FreshRSS

🔒
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

The best way to grow your tech career? Treat it like an app

By Ram Iyer
Raj Yavatkar Contributor
As CTO, Raj Yavatkar is responsible for charting Juniper Networks' technology strategy through the execution of the company’s innovations and products for intelligent self-driving networks, security, mobile edge cloud, network virtualization, packet-optical integration and hybrid cloud.

Software developers and engineers have rarely been in higher demand. Organizations’ need for technical talent is skyrocketing, but the supply is quite limited. As a result, software professionals have the luxury of being very choosy about where they work and usually command big salaries.

In 2020, the U.S. had nearly 1.5 million full-time developers, who earned a median salary of around $110,000, according to the Bureau of Labor Statistics. Over the next 10 years, the federal agency estimates, developer jobs will grow by 22% to 316,000.

But what happens after a developer or engineer lands that sweet gig? Are they able to harness their skills and grow in interesting and challenging new directions? Do they understand what it takes to move up the ladder? Are they merely doing a job or cultivating a rewarding professional life?

To put it bluntly, many developers and engineers stink at managing their own careers.

These are the kinds of questions that have gnawed at me throughout my 25 years in the tech industry. I’ve long noticed that, to put it bluntly, many developers and engineers stink at managing their own careers.

It’s simply not a priority for some. By nature, developers delight in solving complex technical challenges and working hard toward their company’s digital objectives. Care for their own careers may feel unattractively self-promotional or political — even though it’s in fact neither. Charting a career path may feel awkward or they just don’t know how to go about it.

Companies owe it to developers and engineers, and to themselves, to give these key people the tools to understand what it takes to be the best they can be. How else can developers and engineers be assured of continually great experiences while constantly expanding their contributions to their organizations?

Developers delight in solving complex challenges and working hard toward their company’s objectives. Care for their own careers may feel unattractively self-promotional or political — even though it’s in fact neither.

Coaching and mentoring can help, but I think a more formal management system is necessary to get the wind behind the sails of a companywide commitment to making developers and engineers believe that, as the late Andy Grove said, “Your career is your business and you are its CEO.”

That’s why I created a career development model for developers and engineers when I was an Intel Fellow at Intel between 2003 and 2013. This framework has since been put into practice at the three subsequent companies I worked at — Google, VMWare, and, now, Juniper Networks — through training sessions and HR processes.

The model is based on a principle that every developer can relate to: Treat career advancement as you would a software project.

That’s right, by thinking of career development in stages like those used in app production, developers and engineers can gain a holistic view of where they are in their professional lives, where they want to go and the gaps they need to fill.

Step 1: Functional specification

In software development, a team can’t get started until it has a functional specification that describes the app’s requirements and how it is supposed to perform and behave.

Why should a career be any different? In my model, folks begin by assessing the “functionality” expected of someone at their next career level and how they’re demonstrating them (or not). Typically, a person gets promoted to a higher level only when they already demonstrate that they are operating at that level.

True ‘shift left and extend right’ security requires empowered developers

By Ram Iyer
Idan Plotnik Contributor
Idan Plotnik is the CEO and founder of Apiiro, a code risk platform.

DevOps is fundamentally about collaboration and agility. Unfortunately, when we add security and compliance to the picture, the message gets distorted.

The term “DevSecOps” has come into fashion the past few years with the intention of seamlessly integrating security and compliance into the DevOps framework. However, the reality is far from the ideal: Security tools have been bolted onto the existing DevOps process along with new layers of automation, and everyone’s calling it “DevSecOps.” This is a misguided approach that fails to embrace the principles of collaboration and agility.

Integrating security into DevOps to deliver DevSecOps demands changed mindsets, processes and technologies. Security and risk management leaders must adhere to the collaborative, agile nature of DevOps for security testing to be seamless in development, making the “Sec” in DevSecOps transparent. — Neil MacDonald, Gartner

In an ideal world, all developers would be trained and experienced in secure coding practices from front end to back end and be skilled in preventing everything from SQL injection to authorization framework exploits. Developers would also have all the information they need to make security-related decisions early in the design phase.

If a developer is working on a type of security control they haven’t worked on before, an organization should provide the appropriate training before there is a security issue.

Once again, the reality falls short of the ideal. While CI/CD automation has given developers ownership over the deployment of their code, those developers are still hampered by a lack of visibility into relevant information that would help them make better decisions before even sitting down to write code.

