Every company today faces mounting pressure to deploy AI, but most solutions fall short on reliability and cannot handle complex, critical workflows. Applied Labs, founded by early Scale AI leaders, announced $4.2 million funding to transform how businesses deploy AI agents for complex support and operations tasks.
The seed round was led by Abstract, with participation from Point72 Ventures, Outlander, and Tetra. A few notable angel investors include Vercel CEO Guillermo Rauch, Modal CTO Akshat Bubna, and ex-Twitter exec Ali Rowghani. This latest round brings the total raised by Applied Labs to $5.2 million.
Founded in January 2024 by Michael Woo and Soham Waychal, Applied Labs emerged from their firsthand experience with AI applications at Scale AI, where they recognized how much time was spent on critical yet repetitive support interactions and ops workflows. Woo – who joined Scale AI as employee #20 and led a team of 30 focused on ops scalability – saw the opportunity to build AI agents that could handle complex workflows with unprecedented reliability. Waychal, who previously led engineering at a16z-backed Canal and holds 5 AI patents, brings deep technical expertise to the challenge.
The company focuses on support and operations teams. Their current solution is an end to end AI customer support agent fine-tuned to the businesses’ knowledge base and empowered with AI actions which typically involve first and third party integrations. Digital employees in other domains like operations are incoming.
Uniquely, the Applied Labs team is using their expertise at Scale AI to build high quality, reliable and easy to use AI agents. The solution uniquely combines three critical components to get what they believe are the best results: omnichannel interactions spanning chat, email and phone to handle 100% of volume; sophisticated AI agent orchestration for handling Q&A and AI workflows; and comprehensive evaluation tools for testing, auditing and monitoring AI outputs. This approach includes built-in human-in-the-loop escalations, recognizing that finding the right balance between AI efficiency and human touch for complex, emotional interactions remains crucial.
The stakes are high – a single misstep in handling customer inquiries or operational tasks can erode trust and escalate problems. “At Scale when we first did AI labeling or if you think about self-driving cars or even these AI sales agents, if you scale up a poorly thought out AI response or workflow on high volume, it’s deeply damaging.” Woo said. Applied Labs addresses this by building guardrails and monitoring systems to rigorously test the AI with human-in-the-loop auditing before any new capabilities are broadly deployed.
Applied Labs plans to double its headcount in the coming months to meet growing customer interest. The funding will accelerate hiring of engineers to advance the company’s ambitious product roadmap.
Looking ahead, while the AI industry races to replace human workflows, Applied Labs is pioneering a more nuanced vision: high quality AI agents that combine machine efficiency with human judgment. By focusing on quality, reliability and empowering non-technical teams to resolve the most complex, painful issues with AI, the company is building toward a future where almost every company can confidently deploy AI across their most complex operations—transforming not just how work gets done, but redefining what’s possible when artificial and human intelligence work in harmony.
Obsidian has released its new 2025 SaaS Security Threat Report that reveals SaaS breaches have surged by a staggering 300% over the past year and that SaaS applications were the attack vector behind the majority of the biggest incidents, including MGM, Microsoft, AT&T, and Okta.
These findings signal a shift among nation-state and criminal threat actors – including groups like Midnight Blizzard, Scattered Spider, ShinyHunters, and more – who are targeting SaaS platforms as the new “frontline” attack vector as more data shifts to popular SaaS apps like Microsoft Office 365, Google Workspace, ServiceNow, Slack and Okta.
The new report is based on the industry’s largest repository of SaaS-related attack data, including direct involvement in over 150 incident responses alongside leading firms like GuidePoint and Kroll.
TikTok’s corporate masters Byte Dance have been consistently saying that TikTok isn’t for sale. But according to this story, a deal may be in the works:
The Trump administration is working on a plan to save TikTok that involves tapping software company Oracle and a group of outside investors to effectively take control of the app’s global operations, according to two people with direct knowledge of the talks.
Under the deal now being negotiated by the White House, TikTok’s China-based owner ByteDance would retain a minority stake in the company, but the app’s algorithm, data collection and software updates will be overseen by Oracle, which already provides the foundation of TikTok’s web infrastructure.
Thatwould effectively mean American investors would own a majority stake in TikTok, butthe terms of the deal could change and are still being hammered out.
“The goal is for Oracle to effectively monitor and provide oversight with what is going on with TikTok,” said the person directly involved in the talks, who was not authorized to speak publicly about the deliberations. “ByteDance wouldn’t completely go away, but it would minimize Chinese ownership.”
NPR has agreed not to name the sources, who are not authorized to speak publicly about the confidential talks.
