FreshRSS

🔒
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Render raises $4.5M for its DevOps platform

By Frederic Lardinois

Render, the winner of our Disrupt SF 2019 Startup Battlefield, today announced that it has added another $4.5 million onto its existing seed funding round, bringing total investment into the company to $6.75 million.

The round was led by General Catalyst, with participation from previous investors South Park Commons Fund and a group of angels that includes Lee Fixel, Elad Gil and GitHub CTO (and former VP of Engineering at Heroku) Jason Warner.

The company, which describes itself as a “Zero DevOps alternative to AWS, Azure and Google Cloud,” originally raised a $2.25 million seed round in April 2019, but it got a lot of inbound interest after winning the Disrupt Battlefield. In the end, though, the team decided to simply raise more money from its existing investors.

Current Render users include Cypress.io, Mux, Bloomscape, Zelos, 99designs and Stripe.

“We spoke to a bunch of people after Disrupt, including Ashton Kutcher’s firm, because he was one of the judges,” Render co-founder and CEO Anurag Goel explained. “In the end, we decided that we would just raise more money from our existing investors because we like them and it helped us get a better deal from our existing investors. And they were all super interested in continuing to invest.”

What makes Render stand out is that it fulfills many of the promises of Heroku and maybe Google Cloud’s App Engine. You simply tell it what kind of service you are going to deploy and it handles the deployment and manages the infrastructure for you.

“Our customers are all people who are writing code. And they just want to deploy this code really easily without having to worry about servers, or maintenance, or depending on DevOps teams — or, in many cases, hiring DevOps teams,” Goel said. “DevOps engineers are extremely expensive to hire and extremely hard to find, especially good ones. Our goal is to eliminate all of that work that DevOps people do at every company, because it’s very similar at every company.”

Image Credits: Render

One new feature the company is launching today is preview environments. You can think of them as disposable staging or development environments that developers can spin up to test their code — and Render promises that the testing environment will look the same as your production environment (or you can specify changes, too). Developers can then test their updates collaboratively with QA or their product and sales teams in this environment.

Development teams on Render specify their infrastructure environments in a YAML file and turning on these new preview environments is as easy as setting a flag in that file.

Image Credits: Render

“Once they do that, then for every pull request — because we’re integrated with GitHub and GitLab — we automatically spin up a copy of that environment. That can include anything you have in production, or things like a Redis instance, or managed Postgres database, or Elasticsearch instance, or obviously APIs and web services and static sites,” Goel said. Every time you push a change to that branch or pull request, the environment is automatically updated, too. Once the pull request is closed or merged, Render destroys the environment automatically.

The company will use the new funding to grow its team and build out its service. The plan, Goel tells me, is to raise a larger Series A round next year.

Woven adds to its calendar app’s $20/mo premium plan

By Lucas Matney

Productivity software has had a huge couple of years, yet for all of the great note-taking apps that have launched, consumers haven’t gotten a lot of quality options for Google Calendar replacements.

This week, Woven, a calendar startup founded by former Facebook CIO Tim Campos is shaking up the premium tier of their scheduling software, hoping that productivity-focused users will pay to further optimize the calendar experience just as they have paid up for subscription email services like Superhuman and note-taking apps like Notion.

There’s been a pretty huge influx of investor dollars into the productivity space which has shown a lot of promise in bottoms-up scaling inside enterprises by first aiming to sell their products to individuals. Woven has raised about $5 million to date with investments from Battery Ventures, Felicis Ventures and Tiny Capital, among others.

“Time is the most valuable asset that we have,” Campos told TechCrunch. “We think there’s a real opportunity to do much more with the calendar.”

Their new product will help determine just how much demand there is for a pro-tier calendar that aims to make life easier for professionals than Google Calendar or Outlook Calendar cares to. The new product, which is $20 per month ($10 during an early access period if you pay for a year), builds on the company’s free tier product giving users a handful of new features. There’s still quite a bit of functionality in the free tier still, which is sticking around, but the lack of multi-account support is one of the big limitations there. 

Image credit: via Woven.

The core of Woven’s value is likely its Calendly-like scheduling links which allow single users to quickly show when they’re free, or give teams the ability to eliminate back-in-forth entirely when scheduling meetings by scanning everyone’s availability and suggesting times that are uniformly available. In this latest update, the startup has also launched a new feature called Open Invite which allows users to blast out links to join webinars that recipients can quickly register for.

One of Woven’s top features is probably Smart Templates which aims to learn from your habits and strip down the amount of time it takes to organize a meeting. Selecting the template can automatically set you up with a one-time Zoom link, ping participants for their availability with Woven’s scheduling links and take care of mundane details. Now, the titles automatically update depending on participants, location or company information as well. While plenty of productivity happens on the desktop, the startup is trying to push the envelope on mobile as well. They’ve added an iMessage integration to quickly allow people to share their availability and schedule meetings inside chat.

The product updates arrive soon after the announcement of the company’s Zoom “Zapp,” which shoves the app’s functionality inside Zoom and will likely be a bit sell to new users.

 

Kite adds support for 11 new languages to its AI code completion tool

By Frederic Lardinois

When Kite, the well-funded AI-driven code completion tool, launched in 2019, its technology looked very impressive, but it only supported Python at the time. Earlier this year, it also added JavaScript and today, it is launching support for 11 new languages at once.

The new languages are Java, Kotlin, Scala, C/C++, Objective C, C#, Go, Typescript, HTML/CSS and Less. Kite works in most popular development environments, including the likes of VS Code, JupyterLab, Vim, Sublime and Atom, as well as all Jetbrains IntelliJ-based IDEs, including Android Studio.