The entire concept of discovering and remediating vulnerabilities earlier in the development process is already, in some ways, out of date. A better approach is to provide developers with the information and training they need to prevent potential risks from becoming vulnerabilities in the first place.

Consider a developer that is assigned to add PII fields to an internet-facing API. The authorization controls in the cloud API gateway are critical to the security of the new feature. “Shifting left and extending right” doesn’t mean that a scanning tool or security architect should detect a security risk earlier in the process — it means that a developer should have all the context to prevent the vulnerability before it even happens. Continuous feedback is key to up-leveling the security knowledge of developers by orders of magnitude.

Shares of protein discovery platform Absci pop in market debut

By Emma Betuel

Absci Corp., a Vancouver company behind a multi-faceted drug development platform, went public on Thursday. It’s another sign of snowballing interest in new approaches to drug development – a traditionally risky business. 

Absci focuses on speeding drug development in the preclinical stages. The company has developed and acquired a handful of tools that can predict drug candidates, identify potential therapeutic targets, and test therapeutic proteins on billions of cells and identify which ones are worth pursuing. 

“We are offering a fully-integrated end-to-end solution for pharmaceutical drug development,” Absci founder Sean McClain tells TechCrunch. “Think of this as the Google index search for protein drug discovery and biomanufacturing.” 

The IPO was initially priced at $16 per share, with a pre-money valuation of about $1.5 billion, per S-1 filings. The company is offering 12.5 million shares of common stock, with plans to raise $200 million. However, Absci stock has already ballooned to $21 per share as of writing. Common stock is trading under the ticker “ABSI.” 

The company has elected to go public now, McClain says, to increase the company’s ability to attract and retain new talent. “As we continue to rapidly grow and scale, we need access to the best talent, and the IPO gives us amazing visibility for talent acquisition and retention,” says McClain.

Absci was founded in 2011 with a focus on manufacturing proteins in E.Coli. By 2018, the company had launched its first commercial product called SoluPro – a biogeneered E.Coli system that can build complex proteins. In 2019, the company scaled this process up by implementing a “protein printing” platform.

Since its founding Absci has grown to 170 employees and raised $230 million – the most recent influx was a $125 million crossover financing round closed in June 2020 led by Casdin Capital and Redmile Group. But this year, two major acquisitions have rounded out Absci’s offerings from protein manufacturing and testing to AI-enabled drug development. 

In January 2021, Absci acquired Denovium, a company using deep learning AI to categorize and predict the behavior of proteins. Denovium’s “engine” had been trained on more than 100 million proteins. In June, the company also acquired Totient, a biotech company that analyzes the immune system’s response to certain diseases. At the time of Totient’s acquisition, the company had already reconstructed 4,500 antibodies gleaned from immune system data from 50,000 patients. 

Absci already had protein manufacturing, evaluation and screening capabilities, but the Totient acquisition allowed it to identify potential targets for new drugs. The Denovium acquisition added an AI-based engine to aid in protein discovery. 

“What we’re doing is now feeding [our own data] into deep learning models and so that is why we acquired Denovium. Prior to Totient we were doing drug discovery and cell line development. This [acquisition] allows us to go fully integrated where we can now do target discovery as well,” McClain says. 

These two acquisitions place Absci into a particularly active niche in the drug development world. 

To start with, there’s been some noteworthy fiscal interest in developing new approaches to drug development, even after decades of low returns on drug R&D. In the first half of 2021, Evaluate reported that new drug developers raised about $9 billion in IPOs on Western exchanges. This is despite the fact that drug development is traditionally high risk. R&D returns for biopharmaceuticals hit a record low of 1.6 percent in 2019, and have rebounded to only about 2.5 percent, a Deloitte 2021 report notes. 

Within the world of drug development, we’ve seen AI play an increasingly large role. That same Deloitte report notes that “most biopharma companies are attempting to integrate AI into drug discovery, and development processes.” And, drug discovery projects received the greatest amount of AI investment dollars in 2020, according to Stanford University’s Artificial Intelligence Index annual report

More recently, the outlook on the use of AI in drug development has been bolstered by companies that have moved a candidate through the stages of pre-clinical development. 

In June, Insilico Medicine, a Hong Kong-based startup, announced that it had brought an A.I-identified drug candidate for idiopathic pulmonary fibrosis through the preclinical testing stages – a feat that helped close a $255 million Series C round. Founder Alexander Zharaonkov told TechCrunch the PI drug would begin a clinical trial on the drug late this year or early next year. 

With a hand in AI and in protein manufacturing, Absci has already positioned itself in a crowded, but hype-filled space. But going forward, the company will still have to work out the details of its business model.  