Other potential investors who are engaged in the talks include Microsoft.
If any of this sounds familiar, it should. The last time Donald Trump was president, he tried to engineer a deal involving Oracle and WalMart among others. But the deal fell apart. Microsoft was also said to be interested in buying TikTok. But that deal went nowhere at least twice. So, will it happen this time? I have no clue. But we have less than 75 days to see what happens as that’s how long the TikTok executive lasts.
Posted in Commentary with tags Privacy on January 25, 2025 by itnerd
Whether you’re in IT, healthcare, government, or finance — every industry that handles sensitive data or critical systems benefits from protecting its data. We are reminded of this every time we see a new breach in the news, and especially during Data Privacy Week which is next week, helps to further empower everyone to protect our privacy online.
I have a pair of comments on Data Privacy Week from industry experts:
“This is a great time for developers and product leads to remember, ‘if you don’t collect it, it can’t find its way into a breach,’ and be mindful of how much information is captured and stored that may be a liability to the business rather than an asset. For end users, in the past few months, we’ve seen clear-text SMS messages and call data records, some dating back as far as seven years, disclosed in telecom hacks. Encrypted options for video, voice and text exist and are now being promoted by professionals and government groups alike.”
“Data Privacy Week is a good opportunity to reflect on how security and privacy go hand-in-hand. Threat intelligence is a critical part of protecting sensitive data – it helps us identify and respond to risks before they turn into tangible threats. A strong security posture is essential for safeguarding privacy, and this week underscores the need to integrate both into your strategy. Protecting data is about more than compliance; it’s about being proactive in identifying and mitigating risks to keep both privacy and security intact.”
The website that I linked to above has a ton of great resources that you can use to take more control of your data. Feel free to check them out.
Posted in Commentary with tags Netwrix on January 25, 2025 by itnerd
In a recent report published by Netwrix, the cybersecurity firm surveyed 1,309 security professionals globally and found that 84% of organizations in the healthcare sector observed a cyberattack on their infrastructure within the last 12 months.
Phishing and account hijacking were the most common types of incidents experienced. Of those that spotted a cyberattack, 74% of healthcare organizations reported user or admin account compromise compared to 44% of organizations with on-premises infrastructure.
“Healthcare workers regularly communicate with many people they do not know — patients, laboratory assistants, external auditors and more — so properly vetting every message is a huge burden. Plus, they do not realize how critical it is to be cautious, since security awareness training often takes a back seat to the urgent work of taking care of patients. Combined, these factors can lead to a higher rate of security incidents,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.
The report also reported that a cyberattack resulted in financial damage for 69%, compared to 60% for other industries. 57% estimated financial damage of greater than $10,000, with 36% stating the financial damage was greater than $50,001.
Automation of manual IT processes ranked third for the healthcare sector behind data and network security, with 46% of respondents stating it as one of their top priorities for 2024.
An expert with Cyware offers perspective on the matter.
“This is a reminder that securing healthcare infrastructures goes beyond just protecting data—it’s about safeguarding the entire ecosystem of communication, collaboration, and critical patient care. With many healthcare workers juggling multiple interactions daily, it’s clear that robust threat intelligence management and training programs are crucial in equipping staff to spot and mitigate these threats. Moreover, automating IT processes can help reduce human error, which is often exploited by attackers, and streamline defenses in an industry under constant pressure. Effective threat intelligence sharing and collective defense are essential to fortifying healthcare networks and minimizing the impact of these attacks.”
Unfortunately healthcare is a target rich environment for threat actors. This paradigm needs to change and fast. Otherwise some the most important data that relates to all of us will be forever under threat.
Recently, the Safety Detectives Cybersecurity Team stumbled upon a forum post on the clear web where a threat actor posted a link to a database allegedly belonging to American National Insurance Company’s 2023 data breach that contained 279,332 lines of sensitive data of customers and some employees’ data.
Posted in Commentary with tags Apple on January 24, 2025 by itnerd
Yesterday, Apple did something that I have rarely seen. They put out a statement to sites like MacRumors that they are still working with “several” carmakers to bring out the next generation of Apple CarPlay.
Keep in mind that this next generation of Apple CarPlay was supposed to be rolling out right now.
To be honest, this has the feel of AirPower. Remember that? Apple announced it. Apple missed their 2018 ship date. Apple stopped talking about it. Then Apple killed it. Next generation Apple CarPlay is going in that direction. And I think Apple will eventually kill it. I say that because you would think that any carmaker who really wants next generation CarPlay would have jumped on board and announced that one or more of their cars are going to have next generation Apple CarPlay by now. But you have heard absolutely nothing from any carmaker on the planet. What’s more, Apple hasn’t named a single carmaker who’s jumped on board.
