

JupiterOne raises $19M Series A to automate cyber asset management

Asset management might not be the most exciting talking topic, but it’s often an overlooked area of cyber-defenses. By knowing exactly what assets your company has makes it easier to know where the security weak spots are.

That’s the problem JupiterOne is trying to fix.

“We built JupiterOne because we saw a gap in how organizations manage the security and compliance of their cyber assets day to day,” said Erkang Zheng, the company’s founder and chief executive.

The Morrisville, North Carolina-based startup, which spun out from healthcare cloud firm LifeOmic in 2018, helps companies see all of their digital and cloud assets by integrating with dozens of services and tools, including Amazon Web Services, Cloudflare and GitLab, and centralizing the results into a single monitoring tool.

JupiterOne says it makes it easier for companies to spot security issues and maintain compliance, with an aim of helping companies prevent security lapses and data breaches by catching issues early on.

The company already has Reddit, Databricks and Auth0 as customers, and just secured $19 million in its Series A, led by Bain Capital Ventures and with participation from Rain Capital and its parent company LifeOmic.

As part of the deal, Bain partner Enrique Salem will join JupiterOne’s board. “We see a large multi-billion-dollar market opportunity for this technology across mid-market and enterprise customers,” he said. Asset management is slated to be a $8.5 billion market by 2024.

Zheng told TechCrunch the company plans to use the funds to accelerate its engineering efforts and its go-to-market strategy, with new product features to come.

Powered by WPeMatico

Atlassian launches new DevOps features

Atlassian today launched a slew of DevOps-centric updates to a variety of its services, ranging from Bitbucket Cloud and Pipelines to Jira and others. While it’s quite a grab-bag of announcements, the overall idea behind them is to make it easier for teams to collaborate across functions as companies adopt DevOps as their development practice of choice.

“I’ve seen a lot of these tech companies go through their agile and DevOps transformations over the years,” Tiffany To, the head of agile and DevOps solutions at Atlassian told me. “Everyone wants the benefits of DevOps, but — we know it — it gets complicated when we mix these teams together, we add all these tools. As we’ve talked with a lot of our users, for them to succeed in DevOps, they actually need a lot more than just the toolset. They have to enable the teams. And so that’s what a lot of these features are focused on.”

As To stressed, the company also worked with several ecosystem partners, for example, to extend the automation features in Jira Software Cloud, which can now also be triggered by commits and pull requests in GitHub, GitLab and other code repositories that are integrated into Jira Software Cloud. “Now you get these really nice integrations for DevOps where we are enabling these developers to not spend time updating the issues,” To noted.

Indeed, a lot of the announcements focus on integrations with third-party tools. This, To said, is meant to allow Atlassian to meet developers where they are. If your code editor of choice is VS Code, for example, you can now try Atlassian’s now VS Code extension, which brings your task like from Jira Software Cloud to the editor, as well as a code review experience and CI/CD tracking from Bitbucket Pipelines.

Also new is the “Your Work” dashboard in Bitbucket Cloud, which can now show you all of your assigned Jira issues, as well as Code Insights in Bitbucket Cloud. Code Insights features integrations with Mabl for test automation, Sentry for monitoring and Snyk for finding security vulnerabilities. These integrations were built on top of an open API, so teams can build their own integrations, too.

“There’s a really important trend to shift left. How do we remove the bugs and the security issues earlier in that dev cycle, because it costs more to fix it later,” said To. “You need to move that whole detection process much earlier in the software lifecycle.”

Jira Service Desk Cloud is getting a new Risk Management Engine that can score the risk of changes and auto-approve low-risk ones, as well as a new change management view to streamline the approval process.

Finally, there is new Opsgenie and Bitbucket Cloud integration that centralizes alerts and promises to filter out the noise, as well as a nice incident investigation dashboard to help teams take a look at the last deployment that happened before the incident occurred.

“The reason why you need all these little features is that as you stitch together a very large number of tools […], there is just lots of these friction points,” said To. “And so there is this balance of, if you bought a single toolchain, all from one vendor, you would have fewer of these friction points, but then you don’t get to choose best of breed. Our mission is to enable you to pick the best tools because it’s not one-size-fits-all.”