Absci is pursuing a partnership business model with drug manufacturers. This means that the company doesn’t have plans to run clinical trials of its own. Rather, it expects to earn revenue through “milestone payments” (conditional upon reaching certain stages of the drug development process) or, if drugs are approved, royalties on sales. 

This does offer some advantages, says McClain. The company is able to sidestep the risk of drug candidates failing after millions of R&D cash is poured into testing and can invest in developing “hundreds” of drug candidates at once. 

At this point, Absci does have nine currently “active programs” with drugmakers. The company’s cell line manufacturing platforms are in use in drug testing programs at eight biopharma companies, including Merck, Astellas, and Alpha Cancer technologies (the rest are undisclosed). Five of these projects are in the preclinical stage, one is in Phase 1 clinical trials, one is in a Phase 3 clinical trial, and the last is focused on animal health, per the company’s S-1 filing. 

One company, Astellas, is currently using Absci’s discovery platforms. But McClain notes that Absci has only just rolled out its drug discovery capabilities this year. 

However, none of these partners have formally licensed any of Absci’s platforms for clinical or commercial use. McClain notes that the nine active programs have milestones and royalty “potentials” associated with them. 

The company does have some ground to make up when it comes to profitability. So far this year, Absci has generated about $4.8 million in total revenue – up from about $2.1 million in 2019. Still, the costs have remained high, and S-1 filings note that the company has incurred net losses in the past two years. In 2019, the company reported $6.6 million in net losses in 2019 and $14.4 million in net losses in 2020. 

The company’s S-1 chalks up these losses to expenditures related to cost of research and development, establishing an intellectual property portfolio, hiring personnel, raising capital and providing support for these activities. 

Absci has recently completed the construction of a 77,000 square foot facility, notes McClain. So going forward the company does foresee the potential to increase the scale of its operations. 

In the immediate future, the company plans to use money raised from the IPO to grow the number of programs using Absci’s technology, invest in R&D and continue to refine the company’s new AI-based products. 

 

Go1 raises $200M at a $1B+ valuation to boost its curated enterprise learning platform

By Ingrid Lunden

Online learning continues to see a huge boost of attention and use in the wake of the Covid-19 pandemic, and today a startup building tools specifically for enterprises to deliver on their internal education remits is announcing a big round of funding that points to the startup’s own growth and ambitions.

Go1, which provides curated online learning materials and tools to businesses, with “playlists” that tap content from multiple publishers and silos, has closed a round of $200 million, a Series D that the Australian company’s CEO and co-founder confirmed values the startup at over $1 billion.

Barnes added that the funding will be used to expand further in existing markets — based out of Brisbane, Australia, Go1 has offices in London, the U.S., Singapore and Malaysia, so it wants to go deeper into Europe more broadly and into more of Asia Pacific, he said. Go1 will also continue expanding its suite of services in the wider areas of learning and development training, he added.

Today, it already offers a host of analytics and AI tech to chart how well that content is used and to further personalize materials, so the idea will be to expand on that more.

SoftBank’s Vision Fund 2, AirTree Ventures and Salesforce Ventures co-led this Series D, with Blue Cloud Ventures, Larsen Ventures, Madrona Venture Group, Microsoft’s M12, SEEK, TEN13, and Tiger Global also participating. (To be clear it appears that there were reports about this Series D closing but no details on the value, the investors, nor confirmation from the company.)

The funding represents a major capital infusion for the startup: prior to this it had only raised about $80 million over the last six years, with the last round, a more modest Series C of $40 million, closed 14 months ago.

But it also comes on the heels of impressive growth. Incubated at Y Combinator and based out of Brisbane, Australia, the company currently works with some 3.5 million users and over 1,600 enterprises globally, with companies like Microsoft, TikTok, the University of Oxford, Suzuki, Asahi and Thrifty, as well as many smaller businesses, among its customers. On average, an individual, when actively engaging on Go1, spends between two and six hours per month using the platform, and Barnes told me that its user base has grown by more than 300 percent in the last year.

But in a tech world now full of options for online learning content — both for K-12 as well as business users — what is perhaps more interesting is the startup’s approach.

Currently, Go1 has some 150,000 pieces of content available in its library, but it has not created any of that itself. The material comes from some 1,000 publishers and creators, a figure that is growing weekly, said Barnes, and includes not just your standard names in online education like Pearson, EdX, Coursera and Skillsoft, but also Blinkist and the Harvard Business Review.