That’s not good.
The fact that no carmaker has admitted to be part of next generation Apple CarPlay, nor has Apple said who is part of this, says to me that few if any carmakers have signed on. And if that continues, I cannot see how Apple can roll this out. Thus it seems highly likely to me that next generation CarPlay is going to get killed by Apple if there isn’t significant movement soon. That would be a shame for everyone. Customers, Apple, carmakers, everyone.
Apple CarPlay is great and I would love to see a major overhaul. But as things stand, I don’t see that happening. Though I am always free to be proven wrong. Let’s hope that Apple does prove me wrong.
Posted in Commentary with tags Saviynt on January 23, 2025 by itnerd
Saviynt, a leading provider of cloud-native identity governance solutions, today announced that Ajay Garg has joined its company as Chief Development Officer to lead the engineering team for its Identity Cloud platform.
Garg joins Saviynt from Palo Alto Networks, where, as Vice President of Engineering, he led a global engineering team responsible for the development of AI-driven advanced security solutions for Data Security, SaaS Security, WildFire, and Internet Security. In his executive role at Saviynt, Garg will oversee all of Engineering, Quality Engineering, Infrastructure (DevOps) and SRE (site reliability) teams driving innovation and growth within Saviynt’s identity security platform offerings.
Prior to Palo Alto Networks, Garg served as Global VP of Engineering at CyberCube Analytics, where he led the development of its industry-leading Cyber Risk Analytics platform. Previously, Garg held key engineering leadership roles at FireEye and Cisco Systems, where he drove innovation in cloud security, identity management, threat analytics, secure access, firewall security, and content security.
To learn more about Saviynt’s Identity Cloud, please visit the website.
My wife and I are doing literally everything and anything possible to keep our non connected vehicle on the road as long as possible. We both don’t trust carmakers when it comes to our data. This is a prime example of why we don’t trust them. We also are afraid of the security implications of having a car connected to the Internet 24/7. And this story is an example of why we are afraid:
On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK connected vehicle service that gave us unrestricted targeted access to all vehicles and customer accounts in the United States, Canada, and Japan.
Using the access provided by the vulnerability, an attacker who only knew the victim’s last name and ZIP code, email address, phone number, or license plate could have done the following:
Remotely start, stop, lock, unlock, and retrieve the current location of any vehicle.
Retrieve any vehicle’s complete location history from the past year, accurate to within 5 meters and updated each time the engine starts.
Query and retrieve the personally identifiable information (PII) of any customer, including emergency contacts, authorized users, physical address, billing information (e.g., last 4 digits of credit card, excluding full card number), and vehicle PIN.
Access miscellaneous user data including support call history, previous owners, odometer reading, sales history, and more.
After reporting the vulnerability, the affected system was patched within 24 hours and never exploited maliciously.
Okay. I will say that it is good that it was patched quickly when this is reported. I will also say that nobody can say with 100% certainty that this was never exploited in any way. And I will say that this implies that Subaru needs to step up their vulnerability testing as the data listed above is the holy grail of data that anyone from a car thief, a disgruntled ex-partner, to an intelligence agency would want.
And what really bothers me is the way that this post concludes:
When writing this, I had a really hard time trying to do another blog post on car hacking. Most readers of this blog already work in security, so I really don’t think the actual password reset or 2FA bypass techniques are new to anyone. The part that I felt was worth sharing was the impact of the bug itself, and how the connected car systems actually work.
The auto industry is unique in that an 18-year-old employee from Texas can query the billing information of a vehicle in California, and it won’t really set off any alarm bells. It’s part of their normal day-to-day job. The employees all have access to a ton of personal information, and the whole thing relies on trust.
It seems really hard to really secure these systems when such broad access is built into the system by default.
So I will say this to a car makers who happen to read this post. You will have to pry our current non-connected car out of the cold dead hands of my wife and I. And the only way that we will consider anything new is if all of you prove on a continuous basis that you’re able to keep this data safe and secure. Because these days, it’s not just about what creature comforts a car has, or the fuel economy that it gets. It’s also about how the data that is generated is secured. Until you do that part well, we’ll keep the car that we have as that will allow my wife and I to sleep better at night.
