Connect with us

Tech

Device monitoring and management startup Memfault nabs $8.5M

Published

on

Memfault

Join Transform 2021 for the most important themes in enterprise AI & Data. Learn more.


Memfault, a startup developing software for consumer device firmware delivery, monitoring, and diagnostics, today closed an $8.5 million series A funding round. CEO François Baldassari says the capital will enable Memfault to scale its engineering team and make investments across product development and marketing.

Slow, inefficient, costly, and reactive processes continue to plague firmware engineering teams. Often, companies recruit customers as product testers — the first indication of a device issue comes through users contacting customer service or voicing dissatisfaction on social media. With 30 billion internet of things (IoT) devices predicted to be in use by 2025, hardware monitoring and debugging methods could struggle to keep pace. As a case in point, Palo Alto Networks’ Unit 42 estimates that 98% of all IoT device traffic is unencrypted, exposing personal and confidential data on the network.

Memfault, which was founded in 2019 by veterans of Oculus, Fitbit, and Pebble, offers a solution in a cloud-based firmware observability platform. Using the platform, customers can capture and remotely debug issues as well as continuously monitor fleets of connected devices. Memfault’s software development kit is designed to be deployed on devices to capture data and send it to the cloud for analysis. The backend identifies, classifies, and deduplicates error reports, spotlighting the issues likely to be most prevalent.

Baldassari says that he, Tyler Hoffman, and Christopher Coleman first conceived of Memfault while working on the embedded software team at smartwatch startup Pebble. Every week, thousands of customers reached out to complain about Bluetooth connectivity issues, battery life regressions, and unexpected resets. Investigating these bugs was time-consuming — teams had to either reproduce issues on their own units or ask customers to mail their watches back so that they could crack them open and wire in debug probes. To improve the process, Baldassari and his cofounders drew inspiration from web development and infrastructure to build a framework that supported the management of fleets of millions of devices, which became Memfault.

By aggregating bugs across software releases and hardware revisions, Memfault says its platform can determine which devices are impacted and what stack they’re running. Developers can inspect backtraces, variables, and registers when encountering an error, and for updates, they can split devices into cohorts to limit fleet-wide issues. Memfault also delivers real-time reports on device check-ins and notifications of unexpected connectivity inactivity. Teams can view device and fleet health data like battery life, connectivity state, and memory usage or track how many devices have installed a release — and how many have encountered problems.

“We’re building feedback mechanisms into our software which allows our users to label an error we have not caught, to merge duplicate errors together, and to split up distinct errors which have been merged by mistake,” Baldassari told VentureBeat via email. “This data is a shoo-in for machine learning, and will allow us to automatically detect errors which cannot be identified with simple heuristics.”

IDC forecasts that global IoT revenue will reach $742 billion in 2020. But despite the industry’s long and continued growth, not all organizations think they’re ready for it — in a recent Kaspersky Lab survey, 54% said the risks associated with connectivity and integration of IoT ecosystems remained a major challenge.

That’s perhaps why Memfault has competition in Amazon’s AWS IoT Device Management and Microsoft’s Azure IoT Edge, which support a full range of containerization and isolation features. Another heavyweight rival is Google’s Cloud IoT, a set of tools that connect, process, store, and analyze edge device data. Not to be outdone, startups like Balena, Zededa, Particle, and Axonius offer full-stack IoT device management and development tools.

But Baldassari believes that Memfault’s automation features in particular give the platform a leg up from the rest of the pack. “Despite the ubiquity of connected devices, hardware teams are too often bound by a lack of visibility into device health and a reactive cycle of waiting to be notified of potential issues,” he said in a press release. “Memfault has reimagined hardware diagnostics to instead operate with the similar flexibility, speed, and innovation that has proven so successful with software development. Memfault has saved our customers millions of dollars and engineering hours, and empowered teams to approach product development with the confidence that they can ship better products, faster, with the knowledge they can fix bugs, patch, and update without ever disrupting the user experience.”

Partech led Memfault’s series A raise with participation from Uncork Capital, bringing the San Francisco, California-based company’s total raised to $11 million. In addition to bolstering its existing initiatives, Memfault says it’ll use the funding to launch a self-service of its product for “bottom-up” adoption rather than the sales-driven, top-down approach it has today.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech

US government strikes back at Kremlin for SolarWinds hack campaign

Published

on

US government strikes back at Kremlin for SolarWinds hack campaign

Matt Anderson Photography/Getty Images

US officials on Thursday formally blamed Russia for backing one of the worst espionage hacks in recent US history and imposed sanctions designed to mete out punishments for that and other recent actions.