The point of Go1 is to make it easier for businesses to access and use all these materials without having to negotiate separate deals with the various rights holders, or for users to have to negotiate multiple apps or sites to use it.

Somewhat akin to a streaming service like Spotify, Go1 acts not just as a distributor/aggregator to access that content, but as a channel for those providers, who receive royalties based on how much their content is consumed. (And individual rights holders can also negotiate how some or all of their content is accessed, in the event that they have paywalls that they do not want to break down in specific areas.)

The Spotify analogy goes beyond the company’s business model: Barnes pointed out that it too calls its curated bundles — which it creates itself, or lets customers create themselves — “playlists.”

“We started the business six years ago because no one else was doing this, yet there was such a desire to bring together that diversity of content and make it easily available,” he said.

The challenge for employers is not just navigating the user experience of juggling multiple sites (which Go1 solves with these curated playlists), but also building learning that is still cohesive and easy to manage, regardless of which department or employee is doing the training.

“How do I create something for the broad diversity of skills for our workforce?” is how Barnes described it to me. This is what the company addresses with the platform, he added, not only making it easier to create training for different people, but to help them find, and to suggest, relevant content that will interest those users by offering as big a selection as possible. “We help people find the needle in the haystack,” he said.

Where the analogy stops, it seems, is in how Go1 interfaces with the rest of the corporate learning market.

I asked Barnes if he saw companies like Success Factors as competitors, but in reality, Go1’s ethos is to integrate into whatever education or training platform a company might already use, be it SAP, Workday, Salesforce or Microsoft-based platforms, or something else altogether.

Borrowing another media comparison, Barnes notes that he sees Go1 as occupying the “Netflix” button on a remote: regardless of the manufacturer or pay-TV provider, you still have a way to get your Netflix fix; and so, too, is the hope for Go1 in corporate learning and development training.

This also means that while platforms are not rivals, others also aggregating content might well be: that likely makes for an interesting relationship with Microsoft, given that it owns LinkedIn, which has LinkedIn Learning, which also aggregates content from across a wide range of publishers.

It seems that while Microsoft has slowly created more integrations with LinkedIn over the years since it’s acquired it, this is one area where it’s also been okay with working with one of its competitors.

“Our team worked closely with Go1 on a Microsoft Teams integration to enable more enterprises to maintain corporate training remotely,” said Jeff Teper, Microsoft Corporate Vice President, Teams, OneDrive, SharePoint, said in a statement. “As many companies navigate in-person work scenarios, a plan for hybrid engagement is critical. Employees and students can access one of the world’s largest libraries of online learning resources with Go1 in Microsoft Teams. Companies can also onboard new talent and ensure essential trainings are provided regardless of employee location.”

One way that Go1 is looking to grow is in how it is used by the individuals that learn or train on its platform.

Another reason Barnes and his co-founders — Vu Tran (head of growth), Chris Eigeland (CRO), and Chris Hood (CTO) — started Go1, he said, was because of a pain point one of them directly encountered. Tran was doing his training to become a doctor at the time, and he found it very frustrating that he had re-do hand washing training each time he started a new rotation.

“There was no way to re-share that he’d already done that,” Barnes said. Go1 is trying to double down on that, increasing the ability for its users to “own” those credentials and certifications and re-use them in subsequent places, even when they change jobs. (Again… not unlike exporting a Spotify playlist, which you can also do.)

It seems that I am not the only one who sees a lot of Spotify resonance in Go1.

“When people think about music, they often think of Spotify and access to unlimited music for one subscription. We believe Go1 is the emerging category leader in providing a similar experience for corporate learning. Powered by AI and machine learning, Go1’s platform provides an intuitive experience, and creates an opportunity for individuals to expand their professional development goals and explore the resources to help achieve them,” said Nagraj Kashyap, managing partner at SoftBank Investment Advisers, in a statement.

Despite the hype, construction tech will be hard to disrupt

By Annie Siebert
David Ward Contributor
David Ward is a 30-year tech industry veteran, entrepreneur and the CEO and founder of Safe Site Check In.

From the outside looking in, the construction industry appears ripe for tech innovation. The industry represents 6.3% of the U.S. GDP. There are close to 1 million general contractors (GCs) in the country, and anywhere between 3 million and 5 million workers on job sites every day.

Meanwhile, there’s a common (if somewhat justified) belief that construction firms are slow to adopt technology and are behind the digital curve.

Success in construction tech will come down to proving the need for the technology, delivering immediate ROI, and ensuring workers know how to use it on the first try.

