Author: azeeadmin

AI has been filling in the gaps for illustrators and photographers for years now — literally, it intelligently fills gaps with visual content. But the latest tools are aimed at letting an AI give artists a hand from the earliest, blank-canvas stages of a piece. Nvidia’s new Canvas tool lets the creator rough in a landscape like paint-by-numbers blobs, then fills it in with convincingly photorealistic (if not quite gallery-ready) content.

Each distinct color represents a different type of feature: mountains, water, grass, ruins, etc. When colors are blobbed onto the canvas, the crude sketch is passed to a generative adversarial network. GANs essentially pass content back and forth between a creator AI that tries to make (in this case) a realistic image and a detector AI that evaluates how realistic that image is. These work together to make what they think is a fairly realistic depiction of what’s been suggested.

It’s pretty much a more user-friendly version of the prototype GauGAN (get it?) shown at CVPR in 2019. This one is much smoother around the edges, produces better imagery, and can run on any Windows computer with a decent Nvidia graphics card.

This method has been used to create very realistic faces, animals, and landscapes, though there’s usually some kind of “tell” that a human can spot. But the Canvas app isn’t trying to make something indistinguishable from reality — as concept artist Jama Jurabaev explains in the video below, it’s more about being able to experiment freely with imagery more detailed than a doodle.

For instance, if you want to have a moldering ruin in a field with a river off to one side, a quick pencil sketch can only tell you so much about what the final piece might look like. What if you have it one way in your head, and then two hours of painting and coloring later you realize that because the sun is setting on the left side of the painting, it makes the shadows awkward in the foreground?

If instead you just scribbled these features into Canvas, you might see that this was the case right away, and move on to the next idea. There are even ways to quickly change the time of day, palette, and other high-level parameters so they can quickly be evaluated as options.

Image Credits: Nvidia

“I’m not afraid of blank canvas any more,” said Jurabaev. “I’m not afraid to make very big changes, because I know there’s always AI helping me out with details… I can put all my effort into the creative side of things, and I’ll let canvas handle the rest.”

It’s very like Google’s Chimera Painter, if you remember that particular nightmare fuel, in which an almost identical process was used to create fantastic animals. Instead of snow, rock, and bushes it had hind leg, fur, teeth and so on, which made it rather more complicated to use and easy to go wrong with.

Image Credits: Devin Coldewey / Google

Still, it may be better than the alternative, for certainly an amateur like myself could never draw even the weird tube-like animals that resulted from basic blob painting.

Unlike the Chimera Creator, however, this app is run locally, and requires a beefy Nvidia video card to do it. GPUs have long been the hardware of choice for machine learning applications, and something like a real-time GAN definitely needs a chunky one. You can download the app for free here.

You’ve likely seen the headlines surrounding the pretty major decline in NFT sales from the market’s recent peak, with some reports indicating as much as a 90 percent decline in recent weeks. And while plenty of crypto speculators are on the losing end of that rapid decline, others see a future where digital collectible and digital goods take over the internet.

NFT marketplace Rarible announced Wednesday that they’ve closed a $14.2 million Series A from Venrock Capital, CoinFund and 01 Advisors. The startup allows users to buy and auction off digital art. The firm also has its own Rarible governance token which allows users to make and vote on proposals around the platform’s features and fees.

The startup says it has reached $150 million in sales on the platform since launching 18 months ago.

NFT startups have raised major sums in recent months as investors coalesced around backing early players in the digital collectibles space. OpenSea, one of the most popular NFT hubs, raised a $23 million funding round in early spring from Andreessen Horowitz and Naval Ravikant. In March, invite-only NFT marketplace SuperRare raised a $9 million Series A. Last month, Bitski raised $19 million in bid to become the “Shopify of NFTs.”

Alongside the funding announcement, Rarible shared that they’ve officially partnered with NBA Top Shot maker Dapper Labs to bring their NFT marketplace to Dapper’s Flow blockchain. Dapper Labs has begun building out a wider coalition of NFT platforms on its proprietary blockchain which is more energy efficient and less costly than transactions on the Ethereum network, though it is also much more centralized. Rarible says they will make this transition in the “next couple of months.”

The startup has broad goals for making the NFT space more approachable to everyday web users, saying in a a blog post that they hope to use this funding to explore more user-friendly developments like accepting credit card payments. “We need a world where an indie creator can effortlessly create an NFT and sell it for $5 to his community of supporters, as well as where a pop icon can use NFTs to establish close contact with her multi-million audience in a sustainable way,” the post reads.

I firmly believe that principles as much as products drive a company’s success. A startup may have a persuasive brand story and good public relations, but if it’s internally inconsistent — if its employees and executives cannot identify its central values — sooner or later there will be trouble.

