The 15 biggest enterprise ‘unicorns’

The Wall Street Journal found 115 companies valued at more than $1 billion, these are the 15 biggest enterprise tech ones

Yester-year there were only a few unicorns in the world of startups.

This week though, the Wall Street Journal and Dow Jones VenturSource identified 115 companies with valuations north of $1 billion, which are referred to as unicorns.

Below are 15 of the highest valued enterprise software companies that have received venture funding but have not yet been sold or gone public.

Palantir
Valuation: $20 billion
Funding: $1.5 billion

What it does: Palantir has created a program that’s really good at finding relationships across vast amounts of data, otherwise known as link analysis software. Its meteoric rise has been fueled by big-money contracts with federal government agencies. Palantir is the second-largest unicorn, behind Uber, that The Wall Street Journal identified.

Dropbox
Valuation: $10 billion
Funding: $607 million

What it does: One of the pioneers of the cloud market, Dropbox’s file synch and share system has been a hit with consumers, and increasingly with businesses too. Chief competitor Box would have been a unicorn, but the company went public this year.

Zenefits
Valuation: $4.5 billion
Total funding: $596 million

What it does: Zenefits provides a cloud-based human resource management (HRM) system for small and midsized business, with an emphasis on helping businesses manage health insurance administration and costs.

Cloudera
Valuation: $4.1 billion
Total funding: $670 million

What it does: Cloudera provides a distribution of Hadoop. It’s chief competitor in the big data/Hadoop market, Hortonworks, filed for an initial public offering earlier this year after being a unicorn itself.
Resources

Pure Storage
Valuation: $3 billion
Funding: $530 million

What it does: Pure storage is one of the most popular startups in the solid-state, flash-storage market. It pitches its hardware-software product as a more affordable competitor to storage giant EMC.

Docusign
Valuation: $3 billion
Funding: $515 million

What it does: Docusign lets users electronically sign and file paperwork.

Slack
Valuation: $2.8 billion
Funding: $315 million

What it does: Slack is an enterprise communication and collaboration platform, allowing users to text and video chat, plus share documents too.

Nutanix
Valuation: $2 billion
Funding: $312 million

What it does: Nutanix is one of the startups in the hyperconvernged infrastructure market, providing customers an all-in-one system that includes virtualized compute, network and storage hardware, controlled by a custom software. Converged systems are seen as the building blocks of distributed systems because of their ability to optimize performance, particularly on the storage side.

Domo
Valuation: $2 billion
Funding: $459 million

What it does: Founded by Josh James (who sold his previous startup Omniture to Adobe for $1.8 billion), this Utah-based company provides business intelligence software hosted in the cloud tailored for business executives. The idea is to provide c-level executives at companies ready access to important data they need to run their companies in a user-friendly format accessible on any device.

GitHub
Valuation: $2 billion
Funding: $350 million

What it does: GitHub is a platform for storing software that makes up open source projects. These repositories can be public or private and allow users to track bugs, usage and downloads. If you use an open source project, it’s likely hosted on GitHub.

Tanium
Valuation: $1.8 billion
Funding: $142 million

What it does: Tanium is a platform for identifying and remedying application outages or security threats in real-time. One of it biggest differentiating features is an intuitive search bar that allows users to quickly search in natural language to check the status of the system they’re monitoring for a variety of issues.

MongoDB
Valuation: $1.6 billion
Funding: $311 million

What it does: MongoDB is one of the most popular NoSQL databases. These new breeds of databases are ideal for managing unstructured data, like social media streams, documents and other complex data that don’t fit well into traditional structured databases.

InsideSales.com
Valuation: $1.5 billion
Funding: $199 million

What it does: InsideSales.com is a big data platform that analyzes business relationships with customers and provides predictive analytics for future sales strategy.

Mulesoft
Valuation: $1.5 billion
Funding: $259 million

What it does: Mulesoft is the commercial product for the open source Mule software, an enterprise service bus that helps integrate and coordinate data across applications. Having a common data set that multiple applications can use reduces duplication and cost.