But not every construction company is a technology laggard. While GCs are historically slower to adopt new technologies, this doesn’t necessarily make them behind the times. About 60% of construction companies have R&D departments for new technology, and the largest construction firms have substantial R&D budgets. Yet 35.9% of employees are hesitant to try new technology, according to JB Knowledge.

One way to interpret this is that there is a strong interest and need to take advantage of newer construction-centric technologies, but only if they’re easy to use, easy to deploy or access while on a job site, and improve productivity almost immediately.

These factors have made construction tech appealing to investors, who have poured at least $3 billion into the sector. Is construction tech the “it” place right now? Is it ripe for disruption, the way VC investors find attractive? If that’s true, what went wrong at Katerra? Is Procore justified in losing $1 for every $4 in revenue? And why does so little investment go into improving productivity at the job site where GC money is made — or lost — compared to back-office operations?

My experience to date says that construction is different from other sectors because of the significant variation among projects that originates in the way projects are financed, how risks are managed and the factors that drive variation among projects. Construction’s differences are not easily mitigated via data processing, as compared to fintech, for example, where all money is data-amenable to software processing. Addressing project variations will be key to succeeding in construction tech beyond the back office. Here are the critical factors to consider.

Project financing makes capital investment more difficult. While the Commerce Department reported that construction spending in the U.S. reached a record high of $1.459 trillion in November 2020, this doesn’t mean there are unlimited opportunities for construction tech. The reality is that GCs make few capital investments because they must fund investments in technology out of operating cash flow.

Construction projects are typically funded incrementally in phases as the project demonstrates progress. Delays or accidents can have a huge effect on cash flow. Overhead and G&A cost burdens are hated. Asking a GC to license technology as a capital purchase doesn’t always make sense.

GC ownership and business structure also make large capital investment more difficult. Most GC firms were founded by tradespeople and either started as, or remain, family-owned firms. Borrowing what’s considered the “family’s money” is a much more risk-averse decision compared to the way larger corporations evaluate productivity investments and put assets at risk.

The hidden benefits of adding a CTO to your board

By Ram Iyer
Abby Kearns Contributor
Abby Kearns, chief technology officer at Puppet, has more than 20 years of experience scaling growth for numerous Fortune 500 and startup companies.

The pandemic forced companies around the world to adjust to a “new normal,” which caused many leaders to pivot their business strategies and adopt new technologies to continue operations. In a time of chaos and change, there is no senior leader that can navigate this sort of change better than a CTO.

Not only do CTOs understand the ever-changing tech landscape, they also provide invaluable insights to help organizations go beyond traditional IT conversations and leverage technology to successfully scale businesses.

Boards are facing pressure to be strategic and thoughtful on how to evolve in the rapidly iterating world of technology, and a CTO is uniquely positioned to address specific challenges.

There are now more reasons than ever to consider adding a CTO to your board. As a CTO myself, I know how important and impactful it can be to have technical-minded leaders on a company’s board of directors. At a time when companies are accelerating their digital transformation, it’s critical to have diverse technical perspectives and people from varying backgrounds, as transformations are a mix of people, process and technology.

Drawing on my experience on Lightbend’s board of directors, here are five hidden benefits of making space at the table for a CTO.

A unique mind (and skill) set

Currently, most boards of directors are composed of former CEOs, CFOs and investors. While such executives bring vast experience, they have very specific expertise, and that frequently does not include technical proficiency. In order for a company to be successful, your board needs to have people with different backgrounds and expertise.

Inviting different perspectives forces companies out of the groupthink mentality and find new, creative solutions to their problems. Diverse perspectives aren’t just about the title –– racial ethnicity and gender diversity are clearly a play here as well.

Deep understanding of tech

For a product-led company, having a CTO who has been close to product development and innovation can bring deep insights and understanding to the boardroom. Boards are facing pressure to be strategic and thoughtful on how to evolve in the rapidly iterating world of technology, and a CTO is uniquely positioned to address specific challenges.

The rise of cybersecurity debt

By Ram Iyer
Howard Boville Contributor
Howard Boville is head of IBM Hybrid Cloud. He leads the global cloud business at IBM and helps develop market-leading capabilities to drive digital transformation for enterprises.

Ransomware attacks on the JBS beef plant, and the Colonial Pipeline before it, have sparked a now familiar set of reactions. There are promises of retaliation against the groups responsible, the prospect of company executives being brought in front of Congress in the coming months, and even a proposed executive order on cybersecurity that could take months to fully implement.

