Enterprise tech isn't out of the woods yet
Today: Why Weaveworks' decision to shut down could be a canary in the coal mine for a generation of enterprise tech startups, HPE detected another breach, and the latest funding rounds in enterprise tech.
Welcome to Runtime! Today: Why Weaveworks' decision to shut down could be a canary in the coal mine for a generation of enterprise tech startups, HPE detected another breach, and the latest funding rounds in enterprise tech.
(Was this email forwarded to you? Sign up here to get Runtime each week.)
A tangled web
Last week was full of positive signs for enterprise tech companies, as the Big Three cloud providers all but declared an end to a year of cost-cutting amid signs that investments in generative AI are really starting to pay off. This week started off with a reminder that startups are hard, especially when venture capitalists are gunshy.
Weaveworks will be shutting down, founder and CEO Alexis Richardson announced Monday, blaming "lumpy" growth and a "volatile" cash position thanks to the upheaval of the last couple of years. The last-ditch hope was not to be: "a very promising M&A process with a larger company fell through at the 11th hour," Richardson wrote.
- Founded in 2014, Weaveworks was very early to the concept of continuous integration and continuous delivery, software-development practices that allow companies to ship code more quickly and securely.
- It pioneered the idea of using Git — software familiar to just about every developer working today — to define infrastructure configuration policies using code throughout the development process.
- And it was a very prominent member of the Kubernetes and "cloud native" communities, releasing several open-source projects such as Cortex, Flux, and a plugin for Spotify's popular Backstage platform tech.
But this was the scenario Redpoint's Scott Raney was worried about during our interview last November; a combination of tighter IT budgets and wary investors leading to liquidity problems at startups that hadn't raised cash in several years.
- Weaveworks had raised a total of $61.6 million, according to Crunchbase, most recently scoring $36.6 million in Series C funding in 2020.
- While it had a bit of a first-mover advantage, a bunch of well-funded companies began targeting this space, as Techcrunch pointed out: Harness raised $230 million in 2022 and CircleCI raised $100 million in 2021.
- Last year was an extremely tough environment for enterprise tech startup funding thanks to worries about the health of the economy and rising interest rates, as Theory Ventures' Tomasz Tunguz explained in May 2023.
- And software companies of all stripes (except for maybe Stripe) struggled during 2023 as businesses had been willing to bet on emerging enterprise tech companies slashed their budgets to include only their most important priorities, and as Raney put it, "you're either one of those priorities or you're not."
To rip off Tolstoy, every unsuccessful startup is unsuccessful in its own way, and market timing is a very tricky thing.
- It is clear, however, that many enterprise tech startups will be facing endgame decisions in 2024 if they haven't already taken steps to become profitable on their own.
- It's also clear that an entire ecosystem built around Kubernetes is increasingly seen by enterprise tech buyers as too complex to manage effectively, which probably should have been apparent years ago but is a subject for another newsletter.
- "The story does not end here - our open source software is used everywhere," Richardson said, and that's at least something that users, backers, and employees of Weaveworks can take to heart.
- But when startups built around less-than-open licenses start to fail, their projects may not be as lucky.
Stealing the test
After data belonging to HPE was put up for auction on a hacking site last week, the company confirmed that it had been hit with its second security breach of the new year but said the leaked data did not include HPE customer data or information about its production environments.\
BleepingComputer reported Monday that a hacker claimed to have obtained HPE data such as "CI/CD access, System logs, Config Files, Access Tokens, HPE StoreOnce Files (Serial numbers warrant etc) & Access passwords" and was hawking it in some online hacker break room, which is probably an amusing place to people-watch. HPE told CRN that the incident "appears to be related to information that was contained in a test environment," and "there is no indication these claims relate to any compromise of HPE production environments or customer information.”
Access to the production systems for some of those tools, especially HPE's CI/CD system, could enable a new software supply-chain attack, but the company appears to have avoided that fate. It's not clear how the hackers got in, just two weeks after HPE disclosed it was hit by a separate attack involving the same group that stole data from Microsoft.
NinjaOne raised $231.5 million in Series C funding, bringing the endpoint security company's valuation to $1.7 billion.
Synthetaic landed $15 million in Series B funding for its classification system that turns unstructured visual data into structured data, which is easier to use with AI models.
Ionix added $15 million to a previously announced Series A round of $27 million to help customers understand the attack surface of their tech assets.
Cimba.AI launched with $1.25 million in pre-seed capital to build out a platform that lets companies build AI agents for internal use.
The Runtime roundup
Fortinet beat Wall Street estimates for fourth-quarter revenue, and despite issuing lower-than-expected guidance investors still liked the positive sign for cybersecurity spending enough to lift its stock more than 12% in after-hours trading.
Docusign will cut 6% of its employees after failing to secure a private-equity savior.
Anydesk revoked all of its security certificates and reset customer passwords after its production systems were breached, a tough blow for a company that makes software to allow secure remote access to corporate networks.
An Oracle licensing expert warned customers that its partnership with Microsoft Azure could be far more costly than originally thought.
Capex spending is what makes the cloud go round, and Charles Fitzgerald's annual summary of how the Big Three are spending your money is always worth a read.
Thanks for reading — see you Thursday!