Equinix Expands Investments in Global Data Center Workforce Development

Posted in Commentary with tags on March 25, 2026 by itnerd

Equinix today announced a series of global investments in workforce development to help build the next generation of technical talent for the digital infrastructure industry. Timed to International Data Center Day, celebrated globally on March 25, these initiatives underscore Equinix’s commitment to expanding access to high-quality technical careers, strengthening local talent ecosystems within the communities where it operates, and equipping people with the skills needed to support the rapid growth created by AI and digital transformation.

A cornerstone of Equinix’s workforce investments is the global launch of Pathways to Tech, an early‑career talent program that opens inclusive pathways into data center operations for students ages 14–18. After a successful two‑year pilot reaching nearly 2,000 students in select communities across the Americas and Asia-Pacific, Pathways to Tech is scaling to all Equinix locations worldwide to meet growing workforce needs fueled by AI and digital transformation. Pathways to Tech gives students hands‑on exposure to digital infrastructure through interactive sessions with Equinix professionals, IBX® data center tours and immersive Education Day events. The program creates clear pathways into internships, apprenticeships and early‑career operations roles—creating access to high-demand, well-paying careers many young people may not otherwise discover. On International Data Center Day, Equinix will welcome hundreds of students to Education Days at 20 locations worldwide, providing firsthand exposure to a critical industry that often operates behind the scenes.

Additional Workforce Development Initiatives

Alongside Pathways to Tech, Equinix is introducing additional programs designed to grow talent, including:

  • Global Data Center Technician Training Coalition: The Equinix Foundation, the philanthropic arm of Equinix, Inc., is partnering with Generation, a global nonprofit focused on economic mobility that has supported the economic advancement of over 150,000 people across 17 countries, to expand accessible career pathways in data center operations and technical support. Together, they are launching a groundbreaking global, multi-employer workforce coalition that brings data center and ecosystem companies together with industry partners to invest in IT training, shape curricula and hire graduates. Just as Equinix’s business is built on interconnection, this coalition is built on the idea that the industry’s workforce challenge is too big, and too important, for any single company to solve alone. The coalition’s first program will launch in Brazil—a market seeing rapid data center investment and rising demand for entry-level talent—with initial cohorts beginning in June and co-funding from partner Cisco Systems, Inc. This marks the starting point for a broader global expansion planned for 2026.
  • Global Operations Apprenticeships: Equinix is expanding and relaunching its global apprenticeship, internship and early‑career programs to build a resilient, future‑ready technical workforce. While Equinix has long supported interns and apprentices across its data centers worldwide, the company has now introduced a newly centralized global program with a refreshed curriculum and consistent standards. The first locations to go live include six critical markets: Brazil, France, Germany, the United States, Singapore and the United Kingdom. These initiatives create structured pathways into critical full‑time Operations roles, support knowledge transfer from experienced teams and reduce dependence on constrained labor markets. Working closely with schools, training providers and community organizations—often with support from the Equinix Foundation—Equinix is broadening access to technical careers while strengthening local talent ecosystems. Together, these efforts align business needs with community impact, advancing economic mobility, workforce development and long‑term operational readiness.
  • Learning Labs: Together with industry partners, Equinix is launching a new global training program to develop the next generation of technical talent, debuting across three markets—Dallas, Paris and Singapore. The initiative addresses a dual challenge: supporting a rapidly expanding digital infrastructure sector while creating meaningful reskilling and employment opportunities for individuals seeking new career paths. Designed for early‑career talent with a technical or electrotechnical background, the program aims to deliver hands‑on experience and a comprehensive qualification in data center infrastructure management, equipping participants with essential skills across electrical systems, cooling and climate control, safety practices, and facility operations. Through practical, real‑world training, participants learn how to manage and maintain critical data center environments and ensure their operational reliability.

Equinix’s new workforce development initiatives, including Pathways to Tech, will begin global rollout in 2026, with planned activations across the Americas, EMEA and Asia-Pacific. Interested schools, community organizations and workforce partners can learn more here.

Leave a comment »

Anker’s Spring Sale Deals Round Up Is Live

Posted in Commentary with tags on March 25, 2026 by itnerd

Here is a curated selection of top offers from Anker Innovations — covering must-haves in charging gear, home tech, audio, and portable entertainment. Deals span up to 40% off across brands including Anker, Eufy, Soundcore, and Nebula, with standout savings on power banks, smart vacuums, sleep earbuds, projectors, and more.

