This year marked a turning point for enterprise tech as spending recovered and the economy stabilized following years of rising interest rates and supply-chain disruption. While no one knows what lies ahead, here are five things we thought summed up a pivotal year.
Today: Salesforce continues its agentic AI push, Databricks secures one of the biggest funding rounds in tech history, and the rest of this week's enterprise funding.
Today: Apple reveals a novel architecture for processing AI workloads using its own chip designs and custom software, the scope of the attack on weakly protected Snowflake customers emerges, and the latest funding rounds in enterprise tech.
Welcome to Runtime! Today: Apple reveals a novel architecture for processing AI workloads using its own chip designs and custom software, the scope of the attack on weakly protected Snowflake customers emerges, and the latest funding rounds in enterprise tech.
Was this email forwarded to you?Sign up here to get Runtime each week.)
Own and control
Over the last 30 years, Apple has always done things its own way. Sometimes that stubbornness has produced incredible breakthroughs such as the original iPhone, and sometimes it's a thorn in the side of consumers forced to pay extra for charging ports that are no better than the industry standard.
Apple's new Private Cloud Compute could fall into the first category. Introduced Monday at its Worldwide Developers Conference, Private Cloud Compute is an all-Apple stack of hardware and software designed to process AI queries on iPhones and iPads that need to access new Apple-designed foundation models for more sophisticated queries.
"Built with custom Apple silicon and a hardened operating system designed for privacy, we believe PCC is the most advanced security architecture ever deployed for cloud AI compute at scale," Apple said in a blog post detailing PCC's capabilities.
When possible, Apple prefers to process sensitive workloads on its devices, where they can be isolated from the rest of the device and avoid a trip to the big scary internet.
But a lot of modern AI tasks require far more horsepower than Apple can cram into an iPhone, even as they get bigger and bigger every year.
That means that data has to travel over the internet to some sort of cloud provider, where it is processed and sent back to the user, and the whole process opens that data up to prying eyes.
PCC uses custom servers built by Apple around its M-series chips, "a hardened supply chain for PCC hardware," and a new operating system that mixes elements of MacOS and iOS and was designed specifically for AI queries, according to Apple.
Apple said its service is "stateless," meaning it will not store a copy of your data while it is being processed and can't be accessed by Apple administrators, even if they are trying to restore data from an outage.
All cloud providers have to conduct observability on customer workloads to ensure reliability, but in PCC only "pre-specified, structured, and audited logs and metrics can leave the node."
Apple also plans to allow external security researchers to review its PCC code and images to validate its claims.
While there are a lot of details to be finalized, PCC is a shot across the bow of any cloud provider trying to sell AI services to the enterprise. That's not Apple's business, of course, but why shouldn't enterprise AI workloads be protected with a similar approach?
"If you gave an excellent team a huge pile of money and told them to build the best “private” cloud in the world, it would probably look like this," said security expert Matthew Green following Apple's presentation, during which it did not allow questions.
Public cloud companies have worked very hard across competitive lines on Confidential Computing standards, which encrypt customer data while it is being processed.
But former Apple employees told The Information — which reported a lot of the details around PCC in late May — that they believe Apple's approach is much more secure than the industry approach centered around Intel and AMD's chips.
And Apple just committed to a great deal of transparency, although it did acknowledge that Intel and AWS publish certain details of their SGX and Nitro systems, respectively.
Enterprise cloud AI customers should actually demand higher levels of security than what Apple provides to iPhone users, given the amount of sensitive corporate data at stake.
"We believe this is the most advanced security architecture ever deployed for cloud AI compute at scale," said Apple's Ivan Krstic, head of security engineering and architecture.
Following suit, or explaining why their approaches are just as secure, should be a priority for cloud providers in the near future.
Into the breach
New Snowflake customers came forward over the weekend reporting that they had been the victim of data theft after failing to secure their Snowflake accounts with multifactor authentication. Mandiant confirmed that 165 customers fell prey to the attacks, which used login credentials stolen elsewhere to break into accounts that shared the same logins.
Some of the credentials used in the attack had been stolen as far back as 2020, Mandiant said, and the affected customers also failed to set a policy that required additional login information when a login attempt from a new location was detected, according to Ars Technica. While setting up MFA certainly would have helped, customers that require employees to rotate their login data every so often might have dodged a bullet.
SpyCloud raised $35 million in new funding for its security software, which could have helped Snowflake customers by detecting when employee login credentials are leaked.
Tom Krazit has covered the technology industry for over 20 years, focused on enterprise technology during the rise of cloud computing over the last ten years at Gigaom, Structure and Protocol.
Today: Salesforce continues its agentic AI push, Databricks secures one of the biggest funding rounds in tech history, and the rest of this week's enterprise funding.
Today: An interview with AWS AI chief Swami Sivasubramanian, why Amazon held off on deploying Microsoft 365 after last year's security debacle, and the latest enterprise moves.