This will make Kite a far more attractive solution for a lot of developers. Currently, the company says, it saves its most active developers from writing about 175 “words” of code every day. One thing that always made Kite stand out is that it ranks its suggestions by relevance — not alphabetically as some of its non-AI driven competitors do. To build its models, Kite fed its algorithms code from GitHub .

The service is available as a free download for Windows users and as a server-powered paid enterprise version with a larger deep learning model that consequently offers more AI smarts, as well as the ability to create custom models. The paid version also includes support for multi-line code completion, while the free version only supports line-of-code completions.

Kite notes that in addition to adding new languages, Kite also spent the last year focusing on the user experience, which should now be less distracting and, of course, offer more relevant completions.

Image Credits: Kite

Gen Z spends 10% more time in non-game apps than older users

By Sarah Perez

A new report released today by App Annie digs into how Gen Z consumers engage with their smartphones and mobile apps. According to data collected in Q3 2020, Gen Z users spend an average of 4.1+ hours per month in non-gaming apps, or 10% longer than older demographics. They also engage with apps more often, with 20% more sessions per user in non-gaming apps, at 120 sessions per month per app, compared with older groups.

This app engagement data is only a view into Gen Z trends, but is an incomplete analysis, as it only focuses on select markets, including the U.S., U.K., Brazil, France, Germany, Indonesia, Japan, Mexico, South Korea and Turkey. It also included only data collected from Android devices, which doesn’t provide as full a picture.

App Annie found that Gen Z is more likely to use games than older users, but they don’t access them as often or use them as long. Those ages 25 and older actually spent nearly 20% longer in their most-used games and accessed them 10% more frequently. Both demographics spent more total time gaming than using non-game apps, on a monthly basis.

Image Credits: App Annie

One breakout in the games category for Gen Z users, however, was the casual arcade game Among Us!, which just became the third-most played game worldwide, thanks to its team-based multiplayer features and the surge of Twitch streams. When Rep. Alexandria Ocasio-Cortez played the game on Twitch last night, it became one of the biggest-ever Twitch streams, peaking at 435,000 concurrent viewers.

Other popular Gen Z games include Match-3 games like Candy Crush Saga and Toon Blast, action games like PUBG Mobile and Free Fire, and casual simulation games like Minecraft Pocket Edition and Roblox.

Image Credits: App Annie

The report also examined what apps Gen Z users prefer across a range of non-game categories across both iOS and Android.

TikTok and Snapchat, in particular, stood out as the top over-indexed social and communication apps among Gen Z in nine out of the 10 markets analyzed for this report. This comes on the heels of Snap’s blowout earnings yesterday, where the social app topped analyst expectations and saw daily user growth climb 4% to 238 million.

Discord is also seeing strong growth, particularly in France, as mobile and remote gaming has become an epicenter of social interactions during the pandemic.

Image Credits: App Annie

Among entertainment apps, Twitch was the top over-indexed app in six out of the 10 markets for Gen Z users, though live streaming niconico was popular in Japan.

App Annie found that finance and shopping apps haven’t yet reached a broad Gen Z audience, but are demonstrating promising growth.

Image Credits: App Annie

Few finance apps over-index with Gen Z, though the demographic tends to interact with non-bank fintech apps like Venmo, Monzo and DANA. In South Korea, a top app was peer-to-peer payments app Toss, which also offers loans, insurance and credit.

Top Gen Z fashion apps, meanwhile, included Shein, ASOS, Shopee and Mercari.

Overall, active Gen Z users are rising faster across the markets analyzed, compared with older groups, with emerging markets like Indonesia and Brazil seeing the most growth.

Image Credits: App Annie

App Annie noted that Gen Z is becoming one of the most powerful consumer segments on mobile, as 98% own a smartphone and have a combined estimated spending power of $143 billion annually.

“Gen Z has never known a world without their smartphone. They see the world through this mobile first lens,” said Ted Krantz, CEO, App Annie, in a statement about the report’s findings.

Secureframe raises $4.5M to help businesses speed up their compliance audits

By Frederic Lardinois

While certifications for security management practices like SOC 2 and ISO 27001 have been around for a while, the number of companies that now request that their software vendors go through (and pass) the audits to be in compliance with these continues to increase. For a lot of companies, that’s a harrowing process, so it’s maybe no surprise that we are also seeing an increase in startups that aim to make this process easier. Earlier this month, Strike Graph, which helps automate security audits, announced its $3.9 million round, and today, Secureframe, which also helps businesses get and maintain their SOC 2 and ISO 27001 certifications, is announcing a $4.5 million round.

Secureframe’s round was co-led by Base10 Partners and Google’s AI-focused Gradient Ventures fund. BoxGroup, Village Global, Soma Capital, Liquid2, Chapter One, Worklife Ventures and Backend Capital participated. Current customers include Stream, Hasura and Benepass.

Image Credits: Secureframe

Shrav Mehta, the company’s co-founder and CEO, spent time at a number of different companies, but he tells me the idea for Secureframe was mostly born during his time at direct-mail service Lob.

“When I was at Lob, we dealt with a lot of issues around security and compliance because we were sometimes dealing with very sensitive data, and we’d hop on calls with customers, had to complete thousand-line security questionnaires, do exhaustive security reviews, and this was a lot for a startup of our size at the time. But it’s just what our customers needed. So I started to see that pain,” Mehta said.

Secureframe co-founder and CEO Shrav Mehta

Secureframe co-founder and CEO Shrav Mehta

After stints at Pilot and Scale AI after he left Lob in 2017 — and informally helping other companies manage the certification process — he co-founded Secureframe together with the company’s CTO, Natasja Nielsen.