But once again, amid this flurry of activity, we must ask or answer a fundamental question about the state of our cybersecurity defense: Why does this keep happening?

I have a theory on why. In software development, there is a concept called “technical debt.” It describes the costs companies pay when they choose to build software the easy (or fast) way instead of the right way, cobbling together temporary solutions to satisfy a short-term need. Over time, as teams struggle to maintain a patchwork of poorly architectured applications, tech debt accrues in the form of lost productivity or poor customer experience.

Complexity is the enemy of security. Some companies are forced to put together as many as 50 different security solutions from up to 10 different vendors to protect their sprawling technology estates.

Our nation’s cybersecurity defenses are laboring under the burden of a similar debt. Only the scale is far greater, the stakes are higher and the interest is compounding. The true cost of this “cybersecurity debt” is difficult to quantify. Though we still do not know the exact cause of either attack, we do know beef prices will be significantly impacted and gas prices jumped 8 cents on news of the Colonial Pipeline attack, costing consumers and businesses billions. The damage done to public trust is incalculable.

How did we get here? The public and private sectors are spending more than $4 trillion a year in the digital arms race that is our modern economy. The goal of these investments is speed and innovation. But in pursuit of these ambitions, organizations of all sizes have assembled complex, uncoordinated systems — running thousands of applications across multiple private and public clouds, drawing on data from hundreds of locations and devices.

Complexity is the enemy of security. Some companies are forced to put together as many as 50 different security solutions from up to 10 different vendors to protect their sprawling technology estates — acting as a systems integrator of sorts. Every node in these fantastically complicated networks is like a door or window that might be inadvertently left open. Each represents a potential point of failure and an exponential increase in cybersecurity debt.

We have an unprecedented opportunity and responsibility to update the architectural foundations of our digital infrastructure and pay off our cybersecurity debt. To accomplish this, two critical steps must be taken.

First, we must embrace open standards across all critical digital infrastructure, especially the infrastructure used by private contractors to service the government. Until recently, it was thought that the only way to standardize security protocols across a complex digital estate was to rebuild it from the ground up in the cloud. But this is akin to replacing the foundations of a home while still living in it. You simply cannot lift-and-shift massive, mission-critical workloads from private data centers to the cloud.

There is another way: Open, hybrid cloud architectures can connect and standardize security across any kind of infrastructure, from private data centers to public clouds, to the edges of the network. This unifies the security workflow and increases the visibility of threats across the entire network (including the third- and fourth-party networks where data flows) and orchestrates the response. It essentially eliminates weak links without having to move data or applications — a design point that should be embraced across the public and private sectors.

The second step is to close the remaining loopholes in the data security supply chain. President Biden’s executive order requires federal agencies to encrypt data that is being stored or transmitted. We have an opportunity to take that a step further and also address data that is in use. As more organizations outsource the storage and processing of their data to cloud providers, expecting real-time data analytics in return, this represents an area of vulnerability.

Many believe this vulnerability is simply the price we pay for outsourcing digital infrastructure to another company. But this is not true. Cloud providers can, and do, protect their customers’ data with the same ferocity as they protect their own. They do not need access to the data they store on their servers. Ever.

To ensure this requires confidential computing, which encrypts data at rest, in transit and in process. Confidential computing makes it technically impossible for anyone without the encryption key to access the data, not even your cloud provider. At IBM, for example, our customers run workloads in the IBM Cloud with full privacy and control. They are the only ones that hold the key. We could not access their data even if compelled by a court order or ransom request. It is simply not an option.

Paying down the principal on any kind of debt can be daunting, as anyone with a mortgage or student loan can attest. But this is not a low-interest loan. As the JBS and Colonial Pipeline attacks clearly demonstrate, the cost of not addressing our cybersecurity debt spans far beyond monetary damages. Our food and fuel supplies are at risk, and entire economies can be disrupted.

I believe that with the right measures — strong public and private collaboration — we have an opportunity to construct a future that brings forward the combined power of security and technological advancement built on trust.

This one email explains Apple

By Matthew Panzarino

An email has been going around the internet as a part of a release of documents related to Apple’s App Store based suit brought by Epic Games. I love this email for a lot of reasons, not the least of which is that you can extrapolate from it the very reasons Apple has remained such a vital force in the industry for the past decade. 

The gist of it is that SVP of Software Engineering, Bertrand Serlet, sent an email in October of 2007, just three months after the iPhone was launched. In the email, Serlet outlines essentially every core feature of Apple’s App Store — a business that now brings in an estimated $64B per year. And that, more importantly, allowed the launch of countless titanic internet startups and businesses built on and taking advantage of native apps on iPhone.