Anker | Charging Essentials & Power Solutions

Eufy Appliance

Robot Vacuums 

  • Eufy C28, $699 (30% off), regular $999
  • Eufy E28, $899.99 (25% off), regular $1199.99

Breast Pump

Eufy Security 

Soundcore

Audio 

Recording Productivity

Portable Projectors

Leave a comment »

CData Sync Adds Pipeline Orchestration with Real-Time CDC and Open Table Formats

Posted in Commentary with tags on March 25, 2026 by itnerd

CData Software today announced major enhancements to CData Sync designed to meet the data pipeline demands of modern enterprises. The updates deliver coordinated pipeline orchestration, expanded change data capture (CDC) for mission-critical systems, and native support for open table formats, empowering data teams to operate continuously across legacy and modern architectures.

As organizations race to operationalize AI, they face mounting pressure to keep data fresh, coordinate dependencies across systems, and maintain governance at scale. CData Sync’s latest capabilities directly tackle these challenges by unifying real-time replication, workflow orchestration, and open standards within a single platform.

Pipeline-Based Workflow Orchestration
CData Sync now includes Pipelines, enabling teams to orchestrate multi-step workflows directly within Sync. Data engineers can sequence replication jobs, transformations, and events without external orchestration tools, reducing complexity while maintaining full visibility and control over dependencies.

Programmable Control via API 2.0
The redesigned API 2.0 provides a predictable, automation-friendly interface for managing Sync at scale. Organizations can programmatically configure pipelines, trigger executions, and monitor operations across distributed deployments, making it easier to integrate Sync into internal platforms or enable orchestration through external systems, including AI agents.

Enterprise-Grade CDC for IBM DB2 and SAP HANA
CData Sync expanded CDC support to include IBM DB2 (LUW and iSeries/AS400) and SAP HANA, enabling near-real-time replication from these widely deployed enterprise platforms. Organizations can now stream incremental changes from core systems of record directly into cloud analytics and AI platforms without impacting production workloads.

Open Table Formats for AI and Analytics
With native support for Delta Lake (including Microsoft Fabric via Open Mirroring) and Apache Iceberg, CData Sync allows teams to write data into open, ACID-compliant table formats. This eliminates vendor lock-in and ensures data remains accessible across analytics engines and AI platforms without proprietary dependencies.

Centralized Governance with Workspaces
New Workspaces provide a unified control plane for managing connections, jobs, and transformations across teams and environments. As pipeline counts grow, Workspaces ensure organizations can scale governance, enforce policies, and maintain visibility without losing operational control.

Learn More

To explore CData Sync’s new pipeline orchestration, expanded CDC support, and open table format capabilities, visit cdata.com/sync.

Leave a comment »

Bitdefender Research Shows 130% Increase in Attacks Targeting Gulf Countries

Posted in Commentary with tags on March 25, 2026 by itnerd

Bitdefender has released new research revealing that phishing and malware campaigns targeting Gulf countries have surged by approximately 130% on average following the escalation of the war in Iran.

Researchers observed a sustained spike in malicious email activity beginning February 28, with campaigns quickly doubling and peaking at nearly four times pre-war levels.

Key findings:

  • Threat actors are delivering a mix of remote access trojans, spyware, and fileless attacks that execute in memory
  • The attacks rely heavily on business-themed lures, including invoices, contracts, banking communications, and delivery notifications
  • No confirmed state-sponsored attribution; however, phishing is often a precursor to more complex attacks, enabling initial access to targeted environments.

You can read the research here: https://www.bitdefender.com/en-gb/blog/hotforsecurity/gulf-countries-phishing-surge

Leave a comment »

Trivy supply chain attack expands across CI/CD pipelines with 141 malicious packages

Posted in Commentary with tags on March 24, 2026 by itnerd

A supply chain attack targeting Aqua Security’s Trivy vulnerability scanner has expanded, with researchers from Socket identifying at least 141 malicious artifacts across more than 66 packages following the initial compromise.