“Because Secureframe is basically adding a lot of automation with our software — and making the process so much simpler and easier — we’re able to bring the cost down to a point where this is something that a lot more companies can afford,” Mehta explained. “This is something that everyone can get in place from day one, and not really have to worry that, ‘hey, this is going to take all of our time, it’s going to take a year, it’s going to cost a lot of money.’ […] We’re trying to solve that problem to make it super easy for every organization to be secure from day one.”

The main idea here is to make the arcane certification process more transparent and streamline the process by automating many of the more labor-intensive tasks of getting ready for an audit (and it’s virtually always the pre-audit process that takes up most of the time). Secureframe does so by integrating with the most-often used cloud and SaaS tools (it currently connects to about 25 services) and pulling in data from them to check up on your security posture.

“It feels a lot like a QuickBooks or TurboTax-like experience, where we’ll essentially ask you to enter basic details about your business. We try to autofill as much of it as possible from third-party sources — then we ask you to connect up all the integrations your business uses,” Mehta explained.

The company plans to use much of the new funding to staff up and build out these integrations. Over time, it will also add support for other certifications like PCI, HITRUST and HIPAA.

Contrast launches its security observability platform

By Frederic Lardinois

Contrast, a developer-centric application security company with customers that include Liberty Mutual Insurance, NTT Data, AXA and Bandwidth, today announced the launch of its security observability platform. The idea here is to offer developers a single pane of glass to manage an application’s security across its lifecycle, combined with real-time analysis and reporting, as well as remediation tools.

“Every line of code that’s happening increases the risk to a business if it’s not secure,” said Contrast CEO and chairman Alan Nauman. “We’re focused on securing all that code that businesses are writing for both automation and digital transformation.”

Over the course of the last few years, the well-funded company, which raised a $65 million Series D round last year, launched numerous security tools that cover a wide range of use cases from automated penetration testing to cloud application security and now DevOps — and this new platform is meant to tie them all together.

DevOps, the company argues, is really what necessitates a platform like this, given that developers now push more code into production than ever — and the onus of ensuring that this code is secure is now also often on that.

Image Credits: Contrast

Traditionally, Nauman argues, security services focused on the code itself and looking at traffic.

“We think at the application layer, the same principles of observability apply that have been used in the IT infrastructure space,” he said. “Specifically, we do instrumentation of the code and we weave security sensors into the code as it’s being developed and are looking for vulnerabilities and observing running code. […] Our view is: the world’s most complex systems are best when instrumented, whether it’s an airplane, a spacecraft, an IT infrastructure. We think the same is true for code. So our breakthrough is applying instrumentation to code and observing for security vulnerabilities.”

With this new platform, Contrast is aggregating information from its existing systems into a single dashboard. And while Contrast observes the code throughout its lifecycle, it also scans for vulnerabilities whenever a developers check code into the CI/CD pipeline, thanks to integrations with most of the standard tools like Jenkins. It’s worth noting that the service also scans for vulnerabilities in open-source libraries. Once deployed, Contrast’s new platform keeps an eye on the data that runs through the various APIs and systems the application connects to and scans for potential security issues there as well.

The platform currently supports all of the large cloud providers like AWS, Azure and Google Cloud, and languages and frameworks like Java, Python, .NET and Ruby.

Image Credits: Contrast

Wrike launches new AI tools to keep your projects on track

By Frederic Lardinois

Project management service Wrike today announced a major update to its platform at its user conference that includes a lot of new AI smarts for keeping individual projects on track and on time, as well as new solutions for marketers and project management offices in large corporations. In addition, the company also launched a new budgeting feature and tweaks to the overall user experience.

The highlight of the launch, though, is, without doubt, the launch of the new AI and machine learning capabilities in Wrike . With more than 20,000 customers and over 2 million users on the platform, Wrike has collected a trove of data about projects that it can use to power these machine learning models.

Image Credits: Wrike

The way Wrike is now using AI falls into three categories: project risk prediction, task prioritization and tools for speeding up the overall project management workflow.

Figuring out the status of a project and knowing where delays could impact the overall project is often half the job. Wrike can now predict potential delays and alert project and team leaders when it sees events that signal potential issues. To do this, it uses basic information like start and end dates, but more importantly, it looks at the prior outcomes of similar projects to assess risks. Those predictions can then be fed into Wrike’s automation engine to trigger actions that could mitigate the risk to the project.

Task prioritization does what you would expect and helps you figure out what you should focus on right now to help a project move forward. No surprises there.

What is maybe more surprising is that the team is also launching voice commands (through Siri on iOS) and Gmail-like smart replies (in English for iOS and Android). Those aren’t exactly core features of a project management tools, but as the company notes, these features help remove the overall friction and reduce latencies. Another new feature that falls into this category is support for optical character recognition to allow you to scan printed and handwritten notes from your phones and attach them to tasks (iOS only).

“With more employees working from home, work and personal life are becoming intertwined,” the company argues. “As workers use AI in their personal lives, team managers and everyday users expect the smarts they’re accustomed to in consumer devices and apps to help them manage their work as well. Wrike Work Intelligence is the most comprehensive machine learning foundation that taps into tens of millions of work-related user engagements to power cross-functional collaboration to help organizations achieve operational efficiency, create new opportunities and accelerate digital transformation. Teams can focus on the work that matters most, predict and minimize delays, and cut communication latencies.”

Image Credits: Wrike

The other major new feature — at least if you’re in digital marketing — is Wrike’s new ability to pull in data about your campaigns from about 50 advertising, marketing automation and social media tools, which is then displayed inside the Wrike experience. In a fast-moving field, having all that data at your fingertips and right inside the tool where you think about how to manage these projects seems like a smart idea.

