Tag Archives: blockchain

Xage introduces Zero Trust remote access cloud solution for hard-to-secure environments

Posted on by

When a hacker broke into the computer systems of the Oldsmar Florida water supply last month, it sent up red flags across the operational tech world, whether that’s utilities or oil and gas pipelines. Xage, a security startup that has been building a solution to help protect these hard-to-secure operations, announced a Zero Trust remote access cloud solution today that could help prevent these kinds of attacks.

Duncan Greatwood, CEO at Xage, says flat out that if his company’s software was in place in Oldsmar, that hack wouldn’t have happened. Smaller operations like the one in Oldsmar tend to be one-person IT shops running older remote access software that’s vulnerable to hacking on a number of levels.

“It’s not difficult to compromise a virtual network computing (VNC) connection. It’s not difficult to compromise a stale account that’s been left on a jump box. What we started to do last year was deliver what we call a Zero Trust remote access solution to these kinds of customers,” Greatwood told me.

This involves controlling access device by device and person by person by determining who can do what based on them authenticating themselves and proving who they are. “It doesn’t rely on knowledge of a device password or a VPN zone password,” he explained.

The solution goes further with a secure traversal tunnel, which relies on a tamper proof certificate to prevent hackers from getting from the operations side of the house — whether that’s a utility grid, water supply or oil and gas pipeline — to the IT side where they could then begin to muck about with the operational technology.

Xage now supports hierarchical blockchains for complex implementations

Xage also uses a distributed ledger as a core part of its solution to help protect identity policies, logs and other key information across the platform. “Having a distributed ledger means that rather than an attacker having to compromise just a single node, it would have to compromise a majority of the nodes simultaneously, and that’s very difficult [if not impossible] to do,” he said.

What’s more, the ledgers operate independently across locations in a hierarchy with a global ledger that acts as the ultimate rules enforcer. That means even if a location goes offline, the rules will be enforced by the main system whenever it reconnects.

They introduced an on premise version of the Zero Trust remote access system last October, but with this kind of technology difficult to configure and maintain, some customers were looking for a managed solution like the one being introduced today. With the cloud solution, customers get a hosted solution accessible via a web browser with much faster deployment.

“What we’ve done with the cloud solution is made it really simple for people to adopt us by hosting the management software and the core Xage fabric nodes in this Xage cloud, and we’re really dramatically reducing that time to value for a remote access solution for IT,” Greatwood said.

You might be thinking that CISOs might not trust a cloud solution for these sensitive kinds of environments, and he admits that there is some caution in this market, even though they understand the benefits of moving to the cloud. To help ease these concerns, they can do a PoC in the cloud and there is a transfer tool to move back on prem easily if they are not comfortable with the cloud approach. So far he says that no early customers have chosen to do that, but the option is there.

Xage was founded in 2017 and has raised $16 million so far, according to Crunchbase data.

Decrypted: A hacker attempted to poison Florida town’s water supply


By Ron Miller

Vendia raises $5.1M for its multi-cloud serverless platform

Posted on by

When the inventor of AWS Lambda, Tim Wagner, and the former head of blockchain at AWS, Shruthi Rao, co-found a startup, it’s probably worth paying attention. Vendia, as the new venture is called, combines the best of serverless and blockchain to help build a truly multi-cloud serverless platform for better data and code sharing.

Today, the Vendia team announced that it has raised a $5.1 million seed funding round, led by Neotribe’s Swaroop ‘Kittu’ Kolluri. Correlation Ventures, WestWave Capital, HWVP, Firebolt Ventures, Floodgate and Future\Perfect Ventures also participated in this oversubscribed round.

(Image Credits: Vendia)

Seeing Wagner at the helm of a blockchain-centric startup isn’t exactly a surprise. After building Lambda at AWS, he spent some time as VP of engineering at Coinbase, where he left about a year ago to build Vendia.

“One day, Coinbase approached me and said, ‘hey, maybe we could do for the financial system what you’ve been doing over there for the cloud system,’ ” he told me. “And so I got interested in that. We had some conversations. I ended up going to Coinbase and spent a little over a year there as the VP of Engineering, helping them to set the stage for some of that platform work and tripling the size of the team.” He noted that Coinbase may be one of the few companies where distributed ledgers are actually mission-critical to their business, yet even Coinbase had a hard time scaling its Ethereum fleet, for example, and there was no cloud-based service available to help it do so.

Tim Wagner, Vendia co-founder and CEO (Image Credits: Vendia)

“The thing that came to me as I was working there was why don’t we bring these two things together? Nobody’s thinking about how would you build a distributed ledger or blockchain as if it were a cloud service, with all the things that we’ve learned over the course of the last 10 years building out the public cloud and learning how to do it at scale,” he said.

Wagner then joined forces with Rao, who spent a lot of time in her role at AWS talking to blockchain customers. One thing she noticed was that while it makes a lot of sense to use blockchain to establish trust in a public setting, that’s really not an issue for enterprise.

“After the 500th customers, it started to make sense,” she said. “These customers had made quite a bit of investment in IoT and edge devices. And they were gathering massive amounts of data. And they also made investments on the other side, with AI and ML and analytics. And they said, ‘well, there’s a lot of data and I want to push all of this data through these intelligent systems. And I need a mechanism to get this data.’ ” But the majority of that data often comes from third-party services. At the same time, most blockchain proof of concepts weren’t moving into any real production usage because the process was often far too complex, especially enterprises that maybe wanted to connect their systems to those of their partners.

