(light music) >> Narrator: theCUBE's live coverage is made possible by funding from Dell Technologies. Creating technologies that drive human progress. (upbeat music) >> Welcome back to Spain everyone. Lisa Martin here with theCUBE Dave Vellante, my co-host for the next four days. We're live in Barcelona, covering MWC23. This is only day one, but I'll tell you the theme of this conference this year is velocity. And I don't know about you Dave, but this day is flying by already. This is ecosystem day. We're going to have a great discussion on the ecosystem next. >> Well we're seeing the disaggregation of the hardened telco stack, and that necessitates an ecosystem open- we're going to talk about Open RAN, we've been talking about even leading up to the show. It's a critical technology enabler and it's compulsory to have an ecosystem to support that. >> Absolutely compulsory. We've got two guests here joining us, Gautam Bhagra, Vice President partnerships at Dell, and Scott Walker, Vice President of global Telco ecosystem at Wind River. Guys, welcome to the program. >> Nice to be here. >> Thanks For having us. >> Thanks for having us. >> So you've got some news, this is day one of the conference, there's some news, Gautam, and let's start with you, unpack it. >> Yeah, well there's a lot of news, as you know, on Dell World. One of the things we are very excited to announce today is the launch of the Open Telecom Ecosystems Community. I think Dave, as you mentioned, getting into an Open RAN world is a challenge. And we know some of the challenges that our customers face. To help solve for those challenges, Dell wants to work with like-minded partners and customers to build innovative solutions, and join go-to-market. So we are launching that today. Wind River is one of our flagship partners for that, and I'm excited to be here to talk about that as well. >> Can you guys talk a little bit about the partnership, maybe a little bit about Wind River so the audience gets that context? >> Sure, absolutely, and the theme of the show, Velocity, is what this partnership is all about. We create velocity for operators if they want to adopt Open RAN, right? We simplify it. Wind River as a company has been around for 40 years. We were part of Intel at one point, and now we're independent, owned by a company called Aptiv. And with that we get another round of investment to help continue our acceleration into this market. So, the Dell partnership is about, like I said, velocity, accelerating the adoption. When we talk to operators, they have told us there are many roadblocks that they face, right? Like systems integration, operating at scale. 'Cause when you buy a traditional radio access network solution from a single supplier, it's very easy. It's works, it's been tested. When you break these components apart and disaggregate 'em, as we talked about David, it creates integration points and support issues, right? And what Dell and Wind River have done together is created a cloud infrastructure solution that could host a variety of RAN workloads, and essentially create a two layer cake. What we're, overall, what we're trying to do is create a traditional RAN experience, with the innovation agility and flexibility of Open RAN. And that's really what this partnership does. >> So these work, this workload innovation is interesting to me because you've got now developers, you know, the, you know, what's the telco developer look like, you know, is to be defined, right? I mean it's like this white sheet of paper that can create all this innovation. And to do that, you've got to have, as I said earlier, an ecosystem. But you've got now, I'm interested in your Open RAN agenda and how you see that sort of maturity model taking place. 'Cause today, you got disruptors that are going to lean right in say "Hey, yeah, that's great." The traditional carriers, they have to have a, you know, they have to migrate, they have to have a hybrid world. We know that takes time. So what's that look like in the marketplace today? >> Yeah, so I mean, I can start, right? So from a Dell's perspective, what we see in the market is yes, there is a drive towards, everyone understands the benefits of being open, right? There's the agility piece, the innovation piece. That's a no-brainer. The question is how do we get there? And I think that's where partnerships become critical to get there, right? So we've been working with partners like Wind River to build solutions that make it easier for customers to start adopting some of the foundational elements of an open network. The, one of the purposes in the agenda of building this community is to bring like-minded developers, like you said like we want those guys to come and work with the customers to create new solutions, and come up with something creative, which no one's even thought about, that accelerates your option even quicker, right? So that's exactly what we want to do as well. And that's one of the reasons why we launched the community. >> Yeah, and what we find with a lot of carriers, they are used to buying, like I said, traditional RAN solutions which are provided from a single provider like Erickson or Nokia and others, right? And we break this apart, and you cloudify that network infrastructure, there's usually a skills gap we see at the operator level, right? And so from a developer standpoint, they struggle with having the expertise in order to execute on that. Wind River helps them, working with companies like Dell, simplify that bottom portion of the stack, the infrastructure stack. So, and we lifecycle manage it, we test- we're continually testing it, and integrating it, so that the operator doesn't have to do that. In addition to that, wind River also has a history and legacy of working with different RAN vendors, both disruptors like Mavenir and Parallel Wireless, as well as traditional RAN providers like Samsung, Erickson, and others soon to be announced. So what we're doing on the northbound side is making it easy by integrating that, and on the southbound side with Dell, so that again, instead of four or five solutions that you need to put together, it's simply two. >> And you think about today how we- how you consume telco services are like there's these fixed blocks of services that you can buy, that has to change. It's more like the, the app stores. It's got to be an open marketplace, and that's where the innovation's going to come in, you know, from the developers, you know, top down maybe. I don't know, how do you see that maturity model evolving? People want to know how long it's going to take. So many questions, when will Open RAN be as reliable. Does it even have to be? You know, so many interesting dynamics going on. >> Yeah, and I think that's something we at Dell are also trying to find out, right? So we have been doing a lot of good work here to help our customers move in that direction. The work with Dish is an example of that. But I think we do understand the challenges as well in terms of getting, adopting the technologies, and adopting the innovation that's being driven by Open. So one of the agendas that we have as a company this year is to work with the community to drive this a lot further, right? We want to have customers adopt the technology more broadly with the tier one, tier two telcos globally. And our sales organizations are going to be working together with Wind Rivers to figure out who's the right set of customers to have these conversations with, so we can drop, drive, start driving this agenda a lot quicker than what we've seen historically. >> And where are you having those customer conversations? Is that at the operator level, is it higher, is it both? >> Well, all operators are deploying 5G in preparation for 6G, right? And we're all looking for those killer use cases which will drive top line revenue and not just make it a TCO discussion. And that starts at a very basic level today by doing things like integrating with Juniper, for their cloud router. So instead of at the far edge cell site, having a separate device that's doing the routing function, right? We take that and we cloudify that application, run it on the same server that's hosting the RAN applications, so you eliminate a device and reduce TCO. Now with Aptiv, which is primarily known as an automotive company, we're having lots of conversations, including with Dell and Intel and others about vehicle to vehicle communication, vehicle to anything communication. And although that's a little bit futuristic, there are shorter term use cases that, like, vehicle to vehicle accident avoidance, which are going to be much nearer term than autonomous driving, for example, which will help drive traffic and new revenue streams for operators. >> So, oh, that's, wow. So many other things (Scott laughs) that's just opened up there too. But I want to come back to, sort of, the Open RAN adoption. And I think you're right, there's a lot of questions that that still have to be determined. But my question is this, based on your knowledge so far does it have to be as hardened and reliable, obviously has to be low latency as existing networks, or can flexibility, like the cloud when it first came out, wasn't better than enterprise IT, it was just more flexible and faster, and you could rent it. And, is there a similar dynamic here where it doesn't have to replicate the hardened stack, it can bring in new benefits that drive adoption, what are your thoughts on that? >> Well there's a couple of things on that, because Wind River, as you know, where our legacy and history is in embedded devices like F-15 fighter jets, right? Or the Mars Rover or the James Web telescope, all run Wind River software. So, we know about can't fail ultra reliable systems, and operators are not letting us off the hook whatsoever. It has to be as hardened and locked down, as secure as a traditional RAN environment. Otherwise they will (indistinct). >> That's table stakes. >> That's table stakes that gets us there. And when River, with our legacy and history, and having operator experience running live commercial networks with a disaggregated stack in the tens of thousands of nodes, understand what this is like because they're running live commercial traffic with live customers. So we can't fail, right? And with that, they want their cake and eat it too, right? Which is, I want ultra reliable, I want what I have today, but I want the agility and flexibility to onboard third party apps. Like for example, this JCNR, this Juniper Cloud-Native Router. You cannot do something as simple as that on a traditional RAN Appliance. In an open ecosystem you can take that workload and onboard it because it is an open ecosystem, and that's really one of the true benefits. >> So they want the mainframe, but they want (Scott laughs) the flexibility of the developer cloud, right? >> That's right. >> They want their, have their cake eat it too and not gain weight. (group laughs) >> Yeah I mean David, I come from the public cloud world. >> We all don't want to do that. >> I used to work with a public cloud company, and nine years ago, public cloud was in the same stage, where you would go to a bank, and they would be like, we don't trust the cloud. It's not secure, it's not safe. It was the digital natives that adopted it, and that that drove the industry forward, right? And that's where the enterprises that realized that they're losing business because of all these innovative new companies that came out. That's what I saw over the last nine years in the cloud space. I think in the telco space also, something similar might happen, right? So a lot of this, I mean a lot of the new age telcos are understanding the value, are looking to innovate are adopting the open technologies, but there's still some inertia and hesitancy, for the reasons as Scott mentioned, to go there so quickly. So we just have to work through and balance between both sides. >> Yeah, well with that said, if there's still some inertia, but there's a theme of velocity, how do you help organizations balance that so they trust evolving? >> Yeah, and I think this is where our solution, like infrastructure block, is a foundational pillar to make that happen, right? So if we can take away the concerns that the organizations have in terms of security, reliability from the fundamental elements that build their infrastructure, by working with partners like Wind River, but Dell takes the ownership end-to-end to make sure that service works and we have those telco grade SLAs, then the telcos can start focusing on what's next. The applications and the customer services on the top. >> Customer service customer experience. >> You know, that's an interesting point Gautam brings up, too, because support is an issue too. We all talk about when you break these things apart, it creates integration points that you need to manage, right? But there's also, so the support aspect of it. So imagine if you will, you had one vendor, you have an outage, you call that one vendor, one necktie to choke, right, for accountability for the network. Now you have four or five vendors that you have to work. You get a lot of finger pointing. So at least at the infrastructure layer, right? Dell takes first call support for both the hardware infrastructure and the Wind River cloud infrastructure for both. And we are training and spinning them up to support, but we're always behind them of course as well. >> Can you give us a favorite customer example of- that really articulates the value of the partnership and the technologies that it's delivering to customers? >> Well, Infra Block- >> (indistinct) >> Is quite new, and we do have our first customer which is LG U plus, which was announced yesterday. Out of Korea, small customer, but a very important one. Okay, and I think they saw the value of the integrated system. They don't have the (indistinct) expertise and they're leveraging Dell and Wind River in order to make that happen. But I always also say historically before this new offering was Vodafone, right? Vodafone is a leader in Europe in terms of Open RAN, been very- Yago and Paco have been very vocal about what they're doing in Open RAN, and Dell and Wind River have been there with them every step of the way. And that's what I would say, kind of, led up to where we are today. We learned from engagements like Vodafone and I think KDDI as well. And it got us where we are today and understanding what the operators need and what the impediments are. And this directly addresses that. >> Those are two very different examples. You were talking about TCO before. I mean, so the earlier example is, that's an example to me of a disruptor. They'll take some chances, you know, maybe not as focused on TCO, of course they're concerned about it. Vodafone I would think very concerned about TCO. But I'm inferring from your comments that you're trying to get the industry, you're trying to check the TCO box, get there. And then move on to higher levels of value monetization. The TCO is going to come down to how many humans it takes to run the network, is it not, is that- >> Well a lot of, okay- >> Or is it devices- >> So the big one now, particularly with Vodafone, is energy cost, right? >> Of course, greening the network. >> Two-thirds of the energy consumption in RAN is the the Radio Access Network. Okay, the OPEX, right? So any reductions, even if they're 5% or 10%, can save tens or hundreds of millions of dollars. So we do things creatively with Dell to understand if there's a lot of traffic at the cell site and if it's not, we will change the C state or P state of the server, which basically spins it down, so it's not consuming power. But that's just at the infrastructure layer. Where this gets really powerful is working with the RAN vendors like Samsung and Ericson and others, and taking data from the traffic information there, applying algorithms to that in AI to shut it down and spin it back up as needed. 'Cause the idea is you don't want that thing powered up if there's no traffic on it. >> Well there's a sustainability, ESG, benefit to that, right? >> Yes. >> And, and it's very compute intensive. >> A hundred percent. >> Which is great for Dell. But at the same time, if you're not able to manage that power consumption, the whole thing fails. I mean it's, because there's going to be so much data, and such a intense requirement. So this is a huge issue. Okay, so Scott, you're saying that in the TCO equation, a big chunk is energy consumption? >> On the OPEX piece. Now there's also the CapEx, right? And Open RAN solutions are now, what we've heard from our customers today, are they're roughly at parity. 'Cause you can do things like repurpose servers after the useful life for a lower demand application which helps the TCO, right? Then you have situations like Juniper, where you can take, now software that runs on the same device, eliminating at a whole other device at the cell site. So we're not just taking a server and software point of view, we're taking a whole cell site point of view as it relates to both CapEx and OPEX. >> And then once that infrastructure it really gets adopted, that's when the innovation occurs. The ecosystem comes in. Developers now start to think of new applications that we haven't thought of yet. >> Gautam: Exactly. >> And that's where, that's going to force the traditional carriers to respond. They're responding, but they're doing so very carefully right now, it's understandable why. >> Yeah, and I think you're already seeing some news in the, I mean Nokia's announcement yesterday with the rebranding, et cetera. That's all positive momentum in my opinion, right? >> What'd you think of the logo? >> I love the logo. >> I liked it too. (group laughs) >> It was beautiful. >> I thought it was good. You had the connectivity down below, You need pipes, right? >> Exactly. >> But you had this sort of cool letters, and then the the pink horizon or pinkish, it was like (Scott laughs) endless opportunity. It was good, I thought it was well thought out. >> Exactly. >> Well, you pick up on an interesting point there, and what we're seeing, like advanced carriers like Dish, who has one of the true Open RAN networks, publishing APIs for programmers to build in their 5G network as part of the application. But we're also seeing the network equipment providers also enable carriers do that, 'cause carriers historically have not been advanced in that way. So there is a real recognition that in order for these networks to monetize new use cases, they need to be programmable, and they need to publish standard APIs, so you can access the 5G network capabilities through software. >> Yeah, and the problem from the carriers, there's not enough APIs that the carriers have produced yet. So that's where the ecosystem comes in, is going to >> A hundred percent >> I think there's eight APIs that are published out of the traditional carriers, which is, I mean there's got to be 8,000 for a marketplace. So that's where the open ecosystem really has the advantage. >> That's right. >> That's right. >> That's right. >> Yeah. >> So it all makes sense on paper, now you just, you got a lot of work to do. >> We got to deliver. Yeah, we launched it today. We got to get some like-minded partners and customers to come together. You'll start seeing results coming out of this hopefully soon, and we'll talk more about it over time. >> Dave: Great Awesome, thanks for sharing with us. >> Excellent. Guys, thank you for sharing, stopping by, sharing what's going on with Dell and Wind River, and why the opportunity's in it for customers and the technological evolution. We appreciate it, you'll have to come back, give us an update. >> Our pleasure, thanks for having us. (Group talks over each other) >> All right, thanks guys >> Appreciate it. >> For our guests and for Dave Vellante, I'm Lisa Martin. You're watching theCUBE, Live from MWC23 in Barcelona. theCUBE is the leader in live tech coverage. (upbeat music)

(upbeat music) >> Welcome back to Supercloud two where we're gathering a number of industry luminaries to discuss the future of cloud services. And we'll be focusing on various real world practitioners today, their challenges, their opportunities with an emphasis on data, self-service infrastructure and how organizations are evolving their data and cloud strategies to prepare for that next era of digital innovation. And we really believe that support for multiple cloud estates is a first step of any Supercloud. And in that regard Oracle surprise some folks with its Azure collaboration the Oracle database and exit database services. And to discuss the challenges of developing a mission critical Supercloud we welcome Juan Loaiza, who's the executive vice president of Mission Critical Database Technologies at Oracle. Juan, you're many time CUBE alums so welcome back to the show. Great to see you. >> Great to see you, and happy to be here with you. >> Yeah, thank you. So a lot of people felt that Oracle was resistant to multicloud strategies and preferred to really have everything run just on the Oracle cloud infrastructure, OCI and maybe that was a misperception maybe you guys were misunderstood or maybe you had to change your heart. Take us through the decision to support multiple cloud platforms >> Now we've supported multiple cloud platforms for many years, so I think that was probably a misperception. Oracle database, we partnered up with Amazon very early on in their cloud when they had kind of the the first cloud out there. And we had Oracle database running on their cloud. We have backup, we have a lot of stuff running. So, yeah, part of the philosophy of Oracle has always been we partner with every platform. We're very open we started with SQL and APIs. As we develop new technologies we push them into the SQL standard. So that's always been part of the ecosystem at Oracle. That's how we think we get an advantage by being more open. I think if we try to create this isolated little world it actually hurts us and hurts customers. So for us it's a win-win to be open across the clouds. >> So Supercloud is this concept that we put forth to describe a platform or some people think it's an architecture if you have an opinion, and I'd love to hear it but it provides a programmatically consistent set of services that hosted on heterogeneous cloud providers. And so we look at the Oracle database service for Azure as fitting within this definition. In your view, is this accurate? >> Yeah, I would broaden it. I'd see a little bit more than that. We just think that services should be available from everywhere, right? So, I mean, it's a little bit like if you go back to the pre-internet world, there was things like AOL and CompuServe and those were kind of islands. And if you were on AOL, you really didn't have access to anything on CompuServe and vice versa. And the cloud world has evolved a little bit like that. And we just think that's the wrong model. They shouldn't these clouds are part of the world and they need to be interconnected like all the rest of the world. It's been a long time with telephones internet, everything, everything's interconnected. Everything should work seamlessly together. So that's how we believe if you're running in one cloud and you're running let's say an application, one cloud you want to use a service from another cloud should be completely simple to do that. It shouldn't be, I can only use what's in AOL or CompuServe or whatever else. It should not be isolated. >> Well, we got a long way to go before that Nirvana exists but one example is the Oracle database service with Azure. So what exactly does that service provide? I'm interested in how consistent the service experience is across clouds. Did you create a purpose-built PaaS layer to achieve this common experience? Or is it off the shelf Terraform? Is there unique value in the PaaS layer? Let's dig into some of those questions. I know I just threw six at you. >> Yeah, I mean, so what this is, is what we're trying to do is very simple. Which is, for example, starting with the Oracle database we want to make that seamless to use from anywhere you're running. Whether it's on-prem, on some other cloud, anywhere else you should be able to seamlessly use the Oracle database and it should look like the internet. There's no friction. There's not a lot of hoops you got to jump just because you're trying to use a database that isn't local to you. So it's pretty straightforward. And in terms of things like Azure, it's not easy to do because all these clouds have a lot of kind of very unique technologies. So what we've done is at Oracle is we've said, "Okay we're going to make Oracle database look exactly like if it was running on Azure." That means we'll use the Azure security systems, the identity management systems, the networking, there's things like monitoring and management. So we'll push all these technologies. For example, when we have monitoring event or we have alerts we'll push those into the Azure console. So as a user, it looks to you exactly as if that Oracle database was running inside Azure. Also, the networking is a big challenge across these clouds. So we've basically made that whole thing seamless. So we create the super high bandwidth network between Azure and Oracle. We make sure that's extremely low latency, under two milliseconds round trip. It's all within the local metro region. So it's very fast, very high bandwidth, very low latency. And we take care establishing the links and making sure that it's secure and all that kind of stuff. So at a high level, it looks to you like the database is--even the look and feel of the screens. It's the Azure colors, it's the Azure buttons it's the Azure layout of the screens so it looks like you're running there and we take care of all the technical details underlying that which there's a lot which has taken a lot of work to make it work seamlessly. >> In the magic of that abstraction. Juan, does it happen at the PaaS layer? Could you take us inside that a little bit? Is there intelligence in there that helps you deal with latency or are there any kind of purpose-built functions for this service? >> You could think of it as... I mean it happens at a lot of different layers. It happens at the identity management layer, it happens at the networking layer, it happens at the database layer, it happens at the monitoring layer, at the management layer. So all those things have been integrated. So it's not one thing that you just go and do. You have to integrate all these different services together. You can access files in Azure from the Oracle database. Again, that's completely seamless. You, it's just like if it was local to our cloud you get your Azure files in your kind of S3 equivalent. So yeah, the, it's not one thing. There's a whole lot of pieces to the ecosystem. And what we've done is we've worked on each piece separately to make sure that it's completely seamless and transparent so you don't have to think about it, it just works. >> So you kind of answered my next question which is one of the technical hurdles. It sounds like the technical hurdles are that integration across the entire stack. That's the sort of architecture that you've built. What was the catalyst for this service? >> Yeah, the catalyst is just fulfilling our vision of an open cloud world. It's really like I said, Oracle, from the very beginning has been believed in open standards. Customers should be able to have choice customers should be able to use whatever they want from wherever they want. And we saw that, you know in the new world of cloud that had broken down everybody had their own authentication system management system, monitoring system networking system, configuration system. And it became very difficult. There was a lot of friction to using services across cloud. So we said, "Well, okay we can fix that." It's work, it's significant amount of work but we know how to do it and let's just go do it and make it easy for customers. >> So given Oracle is really your main focus is on mission critical workloads. You talked about this low latency network, I mean but you still have physical distances, so how are you managing that latency? What's the experience been for customers across Azure and OCI? >> Yeah, so it, it's a good point. I mean, latency can be an issue. So the good thing about clouds is we have a lot of cloud data centers. We have dozens and dozens of cloud data centers around the world. And Azure has dozens and dozens of cloud data centers. And in most cases, they're in the same metro region because there's kind of natural metro regions within each country that you want to put your cloud data centers in. So most of our data centers are actually very close to the Azure data centers. There's the kind of northern Virginia, there's London, there's Tokyo I mean, there's natural places where everybody puts their data centers Seoul et cetera. And so that's the real key. So that allows us to put a very high bandwidth and low latency network. The real problems with latency come when you're trying to go along physical distance. If you're trying to connect, you know across the Pacific or you know across the country or something like that, then you can get in trouble with latency within the same metro region. It's extremely fast. It tends to be around one, you know the highest two millisecond that's roundtrip through all the routers and connections and gateways and everything else. With everything taken into consideration, what we guarantee is it's always less than two millisecond which is a very low latency time. So that tends to not be a problem because it's extremely low latency. >> I was going to ask you less than two milliseconds. So, earlier in the program we had Jack Greenfield who runs architecture for Walmart, and he was explaining what we call their Supercloud, and it's runs across Azure, GCP, and they're on-prem. They have this thing called the triplet model. So my question to you is, are you in situations where you guaranteeing that less than two milliseconds do you have situations where you're bringing, you know Exadata Cloud, a customer on-prem to achieve that? Or is this just across clouds? >> Yeah, in this case, we're talking public cloud data center to public cloud data center. >> Oh okay. >> So add your public cloud data center to Oracle Public Cloud data center. They're in the same metro region. We set up the connections, we do all the technology to make it seamless. And from a customer point of view they don't really see the network. Also, remember that SQL is actually designed to have very low bandwidth and latency requirements. So it is a language. So you don't go to the database and say do this one little thing for me. You send it a SQL statement that can actually access lots of data while in the database. So the real latency requirement of a SQL database is within the database. So I need to access all that data fast. So I need very fast access to storage very fast access across node. That's what exit data gives you. But you send one request and that request can do a huge amount of work and then return one answer. And that's kind of the design point of SQL. So SQL is inherently low bandwidth requirements, it was used back in the eighties when we used to have 10 megabit networks and the the biggest companies in the world ran back then. So right now we're talking over hundred hundreds of gigabits. So it's really not much of a challenge. When you're designed to run on 10 megabit to say, okay I'm going to give you 10,000 times what you were designed for it's really, it's a pretty low hurdle jump. >> What about the deployment models? How do you handle this? Is it a single global instance across clouds or do you sort of instantiate in each you got exudate in Azure and exudates in OCI? What's the deployment model look like? >> It's pretty straightforward. So customer decides where they want to run their application and database. So there's natural places where people go. If you're in Tokyo, you're going to choose the local Tokyo data centers for both, you know Microsoft and Oracle. If you're in London, you're going to do that. If you're in California you're going to choose maybe San Jose, something like that. So a customer just chooses. We both have data centers in that metro region. So they create their service on Azure and then they go to our console which looks just like an Azure console and say all right create me a database. And then we choose the closest Oracle data center which is generally a few miles away, and then it it all gets created. So from a customer point of view, it's very straightforward. >> I'm always in awe about how simple you make things sound. All right what about security? You talked a little bit before about identity access how you sort of abstracting the Azure capabilities away so that you've simplified it for your customers but are there any other specific security things that you need to do? How much did you have to abstract the underlying primitives of Azure or OCI to present that common experience to customers? >> Yeah, so there's really two big things. One is the identity management. Like my name is X on Azure and I have this set of privileges. Oracle has its own identity