Image Credits: Wrike

Somewhat related, Wrike’s new budgeting feature also now makes it easier for teams to keep their projects within budget, using a new built-in rate card to manage project pricing and update their financials.

“We use Wrike for an extensive project management and performance metrics system,” said Shannon Buerk, the CEO of engage2learn, which tested this new budgeting tool. “We have tried other PM systems and have found Wrike to be the best of all worlds: easy to use for everyone and savvy enough to provide valuable reporting to inform our work. Converting all inefficiencies into productive time that moves your mission forward is one of the keys to a culture of engagement and ownership within an organization, even remotely. Wrike has helped us get there.”

Lessons from Datto’s IPO pricing and revenue multiple

By Alex Wilhelm

Last night Datto priced its IPO at $27 per share, the top end of its range that TechCrunch covered last week. The data and security-focused software company had targeted a $24 to $27 per-share IPO price range, meaning that its final per-share value was at the top of its estimates.


The Exchange explores startups, markets and money. Read it every morning on Extra Crunch, or get The Exchange newsletter every Saturday.


The Datto IPO won’t draw lots of attention; its business is somewhat dull, as selling software to managed service providers rarely excites. But, the public offering matters for a different reason: it gives us a fresh lens into today’s IPO market.

That lens is the perspective of slower, more profitable growth. What is that worth?

The value of quickly-growing and unprofitable software and cloud companies is well known. Snowflake made a splash earlier this year on the back of huge growth and enormous losses. Investors ate its shares up, pushing its valuation to towering heights. And this year we’ve even seen rapid growth and profits valued by public investors in the form of JFrog’s IPO.

But slower growth, software margins and profitability? Datto’s financial picture feels somewhat unique among the IPOs that TechCrunch has covered this year.

It’s a similar bet to the one that Egnyte is making; the enterprise software company crested $100 million ARR last year and announced that it grew by around 22% in the first half of 2020. And, it is profitable on an EBITDA basis. Therefore, the Datto IPO could provide a clue as to what companies like Egnyte and the rest of the late-stage startup crop content to grow more slowly, but with the benefit of actually making money.

Lessons from Datto’s IPO pricing and revenue multiple

Here are the deal’s nuts and bolts:

Deals. Profits. Lock-in. Behind the DOJ case against Google

By Gilad Edelman
In an antitrust suit, the Justice Department claims the company uses exclusive deals with device makers and browser makers to prop up its near-monopoly on search.

Now may be the best time to become a full-stack developer

By Walter Thompson
Sergio Granada Contributor
Sergio Granada is the CTO of Talos Digital, a global team of professional software developers that partners with agencies and businesses in multiple industries providing software development and consulting services for their tech needs.

In the world of software development, one term you’re sure to hear a lot of is full-stack development. Job recruiters are constantly posting open positions for full-stack developers and the industry is abuzz with this in-demand title.

But what does full-stack actually mean?

Simply put, it’s the development on the client-side (front end) and the server-side (back end) of software. Full-stack developers are jacks of all trades as they work with the design aspect of software the client interacts with as well as the coding and structuring of the server end.

In a time when technological requirements are rapidly evolving and companies may not be able to afford a full team of developers, software developers that know both the front end and back end are essential.

In response to the coronavirus pandemic, the ability to do full-stack development can make engineers extremely marketable as companies across all industries migrate their businesses to a virtual world. Those who can quickly develop and deliver software projects thanks to full-stack methods have the best shot to be at the top of a company’s or client’s wish list.

Becoming a full-stack developer

So how can you become a full-stack engineer and what are the expectations? In most working environments, you won’t be expected to have absolute expertise on every single platform or language. However, it will be presumed that you know enough to understand and can solve problems on both ends of software development.

Most commonly, full-stack developers are familiar with HTML, CSS, JavaScript, and back-end languages like Ruby, PHP, or Python. This matches up with the expectations of new hires as well, as you’ll notice a lot of openings for full-stack developer jobs require specialization in more than one back-end program.

Full-stack is becoming the default way to develop, so much so that some in the software engineering community argue whether or not the term is redundant. As the lines between the front end and back end blur with evolving tech, developers are now being expected to work more frequently on all aspects of the software. However, developers will likely have one specialty where they excel while being good in other areas and a novice at some things….and that’s OK.

Getting into full-stack though means you should concentrate on finding your niche within the particular front-end and back-end programs you want to work with. One practical and common approach is to learn JavaScript since it covers both front and back end capabilities. You’ll also want to get comfortable with databases, version control, and security. In addition, it’s smart to prioritize design since you’ll be working on the client-facing side of things.

Since full-stack developers can communicate with each side of a development team, they’re invaluable to saving time and avoiding confusion on a project.

One common argument against full stack is that, in theory, developers who can do everything may not do one thing at an expert level. But there’s no hard or fast rule saying you can’t be a master at coding and also learn front-end techniques or vice versa.

Choosing between full-stack and DevOps

One hold up you may have before diving into full-stack is you’re also mulling over the option to become a DevOps engineer. There are certainly similarities among both professions, including good salaries and the ultimate goal of producing software as quickly as possible without errors.  As with full-stack developers, DevOps engineers are also becoming more in demand because of the flexibility they offer a company.

Google calls DOJ’s antitrust lawsuit ‘deeply flawed’ in GIF-laden blog response

By Darrell Etherington

Google was clearly anticipating today’s U.S. Department of Justice antitrust complaint filing – the company posted an extensive rebuttal of the lawsuit to its Keyword company blog. The post, penned by SVP of Global Affairs and Google Chief Legal Officer Kent Walker, suggests that the DOJ’s case is “deeply flawed” and “would do nothing to help consumers,” before going into a platform-by-platform description of why it thinks its position in the market isn’t representative of unfair market dominance that would amount to antitrust.

