Today: Cybersecurity experts are worried about a program designed to help companies respond to vulnerabilities following the SharePoint attacks, Microsoft and OpenAI are reportedly making progress on a new deal, and the latest funding rounds in enterprise tech.
Today: Google Cloud's strong AI-fueled second-quarter earnings results will put even more scrutiny on AWS and Microsoft next week, AWS gets lucky after an embarrassing security incident, and the latest enterprise moves.
Today: A Replit user finds out the hard way that LLM-powered coding tools are still a work in progress, Microsoft scrambles to get Sharepoint users patched, and the latest funding rounds in enterprise tech.
Today: Cybersecurity experts are worried about a program designed to help companies respond to vulnerabilities following the SharePoint attacks, Microsoft and OpenAI are reportedly making progress on a new deal, and the latest funding rounds in enterprise tech.
Welcome to Runtime! Today: Cybersecurity experts are worried about a program designed to help companies respond to vulnerabilities following the SharePoint attacks, Microsoft and OpenAI are reportedly making progress on a new deal, and the latest funding rounds in enterprise tech.
(Was this email forwarded to you? Sign up here to get Runtime each week.)
Microsoft's enterprise software tools helped countless companies and government organizations around the world take their first steps onto the information superhighway back around the turn of the century. Keeping that enormous installed base of software safe as new vulnerabilities are discovered requires Microsoft to enlist security partners around the world to help quickly distribute patches when things go wrong, but what if those partners can't be trusted?
Security experts are starting to wonder if there is a mole in the Microsoft Active Protections Program (MAPP), which gives security companies "early access to vulnerability information so that they can provide updated protections to customers faster." Bloomberg reported Friday that Microsoft is concerned that someone in the MAPP program leaked details about SharePoint vulnerabilities to hackers working on behalf of the Chinese government, who attacked vulnerable SharePoint servers "the day before it released a patch publicly," according to the report.
But the process didn't work this time around for several reasons, and at least five U.S. government agencies were hit by attacks exploiting the vulnerability. Some of the blame can be attributed to Microsoft's incomplete patch for the initial flaw, but only program insiders would have known how to get around it that quickly.
"At least a dozen Chinese companies participate in the [MAPP] initiative," according to Bloomberg. Security experts have been concerned for many years about a law passed in 2021 that requires Chinese security researchers to report newly discovered flaws to the government before disclosing them to the public.
The Microsoft-OpenAI contract renegotiations continue to be quite leaky considering the billions of dollars at stake if OpenAI can't find a way to restructure itself as a for-profit company. This week's episode comes courtesy of Bloomberg, which reported that the two companies are close to figuring out a way to allow Microsoft continued access to OpenAI's technology.
Under the terms of their current agreement, which runs through 2030, OpenAI can end its partnership with Microsoft once it has reached "AGI," as nebulous a term as any thrown around during the generative AI boom. There is no industry-wide agreed-upon definition of what constitutes "AGI," but it "can be triggered by technical or business milestones" as specified in their current agreement, according to Bloomberg.
That means Microsoft could be left high and dry if OpenAI declared that GPT-5, which is expected to arrive next month, is the pinnacle of AI achievement. As should be expected, the particulars will come down to money: OpenAI wants a larger share of the revenue Microsoft gets from selling access to its models on Azure, and Microsoft wants a sizable stake in the for-profit version of OpenAI.
BlinkOps raised $50 million in Series B funding for its no-code agent-building tool, which helps customers automate security practices.
Dropzone AI landed $37 million in Series B funding as it builds agents for security operations teams that promise to help them sort through alerts and issues.
Julius scored $10 million in seed funding for its natural-language data-analysis tool.
Nebulock launched with $8.5 million in new funding as it tries to modernize endpoint security with AI.
FluidCloud launched with $8.1 million in seed funding for its multicloud infrastructure management tool.
Anthropic introduced new rate limits for some Claude customers, and according to VentureBeat software developers were not exactly thrilled by that move.
Freshworks beat Wall Street estimates for revenue and profit and raised its annual revenue guidance, citing demand for its AI services.
Thanks for reading — see you Thursday!
Today: Google Cloud's strong AI-fueled second-quarter earnings results will put even more scrutiny on AWS and Microsoft next week, AWS gets lucky after an embarrassing security incident, and the latest enterprise moves.
Today: A Replit user finds out the hard way that LLM-powered coding tools are still a work in progress, Microsoft scrambles to get Sharepoint users patched, and the latest funding rounds in enterprise tech.
Today on Product Saturday: Anthropic rolls out several enterprise-friendly features around its Claude model, Slack thinks it has found a better way to search for company data, and the quote of the week.
Today: How AWS is trying to take advantage of a generational lead in cloud computing in the agentic AI era, Google Cloud snaps up a piece of business AWS would have very much liked for itself, and the latest enterprise moves.