At Heap, the analytics solution provider I lead, a defining principle is that good ideas should not be lost to top-down dictates and overrigid hierarchies. Although I’m the CEO, I recognize that I don’t always have the best view simply because I’m on top of (the) Heap. The best results come when you approach leadership like you would create a great product — you hypothesize, you test and iterate, and once you get it right, you grow it.

One-and-done decrees versus agile, iterative change

I’ve used this method in the businesses I’ve managed. The scientific method, with its cycle of observation, reporting, hypothesizing, experimenting, analyzing and reporting, is a powerful tool for product and process development.

While my process isn’t quite as rigorous as the scientific method and tends to sprint where science slowly marches, it’s based on similar principles. Before I describe the system, a warning: Although it’s a simple way to iterate new concepts and evaluate new designs, my method requires a genuine commitment to the principles of cooperation and collaboration. In an organization predicated on hierarchy and strict structure, it could be a recipe for groupthink and unearned consensus. Iteration is not, however, a justification for delay: There may be several iterations of a project, but those iterations follow each other quickly.

Most of us have had the experience of receiving a sudden decree “from above” that makes little consideration for the actual, as opposed to the theoretical, situation of people on the ground. You know the kind of thing I mean: The sales team in the saturated territory is told they must increase revenue by 20%, the already lean division is told to cut costs by 10%. Moves like this are bad for morale; they inspire resentment and cut corners. It’s precisely to avoid this kind of top-down debacle that Heap takes a collaborative and iterative approach to change.

Passing ideas back and forth

We put our business’ best minds to work to devise an initial prototype of whatever our business may need. That prototype might be a minimum viable product for commercial release, polished messaging for our forthcoming releases, or even a compendium of internal workflows.

But we can’t consider a project perfect if it’s never been exposed to the world outside the office. Whether we’re crafting a project, tweaking our messaging or establishing pricing tiers, we test in the real world. We show products to consumers, prospects and advisers, who invariably have needs that we hadn’t anticipated. The testers’ concerns may send us rushing back to the drawing board, but that’s accepted and expected. It’s the testing and refining that leads to the best product. While some businesses prefer a rush to market, we’ve observed that doesn’t work. A rushed product will frustrate users, lose word-of-mouth enthusiasm and provide an opportunity to our competitors.

But this isn’t just for product releases; we adopt a similar strategy for determining changes inside the company.

Amazon revolutionized one-click shopping, and it has a nearly $2 trillion market cap to show for the effort.

Now, a 10-person startup founded by JD Maresco, who previously cofounded the public safety app Citizen, says it plans to make it a lot easier for retailers who sell directly to their customers to make re-ordering their products just as fast and simple through its QR codes. Indeed, Maresco’s new startup, Batch, is already working with numerous products and brands that use Shopify, promising their customers “one-tap checkout” when it’s time to reorder an item as long as the retailer has slapped one of Batch’s codes on their items or incorporated the codes directly into their packaging.

For now, New York-based Batch works by using Apple’s App Clip technology, a lightweight version of an app that saves people from having to download and install an app before using it. (Users can instead load just a small part of an app on demand, and when they’re done, the App Clip disappears.)

But Maresco — whose company just raised $5 million in seed funding led by Coatue, with participation from Alexis Ohanian’s Seven Seven Six, Weekend Fund, and the Chainsmokers, among others — says Batch will eventually work on both iOS and Android phones. We talked with him yesterday to learn more about its ambitions to make the physical world “instantly shoppable.” Our chat has been edited lightly for length and clarity.

TC: Citizen and Batch are very different companies. Is there a unifying thread?

JM: I’ve spent a good portion of my career, trying to change the way people think about and interact with their physical environment. With Citizen, we were questioning why everyone doesn’t have immediate access to information about what the police are doing in our neighborhoods. With batch, we’re asking a simpler question but something that matters to me as a consumer: Why isn’t it easier for me to get more of a product I love and use?

With subscriptions in general, I’ve found myself constantly frustrated because every few weeks I’m emailing to either pause a subscription,  or restart it. I wanted an easier way to use my phone to reorder in 10 seconds on the spot. Our phones are capable of much more than we put them to use for and, so we set out to tackle that problem.

TC: Right now, Batch integrates with Shopify alone, correct?

JM: We have a Shopify plugin that brands can connect into the Batch platform, and then we integrate the experience, all the way from the physical world wherever this QR code lives, through the purchase experience on the mobile side of things into their fulfillment on the back end. But we’re also expanding to other e-commerce platforms.

TC: And Batch takes a per-transaction fee from every item that’s purchased using your codes?

JM: We’re developing our pricing model over time, but currently we’re taking a service percentage-based fee.

TC: How are you getting brands to partner with you?

JM: Brands are starting to wake up to this idea that they can actually create a new retail channel off their physical packaging, where a customer can effectively shop throughout their home or their place of work or anywhere where they interact with these products the moment they run out of an item. So we’ve been able to spend time with dozens of brands now, and work with them to actually reengineer their packaging and say, ‘Let’s put QR codes front and center and figure out how to make this a really important customer touchpoint.’

