Curriculet company logo

The profile is currenly unclaimed by the seller. All information is provided by CB Insights.

curriculet.com

Stage

Asset Sale | AssetsPurchased

Total Raised

$2.22M

About Curriculet

Curriculet, fka Gobstopper, is a self-guided independent reading platform for schools that allows educators to put the questions and quizzes they would normally place in worksheets directly into the text. Teachers can make a quiz pop up at the end of the chapter, which is then automatically graded by Curriculet. Teachers can also embed videos of themselves explaining difficult concepts at exactly the moment a student encounters the difficult passage in their reading.

Curriculet Headquarter Location

One Montgomery Tower 120 Kearny Street, Suite 2500

San Francisco, California, 94104,

United States

415-697-3334

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Latest Curriculet News

Retail Breaches: The Everlasting Gobstopper in Cyber?

Feb 22, 2022

“Fantastic invention,” says Willy Wonka, as portrayed by Gene Wilder. “Revolutionize the industry. You can suck ‘em and suck ‘em and suck ‘em, and they’ll never get any smaller. Never. At least, I don’t think they do.” We couldn’t help thinking about Willy Wonka’s Everlasting Gobstopper when news broke two weeks ago about the breach of more than 500 e-commerce stores running Magento . After all, client-side attacks by groups like Magecart have been running rampant for years, and for at least a decade, retail breaches seem to be like an everlasting gobstopper – they’re always there and never seem to get any smaller. Vendors like Source Defense have warned and warned about the problem of formjacking, digital skimming and credential harvesting . But while our adversaries won’t ever let up, there is a way to make the gobstopper go away – it is called web application client-side protection, and it is easy to implement with virtually zero burden added to your already burdened security teams. The Latest Evidence that Client-Side Attacks Need to be a Top Priority There’s nothing wrong with running a Magento site for your e-commerce. But there’s everything in the world wrong with thinking that vulnerabilities won’t emerge, or that server-side protections such as WAF are enough to call your site secure. The Magento 1 platform, which has not been supported since June 2020, was the target of the above-mentioned attack. (We should say “is the target of the attack,” because we’re confident that the out-of-date Magento 1 is still running on 50-100,000 sites worldwide.) What is the objective of the attack? To steal credit card information as your customers enter it on the checkout page. How does the attack work? By abusing a known vulnerability in the Quick View plugin. That kind of retail breach is the Everlasting Gobstopper of cybersecurity. It’s an evergreen problem that will never get any smaller – at least not without implementing client-side controls. Remember the 2013 Target breach , when hackers installed malware on point-of-sale devices and stole track data from as many as 40 million holiday shoppers? In the security industry, we thought, “Finally! A watershed moment! Now retail will wake up and really take action to secure consumers’ information.” Yeah, no. Nine years later, we’re still seeing retail and ecommerce attacks because there are so many more ways to launch them and so many more transactions. Adobe estimates that e-commerce accounts for $1 of every $5 spent by U.S. consumers — up from $1 of every $6 in 2017 — heading for a trillion dollars in transactions in 2022. Stop Client-Side Attacks: Keep them on your radar and deal with them once and for all This most recent Magento 1 attack fits in with the crescendo of Magecart conversations we’ve been hearing, starting last summer , continuing through 2021 and into 2022. It has brought about a major upswing in focus on client-side protections and led to Gartner initiating coverage of technologies like Source Defense. Gartner refers to this new space in the application security market as web application client-side protection . They’ve written that it’s at the height of the hype cycle and that mass market adoption will start within the next couple of years. About time considering these attacks have been happening literally by the hundreds per day over the past two years. Cybersecurity will have gone an entire decade before taking JavaScript exploits in e-commerce seriously. “Better late than never,” we say. Ever since a website first asked for credit card information, there has been temptation and opportunity. Your adversaries will never go away, because there’s too much money in play. They know that attention spans are limited and vision is narrow when it comes to cybersecurity. The risk will always be there but mitigating the risk should now be a top concern for your teams. Making the case for this focus is easy when you consider the following: Massive Growth in the Digital Supply Chain — Your traditional business functions depend on a physical supply chain for everything from raw materials to order fulfillment. Your e-commerce site depends on a digital supply chain for code, forms, images and plugins that enhance the user experience, support transactions, and collect customer information. Most e-commerce sites have dozens of 3rd or 4th parties involved in the supply chain – each of which introduces the potential for client-side attacks given their use of JavaScript. You wouldn’t do business with a shipping company you didn’t know and trust, yet your website is doing business with code from providers you don’t know. Or trust. Laying in a client-side security solution takes the risk off the table and supports your overall move to zero-trust. Client-Side Risk is 3rd Party Risk — When you think about first parties (your employees), second parties (your customers) and third parties (suppliers and business partners), isn’t it the 3rd-party risk that occupies most of your attention? Aren’t you spending millions to address this risk? Your e-commerce site is loading 3rd party (and nth party) JavaScript over which you have no control. Your adversaries know this and are using this fact to their advantage by targeting these partners as their vector of attack. There couldn’t be a more clear example of a 3rd party risk that you need to mitigate. Take this conversation to your next meeting around 3rd party risk – and watch client-side security shoot up the priority list. Simple, Effective, Low Burden Client-Side Security — Adding a new priority to your already massive priority list sounds hard, sounds like it carries a huge price tag, and sounds like you’re going to have to hire more people in a world where you’re already understaffed. The good news is that isn’t the case when it comes to working with Source Defense. Source Defense has invented a prevention first – vs. detect and alert – client-side security platform that is easy to deploy, doesn’t burden your teams with more alerts, and is typically managed with fewer than 5 hours per month. The most important step in securing the digital supply chain and mitigating 3rd-party risk is to prevent attacks before they occur. Source Defense is designed for just that: preventing attacks in the first place. With real-time sandbox isolation and reflection , Source Defense ensures that none of the JavaScript running on your sites – whether 1st, 3rd or nth party – can be used as an attack vector. Find out more about Source Defense and its easy deployment, low burden on security staff and minimal management requirements. Email*

  • Where is Curriculet's headquarters?

    Curriculet's headquarters is located at One Montgomery Tower, San Francisco.

  • What is Curriculet's latest funding round?

    Curriculet's latest funding round is Asset Sale.

  • How much did Curriculet raise?

    Curriculet raised a total of $2.22M.

  • Who are the investors of Curriculet?

    Investors of Curriculet include Waterford Institute, NewSchools Venture Fund, Sand Hill Angels, Kapor Capital, Relay Ventures and 6 more.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Request a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.