“As with modern times, most and many things are tracked. It’s important to point out that in most cases, the tracking is anonymous in nature — without correlations with other types of data, tracking is just one data point. I think most practitioners and customers would want the select ability and opt-in/opt-out authority for their privacy. Where things get even more scary to security practitioners is if the backend systems like AI for example, become connected to cars and execute movement or control over a vehicle. Both the car manufacturer and the liability of the driver could be questioned in such a potential eventuality. Those become blatant safety issues. It’s important that manufacturers get the data they need, but at the same time, customers have more control so that the data isn’t misused. The movie Leave the World Behind portrays future Tesla cars being compromised and running them down the road, colliding with each other. That’s much scarier.”
Posted in Products with tags Asus on January 23, 2025 by itnerd
What if I told you that I have come across a WiFi 7 router that is both fast and fully customizable? By fast I mean that it is capable of above gigabit speeds over WiFi. And by fully customizable I mean that you can tweak it to match your use case. You’d likely say that I am crazy. But I am not. Meet the ASUS RT-BE86U WiFi 7 Router:
Compared to some routers that ASUS makes, this router is pretty understated. There’s no RGB and only a handful of LEDs which you can turn off if you need to, and the styling isn’t over the top. That means that the wife approval factor will be high if you put this in your house. In fact, my wife saw it and said that “it doesn’t look nearly as gamerish as their other routers.” I should note that the antennas are removable and have a standard connector. Which is handy if you need to replace them.
ASUS has cleverly added the words “WiFi 7” to the venting on the back. Which by the way, there’s a lot of venting on this router. In terms of connections, you get three 2.5 Gbps ports, a 2.5 Gbps and 10 Gbps which depending on the situation can be used for WAN access. A tip of the hat to ASUS for providing such fast ports as that’s a form of future proofing this router. A USB 3.0 port and a USB 2.0 are present for things with external hard drives and printers on the right, on the left is the reset button, power connector, and on/off switch.
On the left is a WPS button.
On the right is the button that turns the front LEDs on and off.
In terms of bands, here’s what you get:
2.4GHz: up to 1032 Mbps
5GHz: up to 5764 Mbps
Now some of you are likely saying “where’s the 6 GHz band?” The fact is, you don’t need that band to do WiFi 7 as the WiFi 7 standard can take multiple bands and put them together to get crazy speeds. That functionality is called MLO and you can read about it here. Also, omitting that band likely helps to keep the costs down. Another thing to point out is that a router with Wi-Fi 7 generally improves speeds across all bands. Finally, there’s only a handful of WiFi 7 devices out there at the moment. So for most people, having no 6 GHz band is a non issue.
Setup is easy. You can use the ASUS app to set things up. Or if you’re like me, you can use the web interface which gives you way more options to play with. Most people should go the app route as that’s the easiest path to getting this working for most people. If you own another ASUS router, you can also back up the configuration from that router, and load it into this one and be up and running in minutes. For my testing, I set it up as a new router with the default settings.
In terms of speed, well let’s say I was impressed. Let’s start with its ability to deal with a PPPoE connection. Which is what ISPs like Bell or Distributel offer its customers. This is important to yours truly as most consumer routers have huge problems dealing with PPPoE traffic, resulting in speed being left on the table because the router can’t handle it. That’s not the case here. My connection is apparently 1 Gbps downstream/750 Mbps upstream via a fibre link and this is what I get over my Asus ZenWiFi XT8:
Now this is what I get with the ASUS RT-BE86U:
In short, ASUS has clearly built a router that is built to handle the most demanding connections. And a PPPoE connection would qualify as demanding because of the overhead that PPPoE has.
But the speed doesn’t stop there. I did a speed test from my iPhone 14 Pro standing about 10 meters away. Yes, this is a WiFi 6 device. But it will illustrate something that I said earlier, which is WiFi 7 improves speed on all bands. In this case the 5 GHz band. Once again I will start with a speed test from the ASUS ZenWiFi XT8:
Now let’s look at the speed test from the ASUS RT-BE86U:
What this means that even if you don’t have a single WiFi 7 device in your home, you will get better performance on WiFi. I’ll go one step further. I have a Mac mini with the M2 Pro processor. And that Mac has WiFi 6E. Let’s see what speed you get from the XT8 for starters:
And now from the RT-BE86U
The Mac mini on WiFi 6E came close to maxing out my connection. Thus I believe you can call this router fast on all fronts. And if I had a faster Internet connection, I would see faster numbers from all my tests.
Now ASUS could have stopped there. But there’s a number of things that I would like to point out that add even more value to this router beyond speed:
You can use the 10Gbps as the WAN port, or switch the WAN port to the 2.5Gbps port. Whatever port that is the non-WAN port will function as a LAN port.
You can use the router in a dual-WAN setup so that you have access to more than one Internet connection. Either to combine the links or have a backup Internet connection on standby.