TC: How many brands are using the codes currently?

JM: We’re launching dozens of brands this summer. We’ve had overwhelming demand, to be honest, and we haven’t really even fully launched yet.

TC: These are physical codes that you’re sending off to your retail partners — stickers, magnets. Are you also creating digital QR codes?

JM: We have customers that are integrating QR codes into out-of-home advertisements, into direct mail, into T shirts, into promotional vans, so we’re not just limited to packaging. There’s a wide range of places that you can integrate QR codes for your customers.

TC: It’s interesting that Coatue led your round. We’ve seen the firm delve more into early-stage deals but a seed round seems anomalous. How did you connect with the firm?

JM: We met during the seed process. They reached out to me and I developed a relationship with Andy Chen and Matt Mazzeo and it was a great opportunity to to work with their platform — the way they support the go-to-market motion around B2B companies; they have a great data platform. Alexis [Ohanian’s] experience in the consumer space was really appealing, too.

TC: Your company makes sense, but I wonder what’s special about these codes. What’s to prevent countless other startups from doing what you’re doing?

JM: QR codes or are not patentable; they’re all over the place. The product we’re building makes it really easy for brands to create high converting shopping experiences and a native mobile interface. It’s a combination of our Shopify integration and our native product design experience and the relationships we have with these brands and how we help them with their packaging that’s not something you can spin up overnight.

TC: I have to ask about Citizen, which was in the headlines recently for all the wrong reasons. Is there anything you want to say about the company or the app or some of that recent coverage?

JM:  I’m not going to comment on the recent press, but I continue to be proud of what the company is continuing to do to help communities stay safe and understand what police and first responders are doing in their neighborhoods.

For many companies in the United States, a board of directors is a fact of doing business. While sole proprietorships and LLCs are not obligated to have one, C and S corporations must. The board’s goal is to ensure the best is done for the company and its shareholders. While many entrepreneurs see board meetings as a chore, they can be a powerful tool if used well.

Communicate often

While board meetings usually happen quarterly, it’s good practice to keep the conversation going in between them. Sending a monthly email update to the board offers multiple advantages:

• Shorter updates: Business professionals’ attention spans are shrinking. Shorter content is easier to digest, and therefore more likely to be read.
• Timely feedback: A quarter can be a long time, especially for young startups or during challenging times. The monthly format allows the company to receive help or feedback from the board earlier. In business, speed of iteration is key!
• Keep them posted: Keeping directors up to date will avoid lengthy updates during board meetings, ensuring focus remains on strategic conversations.

Reach out when in need

Board members can also be solicited on an ad-hoc basis — founders should keep in mind that board members are here to help the company. If you have doubts about a project decision or want a second, informed opinion, reach out to a board member. This is especially true of directors who have expertise on a specific topic. A quick five-minute call can be a game changer.

Being a founder can be a lonely experience because it can be difficult to discuss sensitive matters with the team. Board members should sign nondisclosure agreements, allowing entrepreneurs to share confidential information and get a different perspective on things.

Discuss goals for the next fundraising event

Founders should make sure to regularly discuss business goals to ensure they reach their next round of funding. Because the industry landscape or economy evolved or the competition stepped up, investors may reconsider their expectations to further fund the company.

As a Battery Ventures associate in 1999, I used to spend my nights highlighting actual magazines called Red Herring, InfoWorld and The Industry Standard, plus my personal favorites StorageWorld and Mass High Tech (because the other VC associates rarely scanned these).

As a 23-year-old, I’d circle the names of much older CEOs who worked at companies like IBM, EMC, Alcatel or Nortel to learn more about what they were doing. The companies were building mainframe-to-server replication technologies, IP switches and nascent web/security services on top.

Flash forward 22 years and, in a way, nothing has changed. We have gone from command line to GUI to now API as the interface innovation. But humans still need an interface, one that works for more types of people on more types of devices. We no longer talk about the OSI stack — we talk about the decentralized blockchain stack. We no longer talk about compute, data storage and analysis on a mainframe, but rather on the cloud.

The problems and opportunities have stayed quite similar, but the markets and opportunities have gotten much larger. AWS and Azure cloud businesses alone added $23 billion of run-rate revenue in the last year, growing at 32% and 50%, respectively — high growth on an already massive base.

The size of the cybersecurity market, in particular, has gotten infinitely larger as software eats the world and more people are able to sit and feast at the table from anywhere on Earth (and, soon enough, space).

Over the course of the last few months, my colleague Spencer Calvert and I released a series of pieces about why this market opportunity is growing so rapidly: the rise of multicloud environments, data being generated and stored faster than anyone can keep up with it, SaaS applications powering virtually every function across an organization and CISOs’ rise in political power and strategic responsibility.