Jasper Technologies
Valuation: 1.4 billion
Funding: $204 million

What it does: Jasper Technologies creates a platform for the budding Internet of Things. The company’s software allows data generated by machines to be stored and analyzed in the company’s software.

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

How to uncover the Dark Web

Cybercriminals love the Dark Web because it is almost impossible to track or identify them.

One of the best ways to understand your enemy – what he’s up to, what his capabilities are and how he can damage you – is to spy on him.

And according to some cybercrime experts, one of the easier and more effective ways to do that is to hang out where the bad guys do – on the Dark Web.
security tools 1

In a recent post on Dark Reading, Jason Polancich, founder and chief architect of SurfWatch Labs, asserted that, “most businesses already have all the tools on hand for starting a low-cost, high-return Dark Web intelligence operations within their own existing IT and cybersecurity teams.”

Such a data mining operation, he wrote, could be up and running in a day.

It is widely known in IT circles that the Dark Web is a thriving cybercrime marketplace offering multiple exploits, hacking for hire, stolen personal data and intellectual property, spam and phishing campaigns, insider threats for hire and more.

It is also a relatively secure place for criminals to operate, thanks to randomness, anonymity and encryption.

But just because it is difficult to track criminals individually doesn’t mean it is impossible to conduct surveillance on what they are doing. Polancich wrote that the Dark Web is the place to, “find out what may have been stolen or used against you and improve your overall security posture to close the infiltration hole.”

Is it really that easy?
According to Kevin McAleavey, cofounder of the KNOS Project and a malware expert, “easy” may not be the right word. But “possible” definitely is.

“Can anyone do it? You bet,” he said, “but only if you're willing to pay people to sit around and just surf. Most managers consider that ‘wasting time’ and it's often frowned upon, but it works really well.”
"Can anyone do it? You bet, but only if you're willing to pay people to sit around and just surf."

He said that was one of the things he did in a previous job – “follow the bad guys back to their cave so I could see what they were working on before they released it. But it was one of the most time-consuming parts of being ahead of the curve rather than under it.”

Nicholas Albright, principal researcher, ThreatStream, agrees. “These networks seem obscure to many, but with a simple tutorial, anyone could be up and running in less time than it takes to watch an episode of ‘Mr. Robot’,” he said.

“The hardest part of monitoring is really learning where to look. Many of the sites on these obscure networks move locations or go offline periodically. However, once an individual has identified a handful of sites, they frequently lead to others.”

He also agrees with McAleavey that it is labor-intensive, and does not always yield useful intelligence. On the “slow” days, “you might not see anything of value,” he said. “Furthermore, this requires an analyst's fingers on keyboard. Deploying a 'tool' to do this job is not effective. Scraper bots are detected and regularly purged.”
"Nothing can replace direct monitoring of your own networks and assets."

Others are a bit more dubious about the average IT department doing effective Dark Web surveillance, even if the budget is there. “The task of collecting raw information itself is non-trivial,” said Dr. Fengmin Gong, cofounder and chief strategy officer at Cyphort. “And distilling the threat intelligence from the raw data is not any easier. So while it is beneficial to do it, it's not a task that can be undertaken by an average IT department effectively.”

That, he said, is because the average IT worker doesn’t have the expertise to do it, “and it’s not easy to get up to speed. It requires understanding of threats and data mining, which is a high hurdle.”

Fred Touchette, security analyst at AppRiver, is less dubious, but said the deeper the analysis goes, the more expertise is required.

“Initial high-level research should be easily executed by any research team that knows its way around implementing Tor (The Onion Router),” he said. “Once one gets a basic understanding of how Tor is implemented and how to use it, the Dark Web is nearly as easy to navigate, albeit much slower than the regular internet.”
"Once one gets a basic understanding of how Tor is implemented and how to use it, the Dark Web is nearly as easy to navigate, albeit much slower than the regular internet."

“And once research goes beyond passive and into trying to find and possibly purchase samples, things could get pricey,” he said. “Depending on the merchant, sometimes free samples can be obtained, but not always. From here, the same tools and expertise would be required to analyze samples.”