Shruthi Rao, Vendia co-founder and CBO (Image Credits: Vendia)

“We are asking these partners to spin up Kubernetes clusters and install blockchain nodes. Why is that? That’s because for blockchain to bring trust into a system to ensure trust, you have to own your own data. And to own your own data, you need your own node. So we’re solving fundamentally the wrong problem,” she explained.

The first product Vendia is bringing to market is Vendia Share, a way for businesses to share data with partners (and across clouds) in real time, all without giving up control over that data. As Wagner noted, businesses often want to share large data sets but they also want to ensure they can control who has access to that data. For those users, Vendia is essentially a virtual data lake with provenance tracking and tamper-proofing built-in.

The company, which mostly raised this round after the coronavirus pandemic took hold in the U.S., is already working with a couple of design partners in multiple industries to test out its ideas, and plans to use the new funding to expand its engineering team to build out its tools.

“At Neotribe Ventures, we invest in breakthrough technologies that stretch the imagination and partner with companies that have category creation potential built upon a deep-tech platform,” said Neotribe founder and managing director Kolluri. “When we heard the Vendia story, it was a no-brainer for us. The size of the market for multi-party, multi-cloud data and code aggregation is enormous and only grows larger as companies capture every last bit of data. Vendia’s Serverless -based technology offers benefits such as ease of experimentation, no operational heavy lifting and a pay-as-you-go pricing model, making it both very consumable and highly disruptive. Given both Tim and Shruthi’s backgrounds, we know we’ve found an ideal ‘Founder fit’ to solve this problem! We are very excited to be the lead investors and be a part of their journey.”


By Frederic Lardinois

Xage adds full-stack data protection to blockchain security platform

Posted on by

Xage, a startup that has been taking an unusual path to secure legacy companies like oil and gas and utilities with help from the blockchain, announced a new data protection service today.

Xage CEO Duncan Greatwood, says that up until this point, the company has concentrated on protecting customers at the machine layer, but today’s announcement involves protecting data as it travels between parties, which is more of a classic blockchain security scenario.

“We are moving beyond the protection of machines with greater focus on the protection of data. And this announcement around Dynamic Data Security that we’re delivering today is really a data protection layer that spans multiple dimensions. So it spans from the physical machine layer right up to business transaction,” Greatwood explained.

He says that what separates his company from competitors is the ability to have that protection up and down the stack. “We can guarantee the authenticity, integrity and the confidentiality of data, as it’s produced at the machine, and we can maintain that all the way to [delivery to the various parties],” he said.

Greatwood says that this solution is designed to help protect data, even in highly complex data sharing scenarios, using the blockchain as the trust mechanism. Imagine a supply chain scenario in which the parties are sharing data, but each participant only needs to see the piece of data they need to complete their part of the transaction and no more. To do this, Xage has the concept of security fabric, which acts as a layer of protection across the platform.

“What Xage is doing is to use this kind of security outsource approach we bring to authenticity, integrity and confidentiality, and then using the fabric to replicate all of that security metadata across the extent of the fabric, which may very well cover multiple locations and multiple participants,” he said.

This approach enables customers to have confidence in the providence and integrity of the data they are seeing. “We’re able to allow all of the participants to define a set of security policies that gives them control of their own data, but it also allows them to share very flexibly with the rest of the participants in the ecosystem, and to have confidence in that data, up to and including the point where they’ll pay each other money, based on the integrity of the data.”

The new solution is available today. It has been in testing with three beta customers, which included an oil and gas customer, a utility and a smart city scenario.

Xage was founded in 2016 and has raised just over $16 million, according to PitchBook data.


By Ron Miller

Thought Machine nabs $83M for a cloud-based platform that powers banking services

Posted on by

The world of consumer banking has seen a massive shift in the last ten years. Gone are the days where you could open an account, take out a loan, or discuss changing the terms of your banking only by visiting a physical branch. Now, you can do all this and more with a few quick taps on your phone screen — a shift that has accelerated with customers expecting and demanding even faster and more responsive banking services.

As one mark of that switch, today a startup called Thought Machine, which has built cloud-based technology that powers this new generation of services on behalf of both old and new banks, is announcing some significant funding — $83 million — a Series B that the company plans to use to continue investing in its platform and growing its customer base.

To date, Thought Machine’s customers are primarily in Europe and Asia — they include large, legacy outfits like Standard Chartered, Lloyds Banking Group, and Sweden’s SEB through to “challenger” (AKA neo-) banks like Atom Bank. Some of this financing will go towards boosting the startup’s activities in the US, including opening an office in the country later this year and moving ahead with commercial deals.

The funding is being led by Draper Esprit, with participation also from existing investors Lloyds Banking Group, IQ Capital, Backed and Playfair.

Thought Machine, which started in 2014 and now employs 300, is not disclosing its valuation but Paul Taylor, the CEO and founder, noted that the market cap is currently “increasing healthily.” In its last round, according to PitchBook estimates, the company was valued at around $143 million, which at this stage of funding puts this latest round potentially in the range of between $220 million and $320 million.

Thought Machine is not yet profitable, mainly because it is in growth mode, said Taylor. Of note, the startup has been through one major bankruptcy restructuring, although it appears that this was mainly for organisational purposes: all assets, employees and customers from one business controlled by Taylor were acquired by another.

Thought Machine’s primary product and technology is called VaultOS, a platform that contains a range of banking services — they include current/checking accounts; savings accounts; loans; credit cards and mortgages — that Thought Machine does not sell directly to consumers, but sells by way of a B2B2C model.

The services are provisioned by way of smart contracts, which allows Thought Machine and its banking customers to personalise, vary and segment the terms for each bank — and potentially for each customer of the bank.

