MongoDB hits 8.0; Microsoft's open-source data project
Today on Product Saturday: MongoDB focuses on performance and resilience, Microsoft tackles event handling with a new open-source project, and the quote of the week.
Today: Security experts are concerned about the lack of details accompanying Microsoft's hack disclosure late last week, Oracle joins the generative AI parade, and the latest funding rounds in enterprise tech.
Welcome to Runtime! Today: Security experts are concerned about the lack of details accompanying Microsoft's hack disclosure late last week, Oracle joins the generative AI parade, and the latest funding rounds in enterprise tech.
(Was this email forwarded to you? Sign up here to get Runtime each week.)
How did a notorious hacking group gain access to the email accounts of senior Microsoft leaders for almost two months before it was discovered?
Microsoft released very few details about the latest breach of its security system in a classic late-afternoon Friday news dump last week. What we do know is that Nobelium, a group linked to the Russian government, was able to access those accounts by using a "password spray attack" to force its way into a "legacy non-production test tenant account," but the company isn't saying much about how the attackers got from that entry point into some of Microsoft's most sensitive accounts.
Nobelium, considered part of Russia's SVR foreign intelligence agency, is one of the most notorious hacking groups in operation. It was the organization behind the devastating 2019 SolarWinds supply-chain attack that lit a fire under the federal government to push for stronger security practices.
As the IRA once said, attackers only need to be lucky once while defenders need to be lucky always, and cybersecurity at this level is a constant game of cat and mouse. But this is turning into a disturbing pattern at Microsoft, which likes to think of itself as a world leader in cybersecurity.
Microsoft eventually released some details on how the China attack happened, and Stamos called on it to quickly do the same in response to this incident.
As you make your plans for 2024 please consider sponsoring Runtime and getting your message in front of the more than 20,000 enterprise tech industry leaders and decision makers that receive this newsletter each week. We also plan to roll out several new products next year, including special reports, sponsored content, and events, both virtual and live. If you're interested in learning more, contact us here.
Oracle gained a bit more ground against its cloud infrastructure rivals Tuesday when its generative AI service became generally available, long after similar services were released by Microsoft, Google, and AWS. OCI Generative AI was developed in partnership with Cohere, which has received a substantial amount of investment from Oracle, but also supports Meta's Llama 2 open-source large-language model.
The company is hoping that its customers will see value in using the generative AI service alongside their existing Oracle databases and ERP software, which could be a cheaper way to train custom models than using other services. But with support for only two models at launch, the service might not fit the needs of every customer.
And last month Oracle blamed a cloud revenue shortfall on its inability to get enough data centers up and running, which is a problem considering how much computing power is required by generative AI applications. It plans to increase capital spending in the second half of its fiscal year, which ends in May, but six months is a long time in generative AI.
Silverfort raised $116 million in Series D funding, bringing the total amount raised by the identity-management company to $222 million.
Oleria landed $33 million in Series A funding to further develop its own take on identity access-management technology.
Vicarious raised $30 million in Series B funding to bolster its vulnerability detection and management software.
Clerk scored $30 million in Series B funding to expand beyond identity management software and into access controls.
Qdrant secured $28 million in Series A funding for its vector database technology, as profiled here in Runtime.
Prismatic raised $22 million in Series A funding for its low-code app integration builder.
AWS will now let consultants and service providers sell their wares through the AWS Marketplace, which could be attractive to all those VMware partners cut loose by Broadcom.
Microsoft created a new internal team working on lower-cost alternatives to OpenAI's LLMs, according to the Information.
SAP will offer new jobs or buyouts to 8,000 employees but said its overall headcount won't change by the end of the year.
Zscaler is in talks to acquire data analysis startup Avalor for more than $250 million in hopes of adding Avalor's platform technology to its cybersecurity software, according to Calcalist.
Wasabi acquired GrayMeta's Curio AI to help its media and entertainment customers add structure to their video data.
Chronosphere snapped up Calyptia, the startup behind the open-source Fluentd and FluentBit logging technology, to build out its observability product.
Thanks for reading — see you Thursday!