The campaign began with unauthorized access to Trivy’s GitHub Actions environment, where attackers used stolen credentials to publish malicious code into trusted components used in CI/CD pipelines.

The attack involved replacing legitimate package contents with credential-stealing malware, which is designed to extract sensitive data such as API keys, cloud credentials, SSH keys, and authentication tokens from affected environments.

The malicious code executes within automated workflows, allowing it to collect secrets from CI/CD runners and transmit them to attacker-controlled infrastructure.

Researchers also observed that the campaign exhibits self-propagating behavior, where stolen publishing tokens are reused to compromise additional packages and distribute malicious updates, enabling the attack to spread across development ecosystems as compromised pipelines unknowingly publish infected code to downstream users.

Damon Small, Board of Directors, Xcape, Inc.:

   “This incident is a masterclass in why “trust but verify” is dead in CI/CD. By force-pushing malicious commits to existing version tags (e.g., @v0.34.2), the threat actor – identified as TeamPCP – turned a trusted security tool into a weaponized delivery vehicle without changing a single line of a user’s workflow file. This highlights the fatal flaw of relying on mutable Git tags rather than immutable commit SHAs.

   “The risk here is a “wormable” supply chain: the malware scrapes runner memory for GitHub PATs and cloud keys, which it then uses to compromise any other repositories that the infected pipeline has write access to. For defenders, the priority isn’t just updating Trivy; it is a scorched-earth credential rotation.

   “If your pipelines ran a Trivy scan between March 19 and March 23, 2026, you must assume every secret accessible to that runner -AWS keys, NPM tokens, and SSH keys – has been exfiltrated. Moving forward, security teams must enforce the pinning of all third-party GitHub Actions to full 40-character commit hashes to prevent this “silent” tag-swapping from recurring.

   “It takes a special kind of irony for a vulnerability scanner to become the primary infection vector for your entire cloud environment.”

Rajeev Raghunarayan, Head of GTM, Averlon:

   “Incidents like the Trivy compromise show how modern attacks move through trusted development pipelines by combining weaknesses across code, infrastructure, and identity.

   “The real risk isn’t just how attackers get in. It’s what that access allows them to reach. Once CI/CD systems are involved, attackers can inject malicious code into trusted artifacts, then use automation to access sensitive credentials and spread downstream.

   “This is why organizations need to focus on attack pathways, not just individual issues. Understanding how exposures connect, and prioritizing the ones that lead to critical systems, is what ultimately limits blast radius.”

Denis Calderone, CTO, Suzu Labs:

   “This is the inherited trust problem we’ve been tracking all month, but this one takes it to a completely different level. The other incidents, VMware, Cisco, Stryker’s MDM, n8n, were all management tools that carry deep access in your environment. Trivy is an example where the actual tool you run to find vulnerabilities is the vulnerability. The scanner was harvesting the most sensitive credentials before the legitimate scan even executed.

   “This is the same pattern we saw with SolarWinds back in 2020, where the security monitoring platform became the attack vector. When the tool you trust to establish trust is the one that’s been turned against you, you’ve got an inherited trust problem at the deepest level there is.

   “The technical execution here is worth paying attention to. Stolen credentials from a misconfigured GitHub Actions workflow gave the attackers access to push malicious code into 75 of 76 version tags. The payload ran inside CI/CD pipelines, silently collecting GitHub tokens, cloud credentials, SSH keys, Kubernetes tokens, database passwords, and crypto wallets from every pipeline that pulled the compromised version. CI/CD runners hold the keys to everything, so compromising the pipeline is effectively compromising every environment that pipeline touches.

   “What really has our attention going forward though is the CanisterWorm component. This is the first documented malware to use blockchain for command and control. Instead of traditional C2 servers that can be seized or sinkholed, the attackers are using Smart Contracts as a decentralized dead-drop. There’s no single server to take down, no domain to block. The operator can rotate payloads on-chain without ever touching an infected host. This is a fundamental shift in how attackers maintain persistence and control, and if this model proves out, it’s going to change how we think about disrupting campaigns.

   “Traditional takedown playbooks don’t work when the command infrastructure is immutable by design.”

Well, this illustrates how dangerous supply chain attacks are. Consider this a teachable moment for defenders in order to make sure their organizations are not affected by the next one.

