Friday Tech News | Wrapping Up Q3

Good morning and Happy Friday!

I hope you’ve had a great week and EOQ. If you’re like me in the Southeast US, it’s been a wet one with a sick household and lots of inside time.

This week has some AWESOME announcements and funding rounds. Happy to see Torq coming in with a Series C of 70M for more security focused automation in the enterprise. Some of the key themes of the week revolved around observability updates, CI/CD pipeline visibility and control, and remediation.

I’ve been touting Dazz for what they’re doing because of the alert fatigue that is really out there from the various scanners and alerting systems and tools we use. Just know that remediation needs to be a focus for 2025 IMO. Doing something about the misconfigurations to prevent ransomware and other malicious actors from gaining entry into data is paramount. Aren’t you (like me) super tired of getting notified your ridiculously strong password didn’t mean anything because the company you gave your intel to basically can’t do the same thing as you and protect their assets?

Anyway - off my tirade for a sec. I just really believe in remediating the issues that are rampant in cloud adoption.

If you’re traveling this weekend, be safe and have fun. If you’re resting at home, enjoy it and watch something worthy of your time. Maybe try and learn something too! YouTube = a goldmine.

As always, thanks for reading. Stay digitally and physically safe.

Phil

OEM News & Updates 📰

Wiz | Wiz Snowflake Connector: Enhancing Data Security with CNAPP

• The Snowflake Connector integrates Snowflake security into existing Wiz workflows, providing unified visibility and threat detection.

• It helps identify risks such as sensitive data exposure, misconfigs, and excessive permissions within Snowflake environments.

• Wiz then correlates various risks to identify critical issues, offering a comprehensive view of security threats in a single UI.

• Expect to see expanded partnerships like this (cough cough where you at Databricks).

Dazz | Pipeline Validation - Expanding Dazz’s CI/CD Security with New Patent

• Dazz has introduced a new patented tech that analyzes CI/CD pipeline definitions to ensure key security steps are in place, validated, and optimized.

• This tech identifies whether security controls like SAST and SCA are implemented and flags missing guardrails, ensuring apps are secure.

• Pipeline Validation automates the process of inspecting and validating security measures across CI/CD pipelines, reducing manual effort and preventing vulnerabilities.

• If you don't know I'm a big fan of this team, you should by now :). Peep my previous posts with Tomer and Merav.

Zenity | Zenity Announces AI Trust Layer, the First Agent-Less Security Solution for Microsoft 365 Copilot

• Zenity announced the first agentless security solution for M365 Copilot with the Zenity AI Trust Layer.

• The solution includes AI visibility, threat detection, promptware prevention (dope that's new) and remediation capabilities. Big fan of remediation.

• Big fan of Agentless solutions. Sorry I missed this one last week.

Baffle | Baffle Announces New Data Security Capabilities on Amazon S3

• Baffle announced new data security features for AWS S3, protecting data at rest, in use, and in motion without code changes.

• The solution includes masking, tokenization, and encryption at the object or field level, ensuring data remains protected even if misconfigurations or human errors occur.

• The new capabilities address the growing use of S3 in GenAI pipelines, preventing accidental data disclosures.

• Been on the baffle.io train for years. Huge fan of what they're doing and how they’re quietly doing it.

Tines | Tines launches new private AI chat interface

• Tines has launched Workbench, an AI chat interface designed for security teams to interact with proprietary data and orchestrate mission-critical processes.

• Workbench integrates with existing systems, supports custom workflows, and includes features like confirmations, audit logs, and RBAC.

• The product is secure by design, with built-in guardrails to prevent hallucinations and ensure relevant accurate insights.

Bitdefender | Bitdefender unveiled Bitdefender GravityZone

• Bitdefender introduced GravityZone Proactive Hardening and Attack Surface Reduction....get ready for it lol.. PHASR. This uses advanced ML to dynamically adjust security policies based on user behavior.

• PHASR shifts from reactive detection to proactive prevention, identifying and closing security gaps before they can be exploited apparently.

• The tech adapts security measures to user roles and emerging threats, ensuring continuous alignment with business objectives. It also aids you by providing recommendations.

Mindsdb | MindsDB Launches Conversational Enterprise-ready AI That Shows You How It Thinks

• MindsDB Introduced Minds, a private conversational AI designed to reason and orchestrate across real-time and historical enterprise data.