management system, right? So what we didn't want is that you have to kind of like bridge these things yourself. It's a giant pain to do that. So we actually what we call federate across these identity managements. So you put your credentials into Azure and then they automatically get to use the exact same credentials and identity in the Oracle cloud. So again, you don't have to think about it, it just works. And then the second part is that the whole bridging the network. So within a cloud you generally have virtual network that's private to your company. And so at Oracle, we bridge the private network that you created in, for example, Azure to the private network that we create for you in Oracle. So it is still a private network without you having to do a whole bunch of work. So it's just like if you were in your own data center other people can't get into your network. So it's secured at the network level, it's secured at the identity management, and encryption level. And again we did a lot of work to make that seamless for customers and they don't have to worry about it because we did the work. That's really as simple as it gets. >> That's what's Supercloud's supposed to be all about. Alright, we were talking earlier about sort of the misperception around multicloud, your view of Open I think, which is you run the Oracle database, wherever the customer wants to run it. So you got this database service across OCI and Azure customers today, they run Oracle database in AWS. You got heat wave, MySQL, heat wave that you announced on AWS, Google touts a bare metal offering where you can run Oracle on GCP. Do you see a day when you extend an OCI Azure like situation across multiple clouds? Would that bring benefits to customers or will the world of database generally remain largely fenced with maybe a few exceptions like what you're doing with OCI and Azure? I'm particularly interested in your thoughts on egress fees as maybe one of the reasons that there is a barrier to this happening and why maybe these stove pipes, exist today and in the future. What are your thoughts on that? >> Yeah, we're very open to working with everyone else out there. Like I said, we've always been, big believers in customers should have choice and you should be able to run wherever you want. So that's been kind of a founding principle of Oracle. We have the Azure, we did a partnership with them, we're open to doing other partnerships and you're going to see other things coming down the pipe on the topic of egress. Yeah, the large egress fees, it's pretty obvious what goes on with that. Various vendors like to have large egress fees because they want to keep things kind of locked into their cloud. So it's not a very customer friendly thing to do. And I think everybody recognizes that it's really trying to kind of course or put a lot of friction on moving data out of a particular cloud. And that's not what we do. We have very, very low egress fees. So we don't really do that and we don't think anybody else should do that. But I think customers at the end of the day, will win that battle. They're going to have to go back to their vendor and say, well I have choice in clouds and if you're going to impose these limits on me, maybe I'll make a different choice. So that's ultimately how these things get resolved. >> So do you think other cloud providers are going to take a page out of what you're doing with Azure and provide similar solutions? >> Yeah, well I think customers want, I mean, I've talked to a lot of customers, this is what they want, right? I mean, there's really no doubt no customer wants to be locked into a single ecosystem. There's nobody out there that wants that. And as the competition, when they start seeing an open ecosystem evolving they're going to be like, okay, I'd rather go there than the closed ecosystem, and that's going to put pressure on the closed ecosystems. So that's the nature of competition. That's what ultimately will tip the balance on these things. >> So Juan, even though you have this capability of distributing a workload across multiple clouds as in our Supercloud premise it's still something that's relatively new. It's a big decision that maybe many people might consider somewhat of a risk. So I'm curious who's driving the decisions for your initial customers? What do they want to get out of it? What's the decision point there? >> Yeah, I mean, this is generally driven by customers that want a specific technology in a cloud. I think the risk, I haven't seen a lot of people worry too much about the risk. Everybody involved in this is a very well known, very reputable firm. I mean, Oracle's been around for 40 years. We run most of the world's largest companies. I think customers understand we're not going to build a solution that's going to put their technology and their business at risk. And the same thing with Azure and others. So I don't see customers too worried about this is a risky move because it's really not. And you know, everybody understands networking at the end the day networking works. I mean, how does the internet work? It's a known quantity. It's not like it's some brand new invention. What we're really doing is breaking down the barriers to interconnecting things. Automating 'em, making 'em easy. So there's not a whole lot of risk here for customers. And like I said, every single customer in the world loves an open ecosystem. It's just not a question. If you go to a customer would you rather put your technology or your business to run on a closed ecosystem or an open system? It's kind of not even worth asking a question. It's a no-brainer. >> All right, so we got to go. My last question. What do you think of the term "Supercloud"? You think it'll stick? >> We'll see. There's a lot of terms out there and it's always fun to see which terms stick. It's a cool term. I like it, but the decision makers are actually the public, what sticks and what doesn't. It's very hard to predict. >> Yeah well, it's been a lot of fun having you on, Juan. Really appreciate your time and always good to see you. >> All right, Dave, thanks a lot. It's always fun to talk to you. >> You bet. All right, keep it right there. More Supercloud two content from theCUBE Community Dave Vellante for John Furrier. We'll be right back. (upbeat music)

(upbeat music) >> Welcome back to Supercloud 2, which is an open industry collaboration between technologists, consultants, analysts, and of course, practitioners, to help shape the future of cloud. And at this event, one of the key areas we're exploring is the intersection of cloud and data, and how building value on top of hyperscale clouds and across clouds is evolving, a concept we call supercloud. And we're pleased to welcome Harvir Singh, who's the chief data architect and global head of data at Western Union. Harvir, it's good to see you again. Thanks for coming on the program. >> Thanks, David, it's always a pleasure to talk to you. >> So many things stand out from when we first met, and one of the most gripping for me was when you said to me, "When data moves, money moves." And that's the world we live in today, and really have for a long time. Money has moved as bits, and when it has to move, we want it to move quickly, securely, and in a governed manner. And the pressure to do so is only growing. So tell us how that trend is evolved over the past decade in the context of your industry generally, and Western Union, specifically. Look, I always say to people that we are probably the first ones to introduce digital currency around the world because, hey, somebody around the world needs money, we move data to make that happen. That trend has actually accelerated quite a bit. If you look at the last 10 years, and you look at all these payment companies, digital companies, credit card companies that have evolved, majority of them are working on the same principle. When data moves, money moves. When data is stale, the money goes away, right? I think that trend is continuing, and it's not just the trend is in this space, it's also continuing in other spaces, specifically around, you know, acquisition of customers, communication with customers. It's all becoming digital, and it's, at the end of the day, it's all data being moved from one place or another. At the end of the day, you're not seeing the customer, but you're looking at, you know, the data that he's consuming, and you're making actionable items on it, and be able to respond to what they need. So I think 10 years, it's really, really evolved. >> Hmm, you operate, Western Union operates in more than 200 countries, and you you have what I would call a pseudo federated organization. You're trying to standardize wherever possible on the infrastructure, and you're curating the tooling and doing the heavy lifting in the data stack, which of course lessens the burden on the developers and the line of business consumers, so my question is, in operating in 200 countries, how do you deal with all the diversity of laws and regulations across those regions? I know you're heavily involved in AWS, but AWS isn't everywhere, you still have some on-prem infrastructure. Can you paint a picture of, you know, what that looks like? >> Yeah, a few years ago , we were primarily mostly on-prem, and one of the biggest pain points has been managing that infrastructure around the world in those countries. Yes, we operate in 200 countries, but we don't have infrastructure in 200 countries, but we do have agent locations in 200 countries. United Nations says we only have like 183 are countries, but there are countries which, you know, declare themselves countries, and we are there as well because somebody wants to send money there, right? Somebody has an agent location down there as well. So that infrastructure is obviously very hard to manage and maintain. We have to comply by numerous laws, you know. And the last few years, specifically with GDPR, CCPA, data localization laws in different countries, it's been a challenge, right? And one of the things that we did a few years ago, we decided that we want to be in the business of helping our customers move money faster, security, and with complete trust in us. We don't want to be able to, we don't want to be in the business of managing infrastructure. And that's one of the reasons we started to, you know, migrate and move our journey to the cloud. AWS, obviously chosen first because of its, you know, first in the game, has more locations, and more data centers around the world where we operate. But we still have, you know, existing infrastructure, which is in some countries, which is still localized because AWS hasn't reached there, or we don't have a comparable provider there. We still manage those. And we have to comply by those laws. Our data privacy and our data localization tech stack is pretty good, I would say. We manage our data very well, we manage our customer data very well, but it comes with a lot of complexity. You know, we get a lot of requests from European Union, we get a lot of requests from Asia Pacific every pretty much on a weekly basis to explain, you know, how we are taking controls and putting measures in place to make sure that the data is secured and is in the right place. So it's a complex environment. We do have exposure to other clouds as well, like Google and Azure. And as much as we would love to be completely, you know, very, very hybrid kind of an organization, it's still at a stage where we are still very heavily focused on AWS yet, but at some point, you know, we would love to see a world which is not reliant on a single provider, but it's more a little bit more democratized, you know, as and when what I want to use, I should be able to use, and pay-per-use. And the concept started like that, but it's obviously it's now, again, there are like three big players in the market, and, you know, they're doing their own thing. Would love to see them come collaborate at some point. >> Yeah, wouldn't we all. I want to double-click on the whole multi-cloud strategy, but if I understand it correctly, and in a perfect world, everything on-premises would be in the cloud is, first of all, is that a correct statement? Is that nirvana for you or not necessarily? >> I would say it is nirvana for us, but I would also put a caveat, is it's very tricky because from a regulatory perspective, we are a regulated entity in many countries. The regulators would want to see some control if something happens with a relationship with AWS in one country, or with Google in another country, and it keeps happening, right? For example, Russia was a good example where we had to switch things off. We should be able to do that. But if let's say somewhere in Asia, this country decides that they don't want to partner with AWS, and majority of our stuff is on AWS, where do I go from there? So we have to have some level of confidence in our own infrastructure, so we do maintain some to be able to fail back into and move things it needs to be. So it's a tricky question. Yes, it's nirvana state that I don't have to manage infrastructure, but I think it's far less practical than it said. We will still own something that we call it our own where we have complete control, being a financial entity. >> And so do you try to, I'm sure you do, standardize between all the different on-premise, and in this case, the AWS cloud or maybe even other clouds. How do you do that? Do you work with, you know, different vendors at the various places of the stack to try to do that? Some of the vendors, you know, like a Snowflake is only in the cloud. You know, others, you know, whether it's whatever, analytics, or storage, or database, might be hybrid. What's your strategy with regard to creating as common an experience as possible between your on-prem and your clouds? >> You asked a question which I asked when I joined as well, right? Which question, this is one of the most important questions is how soon when I fail back, if I need to fail back? And how quickly can I, because not everything that is sitting on the cloud is comparable to on-prem or is backward compatible. And the reason I say backward compatible is, you know, there are, our on-prem cloud is obviously behind. We haven't taken enough time to kind of put it to a state where, because we started to migrate and now we have access to infrastructure on the cloud, most of the new things are being built there. But for critical application, I would say we have chronology that could be used to move back if need to be. So, you know, technologies like Couchbase, technologies like PostgreSQL, technologies like Db2, et cetera. We still have and maintain a fairly large portion of it on-prem where critical applications could potentially be serviced. We'll give you one example. We use Neo4j very heavily for our AML use cases. And that's an important one because if Neo4j on the cloud goes down, and it's happened in the past, again, even with three clusters, having all three clusters going down with a DR, we still need some accessibility of that because that's one of the biggest, you know, fraud and risk application it supports. So we do still maintain some comparable technology. Snowflake is an odd one. It's obviously there is none on-prem. But then, you know, Snowflake, I also feel it's more analytical based technology, not a transactional-based technology, at least in our ecosystem. So for me to replicate that, yes, it'll probably take time, but I can live with that. But my business will not stop because our transactional applications can potentially move over if need to. >> Yeah, and of course, you know, all these big market cap companies, so the Snowflake or Databricks, which is not public yet, but they've got big aspirations. And so, you know, we've seen things like Snowflake do a deal with Dell for on-prem object store. I think they do the same thing with Pure. And so over time, you see, Mongo, you know, extending its estate. And so over time all these things are coming together. I want to step out of this conversation for a second. I just ask you, given the current macroeconomic climate, what are the priorities? You know, obviously, people are, CIOs are tapping the breaks on spending, we've reported on that, but what is it? Is it security? Is it analytics? Is it modernization of the on-prem stack, which you were saying a little bit behind. Where are the priorities today given the economic headwinds? >> So the most important priority right now is growing the business, I would say. It's a different, I know this is more, this is not a very techy or a tech answer that, you know, you would expect, but it's growing the business. We want to acquire more customers and be able to service them as best needed. So the majority of our investment is going in the space where tech can support that initiative. During our earnings call, we released the new pillars of our organization where we will focus on, you know, omnichannel digital experience, and then one experience for customer, whether it's retail, whether it's digital. We want to open up our own experience stores, et cetera. So we are investing in technology where it's going to support those pillars. But the spend is in a way that we are obviously taking away from the things that do not support those. So it's, I would say it's flat for us. We are not like in heavily investing or aggressively increasing our tech budget, but it's more like, hey, switch this off because it doesn't make us money, but now switch this on because this is going to support what we can do with money, right? So that's kind of where we are heading towards. So it's not not driven by technology, but it's driven by business and how it supports our customers and our ability to compete in the market. >> You know, I think Harvir, that's consistent with what we heard in some other work that we've done, our ETR partner who does these types of surveys. We're hearing the same thing, is that, you know, we might not be spending on modernizing our on-prem stack. Yeah, we want to get to the cloud at some point and modernize that. But if it supports revenue, you know, we'll invest in that, and get the, you know, instant ROI. I want to ask you about, you know, this concept of supercloud, this abstracted layer of value on top of hyperscale infrastructure, and maybe on-prem. But we were talking about the integration, for instance, between Snowflake and Salesforce, where you got different data sources and you were explaining that you had great interest in being able to, you know, have a kind of, I'll say seamless, sorry, I know it's an overused word, but integration between the data sources and those two different platforms. Can you explain that and why that's attractive to you? >> Yeah, I'm a big supporter of action where the data is, right? Because the minute you start to move, things are already lost in translation. The time is lost, you can't get to it fast enough. So if, for example, for us, Snowflake, Salesforce, is our actionable platform where we action, we send marketing campaigns, we send customer communication via SMS, in app, as well as via email. Now, we would like to be able to interact with our customers pretty much on a, I would say near real time, but the concept of real time doesn't work well with me because I always feel that if you're observing something, it's not real time, it's already happened. But how soon can I react? That's the question. And given that I have to move that data all the way from our, let's say, engagement platforms like Adobe, and particles of the world into Snowflake first, and then do my modeling in some way, and be able to then put it back into Salesforce, it takes time. Yes, you know, I can do it in a few hours, but that few hours makes a lot of difference. Somebody sitting on my website, you know, couldn't find something, walked away, how soon do you think he will lose interest? Three hours, four hours, he'll probably gone, he will never come back. I think if I can react to that as fast as possible without too much data movement, I think that's a lot of good benefit that this kind of integration will bring. Yes, I can potentially take data directly into Salesforce, but I then now have two copies of data, which is, again, something that I'm not a big (indistinct) of. Let's keep the source of the data simple, clean, and a single source. I think this kind of integration will help a lot if the actions can be brought very close to where the data resides. >> Thank you for that. And so, you know, it's funny, we sometimes try to define real time as before you lose the customer, so that's kind of real time. But I want to come back to this idea of governed data sharing. You mentioned some other clouds, a little bit of Azure, a little bit of Google. In a world where, let's say you go more aggressively, and we know that for instance, if you want to use Google's AI tools, you got to use BigQuery. You know, today, anyway, they're not sort of so friendly with Snowflake, maybe different for the AWS, maybe Microsoft's going to be different as well. But in an ideal world, what I'm hearing is you want to keep the data in place. You don't want to move the data. Moving data is expensive, making copies is badness. It's expensive, and it's also, you know, changes the state, right? So you got governance issues. So this idea of supercloud is that you can leave the data in place and actually have a common experience across clouds. Let's just say, let's assume for a minute Google kind of wakes up, my words, not yours, and says, "Hey, maybe, you know what, partnering with a Snowflake or a Databricks is better for our business. It's better for the customers," how would that affect your business and the value that you can bring to your customers? >> Again, I would say that would be the nirvana state that, you know, we want to get to. Because I would say not everyone's perfect. They have great engineers and great products that they're developing, but that's where they compete as well, right? I would like to use the best of breed as much as possible. And I've been a person who has done this in the past as well. I've used, you know, tools to integrate. And the reason why this integration has worked is primarily because sometimes you do pick the best thing for that job. And Google's AI products are definitely doing really well, but, you know, that accessibility, if it's a problem, then I really can't depend on them, right? I would love to move some of that down there, but they have to make it possible for us. Azure is doing really, really good at investing, so I think they're a little bit more and more closer to getting to that state, and I know seeking our attention than Google at this point of time. But I think there will be a revelation moment because more and more people that I talk to like myself, they're also talking about the same thing. I'd like to be able to use Google's AdSense, I would like to be able to use Google's advertising platform, but you know what? I already have all this data, why do I need to move it? Can't they just go and access it? That question will keep haunting them (indistinct). >> You know, I think, obviously, Microsoft has always known, you know, understood ecosystems. I mean, AWS is nailing it, when you go to re:Invent, it's all about the ecosystem. And they think they realized they can make a lot more money, you know, together, than trying to have, and Google's got to figure that out. I think Google thinks, "All right, hey, we got to have the best tech." And that tech, they do have the great tech, and that's our competitive advantage. They got to wake up to the ecosystem and what's happening in the field and the go-to-market. I want to ask you about how you see data and cloud evolving in the future. You mentioned that things that are driving revenue are the priorities, and maybe you're already doing this today, but my question is, do you see a day when companies like yours are increasingly offering data and software services? You've been around for a long time as a company, you've got, you know, first party data, you've got proprietary knowledge, and maybe tooling that you've developed, and you're becoming more, you're already a technology company. Do you see someday pointing that at customers, or again, maybe you're doing it already, or is that not practical in your view? >> So data monetization has always been on the charts. The reason why it hasn't seen the light is regulatory pressure at this point of time. We are partnering up with certain agencies, again, you know, some pilots are happening to see the value of that and be able to offer that. But I think, you know, eventually, we'll get to a state where our, because we are trying to build accessible financial services, we will be in a state that we will be offering those to partners, which could then extended to their customers as well. So we are definitely exploring that. We are definitely exploring how to enrich our data with other data, and be able to complete a super set of data that can be used. Because frankly speaking, the data that we have is very interesting. We have trends of people migrating, we have trends of people migrating within the US, right? So if a new, let's say there's a new, like, I'll give you an example. Let's say New York City, I can tell you, at any given point of time, with my data, what is, you know, a dominant population in that area from migrant perspective. And if I see a change in that data, I can tell you where that is moving towards. I think it's going to be very interesting. We're a little bit, obviously, sometimes, you know, you're scared of sharing too much detail because there's too much data. So, but at the end of the day, I think at some point, we'll get to a state where we are confident that the data can be used for good. One simple example is, you know, pharmacies. They would love to get, you know, we've been talking to CVS and we are talking to Walgreens, and trying to figure out, if they would get access to this kind of data demographic information, what could they do be better? Because, you know, from a gene pool perspective, there are diseases and stuff that are very prevalent in one community versus the other. We could probably equip them with this information to be able to better, you know, let's say, staff their pharmacies or keep better inventory of products that could be used for the population in that area. Similarly, the likes of Walmarts and Krogers, they would like to have more, let's say, ethnic products in their aisles, right? How do you enable that? That data is primarily, I think we are the biggest source of that data. So we do take pride in it, but you know, with caution, we are obviously exploring that as well. >> My last question for you, Harvir, is I'm going to ask you to do a thought exercise. So in that vein, that whole monetization piece, imagine that now, Harvir, you are running a P&L that is going to monetize that data. And my question to you is a there's a business vector and a technology vector. So from a business standpoint, the more distribution channels you have, the better. So running on AWS cloud, partnering with Microsoft, partnering with Google, going to market with them, going to give you more revenue. Okay, so there's a motivation for multi-cloud or supercloud. That's indisputable. But from a technical standpoint, is there an advantage to running on multiple clouds or is that a disadvantage for you? >> It's, I would say it's a disadvantage because if my data is distributed, I have to combine it at some place. So the very first step that we had taken was obviously we brought in Snowflake. The reason, we wanted our analytical data and we want our historical data in the same place. So we are already there and ready to share. And we are actually participating in the data share, but in a private setting at the moment. So we are technically enabled to share, unless there is a significant, I would say, upside to moving that data to another cloud. I don't see any reason because I can enable anyone to come and get it from Snowflake. It's already enabled for us. >> Yeah, or if somehow, magically, several years down the road, some standard developed so you don't have to move the data. Maybe there's a new, Mogli is talking about a new data architecture, and, you know, that's probably years away, but, Harvir, you're an awesome guest. I love having you on, and really appreciate you participating in the program. >> I appreciate it. Thank you, and good luck (indistinct) >> Ah, thank you very much. This is Dave Vellante for John Furrier and the entire Cube community. Keep it right there for more great coverage from Supercloud 2. (uplifting music)