Powered by WPeMatico

GitHub gets a built-in IDE with Codespaces, discussion forums and more

Under different circumstances, GitHub would be hosting its Satellite conference in Paris this week. Like so many other events, GitHub decided to switch Satellite to a virtual event, but that isn’t stopping the Microsoft-owned company from announcing quite a bit of news this week.

The highlight of GitHub’s announcement is surely the launch of GitHub Codespaces, which gives developers a full cloud-hosted development environment in the cloud, based on Microsoft’s VS Code editor. If that name sounds familiar, that’s likely because Microsoft itself rebranded Visual Studio Code Online to Visual Studio Codespaces a week ago — and GitHub is essentially taking the same concepts and technology and is now integrating it directly inside its service. If you’ve seen VS Online/Codespaces before, the GitHub environment will look very similar.

Contributing code to a community can be hard. Every repository has its own way of configuring a dev environment, which often requires dozens of steps before you can write any code,” writes Shanku Niyogi, GitHub’s SVP of Product, in today’s announcement. “Even worse, sometimes the environment of two projects you are working on conflict with one another. GitHub Codespaces gives you a fully-featured cloud-hosted dev environment that spins up in seconds, directly within GitHub, so you can start contributing to a project right away.”

Currently, GitHub Codespaces is in beta and available for free. The company hasn’t set any pricing for the service once it goes live, but Niyogi says the pricing will look similar to that of GitHub Actions, where it charges for computationally intensive tasks like builds. Microsoft currently charges VS Codespaces users by the hour and depending on the kind of virtual machine they are using.

The other major new feature the company is announcing today is GitHub Discussions. These are essentially discussion forums for a given project. While GitHub already allowed for some degree of conversation around code through issues and pull requests, Discussions are meant to enable unstructured threaded conversations. They also lend themselves to Q&As, and GitHub notes that they can be a good place for maintaining FAQs and other documents.

Currently, Discussions are in beta for open-source communities and will be available for other projects soon.

On the security front, GitHub is also announcing two new features: code scanning and secret scanning. Code scanning checks your code for potential security vulnerabilities. It’s powered by CodeQL and free for open-source projects. Secret scanning is now available for private repositories (a similar feature has been available for public projects since 2018). Both of these features are part of GitHub Advanced Security.

As for GitHub’s enterprise customers, the company today announced the launch of Private Instances, a new fully managed service for enterprise customers that want to use GitHub in the cloud but know that their code is fully isolated from the rest of the company’s users. “Private Instances provides enhanced security, compliance, and policy features including bring-your-own-key encryption, backup archiving, and compliance with regional data sovereignty requirements,” GitHub explains in today’s announcement.

Powered by WPeMatico

ZenHub adds roadmapping to its GitHub project management tool

ZenHub, the popular project management tool that integrates right into GitHub, today announced the launch of Roadmaps. As you can guess from the name, this is a roadmapping feature that allows teams to better plan their projects ahead of time and visualize their status — all from within GitHub.

“We’re diving into a brand new category which is super exciting and we’re really starting to think not only about how forward-thinking software teams are managing their software projects but how they’re actually planning ahead,” ZenHub co-founder Aaron Upright told me. “And we’re really using this as an opportunity to really evolve the product and really introduce now a new kind of entrant into the space for product roadmapping.”

The product itself is indeed pretty straightforward. By default, it takes existing projects and epics a team has already defined and visualizes those on a timeline — including data about how many open issues still remain. In its current iteration, the tool is still pretty basic, but going forward ZenHub will add more advanced features, like blocking. As Upright noted, that’s just fine, though, because while the main goal here is to help teams plans, ZenHub also wants to give other stakeholders a kind of 30,000-foot overview of the state of a project without having to click around every issue in GitHub or Jira.