Leave a comment »

3.1 Million Impacted by QualDerm Data Breach

Posted in Commentary with tags on March 24, 2026 by itnerd

Healthcare management services provider QualDerm is notifying more than 3.1 million people that their personal, medical, and health insurance information was stolen in a December 2025 data breach.

Brian Bell, CEO at FusionAuth had this to say: 

“Healthcare keeps struggling with identity because the industry has treated access management as a compliance exercise rather than a security architecture decision. The problem isn’t just that someone got in, it’s that once inside, there was nothing limiting what they could reach. Authorization controls, audit trails, isolated infrastructure; that’s what turns a catastrophic breach into a contained incident. Without it, you’re doing forensics on a disaster instead of preventing one.”

Chris Hauk, Consumer Privacy Champion at Pixel Privacy adds this:

“This is a concerning development for QualDerm patients, as the breach exposes quite a bit of personal, medical, and identification-related information, leaving them open to possible phishing and identity theft schemes. Affected patients should keep an eye out for phishing schemes using the gleaned info and should also immediately take advantage of the free identity theft and credit monitoring services offered by the company.”

Once again the heathcare sector gets pwned. The fact that this sector keeps getting pwned should be a wakeup call that something needs to be done to change the direction of travel. But sadly that does not seem to be happening.

Leave a comment »

Relyance AI Announces The Commercial Availability of Lyo

Posted in Commentary with tags on March 24, 2026 by itnerd

Relyance AI today announced the commercial availability of Lyo, the industry’s first autonomous data defense engineer designed to monitor and secure how AI agents interact with enterprise data. 

Lyo emerges at an inflection point for the cybersecurity industry as autonomous AI agents spread across enterprise environments-gaining access to sensitive data, triggering workflows, provisioning infrastructure, and calling APIs at machine speed. The challenge is no longer locating sensitive data, but understanding how it is being used in real time; something legacy scanning tools, built to show where data lives, were never designed to do. Without context-identity, purpose, flow, and behavior-security teams are left with a dangerous blind spot and a false sense of control. Gartner predicts that by 2027, more than 40% of AI-related data breaches will stem from improper GenAI use alone. 

Lyo was built to address this new reality. Powered by Relyance’s AI Data Journeys™, Lyo continuously monitors and attaches business and behavioral context to data activity across code, cloud infrastructure, MCP servers, SaaS applications, identities, third parties, and AI agents. 

Meet Lyo: 24/7 Autonomous Data Security

AI agents introduce specific failure opportunities: overprivileged access, hidden non-deterministic data flows, poisoned inputs, third-party model exposure, ephemeral infrastructure, and unpredictable data behavior. Powered by Relyance’s Data Exposure Graph, Data Journeys, Lyo simultaneously monitors an entire data ecosystem, with the following capabilities:

  • Unified AI and Data Visibility: Provides comprehensive visibility into both AI and non-AI assets, creating a complete map of your technology stack showing how AI systems and data assets interact.
  • Identity-to-Data Intelligence: Maps relationships between AI agents and data assets to identify risky combinations. Identifies when AI agents have overprivileged access to sensitive data.
  • Enhanced Contextual Data Classification: Categorizes data sensitivity levels and tracks data flows. Identifies which assets house highly sensitive data and monitors how AI agents interact with that data.
  • 24/7 Monitoring & Policy Alerts: Continuously monitors for threats with proactive alerting for security policy violations with unified risk intelligence across data, identity, AI, and behavior
  • Conversational Investigation (Ask Lyo): Answers questions via a natural language query interface to help teams prioritize which issues require immediate action, what has the most potential damage/impact, and provides context for security decisions. 
  • Third-Party Vendor Risk Management: Identifies and monitors vendor-supplied AI components to manage vendor security risks, including third-party MCP servers.

Relyance AI will be demonstrating Lyo and its full platform at RSAC 2026, March 23–26, at the Moscone Center in San Francisco. To schedule a meeting or request a demo, visit relyance.ai.

Leave a comment »

The FCC In The US Has Pretty Much Banned All Wireless Routers From Being Sold…. But It’s Kind Of Complicated….