Google’s blog post is even sprinkled with GIFs – something that’s pretty common for the search giant when it comes to its consumer product launches. These GIFs include step-by-step screen recordings of setting search engines other than Google as your default in Chrome on both mobile and desktop. These processes are both described as “trivially easy” by Walker in the post, but they do look like a bit of an own-goal when you notice just how many steps it takes to get the job done on desktop in particular, including what looks like a momentary hesitation in where to click to drill down further for the “Make Default” command.

Image Credits: Google

Google also reportedly makes reference to companies choosing their search engine as default because of the quality of their service, including both Apple and Mozilla (with a link drop for our own Frederic Lardinois). Ultimately, Google is making the argument that its search engine isn’t dominant because of a lack of viable options fostered by anti-competitive practices, but that instead it’s a result of building a quality product that consumers then opt in to using from among a field of choices.

The DOJ’s full suit dropped this morning, and an initial analysis suggests that this scrutiny is perhaps inopportunely timed in terms of its proximity to the election to actually have any significant teeth. There is some indication that a more broad, bipartisan investigation with support from state level attorney generals on both sides of the aisle could follow later, however, so it’s not necessarily all just going to go away regardless of election outcome.

Gowalla is being resurrected as an augmented reality social app

By Lucas Matney

Gowalla is coming back.

The startup, which longtime TechCrunch readers will likely recall, was an ambitious consumer social app that excited Silicon Valley investors but ultimately floundered in its quest to take on Foursquare before an eventual $3 million acquihire in 2011 brought the company’s talent to Facebook.

The story certainly seemed destined to end there, but founder Josh Williams tells TechCrunch that he has decided to revive the Gowalla name and build on its ultimate vision by leaning on augmented reality tech.

“I really don’t think [Gowalla’s vision] has been fully realized at all, which is why I still want to scratch this itch,” Williams tells TechCrunch. “It was frankly really difficult to see it shut down.”

After a stint at Facebook, another venture-backed startup and a few other gigs, Williams has reacquired the Gowalla name, and is resurrecting the company with the guidance of co-founder Patrick Piemonte, a former Apple interface designer who previously founded an AR startup called Mirage. The new company was incubated inside Form Capital, a small design-centric VC fund operated by Williams and Bobby Goodlatte .

Founders Patrick Piemonte (left) and Josh Williams (right). Image credit: Josh Williams.

Williams hopes that AR can bring the Gowalla brand new life.

Despite significant investment from Facebook, Apple and Google, augmented reality is still seen as a bit of a gamble with many proponents estimating mass adoption to be several years out. Apple’s ARKit developer platform has yielded few wins despite hefty investment and Pokémon Go — the space’s sole consumer smash hit — is growing old.

“The biggest AR experience out there is Pokémon Go, and it’s now over six years old,” Williams says. “It’s moved the space forward a lot but is still very early in terms of what we’re going to see.”

Williams was cryptic when it came to details for what exactly the new augmented reality platform would look like when it launches. He did specify that it will feel more like a gamified social app than a social game, though he also lists the Nintendo franchise Animal Crossing as one of the platform’s foundational inspirations.

A glimpse of the branding for the new Gowalla. Image credit: Josh Williams

“It’s not a game with bosses or missions or levels, but rather something that you can experience,” Williams says. “How do you blend augmented reality and location? How do you see the world through somebody else’s eyes?”

A location-based social platform will likely rely on users actually going places, and the pandemic has largely dictated the app’s launch timing. Today, Gowalla is launching a waitlist, Williams says the app itself will launch in beta “in a number of cities” sometime in the first-half of next year. The team is also trying something unique with a smaller paid beta group called the “Street Team,” which will give users paying a flat $49 fee early access to Gowalla as well as “VIP membership,” membership to a private Discord group and some branded swag. A dedicated Street Team app will also launch in December.

Apple, Opera, and Yandex fix browser address bar spoofing bugs, but millions more still left vulnerable

By Zack Whittaker

Year after year, phishing remains one of the most popular and effective ways for attackers to steal your passwords. As users, we’re mostly trained to spot the telltale signs of a phishing site, but most of us rely on carefully examining the web address in the browser’s address bar to make sure the site is legitimate.

But even the browser’s anti-phishing features — often the last line of defense for a would-be phishing victim — aren’t perfect.

Security researcher Rafay Baloch found several vulnerabilities in some of the most widely used mobile browsers — including Apple’s Safari, Opera, and Yandex — which if exploited would allow an attacker to trick the browser into displaying a different web address than the actual website that the user is on. These address bar spoofing bugs make it far easier for attackers to make their phishing pages look like legitimate websites, creating the perfect conditions for someone trying to steal passwords.

The bugs worked by exploiting a weakness in the time it takes for a vulnerable browser to load a web page. Once a victim is tricked into opening a link from a phishing email or text message, the malicious web page uses code hidden on the page to effectively replace the malicious web address in the browser’s address bar to any other web address that the attacker chooses.

In at least one case, the vulnerable browser retained the green padlock icon, indicating that the malicious web page with a spoofed web address was legitimate — when it wasn’t.

An address bar spoofing bug in Opera Touch for iOS (left) and Bolt Browser (right). These spoofing bugs can make phishing emails look far more convincing. (Image: Rapid7/supplied)

Rapid7’s research director Tod Beardsley, who helped Baloch with disclosing the vulnerabilities to each browser maker, said address bar spoofing attacks put mobile users at particular risk.