(bright music) >> Hello cloud computing friends and welcome back to theCUBE, where we are live from Las Vegas, Nevada, here at AWS re:Invent all week. My name is Savannah Peterson, very excited to be joined by Paul Gillan today. How are you doing? >> I'm doing great, Savannah. It's my first re:Invent. >> I was just going to ask you >> So it's quite an experience. >> If you've ever been to re:Invent. >> It's dazzling much like the sequins on your top. It's dazzling. >> Yes. >> It's a jam packed affair. I came to the COMDEX Conference for many years in Las Vegas, which was huge event and this really rivals it in terms of these crowd sizes. But I think there's more intensity here. There's more excitement. People are just jazzed about being here to the extent that I never saw at other computer conferences. >> I thought I would agree with you. It's my first re:Invent as well. I'm glad we could share this experience together. And the vibe, the pulse, I think being back in person is really contagious as well. Ooh, maybe the wrong word to use, but in a great way. The energy is definitely radiating between people here. I'll watch my words a little bit better. >> And in person we have with us Samuel Nicholls, the director of public cloud at Global Product Marketing at Veeam Software. Sam, is it Sam or Samuel? >> Depends if I'm in trouble, Paul. >> Savannah: But it depends on who's saying it out loud. >> Yeah, yeah. It's typically, Samuel is usually reserved for my mother, so- >> Yeah. >> (laughs) Well, Sam, thanks for joining us. >> We'll stick with Sam on the show. >> Yeah. >> So Veeam been a red hot company for several years. Really made its, uh, its reputation in the VMware world. Now you've got this whole-sail shift to the cloud, not that VMware is not important still, but how is that affecting, you're shifting with it, how is that affecting your role as a product manager and the business overall? >> Yeah, it's a fantastic question. Obviously Veeam was pioneered in terms of being the purpose-built backup and recovery company for VMware. And as these workloads are being transitioned from the data center into the cloud or just net new workloads being created in the cloud, there is that equal need for backup and recovery there. So it's incredibly important that we were able to provide a purpose-built backup and recovery solution for workloads that live in AWS as well. >> Paul: And how different is it backing up an AWS workload compared to a VMware workload? >> I think it depends on what kind of service a user is, is, is utilizing, right? There's infrastructure as a service, platform as a service, software as a service. And given the differences in what is exposed to that customer that can make backup and recovery quite challenging. So I would say that the primary thing that we want to look at is utilizing native snapshots is our first line of defense when it comes to backup and recovery, irrespective of what workload that right might be whether it's a virtual machine, Amazon EC2, some sort of database on Amazon RDS, a file share, so on. >> Savannah: I bet you're seeing a lot across verticals and across the industry given the support that you're giving customers. What are you seeing in the market and in customer environments? What are some of those trends? >> So I think the major trends that we highlight in our data protection trend support, which is a new update is coming very shortly in the new year, is- >> Savannah: We have to check that out. >> Yeah, absolutely. The physical server is on a decline within the data center. Virtualized workloads, namely VMware is relatively static, kind of flat. The real hockey stick is with the cloud workloads. And as I mentioned before, that is partially because workloads are being transitioned from physical to virtual machines to being cloud hosted but also we're creating more applications and the cloud has become lead de facto standard for new workloads. So you hear about cloud first initiatives, digital transformation, the cloud is central to that. >> You mentioned snapshotting, which is a relatively new phenomenon, although it's taken a hold rapidly, how does snapshotting work in the cloud versus in on your on-prem environment? >> Samuel: It's not wildly different at all. I think the snapshots is again, a great first line of defense for helping users achieve very low recovery point objectives. So the frequency that they can protect their data as well as very low recovery time objectives, how quickly that I can recover the data. Because that's why we're backing up, right? We need the ability to recover. However, snapshots certainly have their limitations as well. They are not independent of the workload that is being protected. So if there were to be some sort of cybersecurity event like ransomware that is prolific throughout pretty much every business, every vertical. When that snapshot is not independent, if the production system becomes compromised that snapshot's likely to be compromised as well. And then going back to the recovery piece, not going to have something to recover from. >> And it's not a one and done with ransomware. >> No. >> It's, yeah. So how, so what is the role that backup plays? I mean a lot of people, I feel like security is such a hot topic here in the show and just in general, attacks are coming in unique form factors for everyone. I mean, I feel like backup is, no pun intended, the backbone of a system here. How does that affect what you're creating, I mean? >> Yeah, absolutely. I think, like you say the backup is core to any comprehensive security strategy, right? I think when we talk about security, everyone tends to focus on the preventative, the proactive piece, stopping the bad guys from getting in. However, there is that remediative aspect as well because like you say, ransomware is relentless, right? You, you as a good guy have to pretty much fend off each and every single attack that comes your way. And that can be an infinite number of attacks. We're all human beings, we're fallible, right? And sometimes we can't defend against everything. So having a secure backup strategy is part of that remediative recovery component for a cybersecurity strategy is critical. And that includes things like encryption, immutability, logical separation of data and so forth. >> Paul: We know that ransomware is a scourge on-premises, typically begins with the end users, end user workstation. How does ransomware work in the cloud? And do the cloud providers have adequate protections against ransomware? Or can they? >> Samuel: Yeah, it's a, it's a fantastic question as well. I think when we look at the cloud, one of the common misconceptions is as we transition workloads to the cloud, we are transitioning responsibility to that cloud provider. And again, it's a misconception, right? It is a shared responsibility between the cloud provider in this case, AWS and the user. So as we transition these workloads across varying different services, infrastructure, platform, software as a service, we're always, always transitioning varying degrees of responsibility. But we always own our data and it is our responsibility to protect and secure that data, for the actual infrastructure components, the hardware that is on the onus of the cloud provider, so I'd say that's the major difference. >> Is ransomware as big a threat in the cloud as it is on-prem? >> Absolutely. There's no difference between a ransomware attack on-premises or in the cloud. Irrespective of where you are choosing to run your workloads, you need to have that comprehensive cybersecurity strategy in order to defend against that and ultimately recover as well if there's a successful attempt. >> Yeah, it's, ooh, okay. Let's get us out at the dark shadows real quick (laughs) and bring us back to a little bit of the business use case here. A lot of people using AWS. What do you think are some of the considerations, they should have when they're thinking about this, thinking about growing their (indistinct)? >> Well, if we're going to stick down the dark shadows, the cybersecurity piece. >> We can be the darkness. >> You and me kind of dark shadows business. >> Yeah, yeah. >> We can go rainbows and unicorns, nice and happy if you like. I think there's a number of considerations they need to keep up. Security is, is, is number one. The next piece is around the recovery as well. I think folks, when they, when we talk about backup and recovery, the focus is always on the backup piece of it. But again, we need to focus on why we're doing the backup. It's the recovery, it's the recovery component. So making sure that we have a clean verifiable backup that we're able to restore data from. Can we do that in a, in efficient and timely manner? And I think the other major consideration is looking at the entirety of our environments as well. Very few companies are a hundred percent sole sourced on a single cloud provider. It is typically hybrid cloud. It's around 80% of organizations are hybrid, right? So they have their on-premises data and they also have workloads running in one or multiple clouds. And when it comes to backup and recovery of all of these different infrastructures and environments, the way that we approach it is very different. And that often leads to multiple different point products from multiple different vendors. The average company utilizes three different backup products, sometimes as many as seven and that can introduce a management nightmare that's very complex, very resource intensive, expensive. So looking at the entirety of the environment and looking to utilize a backup provider that can cover the entirety of that environment while centralizing everything under a single management console helps folks be a lot more efficient, a lot more cost effective and ultimately better when it comes to data protection. >> Amazon and all cloud providers really are increasingly making regions transparent. Just at this conference, Amazon introduced failover controls from multiple multi-region access points. So you can, you can failover from one access from one region to another. What kind of challenges does that present to you as a backup provider? >> I don't think it represents any challenges. When we look at the native durability of the cloud, we look at availability zones, we look at multi-region failover. That is, that durability is ultimately founded on, on replication. And I wouldn't say that replication and backup, you would use one or the other. I would say that they are complimentary. So for replication, that is going to help with the failover scenario, that durability component. But then backup again is that independent copy. Because if we look at replication, if let's say the source data were to be compromised by ransomware or there was accidental deletion or corruption, that's simply going to be copied over to the target destination as well. Having that backup as an independent copy, again compliments that strategy as well. >> Paul: You need it in either, in any scenario. >> Samuel: In any scenario. >> I think the average person would probably say that backup is not the most exciting technology aspect of this industry. But, but you guys certainly made, build a great business on it. What excites you about what's coming in backup? What are the new technologies, new advancements that perhaps we haven't seen and productized yet that you think are going to change the game? >> I think actually what we offer right now is the most exciting piece which is just choice flexibility. So Veeam again is synonymous with VMware backup but we cover a multitude of environments including AWS, containerized workloads, Kubernetes physical systems and the mobility pieces is critical because as organizations look to act on their digital transformation, cloud first initiatives, they need to be able to mobilize their workloads across different infrastructures, maybe from on-premises into the cloud, one cloud to another, maybe it's cloud back to on-premises, 'cause we do also see that. That flexibility of choice is what excites me about Veeam because it's ultimately giving the users best in class data protection tool sets without any prescriptive approach from us in terms of where you should be running your workloads. That is the choice that you use. >> Yeah, Veeam is definitely more than VMware. We actually had a chance to chat with you all like KubeCon and CloudNativeCon in Detroit. So we, we've seen the multitude of things that you touch. I want to bring it back to something and something kind of fun because you talked a lot about the community and being able to serve them. It's very clear, actually I shouldn't say this, I shouldn't say it's very clear, but to me it appears clear that community is a big priority for Veeam. I just want to call this out 'cause this was one of the cooler pieces of swag. You all gave out a hundred massage guns. Okay, very hot topic. Hot Christmas gift for 2022. I feel like Vanna White right now. And, but I thought that I was actually really compelled by this because we do a swag segment on theCUBE but it's not just about the objects or getting stuff. It's really about who's looking out for their community and how are they saying thanks. I mean, swag is a brand activation but it's also a thank you and I loved that you were giving out massage guns to the AWS Heroes and Community Builders. >> Yep. >> What role does community play in the culture and the product development at Veeam? >> So community has always been at the heart of Veeam. If you have a look at pretty much every single development across all of our versions, across all of our products it's always did by the community, right? We have a wonderful Veeam forum where we got 400,000 plus users actively providing feedback on the product what they would like to see. And that is ultimately what steers the direction of the product. Of course market trends and technology chain. >> A couple other factors, I'm sure. >> A couple of other factors, but community is huge for us. And the same goes for AWS. So, you know, talking with the AWS Heroes, the Community Builders helps Veeam reach further into that, into that community and the AWS user base and empower those folks with data protection tools and massage guns, when your feet are tired from, you know, being standing on them all day in Vegas. >> (laughs) Yeah, well, I mean, everybody, everybody's working hard and it's nice to say, it's nice to say, thank you. So I love, I love to hear that and it's, it's clear from the breadth of products that you're creating, the ways that you're supporting your customers that you already, they care a lot about community. We have a new challenge on theCUBE this year at AWS re:Invent. Think of it as an Instagram reel of your thought leadership, your hot take on the show, key themes as we look into 2023. What do you think is the most important story or trend or thing going on here at the show? >> I think it's just the continuation of cybersecurity and the importance of backup as a comprehensive cybersecurity strategy. You know, some folks might say that secure backup is your last line of defense. Again, ransomware is relentless. These folks are going to keep coming and even if they're successful, it's not a one and done thing. It's going to happen again and again and again. So, you know, we have a look around the show floor, the presentations there is a huge cybersecurity focus and really just what folks should be doing as their best practice to secure their AWS environments. >> That's awesome. Well, Paul, any final, any final thoughts or questions? >> I just quickly, you've mentioned data security, you mentioned data protection and backup sort of interchangeably but they're not really the same thing, are they? I mean, what businesses do you see Veeam as being here? >> I would say that we are a data protection company because of, yes, there is backup, but there's also the replication component. There's the continuous data protection component where we've got, you know, near-zero RTOs and then we again look at the cybersecurity components of that. What can we do to really protect that data? So I would say that the two are different. Backup is a subset of data protection. >> Sam, thank you so much for being here with us on theCUBE. It's been a super insightful conversation. Hopefully we'll get you back soon and more of the teams, there seem to be celebrities here with us on theCUBE. Paul Gillan, thank you so much for being here with me. >> Pleasure Savannah. >> And I'm glad we get to celebrate our first re:Invent and most importantly, thank you to the audience for tuning in. Without you, we don't get to hang out here in fabulous Las Vegas, Nevada, where we're live from the show floor at AWS re:Invent. My name is Savannah Peterson with Paul Gillan. We're theCUBE and we are the leading source for high-tech coverage. (bright music)

>>Hello everyone and welcome back to Motor City, Michigan. We're live from the Cube and my name is Savannah Peterson. Joined this afternoon with my co-host John Ferer. John, how you doing? Doing >>Great. This next segment's gonna be awesome about application modernization, scaling pluses. This is what's gonna, how are the next generation software revolution? It's gonna be >>Fun. You know, it's kind of been a theme of our day today is scale. And when we think about the complex orchestration platform that is Kubernetes, everyone wants to scale faster, quicker, more efficiently, and our guests are here to tell us all about that. Please welcome to Char and Andy, thank you so much for being here with us. You were on the Red Hat OpenShift team. Yeah. I suspect most of our audience is familiar, but just in case, let's give 'em a quick one-liner pitch so everyone's on the same page. Tell us about OpenShift. >>I, I'll take that one. OpenShift is our ES platform is our ES distribution. You can consume it as a self-managed platform or you can consume it as a managed service on on public clouds. And so we just call it all OpenShift. So it's basically Kubernetes, but you know, with a CNCF ecosystem around it to make things more easier. So maybe there's two >>Lights. So what does being at coupon mean for you? How does it feel to be here? What's your initial takes? >>Exciting. I'm having a fantastic time. I haven't been to coupon since San Diego, so it's great to be back in person and see old friends, make new friends, have hallway conversations. It's, it's great as an engineer trying to work in this ecosystem, just being able to, to be in the same place with these folks. >>And you gotta ask, before we came on camera, you're like, this is like my sixth co con. We were like, we're seven, you know, But that's a lot of co coupons. It >>Is, yes. I mean, so what, >>Yes. >>Take us status >>For sure. Where we are now. Compare and contrast co. Your first co con, just scope it out. What's the magnitude of change? If you had to put a pin on that, because there's a lot of new people coming in, they might not have seen where it's come from and how we got here is maybe not how we're gonna get to the next >>Level. I've seen it grow tremendously since the first one I went to, which I think was Austin several years ago. And what's great is seeing lots of new people interested in contributing and also seeing end users who are trying to figure out the best way to take advantage of this great ecosystem that we have. >>Awesome. And the project management side, you get the keys to the Kingdom with Red Hat OpenShift, which has been successful. Congratulations by the way. Thank you. We watched that grow and really position right on the wave. It's going great. What's the update on on the product? Kind of, you're in a good, good position right now. Yeah, >>No, we we're feeling good about it. It's all about our customers. Obviously the fact that, you know, we have thousands of customers using OpenShift as the cloud native platform, the container platform. We're very excited. The great thing about them is that, I mean you can go to like OpenShift Commons is kind of a user group that we run on the first day, like on Tuesday we ran. I mean you should see the number of just case studies that our customers went through there, you know? And it is fantastic to see that. I mean it's across so many different industries, across so many different use cases, which is very exciting. >>One of the things we've been reporting here in the Qla scene before, but here more important is just that if you take digital transformation to the, to its conclusion, the IT department and developers, they're not a department to serve the business. They are the business. Yes. That means that the developers are deciding things. Yeah. And running the business. Prove their code. Yeah. Okay. If that's, if that takes place, you gonna have scale. And we also said on many cubes, certainly at Red Hat Summit and other ones, the clouds are distributed computer, it's distributed computing. So you guys are focusing on this project, Andy, that you're working on kcp. >>Yes. >>Which is, I won't platform Kubernetes platform for >>Control >>Planes. Control planes. Yes. Take us through, what's the focus on why is that important and why is that relate to the mission of developers being in charge and large scale? >>Sure. So a lot of times when people are interested in developing on Kubernetes and running workloads, they need a cluster of course. And those are not cheap. It takes time, it takes money, it takes resources to get them. And so we're trying to make that faster and easier for, for end users and everybody involved. So with kcp, we've been able to take what looks like one normal Kubernetes and partition it. And so everybody gets a slice of it. You're an administrator in your little slice and you don't have to ask for permission to install new APIs and they don't conflict with anybody else's APIs. So we're really just trying to make it super fast and make it super flexible. So everybody is their own admin. >>So the developer basically looks at it as a resource blob. They can do whatever they want, but it's shared and provisioned. >>Yes. One option. It's like, it's like they have their own cluster, but you don't have to go through the process of actually provisioning a full >>Cluster. And what's the alternative? What's the what's, what's the, what's the benefit and what was the alternative to >>This? So the alternative, you spin up a full cluster, which you know, maybe that's three control plane nodes, you've got multiple workers, you've got a bunch of virtual machines or bare metal, or maybe you take, >>How much time does that take? Just ballpark. >>Anywhere from five minutes to an hour you can use cloud services. Yeah. Gke, E Ks and so on. >>Keep banging away. You're configuring. Yeah. >>Those are faster. Yeah. But it's still like, you still have to wait for that to happen and it costs money to do all of that too. >>Absolutely. And it's complex. Why do something that's been done, if there's a tool that can get you a couple steps down the path, which makes a ton of sense. Something that we think a lot when we're talking about scale. You mentioned earlier, Tohar, when we were chatting before the cams were alive, scale means a lot of different things. Can you dig in there a little bit? >>Yeah, I >>Mean, so when, when >>We talk about scale, >>We are talking about from a user perspective, we are talking about, you know, there are more users, there are more applications, there are more workloads, there are more services being run on Kubernetes now, right? So, and OpenShift. So, so that's one dimension of this scale. The other dimension of the scale is how do you manage all the underlying infrastructure, the clusters, the name spaces, and all the observability data, et cetera. So that's at least two levels of scale. And then obviously there's a third level of scale, which is, you know, there is scale across not just different clouds, but also from cloud to the edge. So there is that dimension of scale. So there are several dimensions of this scale. And the one that again, we are focused on here really is about, you know, this, the first one that I talk about is a user. And when I say user, it could be a developer, it could be an application architect, or it could be an application owner who wants to develop Kubernetes applications for Kubernetes and wants to publish those APIs, if you will, and make it discoverable and then somebody consumes it. So that's the scale we are talking about >>Here. What are some of the enterprise, you guys have a lot of customers, we've talked to you guys before many, many times and other subjects, Red Hat, I mean you guys have all the customers. Yeah. Enterprise, they've been there, done that. And you know, they're, they're savvy. Yeah. But the cloud is a whole nother ballgame. What are they thinking about? What's the psychology of the customer right now? Because now they have a lot of choices. Okay, we get it, we're gonna re-platform refactor apps, we'll keep some legacy on premises for whatever reasons. But cloud pretty much is gonna be the game. What's the mindset right now of the customer base? Where are they in their, in their psych? Not the executive, but more of the the operators or the developers? >>Yeah, so I mean, first of all, different customers are at different levels of maturity, I would say in this. They're all on a journey how I like to describe it. And in this journey, I mean, I see a customers who are really tip of the sphere. You know, they have containerized everything. They're cloud native, you know, they use best of tools, I mean automation, you know, complete automation, you know, quick deployment of applications and all, and life cycle of applications, et cetera. So that, that's kind of one end of this spectrum >>Advanced. Then >>The advances, you know, and, and I, you know, I don't, I don't have any specific numbers here, but I'd say there are quite a few of them. And we see that. And then there is kind of the middle who are, I would say, who are familiar with containers. They know what app modernization, what a cloud application means. They might have tried a few. So they are in the journey. They are kind of, they want to get there. They have some other kind of other issues, organizational or talent and so, so on and so forth. Kinds of issues to get there. And then there are definitely the quota, what I would call the lag arts still. And there's lots of them. But I think, you know, Covid has certainly accelerated a lot of that. I hear that. And there is definitely, you know, more, the psychology is definitely more towards what I would say public cloud. But I think where we are early also in the other trend that I see is kind of okay, public cloud great, right? So people are going there, but then there is the so-called edge also. Yeah. That is for various regions. You, you gotta have a kind of a regional presence, a edge presence. And that's kind of the next kind of thing taking off here. And we can talk more >>About it. Yeah, let's talk about that a little bit because I, as you know, as we know, we're very excited about Edge here at the Cube. Yeah. What types of trends are you seeing? Is that space emerges a little bit more firmly? >>Yeah, so I mean it's, I mean, so we, when we talk about Edge, you're talking about, you could talk about Edge as a, as a retail, I mean locations, right? >>Could be so many things edges everywhere. Everywhere, right? It's all around us. Quite literally. Even on the >>Scale. Exactly. In space too. You could, I mean, in fact you mentioned space. I was, I was going to >>Kinda, it's this world, >>My space actually Kubernetes and OpenShift running in space, believe it or not, you know, So, so that's the edge, right? So we have Industrial Edge, we have Telco Edge, we have a 5g, then we have, you know, automotive edge now and, and, and retail edge and, and more, right? So, and space, you know, So it's very exciting there. So the reason I tag back to that question that you asked earlier is that that's where customers are. So cloud is one thing, but now they gotta also think about how do I, whatever I do in the cloud, how do I bring it to the edge? Because that's where my end users are, my customers are, and my data is, right? So that's the, >>And I think Kubernetes has brought that attention to the laggards. We had the Laed Martin on yesterday, which is an incredible real example of Kubernetes at the edge. It's just incredible story. We covered it also wrote a story about it. So compelling. Cuz it makes it real. Yes. And Kubernetes is real. So then the question is developer productivity, okay, Things are starting to settle in. We've got KCP scaling clusters, things are happening. What about the tool chains? And how do I develop now I got scale of development, more code coming in. I mean, we are speculating that in the future there's so much code in open source that no one has to write code anymore. Yeah. At some point it's like this gluing things together. So the developers need to be productive. How are we gonna scale the developer equation and eliminate the, the complexity of tool chains and environments. Web assembly is super hyped up at this show. I don't know why, but sounds good. No one, no one can tell me why, but I can kind of connect the dots. But this is a big thing. >>Yeah. And it's fitting that you ask about like no code. So we've been working with our friends at Cross Plain and have integrated with kcp the ability to no code, take a whole bunch of configuration and say, I want a database. I want to be a, a provider of databases. I'm in an IT department, there's a bunch of developers, they don't wanna have to write code to create databases. So I can just take, take my configuration and make it available to them. And through some super cool new easy to use tools that we have as a developer, you can just say, please give me a database and you don't have to write any code. I don't have to write any code to maintain that database. I'm actually using community tooling out there to get that spun up. So there's a lot of opportunities out there. So >>That's ease of use check. What about a large enterprise that's got multiple tool chains and you start having security issues. Does that disrupt the tool chain capability? Like there's all those now weird examples emerging, not weird, but like real plumbing challenges. How do you guys see that evolving with Red >>Hat and Yeah, I mean, I mean, talking about that, right? The software, secure software supply chain is a huge concern for everyone after, especially some of the things that have happened in the past few >>Years. Massive team here at the show. Yeah. And just within the community, we're all a little more aware, I think, even than we were before. >>Before. Yeah. Yeah. And, and I think the, so to step back, I mean from, so, so it's not just even about, you know, run time vulnerability scanning, Oh, that's important, but that's not enough, right? So we are talking about, okay, how did that container, or how did that workload get there? What is that workload? What's the prominence of this workload? How did it get created? What is in it? You know, and what, what are, how do I make, make sure that there are no unsafe attack s there. And so that's the software supply chain. And where Red Hat is very heavily invested. And as you know, with re we kind of have roots in secure operating system. And rel one of the reasons why Rel, which is the foundation of everything we do at Red Hat, is because of security. So an OpenShift has always been secure out of the box with things like scc, rollbacks access control, we, which we added very early in the product. >>And now if you kind of bring that forward, you know, now we are talking about the complete software supply chain security. And this is really about right how from the moment the, the, the developer rights code and checks it into a gateway repository from there on, how do you build it? How do you secure it at each step of the process, how do you sign it? And we are investing and contributing to the community with things like cosign and six store, which is six store project. And so that secures the supply chain. And then you can use things like algo cd and then finally we can do it, deploy it onto the cluster itself. And then we have things like acs, which can do vulnerability scanning, which is a container security platform. >>I wanna thank you guys for coming on. I know Savannah's probably got a last question, but my last question is, could you guys each take a minute to answer why has Kubernetes been so successful today? What, what was the magic of Kubernetes that made it successful? Was it because no one forced it? Yes. Was it lightweight? Was it good timing, right place at the right time community? What's the main reason that Kubernetes is enabling all this, all this shift and goodness that's coming together, kind of defacto unifies people, the stacks, almost middleware markets coming around. Again, not to use that term middleware, but it feels like it's just about to explode. Yeah. Why is this so successful? I, >>I think, I mean, the shortest answer that I can give there really is, you know, as you heard the term, I think Satya Nala from Microsoft has used it. I don't know if he was the original person who pointed, but every company wants to be a software company or is a software company now. And that means that they want to develop stuff fast. They want to develop stuff at scale and develop at, in a cloud native way, right? You know, with the cloud. So that's, and, and Kubernetes came at the right time to address the cloud problem, especially across not just one public cloud or two public clouds, but across a whole bunch of public clouds and infrastructure as, and what we call the hybrid clouds. I think the ES is really exploded because of hybrid cloud, the need for hybrid cloud. >>And what's your take on the, the magic Kubernetes? What made it, what's making it so successful? >>I would agree also that it came about at the right time, but I would add that it has great extensibility and as developers we take it advantage of that every single day. And I think that the, the patterns that we use for developing are very consistent. And I think that consistency that came with Kubernetes, just, you have so many people who are familiar with it and so they can follow the same patterns, implement things similarly, and it's just a good fit for the way that we want to get our software out there and have, and have things operate. >>Keep it simple, stupid almost is that acronym, but the consistency and the de facto alignment Yes. Behind it just created a community. So, so then the question is, are the developers now setting the standards? That seems like that's the new way, right? I mean, >>I'd like to think so. >>So I mean hybrid, you, you're touching everything at scale and you also have mini shift as well, right? Which is taking a super macro micro shift. You ma micro shift. Oh yeah, yeah, exactly. It is a micro shift. That is, that is fantastic. There isn't a base you don't cover. You've spoken a lot about community and both of you have, and serving the community as well as your engagement with them from a, I mean, it's given that you're both leaders stepping back, how, how Community First is Red Hat and OpenShift as an organization when it comes to building the next products and, and developing. >>I'll take and, and I'm sure Andy is actually the community, so I'm sure he'll want to a lot of it. But I mean, right from the start, we have roots in open source. I'll keep it, you know, and, and, and certainly with es we were one of the original contributors to Kubernetes other than Google. So in some ways we think about as co-creators of es, they love that. And then, yeah, then we have added a lot of things in conjunction with the, I I talk about like SCC for Secure, which has become part security right now, which the community, we added things like our back and other what we thought were enterprise features needed because we actually wanted to build a product out of it and sell it to customers where our customers are enterprises. So we have worked with the community. Sometimes we have been ahead of the community and we have convinced the community. Sometimes the community has been ahead of us for other reasons. So it's been a great collaboration, which is I think the right thing to do. But Andy, as I said, >>Is the community well set too? Are well said. >>Yes, I agree with all of that. I spend most of my days thinking about how to interact with the community and engage with them. So the work that we're doing on kcp, we want it to be a community project and we want to involve as many people as we can. So it is a heavy focus for me and my team. And yeah, we we do >>It all the time. How's it going? How's the project going? You feel good >>About it? I do. It is, it started as an experiment or set of prototypes and has grown leaps and bounds from it's roots and it's, it's fantastic. Yeah. >>Controlled planes are hot data planes control planes. >>I >>Know, I love it. Making things work together horizontally scalable. Yeah. Sounds like cloud cloud native. >>Yeah. I mean, just to add to it, there are a couple of talks that on KCP at Con that our colleagues s Stephan Schemanski has, and I, I, I would urge people who have listening, if they have, just Google it, if you will, and you'll get them. And those are really awesome talks to get more about >>It. Oh yeah, no, and you can tell on GitHub that KCP really is a community project and how many people are participating. It's always fun to watch the action live to. Sure. Andy, thank you so much for being here with us, John. Wonderful questions this afternoon. And thank all of you for tuning in and listening to us here on the Cube Live from Detroit. I'm Savannah Peterson. Look forward to seeing you again very soon.