It’s a little odd to think that there is an active market for banking services that are not built and owned by the banks themselves. After all, aren’t these the core of what banks are supposed to do?

But one way to think about it is in the context of eating out. Restaurants’ kitchens will often make in-house what they sell and serve. But in some cases, when it makes sense, even the best places will buy in (and subsequently sell) food that was crafted elsewhere. For example, a restaurant will re-sell cheese or charcuterie, and the wine is likely to come from somewhere else, too.

The same is the case for banks, whose “Crown Jewels” are in fact not the mechanics of their banking services, but their customer service, their customer lists, and their deposits. Better banking services (which may not have been built “in-house”) are key to growing these other three.

“There are all sorts of banks, and they are all trying to find niches,” said Taylor. Indeed, the startup is not the only one chasing that business. Others include Mambu, Temenos and Italy’s Edera.

In the case of the legacy banks that work with the startup, the idea is that these behemoths can migrate into the next generation of consumer banking services and banking infrastructure by cherry-picking services from the VaultOS platform.

“Banks have not kept up and are marooned on their own tech, and as each year goes by, it comes more problematic,” noted Taylor.

In the case of neobanks, Thought Machine’s pitch is that it has already built the rails to run a banking service, so a startup — “new challengers like Monzo and Revolut that are creating quite a lot of disruption in the market” (and are growing very quickly as a result) — can integrate into these to get off the ground more quickly and handle scaling with less complexity (and lower costs).

It’s not the only company providing a platform for banking services that are in turn

Taylor was new to fintech when he founded Thought Machine, but he has a notable track record in the world of tech that you could argue played a big role in his subsequent foray into banking.

Formerly an academic specialising in linguistics and engineering, his first startup, Rhetorical Systems, commercialised some of his early speech-to-text research and was later sold to Nuance in 2004.

His second entrepreneurial effort, Phonetic Arts, was another speech startup, aimed at tech that could be used in gaming interactions. In 2010, Google approached the startup to see if it wanted to work on a new speech-to-text service it was building. It ended up acquiring Phonetic Arts, and Taylor took on the role of building and launching Google Now, with that voice tech eventually making its way to Google Maps, accessibility services, the Google Assistant and other places where you speech-based interaction makes an appearance in Google products.

While he was working for years in the field, the step changes that really accelerated voice recognition and speech technology, Taylor said, were the rapid increases in computing power and data networks that “took us over the edge” in terms of what a machine could do, specifically in the cloud.

And those are the same forces, in fact, that led to consumers being able to run our banking services from smartphone apps, and for us to want and expect more personalised services overall. Taylor’s move into building and offering a platform-based service to address the need for multiple third-party banking services follows from that, and also is the natural heir to the platform model you could argue Google and other tech companies have perfected over the years.

Draper Esprit has to date built up a strong portfolio of fintech startups that includes Revolut, N26, TransferWise and Freetrade. Thought Machine’s platform approach is an obvious complement to that list. (Taylor did not disclose if any of those companies are already customers of Thought Machine’s, but if they are not, this investment could be a good way of building inroads.)

“We are delighted to be partnering with Thought Machine in this phase of their growth,” said Vinoth Jayakumar, Investment Director, Draper Esprit, in a statement. “Our investments in Revolut and N26 demonstrate how banking is undergoing a once in a generation transformation in the technology it uses and the benefit it confers to the customers of the bank. We continue to invest in our thesis of the technology layer that forms the backbone of banking. Thought Machine stands out by way of the strength of its engineering capability, and is unique in being the only company in the banking technology space that has developed a platform capable of hosting and migrating international Tier 1 banks. This allows innovative banks to expand beyond digital retail propositions to being able to run every function and type of financial transaction in the cloud.”

“We first backed Thought Machine at seed stage in 2016 and have seen it grow from a startup to a 300-person strong global scaleup with a global customer base and potential to become one of the most valuable European fintech companies,” said Max Bautin, Founding Partner of IQ Capital, in a statement. “I am delighted to continue to support Paul and the team on this journey, with an additional £15 million investment from our £100 million Growth Fund, aimed at our venture portfolio outperformers.”


By Ingrid Lunden

Tangle EE project joins Eclipse Foundation to bring distributed ledger apps to enterprise

Posted on by

As the number of IoT devices proliferate, and machines conduct transactions with machines without humans involved, it becomes increasingly necessary to have a permissionless system that facilitates this kind of communication in a secure way.

Enter the IOTA Foundation, a Berlin-based open source distributed ledger technology (DLT) project, which has hooked up with the Eclipse Foundation to bring IOTA DLT to the enterprise via the Tangle EE project. For starters, this involves forming a working group.

The distributed ledger idea first emerged as a way to distribute digital currency on the blockchain. Since then, there have been multiple ideas, both open source and commercial, to bring this concept to the enterprise to provide a secure, immutable and frictionless way to share data.

One such open source project is IOTA, which saw an issue with DLT as it was being implemented by other entities. “IOTA is the first distributed ledger technology that went beyond blockchain with a completely new architecture that resolves the bottleneck problems of blockchain that has prevented real world adoption,” Dominik Schiener, co-founder of IOTA Foundation told TechCrunch.

The broad vision is to provide a way for machines and devices to communicate securely. “We provide a protocol layer that enables both humans and machines to bulk transact value without fees, as well as ensure data integrity, which is of course, increasingly important in the age of Internet of Things where hundreds of billions of devices are being connected over the next decades,” Schiener said.