In a joint advisory, the National Security Agency, FBI, and Cybersecurity and Information Security Agency said that Russia’s Foreign Intelligence Service, abbreviated as the SVR, carried out the supply-chain attack on customers of the network management software from Austin, Texas-based SolarWinds.

The operation infected SolarWinds’ software build and distribution system and used it to push backdoored updates to about 18,000 customers. The hackers then sent follow-up payloads to about 10 US federal agencies and about 100 private organizations. Besides the SolarWinds supply-chain attack, the hackers also used password guessing and other techniques to breach networks.

After the massive operation came to light, Microsoft President Brad Smith called it an “act of recklessness.” In a call with reporters on Thursday, NSA Director of Cybersecurity Rob Joyce echoed the assessment that the operation went beyond established norms for government spying.

“We observed absolutely espionage,” Joyce said. “But what is concerning is from that platform, from the broad scale of availability of the access they achieved, there’s the opportunity to do other things, and that’s something we can’t tolerate and that’s why the US government is imposing costs and pushing back on these activities.”

Thursday’s joint advisory said that the SVR-backed hackers are behind other recent campaigns targeting COVID-19 research facilities, both by infecting them with malware known as both WellMess and WellMail and by exploiting a critical vulnerability in VMware software.

The advisory went on to say that the Russian intelligence service is continuing its campaign, in part by targeting networks that have yet to patch one of the five following critical vulnerabilities. Including the VMware flaw, they are:

  • CVE-2018-13379 Fortinet FortiGate VPN
  • CVE-2019-9670 Synacor Zimbra Collaboration Suite
  • CVE-2019-11510 Pulse Secure Pulse Connect Secure VPN
  • CVE-2019-19781 Citrix Application Delivery Controller and Gateway
  • CVE-2020-4006 VMware Workspace ONE Access

“Mitigation against these vulnerabilities is critically important as US and allied networks are constantly scanned, targeted, and exploited by Russian state-sponsored cyber actors,” the advisory stated. It went on to say that the “NSA, CISA, and FBI strongly encourage all cybersecurity stakeholders to check their networks for indicators of compromise related to all five vulnerabilities and the techniques detailed in the advisory and to urgently implement associated mitigations.”

A representative of VPN provider Pulse noted that patches for CVE-2019-11510 were released in April 2019. “Customers who followed the instructions in a Pulse Secure security advisory issued at that time have properly protected their systems and mitigated the threat.” FortiNet in recent weeks has also pointed out it patched CVE-2018-13379 in May 2019. The makers of the other affected hardware and software have also issued fixes.

cves targeted by russia

CISA

The US Treasury Department, meanwhile, imposed sanctions to retaliate for what it said were “aggressive and harmful activities by the Government of the Russian Federation.” The measures include new prohibitions on Russian sovereign debt and sanctions on six Russia-based firms that the Treasury Department said “supported the Russian Intelligence Services’ efforts to carry out malicious cyber activities against the United States.”

The firms are:

  • ERA Technopolis, a research center operated by the Russian Ministry of Defense for transferring the personnel and expertise of the Russian technology sector to the development of technologies used by the country’s military. ERA Technopolis supports Russia’s Main Intelligence Directorate (GRU), a body responsible for offensive cyber and information operations.
  • Pasit, a Russia-based information technology company that has conducted research and development supporting malicious cyber operations by the SVR.
  • SVA, a Russian state-owned research institute specializing in advanced systems for information security located in that country. SVA has done research and development in support of the SVR’s malicious cyber operations.
  • Neobit, a Saint Petersburg, Russia-based IT security firm whose clients include the Russian Ministry of Defense, SVR, and Russia’s Federal Security Service. Neobit conducted research and development in support of the cyber operations conducted by the FSB, GRU, and SVR.
  • AST, a Russian IT security firm whose clients include the Russian Ministry of Defense, SVR, and FSB. AST provided technical support to cyber operations conducted by the FSB, GRU, and SVR.
  • Positive Technologies, a Russian IT security firm that supports Russian Government clients, including the FSB. Positive Technologies provides computer network security solutions to Russian businesses, foreign governments, and international companies and hosts recruiting events for the FSB and GRU.

“The reason they were called out is because they’re an integral part and participant in the operation that the SVR executes,” Joyce said of the six companies. “Our hope is that by denying the SVR the support of those companies, we’re impacting their ability to project some of this malicious activity around the world and especially into the US.”