Forty five minutes after the email, Steve Jobs replies to Serlet and iPhone lead Scott Forstall, from his iPhone, “Sure, as long as we can roll it all out at Macworld on Jan 15, 2008.”

Apple University should have a course dedicated to this email. 

Here it is, shared by an account I enjoy, Internal Tech Emails, on Twitter. If you run the account let me know, happy to credit you further here if you wish:

Bertrand Serlet to Steve Jobs: "Fine, let's enable Cocoa Touch apps"

October 2, 2007 pic.twitter.com/9aTxmjgkRS

— Internal Tech Emails (@TechEmails) June 3, 2021

First, we have Serlet’s outline. It’s seven sentences that outline the key tenets of the App Store. User protection, network protection, an owned developer platform and a sustainable API approach. There is a direct ask for resources — whoever we need in software engineering — to get it shipped ASAP. 

It also has a clear ask at the bottom, ‘do you agree with these goals?’

Enough detail is included in the parentheticals to allow an informed reader to infer scope and work hours. And at no point during this email does Serlet include an ounce of justification for these choices. These are the obvious and necessary framework, in his mind, for accomplishing the rollout of an SDK for iPhone developers. 

There is no extensive rationale provided for each item, something that is often unnecessary in an informed context and can often act as psychic baggage that telegraphs one of two things:

  1. You don’t believe the leader you’re outlining the project to knows what the hell they’re talking about.
  2. You don’t believe it yourself and you’re still trying to convince yourself. 

Neither one of those is the wisest way to provide an initial scope of work. There is plenty of time down the line to flesh out rationale to those who have less command of the larger context. 

If you’re a historian of iPhone software development, you’ll know that developer Nullriver had released Installer, a third-party installer that allowed apps to be natively loaded onto iPhone, in the summer of 2007, early September, I believe. It was followed in 2008 by the eventually far more popular Cydia. And there were developers that August and September already experimenting with this completely unofficial way of getting apps on the store, like the venerable Twitterific by Craig Hockenberry and Lights Off by Lucas Newman and Adam Betts.

Though there has been plenty of established documentation of Steve being reluctant about allowing third-party apps on iPhone, this email establishes an official timeline for when the decision was not only made but essentially fully formed. And it’s much earlier than the apocryphal discussion about when the call was made. This is just weeks after the first hacky third-party attempts had made their way to iPhone and just under two months since the first iPhone jailbreak toolchain appeared. 

There is no need or desire shown here for Steve to ‘make sure’ that his touch is felt on this framework. All too often I see leaders that are obsessed with making sure that they give feedback and input at every turn. Why did you hire those people in the first place? Was it for their skill and acumen? Their attention to detail? Their obsessive desire to get things right?

Then let them do their job. 

Serlet’s email is well written and has the exact right scope, yes. But the response is just as important. A demand of what is likely too short a timeline (the App Store was eventually announced in March of 2008 and shipped in July of that year.) sets the bar high — matching the urgency of the request for all teams to work together on this project. This is not a side alley, it’s the foundation of a main thoroughfare. It must get built before anything goes on top. 

This efficacy is at the core of what makes Apple good when it is good. It’s not always good, but nothing ever is 100% of the time and the hit record is incredibly strong across a decade’s worth of shipped software and hardware. Crisp, lean communication that does not coddle or equivocate, coupled with a leader that is confident in their own ability and the ability of those that they hired means that there is no need to bog down the process in order to establish a record of involvement. 

One cannot exist without the other. A clear, well argued RFP or project outline that is sent up to insecure or ineffective management just becomes fodder for territorial games or endless rounds of requests for clarification. And no matter how effective leadership is and how talented their employees, if they do not establish an environment in which clarity of thought is welcomed and rewarded then they will never get the kind of bold, declarative product development that they wish. 

All in all, this exchange is a wildly important bit of ephemera that underpins the entire app ecosystem era and an explosive growth phase for Internet technology. And it’s also an encapsulation of the kind of environment that has made Apple an effective and brutally efficient company for so many years. 

Can it be learned from and emulated? Probably, but only if all involved are willing to create the environment necessary to foster the necessary elements above. Nine times out of ten you get moribund management, an environment that discourages blunt position taking and a muddy route to the exit. The tenth time, though, you get magic.

And, hey, maybe we can take this opportunity to make that next meeting an email?