Easy or difficult, most experts agree that enterprises monitoring the Dark Web for threat intelligence is not yet mainstream. “I am aware of technology researchers and developers proposing this as a complementary means to security threat monitoring, but it's not very common as an initiative taken by enterprises themselves,” Gong said.

That may change, however, as more tools become available to make surfing the Dark Web easier.

Juha Nurmi, writing on the Tor Blog, said he has been working since 2010 on developing Ahmia, an open-source search engine for Tor hidden service websites.

And Eric Michaud, founder and CEO of Rift Recon, is also CEO and cofounder of DarkSum, which launched just last week and is promoting a search engine that it calls “Google for the Dark Net.”

Michaud agrees with Gong that effective surveillance of the Dark Net would be beyond the capability of most organizations smaller than Fortune 100. But he said with a search engine like DarkSum that indexes the Dark Net, they can do it. “We make it easy,” he said.

McAleavey said he has already done it. “All it really takes is setting up a couple of machines to crawl the Tor network with a dictionary list of interesting keywords to match up with, and then let it rip,” he said.

“Once the results have been put into the database of what was found and where, human analysts can then fire up a Tor browser and check out what the crawler found. The more keywords you have, the more results you'll get, and the more people you have to rifle through it all, the better the chances of finding the needles in that haystack.”

Of course, indexing the Dark Web is not static. As McAleavey notes, sites on the Tor network, “often change their address every few hours or every few days, so you need to crawl again looking for those sites of interest because they probably moved since the last time you crawled.”

Michaud agreed, but said it is possible to keep up with address changes. While he wouldn’t discuss the techniques his company uses to do it, “we do it really well,” he said.

Whether it is worth the time and expense to conduct Dark Web surveillance is also a matter of debate. Gong contends that while it is helpful as a “layer” of security, it is not easy to do well. “It requires both sophisticated infrastructure and technical skills that are not trivial to establish,” he said, adding that, “it is not very crucial or affordable for an enterprise IT to pull off by itself.”

And he believes there is, “nothing that can replace direct monitoring of your own networks and assets.”

But Michaud said as it becomes easier and cheaper, it will be a necessary part of a security operation. “Enterprises are scared,” he said, “because they know they will be held responsible for data breaches if they aren’t proactive.

“If you’re just being defensive, you’re going to have a bad day.”

---

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Why SharePoint is the last great on-premises application

While it seems like almost every piece of IT is moving to cloud these days, there are still plenty of reasons to keep SharePoint in your server room – where it belongs.

At the Worldwide Partner Conference (WPC) last month in Orlando, we heard many of the same grumblings we’ve been hearing about Microsoft for years now: They don’t care about on-premises servers. They’re leaving IT administrators in the dust and hanging them out to dry while forcing Azure and Office 365 content on everyone. They’re ignoring the small and medium business.

It’s hard to ignore this trend. It’s also true that the cost-to-benefit ratio continues to decrease to the point where common sense favors moving many workloads up to the cloud where you can transform capex and personnel expense to opex that scales up and down very easily.

But SharePoint Server is such a sticky product with tentacles everywhere in the enterprise that it may well be the last great on-premises application. Let’s explore why.

The cloud simply means someone else’s computer
One clear reason is that SharePoint, for so many organizations, hosts a large treasure trove of content, from innocuous memos and agendas for weekly staff meetings to confidential merger and acquisitions documents. In most organizations, human resources uses SharePoint to store employee compensation analysis data and spreadsheets; executives collaborate within their senior leadership teams and any high-level contacts outside the organization on deals that are proprietary and must be secured at all times; and product planning and management group store product plans, progress reports and even backups of source code all within SharePoint sites and document libraries.

No matter how secure Microsoft or any other cloud provider claims it can make its hosted instances of SharePoint, there will always be that nagging feeling in the back of a paranoid administrator’s head: Our data now lives somewhere that is outside of my direct control. It’s an unavoidable truth, and from a security point of view, the cloud is just a fancy term for someone else’s computer.