Posted in Commentary with tags on March 24, 2026 by itnerd

So it seems that the FCC in the United States has decided to ban pretty much every wireless router from being sold in the US. The FCC posted this PDF explaining the decision. But here’s the part that you need to care about:

The Executive Branch determination noted that foreign-produced routers (1) introduce “a supply chain vulnerability that could disrupt the U.S. economy, critical infrastructure, and national defense” and (2) pose “a severe cybersecurity risk that could be leveraged to immediately and severely disrupt U.S. critical infrastructure and directly harm U.S. persons.”

And:

The National Security Determination states that “Production generally includes any major stage of the process through which the device is made, including manufacturing, assembly, design, and development.”

Since no router that I am aware of is built in the USr, it means that anything that you could purchase from Best Buy, or get from your ISP, or from companies like Cisco or Ubiquiti is effectively banned. So what does that mean? Well, from what I read it means the following:

  • This ban applies to the importation and sale of routers.
  • You can continue to use your existing router.

Now there is a lifeline of sorts for router companies. They can apply for an exemption by proving that their devices are safe. What that entails is a bit of a question mark at the moment. But I pretty much assume that router companies are rushing to take advantage of that. On top of that, router companies could get around this by building their gear in the United States. But that could take years to scale up and since labour in the US is more expensive than labour in Asia for example, prices are sure to go up.

So why is the US doing this? It’s likely a reaction to companies like TP-Link having what is perceived to be insecure gear that could be leveraged by threat actors of various descriptions to launch attacks. I mention TP-Link because most of the noise around this has centered around TP-Link being accused of working for Chinese intelligence. But the US is said to have said similar things about other router companies.

What should you do in regards to this issue? Well, if you are in the US and you were considering upgrading to a new router to get say WiFi 7 or better performance or more features, now might be a really good time to upgrade given that the US banned drones from DJI using a similar rationale. Thus supplies may run out quickly whether it’s from your local Best Buy, your ISP, of from companies like Cisco.

This will be very interesting to watch as I am going to guess that this whole scenario may not play out the way that the FCC wants it to.

UPDATE: I have some commentary on this. Starting with Jacob Krell, Senior Director: Secure AI Solutions & Cybersecurity, Suzu Labs had this to say:

   “Supply chain compromise is becoming one of the most serious threat vectors for nation state and advanced intrusion activity targeting critical infrastructure. The FCC’s decision to add foreign manufactured consumer routers to its Covered List reflects a risk the security community has been warning about for years.

   “As endpoint and product security have improved, adversaries have increasingly looked upstream toward manufacturing, firmware, and other supply chain dependencies where compromise can create durable access. The FCC’s citation of Volt Typhoon, Flax Typhoon, and Salt Typhoon is consistent with that concern. Network devices are especially attractive targets because they sit in the path of every packet entering and leaving an environment, and predeployment compromise can be exceptionally difficult to detect and remediate.

   “This ruling applies only to new devices seeking FCC authorization, which shows policymakers are treating this as a structural, long-term risk rather than a one-off enforcement action. The market impact could be significant, given how much of the consumer router market is manufactured overseas. Public reporting has suggested that at least one newer Starlink Wi-Fi router is manufactured in Texas, but the broader reality is that domestic production capacity appears extremely limited.

   “Security leaders should treat this as a procurement signal. If the federal government has concluded that foreign manufactured network hardware can present unacceptable supply chain risk, organizations should be reviewing whether their own vendor diligence, firmware assurance, and hardware sourcing practices reflect that same reality. Every router, switch, and access point in the environment came from a supply chain. Knowing where that hardware was manufactured, who wrote the firmware, and what visibility exists into that process is no longer a theoretical exercise. The geopolitical environment is making these questions urgent, and this ruling is unlikely to be the last of its kind.”

Damon Small, Board of Directors, Xcape, Inc. adds this:

   “This is a massive expansion of U.S. tech protectionism, moving beyond specific Chinese entities like Huawei or ZTE to a blanket ban on all foreign-produced consumer routing hardware. By citing the weaponization of SOHO routers by groups like Volt Typhoon and Salt Typhoon, the FCC is treating the humble home router as a primary vector for national-scale pivot attacks against critical infrastructure.

   “For security leaders, the immediate risk isn’t an overnight “dark start,” but a long-term supply chain squeeze; with over 60% of the market currently dominated by foreign manufacturing, procurement for remote-worker kits and branch offices is about to become significantly more expensive and limited to a handful of “trusted” (likely domestic) vendors.