“On mobile, space is at an absolute premium, so every fraction of an inch counts. As a result, there’s not a lot of space available for security signals and sigils,” Beardsley told TechCrunch. “While on a desktop browser, you can either look at the link you’re on, mouse over a link to see where you’re going, or even click on the lock to get certificate details. These extra sources don’t really exist on mobile, so the location bar not only tells the user what site they’re on, it’s expected to tell the user this unambiguously and with certainty. If you’re on palpay.com instead of the expected paypal.com, you could notice this and know you’re on a fake site before you type in your password.”

“Spoofing attacks like this make the location bar ambiguous, and thus, allow an attacker to generate some credence and trustworthiness to their fake site,” he said.

Baloch and Beardsley said the browser makers responded with mixed results.

So far, only Apple and Yandex pushed out fixes in September and October. Opera spokesperson Julia Szyndzielorz said the fixes for its Opera Touch and Opera Mini browsers are “in gradual rollout.”

But the makers of UC Browser, Bolt Browser, and RITS Browser — which collectively have more than 600 million device installs — did not respond to the researchers and left the vulnerabilities unpatched.

TechCrunch reached out to each browser maker but none provided a statement by the time of publication.

Adobe Illustrator launches on iPad and Adobe Fresco comes to the iPhone

By Frederic Lardinois

Adobe today launched the first public version of its Illustrator vector graphics app on the iPad. That’s no surprise, given that it was already available for pre-order and as a private beta, but a lot of Illustrator users were looking forward to this day.

In addition, the company also today announced that its Fresco drawing and painting app is now available on Apple’s iPhone, too. Previously, you needed either a Windows machine or an iPad to use it.

Illustrator on the iPad supports Apple Pencil — no surprise there either — and should offer a pretty intuitive user experience for existing users. Like with Photoshop, the team adapted the user interface for a smaller screen and promises a more streamlined experience.

Image Credits: Adobe

“While on the surface it may seem simple, more capabilities reveal themselves as you work. After a while you develop a natural rhythm where the app fades into the background, freeing you to express your creativity,” the company says.

Over time, the company plans to bring more effects, brushes and AI-powered features to Illustrator in general — including on the iPad.

Adobe Fresco on iPhone

Image Credits: Adobe

As for Fresco, it’ll be interesting to see what that user experience will look like on a small screen. Since it uses Adobe’s Creative Cloud libraries, you can always start sketching on an iPhone and then move to another platform to finish your work. It’s worth noting that the iPhone version will feature the same interface, brushes and capabilities you’d expect on the other platforms.

The company also today launched version 2.0 of Fresco, with new smudge brushes, support for personalized brushes from Adobe Capture and more.

Jam raises $3.5 million to Figma-tize product collaboration

By Lucas Matney

The web of collaboration apps invading remote work toolkits have led to plenty of messy workflows for teams that communicate in a language of desktop screenshots and DMs. Tracing a suggestion or flagging a bug in a company’s website forces engineers or designers to make sense of the mess themselves.  While task management software has given teams a funnel for the clutter, the folks at Jam question why this functionality isn’t just built straight into the product.

Jam co-founders Dani Grant and Mohd Irtefa tell TechCrunch they’ve closed on $3.5 million in seed funding and are ready to launch a public beta of their collaboration platform which builds chat, comments and task management directly onto a website, allowing developers and designers to track issues and make suggestions quickly and simply

The seed round was led by Union Square Ventures, where co-founder Dani Grant previously worked as an analyst. Version One Ventures, BoxGroup and Village Global also participated alongside some noteworthy angels including GitHub CTO Jason Warner, Cloudflare CEO Matthew Prince, Gumroad CEO Sahil Lavingia, and former Robinhood VP Josh Elman.

Like most modern productivity suites, Jam is heavy on integrations so users aren’t forced to upend their toolkits just to add one more product into the mix. The platform supports Slack, Jira, GitHub, Asana, Loom and Figma, with a few more in the immediate pipeline. Data syncs from one platform to the other bidirectionally so information is always fresh, Grant says. It’s all built into a tidy sidebar.

Grant and Irtefa met as product managers at Cloudflare, where they started brainstorming better ways to communicate feedback in a way that felt like “leaving digital sticky notes all over a product,” Grant says. That thinking ultimately pushed the duo to leave their jobs this past May and start building Jam.

The startup, like so many conceived during this period, has a remote founding story. Grant and Irtefa have only spent four days together in-person since the company was started, they raised their seed round remotely and most of the employees have never met each other in-person.

The remote team hopes their software can help other remote teams declutter their workflows and focus on what they’re building.

“On a product team, the product is the first tab everyone opens and closes,” Grant says. “So we’re on top of your product instead of on some other platform”

Jam’s interface

Adobe Lightroom gets a new color grading tool, auto versions, graphical watermarking and more

By Frederic Lardinois

At its MAX conference, Adobe today announced the launch of the latest version of Lightroom, its popular photo management and editing tool. The highlights of today’s release are the introduction of a new color grading tool that’s more akin to what you’d find in a video editor like Adobe Premiere or DaVinci Resolve, auto versioning that’s saved in the cloud (and hence not available in Lightroom Classic) and graphical watermarks, in addition to a number of other small feature updates across the application.

Adobe had already teased the launch of the new color grading feature last month, which was probably a good idea given how much of a change this is for photographers who have used Lightroom before. Adjusting color is, after all, one of the main features of Lightroom and this is a major change.

Image Credits: Adobe

At its core, the new color wheels replace the existing ‘split toning’ controls in Lightroom.