Not even Microsoft claims that every piece of data in every client tenant within SharePoint Online is encrypted. Custom Office 365 offerings with dedicated instances for your company can be made to be encrypted, and governmental cloud offerings are encrypted by default, but a standard E3 or E4 plan may or may not be encrypted. Microsoft says it is working on secure defaults, but obviously this is a big task to deploy over the millions of servers they run.

Nothing is going to stop the FBI, the Department of Justice, the National Security Agency or any other governmental agency in any jurisdiction from applying for and obtaining a subpoena to just grab the physical host that stores your data and walk it right out of Microsoft’s data center into impound and seizure. Who knows when you would get it back? Microsoft famously does not offer regular backup service of SharePoint, relying instead on mirror images and duplicate copies for fault tolerance, and it’s unclear how successful you’d be at operating on a copy of your data nor how long it would take to replicate that data into a new usable instance in the event of a seizure.

Worse, you might not even know that the government is watching or taking your data from SharePoint Online. While Microsoft claims that if possible they’ll redirect government requests back to you for fulfillment, the feds may not let them, and then Microsoft may be forced to turn over a copy of your data without your knowledge. They may get a wiretap as well. And if the NSA has compromised the data flowing in and out of their datacenters with or without Microsoft’s knowledge, then it’s game over for the integrity of your data’s security posture.

It’s tough for many – perhaps even most – Fortune 500 companies to really get their heads around this idea. And while Microsoft touts the idea of a hybrid deployment, it’s difficult and not inexpensive and (at least until SharePoint 2016 is released) a bit kludgy as well. On top of that, wholesale migration of all of your content to the cloud could take weeks and require investment in special tools, increased network connection bandwidth and all of that. All of these reasons validate SharePoint remaining on premises for most places that are already using it.
It’s (sort of) an application development platform

Some companies have taken advantage of SharePoint’s application programming interfaces, containers, workflow and other technologies to build in-house applications on top of the document and content management features. Making those systems work on top of Office 365 and SharePoint Online can be very difficult beast to tame. With the on-premises version of SharePoint, everyone has access to the underlying environment and could tweak and test it. Office 365 requires licenses and federated identities, and doesn’t offer access to IIS and SharePoint application management features.

On top of that, a pure cloud or even a hybrid option still may not be any less expensive than using portions of resources and hardware your company already has…another reason why SharePoint is one of the last remaining applications that will make sense to run on premises for a long time to come.
It’s a choice with less obvious benefits – there is lower-hanging fruit

Email is still the slam dunk of cloud applications. Your organization derives no competitive advance, no killer differentiation in the marketplace from running a business email server like Microsoft Exchange. It is simply a cost center – no one is building applications on top of email, no one is improving or innovating on email in a way that would mean it made sense to keep that workload in your own datacenter. Secure email solutions exist now that encrypt transmissions and message stores both at rest and in transit, so security in the email space is much more mature than, say, hosted SharePoint. No wonder Exchange Online is taking off.

SharePoint is not as clear a case here. While you might choose to put your extranet on SharePoint Online or host a file synchronization solution in the cloud, there are enough reasons not to move SharePoint into the cloud for a variety of audiences and corporations big and small that should see SharePoint on premises long after most everything else has been moved over to Somebody Else’s Computer™.

---

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

T-Mobile caught in crossfire of injected ad war with Flash Networks

T-Mobile, Citizens Bank, thousands of other innocent companies and millions of users are stuck between shady ad networks and Google, publishers, and legitimate advertisers

LAS VEGAS - An ongoing conflict between website owners and ad injectors who place unwanted ads on those websites has just flared up into full-blown war, with advertisers and carriers caught in the crossfire.

Take, for example, T-Mobile, which is proudly named as a customer by Flash Networks, a company that brags about creating "new monetization opportunities" for mobile operators when it "inserts the most relevant engagement display into the selected webpages."

This seems to have been a surprise to T-Mobile. Cynthia Lee, the company's senior digital media manager, adamantly denied that T-Mobile was using Flash Networks to inject ads into webpages it was serving up to mobile customers.

"It's completely against our strategy," she said. "Consumer experiences and customer privacy are at the top of our list and a pillar of how we execute our media."