Tangle EE is the part of the project aimed at enterprise users — EE stands for Enterprise Edition — that can take this technology and enable larger organizations to build applications on top of the project. For starters the foundation is working with the Eclipse Foundation to bring corporate entities on board who can help better define the requirements of the large business user.

Dell Technologies and STMicroelectronics are the first major companies joining the project, but the hope is that through discussion and dialogue, Tangle EE will begin to gain traction. “The main reason why we created Tangle EE was because of the discussions that we’ve had with corporations. They really understood that we need to have a working group around IOTA to discuss the application layer, to discuss what kind of solutions we can develop broadly across industries, but also really start having more serious discussions about the protocol,” Schiener said.

Much like the Linux Foundation, the Eclipse Foundation will provide a governance framework for the project. “The Eclipse Foundation will provide a vendor-neutral governance framework for open collaboration, with IOTA’s scalable, feeless and permissionless DLT as a base,” Mike Milinkovich, executive director of the Eclipse Foundation explained in a statement.

If it gains traction, more companies will join in the coming months and years, and begin building out Tangle EE, while developing applications based on the protocol.

Hyperledger Fabric, the open-source distributed ledger, reaches release 2.0


By Ron Miller

Hyperledger Fabric, the open source distributed ledger, reaches release 2.0

Posted on by

The open source Hyperledger Foundation announced the release of Hyperledger Fabric 2.0 today, the first such project to reach a 2.0 release.

It’s a notable milestone. The blockchain as a business tool has certainly had a rocky road over the last few years, but there is still plenty to like about smart contracts that have automated compliance checks built in. Hyperledger Fabric 2.0 has lots of new features with that in mind.

The biggest updates involve forcing agreement among the parties before any new data can be added to the ledger, known as decentralized governance of the smart contracts. In practice, it means that the system will prevent any entity from writing to the ledger until there is consensus among the parties involved in the transaction, a basic blockchain tenet.

This is a requirement because the beauty and the curse of the distributed ledger is that it is an immutable record. Once you have written something in the ledger, it becomes very difficult to change it without the agreement of all those involved in the contract. You want to make sure you get it right before you commit something to the ledger.

Along those same lines, developers can build in automated checks along the way. As they say, this ensures the parties can “validate additional information before endorsing a transaction proposal.”

Brian Behlendorf, Executive Director at Hyperledger and a big advocate of open source distributed ledger technology, says this is a big milestone for the project and the organization as it looks to help organizations adopt distributed ledger technology.

“Fabric 2.0 is a new generation framework developed by and for the enterprises that are building distributed ledger capabilities into the core of their businesses. This new release reflects both the development and deployment experience of the Fabric community and confirms the arrival of the production era for enterprise blockchain,” Behlendorf said in a statement.

That remains to be seen. The rise of blockchain in business has moved at a slow pace, but this release shows that the open source community is still committed to building enterprise-grade distributed ledger technology. Today’s announcement is another step in that direction.


By Ron Miller

Xage now supports hierarchical blockchains for complex implementations

Posted on by

Xage is working with utilities, energy companies and manufacturers to secure their massive systems, and today it announced some significant updates to deal with the scale and complexity of these customers’ requirements including a new hierarchical blockchain.

Xage enables customers to set security policy, then enforce that policy on the blockchain. Company CEO Duncan Greatwood says as customers deploy his company’s solutions more widely, it has created a set of problems around scaling that they had to address inside the product including the use of blockchain.

As you have multiple sites involved in a system, there needed to be a way for these individual entities to operate whether they are connected to the main system or not. The answer was to provide each site with its own local blockchain, then have a global blockchain that acts as the ultimate enforcer of the rules once the systems reconnected.

“What we’ve done is by creating independent blockchains for each location, you can continue to write even if you are separated or the latency is too high for a global write. But when the reconnect happens with the global system, we replay the writes into the global blockchain,” Greatwood explained.

While classical blockchain doesn’t allow these kinds of separations, Xage felt it was necessary to deal with its particular kind of use case. When there is a separation a resynchronization happens where the global blockchain checks the local chains for any kinds of changes, and if they are not consistent with the global rules, it will overwrite those entries.

Greatwood says these changes can be malicious if someone managed to take over a node or they could be non-malicious such as a password change that wasn’t communicated to the global chain until it reconnected. Whatever the reason, the global blockchain has this power to fix the record when it’s required.

Another issue that has come up for Xage customers is the idea that majority rules on a blockchain, but that’s not always a good idea when you have multiple entities working together. As Greatwood explains, if one entity has 600 nodes and the other has 400, the larger entity can always enforce its rules on the smaller one. To fix that, they have created what they are calling a super majority.

“The supermajority allows us to impose impose rules such as, after you have the majority of 600 nodes, you also have to have the majority of the 400 nodes. Obviously, that will give you an overall majority. But the important point is that the company with 400 nodes is protected now because the write to the ledger account can’t happen unless a majority of the 400 node customer also agrees and participates in the write,” Greatwood explained.

Finally, the company also announced scaling improvements, which reduce computing requirements to run Xage by 10x, according to the company.

Xage brings role-based single sign-on to industrial devices


By Ron Miller

Osano makes business risk and compliance (somewhat) sexy again

Posted on by

A new startup is clearing the way for other companies to better monitor and manage their risk and compliance with privacy laws.

Osano, an Austin, Texas-based startup, bills itself as a privacy platform startup, which uses a software-as-a-service solution to give businesses real-time visibility into their current privacy and compliance posture. On one hand, that helps startups and enterprises large and small insight into whether or not they’re complying with global or state privacy laws, and manage risk factors associated with their business such as when partner or vendor privacy policies change.