“Color Grading is an extension of Split Toning — it can do everything Split Toning did, plus much more,” Adobe’s Max Wendt explains in today’s announcement. “Your existing images with Split Toning settings will look exactly the same as they did before, your old Split Toning presets will also still look the same when you apply them, and you can still get the same results if you had a familiar starting point when doing Split Toning manually.”

My guess is that it’ll take a while for many Lightroom users to get a hang of these new color wheels. Overall, though, I think this new system is more intuitive than the current split toning feature that a lot of users regularly ignored.

The new color grading feature will be available across platforms and in Lightroom Classic, as well as Camera Raw.

The other new feature Adobe is highlighting with this release is graphical watermarks (available on Windows, Mac, iOS, iPadOS, Android and Chrome OS), that augments the existing text-based watermarking in Lightroom. This does exactly what the name implies and the watermarks are automatically applied when you share or export and image.

Image Credits: Adobe

The most important overall quality of life feature the team is adding is auto versions (also available on Windows, Mac, iOS, iPadOS, Android and Chrome OS). This makes it far easier to save different versions of an image — and these versions are synced across platforms. That way, you can easily go back and forth between different edits and revert those as necessary, too.

Image Credits: Adobe

With its new ‘best photos’ feature, Adobe is now also using its Ai smarts to find the best photos you’ve taken, but only on iOS, iPadOS, and Android, Chrome OS and the web. It’ll look at the technical aspects of your photo, as well as whether your subjects have their eyes open and face forward, for example, and the overall framing of the image. Users can decide how many of their images make the cut by toggling a threshold slider.

Another nifty new feature for Canon shooters who use Lightroom Classic is the addition of a tethered live view for Canon – with support for other cameras coming soon. With this, you get a real-time feed from your camera, making it easier to collaborate with others in real time.

 

Splunk acquires Plumbr and Rigor to build out its observability platform

By Frederic Lardinois

Data platform Splunk today announced that it has acquired two startups, Plumbr and Rigor, to build out its new Observability Suite, which is also launching today. Plumbr is an application performance monitoring service, while Rigor focuses on digital experience monitoring, using synthetic monitoring and optimization tools to help businesses optimize their end-user experiences. Both of these acquisitions complement the technology and expertise Splunk acquired when it bought SignalFx for over $1 billion last year.

Splunk did not disclose the price of these acquisitions, but Estonia-based Plumbr had raised about $1.8 million, while Atlanta-based Rigor raised a debt round earlier this year.

When Splunk acquired SignalFx, it said it did so in order to become a leader in observability and APM. As Splunk CTO Tim Tully told me, the idea here now is to accelerate this process.

Image Credits: Splunk

“Because a lot of our users and our customers are moving to the cloud really, really quickly, the way that they monitor [their] applications changed because they’ve gone to serverless and microservices a ton,” he said. “So we entered that space with those acquisitions, we quickly folded them together with these next two acquisitions. What Plumbr and Rigor do is really fill out more of the portfolio.”

He noted that Splunk was especially interested in Plumbr’s bytecode implementation and its real-user monitoring capabilities, and Rigor’s synthetics capabilities around digital experience monitoring (DEM). “By filling in those two pieces of the portfolio, it gives us a really amazing set of solutions because DEM was the missing piece for our APM strategy,” Tully explained.

Image Credits: Splunk

With the launch of its Observability Suite, Splunk is now pulling together a lot of these capabilities into a single product — which also features a new design that makes it stand apart from the rest of Splunk’s tools. It combines logs, metrics, traces, digital experience, user monitoring, synthetics and more.

“At Yelp, our engineers are responsible for hundreds of different microservices, all aimed at helping people find and connect with great local businesses,” said Chris Gordon, Technical Lead at Yelp, where his team has been testing the new suite. “Our Production Observability team collaborates with Engineering to improve visibility into the performance of key services and infrastructure. Splunk gives us the tools to empower engineers to monitor their own services as they rapidly ship code, while also providing the observability team centralized control and visibility over usage to ensure we’re using our monitoring resources as efficiently as possible.”

Daily Crunch: Pakistan un-bans TikTok

By Anthony Ha

TikTok returns to Pakistan, Apple launches a music-focused streaming station and SpaceX launches more Starlink satellites. This is your Daily Crunch for October 19, 2020.

The big story: Pakistan un-bans TikTok

The Pakistan Telecommunication Authority blocked the video app 11 days ago, over what it described as “immoral,” “obscene” and “vulgar” videos. The authority said today that it’s lifting the ban after negotiating with TikTok management.

“The restoration of TikTok is strictly subject to the condition that the platform will not be used for the spread of vulgarity/indecent content & societal values will not be abused,” it continued.

This isn’t the first time this year the country tried to crack down on digital content. Pakistan announced new internet censorship rules this year, but rescinded them after Facebook, Google and Twitter threatened to leave the country.

The tech giants

Apple launches a US-only music video station, Apple Music TV —  The new music video station offers a free, 24-hour live stream of popular music videos and other music content.

Google Cloud launches Lending DocAI, its first dedicated mortgage industry tool — The tool is meant to help mortgage companies speed up the process of evaluating a borrower’s income and asset documents.

Facebook introduces a new Messenger API with support for Instagram — The update means businesses will be able to integrate Instagram messaging into the applications and workflows they’re already using in-house to manage their Facebook conversations.

Startups, funding and venture capital

SpaceX successfully launches 60 more Starlink satellites, bringing total delivered to orbit to more than 800 — That makes 835 Starlink satellites launched thus far, though not all of those are operational.

Singapore tech-based real estate agency Propseller raises $1.2M seed round — Propseller combines a tech platform with in-house agents to close transactions more quickly.