(upbeat music) >> Hello and welcome to theCUBE's presentation of the AWS Startup Showcase. This is season two, episode four of the ongoing series covering the exciting hot startups from the AWS ecosystem. Here we're talking about cybersecurity in this episode. I'm your host, John Furrier here we're excited to have CUBE alumni who's back Snehal Antani who's the CEO and co-founder of Horizon3.ai talking about exploitable weaknesses and vulnerabilities with autonomous pen testing. Snehal, it's great to see you. Thanks for coming back. >> Likewise, John. I think it's been about five years since you and I were on the stage together. And I've missed it, but I'm glad to see you again. >> Well, before we get into the showcase about your new startup, that's extremely successful, amazing margins, great product. You have a unique journey. We talked about this prior to you doing the journey, but you have a great story. You left the startup world to go into the startup, like world of self defense, public defense, NSA. What group did you go to in the public sector became a private partner. >> My background, I'm a software engineer by education and trade. I started my career at IBM. I was a CIO at GE Capital, and I think we met once when I was there and I became the CTO of Splunk. And we spent a lot of time together when I was at Splunk. And at the end of 2017, I decided to take a break from industry and really kind of solve problems that I cared deeply about and solve problems that mattered. So I left industry and joined the US Special Operations Community and spent about four years in US Special Operations, where I grew more personally and professionally than in anything I'd ever done in my career. And exited that time, met my co-founder in special ops. And then as he retired from the air force, we started Horizon3. >> So there's really, I want to bring that up one, 'cause it's fascinating that not a lot of people in Silicon Valley and tech would do that. So thanks for the service. And I know everyone who's out there in the public sector knows that this is a really important time for the tactical edge in our military, a lot of things going on around the world. So thanks for the service and a great journey. But there's a storyline with the company you're running now that you started. I know you get the jacket on there. I noticed get a little military vibe to it. Cybersecurity, I mean, every company's on their own now. They have to build their own militia. There is no government supporting companies anymore. There's no militia. No one's on the shores of our country defending the citizens and the companies, they got to offend for themselves. So every company has to have their own military. >> In many ways, you don't see anti-aircraft rocket launchers on top of the JP Morgan building in New York City because they rely on the government for air defense. But in cyber it's very different. Every company is on their own to defend for themselves. And what's interesting is this blend. If you look at the Ukraine, Russia war, as an example, a thousand companies have decided to withdraw from the Russian economy and those thousand companies we should expect to be in the ire of the Russian government and their proxies at some point. And so it's not just those companies, but their suppliers, their distributors. And it's no longer about cyber attack for extortion through ransomware, but rather cyber attack for punishment and retaliation for leaving. Those companies are on their own to defend themselves. There's no government that is dedicated to supporting them. So yeah, the reality is that cybersecurity, it's the burden of the organization. And also your attack surface has expanded to not just be your footprint, but if an adversary wants to punish you for leaving their economy, they can get, if you're in agriculture, they could disrupt your ability to farm or they could get all your fruit to spoil at the border 'cause they disrupted your distributors and so on. So I think the entire world is going to change over the next 18 to 24 months. And I think this idea of cybersecurity is going to become truly a national problem and a problem that breaks down any corporate barriers that we see in previously. >> What are some of the things that inspired you to start this company? And I loved your approach of thinking about the customer, your customer, as defending themselves in context to threats, really leaning into it, being ready and able to defend. Horizon3 has a lot of that kind of military thinking for the good of the company. What's the motivation? Why this company? Why now? What's the value proposition? >> So there's two parts to why the company and why now. The first part was what my observation, when I left industry realm or my military background is watching "Jack Ryan" and "Tropic Thunder" and I didn't come from the military world. And so when I entered the special operations community, step one was to keep my mouth shut, learn, listen, and really observe and understand what made that community so impressive. And obviously the people and it's not about them being fast runners or great shooters or awesome swimmers, but rather there are learn-it-alls that can solve any problem as a team under pressure, which is the exact culture you want to have in any startup, early stage companies are learn-it-alls that can solve any problem under pressure as a team. So I had this immediate advantage when we started Horizon3, where a third of Horizon3 employees came from that special operations community. So one is this awesome talent. But the second part that, I remember this quote from a special operations commander that said we use live rounds in training because if we used fake rounds or rubber bullets, everyone would act like metal of honor winners. And the whole idea there is you train like you fight, you build that muscle memory for crisis and response and so on upfront. So when you're in the thick of it, you already know how to react. And this aligns to a pain I had in industry. I had no idea I was secure until the bad guy showed up. I had no idea if I was fixing the right vulnerabilities, logging the right data in Splunk, or if my CrowdStrike EDR platform was configured correctly, I had to wait for the bad guys to show up. I didn't know if my people knew how to respond to an incident. So what I wanted to do was proactively verify my security posture, proactively harden my systems. I needed to do that by continuously pen testing myself or continuously testing my security posture. And there just wasn't any way to do that where an IT admin or a network engineer could in three clicks have the power of a 20 year pen testing expert. And that was really what we set out to do, not build a autonomous pen testing platform for security people, build it so that anybody can quickly test their security posture and then use the output to fix problems that truly matter. >> So the value preposition, if I get this right is, there's a lot of companies out there doing pen tests. And I know I hate pen tests. They're like, cause you do DevOps, it changes you got to do another pen test. So it makes sense to do autonomous pen testing. So congratulations on seeing that that's obvious to that, but a lot of other have consulting tied to it. Which seems like you need to train someone and you guys taking a different approach. >> Yeah, we actually, as a company have zero consulting, zero professional services. And the whole idea is that build a true software as a service offering where an intern, in fact, we've got a video of a nine year old that in three clicks can run pen tests against themselves. And because of that, you can wire pen tests into your DevOps tool chain. You can run multiple pen tests today. In fact, I've got customers running 40, 50 pen tests a month against their organization. And that what that does is completely lowers the barrier of entry for being able to verify your posture. If you have consulting on average, when I was a CIO, it was at least a three month lead time to schedule consultants to show up and then they'd show up, they'd embarrass the security team, they'd make everyone look bad, 'cause they're going to get in, leave behind a report. And that report was almost identical to what they found last year because the older that report, the one the date itself gets stale, the context changes and so on. And then eventually you just don't even bother fixing it. Or if you fix a problem, you don't have the skills to verify that has been fixed. So I think that consulting led model was acceptable when you viewed security as a compliance checkbox, where once a year was sufficient to meet your like PCI requirements. But if you're really operating with a wartime mindset and you actually need to harden and secure your environment, you've got to be running pen test regularly against your organization from different perspectives, inside, outside, from the cloud, from work, from home environments and everything in between. >> So for the CISOs out there, for the CSOs and the CXOs, what's the pitch to them because I see your jacket that says Horizon3 AI, trust but verify. But this trust is, but is canceled out, just as verify. What's the product that you guys are offering the service. Describe what it is and why they should look at it. >> Yeah, sure. So one, when I back when I was the CIO, don't tell me we're secure in PowerPoint. Show me we're secure right now. Show me we're secure again tomorrow. And then show me we're secure again next week because my environment is constantly changing and the adversary always has a vote and they're always evolving. And this whole idea of show me we're secure. Don't trust that your security tools are working, verify that they can detect and respond and stifle an attack and then verify tomorrow, verify next week. That's the big mind shift. Now what we do is-- >> John: How do they respond to that by the way? Like they don't believe you at first or what's the story. >> I think, there's actually a very bifurcated response. There are still a decent chunk of CIOs and CSOs that have a security is a compliance checkbox mindset. So my attitude with them is I'm not going to convince you. You believe it's a checkbox. I'll just wait for you to get breached and sell to your replacement, 'cause you'll get fired. And in the meantime, I spend all my energy with those that actually care about proactively securing and hardening their environments. >> That's true. People do get fired. Can you give an example of what you're saying about this environment being ready, proving that you're secure today, tomorrow and a few weeks out. Give me an example. >> Of, yeah, I'll give you actually a customer example. There was a healthcare organization and they had about 5,000 hosts in their environment and they did everything right. They had Fortinet as their EDR platform. They had user behavior analytics in place that they had purchased and tuned. And when they ran a pen test self-service, our product node zero immediately started to discover every host on the network. It then fingerprinted all those hosts and found it was able to get code execution on three machines. So it got code execution, dumped credentials, laterally maneuvered, and became a domain administrator, which in IT, if an attacker becomes a domain admin, they've got keys to the kingdom. So at first the question was, how did the node zero pen test become domain admin? How'd they get code execution, Fortinet should have detected and stopped it. Well, it turned out Fortinet was misconfigured on three boxes out of 5,000. And these guys had no idea and it's just automation that went wrong and so on. And now they would've only known they had misconfigured their EDR platform on three hosts if the attacker had showed up. The second question though was, why didn't they catch the lateral movement? Which all their marketing brochures say they're supposed to catch. And it turned out that that customer purchased the wrong Fortinet modules. One again, they had no idea. They thought they were doing the right thing. So don't trust just installing your tools is good enough. You've got to exercise and verify them. We've got tons of stories from patches that didn't actually apply to being able to find the AWS admin credentials on a local file system. And then using that to log in and take over the cloud. In fact, I gave this talk at Black Hat on war stories from running 10,000 pen tests. And that's just the reality is, you don't know that these tools and processes are working for you until the bad guys have shown. >> The velocities there. You can accelerate through logs, you know from the days you've been there. This is now the threat. Being, I won't say lazy, but just not careful or just not thinking. >> Well, I'll do an example. We have a lot of customers that are Horizon3 customers and Splunk customers. And what you'll see their behavior is, is they'll have Horizon3 up on one screen. And every single attacker command executed with its timestamp is up on that screen. And then look at Splunk and say, hey, we were able to dump vCenter credentials from VMware products at this time on this host, what did Splunk see or what didn't they see? Why were no logs generated? And it turns out that they had some logging blind spots. So what they'll actually do is run us to almost like stimulate the defensive tools and then see what did the tools catch? What did they miss? What are those blind spots and how do they fix it. >> So your price called node zero. You mentioned that. Is that specifically a suite, a tool, a platform. How do people consume and engage with you guys? >> So the way that we work, the whole product is designed to be self-service. So once again, while we have a sales team, the whole intent is you don't need to have to talk to a sales rep to start using the product, you can log in right now, go to Horizon3.ai, you can run a trial log in with your Google ID, your LinkedIn ID, start running pen test against your home or against your network against this organization right now, without talking to anybody. The whole idea is self-service, run a pen test in three clicks and give you the power of that 20 year pen testing expert. And then what'll happen is node zero will execute and then it'll provide to you a full report of here are all of the different paths or attack paths or sequences where we are able to become an admin in your environment. And then for every attack path, here is the path or the kill chain, the proof of exploitation for every step along the way. Here's exactly what you've got to do to fix it. And then once you've fixed it, here's how you verify that you've truly fixed the problem. And this whole aha moment is run us to find problems. You fix them, rerun us to verify that the problem has been fixed. >> Talk about the company, how many people do you have and get some stats? >> Yeah, so we started writing code in January of 2020, right before the pandemic hit. And then about 10 months later at the end of 2020, we launched the first version of the product. We've been in the market for now about two and a half years total from start of the company till present. We've got 130 employees. We've got more customers than we do employees, which is really cool. And instead our customers shift from running one pen test a year to 40, 50 pen test. >> John: And it's full SaaS. >> The whole product is full SaaS. So no consulting, no pro serve. You run as often as you-- >> Who's downloading, who's buying the product. >> What's amazing is, we have customers in almost every section or sector now. So we're not overly rotated towards like healthcare or financial services. We've got state and local education or K through 12 education, state and local government, a number of healthcare companies, financial services, manufacturing. We've got organizations that large enterprises. >> John: Security's diverse. >> It's very diverse. >> I mean, ransomware must be a big driver. I mean, is that something that you're seeing a lot. >> It is. And the thing about ransomware is, if you peel back the outcome of ransomware, which is extortion, at the end of the day, what ransomware organizations or criminals or APTs will do is they'll find out who all your employees are online. They will then figure out if you've got 7,000 employees, all it takes is one of them to have a bad password. And then attackers are going to credential spray to find that one person with a bad password or whose Netflix password that's on the dark web is also their same password to log in here, 'cause most people reuse. And then from there they're going to most likely in your organization, the domain user, when you log in, like you probably have local admin on your laptop. If you're a windows machine and I've got local admin on your laptop, I'm going to be able to dump credentials, get the admin credentials and then start to laterally maneuver. Attackers don't have to hack in using zero days like you see in the movies, often they're logging in with valid user IDs and passwords that they've found and collected from somewhere else. And then they make that, they maneuver by making a low plus a low equal a high. And the other thing in financial services, we spend all of our time fixing critical vulnerabilities, attackers know that. So they've adapted to finding ways to chain together, low priority vulnerabilities and misconfigurations and dangerous defaults to become admin. So while we've over rotated towards just fixing the highs and the criticals attackers have adapted. And once again they have a vote, they're always evolving their tactics. >> And how do you prevent that from happening? >> So we actually apply those same tactics. Rarely do we actually need a CVE to compromise your environment. We will harvest credentials, just like an attacker. We will find misconfigurations and dangerous defaults, just like an attacker. We will combine those together. We'll make use of exploitable vulnerabilities as appropriate and use that to compromise your environment. So the tactics that, in many ways we've built a digital weapon and the tactics we apply are the exact same tactics that are applied by the adversary. >> So you guys basically simulate hacking. >> We actually do the hacking. Simulate means there's a fakeness to it. >> So you guys do hack. >> We actually compromise. >> Like sneakers the movie, those sneakers movie for the old folks like me. >> And in fact that was my inspiration. I've had this idea for over a decade now, which is I want to be able to look at anything that laptop, this Wi-Fi network, gear in hospital or a truck driving by and know, I can figure out how to gain initial access, rip that environment apart and be able to opponent. >> Okay, Chuck, he's not allowed in the studio anymore. (laughs) No, seriously. Some people are exposed. I mean, some companies don't have anything. But there's always passwords or so most people have that argument. Well, there's nothing to protect here. Not a lot of sensitive data. How do you respond to that? Do you see that being kind of putting the head in the sand or? >> Yeah, it's actually, it's less, there's not sensitive data, but more we've installed or applied multifactor authentication, attackers can't get in now. Well MFA only applies or does not apply to lower level protocols. So I can find a user ID password, log in through SMB, which isn't protected by multifactor authentication and still upon your environment. So unfortunately I think as a security industry, we've become very good at giving a false sense of security to organizations. >> John: Compliance drives that behavior. >> Compliance drives that. And what we need. Back to don't tell me we're secure, show me, we've got to, I think, change that to a trust but verify, but get rid of the trust piece of it, just to verify. >> Okay, we got a lot of CISOs and CSOs watching this showcase, looking at the hot startups, what's the message to the executives there. Do they want to become more leaning in more hawkish if you will, to use the military term on security? I mean, I heard one CISO say, security first then compliance 'cause compliance can make you complacent and then you're unsecure at that point. >> I actually say that. I agree. One definitely security is different and more important than being compliant. I think there's another emerging concept, which is I'd rather be defensible than secure. What I mean by that is security is a point in time state. I am secure right now. I may not be secure tomorrow 'cause something's changed. But if I'm defensible, then what I have is that muscle memory to detect, respondent and stifle an attack. And that's what's more important. Can I detect you? How long did it take me to detect you? Can I stifle you from achieving your objective? How long did it take me to stifle you? What did you use to get in to gain access? How long did that sit in my environment? How long did it take me to fix it? So on and so forth. But I think it's being defensible and being able to rapidly adapt to changing tactics by the adversary is more important. >> This is the evolution of how the red line never moved. You got the adversaries in our networks and our banks. Now they hang out and they wait. So everyone thinks they're secure. But when they start getting hacked, they're not really in a position to defend, the alarms go off. Where's the playbook. Team springs into action. I mean, you kind of get the visual there, but this is really the issue being defensible means having your own essentially military for your company. >> Being defensible, I think has two pieces. One is you've got to have this culture and process in place of training like you fight because you want to build that incident response muscle memory ahead of time. You don't want to have to learn how to respond to an incident in the middle of the incident. So that is that proactively verifying your posture and continuous pen testing is critical there. The second part is the actual fundamentals in place so you can detect and stifle as appropriate. And also being able to do that. When you are continuously verifying your posture, you need to verify your entire posture, not just your test systems, which is what most people do. But you have to be able to safely pen test your production systems, your cloud environments, your perimeter. You've got to assume that the bad guys are going to get in, once they're in, what can they do? So don't just say that my perimeter's secure and I'm good to go. It's the soft squishy center that attackers are going to get into. And from there, can you detect them and can you stop them? >> Snehal, take me through the use. You got to be sold on this, I love this topic. Alright, pen test. Is it, what am I buying? Just pen test as a service. You mentioned dark web. Are you actually buying credentials online on behalf of the customer? What is the product? What am I buying if I'm the CISO from Horizon3? What's the service? What's the product, be specific. >> So very specifically and one just principles. The first principle is when I was a buyer, I hated being nickled and dimed buyer vendors, which was, I had to buy 15 different modules in order to achieve an objective. Just give me one line item, make it super easy to buy and don't nickel and dime me. Because I've spent time as a buyer that very much has permeated throughout the company. So there is a single skew from Horizon3. It is an annual subscription based on how big your environment is. And it is inclusive of on-prem internal pen tests, external pen tests, cloud attacks, work from home attacks, our ability to harvest credentials from the dark web and from open source sources. Being able to crack those credentials, compromise. All of that is included as a singles skew. All you get as a CISO is a singles skew, annual subscription, and you can run as many pen tests as you want. Some customers still stick to, maybe one pen test a quarter, but most customers shift when they realize there's no limit, we don't nickel and dime. They can run 10, 20, 30, 40 a month. >> Well, it's not nickel and dime in the sense that, it's more like dollars and hundreds because they know what to expect if it's classic cloud consumption. They kind of know what their environment, can people try it. Let's just say I have a huge environment, I have a cloud, I have an on-premise private cloud. Can I dabble and set parameters around pricing? >> Yes you can. So one is you can dabble and set perimeter around scope, which is like manufacturing does this, do not touch the production line that's on at the moment. We've got a hospital that says every time they run a pen test, any machine that's actually connected to a patient must be excluded. So you can actually set the parameters for what's in scope and what's out of scope up front, most again we're designed to be safe to run against production so you can set the parameters for scope. You can set the parameters for cost if you want. But our recommendation is I'd rather figure out what you can afford and let you test everything in your environment than try to squeeze every penny from you by only making you buy what can afford as a smaller-- >> So the variable ratio, if you will is, how much they spend is the size of their environment and usage. >> Just size of the environment. >> So it could be a big ticket item for a CISO then. >> It could, if you're really large, but for the most part-- >> What's large? >> I mean, if you were Walmart, well, let me back up. What I heard is global 10 companies spend anywhere from 50 to a hundred million dollars a year on security testing. So they're already spending a ton of money, but they're spending it on consultants that show up maybe a couple of times a year. They don't have, humans can't scale to test a million hosts in your environment. And so you're already spending that money, spend a fraction of that and use us and run as much as you want. And that's really what it comes down to. >> John: All right. So what's the response from customers? >> What's really interesting is there are three use cases. The first is that SOC manager that is using us to verify that their security tools are actually working. So their Splunk environment is logging the right data. It's integrating properly with CrowdStrike, it's integrating properly with their active directory services and their password policies. So the SOC manager is using us to verify the effectiveness of their security controls. The second use case is the IT director that is using us to proactively harden their systems. Did they install VMware correctly? Did they install their Cisco gear correctly? Are they patching right? And then the third are for the companies that are lucky to have their own internal pen test and red teams where they use us like a force multiplier. So if you've got 10 people on your red team and you still have a million IPs or hosts in your environment, you still don't have enough people for that coverage. So they'll use us to do recon at scale and attack at scale and let the humans focus on the really juicy hard stuff that humans are successful at. >> Love the product. Again, I'm trying to think about how I engage on the test. Is there pilots? Is there a demo version? >> There's a free trials. So we do 30 day free trials. The output can actually be used to meet your SOC 2 requirements. So in many ways you can just use us to get a free SOC 2 pen test report right now, if you want. Go to the website, log in for a free trial, you can log into your Google ID or your LinkedIn ID, run a pen test against your organization and use that to answer your PCI segmentation test requirements, your SOC 2 requirements, but you will be hooked. You will want to run us more often. And you'll get a Horizon3 tattoo. >> The first hits free as they say in the drug business. >> Yeah. >> I mean, so you're seeing that kind of response then, trial converts. >> It's exactly. In fact, we have a very well defined aha moment, which is you run us to find, you fix, you run us to verify, we have 100% technical win rate when our customers hit a find, fix, verify cycle, then it's about budget and urgency. But 100% technical win rate because of that aha moment, 'cause people realize, holy crap, I don't have to wait six months to verify that my problems have actually been fixed. I can just come in, click, verify, rerun the entire pen test or rerun a very specific part of it on what I just patched my environment. >> Congratulations, great stuff. You're here part of the AWS Startup Showcase. So I have to ask, what's the relationship with AWS, you're on their cloud. What kind of actions going on there? Is there secret sauce on there? What's going on? >> So one is we are AWS customers ourselves, our brains command and control infrastructure. All of our analytics are all running on AWS. It's amazing, when we run a pen test, we are able to use AWS and we'll spin up a virtual private cloud just for that pen test. It's completely ephemeral, it's all Lambda functions and graph analytics and other techniques. When the pen test ends, you can delete, there's a single use Docker container that gets deleted from your environment so you have nothing on-prem to deal with and the entire virtual private cloud tears itself down. So at any given moment, if we're running 50 pen tests or a hundred pen tests, self-service, there's a hundred virtual private clouds being managed in AWS that are spinning up, running and tearing down. It's an absolutely amazing underlying platform for us to make use of. Two is that many customers that have hybrid environments. So they've got a cloud infrastructure, an Office 365 infrastructure and an on-prem infrastructure. We are a single attack platform that can test all of that together. No one else can do it. And so the AWS customers that are especially AWS hybrid customers are the ones that we do really well targeting. >> Got it. And that's awesome. And that's the benefit of cloud? >> Absolutely. And the AWS marketplace. What's absolutely amazing is the competitive advantage being part of the marketplace has for us, because the simple thing is my customers, if they already have dedicated cloud spend, they can use their approved cloud spend to pay for Horizon3 through the marketplace. So you don't have to, if you already have that budget dedicated, you can use that through the marketplace. The other is you've already got the vendor processes in place, you can purchase through your existing AWS account. So what I love about the AWS company is one, the infrastructure we use for our own pen test, two, the marketplace, and then three, the customers that span that hybrid cloud environment. That's right in our strike zone. >> Awesome. Well, congratulations. And thanks for being part of the showcase and I'm sure your product is going to do very, very well. It's very built for what people want. Self-service get in, get the value quickly. >> No agents to install, no consultants to hire. safe to run against production. It's what I wanted. >> Great to see you and congratulations and what a great story. And we're going to keep following you. Thanks for coming on. >> Snehal: Phenomenal. Thank you, John. >> This is the AWS Startup Showcase. I'm John John Furrier, your host. This is season two, episode four on cybersecurity. Thanks for watching. (upbeat music)