This all ladders up to an estimated — and we think conservative — $100 billion of new market value by 2025 alone, putting total market size at close to $280 billion.

In other words, opportunities are ripe for massive business value creation in cybersecurity. We think many unicorns will be built in these spaces, and while we are still in the early innings, there are a few specific areas where we’re looking to make bets (and one big-picture, still-developing area). Specifically, Upfront is actively looking for companies building in:

1. Data security and data abstraction.
2. Zero-trust, broadly applied.
3. Supply chains.

Data security and abstraction

Data is not a new thesis, but I am excited to look at the change in data stacks from an initial cybersecurity lens. What set of opportunities can emerge if we view security at the bottom of the stack — foundational — rather than as an application at the top or to the side?

Image Credits: Upfront Ventures

For example, data is expanding faster than we can secure it. We need to first know where the (structured and unstructured) data is located, what data is being stored, confirm proper security posture and prioritize fixing the most important issues at the right speed.

Doing this at scale requires smart passive mapping, along with heuristics and rules to pull the signal from the noise in an increasingly data-rich (noisy) world. Open Raven, an Upfront portfolio company, is building a solution to discover and protect structured and unstructured data at scale across cloud environments. New large platform companies will be built in the data security space as the point of control moves from the network layer to the data layer.

We believe Open Raven is poised to be a leader in this space and also will power a new generation of “output” or application companies yet to be funded. These companies could be as big as Salesforce or Workday, built with data abstracted and managed differently from the start.

If we look at security data at the point it is created or discovered, new platforms like Open Raven may lead to the emergence of an entirely new ecosystem of apps, ranging from those Open Raven is most likely to build in-house — like compliance workflows — to entirely new companies that rebuild apps we have used since the beginning of time, which includes everything from people management systems to CRMs to product analytics to your marketing attribution tools.

Platforms that lead with a security-first, foundational lens have the potential to power a new generation of applications companies with a laser-focus on the customer engagement layer or the “output” layer, leaving the data cataloging, opinionated data models and data applications to third parties that handle data mapping, security and compliance.

Image Credits: Upfront Ventures

Put simply, if full-stack applications look like layers of the Earth, with UX as the crust, that crust can become better and deeper with foundational horizontal companies underneath meeting all the requirements surrounding personally identifiable information and GDPR, which are foisted upon companies that currently have data everywhere. This can free up time for new application companies to focus their creative talent even more deeply on the human-to-software engagement layer, building superhuman apps for every existing category.

Zero-trust

Zero-trust was first coined in 2010, but applications are still being discovered and large businesses are being built around the idea. Zero-trust, for those getting up to speed, is the assumption that anyone accessing your system, devices, etc., is a bad actor.

This could sound paranoid, but think about the last time you visited a Big Tech campus. Could you walk in past reception and security without a guest pass or name badge? Absolutely not. Same with virtual spaces and access. My first in-depth course on zero-trust security was with Fleetsmith. I invested in Fleetsmith in 2017, a young team building software to manage apps, settings and security preferences for organizations powered by Apple devices. Zero-trust in the context of Fleetsmith was about device setup and permissions. Fleetsmith was acquired by Apple in mid-2020.

About the same time as the Fleetsmith acquisition, I met Art Poghosyan and the team at Britive. This team is also deploying zero-trust for dynamic permissioning in the cloud. Britive is being built under the premise of zero-trust Just-in-time (JIT) access, whereby users are granted ephemeral access dynamically rather than the legacy process of “checking out” and “checking in” credentials.

By granting temporary privilege access instead of “always-on” credentials, Britive is able to drastically reduce cyber risks associated with over-privileged accounts, the time to manage privilege access and the workflows to streamline privileged access management across multicloud environments.

What’s next in zero-based trust (ZBT)? We see device and access as the new perimeter, as workers flex devices and locations for their work and have invested around this with Fleetsmith and now Britive. But we still think there is more ground to cover for ZBT to permeate more mundane processes. Passwords are an example of something that is, in theory, zero-trust (you must continually prove who you are). But they are woefully inadequate.

Image Credits: David Ulevitch on Twitter

Phishing attacks to steal passwords are the most common path to data breaches. But how do you get users to adopt password managers, password rotation, dual-factor authentication or even passwordless solutions? We want to back simple, elegant solutions to instill ZBT elements into common workflows.

Supply chains

Modern software is assembled using third-party and open-source components. This assembly line of public code packages and third-party APIs is known as a supply chain. Attacks that target this assembly line are referred to as supply chain attacks.

Some supply chain attacks can be mitigated by existing application-security tools like Snyk and other SCA tools for open-source dependencies, such as Bridgecrew to automate security engineering and fix misconfigurations and Veracode for security scanning.