The company launched its privacy platform at Disrupt SF on the Startup Battlefield stage.

Risk and compliance is typically a fusty, boring and frankly unsexy topic. But with ever-changing legal landscapes and constantly moving requirements, it’s hard to keep up. Although Europe’s GDPR has been around for a year, it’s still causing headaches. And stateside, the California Consumer Privacy Act is about to kick in and it is terrifying large companies for fear they can’t comply with it.

Osano mixes tech with its legal chops to help companies, particularly smaller startups without their own legal support, to provide a one-stop shop for businesses to get insight, advice and guidance.

“We believe that any time a company does a better job with transparency and data protection, we think that’s a really good thing for the internet,” the company’s founder Arlo Gilbert told TechCrunch.

Gilbert, along with his co-founder and chief technology officer Scott Hertel, have built their company’s software-as-a-service solution with several components in mind, including maintaining its scorecard of 6,000 vendors and their privacy practices to objectively grade how a company fares, as well as monitoring vendor privacy policies to spot changes as soon as they are made.

One of its standout features is allowing its corporate customers to comply with dozens of privacy laws across the world with a single line of code.

You’ve seen them before: The “consent” popups that ask (or demand) you to allow cookies or you can’t come in. Osano’s consent management lets companies install a dynamic consent management in just five minutes, which delivers the right consent message to the right people in the best language. Using the blockchain, the company says it can record and provide searchable and cryptographically verifiable proof-of-consent in the event of a person’s data access request.

“There are 40 countries with cookie and data privacy laws that require consent,” said Gilbert. “Each of them has nuances about what they consider to be consent: what you have to tell them; what you have to offer them; when you have to do it.”

Osano also has an office in Dublin, Ireland, allowing its corporate customers to say it has a physical representative in the European Union — a requirement for companies that have to comply with GDPR.

And, for corporate customers with questions, they can dial-an-expert from Osano’s outsourced and freelance team of attorneys and privacy experts to help break down complex questions into bitesize answers.

Or as Gilbert calls it, “Uber, but for lawyers.”

The concept seems novel but it’s not restricted to GDPR or California’s upcoming law. The company says it monitors international, federal and state legislatures for new laws and changes to existing privacy legislation to alert customers of upcoming changes and requirements that might affect their business.

In other words, plug in a new law or two and Osano’s customers are as good as covered.

Osano is still in its pre-seed stage. But while the company is focusing on its product, it’s not thinking too much about money.

“We’re planning to kind of go the binary outcome — go big or go home,” said Gilbert, with his eye on the small- to medium-sized enterprise. “It’s greenfield right now. There’s really nobody doing what we’re doing.”

The plan is to take on enough funding to own the market, and then focus on turning a profit. So much so, Gilbert said, that the company is registered as a B Corporation, a more socially conscious and less profit-driven approach of corporate structure, allowing it to generate profits while maintaining its social vision.

The company’s idea is strong; its corporate structure seems mindful. But is it enough of an enticement for fellow startups and small businesses? It’s either dominate the market or bust, and only time will tell.


By Zack Whittaker

Battlefield vets StrongSalt (formerly OverNest) announces $3M seed round

Posted on by

StrongSalt, then known as OverNest, appeared at the TechCrunch Disrupt NYC Battlefield in 2016, and announced product for searching encrypted code, which remains unusual to this day. Today, the company announced a $3 million seed round led by Valley Capital Partners.

StrongSalt founder and CEO Ed Yu, says encryption remains a difficult proposition, and that when you look at the majority of breaches, encryption wasn’t used. He said that his company wants to simplify adding encryption to applications, and came up with a new service to let developers add encryption in the form of an API. “We decided to come up with what we call an API platform. It’s like infrastructure that allows you to integrate our solution into any existing or any new applications,” he said.

The company’s original idea was to create a product to search encrypted code, but Yu says the tech has much more utility as an API that’s applicable across applications, and that’s why they decided to package it as a service. It’s not unlike Twilio for communications or Stripe for payments, except in this case you can build in searchable encryption.

The searchable part is actually a pretty big deal because, as Yu points out, when you encrypt data it is no longer searchable. “If you encrypt all your data, you cannot search within it, and if you cannot search within it, you cannot find the data you’re looking for, and obviously you can’t really use the data. So we actually solved that problem,” he said.

Developers can add searchable encryption as part of their applications. For customers already using a commercial product, the company’s API actually integrates with popular services, enabling customers to encrypt the data stored there, while keeping it searchable.

“We will offer a storage API on top of Box, AWS S3, Google cloud, Azure — depending on what the customer has or wants. If the customer already has AWS S3 storage, for example, then when they use our API, and after encrypting the data, it will be stored in their AWS repository,” Yu explained.

For those companies who don’t have a storage service, the company is offering one. What’s more, they are using the blockchain to provide a mechanism for the sharing, auditing and managing encrypted data. “We also use the blockchain for sharing data by recording the authorization by the sender, so the receiver can retrieve the information needed to reconstruct the keys in order to retrieve the data. This simplifies key management in the case of sharing and ensures auditability and revocability of the sharing by the sender,” Yu said.

If you’re wondering how the company has been surviving since 2016, while only getting its seed round today, it had a couple of small seed rounds prior to this, and a contract with the US Department of Defense, which replaced the need for substantial earlier funding.

“The DOD was looking for a solution to have secure communication between between computers, and they needed to have a way to securely store data, and so we were providing a solution for them,” he said. In fact, this work was what led them to build the commercial API platform they are offering today.