>> Narrator: theCUBE presents KubeCon, and CloudNativeCon Europe, 2022, brought to you by Red Hat, the Cloud Native Computing Foundation, and its ecosystem partners. >> Welcome to Valencia, Spain and KubeCon, CloudNativeCon Europe, 2022. I'm Keith Townsend, and we're continuing the conversation with builders, startups, large enterprise, customers, small customers, the whole community. Just got a interesting stat earlier in the day, 7.1 million community members in the CNCF foundation, and we're been interacting with 7,500 of them. But we're bringing the signal, separating the signal from the noise. We have a Kube alum who's been on both sides of the table, Omri Gazitt co-founder and CEO of Aserto. Welcome to the show. >> Thank you so much, Keith. >> So identity management, you know it's, it's critical need to the enterprise cloud native but there's plenty of solutions on the market, what unique problem are you solving you know how are you solving the problem in a unique way that we don't go to some of the big named vendors in this space? >> Yeah, we, my co-founder and I, were veterans of large clouds. We helped start Azure at Microsoft. We in fact helped build what became Azure Active Directory and those solutions entirely focus on one part, the "I" part, the identity part of the problem. They completely ignore the access management part and you could argue that is a larger problem and it is far from solved. So we completely agree. Identity management, a problem that's been solved over the last 15 years and solved well by great companies like Microsoft and Okta and Auth0. And we're best friends with them. We basically pick up where they leave off. We do the access management part. >> So the access management part, what specifically, what what am I getting when I engage with your team and your product? >> Yep. So basically I, authentication is all about proving that you are, who you say you are through a password or something else, you know, biometric. And that part is done. We basically pick up where that leaves off. So once you know who you are, once you've proven to a system that you are Keith. Now, what can Keith do? What roles, what permissions, , what operations can Keith perform on what resources? That's a harder problem. And that's the problem that we focus on. So for example, if you have a SaaS app - let's say you're building, you know an applicant tracking system and you Keith are an owner of some job descriptions and you have some candidates, but  somebody else has a different set of candidates and an admin, maybe has visibility at everything. How do you build that system? That actually is a pretty hard problem. And how do you build it to enterprise grade? That's where we come in. We basically have an end-to-end solution that gives you cloud native, end-to-end authorization that's built to enterprise grade. >> So when I think of this capability, I can't help but to think of AWS IAM and I'm in AWS IAM, I get my security role, and now I can assign to an EC2 instance, the ability to access some other AWS service or identity. So role based identity - are you giving me that type of capability? >> For everything else. So AWS IAM for AWS resources right? Google IAM for Google Resources. Azure has a similar system but they're all infrastructure focused. And what we're trying to do is bring that to your domain specific resources, right? So you, as an application builder, you have the things that correspond  you're not doing VMs, you're not doing storage arrays, you're not doing networks. You have higher level constructs, right. You know, like I said, if you're building Lever or Greenhouse, you have candidates and jobs and reports and things like that. So we basically allow you to create this fine grained access control, but for your own objects. >> So where's the boundaries? Let's say that I have a container or microservice that is a service and it has a role, it has an identity on my network. And there is a cloud based service, let's say a, a cloud SQL. And I want to do authentication across the two or can I only have the boundaries within my private infrastructure or does that boundary extend to the public cloud as well? >> It extends everywhere, right. So basically, you know, if you think about all the different hops here, you know, Zero Trust is the, the rage, right? And that encourages defense in depth. So you have an access proxy that does some type of authorization. Then you have an API Gateway that has a little bit more context, a little bit more authorization. For us we live inside of the application. So the application calls us, we give you a sidecar, you deploy it right next to your application. It gives you, you know, sub-millisecond response time, a hundred percent availability, all the authorization decisions are done with full context about who the user is and what resource they're trying to access. And so our sidecar will give you a response back, allow or deny, and then downstream from us, you could basically talk to another microservice. And at that point you're doing machine identities, right? So you may have a different authorization policy for those, only you know these particular services, are allowed to talk to these other services. And so we solve both the, you know authorization for machine identities as well as authorization for human identities. >> All right Omri are you ready for Q Clock? >> I sure am! >> Oh, I like the energy. >> Bring it on. >> You know, there have been many before you, they have failed the test. >> All right. I mean, they brought, they've brought the energy. You have the energy but do you have the ability to survive the clock? >> I'm going to do my best. >> So I'm going to say start the clock. I haven't said, said start cube clock yet, but when I say it, you have 60 seconds. There's no start overs. There's no repeats. The pressure's on, you ready? >> All right. I'm ready. >> Ready? Start Cube Clock. >> All right. If you are a VP of Engineering or a CTO or run a security or engineering organization what are you doing for roles and permissions? You're building it on your own, right? >> Tough times never last, tough people always do, and you're, you're delaying, you're letting me break you up. >> All right, I'm not going to let you break me up. Great. So you don't want to build it yourself. You don't want to build it yourself. Why would you spend engineering time? Why would you spend, you know, the- >> You deserve a seat at the table. >> No but look, why would you ever spend your time building something that is not differentiating your application? Instead use something like Aserto, just dear God use something, use a developer API. Don't build it yourself because what are you doing? You're reinventing the wheel, you know. You want to get out of the business of reinventing the wheel. >> Crawl before you walk. (Omri laughs) >> You think so? I think, I think you have to go you know, make sure that you spend your engineering resources on the things that matter and the things that matter are. >> Time up. >> Yep. >> You know what? You threw three great curve balls and struck me out. Great job. (Omri laughs) You, you, you just knocked it out the park. Great job Omri, I appreciate you coming in, stopping by, sharing your company's journey about authorization and authorization services and getting kind of this cloud capability, the cloud native. >> I appreciate your time as well Keith, always a pleasure. >> From Valencia Spain, I'm Keith Townsend, and you're watching theCUBE, the leader in high tech coverage. (soft instrumental music)

(upbeat music) >> Welcome everyone to theCUBE presentation of the AWS Startup Showcase, the theme here is Data as Code. This is season two, episode two of our ongoing series covering the exciting startups from the AWS ecosystem. And talk about the future of data, future of analytics, the future of development and all kind of cool stuff in Multicloud. I'm your host, John Furrier. Today we're joined by Ed Bailey, Senior Technology, Technical Evangelist at Cribl. Thanks for coming on the queue here. >> I thank you for the invitation, thrilled to be here. >> The theme of this session is the observability lake, which I love by the way I'm getting into that in a second. A breach investigation's best friend, which is a great topic. Couple of things, one, I like the breach investigation angle, but I also like this observability lake positioning, because I think this is a teaser of what's coming, more and more data usage where it's actually being applied specifically for things here, it's observability lake. So first, what is an observability lake? Why is it important? >> Why it's important is technology professionals, especially security professionals need data to make decisions. They need data to drive better decisions. They need data to understand, just to achieve understanding. And that means they need everything. They don't need what they can afford to store. They don't need not what vendor is going to let them store. They need everything. And I think as a point of the observability lake, because you couple an observability pipeline with the lake to bring your enterprise of data, to make it accessible for analytics, to be able to use it, to be able to get value from it. And I think that's one of the things that's missing right now in the enterprises. Admins are being forced to make decisions about, okay, we can't afford to keep this, we can afford to keep this, they're missing things. They're missing parts of the picture. And by bringing, able to bring it together, to be able to have your cake and eat it too, where I can get what I need and I can do it affordably is just, I think that's the future, and it just drives value for everyone. >> And it just makes a lot of sense data lake or the earlier concert, throw everything into the lake, and you can figure it out, you can query it, you can take action on it real time, you can stream it. You can do all kinds of things with it. Verb observability is important because it's the most critical thing people are doing right now for all kinds of things from QA, administration, security. So this is where the breach piece comes in. I like that's part of the talk because the breached investigation's best friend, it implies that you got the secret sourced to behind it, right? So, what is the state of the breach investigation today? What's going on with that? Because we know breaches, we see 'em out there, but like, why is this the best friend of a breach investigator? >> Well, and this is unfortunate, but typically there's an enormous delay between breach and detection. And right now, there's an IBM study, I think it's 287 days, but from the actual breach to detection and containment. It's an enormous amount of time. And the key is so when you do detect a breach, you're bringing in your instant, your response team, and typically without an observability lake, without Cribl solutions around observability pipeline, you're going to have an incomplete picture. The incident response team has to first to understand what's the scope of the breach. Is it one server? Is it three servers? Is it all the servers? You got to understand what's been compromised, what's been the end, what's the impact? How did the breach occur in the first place? And they need all the data to stitch that together, and they need it quickly. The more time it takes to get that data, the more time it takes for them to finish their analysis and contain the breach. I mean, hence the, I think about an 87, 90 days to contain a breach. And so by being able to remove the friction, by able to make it easier to achieve these goals, what shouldn't be hard, but making, by removing that friction, you speed up the containment and resolution time. Not to mention for many system administrators, they don't simply have the data because they can afford to store the data in their SIEM. Or they have to go to their backup team to get a restore which can take days. And so that's-- It's just so many obstacles to getting resolution right now. >> I mean, it's just, you're crawling through glass there, right? Because you think about it like just the timing aspect. Where is the data? Where is it stored and relevant and-- >> And do you have it at all? >> And you have it at all, and then, you know, that person doesn't work anywhere, they change jobs. I mean, who is keeping track of all this? You guys have now, this capability where you can come in and do the instrumentation with the observability lake without a lot of change to the environment, which is not the way it used to be. Used to be, buy a tool, build a platform. Cribl has a solution that eases the struggles with the enterprise. What specifically is that pain point? And what do you guys do specifically? >> Well, I'll start out with kind of example, what drew me to Cribl, so back in 2018. I'm running the Splunk team for a very large multinational. The complexity of that, we were dealing with the complexity of the data, the demands we were getting from security and operations were just an enormous issue to overcome. I had vendors come to me all the time that will solve your problems, but that means you got to move to our platform where you have to get rid of Splunk or you have to do this, and I'm losing something. And what Cribl stream brought into, was I could put it between my sources and my destinations and manage my data. And I would have flow control over the data. I don't have to lose anything. I could keep continuing use our existing analytics tools, and that sense of power and control, and I don't have to lose anything. I was like, there's something wrong here. This is too good to be true. And so what we're talking about now in terms of breach investigation, is that with Cribl stream, I can create a clone of my data to an object store. So this is in, this is almost any object store. So it can be AWS, it could be the other vendor object stores. It could be on-prem object stores. And then I can house my data, I can house all my data at the cheapest possible price. So instead of eating up my most expensive storage, I put all my data in my object store. And I only put the data I need for the detections in my SIEM. So if, and hopefully never, but if you do have a breach, lock stream has a wonderful UI that makes a trivial to then pick my data out of my object store and restore it back into my SIEM so that my IR team has to develop a complete picture of how the breach happen. What's the scope? What is their lateral movement and answer those questions. And it just, it takes the friction away. Just like you said, just no more crawling over glass. You're running to your solution. >> You mentioned object store, and you're streaming that in. You talk about the Cribble stream tool. I'm assuming there when you're streaming the pipeline stuff, but is there a schema involved? Is there database challenges? What, how do you guys look at that? I know you're vendor agnostic. I like that piece, you plug in and you leverage all the tools that are out there, Splunk, Datadog, whatever. But how about on the database side, what's the impact there? >> Well, so I'm assuming you're talking about the object store itself, so we don't have to apply the schema. We can fit the data to whichever the object store is. We structure the data so it makes it easier to understand. For example, if I want to see communications from one IP to another IP, we structure it to make it easier to see that and query that, but it is just, we're-- Yeah, it's completely vendor neutral and this makes it so simple, so simple to enable, I think-- >> So no pre-defined schema needed. >> No, not at all. And this, it made it so much easier. I think we enabled this for the enterprise. I think it took us three hours to do, and we were able to then start, I mean, start cutting our retention costs dramatically. >> Yeah, it's great when you get that kind of value, time to value critical and all the skeptics fall to the sides pretty quickly. (chuckles) I got to ask you, well, go ahead. >> So I say, I mean, previously, I would have to go to our backup team. We'd have to open up a ticket, we'd have to have a bridge, then we'd have to go through the process of pulling tape and being, it could take, you know, hours, hours if not days to restore the amount of data we needed. And just it, you know, we were able to run to our goals, and solve business problems instead of focusing on the process steps of getting things done. >> Right, so take me through the architecture here and some customer examples, 'cause you have the Cribble streaming there, observability pipeline. That's key, you mentioned that. >> Yes. >> And then they build out these observability lakes from that. So what is the impact of that? Can you share the customers that are using that solution? What are they seeing for benefits? What are some of the impact? Can you give us some specifics? >> I mean, I can't share with all the exact customer names. I can definitely give you some examples. Like referenceable conference would be TransUnion, so that I came from TransUnion. I was one of the first customers and it solved enormous number of problems for us. Autodesk is another great example. The idea that we're able to automate and data practices. I mean, just for example, what we were talking about with backups. We'd have to, you have to put a lot of time into managing your backups in your inner analytics platforms, you have to. And then you're locked into custom database schemas, you're locked into vendors. And it's also, it's still, it's expensive. So being able to spend a few hours, dramatically cut your costs, but still have the data available, and that's the key. I didn't have to make compromises, 'cause before I was having to say, okay, we're going to keep this, we're going to just drop this and hope for the best. And we just don't, we just didn't have to do that anymore. I think for the same thing for TransUnion and Autodesk, the idea that we're going to lower our cost, we're going to make it easier for our administrators to do their job and so they can spend more time on business value fundamentals, like responding to a breach. You're going to spend time working with your teams, getting value observability solutions and stop spending time on writing custom solutions using to open source tools. 'Cause your engineering time is the most precious asset for any enterprise and you got to focus your engineering time on where it's needed the most. >> Yeah, and they can't underestimate the hassle and cost of ownership, of swapping out pre-existing stuff, just for the sake of having a functionality. I mean that's a big-- >> It's pain and that's a big thing about lock stream is that being vendor neutral is so important. If you want to use the Splunk universal forwarder, that's great. If you want to use Beats, that's awesome. If you want to use Fluentd, even better. If you want to use all three, you can do that too. It's the customer choice and we're saying to people, use what suits your needs. And if you want to write some of your data to elastic, that's great. Some of your data to Splunk, that's even better. Some of it to, pick your pick, fine as well or Exabeam. You have the choices to put together, put your own solutions together and put your data where you need it to be. We're not asking you only in our ecosystem to work with only our partners. We're letting you pick and choose what suits your business. >> Yeah, you know, that's the direction I was just talking about the Amazon folks around their serverless. You know, you can use any tool, you know, you can, they have that core architecture for everything, the S3 and then pick whatever you want to use. SageMaker, just that other thing. This is the new way. That's the way it has to be to be effective. How do you guys handle that? What's been the reaction from customers? Do they like, roll their eyes and doubt you guys, or can you do it? Are they skeptical? How fast can you convert 'em over? (chuckles) >> Right, and that's always the challenge. And that's, I mean, the best part of my day is talking to customers. I love hearing and feedback, what they like, what they don't and what they need. And of course I was skeptical. I didn't believe it when I first saw it because I was like this, you know, because I'm, I was used to being locked in. I was used to having to put a lot of effort, a lot of custom code, like, what do you mean? It's this easy? I believe I did the first, this is 2018, and I did our first demos, like 30 minutes in, and I cut about 1/2 million dollars out of our license in the first 30 minutes in our first demo. And I was stunned because I mean, it's like, this is easy. >> Yeah, I mean-- >> Yeah, exactly. I mean, this is, and then this is the future. And then for example, we needed to bring in so like the security team wanted to bring in a UBA solution that wasn't part of the vendor ecosystem that we were in. And I was like, not a problem. We're going to use log stream. We're going to clone a copy of our data to the UBA solution. We were able to get value from this UBA solution in weeks. What typically is a six month cycle to start getting value. And it just, it was just too easy and the best part of it. And the thing is, it just struck me was my engineers can now spend their time on delivering value instead of integrations and moving data around. >> Yeah, and also we can spend more time preventing breaches. But what's interesting is counterintuitive here is that, if you, as you add more flexibility and choice, you'd think it'd be harder to handle a breach, right? So, now let's go back to the scenario. Now you guys, say an organization has a breach, and they have the observability pipeline, They got the lake in place, your observability lake, take me through the investigation. How easy is it, what happens? How they start it, what goes on? >> So, once your SOC detects a breach, then they bring in the idea. Typically you're going to bring in your incident response team. So what we did, and this is one more way that we removed that friction, we cleaned up the glass, is we delegate to the instant response team, the ability to restore, we call it-- So if Cribl calls it replay, we play data at our object store back into your SIEM. There's a very nice UI that gives you the ability to say, "I want data from this time period, at this time period, I want it to be all the data." Or the ability to filter and say, "I want this, just this IP." For example, if I detected, okay, this IP has been breached then I'm going to pull all the data that mentions this IP and this timeframe, hit a button and it just starts. And then it's going to restore how as fast your IOPS are for your solution. And then it's back in your tool, it's back in your tool. One of the things I also want to mention is we have an amazing enrichment capability. So one of the things that we would do is we would've pipelines so as the data comes out of the object store, it hits the pipeline, and then we enrich it. We hit use GoIP information, perverse and NAS. It gets processed through threat Intel feed. So the data's already enriched and ready for the incident response people to do their job. And so it just, it bamboozle the friction of getting to the point where I can start doing my job. >> You know, at this theme, this episode for this showcase is about Data as Code. And which is, you know, we've been, I've been saying this on theCUBES for since it was being around 13 years ago, that developers are going to be dealing with data like they deal with software code, and you're starting to see, you mentioned enrichment. Where do you see Data as Code going? How relevant in it now, because we really talking about when you add machine learning in here, that has to be enriched, and iterated on too. We're talking about taking things off a branch and putting it back into the core. This is a data discussion, this isn't software, but it sounds the same. >> Right, and this is something that the irony is that, I remember first time saying it to an auditor. I was constantly going with auditors, and that's what I described is I'm going to show you the code that manages the data. This is the data's code that's going to show you how we transform it, how we secure it, where the data goes, how it's enriched. So you can see the whole story, the data life cycle in one place. And that's how we handled our orders. And I think that is enormously, you know, positive because it's so easy to be confused. It's so easy to have complexity to get in the way of progress. And by being able to represent your Data as Code, it's a step forward 'cause the amount of data and the complexity of data, it's not getting simpler, it's getting more complex. So we need to come up with better ways to handle it. >> Now you've been on both sides of the fence. You've been in the trenches as customer, now you're a supplier with Great Solution. What are people doing with this data engineering roles? Because it's not enough data engineering. I mean, 'cause if you say Data as Code, if you believe that to be true and many people do, we do. And you looked at the history of infrastructure risk code that enabled DevOps, AIOps, MLOps, DataOps, it's happening, right? So data stack ops is coming. Obviously security is huge in this. How does that data engineering role evolve? Because it just seems more and more that there's going to be a big push towards an SRE version of data, right? >> I completely agree. I was working with a customer yesterday, and I spent a large part of our conversation talking about implementing development practices for administrators. It's a new role. It's a new way to think of things 'cause traditionally your Splunk or elastic administrators is talking about operating systems and memory and talking about how to use proprietary tools in the vendor, that's just not quite the same. And so we started talking about, you need to have, you need to start getting used to code reviews. Yeah, the idea of getting used to making sure everything has a comment, was one thing I told him was like, you know, if you have a function has to have a comment, just by default, just it has to. Yeah, the standards of how you write things, how you name things all really start to matter. And also you got to start adding, considering your skillset. And this is some mean probably one of the best hire I ever made was I hired a guy with a math degree, because I needed his help to understand how do machine learning works, how to pick the best type of algorithm. And I think this is going to evolve, that you're going to be just away from the gray bearded administrator to some other gray bearded administrator with a math degree. >> It's interesting, it's a step function. You have a data engineer who's got that kind of capabilities, like what the SRA did with infrastructure. The step function of enablement, the value creation from really good data engineering, puts the democratization playback on the table, and changes, >> Thank you very much John. >> And changes that entire landscape. How do you, what's your reaction to that? >> I completely agree 'cause so operational data. So operational security data is the most volatile data in the enterprise. It changes on a whim, you have developers who change things. They don't tell you what happens, vendor doesn't tell you what happened, and so that idea, that life cycle of managing data. So the same types of standards of disciplines that database administrators have done for years is going to have, it has to filter down into the operational areas, and you need tooling that's going to give you the ability to manage that data, manage it in flight in real time, in order to drive detections, in order to drive response. All those business value things we've been talking about. >> So I got to ask you the larger role that you see with observability lakes we were talking before we came on camera live here about how exciting this kind of concept is, and you were attracted to the company because of it. I love the observability lake concept because it puts all that data in one spot, you can manage it. But you got machine learning in AI around the corner that also can help. How has all this changed in the landscape of data security and things because it makes a lot of sense, and I can only see it getting better with machine learning. >> Yeah, definitely does. >> Totally, and so the core issue, and I don't want to say, so when you talk about observability, most people have assumptions around observability is only an operational or an application support process. It's also security process. The idea that you're looking for your unknown, unknowns. This is what keeps security administrators up at night is I'm being attacked by something I don't know about. How do you find those unknown? And that's where your machine learning comes in. And that's where that you have to understand there's so many different types of machine learning algorithms, where the guy that I hired, I mean, had started educating me about the umpteen number of algorithms and how it applies to different data and how you get different value, how you have to test your data constantly. There's no such thing as the magical black box of machine learning that gives you value. You have to implement, but just like the developer practices to keep testing and over and over again, data scientists, for example. >> The best friend of a machine learning algorithm is data, right? You got to keep feeding that data, and when the data sets are baked and secure and vetted, even better, all cool. Had great stuff, great insight. Congratulations Cribl, Great Solution. Love the architecture, love the pipelining of the observability data and streaming that in to a lake. Great stuff. Give a plug for the company where you guys are at, where people can get information. I know you guys got a bunch of live feeds on YouTube, Twitch, here in theCUBE. Where else can people find you? Give the plug. >> Oh, please, please join our slack community, go to cribl.io/community. We have an amazing community. This was another thing that drew me to the company is have a large group of people who are genuinely excited about data, about managing data. If you want to try Cribl out, we have some great tool. Try Cribl tools out. We have a cloud platform, one terabyte up free data. So go to cribl.io/cloud or cribl.cloud, sign up for, you know, just never times out. You're not 30 day, it's forever up to one terabyte. Try out our new products as well, Cribl Edge. And then finally come watch Nick Decker and I, every Thursday, 2:00 PM Eastern. We have live streams on Twitter, LinkedIn and YouTube live. And so just my Twitter handle is EBA 1367. Love to have, love to chat, love to have these conversations. And also, we are hiring. >> All right, good stuff. Great team, great concepts, right? Of course, we're theCUBE here. We got our video lake coming on soon. I think I love this idea of having these video. Hey, videos data too, right? I mean, we've got to keep coming to you. >> I love it, I love videos, it's awesome. It's a great way to communicate, it's a great way to have a conversation. That's the best thing about us, having conversations. I appreciate your time. >> Thank you so much, Ed, for representing Cribl here on the Data as Code. This is season two episode two of the ongoing series covering the hottest, most exciting startups from the AWS ecosystem. Talking about the future data, I'm John Furrier, your host. Thanks for watching. >> Ed: All right, thank you. (slow upbeat music)

(upbeat music) >> Hey guys and girls. Welcome back to theCUBE's coverage of Coupa Inspire 2022, from the Cosmopolitan, in bustling Las Vegas. Lisa Martin here, and as I mentioned, day two of our coverage and fresh from the main stage, Raja Hammoud joins me, the Executive Vice President of products at Coupa. Raja, welcome back to theCUBE and happy 10th anniversary at Coupa. >> Oh, thank you, thank you, thank you, and welcome back to Inspire. >> Thank you. It's so great- >> We're so happy you're here. >> It's great to be here. So you're just about coming up on your 10 anniversary with Coupa. You showed some great photos of your time there but you've seen, you've lived the evolution that is this rocket ship that's Coupa. >> Raja: It's been incredible journey. I really couldn't believe at first it's been 10. This is the longest I've ever been anywhere. And I honestly feel more refreshed and excited than even when I joined back in the day 10 years ago. And so much has changed, but also so much has not. >> Lisa: Yeah. >> The size of course. We were like 60 people when I joined, the product development team was one person in, in a product, roughly 12 engineers, and fast forward to the scale that's today, it's phenomenal difference. But what has not changed is the, the core values, how, the hustle, how people love working with each other, how we support customers, how we keep stepping up our game how we believe none of us is as smart as all of us, and the community keeps getting stronger and stronger. It's been, it's been really exciting journey. >> The theme of none of us is as smarter as all of us, I'm not sure if I got that right, but the idea is you feel that when you're talking to Coupa partners, I've had the opportunity to talk with Coupa partners and customers and Coupa folks that, that is not just a value statement, people are living that. >> Raja: Yeah. It's, it's everywhere. In the, in the company walls, outside the company walls, you often see product people in different organizations where, they start living in an ivory tower, they think they know everything, I mean, back to what we were discussing earlier about Barbara, when she talked about, get out of your doors, right? A lot of people can tend to do that. We always, from the beginning, believed in the best ideas are out there and you collaborate with each other. And I truly, truly believe that the success that we have achieved today to our community is in a large, large part, because we believed in that. So like on Monday, we hosted, I can't keep track of the number now, so, so many in-parallel Community Advisory Board meetings, and just talking to the products managers and everybody is buzzing with new ideas. And when we go back, there's so much new innovation that has just been co-created here in this conference, and this keeps going on and on and on. >> Lisa: Yeah. I like how you call it, the Community Advisory Board. I'm still used to hearing CAB as Customer Advisory Board, but what Coupa has built, especially with the launch of the Moonshot, the, the community AI, is, is just that. >> Yes. >> It's a very collaborative community. One of the things that's around here, hashtags everywhere, but #United by the Power of Spend. >> Yes. >> What does that mean to you as the EVP of products, and what do you think that means to the community? >> When I think... What we are doing, we're building this platform that is powering all these businesses out there. And the reality of it is you can only, only do so much when you try to do things alone. When we are doing things together, we are way more successful, we are more profitable, we are more sustainable, we are more efficient. And community.ai from a technology standpoint, is making that happen, because what we are doing is taking AI, applying it to all this 3.3 trillion in data, and then bringing back prescriptions that we give back to each and every customer so that everybody can see where they are, how they up their games, and we connect them with other people like them. Now, people love coming to conferences like this, but even in conferences like this, if you think about it, the people you're going to meet, it's, some people are going to do matchmaking but you are also losing an opportunities of meeting the maximum number of people who've done exactly the thing that you did. But when you have the ability to look at all of that data and you can match make people. So we did that already with, for sourcing professionals. So if you are somebody who source a certain category, we can tell somebody else has done something like this in this geography and we offer you to connect to each other. >> Lisa: Wow. >> So this is incredibly powerful way where we are really uniting the whole community by spend, making everybody truly stronger together. >> Lisa: Matchmaker in, in a sense. >> It is matchmaking. >> But it's, but it's- >> It's Spend matchmaking. >> Spend matchmaking, but it's also the opportunity to unite professionals across sourcing, procurement- >> Raja: Yes. >> ... finance, treasury. >> Raja: Yes. >> To your point, and, and Rob said this in his keynote, and he said it here on theCUBE, you know, we've got to break down these silos. >> Raja: Yes. >> People and companies functioning in silos are not going to be successful. >> Raja: Yes. This has been one of the, probably one of the things that we were talking earlier, what has changed, what hasn't. This