   “Defenders should audit their current fleet of remote-access hardware and prioritize vendors moving toward U.S.-based manufacturing or those actively seeking DHS “Conditional Approval.” While existing hardware is safe for now, expect insurance carriers and federal auditors to eventually move the goalposts from “legal to use” to “compliant to keep.”

   “The FCC is finally treating home routers like the Trojan Horses they are, though I’m sure “Made in the USA” will magically add 40% to the MSRP and zero to the patch frequency.”

Leave a comment »

HP Leads Security for the Future of Work with Launch of HP TPM Guard: New Protection Against Physical Access Attacks that Steal PC Data

Posted in Commentary with tags on March 24, 2026 by itnerd

Today, at HP Imagine 2026, the company launched HP TPM Guard – the first hardware solution to stop physical TPM bus attacks, delivering the world’s first business notebook to prevent physical-access attacks that defeat BitLocker drive encryption. HP also announced enhancements to its HP Wolf Security PC portfolio and brought quantum resistance to a broader range of HP printers.

Closing the BitLocker Security Gap with HP TPM Guard

PCs are at the center of modern, hybrid work, storing vast amounts of sensitive information – from confidential documents and credentials to customer and employee data. With the rise of AI applications processing voice, video and screenshots, the volume of sensitive data held on PCs is only increasing.

BitLocker has been widely used by enterprises to protect this data if PCs are lost or stolen, but vulnerabilities uncovered in recent years can enable an attacker with physical access to a device to bypass BitLocker and extract the data. Commonly referred to as “TPM bus attacks”, this technique relies on attackers intercepting communication between the certified Trusted Platform Module (TPM) and CPU, and can be performed in under a minute, using just $20 of hardware with minimal training. 

HP TPM Guard protects against this threat by introducing an encrypted link between the TPM and CPU, preventing interception and probing attacks. The TPM is cryptographically bound to the device, rendering it inoperable if removed or tampered with – closing this industry wide security gap, without adding complexity for IT teams.

HP TPM Guard is the latest in a long series of security innovations to come out of the HP Security Lab over the last 20 years. HP proactively identifies emerging threats, creates solutions for HP products, and then works with industry standards bodies to ultimately raise the bar for the whole IT ecosystem. With this in mind, HP has already submitted a proposal to the Trusted Computing Group to contribute TPM Guard technology as an industry standard.

To read about the engineering behind HP TPM Guard please visit this blog.

New HP Wolf Security Capabilities to Reduce Cost and Risk for Businesses

HP is also strengthening security across its commercial PC portfolio by announcing new HP Wolf Security capabilities. They are focused on increasing the synergy between Workforce Experience Platform (WXP), HP Wolf Security, and the enterprise architecture to reduce operational overhead and cyber-risk. These new capabilities include:

  • Wolf Controller / WXP Integration to lower risk and operational friction
  • Next Gen Wolf Connect cellular card to deliver better accuracy with less power consumption
  • Broader Sure Recover platform support at lower cost
  • Centralized security log collection on the Wolf Controller

Quantum Resistance – The Future of Print Security

Experts predict that the possibility of a quantum computer breaking existing asymmetric cryptography is up to 34% by 2034 driving the urgency for quantum-resistant protections. With printers increasingly targeted as an entry point into networks, HP is expanding quantum-resistant cryptography to a wider range of devices:

  • New HP LaserJet Pro 4000/4100 Series: The world’s first SMB printers with quantum-resistant protection alongside tamper-resistant toner chips, firmware, and packaging. HP Workforce Experience Platform, and optional HP Security Manager, also enable streamlined security compliance and fleet-wide device management under one umbrella.
  • New HP LaserJet Enterprise 5000/6000 Series: The world’s first enterprise printers shipped from the factory with protection against quantum computer-based attacks[iv],reducing the risk of exposure. The series is also powered by HP Wolf Enterprise to detect, isolate, and automatically recover from cyberattacks and features the only printers with zero-day threat detection and recovery during memory code execution.

The HP LaserJet Enterprise 5000/6000 Series will also feature Automated Guided Redaction, which detects and removes sensitive information, such as personal data or financial details, helping organizations support compliance requirements without adding extra review steps for IT.

