Connect with us

Latest News

Katana raises $11M Series A to be the SaaS powering ‘manufacturing entrepreneurs’

Published

on

Katana, an Estonian startup that has built manufacturing-specific enterprise resource planning (ERP) software for SMBs, has raised $11 million in Series A funding.

Leading the round is European venture capital firm Atomico, with participation from angel investors Ott Kaukver (Checkout.com CTO), Sten Tamkivi (CPO Topia, formerly Skype), Sergei Anikin (CTO, Pipedrive) and Kairi Pauskar (former TransferWise HR Architect). Previous backer 42Cap also followed on, bringing the total investment raised by the company to date to $16 million.

Founded in 2017 by Kristjan Vilosius (CEO), Priit Kaasik (engineering lead) and Hannes Kert (CCO), Katana positions itself as the “entrepreneur manufacturer’s secret weapon” with a plug-and-play ERP for small to medium-sized manufacturers. The idea is to wean companies off existing antiquated tools such as spreadsheets and legacy software to manage inventory and production. The startup is also playing into macro trends, such as the advent of online marketplaces and D2C e-commerce, that are resulting in an explosion of independent makers, spanning cosmetics to home décor, electronics to apparel, and food and beverages.

“We are seeing a global renaissance of small manufacturing driven by the rise of e-commerce tools and consumer demand for bespoke products produced locally,” says Vilosius. “Just walk around any big city from London to San Francisco, and you’ll see workshops all around you. Someone’s making organic cosmetics here; over there, someone is making electric bikes. These companies are run by passionate entrepreneurs selling through traditional channels, but also selling through direct-to-consumer channels, e-commerce stores and marketplaces, etc. This is a massive boom of makers wanting to create products and sell them globally, and it is not a trend that will disappear tomorrow”.

The problem, however, is that small and medium-sized manufacturers don’t have the right software to support workflows necessary to sell through multiple channels — and this is where Katana comes in. The plug-and-play software claims a superior UX designed specifically to power boutique manufacturing, including functionality supporting the workflows of modern manufacturers, i.e. inventory control and optimization, and purchasing materials, managing bill-of-materials, tracking costs and more. It also offers an API and integrations with popular e-commerce sales channels and accounting tools such as Shopify, Amazon, WooCommerce, QuickBooks, Xero and others.

“We have built the world’s most self on-board-able manufacturing ERP, and that’s a very important differentiation between us and competitors,” explains Vilosius. “Implementation is so simple that more than half of Katana’s users self-onboard. It takes less than a week on average to get Katana up and running, compared to months for competitors”.

As an example of how a company might use Katana, imagine a boutique manufacturer using Shopify as their main sales channel. Once configured, Katana pulls in orders from Shopify and knows whether or not the product is available so it can be shipped immediately. If it’s unavailable, Katana displays if the necessary raw materials needed to manufacture are in stock and by when the product could be finished. “We handle the entire process from getting the raw materials in the warehouse to planning manufacturing activities, executing and shipping when the product is done,” says Vilosius.

Katana software screen shot

Image Credits: Katana

Cue statement from Atomico partner Ben Blume, who joins the Katana board: “Atomico has always believed in the strength of Estonian-built engineering and product, and as we got to know the team at Katana, we saw a familiar pattern: a relentlessly product-focussed team with the incredible ability to build and think from their customer’s point of view, and an unwavering belief that a new generation of manufacturers with big ideas shouldn’t have to settle for less than world-class technology to support them.”

Lyron Foster is a Hawaii based African American Musician, Author, Actor, Blogger, Filmmaker, Philanthropist and Multinational Serial Tech Entrepreneur.

Latest News

Echelon exposed riders’ account data, thanks to a leaky API

Published

on

Image Credits: Echelon (stock image)

Peloton wasn’t the only at-home workout giant exposing private account data. Rival exercise giant Echelon also had a leaky API that let virtually anyone access riders’ account information.

Fitness technology company Echelon, like Peloton, offers a range of workout hardware — bikes, rowers, and a treadmill — as a cheaper alternative for members to exercise at home. Its app also lets members join virtual classes without the need for workout equipment.

But Jan Masters, a security researcher at Pen Test Partners, found that Echelon’s API allowed him to access the account data — including name, city, age, sex, phone number, weight, birthday, and workout statistics and history — of any other member in a live or pre-recorded class. The API also disclosed some information about members’ workout equipment, such as its serial number.

Masters, if you recall, found a similar bug with Peloton’s API, which let him make unauthenticated requests and pull private user account data directly from Peloton’s servers without the server ever checking to make sure he (or anyone else) was allowed to request it.

Echelon’s API allows its members’ devices and apps to talk with Echelon’s servers over the internet. The API was supposed to check if the member’s device was authorized to pull user data by checking for an authorization token. But Masters said the token wasn’t needed to request data.

Masters also found another bug that allowed members to pull data on any other member because of weak access controls on the API. Masters said this bug made it easy to enumerate user account IDs and scrape account data from Echelon’s servers. Facebook, LinkedIn, Peloton and Clubhouse have all fallen victim to scraping attacks that abuse access to APIs to pull in data about users on their platforms.

Ken Munro, founder of Pen Test Partners, disclosed the vulnerabilities to Echelon on January 20 in a Twitter direct message, since the company doesn’t have a public-facing vulnerability disclosure process (which it says is now “under review”). But the researchers did not hear back during the 90 days after the report was submitted, the standard amount of time security researchers give companies to fix flaws before their details are made public.

TechCrunch asked Echelon for comment, and was told that the security flaws identified by Masters — which he wrote up in a blog post — were fixed in January.

“We hired an outside service to perform a penetration test of systems and identify vulnerabilities. We have taken appropriate actions to correct these, most of which were implemented by January 21, 2021. However, Echelon’s position is that the User ID is not PII [personally identifiable information,” said Chris Martin, Echelon’s chief information security officer, in an email.

Echelon did not name the outside security company but said while the company said it keeps detailed logs, it did not say if it had found any evidence of malicious exploitation.

But Munro disputed the company’s claim of when it fixed the vulnerabilities, and provided TechCrunch with evidence that one of the vulnerabilities was not fixed until at least mid-April, and another vulnerability could still be exploited as recently as this week.

When asked for clarity, Echelon did not address the discrepancies. “[The security flaws] have been remediated,” Martin reiterated.

Echelon also confirmed it fixed a bug that allowed users under the age of 13 to sign up. Many companies block access to children under the age of 13 to avoid complying with the Children’s Online Privacy Protection Act, or COPPA, a U.S. law that puts strict rules on what data companies can collect on children. TechCrunch was able to create an Echelon account this week with an age less than 13, despite the page saying: “Minimum age of use is 13 years old.”

Continue Reading

Latest News

Casualties Mount As Violence Intensifies Between Hamas, Israel

Published

on

Israel has called up more troops and launched its heaviest assault yet along the Gaza border. Seven people in Israel have been killed. Losses are much higher on the Palestinian side.

Continue Reading

Latest News

Palestinian Perspective: What The Conflict With Israel Looks Like From Gaza

Published

on

NPR’s Steve Inskeep talks to Omar Shaban, founder of a Gaza-based think tank, and Palestinian lawyer Diana Buttu, about how this cycle of Palestinian-Israeli violence plays out in their neighborhoods.

Continue Reading

Trending

Copyright © 2020 Latin America Business News

en_USEnglish