T-Mobile does buy advertising in an automated, programmatic way, she said, and may have indirectly and accidentally bought an ad on this network.

"As a company, we're trying to improve on that," she said. "We're working on it with the industry."

In addition to T-Mobile, Flash Networks also lists Orange, Vodafone, Tlecom Italia, SwissCom, Telekom Austria, TurkCell, nTelos Wireless and Bharti Airtel as customers.
"This is a sketchy and morally suspect practice that is unfortunately all-to-common among ISPs."

Ken Smith, senior consultant at SecureState
At least one of those companies is an actual customer -- an Indian blogger discovered that his Internet Service Provider, Bharti Airtel, was inserting unwanted JavaScript into his website. He posted screenshots on GitHub, and got a cease-and-desist letter from Flash Networks in response.

Bharti Airtel issued a statement that they had no relation to the cease-and-desist notice -- and said that the injected code was only there "to help customers understand their data consumption in terms of volume of data used."

They did not explain why this required injecting Javascript into other companies' webpages.

Ken Ruck, Flash Networks' vice president of monetization agreed to an interview, then canceled, and the company sent a canned statement instead, saying that they do not discuss customers with the media.

The Flash Networks Layer 8 platform allows operators "to monetize a never before seen scale of new monetization opportunities," the company said in its statement.

"The Layer8 solution is not malware and not intended for ad injection," said a spokesperson, who then went on to add that the company's "injected code... can be used to offer ringtones, ebooks, and local offers."

Up to 30 percent of Web users are currently seeing extra ads on websites, injected by their mobile carriers, Internet providers, WiFi hotspots, malware, toolbars, and browser extensions, according to new research from Namogoo Technologies. This is up from 5 percent during the first nine months of 2014, when Google ran its own analysis.

In the below screenshot, for example, the Ad Options ad network has inserted an unwanted ad on the home page of the Citizens Bank website.
citizens bank malvertising

And below, another ad network -- OMG Music! -- has inserted an ad on Andover Bank's website. Ironically, it's an ad for Citizens Bank.
andover bank malvertising

Namagoo
According to a recent report by Google, a single injected ad is typically funneled through several different ad networks, so that the advertisers are not even aware that this is happening.

That is the case with Citizens Bank, which confirmed that it did not deliberately purchase the injected ads, and is investigating the situation.

Not only are the ads on these networks intrusive and unwanted, but because the networks are not well policed, more likely to be malicious or subject to click fraud.

Google steps in
Search engines are victims, too. Ad injectors insert their ads right into search results, getting top placement without having to pay the search engines a dime.

But in going after the search engines, the ad injectors may have taken a step too far. Picking a fight with Google is seldom a good idea.

Three months ago, Google released the results of a study that found more than 50,000 browser extensions and 34,000 software applications that took over browsers and injected ads. A third of these also took the opportunity to steal account credentials, hijack search results, and spy on users' activities.

Google has already removed 192 deceptive Chrome extensions from the Chrome Web Store and added new safeguards to the browser. It also has begun notifying advertisers when their ads are injected and updated their AdWords policies to make it harder to promote unwanted software.

The ad injectors can put their ads right into the middle of a webpage, or create new links where they find keywords, or anywhere there is blank space, or replace existing legitimate ads, or layer new ads on top of the page blocking the view of legitimate content.

Browser-based ad injectors get an extra bonus, with full access to even encrypted websites, or pages served via VPNs.

Injections aided and abetted by network operators typically have access to the underlying code only for unencrypted webpages, though some carriers have been known to go as far as interfere with the encryption, as Gogo Inflight Wi-Fi was caught doing earlier this year.
How is this legal?

Users routinely use tools that change the way that websites are presented. They might want a page reformatted so that it's easier to print, or translated into a foreign language.

A user might deliberately choose to install a tool that, say, shows prices from competitors whenever they're on a major shopping website.

Or they might accidentally install a tool that came bundled with an application that they actually wanted -- and agreed to the terms and conditions without reading them.

"The ad injection is not criminal," said Elias Manousos, CEO at security vendor RiskIQ, which tracks malvertising and other external Web-based threats.