Upright also argues that existing solutions tend to fall short of what teams really need. “Smaller organizations — teams that are 10, 15 or 25 people — they can’t afford these tools. They’re really expensive. They’re cost-prohibitive,” he said. “And so oftentimes what they do is they turn to Excel files or Google spreadsheets in order to keep track of their roadmap. And keeping the spreadsheets up to date really becomes a complex and really a full-time job.” Yet those tools that are affordable often don’t offer a way to sync data back and forth between GitHub and their platforms, which results in the product team not getting those updates in GitHub, for example. Because ZenHub lives inside of GitHub, that’s obviously not a problem.

ZenHub Roadmaps is now available to all users.

Powered by WPeMatico

Software development analytics platform Sourced launches an enterprise edition

Sourced, or source{d}, as the company styles its name, provides developers and IT departments with deeper analytics into their software development life cycle. It analyzes codebases, offers data about which APIs are being used and provides general information about developer productivity and other metrics. Today, Sourced is officially launching its Enterprise Edition, which gives IT departments and executives a number of advanced tools for managing their software portfolios and the processes they use to create them.

“Sourced enables large engineering organizations to better monitor, measure and manage their IT initiatives by providing a platform that empowers IT leaders with actionable data,” said the company’s CEO Eiso Kant. “The release of Sourced Enterprise is a major milestone towards proper engineering observability of the entire software development life cycle in enterprises.”

Engineering Effectiveness Efficiency

Because it’s one of the hallmarks of every good enterprise tools, it’s no surprise that Sourced Enterprise also offers features like role-based access control and other security features, as well as dedicated support and SLAs. IT departments also can run the service on-premise, or use it as a SaaS product.

The company also tells me that the enterprise version can handle larger codebases so that even complex queries over a large data set only takes a few seconds (or minutes if it’s a really large codebase). To create these complex queries, the enterprise edition includes a number of add-ons to allow users to create these advanced queries. “These are available upon request and tailored to help enterprises overcome specific challenges that often rely on machine learning capabilities, such as identity matching or code duplication analysis,” the company says.

Cloud Migration

The service integrates with most commonly used project management and business intelligence tools, but it also ships with Apache Superset, an open-source business intelligence application that offers built-in data visualization capabilities.

These visualization capabilities are also now part of the Sourced Community Edition, which is now available in private beta.

“Sourced Enterprise gave us valuable insights into the Cloud Foundry codebase evolution, development patterns, trends and dependencies, all presented in easy-to-digest dashboards,” said Chip Childers, the CTO of the open-source Cloud Foundry Foundation, which tested the Enterprise Edition ahead of its launch. “If you really want to understand what’s going on in your codebase and engineering department, Sourced is the way to go.”

To date, the company has raised $10 million from First VC, Heartcore Capital, Xavier Niel and others.

Talent Assessment Managment

Powered by WPeMatico

GitHub gets a new and improved Jira Software Cloud integration

Atlassian’s Jira has become a standard for managing large software projects in many companies. Many of those same companies also use GitHub as their source code repository and, unsurprisingly, there has long been an official way to integrate the two. That old way, however, was often slow, limited in its capabilities and unable to cope with the large code bases that many enterprises now manage on GitHub .

Almost as if to prove that GitHub remains committed to an open ecosystem, even after the Microsoft acquisition, the company today announced a new and improved integration between the two products.

“Working with Atlassian on the Jira integration was really important for us,” GitHub’s director of ecosystem engineering Kyle Daigle told me ahead of the announcement. “Because we want to make sure that our developer customers are getting the best experience of our open platform that they can have, regardless of what tools they use.”

So a couple of months ago, the team decided to build its own Jira integration from the ground up, and it’s committed to maintaining and improving it over time. As Daigle noted, the improvements here include better performance and a better user experience.

The new integration now also makes it easier to view all the pull requests, commits and branches from GitHub that are associated with a Jira issue, search for issues based on information from GitHub and see the status of the development work right in Jira, too. And because changes in GitHub trigger an update to Jira, too, that data should remain up to date at all times.

The old Jira integration over the so-called Jira DVCS connector will be deprecated and GitHub will start prompting existing users to do the upgrade over the next few weeks. The new integration is now a GitHub app, so that also comes with all of the security features the platform has to offer.

Powered by WPeMatico