You can use the USB port as a third WAN source to host a tethered smartphone or cellular modem for emergency situations.
It supports AI Mesh which allows you to create a mesh network with one or more supported ASUS routers.
It has built-in Parental Controls and online protection as part of their AiProtection suite that is supplied by Trend Micro. This suite is free forever which is a significant difference between this router (or any ASUS router for that matter) and other brands of router which make you pay extra for this functionality as part of a subscription of some sort.
For a limited time you can get a complementary twelve month or six month NordVPN subscription when you buy an ASUS router. More info here.
Though it’s not advertised as a gaming router, it does have a broad amount of gaming specific features that will make gamers happy.
There’s one other thing that I’d like to point out. ASUS routers are very customizable. If I need to tweak a setting, I have the ability to do so. That’s something a lot of consumer routers do not let you do because they hide so much of what you can do. This level of customization is great for advanced users like me as there have been times I have had to use a really obscure setting to fix an issue with a unique WiFi device. Or using a router like this with Distributel fibre internet service which requires the router to be set up to use VLAN 40 to connect to the Internet. All of that means that you can use this, or any other ASUS router in more unique use cases where other brands of routers would fail in.
MSRP is $409.99 CAD. Now that I will admit is more expensive than its competition. But here’s my argument on that. If you combine the performance that this router has, the extra value that I outlined in the bullet points above that doesn’t cost you anything extra, and the fact that you can customize it six ways from Sunday for whatever unique use case that you have, this router is a winner. Take a good look at it if you want to dip your toe into the world of WiFi 7.
Applied Labs raises $4.2M In Funding
Posted in Commentary with tags Applied Labs on January 27, 2025 by itnerdEvery company today faces mounting pressure to deploy AI, but most solutions fall short on reliability and cannot handle complex, critical workflows. Applied Labs, founded by early Scale AI leaders, announced $4.2 million funding to transform how businesses deploy AI agents for complex support and operations tasks.
The seed round was led by Abstract, with participation from Point72 Ventures, Outlander, and Tetra. A few notable angel investors include Vercel CEO Guillermo Rauch, Modal CTO Akshat Bubna, and ex-Twitter exec Ali Rowghani. This latest round brings the total raised by Applied Labs to $5.2 million.
Founded in January 2024 by Michael Woo and Soham Waychal, Applied Labs emerged from their firsthand experience with AI applications at Scale AI, where they recognized how much time was spent on critical yet repetitive support interactions and ops workflows. Woo – who joined Scale AI as employee #20 and led a team of 30 focused on ops scalability – saw the opportunity to build AI agents that could handle complex workflows with unprecedented reliability. Waychal, who previously led engineering at a16z-backed Canal and holds 5 AI patents, brings deep technical expertise to the challenge.
The company focuses on support and operations teams. Their current solution is an end to end AI customer support agent fine-tuned to the businesses’ knowledge base and empowered with AI actions which typically involve first and third party integrations. Digital employees in other domains like operations are incoming.
Uniquely, the Applied Labs team is using their expertise at Scale AI to build high quality, reliable and easy to use AI agents. The solution uniquely combines three critical components to get what they believe are the best results: omnichannel interactions spanning chat, email and phone to handle 100% of volume; sophisticated AI agent orchestration for handling Q&A and AI workflows; and comprehensive evaluation tools for testing, auditing and monitoring AI outputs. This approach includes built-in human-in-the-loop escalations, recognizing that finding the right balance between AI efficiency and human touch for complex, emotional interactions remains crucial.
The stakes are high – a single misstep in handling customer inquiries or operational tasks can erode trust and escalate problems. “At Scale when we first did AI labeling or if you think about self-driving cars or even these AI sales agents, if you scale up a poorly thought out AI response or workflow on high volume, it’s deeply damaging.” Woo said. Applied Labs addresses this by building guardrails and monitoring systems to rigorously test the AI with human-in-the-loop auditing before any new capabilities are broadly deployed.
Applied Labs plans to double its headcount in the coming months to meet growing customer interest. The funding will accelerate hiring of engineers to advance the company’s ambitious product roadmap.
Looking ahead, while the AI industry races to replace human workflows, Applied Labs is pioneering a more nuanced vision: high quality AI agents that combine machine efficiency with human judgment. By focusing on quality, reliability and empowering non-technical teams to resolve the most complex, painful issues with AI, the company is building toward a future where almost every company can confidently deploy AI across their most complex operations—transforming not just how work gets done, but redefining what’s possible when artificial and human intelligence work in harmony.
Leave a comment »