But other vulnerabilities can be extremely challenging to detect. Take the supply chain attack that took center stage — the SolarWinds hack of 2020 — in which a small snippet of code was altered in a SolarWinds update before spreading to 18,000 different companies, all of which relied on SolarWinds software for network monitoring or other services.

Image Credits: Upfront Ventures

How do you protect yourself from malicious code hidden in a version update of a trusted vendor that passed all of your security onboarding? How do you maintain visibility over your entire supply chain? Here we have more questions than answers, but securing supply chains is a space we will continue to explore, and we predict large companies will be built to securely vet, onboard, monitor and offboard third-party vendors, modules, APIs and other dependencies.

If you are building in any of the above spaces, or adjacent spaces, please reach out. We readily acknowledge that the cybersecurity landscape is rapidly changing, and if you agree or disagree with any of the arguments above, I want to hear from you!

As a Battery Ventures associate in 1999, I used to spend my nights highlighting actual magazines called Red Herring, InfoWorld and The Industry Standard, plus my personal favorites StorageWorld and Mass High Tech (because the other VC associates rarely scanned these).

As a 23-year-old, I’d circle the names of much older CEOs who worked at companies like IBM, EMC, Alcatel or Nortel to learn more about what they were doing. The companies were building mainframe-to-server replication technologies, IP switches and nascent web/security services on top.

Flash forward 22 years and, in a way, nothing has changed. We have gone from command line to GUI to now API as the interface innovation. But humans still need an interface, one that works for more types of people on more types of devices. We no longer talk about the OSI stack — we talk about the decentralized blockchain stack. We no longer talk about compute, data storage and analysis on a mainframe, but rather on the cloud.

The problems and opportunities have stayed quite similar, but the markets and opportunities have gotten much larger. AWS and Azure cloud businesses alone added $23 billion of run-rate revenue in the last year, growing at 32% and 50%, respectively — high growth on an already massive base.

The size of the cybersecurity market, in particular, has gotten infinitely larger as software eats the world and more people are able to sit and feast at the table from anywhere on Earth (and, soon enough, space).

Over the course of the last few months, my colleague Spencer Calvert and I released a series of pieces about why this market opportunity is growing so rapidly: the rise of multicloud environments, data being generated and stored faster than anyone can keep up with it, SaaS applications powering virtually every function across an organization and CISOs’ rise in political power and strategic responsibility.

This all ladders up to an estimated — and we think conservative — $100 billion of new market value by 2025 alone, putting total market size at close to $280 billion.

In other words, opportunities are ripe for massive business value creation in cybersecurity. We think many unicorns will be built in these spaces, and while we are still in the early innings, there are a few specific areas where we’re looking to make bets (and one big-picture, still-developing area). Specifically, Upfront is actively looking for companies building in:

1. Data security and data abstraction.
2. Zero-trust, broadly applied.
3. Supply chains.

Data security and abstraction

Data is not a new thesis, but I am excited to look at the change in data stacks from an initial cybersecurity lens. What set of opportunities can emerge if we view security at the bottom of the stack — foundational — rather than as an application at the top or to the side?

Image Credits: Upfront Ventures

For example, data is expanding faster than we can secure it. We need to first know where the (structured and unstructured) data is located, what data is being stored, confirm proper security posture and prioritize fixing the most important issues at the right speed.

Doing this at scale requires smart passive mapping, along with heuristics and rules to pull the signal from the noise in an increasingly data-rich (noisy) world. Open Raven, an Upfront portfolio company, is building a solution to discover and protect structured and unstructured data at scale across cloud environments. New large platform companies will be built in the data security space as the point of control moves from the network layer to the data layer.

We believe Open Raven is poised to be a leader in this space and also will power a new generation of “output” or application companies yet to be funded. These companies could be as big as Salesforce or Workday, built with data abstracted and managed differently from the start.

If we look at security data at the point it is created or discovered, new platforms like Open Raven may lead to the emergence of an entirely new ecosystem of apps, ranging from those Open Raven is most likely to build in-house — like compliance workflows — to entirely new companies that rebuild apps we have used since the beginning of time, which includes everything from people management systems to CRMs to product analytics to your marketing attribution tools.

Platforms that lead with a security-first, foundational lens have the potential to power a new generation of applications companies with a laser-focus on the customer engagement layer or the “output” layer, leaving the data cataloging, opinionated data models and data applications to third parties that handle data mapping, security and compliance.

Image Credits: Upfront Ventures

Put simply, if full-stack applications look like layers of the Earth, with UX as the crust, that crust can become better and deeper with foundational horizontal companies underneath meeting all the requirements surrounding personally identifiable information and GDPR, which are foisted upon companies that currently have data everywhere. This can free up time for new application companies to focus their creative talent even more deeply on the human-to-software engagement layer, building superhuman apps for every existing category.