Russian government officials have steadfastly denied any involvement in the SolarWinds campaign.

Besides attributing the SolarWinds campaign to the Russian government, Thursday’s release from the Treasury Department also said that the SVR was behind the August 2020 poisoning of Russian opposition leader Aleksey Navalny with a chemical weapon, the targeting of Russian journalists and others who openly criticize the Kremlin, and the theft of “red team tools,” which use exploits and other attack tools to mimic cyber attacks.

The “red team tools” reference was likely related to the offensive tools taken from FireEye, the security firm that first identified the Solar Winds campaign after discovering its network had been breached.
The Treasury department went on to say that the Russian government “cultivates and co-opts criminal hackers” to target US organizations. One group, known as Evil Corp., was sanctioned in 2019. That same year, federal prosecutors indicted the Evil Corp kingpin Maksim V. Yakubets and posted a $5 million bounty for information that leads to his arrest or conviction.

Although overshadowed by the sanctions and the formal attribution to Russia, the most important takeaway from Thursday’s announcements is that the SVR campaign remains ongoing and is currently leveraging the exploits mentioned above. Researchers said on Thursday that they’re seeing Internet scanning that is intended to identify servers that have yet to patch the Fortinet vulnerability, which the company fixed in 2019. Scanning for the other vulnerabilities is also likely ongoing.

People managing networks, particularly any that have yet to patch one of the five vulnerabilities, should read the latest CISA alert, which provides extensive technical details about the ongoing hacking campaign and ways to detect and mitigate compromises.

Continue Reading

Tech

Autonomous trucking company Plus will use AI and billions of miles of data to train self-driving semis

Published

on

Autonomous trucking company Plus will use AI and billions of miles of data to train self-driving semis

This article is part of a VB Lab Insight series paid for by Plus.


The safest drivers are those with the most experience. Studies show it can take years of practice for automobile drivers to become careful and competent road users. Similarly, the more experience a truck driver has the less likely it is that they will cause a serious crash.

What holds true for human drivers holds true for autonomous driving systems — up to a point. The safest self-driving vehicle platforms are those that have accumulated the most experience.

Since driving experience is so important, how can technologists make sure computerized driving systems get the training they need to operate safely on the nation’s roads and highways?

Solving this challenge is the key to unlocking a fully autonomous future.

How computers learn to drive a semi-truck

Thanks to advances in sensor technology and artificial intelligence (AI), an automated truck is capable of analyzing many objects on the road and making a decision about how to respond.

This is accomplished in large part by training so-called “deep learning” algorithms. Repeatedly expose a self-driving system to all kinds of obstacles, from a cut-in vehicle to a construction site, and the system will start to understand how to react when an obstruction appears on the highway.

Here it is important to note that unlike people, machines lack common sense and don’t do well handling novel situations. Human drivers know to slow down in the face of an unexpected obstacle — a bear, say — because we can make decisions based on similar situations we have already encountered or extrapolate from other incidents.

Unlike humans, however, deep neural networks can only learn from data they have been trained on, whether from public roads, closed courses, or computer simulations.

So back to the original question: How do you train the machines so they are exposed to the full range of the driving experience?

Data, data, and more data

Plus’s goal is to help truck drivers on long-haul routes, where they encounter a variety of road and weather conditions. In addition to closed-road testing and computer simulations, the company’s PlusDrive system is learning on the open road, where the trucks can be exposed to real-world obstacles and situations. Junk flying from a pickup bed. Ice slicks. A wind turbine blade. A zigzagging motorcycle.

Plus3

Though these so-called “long tail” phenomena comprise less than 1% of the time behind the wheel, knowing how to safely navigate them is critical for machines. Society expects that a computer-operated machine must be at least an order of magnitude safer than a human driver.

Billions of miles of on-road testing

Starting this summer, Plus will put its supervised automated driving system into factory production. It is also retrofitting existing trucks with the system. By this time next year, hundreds of automated trucks powered by PlusDrive will be on the road, hauling commercial cargo.

Human drivers will be behind the wheel. Like an experienced professional training a new recruit, Plus drivers will monitor the autonomous trucks while teaching them how to handle unexpected obstacles.

Plus estimates that its fleet will accumulate billions of collective miles before the company deploys fully driverless vehicles. Taking an evolutionary approach to full autonomy enables the company to rack up miles more quickly, with the assistance of on-board professional drivers who are training and validating the system.

To support its global deployment in the U.S., China, Europe, and other markets, Plus recently raised $420 million in new funding.