The company, which was founded in 2015, currently has 12 employees spread across the globe.

OverNest launches GitZero with encrypted code searching at TechCrunch Disrupt Battlefield


By Ron Miller

Kadena brings free private blockchain service to Azure Marketplace

Posted on by

The hype around blockchain seems to have cooled a bit, but companies like Kadena have been working on enterprise-grade solutions for some time, and continue to push the technology forward. Today, the startup announced that Kadena Scalable Permissioned Blockchain on Azure is available for free in the Azure Marketplace.

Kadena co-founder and CEO Will Martino says today’s announcement builds on the success of last year’s similar endeavor involving AWS. “Our private chain is designed for enterprise use. It’s designed for being high performance is designed for integrating with traditional back ends. And by bringing that chain to AWS marketplace, and now to Microsoft Azure, we are servicing almost all of the enterprise blockchain market that takes place in the cloud,” Martino told TechCrunch.

The free product enables companies to get comfortable with the technology and build a Proof of Concept (PoC) without making a significant investment in the tooling. The free tool provides 2000 transactions a second across 4 nodes. Once companies figure this out and want to scale, that’s when the company begins making money, but Martino recognizes that the technology is still immature and companies need to get comfortable with it, and that’s what the free versions on the cloud platforms like Azure are encouraging.

Martino says Kadena favors a hybrid approach to enterprise blockchain that combines public and private chains, and in his view, gives customers the best of both worlds. “You can run a smart contract on our public chain Web protocol that will be launching on October 30th, and that smart contract can be linked to a cluster of private permission chain nodes that are running the other half of the application. This allows you to have all of the market access and openness and transparency and ownerlessness of a public network, while also having the control and the security that you find in a private network,” he said.

Martino and co-founder Stuart Popejoy both worked at JPMorgan on early blockchain projects, but left to start Kadena in 2016. The company has raised $14.9 million to date.

The blockchain begins finding its way in the enterprise


By Ron Miller

India’s Reliance Jio inks deal with Microsoft to expand Office 365, Azure to more businesses; unveils broadband, blockchain, and IoT platforms

Posted on by

India’s Reliance Jio, which has disrupted the telecom and features phone businesses in India in less than three years of existence, is now ready to aggressively foray into many more businesses with the help of global giants including Microsoft.

The subsidiary of India’s largest industrial house Reliance Industries today announced that it will commercially launch its optical fiber broadband business next month, an IoT platform on January 1, 2020, and “one of the world’s biggest blockchain networks” in the next 12 months.

The broadband service, called Jio Giga Fiber, is aimed at individual customers, small and medium sized businesses, as well as enterprises, Mukhesh Ambani, Chairman and Managing Director of Reliance Industries, said at a shareholders meeting Monday. The service, which will be available to consumers starting September 5, will offer free voice calls, high-speed internet and start at Rs 700 per month.

The company also announced a 10-year partnership with Microsoft to leverage the Redmond giant’s Azure, Microsoft 365, and Microsoft AI platforms to launch new cloud datacenters in India to ensure “more of Jio’s customers can access the tools and platforms they need to build their own digital capability,” said Microsoft CEO Satya Nadella in a video appearance Monday.

“At Microsoft, our mission is to empower every person and every organization on the planet to achieve more. Core to this mission is deep partnerships, like the one we are announcing today with Reliance Jio. Our ambition is to help millions of organizations across India thrive and grow in the era of rapid technological change… Together, we will offer a comprehensive technology solution, from compute to storage, to connectivity and productivity for small and medium-sized businesses everywhere in the country,” he added.

As part of the partnership, Nadella said, Jio and Microsoft will jointly offer Office 365 to more organizations in India, and also bring Azure Cognitive Services to more devices and in many Indian languages to businesses in the country. The solutions will be “accessible” to reach as many people and organizations in India as possible, he added.

Ambani also said Jio is working on a “digital stack” to create a new commerce partnership platform in India to reach tens of millions of merchants, consumers, and producers.

Reliance Jio partners with Facebook to launch literacy program for first time internet users in India

More to follow…


By Manish Singh

Dust Identity secures $10M Series A to identify objects with diamond dust

Posted on by

The idea behind Dust Identity was originally born in an MIT lab where students developed a system of uniquely identifying objects using diamond dust. Since then, the startup has been working to create a commercial application for the advanced technology, and today it announced a $10 million Series A round led by Kleiner Perkins, which also led its $2.3 million seed round last year.

Airbus Ventures and Lockheed Martin Ventures, New Science Ventures, Angular Ventures and Castle Island Ventures also participated in the round. Today’s investment brings the total raised to $12.3 million.

The company has an unusual idea of applying a thin layer of diamond dust to an object with the goal of proving that object has not been tampered with. While using diamond dust may sound expensive, the company told TechCrunch last year at the time of its seed round funding that it uses low-cost industrial diamond waste, rather than the expensive variety you find in jewelry stores.

As CEO and co-founder Ophir Gaathon told TechCrunch last year, “Once the diamonds fall on the surface of a polymer epoxy, and that polymer cures, the diamonds are fixed in their position, fixed in their orientation, and it’s actually the orientation of those diamonds that we developed a technology that allows us to read those angles very quickly.”

Ilya Fushman, who is leading the investment for Kleiner, says the company is offering a unique approach to identity and security for objects. “At a time when there is a growing trust gap between manufacturers and suppliers, Dust Identity’s diamond particle tag provides a better solution for product authentication and supply chain security than existing technologies,” he said in a statement.