Zero-trust

Zero-trust was first coined in 2010, but applications are still being discovered and large businesses are being built around the idea. Zero-trust, for those getting up to speed, is the assumption that anyone accessing your system, devices, etc., is a bad actor.

This could sound paranoid, but think about the last time you visited a Big Tech campus. Could you walk in past reception and security without a guest pass or name badge? Absolutely not. Same with virtual spaces and access. My first in-depth course on zero-trust security was with Fleetsmith. I invested in Fleetsmith in 2017, a young team building software to manage apps, settings and security preferences for organizations powered by Apple devices. Zero-trust in the context of Fleetsmith was about device setup and permissions. Fleetsmith was acquired by Apple in mid-2020.

About the same time as the Fleetsmith acquisition, I met Art Poghosyan and the team at Britive. This team is also deploying zero-trust for dynamic permissioning in the cloud. Britive is being built under the premise of zero-trust Just-in-time (JIT) access, whereby users are granted ephemeral access dynamically rather than the legacy process of “checking out” and “checking in” credentials.

By granting temporary privilege access instead of “always-on” credentials, Britive is able to drastically reduce cyber risks associated with over-privileged accounts, the time to manage privilege access and the workflows to streamline privileged access management across multicloud environments.

What’s next in zero-based trust (ZBT)? We see device and access as the new perimeter, as workers flex devices and locations for their work and have invested around this with Fleetsmith and now Britive. But we still think there is more ground to cover for ZBT to permeate more mundane processes. Passwords are an example of something that is, in theory, zero-trust (you must continually prove who you are). But they are woefully inadequate.

Image Credits: David Ulevitch on Twitter

Phishing attacks to steal passwords are the most common path to data breaches. But how do you get users to adopt password managers, password rotation, dual-factor authentication or even passwordless solutions? We want to back simple, elegant solutions to instill ZBT elements into common workflows.

Supply chains

Modern software is assembled using third-party and open-source components. This assembly line of public code packages and third-party APIs is known as a supply chain. Attacks that target this assembly line are referred to as supply chain attacks.

Some supply chain attacks can be mitigated by existing application-security tools like Snyk and other SCA tools for open-source dependencies, such as Bridgecrew to automate security engineering and fix misconfigurations and Veracode for security scanning.

But other vulnerabilities can be extremely challenging to detect. Take the supply chain attack that took center stage — the SolarWinds hack of 2020 — in which a small snippet of code was altered in a SolarWinds update before spreading to 18,000 different companies, all of which relied on SolarWinds software for network monitoring or other services.

Image Credits: Upfront Ventures

How do you protect yourself from malicious code hidden in a version update of a trusted vendor that passed all of your security onboarding? How do you maintain visibility over your entire supply chain? Here we have more questions than answers, but securing supply chains is a space we will continue to explore, and we predict large companies will be built to securely vet, onboard, monitor and offboard third-party vendors, modules, APIs and other dependencies.

If you are building in any of the above spaces, or adjacent spaces, please reach out. We readily acknowledge that the cybersecurity landscape is rapidly changing, and if you agree or disagree with any of the arguments above, I want to hear from you!

While every food delivery company is trying to get an edge on its rivals with discount codes, faster service, and a turn into the realm of spooky with ghost kitchens and dark stores, a startup built on a lighter, social concept — letting people see what their friends are chomping on, making it possible to order food and drinks for each other and group order, with buyers picking it all up for themselves — has just raised a substantial Series B and says that it is already profitable.

Snackpass, which describes itself as a “food meets friends” — essentially a social commerce platform for ordering from restaurants, with “snack”, the CEO tells me, of having a double meaning of eating (of course), and a flirtatious reference to a cutie pie — has picked up a $70 million, a super-sized Series B that it will be using to continue expanding to more markets in the U.S.

Conceived four years ago while Kevin Tan, the CEO who co-founded the company with Jamie Marshall, was still a student at Yale studying physics, Snackpass has grown by remaining true to its higher-ed roots. The startup now has 500,000 users across 13 college towns, and has seen its growth explode 7x in the last three months alone. This round values the startup at over $400 million.

This latest tranche of funding is coming from an interesting group of investors. Led by Craft Ventures, it also includes Andreessen Horowitz (which led its $21 million Series A), General Catalyst, Y Combinator, and a long list of individual backers that speaks to the attention Snackpass is getting and the place it’s carving out for itself as a go-to food platform for millennials and younger users.

That list includes AirAngels, the Airbnb alumni investor syndicate; Bastian Lehmann of the Uber-acquired delivery giant Postmates (et tu, Bastian?); David Grutman, a Miami-based hospitality entrepreneur; Draymond Green of the San Francisco Warriors; Gaingels; HartBeat Ventures, Kevin Hart’s venture fund; musician celebs the Jonas Brothers; Shrug Capital (the VC that says it’s interested in consumer startups that are actually interesting to “non-tech” audiences); Stephen Paglucia, co-owner of the Boston Celtics; hip DJ Steve Aoki; Turner Novak of Banana Capital; William Barnes of Moving Capital; and the Uber alumni investor syndicate.