More information on today’s news at HP Imagine can be found here

Leave a comment »

Zalos gets $3.6M for its computer agents to help CFOs

Posted in Commentary with tags on March 24, 2026 by itnerd

Modern finance teams run on a fragmented stack of ERPs, CRMs, spreadsheets, email, and banking platforms that were never designed to talk to each other. APIs between these systems are often missing or incomplete, which means finance teams become the human API themselves, manually stitching data across systems to complete billing cycles, close the books, and produce reporting their business depends on. Zalos was built on the belief that the next leap in productivity will not come from replacing that stack, but from agentic software that can operate it the same way humans do and understands the deep business context. 

Today Zalos, the leader in Computer Agents for Finance Operations, announced a $3.6 million seed round to realize this vision. The funding round was led by 14 Peaks with participation from Cohen Circle, 20VC and notable angels*.

Computer Agents are the defining AI technology for 2026. 2023 was generative AI, 2024 brought multi-modal, and in 2025, AI learnt reasoning. Now AI will take over our computers. OpenAI and Anthropic have both moved into the space with generalist Computer Agents, but Zalos is purpose-built for finance operations, where the stakes of getting it wrong are categorically higher. Finance teams cannot operate on 90% accuracy, the agents need finance specific skills, and they need every automated action logged in a format auditors can follow. The Computer Agent market is still in its early stages; comparable to where large language models were at GPT 3.5. Zalos’s purpose-built infrastructure and evaluation systems are designed to push reliability to the accuracy levels that CFOs need to automate finance operations at scale.

Zalos converts screen recordings of finance workflows into Computer Agents that log in, navigate screens, enter data, and check against controls across ERPs, Excel, email, and internal tools. The platform works inside NetSuite, Sage, and SAP S/4HANA today, with no heavy integrations required. Every agent action is captured in an auditable log, and the platform is built to enterprise security standards including SOC 2 Part II certification, enterprise single sign-on, role-based access controls, and on-premise deployment options. Use cases being most actively used by clients include billing automation across multiple systems, month-end reconciliations, and cross-system KPI reporting across multiple ERP instances.

The company was founded by CEO William Fairbairn and CTO Hung Hoang after intersecting paths led them to the same conclusion. Fairbairn spent years at Agicap speaking with hundreds of CFOs, and heard the same frustration consistently: ERP implementations take more than twelve months, deliver limited upside when they go well, and carry real career risk when they go wrong. Hoang left Apple Pay after five years and became focused on Computer Agents specifically because they avoid the API problem that has stalled so many automation efforts in finance. The two began building Zalos last October after joining Y Combinator, with a focus on specialized agents that emulate how finance teams actually operate inside their tools.

The rise of reliable Computer Agents creates a third path: automation that sits on top of the existing stack and operates it as a human would. These agents are trained once with screen recordings, then the process is automated forever, never taking a holiday, and at a speed and consistency a person cannot match.”

Looking ahead, Zalos plans to expand beyond the major midmarket ERPs where it already has customers and into enterprise ERPs and on-premise systems. By building a wide-reaching context graph across the finance stack, the company aims to help CFOs deploy a swarm of agents and drive a step-change in their finance team’s impact.

* Notable angels included: Mike Lenz (CFO Fedex), Ian Sutherland (CFO Tide), Long Dinh (CFO Ada), Nancy Casey (Global Vice President, Oracle, SAP), Paul Forster (Founder, Indeed), Henri Stern (Founder, Privacy), Ed Woodford (Founder, zerohash), James Beshara (Founder, Tilt Payments), Long Lu (Founder, Misa Accounting), Catherine Dahl (Founder, Beanworks Accounts Payable), Pablo Palafox (Founder, Happy Robot), Hasan Sukkar (Founder, 11x), Chris Smoak (Founder, Atrium), Ooshma Garg (Gobble), Minh Pham (Head of Browser Infra, Perplexity), Jon Langbert (Founder, Alight), Mandeep Singh (Founder, Trouva), Thai Duong (Founder, Calif), Ash Rush (Founder, Sterling Road), Jake Klamka (Founder Insight Data Science), Jonathan Meeks (Board, TA Associates).

Leave a comment »

« Older Entries