is one of the fundamental things that has never changed since I've joined. The vision has been very clear. The execution on it, of how we drive successful business spend management program is by breaking down the silos and this idea of sweet synergy, where in product, you start building these capabilities that helps these professionals in the different organizations to actually connect on the touch points, where, where things really matter. >> Lisa: Sweet synergy, was that thing from a concept perspective, did that come from the community, in terms of Coupa going, this is actually what's happening, this synergy across the BSM suite? >> Yes. So in the very beginning, it was early idea. I would say in the first two Inspires that we did, we hadn't given it actually the name itself, and we used to call it unified capabilities, and it started with the first silos we broke down. The first silos we broke down were procurement and AP. And they didn't even used to talk in the same room or even want to care about each other. So we started building so many capabilities that brought these teams together and little by little the community started to feel that and see the value of that. And then the community started to ask us to go break down more silos. So in the beginning, I would say the, the vision before I even joined, the company was on that trajectory. And the early customers saw that and they championed it and then they drove us to do more. So they came to us and said could you please do what you did here in contract? Could you please do what you did here in sourcing? And I was in a meeting last week, a leadership meeting, and one question was asked to leaders in the services team about what are they hearing about, from the customers, about a particular area. And it was music to our ears when we heard the customers are asking for more synergy, right? So, they even have the name for it and they're asking for more and more, and we have built hundreds of these already, but the reality is there is so much opportunity. >> Lisa: Right. >> The world is siloed, no technology has attempted to do that. And I think that's what's a exciting is to go and forge new grounds and do something very special to unite everyone together. >> You guys talked about the waves. Rob talked about the waves yesterday. You talked about it again this morning. And when I think of Inspired community, as that third wave, I see it on both sides. I see the Inspired community that is the Coupa community, but also what you just talked about, that flywheel of that sort of symbiotic relationship that you guys have with your customers as Coupa in and of itself being in a community inspired by the community that it has built. >> Raja: Yes, it's, it's very, very, it's a circular effect. Like it, we inspire one another, and we strengthen one another, and it's, it's just a beautiful, beautiful thing. One of the special things that we are starting to do is we want to take the whole product experience itself, to be a complete community experience. So anywhere you are going to Coupa, when it makes sense, of course, you are not only looking at your data, you are getting connected with people for that particular thing. So we've done that already for 15 different product areas and we're constantly doing more and more and more and more. You can imagine one day we can, where we can start within the product pages themselves, where we host community experts to talk via video and connect with others. So you bring that whole community experience alive in a product in enterprise software, which has not been done. >> Kind of like creating your own influencer network. >> Yes, yes, yes. And give people their voice and, and, and it becomes exciting. It is very different when you're just working on your own and driving goals, and you have no idea how good that can pass on the world. And then when right then and there, you get to learn that some people have hit that, some people have achieved these goals, you just get excited, "I want to hit that goal too. Who are these people? Connect me with these leaders. Let's have a conversation. How did they do it?" And they start creating best practices together. We even have started places where they collaborate on actual documents and templates, and they put them in the community exchange as a way for people to share with others, even taking templates from the product putting them back into a community exchange. So it is sharing, being enabled on the platform, platform itself. >> Lisa: How did you guys function during the pandemic, the last two years when we couldn't get together? >> Raja: Yeah. >> I know that your customers are really the lifeblood of Coupa and vice versa. >> Raja: Yes. >> But talk to me about some of the things that Coupa did with its customers, you know, by video conferencing, for example, that really helped the evolution and some of the innovations that you announced this morning. >> When we first... when the pandemic first hit I think like we all didn't believe what, what is going on. And there was this, I would call it a beautiful period in a way, despite how horrific that was, and that period was where everyone rose to the occasion, everybody wanted to help one another. Across Coupa everywhere, we started having documents of how can step up and help our customers, help our communities. We started to look at how we get PPE, and get it in the hands of our customers. We have access to suppliers. We started looking at helping suppliers with digital payments to speed things up. So, so many things we started doing as a community to just help each other. And then as we got to the next level, then we started, of course, starting to do things over, over zoom. And the big surprise, was we were incredibly productive. If anything, we were worried about people feeling burnt out. >> Yeah. >> Because they were just in it, completely in it. And it created a lot of new avenues for us because often you go and do these meetings in person. Now you could have a user experience session with a customer very easily, they're available more often than they used to. >> Lisa: Right. >> So we did not miss a beat with the community. We moved into virtual caps. We had the advantage of having them recorded as well, where we could have the global development teams learn and see exactly what the, what the customers are are co-creating together. And our goal lives accelerated, because a lot of these implementations, they used to happen in person, so schedules, they actually got accelerated- >> Lisa: Right. >> ...through that. Now of course, there is nothing that matches to this. You can do it, you can do a lot, but a ton of the collaboration comes from real life dialogue and kind of conversation. So it's that balance between the two that I think will be great. >> Lisa: What are some of the things that you've heard the last few days? You mentioned the Partners Summit and, and the Community Advisory Boards on Monday, yesterday, everything kicked off today. What are some of the things that you've heard in your meetings that really inspire you on say the next 10 years at Coupa? >> Raja: By far, by far, by far, it's a validation of, that what we are doing is, we're absolutely on target with it, and that, we just can do so much more. The silos are massive and there are so so many opportunities that you hear in every different areas that we could be doing this, we could be doing this together. So we can break down more and more silos. And using community.ai is just the tip of the iceberg of what we are, what we are doing. Yes, we created tens and tens of capabilities, helping, helping the community with all of that, but data drives everything. And when you look at that, every single process in every single silo can be informed by the power of data within your own company, and then even better, data across. And, and to the point where we're talking about concepts that customers are really excited about, even thinking about this community, they're customers of each other. And when you are a customer of each other what are the different ways as a community, you can help one another more. So we're talking about community netting as new types of concepts. >> Lisa: Talk to me a little about that. You mentioned the community netting this morning but I didn't quite... Help me understand. >> Raja: It is very simple terms is if, if we are buying from each other and we have to do money movements every time I have to pay you, I have to incur fees and likewise, but since we are part of this community we can manage that relationship. So we just pay the Delta, we net it out. So it, it saves reconciliation times it saves money movement. And these are tip of the icebergs of these very cool things that we're doing together. >> Wow. That's fantastic. Last question for you, as you talk with prospects who are in the early stages, or, or still determining, do we go through like a supply chain digital transformation? I mean, I think of companies that probably haven't now or need to get on the bandwagon. >> Raja: Yeah. >> What are some of the things that you advise to those customers to be able to do what Mick Ebeling talked about this morning and that is, commit and then figure it out? >> Raja: Yes. The number one thing is just make sure you don't do the analysis paralysis. There are just so many opportunities so many opportunities start with a project, get going, and it creates incredible momentum, and then you can move on from one to another, to another, to another, instead of trying to just go for a year or two, trying to look at how the world has changed in that process. And so often you could see that projects pay for themselves within the first month of go life. You do that, you'll create another one. And it's not like you are coming in to do something so new nobody has done. Hundreds and hundreds and thousands as a matter of fact, of other community members have done that. It is proven. So get started with those and then continue. Other things I will be talking to them about is to make sure that they understand the way we work is all about partnerships spread. Often people who haven't worked with us in the enterprise software, they're used to working with vendors. We are not that. We never were that. Like the number one, if we're not going to be real partners, honest, transparent and work with each other, we don't waste each other's time. >> Lisa: Well, Raja, it's been great having you on the program. I've really enjoyed your keynote this morning. Congratulations on your 10 years at Coupa. >> Raja: Thank you. >> I'm excited to see what the next 10 years brings for you. We appreciate your insites and everything that Coupa is doing in partnership with its customers is very evident in an event like this. >> Raja: Thank you. And thank you for coming and covering us as well. We really appreciate it. >> Lisa: It's our pleasure to be here. >> Thank you. >> For Raja Hammoud, I'm Lisa Martin. You're watching theCUBE's coverage, day two of Coupa Inspire 2022, from Las Vegas. (upbeat music)

(bright music) >> Hello, welcome to theCUBE's presentation of the Unstoppable Domains Partner Showcase. I'm John Furrier host of theCUBE. We're here talking about the metaverse and what it all means, what it brings to the table. We've got two pioneers here in the metaverse breaking it down, doing great stuff. Both co-founders of companies, Noah Gainer, co-founder and CEO Parcel. And CJ Hetherington Co-Founder of Atlantis World, digging deep and doing all the great stuff in the Midwest. Chill and thanks for coming on theCUBE. >> Thank you so much for having us. >> Thanks for having us. >> So, first of all, I want to say congratulations for the work you guys are doing. This is one of the biggest waves we've seen coming on. It's a changing user expectations, it's a changing architecture, it's real technology involved, there's a lot of action. 30% of people at University of California, Berkeley are dropping out of the Computer Science program to get into Web3. This is the biggest technological change, business model change, user experience change. And we've been seeing going back multiple inflection points. This is a big deal. So the metaverse is real. Some people say, "Well, you know, it's not com..." It's coming it's just a matter of time. So let's get into it. What are you guys doing? Tell us about your company's Parcel and Atlantis World. Noah, start with you. >> Sure, so Parcel is a marketplace for virtual real estate. So you can think of something like OpenSea, which everyone is familiar with, but we solely focus on virtual land and virtual real estate in a number of virtual world, maybe part of decent land or the sandbox. So we feature those on our platform and, you know, we take it the next level with the user experience. So we have fully interactive maps. We have price estimates. You can think of it like a estimate on Zillow and in general, we're building the fully verticalized solution for virtual real estate users. And that will extend into rentals, like Airbnbing out your virtual condo or getting a mortgage on your virtual home, as well as, you know, cultivating the community around it. And especially helping empower creators and architects and builders and getting them work and getting their work on display. >> I'm looking forward to digging into that, that sounds very cool. CJ what's Atlantis world doing? What do you got going on? >> Yeah, exactly. So at Atlantis world, we're building the Web3, social metaverse by connecting Web3 with social, gaming, and education in one light web virtual world, that's accessible to everybody. So by going with actually a light web first and a pixel approach so that you can play on mobile or a really old device, because the problem with existing metaverses is that they set an incredibly high cost barrier to entry and also tech isn't necessarily readily available globally in terms of things like VR headsets and gaming PCs. Like for example, when I was in Africa, I travel a lot. If my book would break, it's not even that I couldn't necessarily afford to buy anyone, it's actually not available there. So we're ruling out a lot of the global kind of population from a metaverse experience. And we're building something which is like 3D pixel and super light weight, to kind of bridge that gap and build something which is ready to be massive up till now and onboard billions of users into Web3. So they'll all basically be using Web3 applications in a gamified way and going really hard on connecting that with social features, like voice chat and talking, getting, and virtual events and vaulting and all of that stuff. >> You know, I love what you guys are doing, you're pioneering a whole another area, but what's great about the whole crypto area, is that, since you know, 2017 onwards you saw Ethereum set the developer market started coming in strong. So you start to see that development. And now we got the metaverse. So I got to ask you guys what's the current definition of the metaverse. I mean everyone's... I mean, since Facebook changed their name to Meta, it's been a hype cycle and everyone's like, "Woh..." First of all, you know why they did that. But they're actually putting a lot of DAO in this. This is a wave, we talked about that. But what is the metaverse? How do you describe it? Why is it relevant? Virtual real estate, that sounds cool. What does this all come together? Explain it for the people out there that might not be getting it right. >> Yeah, I feel like for me, the critical difference between an ordinary gamer, what one might think of as game and a metaverse is actually Web3. For me, Web3 is metaverse. And for me it's really because Web3 enables real world utility, but inside of a virtual environment. So for example, inside of Atlantis, you might run into a DeFi bank and understand by interacting with other game characters, which are programmed to teach you about DeFi and like, what is Avel, how to deposit. And so you're actually getting a real world utility out of doing something in a virtual environment. And for me, that's what really bridges the gap into metaverse. Yeah, I'm really kind of bullish on that. (chuckles) >> Noah, what's your take? Define the current state of the definition of the metaverse? What is the metaverse? >> Yeah, to me, it's the 3D internet. And I do agree with what CJ's saying, how, you know, what makes it the most compelling and will ultimately the most successful is that addition of a blockchain and essentialized, you know, tributed ledger technology. Because you can have the closed metaverse, which nobody wants that future. And I don't believe that will be the future. you know, versus the open metaverse, which is blockchain-based, the users are the owners of the assets and the land and everything around it. And it's really foreign by the people. But I see the metaverse as just an extension of the internet we're already using today but we're going to have hardware that makes it 3D and more immersive like AR and VR. >> Yeah, I think- >> Yeah, definitely- >> Go on CJ. >> Around kind of like eight or nine months ago when we started to build Atlantis, we decided that the metaverse was a virtual world where you could live, work, play, and earn, and that's what we've been building. It started off as like building the metaverse that has DeFi and over the kind of time it's gone on our community has grown, we've started to understand the future of our product and our mission and values. It started to become the Web3 metaverse, right? And then on top of that, the Web3 social metaverse, so it's a combination of what all these things. >> You know, it's interesting. And I'm a little bit older than you guys, I wish I was your age, but when the web came along, people were saying the same thing. That the web's terrible. It's a stupid thing. It's never going to be real. And yeah, there was problems. It was slow to dial up back in the day. But yeah, now with gaming, I got to say, I had to look at the gaming evolution being a gamer myself, old school, I guess, but the gaming culture is proxy to what I see kind of happening in the metaverse. And let me get your reaction to that. I'm not saying directly, but you saw what gaming did, right? In game currency, some, you know, pockets of the same kind of dynamic where a lot of value is happening, the expectations were different for users. So how does the metaverse... How does gaming cross over? What's the ecosystem of metaverse? Obviously it's a cultural shift, one. Infrastructure, two. But I can just see this new generation of thinking. It's a whole nother level. Can you guys share your thoughts on that riff? >> Absolutely. Yeah, absolutely. It's like for us, we really believe that we can enable a social revolution, where workers from impoverished and remote regions can actually be onboarded into these digital player to earn economies and also learn to earn economies. So it's about leveraging Web3 and blockchain gaming, whatever actually you want to call it, to enable this revolution and actually onboard new people into a completely new working and dynamic. One of the other things we envision for Atlantis, imagine like you run around this game world and you complete quests inside of the game. And these quests basically involve talking to the non-player characters, the NPCs, which are basically pre-programmed. I don't know if anyone's ever played an MMORPG before, but it can be super fun. And they'll actually teach you how to use different crypto applications. Whether that's a DeFi bank, NFT marketplace, kind of digital asset exchange. And once you all do that, the kind of end goal in vision is that you'll be rewarded with tokens. So users will earn crypto for learning about crypto. And if anybody wants to do that right now, they can actually go to rabbithole.gg. It's a different project to Atlantis, but they building learn to earn, and you go on you complete quests and interact with different crypto applications. And it's so crucial for onboarding. And yeah, it's going to be really powerful, the kind of revolution that play to earn and learn to earn will enable. >> I'll check out the rabbihole.gg sounds awesome. What's your take on the reaction to that riff on this convergence of culture tech, gaming, vibe that's kind of divine the metaverse what's your take on that, Noah? >> Yeah, I mean... I think gaming will be the on ramp for maybe the first billion people, you know, into blockchain. It's something people already do and are already paying for, and they now have the opportunity to get paid to play. So the incentives are extremely strong and I think that will be a great way to usher people in, teach 'em about blockchain without realizing that they're using blockchain. And then once they're already in it and have already used it, then it becomes much more natural to user than other applications. >> It's funny, people always talk about, "Oh, user experience!" You know, expectations drive experience, right? If you expect something and if they're used to gaming, I see the great, great call out there, good point. Well, let me ask you guys a question, 'cause I think this is comes out a lot in terms of like the market shifts and metaverse, as an old expression, "Great markets pull the products out of companies or out of the industry." What organic growth have you guys seen in the metaverse that's been either a surprise or a natural evolution of just success and just growth, because the market's hungry for this and it is relevant. It's new, what's pulling out? What's coming out of the organic aspect of the metaverse? >> I think a lot of art and architecture and design. And, you know, it's empowering a lot of independent creators and allowing 'em to stretch their skills in a way that they maybe couldn't do before, but now can do and get compensated for. Like, we see really see the rise of the creator coming in the next couple of years in the open metaverse and finally they will be the ruling class. They won't get the short end of the stick, which artists have for... I mean all the time. >> Yeah, some of the wall street bet skies in the same way, feel the same way. CJ, What's your take on... What's getting pulled out on the organic execution growth of the interactions and metaverse evolution? >> Of course, yeah. I would, first of all love to go back to the previous point on gaming and just kind of like, definitely agree with what Noah said. And the thing is that gaming is 3.4 billion user market, and they're typically an experimental by nature people and group of users, right? So it's definitely a huge onboarding opportunity for teaching users about Web3 and using Web3 in a gamified way and making that kind of inherently fun and engaging. And again, in terms of organic growth, Web3 is incredible for that. We place a huge emphasis on, I think, collaborate versus compete and try to enable network effects for everybody who is involved in Atlantis and becoming part of our fast growing ecosystem. Like we have eight blockchain, more than 10 DeFi apps, like Aave, Yearn, Balanced, 1inch, Perpetual. All of the DAOs like The Exile, MetaCartel, lobsterdao, PizzaDAO, all of the NFT communities. Like we're actually building a yacht for bought yacht club on the beach in Atlantis. So that's fun. But yeah, we grew our community. We're very early stage still. We've been building only for eight or nine months, but we grew our community to like 20 to 30,000 community members across social channels. And we recently raised over a million dollars from our community and we're fully bootstrapped and taken no private money. So the ability to actually do that and to coordinate both kind of community efforts and fundraising and resources is really testament to Web3 and what it's becoming in the community aspect of that. And also its future and the kind of dawn and domination of the Metaverse. >> Well, I got to say, I just got to give you props for that. I think that fundraising dynamic is a real entrepreneurial new thing, that's awesome. You've got active community vote with their contribution and whether it's money and or other value, right? You got social value. This is the whole thing about the metaverse, there's a new community culture going next level here. >> We believe in community and we believe in Web3. And we know we don't understand why most leading metaverses are focusing fully on huge IP and actually ignoring Web3. So we're actually trying to build the infrastructure layer for Web3 applications and for Web3 driven utility inside of the metaverse. And what we mean by that imagine that any developer or any project or any team or any company could occupy a plot for free inside of the metaverse, customize it by branding and then effectively set up shop, whether that's a Web3 integration, so it's a DeFi Bank, or it's an exchange. Or whether that's an NFT marketplace or a music venue or a coworking space. We're really excited about that. And we really believe we've designed the value capture mechanism for virtual land in the metaverse and we're approaching it in a different way to land in the real world. >> That's awesome. Well, let's get that infrastructure conversation, unstoppable domains obviously there having the partner showcase here. You guys are partners. This NFT kind of like access method is a huge... I love it by the way. I think it's phenomenal. I love the value there, but it's also digital identity and it's distributed naming. So you kind of got this enablement vibe, you got solve a problem. How is it working with you guys? Take us through what does unstoppable metaverse... Why does unstoppable matter to the metaverse? >> Yeah, unstoppable is very great mostly for identity and having a kind of crush chain identity inside of the metaverse and just kind of in Web3 in general. And unstoppable, we enable log in with unstoppable. So if you have, for example, an unstoppable domain which is like a human readable kind of crypto wallet address, but you can also do some incredible, stuff with it, and there is a lot of fun and exciting utility, effectively, like if you would have, I don't know, like unstoppable.dao you would be able to use that to log in to the Atlantis metaverse and it would represent some of your identity and social graph in game with your peers. >> Awesome, Noah, what's your take on the unstoppable angle on this? >> Yeah, I mean, it makes it social. So, instead of you can have a feed, you know, something we're thinking about at Parcel is like a feed of all the real estate transactions, and you could follow certain people, you can follow your friends and see a feed of everything that your friends are doing in English or human readable terms that are not just like a wallet address. So, that's obviously a big one and they're also giving people more options in terms of, naming and top level domains if you want to be something.wallet or .nft, or hopefully eventually .metaverse- >> John: Yes. >> Will help expand that ecosystem much more. In addition to like on our... Like backend being able to capture email when they login and to provide better marketing for our users. >> What would you guys say to other metaverse partners looking for work with unstoppable domains for their login and digital identity, what would you recommend? >> It doesn't make sense to- >> I believe- >> Connect with the best DAO and integrate that if you want to keep shipping stuff for your community and keeping it exciting and engaging and enabling user choice in how they choose to display their identity in virtual environments. >> Yeah, there's practically no downside and plenty of upside, again, having those users who are already using unstoppable domains quickly, you know, log into your site and plug in. >> All right. That's awesome. Good stuff with unstoppable. I got to ask you guys give an example of on your products, I love the metaverse progression. I love the pioneering work you guys are doing. And again, the funding things are different. The user expectations are different. The technology experience are different. Billions of people going to be in enabled for it. What are the cool things you guys got going on? CJ, we were talking before we came on camera about the tree thing you got going on. Take us through some of the things that are exciting that people may not know about or may know about. What should they pay attention to share, share some insight? >> Yeah, of course. So one of the fun things, actually that we're building on that on these sites together with our full team and also some outside contributors from the community and two kin protocol, which is a regenerative finance protocol. And I'll get into that a little bit in a minute. Effectively what we're actually doing is planting a carbon capturing virtual forest inside of the metaverse that will in future also be bio diverse. So how we're approaching that is imagine that you can plant NFT trees inside of the metaverse, providing that your will deposit X amount of kind of USD stablecoin or Ether or some digital asset. You can actually use that to deposit inside of the tree. And we will use some, probably something like super fluid, which is like a kind of smart projecting infrastructure platform. And we all essentially enable every single second funds being sent from the contract and actually purchasing real world carbon credits. So legitimate, you know, government bags to carbon credits from the voluntary kind of public market that have actually been bridged on chain, transformed into a crypto asset, and they will be locked away inside of these trees inside of game forever. And in future, we also hope to have like user on animals, roaming the great forest of Atlantis, which will have biodiversity and endangered species credit, locked inside. And we hope to support a variety of different kind of sustainable assets and things like that to really populate this ecosystem. >> So it's you're doing climate change good for real, as well as rendering it as an asset for everyone to see and enjoy. >> Absolutely. And for me, that's what makes the metaverse the metaverse, that's what I talked about. It's how Web3 enables the metaverse to cross over into our real world, ordinary life from URL to IRL and actually provide some incredible positive impact for all of humanity on the planet. >> And Noah, you have some action going on there. I mean, I would be like, "oh, virtual real estate, isn't it unlimited real estate?" But when you have users come together, this value, we've seen this in gaming, what are some of the cool things you got going on over there at Parcel? >> Yeah, I think one thing that stands out, which maybe not enough people are thinking about are AR virtual world. So, right now a lot of people are focused on the VR types, central and sandbox and, and Atlantis, but there very well may be a billion people using augmented reality before there are a billion using virtual reality just because of the nature of the hardware development and apple may come out with their AR headset by the end of the year. So there are a few projects there they've taken the real world to map and Parcel it out into hexagons, and you can actually buy that, and you own that, that piece and you can put your own custom content there. And on that social impact point, we have heard about a few projects that are trying to use it for good. And like one project is bought up some land in the Amazon rain forest and some of the proceeds go to conservation of the rain forest. So, you know, we're all about using blockchain for good and right, coming together as a globe. >> I can't wait to see the commercial real estate division of your group with all the work from, a remote coming on. Guys, great stuff you got going on, again, you guys are pioneering an area that is coming big. It's coming strong, its got a lot of... A momentum, vitality, and energy to it. Put a plug in for your companies. Noah, we'll start with you. What's going on with Parcel, share a plug for the company. What you're looking for, do some key highlights, news, take a minute to, to give a plug. >> Sure. Yeah, great. We are the destination for virtual real estate and that extends well beyond just the buyers and sellers. That's everyone across the whole chain with property managers and property developers, but then also the builders and creators and artists, and we are working right now on aggregating the best creator directory in the metaverse. So you can think of it as a place where artists can come showcase their work and get hired. As well as just generally like bridging this knowledge gap that is much wider than we even expected. So we have our Parcel learn product coming soon, which is a fully fledged, knowledge base with education, informational content and lots of rich data. >> Where can people get involved? What's the channels? Are all channels open? Where can we find you? >> Yeah, our websites Parcel.so on Twitter, you can find us at ParcelNFT and you can link to our discord from either one of those. It's the best way to get involved. >> All right, CJ, put a plug in for the last world, I know you got a lot of action to share. >> Yeah, of course. I would love to see everybody there. Thanks so much for having us. And thanks for listening. Like I said, at the start of the call, we're building the Web3 social metaverse and we're connecting Web3 with social gaming and education, in one light web virtual world that's accessible to everybody. We're also doing some crazy stuff like planting their cabin, capturing virtual forest and all of that, and trying to be the infrastructure layer for Web3 driven real world utility inside of the metaverse. And we believe that we have designed the critical value capture mechanism for virtual learn. I we'll be sharing more all of that very soon and continuing to integrate the best apps from across the Web3 ecosystem and showcasing them at the center of Atlantis. You can go to discord.gg/atlantisworld. If you would love to learn more about us, you can go to wiki.atlantis.world. And there is some documentation now, which includes back story and team and some of our milestones and achievements so far from winning hackathons to raising grants and launching our Alpha belt, soft launching it. And we all have the public free to play coming in March. And where most active, I would say on discord and Twitter. On Twitter you can find us atlantisOx, or just search Atlantis world. And it's the first one that come up. >> All right. CJ, thank you. Noah, thanks for coming out. I really appreciate you spending the time here, and unstoppable showcase and being a partner. Again they got the great digital identity, great plug there for them here. Thanks for sharing that and thanks for sharing the time. Appreciate you guys are pioneer of some good stuff. Appreciate it. >> Thanks so much man. >> I so appreciate that. >> All right, theCUBE's unstoppable domains partner showcase. Thanks for watching. (bright music)