The vast majority of food-ordering platforms these days are focused around delivery and in many cases ways of getting an edge over other platforms in executing on that — a push that often comes at the expense of margins than are thinner than a Roman pizza. Snackpass’s big breakthrough, if you could call it that, was to simply dial back from that one-upmanship, moving away from that premise altogether, aiming to disrupt something much more mundane: the queue.

Tan said Snackpass asked its users what they would do if they weren’t using the app, and they said, “Oh, I just stand in line to order,” he told me in an interview.

“The market share right now is owned by people standing in line at the register, and placing their order. Our vision is that in five years that will no longer exist, like, there will be no more registers. We don’t think it makes any sense.”

He notes that for those who really want delivery, people can opt for that, too — Snackpass integrates with DoorDash, UberEats and others to fulfill that — but 90% of the orders on Snackpass are pickup, meaning that not only does the company then not have to deal with its own fleets of delivery people, and the infrastructure of that, but the operating costs to provide that are also not there.

It turns out that actually a lot of young people seem happy to pop out to get something nice to eat. It means they get to socialise, and take a selfie with their food or drink (boba tea figures strongly) at the venue where it’s being bought. It becomes an experience.

It’s also where the market is in another sense. “What people don’t realize is delivery is only 8% of the restaurant industry,” Tan told me. “And while it’s very much competed for by like big companies, and it’s a huge market, the restaurant industry, is like, much bigger, it’s $800 billion. And 90% of that purchasing is still offline,” he continued, referring to the many people who just queue up, order, buy, and leave. “It’s anonymous, and it’s on the verge of disruption. And we’re focused on that much bigger blue ocean.”

Its formula seems to be working with its target users. Tan said that the service has 80% penetration with students in the markets where it has launched. The average customer orders four and a half times a month, with some customers ordering every day. “You can actually see that it’s like, five to ten times more engagement than the delivery platforms, like UberEats or DoorDash.”

The company’s commissions vary and start at 7% and it’s current suite includes online ordering, self-service kiosks, digital menus, marketing services, and a customer referral program. It’s already profitable but as it continues to grow (and maybe extend to other demographics) you can imagine it adding and expanding on all of these.

There is something about Snackpass that reminds me a lot of Snapchat, not just that the names have a similar ring to them, and not just that they have resonated with college-aged users (and not just that they both squarely target them). It’s something of the whimsy of the app, and how it takes a light touch in its approach to do something that might otherwise feel cumbersome, or mundane, or what, basically, older people do.

Right now, there isn’t much of a social “user graph” per se on Snackpass, nor does it integrate particularly deeply with any specific social apps, but you could imagine a partnership there down the line, especially considering that Snap is getting a whole lot more involved with commerce now.

“In building a social experience around food through shared rewards, gifting, and a social activity feed, Snackpass has created a dynamic and attractive restaurant ordering system,” says Bryan Rosenblatt, partner, Craft Ventures, in a statement. “The growth of its marketplace and virality of the product coupled with Snackpass’ outstanding  team and vision, make it the ultimate solution for consumers and businesses alike. We are thrilled to help take Snackpass to the next level with this latest round of funding.”

While every food delivery company is trying to get an edge on its rivals with discount codes, faster service, and a turn into the realm of spooky with ghost kitchens and dark stores, a startup built on a lighter, social concept — letting people see what their friends are chomping on, making it possible to order food and drinks for each other and group order, with buyers picking it all up for themselves — has just raised a substantial Series B and says that it is already profitable.

Snackpass, which describes itself as a “food meets friends” — essentially a social commerce platform for ordering from restaurants, with “snack”, the CEO tells me, of having a double meaning of eating (of course), and a flirtatious reference to a cutie pie — has picked up a $70 million, a super-sized Series B that it will be using to continue expanding to more markets in the U.S.

Conceived four years ago while Kevin Tan, the CEO who co-founded the company with Jamie Marshall, was still a student at Yale studying physics, Snackpass has grown by remaining true to its higher-ed roots. The startup now has 500,000 users across 13 college towns, and has seen its growth explode 7x in the last three months alone. This round values the startup at over $400 million.

This latest tranche of funding is coming from an interesting group of investors. Led by Craft Ventures, it also includes Andreessen Horowitz (which led its $21 million Series A), General Catalyst, Y Combinator, and a long list of individual backers that speaks to the attention Snackpass is getting and the place it’s carving out for itself as a go-to food platform for millennials and younger users.