The presence of strategic investors Airbus and Lockheed Martin shows that big industrial companies see a need for advanced technology like this in the supply chain. It’s worth noting that the company partnered with enterprise computing giant SAP last year to provide a blockchain interface for physical objects, where they store the Dust Identity identifier on the blockchain. Although, the startup has a relationship with SAP, it remains blockchain agnostic, according to a company spokesperson.

While it’s still early days for the company, it has attracted the attention from a broad range of investors and intends to use the funding to continue building and expanding the product in the coming year. To this point, it has implemented pilot programs and early deployments across a range of industries including automotive, luxury goods, cosmetics and oil, gas and utilities

This startup got $2.3M to identify physical objects using diamond dust


By Ron Miller

Visa funds $40M for no-password crypto vault Anchorage

Posted on by

Visa and Andreessen Horowitz are betting even bigger on cryptocurrency, funding a big round for fellow Facebook Libra Association member Anchorage’s omnimetric blockchain security system. Instead of using passwords that can be stolen, Anchorage requires cryptocurrency withdrawals to be approved by a client’s other employees. Then the company uses both human and AI review of biometrics and more to validate transactions before they’re executed, while offering end-to-end insurance coverage.

This new-age approach to cryptocurrency protection has attracted a $40 million Series B for Anchorage led by Blockchain Capital and joined by Visa and Andreessen Horowitz. The round adds to Anchorage’s $17 million Series A that Andreessen led just six months ago, demonstrating extraordinary momentum for the security startup.

As a custodian, our work is focused on building financial plumbing that other companies depend on for their operations to run smoothly. In this regard we have always looked at Visa as a model” Anchorage co-founder and president Diogo Mónica tells me.

“Visa was ‘fintech’ before the term existed, and has always been on the vanguard of financial infrastructure. Visa’s investment in Anchorage is helpful not only to our company but to our industry, as a validation of the entire ecosystem and a recognition that crypto will play a key role in the future of global finance.”

Anchorage Crypto 1

Cold-storage, where assets are held in computers not connected to the Internet, has become a popular method of securing Bitcoin, Ether, and other tokens. But the problem is that this can prevent owners from participating in governance of certain cryptocurrency where votes are based on their holdings, or earning dividends. Anchorage tells me it’s purposefully designed to permit this kind of participation, helping clients to get the most out of their assets like capturing returns from staking and inflation, or joining in on-chain governance.

As 3 of the 28 founding members of the Libra Association that will govern the new Facebook-incubated cryptocurrency; Anchorage, Visa, and Andreessen Horowitz will be responsible for ensuring the stablecoin stays secure. While Facebook is building its own custodial wallet called Calibra for users, other Association members and companies hoping to dive into the ecosystem will need ways to protect their Libra stockpiles.

“Libra is exactly the kind of asset that Anchorage was created to hold” Mónica wrote the day Libra was revealed. “Our custody solution , so that asset-holders don’t face a trade-off between security and usability.” The company believes that custodians shouldn’t dictate what coins their clients hold, so it’s working to support all types of digital assets. Anchorage tells me that will include support for securing Libra in the future.

Libra Association Founding Partners

You’ve probably already used technology secured by Anchorage’s founders, who engineered Docker’s containers that are used by Microsoft, and Square’s first encrypted card reader. Mónica was at Square when he met his future Anchorage co-founder Nathan McCauley who’d been working on anti-reverse engineering tech for the U.S. military. When a company that had lost the password to a $1 million cryptocurrency account asked for their help with security, they recognized a recognized the need for a more idiot-proof take on asset protection.

“Anchorage applies the best of modern security engineering for a more advanced approach: we generate and store private keys in secure hardware so they are never exposed at any point in their life cycle, and we eliminate human operations that expose assets to risk” Mónica says. The startup competes with other crypto custody firms like Bitgo, Ledger, Coinbase, and Gemini.

Anchorage CryptocurrencyLast time we spoke, Anchorage was cagey about what I could reveal regarding how its transaction validation system worked. With the new funding, it’s feeling a little more secure about its market position and was willing to share more.

Anchorage ditches usernames, passwords, email addresses, and phone numbers completely. That way a hacker can’t just dump your coins into their account by stealing your private key or SIM-porting your number to their phone. Instead, clients whitelist devices held by their employees, who use the Anchorage app to submit transactions. You’d propose selling $10 million worth of Bitcoin or transferring it to someone else as payment, and a minimum of two-thirds of your designated co-workers would need to concur to form a quorum that approves the transfer.

But first, Anchorage would’s artificial intelligence and human staff would check for any suspicious signals that might indicate a hack in progress. It uses behavioral analysis (do you act like a real human and similar to how you have before), biometric signals (do you look like you), and network signals (is your device what and where it should be) to confirm the transaction is legitimate. The same process goes down if you try to add a new whitelisted device or change who has permission to do what.

The challenge will be scaling security to an ever-broadening range of digital assets, each with their own blockchain quirks and complex smart contracts. Even if Anchorage keeps coins safely in custody, those variables could expose assets to risk while in transit. Now with deeper pockets and the Visa vote of confidence, Anchorage could solve those problems as clients line up.

While most blockchain attention has focused on the cryptocurrencies themselves and the exchanges where you can buy and sell them, a second order of critical infrastructure startups is emerging. Companies like Anchorage could make Bitcoin, Ether, Libra, and more not just objects of speculation or the domain of experts, but safely functioning elements of the new world economy.


By Josh Constine

IBM, KPMG, Merck, Walmart team up for drug supply chain blockchain pilot

Posted on by

IBM announced its latest blockchain initiative today. This one is in partnership with KPMG, Merk and Walmart to build a drug supply chain blockchain pilot.