It's when the ad injectors are installed by malware that it's illegal, he said. Otherwise, there's no law on the books that protect the consumers.

"There are deceptive trade practices that the FTC enforces, but it's pretty weak," he said. And if a particular injected ad is illegal in a particular state, it's hard to prove because it's difficult to catch anyone in the act.

The advertising networks are interlinked in a byzantine web of relationships that make it hard to locate the exact point at which an ad went from a legitimate ad to an injected ad.

"The ad ecosystem is very, very private about who their customers are and who their publishers are," said Manousos. "So it's very easy to turn a blind eye to where the problems are coming from and it allows them to monetize their unethical installs."

He estimated the size of the injected ad industry at between $1 billion and $4 billion globally.

"Our approach is to help customers find who the bad actors are, and eliminate them," he said.

According to Google, 77 percent of all injected ads get funneled through three major intermediaries that connect the legitimate ad networks with the less savory ones: DealTime, PriceGrabber, and BizRate.

"They serve as the single critical bottleneck before ad injection traffic enters the ad ecosystem and becomes indistinguishable from legitimate consumer interest," wrote Google research scientist Kurt Thomas in a recent research paper about ad injection. "We have begun to reach out to these major intermediaries as well as the brands impacted by ad injection to alert them of the possibility of receiving ad injection traffic."

Google also identified Sears, Walmart, Target and Ebay as some of the companies most victimized by ad injectors. Ironically, Ebay also owns Dealtime.

As of deadline, Ebay has not responded to a request for comment.
What can you do?

According to Google research scientist Kurt Thomas, website owners can protect their sites in a few ways.

Tips for dealing with ad injection
Browser-based content security policies can be used to detect if webpages are being modified, said RiskIQ's Manousos.

"But a lot of the ad injection companies have found ways around [content security policies]," he added. "Just like anything, it's a cat-and-mouse game."

Meanwhile, corporate employees have yet another reason to be careful when using public networks.

"You should use VPNs, because VPNs will totally protect against this attack," said Manousos. "It creates a secure tunnel regardless of what WiFi access point you're connected to."

RiskIQ offers a solution that can help a website or corporate network detect if ad injection is going on, he said.

Injected ads pose risks to enterprises because attackers can purchase highly targeted placements, zeroing in on individual companies or even individual employees, and hijacking websites that company employees are most likely to visit.

The company doesn't currently block the injection itself, however, though it is considering offering such a service.

Another company that can help is Shape Security.

Shape Security works by constantly rewriting the underlying code of the webpage, making it a hard-to-hit moving target not only for would-be ad injectors but other automated attacks. The company calls this polymorphism.

"If you can break that automation, you can make the ecosystem for attacking websites much more difficult for attackers," said company vice president Shuman Ghosemajumder.

Google's crack down on browser extensions is a good start but it doesn't address all sources of client-side injected ads and malware, said Chemi Katz, cofounder and CEO of Namagoo Technologies, which offers a service to enterprises that protects websites from all unwanted changes.

"While Google is aware of 192 unique signatures, we are aware of over 25,000 different ones," he said.

Namogoo handles both browser-based and network-based injections, said Katz.

Namogoo's Katz declined to explain how his company's service works, other than to say that website owners only need to add a line of code to be protected.

"The technology comes as part of the page," he said. "It runs silently and identifies any anomalies and blocks them."

It works to protect against injections from malware, browsers and toolbars, as well as from Internet access providers, he said.

And that includes Flash Networks' Layer8, said Namogoo COO Ohad Greenshpan. "Our technology serves publishers and provide them the technology to serve their pages as they intended."

Advertisers need to protect themselves as well. Though the ads can seem like a bargain, disreputable networks are least likely to be protecting against click fraud, and there can be reputation damage when ads are injected into sites where they clearly don't belong, or are overly intrusive.

"If you want to really stop the problem, you have to stop the flow of money," said RiskIQ's Manousos.

---

Best CCNA Training and CCNA Certification and more Cisco exams log in to Certkingdom.com