That list includes AirAngels, the Airbnb alumni investor syndicate; Bastian Lehmann of the Uber-acquired delivery giant Postmates (et tu, Bastian?); David Grutman, a Miami-based hospitality entrepreneur; Draymond Green of the San Francisco Warriors; Gaingels; HartBeat Ventures, Kevin Hart’s venture fund; musician celebs the Jonas Brothers; Shrug Capital (the VC that says it’s interested in consumer startups that are actually interesting to “non-tech” audiences); Stephen Paglucia, co-owner of the Boston Celtics; hip DJ Steve Aoki; Turner Novak of Banana Capital; William Barnes of Moving Capital; and the Uber alumni investor syndicate.

The vast majority of food-ordering platforms these days are focused around delivery and in many cases ways of getting an edge over other platforms in executing on that — a push that often comes at the expense of margins than are thinner than a Roman pizza. Snackpass’s big breakthrough, if you could call it that, was to simply dial back from that one-upmanship, moving away from that premise altogether, aiming to disrupt something much more mundane: the queue.

Tan said Snackpass asked its users what they would do if they weren’t using the app, and they said, “Oh, I just stand in line to order,” he told me in an interview.

“The market share right now is owned by people standing in line at the register, and placing their order. Our vision is that in five years that will no longer exist, like, there will be no more registers. We don’t think it makes any sense.”

He notes that for those who really want delivery, people can opt for that, too — Snackpass integrates with DoorDash, UberEats and others to fulfill that — but 90% of the orders on Snackpass are pickup, meaning that not only does the company then not have to deal with its own fleets of delivery people, and the infrastructure of that, but the operating costs to provide that are also not there.

It turns out that actually a lot of young people seem happy to pop out to get something nice to eat. It means they get to socialise, and take a selfie with their food or drink (boba tea figures strongly) at the venue where it’s being bought. It becomes an experience.

It’s also where the market is in another sense. “What people don’t realize is delivery is only 8% of the restaurant industry,” Tan told me. “And while it’s very much competed for by like big companies, and it’s a huge market, the restaurant industry, is like, much bigger, it’s $800 billion. And 90% of that purchasing is still offline,” he continued, referring to the many people who just queue up, order, buy, and leave. “It’s anonymous, and it’s on the verge of disruption. And we’re focused on that much bigger blue ocean.”

Its formula seems to be working with its target users. Tan said that the service has 80% penetration with students in the markets where it has launched. The average customer orders four and a half times a month, with some customers ordering every day. “You can actually see that it’s like, five to ten times more engagement than the delivery platforms, like UberEats or DoorDash.”

The company’s commissions vary and start at 7% and it’s current suite includes online ordering, self-service kiosks, digital menus, marketing services, and a customer referral program. It’s already profitable but as it continues to grow (and maybe extend to other demographics) you can imagine it adding and expanding on all of these.

There is something about Snackpass that reminds me a lot of Snapchat, not just that the names have a similar ring to them, and not just that they have resonated with college-aged users (and not just that they both squarely target them). It’s something of the whimsy of the app, and how it takes a light touch in its approach to do something that might otherwise feel cumbersome, or mundane, or what, basically, older people do.

Right now, there isn’t much of a social “user graph” per se on Snackpass, nor does it integrate particularly deeply with any specific social apps, but you could imagine a partnership there down the line, especially considering that Snap is getting a whole lot more involved with commerce now.

“In building a social experience around food through shared rewards, gifting, and a social activity feed, Snackpass has created a dynamic and attractive restaurant ordering system,” says Bryan Rosenblatt, partner, Craft Ventures, in a statement. “The growth of its marketplace and virality of the product coupled with Snackpass’ outstanding  team and vision, make it the ultimate solution for consumers and businesses alike. We are thrilled to help take Snackpass to the next level with this latest round of funding.”

It’s hard to understand just how steeply the cost of launching and operating satellites has dropped, particularly since the introduction of lower cost launch services from a number of commercial players, and the maturation of the smartphone supply chain. Swarm co-founder and CEO realized just how much the cost curve had changed when she and her co-founder Ben Longmeir realized that they could outfit tiny satellites Longmeir had created as a kind of space lover’s hobby with the equipment needed to provide low-bandwidth connectivity to low-powered devices around the world.

In this week’s episode of Found, Sara walks us through how she went from an engineering career that included stints at NASA’s Jet Propulsion Laboratory and Google, to building Swarm as a first-time founder and CEO. We covered a range of topics including how Sara and Ben decided who would be CEO, what it’s like leading a small but growing team, and how to evaluate your decisions as a founder, and commit to a course of action to move forward.

Sara was extremely candid with us about her experience as a founder and CEO, and this is definitely one of our most open and honest conversations to date.

We loved our time chatting with Sara, and we hope you love yours listening to the episode. And of course, we’d love if you can subscribe to Found in Apple Podcasts, on Spotify, on Google Podcasts or in your podcast app of choice. Please leave us a review and let us know what you think, or send us direct feedback either on Twitter or via email at found@techcrunch.com. And please join us again next week for our next featured founder.