(upbeat music) >> We're back at AWS re:Invent 2021. It's the biggest hybrid event of the year. One of the few physical events and we're psyched to be here. My name is Dave Vellante, and I'm really pleased to bring back the host emeritus, Stu Miniman, somebody I worked with side-by-side, Stu, for 10 years in a setting much like this, many like this. So, good to have you back. >> Dave, it's great to be here with theCUBE team, family here and re:Invent, Dave. I mean, this show, I remember back, Dave, going to you after the first re:Invent we talked, we were like, "We got to be there." Dave, remember the first year we came, the second year of re:Invent, this is the 10th year now, little card tables, gaming companies, all this stuff. You had Jerry Chen on yesterday and Jerry was comparing like, this is going to be like the next Microsoft. And we bet heavy on this ecosystem. And yeah, we all think this cloud thing, it might be real. 20,000 people here, it's not the 50 or 75,000 that we had in like 2018, 2019, but this ecosystem, what's happening in the cloud, multiple versions of hybrid going on with the event and the services, but yeah, phenomenal stuff. And yeah, it's so nice to see people. >> That's for sure. It's something that we've talked about a lot over the years is, and you remember the early days of re:Invent and to this day, just very a strong developer affinity that AWS has done a tremendous job of building that up and it's their raison d'etre, it's how they approach the market. But now you've been at Red Hat for a bit, obviously as well, developer affinity, what have you learned? Specifically as it relates to the cloud, Kubernetes, hottest thing going, you don't want to do an OpenShift commercial, but it's there, you're in the middle of that mix. What have you learned generally? >> Well, Dave, to the comment that you made about developers here, it's developers and the enterprise. We used to have a joke and say, enterprise developer is an oxymoron, but that line between developers doing stuff, early as a cloud, it was stealth computing. It's they're often doing this stuff and central IT is not managing it. So how do the pieces come together? How do apps and infrastructure, how do those pieces come together? And it's something that Red Hat has been doing a long time. Think about the Linux developer. They might've not have been the app developers, the people building Linux and everything, but they had a decent close tie to it. I'm on the OpenShift team. What we do is cloud, Dave, and we've got a partnership here with Amazon. We GAed our native cloud service earlier this year. Andy Jassy helped name it. It is the beautifully named Red Hat OpenShift Service on AWS or ROSA. But we've done OpenShift on AWS for more than five years, basically since we were doing Kubernetes, it's been here because of course customers doing cloud, where are they? A lot of them are here in Amazon. So I've been loving talking to a lot of customers, understanding how enterprise adoption is increasing, how we can enable developers and help them move faster. And yeah, I mean the quick plug on OpenShift is our service. We've got an SRE team that is going to manage all of that. A friend of the program, Corey Quinn, says, "Hey, an SRE team like that, because you don't want to manage as an enterprise." You don't want to manage Kubernetes. Yeah, you need to understand some of the pieces, but what is important to your business is the applications, your data and all those things and managing the undifferentiated heavy lifting. That's one of the reasons you went to the cloud. So therefore changing your model as to how you consume services in the cloud. And what are we seeing with Amazon, Dave? They're trying to build more solutions, simplify deployments, and offer more solutions including with their ecosystem. >> So I want to ask you. You said enterprise developer is kind of an oxymoron, and I remember, years ago I used to hang around with a lot of heads of application development and insurance companies and financial services, pharmaceutical, and they didn't wear hoodies, but they didn't wear suits either. And then when I talked to guys like Jeff Clark, for instance. He talks about we're building an abstraction layer across clouds, blah, blah, blah, which by the way, I think it is the right strategy. I'm like, "Okay, I'll drink some of that Kool-Aid." And then when I come here, we talked to Adam Selipsky. John flew out and I was on the chime. He goes, "Yeah, that's not hybrid. No, this is nothing like, it's not AWS, AWS is cloud." So, square that circle for me, 'cause you're in both worlds and certainly your strategy is to connect those words. Is that cloud? >> Yeah, right. I mean, Dave, we spent years talking about like is private cloud really a cloud? And when we started coming to the show, there is only one cloud. It is the public cloud and Amazon is the paragon of, I don't know what it was. >> Dave: Fake clouds, cloud washing. >> So today, Amazon's putting lots of things into your data center and extending the cloud out to that environment. >> So that's cloud. >> That's cloud. >> What do we call that cloud? What about the reverse? >> What's happening at the edge is that cloud is that extension of what we said from Amazon. If you look at not only Outpost, but Wavelengths and Local Zones and everything else like that. >> Let's say, yes, that's cloud. The APIs, primitives, check. >> Dave, I've always thought cloud is an operating model, not a location. And the hybrid definition is not the old, I did an ebook on this, Dave earlier this year. It's not the decade old NIS definition of an application that spans because I don't get up in the morning as an enterprise and say, "Oh, let me look at the table of how much Google is charging me or Microsoft or Amazon," or wake up one morning and move from one cloud to the other. Portability, follow the sun type stuff, does it ever happen? Yes, but it is rare thing. Applications oftentimes get pulled apart. So we've seen if you talk about AI, training the cloud, then transact and do things at the edge. If I'm in an autonomous vehicle or in a geosynchronous satellite, I can't be going back to the cloud to process stuff. So I get what I need and I process there. The same thing hybrid, oftentimes I will do my transactional activity in the public cloud because I've got unlimited compute capability, but I might have my repository of data for many different reasons, governance or security, all these things in my own data center. So parts of an application might live there, but I don't just span to go between the public cloud in my data center or the edge, it's specific architectural decisions as to how we do this. And by the way the developer, they don't want to have to think about location. I mean, my background, servers, storage, virtualization, all that stuff, that was very much an infrastructure up look of things. Developers want to worry about their code and make sure that it works in production. >> Okay, let me test that. If it's in the AWS cloud and I think it's true for the other hyperscale clouds too, they don't have to think about location, but they still have to think about location on-prem, don't they? >> Well, Dave, even in a public cloud, you do need to worry about sometimes it's like, "Okay, do I split it between availability zones? How do I build that? How do I do that?" So there are things that we build on top of it. So we've seen Amazon. >> I think that's fair, data sovereignty, you have to think about okay. >> Absolutely, a lot of those things. >> Okay, but the experience in Germany is going to be the same as it is in DC, is it not? >> More or less? There are some differences we'll see off and Amazon will roll things out over time and what's available, you've got cloud. >> For sure, though that's definitely true. That's a maturity thing, right? You've talked a bit, but ultimately they all sort of catch up. I guess my question would be is the delta between, let's say, Fed adoption and East Coast, is that delta narrower, significantly narrow than what you might see on-prem? >> The services are the same, sometimes for financial or political things, there might be some slight differences, but yes, the cloud experience should be the same everywhere from Amazon. >> Is it from a standpoint of hybrid, on-prem to cloud, across cloud? >> Many of the things when they go outside of the Amazon data centers are limited or a little bit different or you might have latency considerations that you have to consider. >> Now it's a tug of war. >> So it's not totally seamless because, David Foyer would tell us there, "You're not going to fight physics." There are certain things that we need to have and we've changed the way we architect things because it's no longer the bottleneck of the local scuzzy connection that you have there, it is now (indistinct). >> But the point I'm making is that gets into a tug of war of "Our way is better than your way." And the answer is depends in terms of your workload and the use case. >> You've looked at some of these new databases that span globes and do things of the like. >> Another question, I don't know if you saw the Goldman Sachs deal this morning, Goldman Sachs is basically turning its business into a SaaS and pointing it to their hedge funds and allowing people to access their data, their tools, their software that they built for their own purposes. And now they're outselling it. Similar to what NASDAQ has done. I can't imagine doing that without containers. >> Yeah, so interesting point, I think. At least six years ago now, Amazon launched serverless and serverless was going to take over the world. I dug into the space for a couple of years. And you had the serverless with camp and you had the container camp. Last year at re:Invent, I really felt a shift from Amazon's positioning that many of the abstraction layers and the tools that help you support those environments will now span between Lambda and containers. The container world has been adding serverless functionality. So Amazon does Fargate. The open-source community uses something called Knative, and just breaking this week. Knative was a project that Google started and it looks like that is going to move over to the CNCF. So be part of the whole Kubernetes ecosystem and everything like that. Oracle, VMware, IBM, Red Hat, all heavily involved in Knative, and we're all excited to see that go into the CNCF. So the reason I say that, I've seen from Amazon, I actually, John and I, when we interviewed Andy Jassy back in 2017, I asked him a follow-up question because he said if he was to build AWS in 2017, "I would start with everything underneath it serverless." I would wonder if following up with Adam or Andy today, I'd said, "Would it be all serverless or would containers be a piece of it?" Because sometimes underneath it doesn't matter or sometimes it can be containers and serverless. It's a single unit in Amazon and when they position things, it's now that spectrum of unit, everything from the serverless through the containers, through... James Hamilton wrote a blog post today about running Xen-on-Nitro and they have a migration service for a mainframe. So what do we know? That one of the only things about IT is almost nothing ever goes away. I mean, it sounded like Amazon declared coming soon the end of life of mainframe. My friends over at IBM might not be quite ready to call that era over but we shall see. All these things take time. Everything in IT is additive. I'm happy to see. It is very much usually an end world when I look at the container and Kubernetes space. That is something that you can have a broad spectrum of applications. So some of my more monolithic applications can move over, my cool new data, AI things, I can build on it, microservices in between. And so, it's a broad platform that spans the cloud, the edge, the data center. So that cloud operating model is easier to have consistency all the places that I go. >> Mainframe is in the cloud. Well, we'll see. Big banks by the next site unseen. So I think Amazon will be able to eat away at the edges of that, but I don't think there's going to be a major migration. They claim it. Their big thing is that you can't get COBOL programmers. So I'm like, "Yeah, call DXC, you'll get plenty." Let's talk about something more interesting. (Stu laughs softly) So the last 10 years was a lot of, a lot about IT transformation and there was a lot more room to grow there. I mean, the four big hyperscalers are going to do 120 billion this year. They're growing at 35%. Maybe it's not a trillion, but there's a $500 billion market that they're going after, maybe more. It looks like there's a real move. You saw that with NASDAQ, the Goldman deal, to really drive into business, deeper business integration in addition to IT transformation. So how do you see the next decade of cloud? What should we be watching? >> So, one of the interesting trends, I mean, Dave, for years we covered big data and big data felt very horizontal in it's approach thing. Hadoop take over the world. When I look at AI solutions, when I look at the edge computing technologies that happen, they're very vertically driven. So, our early customers in edge adoption tend to be like telco with the 5G rollout manufacturing in some of their environments. AI, every single industry has a whole set of use cases that they're using that go very deep. So I think cloud computing goes from, we talked about infrastructure as a service to it needs to be more, it is solution, some of these pieces go together. When Adam got up on stage and talked about how many instance types they have on Amazon, Dave, it's got to be 2X or 4X more different instant types than if I went to go to HPE or Dell and buy a physical server for my environment. So we need to have areas and guidance and blueprints and heck, use some of that ML and AI to help drive people to the right solutions because we definitely have the paradox of choice today. So I think you will find some gravity moving towards some of these environments. Gravatar has been really interesting to watch. Obviously that Annapurna acquisition should be down as one of the biggest ones in the cloud era. >> No lack of optionality to your point. So I guess to the point of deeper business integration, that's the big question, will Amazon provide more solution abstractions? They certainly do with Connect. We didn't hear a ton of that this show. >> Interestingly. (Dave speaking indistinctly) So the article that you and John Furrier wrote after meeting with Adam, the thing that caught my eye is discussion of community and ecosystems. And one of the things coming after, some, big communities out there like, you and I lived through the VMware ecosystem in that very tight community. There are forming little areas of community here in this group, but it's not a single cloud community. There are those focus areas that they have. And I do love to see, I mean, obviously working for Red Hat, talking about the ecosystem support. I was very happy to hear Adam mention Red Hat in the keynote as one of the key hybrid partners there. So, for Amazon to get from the 60 million, the 60 billion to the trillion dollar mark down the road, it's going to take a village and we're happy to be a part of it. >> Hey, great to have you back, enjoy the rest of the show. This is, let's see, day three, we're wrapping up. We're here again tomorrow so check it out. Special thanks to obviously AWS is our anchor sponsor and of course, AMD for sponsoring the editorial segments of our event. You're watching theCUBE, the leader in tech coverage. See you tomorrow. (bright upbeat music)

>>Welcome back to the cubes. Continuing coverage of AWS reinvent 2021 live from Las Vegas. I'm Lisa Martin. We have to set two live sets here with the cube two remote sets over 100 guests on the program for three and a half days talking about the next decade and cloud innovation. And I have two alumni back with me. Please. Welcome back, Mandy Dolly, while the CMO of Boomi and ed. Makowski the head of product at Boomi guys. It's so great to see you. Great to see you, Lisa, thank you in person zoom. Incredible. So in the time, since it's been, since I've seen you, booty is a verb. You, I can see your cheeks bursting. Yeah. Just >>Boom, yet go, boom. It go. Boom. Yet, >>Talk to me about what, what that means, because this is something that you discovered through customers during the pandemic. >>Absolutely. And really it's a Testament to the platform that's been built and the experience of 18,000 customers, a hundred thousand community members, anytime there's disparate data. And it needs to be connected in a way that's secure, reliable performance. And it just works that confidence and trust our customers are telling us that they just Boomi it. And so we figured it was a rally cry. And as a marketing team, it was handed to us. We didn't have to push a Boulder up hill. Our customers are, are just booming it. And so our rally cry to the market is take advantage of the experience of those that have come before you and go build what you need to. It works, >>Period. It works well as the chief marketing officer, there's probably nothing better, nothing better than the validating voice of the customer, right? That's the most honest that you're going to get, but having a customer create the verb for you, there's going to be nothing that prepares you for that. Nothing like it, but also how great does that make it when you're having conversations with prospective customers or even partners that there's that confidence and that trust that your 18,000 plus now customer's house right in >>Lummi right. And adding what? Eight a day. Yeah. Every day we're adding eight new customers. >>Thank you customers a day. The Boomi versus what? A hundred thousand strong now. Yes. >>In two years we built that. Is that right? Yes. >>Wow. Oh my goodness. During the >>Pandemic, the momentum is incredible. Yeah. It's >>Incredible. >>Then you're on your growth from a usage perspective. So yeah, we're skyrocketing >>Use the most need like, uh, you know, neck braces from whiplash going so fast. >>Oh, we're ready. >>Good. I know, I know you are. So talk to me about, you know, we've seen such change in the last 22 months, massive acceleration to the cloud digital transformation. We're now seeing every company has to be a data company to survive and actually to be competitive, to be a competitor. But one of the things that used to be okay back in the day was, you know, these, uh, experiences that weren't integrated, like when you went to well, like when I was back in college and I would go in and you would pay for this class and that cause everything was disconnected and we didn't know what we didn't know. Now the integrated experience is table stakes for any organization. And talk to me about when you're talking with customers, where are they like across industries and going, we don't have a choice. We've got to be able to connect these experiences for our customers, for our employees and to be a comparator. >>Okay. Yeah. I mean, it used to be about for us application data integration, that sort of thing. That's where we were born. But particularly through the pandemic, it's become integrated experiences and automation. It's not just about moving data between systems, that sort of thing. It's about connecting with your end users, your employees, your customers, et cetera, like you were saying, and automating and using intelligence to continue automating those things faster. Because if, if you're not moving faster in today's world, you're, you're in peril. So, >>And that was one of the themes that we were actually talking about this morning during our kickoff that you're hearing is every company is a data company. And if they're not, they're not going to be around much longer many. Talk to me when you're talking with customers who have to really reckon with that and go, how do we connect these experiences? Because if we can't do that, then we're not going to be around. >>Yeah. The answer lies in the problems, right? There are real-world problems that need to be solved. We have a customer just north of here, a, a university. And, um, as they were bringing students back to campus, right, you're trying to deliver a connected campus experience. Well, how do you handle contact tracing, right. For COVID-19 that's a real modern day problem. Right? And so there you're able to now connect disparate data sources to go deliver on a way, an automated way to be able to handle that and provide safety to your students. Table-stakes oh, it is right. Digital identity management again in a university set setting critical. Right? So these things are now a part of our fabric of the way we live. The consumerization of tech has hit B2B. It's merging. Yeah. >>And it's good. There's definitely silver linings that have come out of the last 22 months. And I'm sure there will be a few more as we go through Omicron and whatever Greek letter is next in the alphabet, but don't want to hear we are at reinvent so much. There's always so much news at reinvent. Here we are. First 10th, 10th reinvent. You can't believe 10th reinvent. AWS is 15 years old brand new leader. And of course, yesterday ad starts the flood of announcements yesterday, today. Talk to me about what it's like to be part of that powerful AWS ecosystem from a partner perspective and how, how influential is Boomi and its customers and the Boomi verse in the direction that AWS goes in because there's so customer obsessed like you guys are >>Well, it was really exciting for us because we're a customer and a partner of AWS, right? We, we run our infrastructure on AWS. So we get to take advantage of all the new announcements that they make and all the cool stuff they bring to the table. So we're really excited for that. But also as all these things come up and customers want to take advantage of them, if they're creating different data, sets, different data silos or opportunity for automation around the business, we're right there for our customers and partners to go take advantage of that and quickly get these things up and running as they get released by AWS. So it's all very exciting. And we look forward to all these different announcements. >>One of the things also that I felt in the last day and a half, since everything really kicked off yesterday was the customer flywheel. AWS always talks about, we work backwards from the customer forwards. And that is a resounding theme that I'm hearing throughout all of the partners that I've talked about. They have a massive ecosystem. Boomi has a massive ecosystem to working with those partners, but also ensuring that, you know, at the end of the day, we're here to help customers resolve problems, problems that are here today, problems that are going to be here tomorrow. How do you help customers deal with Mandy with, with some of the challenges of today, when they say Mandy help us future-proof or integrations what we're doing going forward, what does that mean to Boomi? Yeah, >>I think for us, the way we approach it is you start with Boomi with a connectivity kind of problem, right? We're able to take disparate data silos and be able to connect and be able to create this backbone of connectivity. Once you have that, you can go build these workflows and these user engagement mechanisms to automate these processes and scale, right? So that's 0.1, we have a company called health bridge financial, right? They're a health tech company, financial services company. They are working towards, they run on AWS. They, they have, uh, a very, um, uh, secure, compliant infrastructure requirement, especially around HIPAA because they're dealing with healthcare, right? And they have needs to be able to integrate quickly and not a big budget to start with. They grew very quickly and Lummi powered their, their AWS ecosystem. So as our workloads grew on RDS, as well as SQS as three, we were able to go in and perform these HIPAA compliant integrations for them. So they could go provide reimbursement on medical spending claims for their end customers. So not only did we give them user engagement and an outstanding customer experience, we were able to help them grow as a business and be able to leverage the AWS ecosystem. That's a win, win, win across the board for all of us. >>That's one plus one equals three, for sure. Yep. One of the things too, that's interesting is, you know, when we see the plethora of AWS services, like I mentioned a minute ago, there's always so many announcements, but there's so much choice for customers, right? When you're talking ed with customers, Boomi customers that are looking for AWS services, tell me about some of those conversations. Can we help guide them along that journey? >>I mean, we help them from an architectural standpoint, as far as what services they should choose from AWS to integrate their different data sources within the AWS ecosystem and maybe to others, um, we've helped our customers going back a little bit to, to the future-proofing over the time we've at our platform, we've connected with our customers over 180,000 different data sources, including AWS and others, that as we continue to grow, our customers never need to upgrade. We're a cloud model, ourselves running an AWS. So they just get to keep taking advantage of that. Their business grows and evolves. And as AWS grows and evolves for them, and they're modernizing their infrastructure bringing in, in AWS, we continue to stay on the forefront with keeping connectivity and automation and integration options. >>And that's a massive advantage for customers in any industry, especially, I know one of the first things I thought of when the pandemic first struck and we saw this, you know, the rise of the pharma companies working on vaccine was Madrona. Madonna's a Boomi customer. If they are talk to me about some of the things that you've helped them facilitate, because there was that obviously that time where everyone's scattered, nobody could get onsite having a cloud native solution. Must've been a huge advantage. Yeah. Well getting us all back here, really >>Exactly. First and foremost, getting more people on board into their business to help go find the race for the cure. And then being able to connect that data right. That they were generating and really find a solution. So we had an integral role to play in that. That's definitely a feather in our cap. We're really proud of that. Um, again, right. It's it's about speed and agility and the way we're architected, we're a low code platform. We're not developer heavy. You can log in and go and start building right away. What, what used to take months now takes weeks. If not days, if you use the Boomi platform, those brittle code integrations no longer need to be a part of your day to day. >>And that probably was a major instrument in the survival of a lot of businesses in the very beginning when it was chaotic, right? And it was pivot, pivot, pivot, pivot, pivot, that, that, you know, one of the things we learned during the pandemic is that there is access to real-time data. Real-time integrations. Isn't a nice to have anymore. It's required. It's fundamental for employee experiences, customer experiences in every industry >>And banking. We've had several banks who were able to stand up and start taking PPP loans. Uh, they used to do this in person. They were able to take them within literally some of our banks within four days had the whole process built into it. >>Wow. And so from a differentiation perspective, how have your customer conversations changed? Obviously go Boomi. It is now is something that you do, you have t-shirts yet, by the way, they're coming. And can I get one? Yes, absolutely. Excellent. But talk to me about how those customer conversations have changed is, is what Boomi enables organizations is this snow at the C-suite the board level going? We've got to make sure that these data sources are connected because they're only gonna keep proliferating. >>Yeah, I think it's coming, right. We're not quite there yet, but as we're starting to get this groundswell at the integration developer level at the enterprise architect level, I think the C-suite especially is realizing the value of the delivery of this integrated experience now, right? These data fueled experiences are the differentiators for new business models. So transformation is something that's required. Obviously you need to modernize. We heard about that in the keynotes here at the conference, but now it's the innovation layer and that's where we're squarely focused is once you're able to connect this data and be able to modernize your systems, how do you go build new business models with innovation? That's where the C-suites leaning in with >>Us. Got it. And that's the opportunity is to really unlock the value of all this data and identify new products, new services, new target markets, and really that innovation kicks the door wide open on a competitor if you're focused on really becoming a data company, I think. Yeah, exactly. Yeah. What are some of the things that, that you're looking forward to as we, as we wrap up 2021 and let's cross our fingers, we're going into a much better 20, 22. What question for both of you and we'll start with you, what's next for Boomi? >>So we just recently laid out our hyper automation vision, right. And what hyper automation is, is adding intelligence, artificial intelligence, and machine learning to your automation to make you go faster and faster and help you with decisions that you may have been making over and over as an example, or any workflows you do as an employee. So there is this convergence of RPA and iPads that's happening in the market. And we're on the forefront of that around robotic process automation. And then bringing that, those types of things into our platform and just helping our customers automate more and more, because that's what they're looking for. That's what go Boomi. It's all about. They've integrated their stuff. We were taking the lead from our customers who are automating things. We had blue force tracking as an example, where in Amsterdam, they have security guards running around and, and, and using, um, wearable devices to track them on cameras. And that's not an application integration use case that's automation. So we're moving there, we're looking with our customers on how we can help them get faster and better and provide things like safety and that use case. So, >>And we're our customers in terms of, of embracing hyper automation. Because when we talk about, we know a lot of, uh, news around AI and, and model last day and a half, but when you think about kind of like, where are most organizations with from a maturation perspective, are they ready for hyper automation? >>I think they're ready for automation. They're learning about hyper automation. I think we're pushing the term further ahead. You know, we're, we're, we're on the forefront of that because industries are thinking, our customers are thinking about automation. They're thinking about AIML, we're introducing them to hyper automation and, and kind of explaining to them, you're doing this already. Think more along these lines, how can you drive your business forward with these? And they're embracing it really well. So >>Is that conversation elevating up to the board level yet? Is that a board level initiative or >>What it is? It's, it's a little more grassroots. I think that's, I was thinking that's where came from because the employees teams are solving problems. They're showcasing these things to their executives and saying, look at the cool stuff we're doing for the business. And the executives are now saying, well with this problem, can we now go boob? Can we Boomi it because they're there, they're starting to understand what we can do. Okay. >>That's awesome. Oh my goodness. Mandy, you've been the chief marketing officer for three over three years now. I can't believe the amount of change that you've seen, not just the last 22 months, but the last three years. What are you excited about as Boomi heads into 2022? I think, >>And new opportunities to get deeper and broader into the market. Our ownership changed as you know this past year. And, um, you know, we have a new leg on growth, if you will, right? And so whole new trajectory ahead of us, bigger brand building more pervasiveness or ease of use around our platform, right? We're available now in a pay as you go model on our website and on a $50 a month model or, uh, um, atmosphere go and then also on marketplace. So we're making the product and the platform more accessible to more people so they can begin on faster, build faster, and go solve these problems. So really democratizing integration is something that I'm very excited about. Democratizing integration, as well as more air cover, just to let people know that this technology exists. So it's really a marketer's dream >>And why they should go buy me it. Right. Exactly. You guys. It was great to have you on the program. Congratulations on the success on, on becoming a verb. That's pretty awesome. I'll look forward to my t-shirt. So I smelled flu and >>You got it. >>All right. For my guests. I'm Lisa Martin. You're watching the cube, the global leader in life tech coverage.