Truck driver retention and low-carbon solution

The drivers benefit too. The Plus supervised autonomous trucking solution elevates the role of the truck driver, upskilling them in preparation for an autonomous future. At the same time a digital co-pilot will ease driver exhaustion on long-haul routes, and fleets will spend less on the hiring process.

The system yields other gains. Fuel comprises about a third of a trucking company’s operating budget, by far the largest cost for heavy trucks. When an automated system understands the road, pulling in GPS and weather data too, they optimize shifting and braking. Plus has run pilot projects showing that  PlusDrive saves 10% of the tank compared to the most efficient drivers, a win for the bottom line and the environment.

The autonomous trucking future, now

Commercial space travel, solar-powered cities, autonomous vehicles — the first two visions of the future depend on specific economic inflection points, while the third is wholly dependent on the amount of data a system has accumulated.

Plus is building the necessary feedback loop of information today. Its trucks are accumulating the data. Its drivers, who are among the safest and most efficient Class A drivers, are training the system with their responses. Its engineers are fine-tuning PlusDrive’s algorithms and decisions. And eventually PlusDrive will be one of the safest and most experienced drivers on the road.

Plus is applying autonomous trucking technology to trucks today. For more information, please visit www.plus.ai.


VB Lab Insights content is created in collaboration with a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. Content produced by our editorial team is never influenced by advertisers or sponsors in any way. For more information, contact [email protected]

Continue Reading

Tech

Misfits Gaming esports group launches Women of Misfits speaker series

Published

on

Misfits Gaming esports group launches Women of Misfits speaker series

Join Transform 2021 this July 12-16. Register for the AI event of the year.


Esports company Misfits Gaming Group is leaning into female gamers with the launch of its Women of Misfits speaker series, and it will turn into a wider platform over time.

The Boca Raton, Florida-based company will use its fame in esports to elevate issues for women in gaming and esports, and it’s happening at a time when problems such as sexual harassment and under-representation of women at game studios and at esports organizations have been in the headlines.

Women are a prevalent part of the esports and gaming landscape. Nearly 40% of all gamers are female with 80% of them being 18 or older. The Women of Misfits initiative will provide a space for women to discuss ideas and be inspired by influential women both inside and outside the organization in addition to supporting the growth and development of women within MGG. We’ll have a Women in Gaming Breakfast at our GamesBeat Summit 2021 on April 28-29.

The platform will features a series of monthly guest speakers. The first speakers are Chris Evert, 18-time Grand Slam singles champion and tennis legend; GloZell Green, comedian and YouTuber; Bianca Smith, the first Black woman to serve as a professional baseball coach; Angela Ruggiero, CEO Sports Innovation Lab and four-time Olympian and Gold Medalist for the U.S. Hockey team; and Maya Enista Smith,7 am embargo Executive Director of the Born This Way Foundation.

The focus of the Women of Misfits platform will be mentorship, development, network, and advocacy. The platform will be led by female executives within MGG including chief development officer Hillary Matchett; president of media and branding Ella Pravetz; chief revenue officer Lagen Nash; president of Misfits Agency Amy Palmer; vice president of Communications Becca Henry; chief wellness adviser Carolyn Rubenstein; and cofounder Laurie Silvers.

The Women of Misfits platform includes a monthly speaker series with industry leaders and visionaries which will air on MGG’s YouTube channel. The sessions will be moderated by MGG executives and guest speakers will share topics that matter to them and inspire both the gaming community and women to pursue their dreams.

“I am truly inspired and amazed with our women at MGG and their many accomplishments and eager to watch this platform ascend,” said Misfits CEO Ben Spoont, in a statement. “The determination and dedication to push one another to break the boundaries as women within the esports industry is remarkable, and I am confident this platform will resonate not only within MGG but also within our wider community.”

GamesBeat

GamesBeat’s creed when covering the game industry is “where passion meets business.” What does this mean? We want to tell you how the news matters to you — not just as a decision-maker at a game studio, but also as a fan of games. Whether you read our articles, listen to our podcasts, or watch our videos, GamesBeat will help you learn about the industry and enjoy engaging with it.

How will you do that? Membership includes access to:

  • Newsletters, such as DeanBeat
  • The wonderful, educational, and fun speakers at our events
  • Networking opportunities
  • Special members-only interviews, chats, and “open office” events with GamesBeat staff
  • Chatting with community members, GamesBeat staff, and other guests in our Discord
  • And maybe even a fun prize or two
  • Introductions to like-minded parties

Become a member

Continue Reading

Trending