These four companies are coming to together to help come up with a solution to track certain drugs as they move through a supply chain. IBM is acting as the technology partner, KPMG brings a deep understanding of the compliance issues, Merk is of course a drug company and Walmart would be a drug distributor through its pharmacies and care clinics.

The idea is to give each drug package a unique identifier that you can track through the supply chain from manufacturer to pharmacy to consumer. Seems simple enough, but the fact is that companies are loathe to share any data with one another. The blockchain would provide an irrefutable record of each transaction as the drug moved along the supply chain, giving authorities and participants an easy audit trail.

The pilot is part of set of programs being conducted by various stakeholders at the request of the FDA. The end goal is to find solutions to help comply with the U.S. Drug Supply Chain Security Act. According to the FDA Pilot Program website, “FDA’s DSCSA Pilot Project Program is intended to assist drug supply chain stakeholders, including FDA, in developing the electronic, interoperable system that will identify and trace certain prescription drugs as they are distributed within the United States.”

IBM hopes that this blockchain pilot will show it can build a blockchain platform or network on top of which other companies can build applications. “The network in this case, would have the ability to exchange information about these pharmaceutical shipments in a way that ensures privacy, but that is validated,” Mark Treshock, global blockchain solutions leader for healthcare and life sciences at IBM told TechCrunch.

He believes that this would help bring companies on board that might be concerned about the privacy of their information in a public system like this, something that drug companies in particular worry about. Trying to build an interoperable system is a challenge, but Treshock sees the blockchain as a tidy solution for this issue.

Some people have said that blockchain is a solution looking for a problem, but IBM has been looking at it more practically with several real-world projects in production including one to track leafy greens from field to store with Walmart and a shipping supply chain with Maersk to track shipping containers as they move through the world

Treshock believes the Walmart food blockchain is particularly applicable here and could be used as a template of sorts to build the drug supply blockchain. “It’s very similar, tracking food to tracking drugs, and we are leveraging or adopting the assets that we built for food trust to this problem. We’re taking that platform and adapting it to track pharmaceuticals,” he explained.

Walmart is betting on the blockchain to improve food safety


By Ron Miller

Helium launches $51M-funded “LongFi” IoT alternative to cellular

Posted on by

With 200X the range of WiFi at 1/1000th of the cost of a cellular modem, Helium’s “LongFi” wireless network debuts today. Its transmitters can help track stolen scooters, find missing dogs via IoT collars, and collect data from infrastructure sensors. The catch is that Helium’s tiny, extremely low-power, low-data transmission chips rely on connecting to P2P Helium Hotspots people can now buy for $495. Operating those hotspots earns owners a cryptocurrency token Helium promises will be valuable in the future…

The potential of a new wireless standard has allowed Helium to raise $51 million over the past few years from GV, Khosla Ventures, and Marc Benioff including a new $15 million round co-led by Union Square Ventures and Multicoin Capital. That’s in part because one of Helium’s co-founders is Napster inventer Shawn Fanning. Investors are betting that he can change the tech world again, this time with a wireless protocol that like WiFi and Bluetooth before it could unlock unique business opportunities.

Helium already has some big partners lined up including Lime, which will test it for tracking its lost and stolen scooters and bikes when they’re brought indoors obscuring other connectivity or their battery is pulled out deactivating GPS. “It’s an ultra low-cost version of a LoJack” Helium CEO Amir Haleem says.

InvisiLeash will partner with it to build more trackable pet collars. Agulus will pull data from irrigation valves and pumps for its agriculture tech business, Nestle will track when its time to refill water in its ReadyRefresh coolers at offices, and Stay Alfred will use it to track occupancy status and air quality in buildings. Haleem also imagines the tech being useful for tracking wildfires or radiation.

Haleem met Fanning playing video games in the 2000s. They teamed up with Fanning and Sproutling baby monitor (sold to Mattel) founder Chris Bruce in 2013 to start work on Helium. They foresaw a version of Tile’s trackers that could function anywhere while replacing expensive cell connections for devices that don’t need high-bandwith. Helium will compete with SigFox, another lower-power IoT protocol, though Haleem claims its more centralized infrastructure costs are prohibitive. Lucky for Helium, on-demand rental bikes and scooters that are perfect for its network have reached mainstream popularity just as Helium launches six years after its start.

Helium says its already pre-sold 80% of its Helium Hotspots for its first market in Austin, Texas. People connect them to their Wifi and put in their window so thee devices can pull in data from Helium’s IoT sensors over its open-source LongFi protocol. The hotspots then encrypt and send the data to the company’s cloud that clients can plug into to track and collect info from their devices. The Helium Hotspots only require as much energy as a 12-watt LED lightbulb to run, but that $495 price tag is steep. The lack of a concrete return on investment could deter later adopters from buying the expensive device.

Only 150-200 hotspots are necessary to blanket a city in connectivity, Haleem tells me. But since they need to be distributed across the landscape so a client can’t just fill their warehouse with the hotspots and the upfront price is expensive for individuals, Helium might need to sign up some retail chains as partners for deployment. Haleem admits “The hard part is the education”. Making hotspot buyers understand the potential (and risks) while demonstrating the opportunities for clients will require a ton of outreach and slick marketing.

Without enough Helium Hotspots, the Helium network won’t function. That means this startup will have to simultaneously win at telecom technology, enterprise sales, and cryptocurrency for the network to pan out. As if one of those wasn’t hard enough.


By Josh Constine