• Minds can understand natural language, perform semantic query planning, and provide a unified view of an organizations data.

• Minds enable conversational search, AI analytics, an AI triage, transforming product search, data exploration, and customer support.

Microsoft | Microsoft announces new tool to detect and correct hallucinated content in AI outputs

• Microsoft offers an AI service to detect harmful content in apps including text and image APIs in Azure AI Content Safety.

• The Groundedness Detection API: This API helps identify whether AI generated content is based on user-selected sources.

• Comes with a new correction capability which helps detect and fix hallucinated content in AI outputs in real time.

Grafana Labs | Grafana Labs Simplifies Observability, Unveils AI Enhancements that Help Save Time, Toil and Money at Annual ObservabilityCON

• Grafana announced several AI/ML features to enhance observability, including Adaptive Telemetry, Adaptive Logs, and Adaptive Traces.

• Significant updates to Grafana Cloud, including new query-less experiences and the GA of Cloud Provider Observability.

• Introduction of k6 Studio for low-code test authoring and browser-based testing to improve synthetic monitoring and load testing.

Articles I Liked This Week 💡

Microsoft | Microsoft Trustworthy AI: Unlocking human potential starts with trust

CIO Dive | CrowdStrike’s mea culpa: 5 takeaways from the Capitol Hill testimony

Tech Funding & M&A 💸

Night Shift | Snowflake Expands Public Sector Portfolio With Night Shift Acquisition

• Night Shift is a Virginia based Software firm that develops a product called ClearQuery which democratizes data analytics.

Torq | Security automation platform provider Torq raises $70M to boost expansion and AI integration

• Torq is a New York based AI powered hyperautomation platform that provides solutions such as threat hunting, email security, and incident response management for developers.

Nurix.ai | Nurix AI raises $27.5 mn in funding round led by Accel, General Catalyst

• Nurix AI specializes in creating custom AI agents designed to enhance enterprise workflows.

Commvault | Commvault acquires data backup provider Clumio

• Clumio is a California based security platform that provides solutions such as data backup, compliance, and recovery for businesses.

Raycast | Raycast raises $30M Series B to reduce context switching

• Raycast is a Delaware-based collaboration platform that provides solutions including productivity tools and workflows for developers.

Query.ai | Query Announces Strategic Funding From Cisco Investments to Bolster Federated Search Platform for Security Operations

• Query.ai is a South Dakota-based AI platform that offers solutions such as automated security investigation and data visualization for enterprises.

Meme of the week 🤣

Recommendations 👉🏻

Want SOC 2 compliance without the Security Theater?

Tired of SOC 2 Security Theater? 🤔 

Oneleet is the all-in-one platform for building a real-world Security Program, getting a Penetration Test, integrating with a 3rd Party Auditor, and providing the Compliance Automation Software.

Schedule a demo for pricing!

aThank you so much for making this a part of your Friday morning coffee time. I'm Phil Moroni, and I'm an Account Executive in the Information Technology industry here with another edition of Friday Tech News!

What is this? This is a newsletter that provides updates and insights on the latest trends and developments in the technology industry. I am a professional who specializes in supporting IT leaders in evaluating, investing, and managing people, processes, and technology tools that support their businesses.

Each week, I summarize relevant industry updates from popular Original Equipment Manufacturers (OEM's), software publishers, and managed providers. The goal of my research and newsletter is to keep you informed about current trends and events that may impact your business from a trusted and reputable source. It's just information I'm sharing, and I follow and work with hundreds of partners in the industry, keeping track of their growth, changes, and evolution so that you don't have to.

Bottom Line: As you focus on improving your business through digital initiatives, my commitment is to keep you informed of the fast-paced changes and trends taking place so that you can plan ahead and stay ahead of the game.

Key areas of focus for me are:

1. Cloud Computing, Security, Trends

2. Developer & Security Tools

3. Networking & Infrastructure Tools

4. End User Tools & Workspace Tech

5. Emerging Technologies and Future Concepts

If you have any questions, would like information about any specific vendors I follow, or would like to have a conversation about any topic that is challenging you, I invite you to engage with me! I value feedback immensely and would love to know what you find valuable about this newsletter so feel free to reach out at www.fridaytechnews.com!

Thank you for reading and stay digitally and physically safe!

Phil