Ready Set Raise, an accelerator for women built by women, announces third class — Ready Set Raise has changed its programming to be more focused on a “realistic fundraising process” vetted by hundreds of women.

Advice and analysis for Extra Crunch

Are VCs cutting checks in the closing days of the 2020 election? — Several investors told TechCrunch they were split about how they’re making these decisions.

Disney+ UX teardown: Wins, fails and fixes — With the help of Built for Mars founder and UX expert Peter Ramsey, we highlight some of the things Disney+ gets right and things that should be fixed.

Late-stage deals made Q3 2020 a standout VC quarter for US-based startups — Investors backed a record 88 megarounds of $100 million or more.

(Reminder: Extra Crunch is our subscription membership program, which aims to democratize information about startups. You can sign up here.)

Everything else

US charges Russian hackers blamed for Ukraine power outages and the NotPetya ransomware attack — Prosecutors said the group of hackers, who work for the Russian GRU, are behind the “most disruptive and destructive series of computer attacks ever attributed to a single group.”

Stitcher’s podcasts arrive on Pandora with acquisition’s completion — SiriusXM today completed its previously announced $325 million acquisition of podcast platform Stitcher from E.W. Scripps, and has now launched Stitcher’s podcasts on Pandora.

Original Content podcast: It’s hard to resist the silliness of ‘Emily in Paris’ — The show’s Paris is a fantasy, but it’s a fantasy that we’re happy to visit.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 3pm Pacific, you can subscribe here.

Juniper Networks acquires Boston-area AI SD-WAN startup 128 Technology for $450M

By Ron Miller

Today Juniper Networks announced it was acquiring smart wide area networking startup 128 Technology for $450 million.

This marks the second AI-fueled networking company Juniper has acquired in the last year and a half after purchasing Mist Systems in March 2019 for $405 million. With 128 Technology, the company gets more AI SD-WAN technology. SD-WAN is short for software-defined wide area networks, which means networks that cover a wide geographical area such as satellite offices, rather than a network in a defined space.

Today, instead of having simply software-defined networking, the newer systems use artificial intelligence to help automate session and policy details as needed, rather than dealing with static policies, which might not fit every situation perfectly.

Writing in a company blog post announcing the deal, executive vice president and chief product officer Manoj Leelanivas sees 128 Technology adding great flexibility to the portfolio as it tries to transition from legacy networking approaches to modern ones driven by AI, especially in conjunction with the Mist purchase.

“Combining 128 Technology’s groundbreaking software with Juniper SD-WAN, WAN Assurance and Marvis Virtual Network Assistant (driven by Mist AI) gives customers the clearest and quickest path to full AI-driven WAN operations — from initial configuration to ongoing AIOps, including customizable service levels (down to the individual user), simple policy enforcement, proactive anomaly detection, fault isolation with recommended corrective actions, self-driving network operations and AI-driven support,” Leelanivas wrote in the blog post.

128 Technologies was founded in 2014 and raised over $96 million, according to Crunchbase data. Its most recent round was a $30 million Series D investment in September 2019 led by G20 Ventures and The Perkins Fund.

In addition to the $450 million, Juniper has asked 128 Technology to issue retention stock bonuses to encourage the startup’s employees to stay on during the transition to the new owners. Juniper has promised to honor this stock under the terms of the deal. The deal is expected to close in Juniper’s fiscal fourth quarter, subject to normal regulatory review.

FloorFound is bringing online return and resale to direct to consumer furniture businesses

By Jonathan Shieber

Over the next five years consumers will return an estimated 40 million to 50 million pieces of furniture that more than likely will end up in landfills, creating tons of unnecessary waste, according to Chris Richter, the founder of a new Austin-based furniture startup, FloorFound.

To reduce that waste, and give retailers another option for their used goods, Richter has launched FloorFound. The company is designed to manage furniture returns and resale for online merchants. So far, companies like Floyd Home, Inside Weather, Outer and Feather (the furniture rental company) are using FloorFound’s services.

“We have a very large pipeline and we’ve been operating since April first,” said Richter. “We can pick up in any major metro locally and inspect it locally. We have a platform layer where we can run inspections against those items.”

As consumers look to reduce their environmental footprint, an easy place to start is by buying used items, Richter said, and he expects that most brands will start to incorporate used and new products in their virtual and real showrooms. “Every brand will commingle new items with resale items,” he said. “We are trying to put retailers in the resale business with their own return inventory.” To prove his point, Richter pointed to companies like REI and The Gap, which have partnered with ThredUp to sell used clothes.

To complement its returns business and give online sellers a way to work more seamlessly with local vendors, the company has logistics partnerships with providers including Pilot Freight Services, Metropolitan Warehouse and Delivery and J.B. Hunt Transport.

Working with co-founder Ryan Matthews, the former director of technology for the Austin-based high-end retailer Kendra Scott, Richter has set up a business that can tap into both the demand for better customer service for the return of large items and the growing call for greater sustainability in the furniture industry.

It was an attractive enough proposition to attract a pre-seed investment from Schematic Ventures, a venture fund focused exclusively on technological innovations for supply chain management.

“The broken experience of oversized e-commerce has kept a multi-billion-dollar category offline. It’s not a simple problem: oversized items require coordination of a hyper-fragmented micro carrier network, complex physical processing, and then re-injection into an e-commerce channel that aligns with the brand,” said Julian Counihan, a general partner at Schematic Ventures. “UPS and FedEx just aren’t going to cut it. FloorFound is tackling this challenge with a team tailor-made for the task: Chris Richter, Ryan Matthews and Shannon Hardt have backgrounds spanning supply chain, delivery, e-commerce and enterprise software. FloorFound will be the final push that moves the remaining offline categories, online.” 

❌