If Bertrand Serlet and Steve Jobs could change the world over an email perhaps we don’t need to have that meeting. https://t.co/NZ1HmVAnwb

— Matthew Panzarino (@panzer) June 3, 2021

RevenueCat raises $40M Series B for its in-app subscription platform

By Sarah Perez

RevenueCat, a startup offering a series of tools for developers of subscription-based apps, has raised $40 million in Series B funding, valuing its business at $300 million, post-money. Founded by developers who understood the difficulties in scaling a subscription app firsthand, RevenueCat’s software development kit (SDK) solution gives companies the tools they need to build a subscription business, including not just adding subscriptions themselves, but maintaining them over time even as the app stores implement changes. It also aids by sharing subscription data with other tools the business uses, like those for advertising, analytics or attribution.

The funding round was led by Y Combinator’s Continuity Fund and included participation from Index Ventures, SaaStr, Oakhouse, Adjacent and FundersClub, as well as Blinklist CTO Tobias Balling and Algolia CEO Nicolas Dessaigne. With the round, YC Continuity Partner Anu Hariharan is joining RevenueCat’s board, which today includes Index’s Mark Fiorentino in addition to the founders.

Explains RevenueCat CEO Jacob Eiting, the idea for the company came about after he and co-founder Miguel Carranza Guisado (CTO) struggled to figure out subscription infrastructure while working together at Elevate. After years of untangling a “subscription mess” in order to figure out answers to basic questions like subscriber retention and lifetime value, they realized there was potential in helping solve this problem for other developers.

Apple and Google, Eiting explains, aren’t always up to date with what companies actually need to build subscription businesses. “They’re kind of learning as they go. They just weren’t able to provide us the data we needed, and then also the infrastructure to do that is non-trivial.”

Image Credits: RevenueCat

When Eiting and Guisado sat down to work on RevenueCat in 2017, no one else was even building anything like this. But the demand for the startup’s tools and integrations soon resonated with developers who had faced similar challenges in the growing subsection app market.

Using the service, developers can access a real-time dashboard that display key metrics, like subscription revenue, churn, LTV (lifetime value), subscriber numbers, conversions and more. The data can then be shared through integrations with other tools and services, like Adjust, Amplitude, Apple Search Ads, AppsFlyer, Branch, Facebook Ads, Google Cloud Intercom, Mixpanel, Segment and several others. 

After launching out of Y Combinator’s accelerator the following year, RevenueCat was soon live with 100 apps and had crossed $1 million in tracked revenue by the time it raised its $1.5 million seed round.

Today, RevenueCat has more than 6,000 apps live on its platform, with over $1 billion in tracked subscription revenue being managed by its tools. That’s double the number of apps that were using its service as of its $15 million Series A last August.

With the additional funding, the company will lower its pricing to put its tools in reach of more developers. Previously, it charged $120 per month for its charts and some of its integrations, or $499 per month for access to all integrations. This was affordable for larger companies, but could still be a difficult sell to the long tail of app developers where revenues ranged from $10K to $50K per month.

Now, RevenueCat will charge a small percentage of an app’s sales instead of a flat fee. Developers with up to $10,000 in monthly tracked revenue (MTR) can get started with the service for free and as their demands grow — like needing access to charts, support for web hooks, integrations and others — they can move up to either the Starter or Pro plans as $8/mo or $12/mo per $1,000 in MTR, respectively.

“I’m excited to give those tools to developers, especially on the small end, because it might be what they need to get out of that ‘less than $10K range,’ ” Eiting says. “Also, the beauty of freemium, or having a really generous free tier, is that it makes your tool the de facto — you remove as much friction as possible for providing software services and then, if you get your pricing right — which I think we have — it all kind of pays for itself,” he adds.

The company also plans to use the new funds to further invest in its business, expanding from App Store and Google Play support to include Amazon’s Appstore. It will also grow its team.

As part of its expected growth, RevenueCat recently hired a head of Product, Jens-Fabian Goetzmann, previously a PM at Microsoft and then product head at fitness app 8fit. Currently 30 people, in the year ahead, RevenueCat will grow to 60 people, hiring across design, product, engineering, sales and other roles.

“The world is moving toward subscriptions — and for companies, building out this model translates to weeks of developers’ time,” says YC Continuity’s Hariharan. “RevenueCat helps developers roll out subscriptions in minutes and creates a source of truth for customer data. With developers creating solutions to problems in the world, it’s important that they can find ways to monetize, grow, and support their most committed customers. RevenueCat is doing so by building subscriptions 2.0.”

❌