(soft music) >> Hi, everyone. Welcome back to the Cube's covers of Splunk's dot com virtual event, their annual summit. I'm John Ferry, host of the cube. We've been covering dot conf since twenty twelve. Usually a physical event in person. This year it's virtual. I'm here with Claire Hockin, the CMO of Splunk. She's been here three and a half years. Your first year as CMO, and you got to go virtual from physical. Welcome to the cube. Good to see you. >> Thank you very much, John. Great. >> I got to ask you, I mean, this has been the most impressive virtual venue, you've taken over the hotel here in Silicon valley. You're entire teams here. It feels like there's a dynamic of like the teamwork. You can kind of feel the vibe. It's almost like a little VIP Splunk event, but you're broadcasting it to the world. Tell us what's happening. >> Yeah, it's been, I think for everyone a year where we really hope to be back to having a hybrid event, so having a big virtual component, but running dot conf as we had before from Las Vegas, which wasn't possible. So what we thought in the last six weeks is that we would actually bring the Splunk studio to a physical location. So we've been live all of this week from California, where we're sitting today and really thought through bringing the best of that programming to our, you know, our amazing audience of twenty six thousand people. So we were sitting here in a studio, we have a whole live stage and we've activated the best of dot conf to bring as many Splunkers as we can. And as many external guests to make it feel as real and as vibrant as possible. So. >> I have to say I'm very impressed. Since twenty twelve we've been watching the culture evolve. Splunk has always been that next big thing. And then the next big thing again, it seems to be the theme as data becomes so bigger and more important even than ever. There's a new Splunk emerging, another kind of next big thing. And this kind of says the patterns like do something big, that's new, operationalize it and do something new again. This is a theme, big part of this culture here. Can you share more about how you see this evolving? >> Sure. And I think that's what makes Splunk such a great place to be. And I think it attracts people who like to continually challenge reinvent. And I think we've spent a lot of time this year building out our portfolio, going through this cloud transformation. It just gives you a whole new landscape of how you unlock that power of data and how customers use it. So we've had a lot of fun, always building on top of that building, you know, our partnerships, what customers do and really having fun with it. I think one of the best things about Splunk is we do have this incredibly fun and playful brand and as data just becomes something that is more and more powerful, it's really relatable. And we have fun with activating that and storytelling. So, yeah. >> And you have a new manager, Teresa Carlson came in from Amazon web services. You have a lot more messaging kind of building on previous messaging. How are you handling and looking at the aperture of, that's growing from a messaging standpoint, you have a partner verse, which has rebranded of your solution of your ecosystem, kind of a lot of action going on in your world. What's the update? >> Yeah. It keeps us busy. And I think at one end, you know, the number of people that are using Splunk inside any customer base is just growing. So you have different kinds of users. And this year we're really working hard on how to partner and position Splunk with developers, but at the top end of that, the value of data and the idea of having a data foundation is something that's incredibly compelling for CTOs. So working really hard about looking at Splunk and data from that perspective, as well as the individual uses across areas like security and observability. So. >> You know, one of the things I wanted to ask you is, I was thinking about this when I was driving in this morning, Splunk has a lot of customers and you keep your customers and you've have a lot of customers that organically came into the Splunk through the product leadership and just great product. And then as security became more important, Splunk kind of takes that territory now. Now mainstream enterprise with the platform are leaning into Splunk solutions, and now you've got an ecosystem. So it's just becoming bigger and bigger just seems that the scale of the Splunk is growing radically bigger than it was, Is that happening? And what's your take on that? >> I think that's definitely a thing, John. So I think that the power of the ecosystem is amazing. We have customers, partners, as you've seen and everything just joins up. So we're seeing more and more dot joining through data. And we're just seeing this incredible velocity in terms of what's possible and how we can co-build with our partners and do more and more with our customers. So Splunk moves incredibly quickly. And I think if anything, we're just, gaining velocity, which is fun and also really challenging. >> Cloud-scale. And certainly during the pandemic, you guys had a tailwind on the business side, talk about the journey that you've had with Splunk as in your career and also for the customers. How are they reacting and what can they expect as Splunk continues to evolve? >> I think we're working really hard to make sure that Splunk is easier to use. Everything gets every more integrated. And I think our goal and our vision is you just capture your data and you can apply it to any use case using Splunk. And to make it sort of easier see that data in action. And one of the things I love from today was the dashboard studio. They're just these beautiful visualizations that really are inspiring around how data is working in your organization. And for me, I've been a Splunker for three and a half years. And I just think there is just so much to do, and there's so much of our story ahead of us and so much potential. So just really enjoying working with customers on the next data frontier, really. >> You have the Jedi Knight from Star Wars speaking, you had the F1 car racing. Lando was here, kind of the young Jedi, the old Jedi. The generations are coming together. You're seeing that old IT world, which relied on Splunk. And now you have this new developer real-time shifting left with security DevOps now going mainstream, you kind of have the confluences of these cultures coming together. It's not really clashing. It's kind of jelling. How are you handling that? How do you see that? What's Splunk kind of doing? Because I can see the themes, am I right? >> No, no. One of the stories from this morning that really struck me is we have Cal Poly and we worked with Cal Poly on their security and they actually have their students using Splunk and they run their whole security environment. And at the very top end, you have Walmart, the Fortune one, just using Splunk at a massive, incredible scale. And I think that's the power of data. I mean, data is something that everyone should and can be able to use. And that's what we're really seeing is unlocking the ability to bring, you know, bring all of your data in service of what you're trying to do, which is fun. And it just keeps growing. >> We had Zach Brown, the CEO of F1 McLaren Racing Team, here on the queue earlier. And it was interesting cause I was like driving the advantage with data, you know, kind of cliche, but they're using data very specifically, highly competitive. It almost kind of feels like a cloud kind of scale model because we've got thousands of people working on the team. They're on the track, they're competing, they're using data, they got to be agile and they got to be fast real time. Kind of sounds like the current enterprise's these days. >> Absolutely. And I think what's interesting about McLaren that the thing I love is either they have hundreds of terabytes of data moving at just at incredible speed through Splunk Enterprise, but it all goes back to their mission control in the UK. And there are 32 people that look at all that data. And I think it's got a half second delay and they make all the decisions for the car on the track. And that I think is a great lesson to any enterprises you have to, you know, you have to bring all that data together and you have to look at it and take decisions centrally for the benefit of your whole team. And I think McLaren is a really good example of when you do that it pays dividends and the team has had a really, really great season. >> Well, I want to say congratulations for pulling off a great virtual event. I know you had your physical event was on track and literally canceled the last minute because of the pandemic with the Delta virus. But it was amazing, made for digital TV kind of event. >> Absolutely, >> This is the future of media. >> Absolutely. And it is a lot of fun. And I think I'm really proud. We have done all of this with our in-house team, the brand, the experiences that you see, which is really fantastic. And it's given us a lot of ideas for sort of, you know, digital media and how we story tell, and really connect to our twenty thousand customers or two hundred and thirty thousand community members and keep everyone connected through digital. So this has been a lot of fun and a really nice moment for us this week. >> You know it's interesting, I was saying to the team here on one of our breaks, is that when you have this kind of agility with media to tell your own story directly, you're almost telling more stories there before. And there's a lot to tell you have a lot of successful customers, the new partners. What's the coolest story that you've seen. What would you share that you think is your favorite? If you could pick one or a few of them, what are your top stories that you see happening? >> So I've talked about Cal Poly, which I love because it's students and you know, the scale of Walmart, but there are so many stories. And I think the ones that I love most are the data heroes. We talk about the data here is a lot of Splunk and the people that are able to harness that data and to take action on that data and make something amazing happen. And we just see that time and time again, across all kinds of organizations where data heroes are surfacing, those insights. Those red flags, if you like and helping organizations stay on step ahead. And Conf is really a celebration of that. I think that's why we do this every year. And we really celebrate those data heroes. So across the program, probably too many to mention, but in every industry and at every scale, people are, you know, making things happen with data and that's an incredibly exciting place to be. >> Well you have a lot of great customers to, to use as references. But I got to ask you that as you go forward this year in marketing, what are your plans to take on this new dynamic? You've got hybrid events, you've got the community is always popular and thriving with Splunk at large-scale enterprises, global system integrators, doing business deals with you guys, as you guys are continuing to grow and grow and grow, what's the strategy? How do you keep the Splunk coolness going? Cause that's, you know, you guys are growing so fast. That's your job, is to keep things on track. What's your strategy? >> I think I look at that and just, we put the customer at the heart of that. And we think, you know, who are the personas, who are the people that use Splunk? What's their experience? What are they trying to do? What are those challenges? And we design those moments to help them move forward faster. And so that I think is just a really good north star. It is really unifying and our partners and customers, and every Splunker gets really behind that. So stay focused on that. >> Thanks for coming on the Cube, really appreciate it. Congratulations for great event. And thanks for having the Cube. We love coming in and sharing our media partnership with you. Thank you for coming. >> Thank you so much. And next year is your tenth year John. So we look forward to celebrating that as well. Thank you very much. >> Thank you. Thanks for coming on. Okay it's the Cube coverage here live in the Splunk studios. We are a virtual event, but it's turning out to be a hybrid event. It's like a VIP event, a lot of great stories. Check them out online. They'll be recycling through so much digital content. This is truly a great digital event. Jeffery, hot of the Cube. Thanks for watching. (soft music)

>>Okay, welcome back everyone. To the cubes coverage here, coop con cloud native con 2021 in person. The Cuba's here. I'm John farrier hosted the queue with Dave Nicholson, my cohost and cloud analyst, man. It's great to be back, uh, in person. We also have a hybrid event. We've got two great guests here, the founders of deep fence, sham, Krista Swami, C co-founder and CTO, and said deep line founder. It's great to have you on. This is a super important topic. As cloud native is crossed over. Everyone's talking about it mainstream, blah, blah, blah. But security is driving the agenda. You guys are in the middle of it. Cutting edge approach and news >>Like, like we were talking about John, we had operating at the intersection of the awesome desk, right? Open source security and cloud cloud native, essentially. Absolutely. And today's a super exciting day for us. We're launching something called track pepper, Apache V2, completely open source. Think of it as an x-ray or MRI scan for your cloud scan, you know, visualize this cloud at scale, all of the modalities, essentially, we look at cloud as a continuum. It's not a single modality it's containers. It's communities, it's William to settle we'll list all of them. Co-exist side by side. That's how we look at it and threat map. It essentially allows you to visualize all of this in real time, think of fed map, but as something that you, that, that takes over the Baton from the CIS unit, when the lift shift left gets over, that's when the threat pepper comes into picture. So yeah, super excited. >>It's like really gives that developer and the teams ops teams visibility into kind of health statistics of the cloud. But also, as you said, it's not just software mechanisms. The cloud is evolving, new sources being turned on and off. No one even knows what's going on. Sometimes this is a really hidden problem, right? Yeah, >>Absolutely. The basic problem is, I mean, I would just talk to, you know, a gentleman 70 of this morning is two 70 billion. Plus public cloud spent John two 70 billion plus even 3 billion, 30 billion they're saying right. Uh, projected revenue. And there is not even a single community tool to visualize all the clouds and all the cloud modalities at scale, let's start there. That's what we sort of decided, you know what, let's start with utilizing everything else there. And then look for known badness, which is the vulnerabilities, which still remains the biggest attack vector. >>Sure. Tell us about some of the hood. How does this all work cloud scale? Is it a cloud service managed service it's code? Take us out, take us through product. Absolutely. >>So, so, but before that, right, there's one small point that Sandeep mentioned. And Richard, I'd like to elaborate here, right? He spoke about the whole cloud spending such a large volume, right? If you look at the way people look at applications today, it's not just single clone anymore. It's multicloud multi regions across diverse plants, right? What does the solution to look at what my interests are to this point? That is a missing piece here. And that is what we're trying to tackle. And that is where we are going as open source. Coming back to your question, right? How does this whole thing work? So we have a completely on-prem model, right? Where customers can download the code today, install it. It can bill, we give binary stool and Shockley just as the exciting announcement that came out today, you're going to see somewhat exciting entrepreneurs. That's going to make a lot more easy for folks out there all day. Yeah, that's fine. >>So how does this, how does this all fit into security as a micro service and your, your vision of that? >>Absolutely. Absolutely. You know, I'll tell you, this has to do with the one of the continual conferences I would sort of when I was trying to get an idea, trying to shape the whole vision really? Right. Hey, what about syncretism? Microservice? I would go and ask people. They mentioned that sounds, that makes sense. Everything is becoming a microservice. Really. So what you're saying is you're going to deploy one more microservice, just like I deploy all of my other microservices. And that's going to look after my microservices. That compute back makes logical sense, essentially. That was the Genesis of that terminology. So defense essentially is deployed as a microservice. You go to scale, it's deployed, operated just like you to your microservices. So no code changes, no other tool chain changes. It just is yet another microservice. That's going to look after you talk about >>The, >>So there's one point I would like to add here, which is something very interesting, right? The whole concept of microservice came from, if you remember the memo from Jeff Bezos, that everybody's going to go, Microsoft would be fired. That gave rise to a very conventional unconditionally of thinking about their applications. Our deep friends, we believe that security should be. Now. You should bring the same unconventional way of thinking to security. Your security is all bottom up. No, it has to start popping up. So your applications on microservice, your security should also be a micro. >>So you need a microservice for a microservice security for the security. You're starting to get into a paradigm shift where you starting to see the API economy that bayzos and Amazon philosophy and their approach go Beanstream. So when I got to ask you, because this is a trend we've been watching and reporting on the actual application development processes, changing from the old school, you know, life cycle, software defined life cycle to now you've got machine learning and bots. You have AI. Now you have people are building apps differently. And the speed of which they want to code is high. And then other teams are slowing them down. So I've heard security teams just screw people over a couple of days. Oh my God, I can wait five days. No, it used to be five weeks. Now it's five days. They think that's progress. They want five minutes, the developers in real time. So this is a real deal optimum. >>Well, you know what? Shift left was a good thing. Instill a good thing. It helps you sort of figure out the issues early on in the development life cycle, essentially. Right? And so you started weaving in security early on and it stays with you. The problem is we are hydrating. So frequently you end up with a few hundred vulnerabilities every time you scan oftentimes few thousand and then you go to runtime and you can't really fix all these thousand one. You know? So this is where, so there is a little bit of a gap there. If you're saying, if look at the CIC cycle, the in financial cycle that they show you, right. You've got the far left, which is where you have the SAS tools, snake and all of that. And then you've got the center where, which is where you hand off this to ops. >>And then on the right side, you've got tech ops defense essentially starts in the middle and says, look, I know you've had thousand one abilities. Okay. But at run time, I see only one of those packages is loaded in memory. And only that is getting traffic. You go and fix that one because that's going to heart. You see what I'm saying? So that gap is what we're doing. So you start with the left, we come in in the middle and stay with you throughout, you know, till the whole, uh, she asks me. Yeah, well that >>Th that, that touches on a subject. What are the, what are the changes that we're seeing? What are the new threats that are associated with containerization and kind of coupled with that, look back on traditional security methods and how are our traditional security methods failing us with those new requirements that come out of the microservices and containerized world. And so, >>So having, having been at FireEye, I'll tell you I've worked on their windows products and Juniper, >>And very, very deeply involved in. >>And in fact, you know what I mean, at the company, we even sold a product to Palo Alto. So having been around the space, really, I think it's, it's, it's a, it's a foregone conclusion to say that attackers have become more sophisticated. Of course they have. Yeah. It's not a single attack vector, which gets you down anymore. It's not a script getting somewhere shooting who just sending one malicious HTP request exploiting, no, these are multi-vector multi-stage attacks. They, they evolve over time in space, you know? And then what happens is I could have shot a revolving with time and space, one notable cause of piling up. Right? And on the other side, you've got the infrastructure, which is getting fragmented. What I mean by fragmented is it's not one data center where everything would look and feel and smell similar it's containers and tuberosities and several lessons. All of that stuff is hackable, right? So you've got that big shift happening there. You've got attackers, how do you build visibility? So, in fact, initially we used to, we would go and speak with, uh, DevSecOps practitioner say, Hey, what is the coalition? Is it that you don't have enough scanners to scan? Is it that at runtime? What is the main problem? It's the lack of visibility, lack of observability throughout the life cycle, as well as through outage, it was an issue with allegation. >>And the fact that the attackers know that too, they're exploiting the fact that they can't see they're blind. And it's like, you know what? Trying to land a plane that flew yesterday and you think it's landing tomorrow. It's all like lagging. Right? Exactly. So I got to ask you, because this has comes up a lot, because remember when we're in our 11th season with the cube, and I remember conversations going back to 2010, a cloud's not secure. You know, this is before everyone realized shit, the club's better than on premises if you have it. Right. So a trend is emerged. I want to get your thoughts on this. What percentage of the hacks are because the attackers are lazier than the more sophisticated ones, because you see two buckets I'm going to get, I'm going to work hard to get this, or I'm going to go for the easy low-hanging fruit. Most people have just a setup that's just low hanging fruit for the hackers versus some sort of complex or thought through programmatic cloud system, because now is actually better if you do it. Right. So the more sophisticated the environment, the harder it is for the hackers, AK Bob wire, whatever you wanna call it, what level do we cross over? >>When does it go from the script periods to the, the, >>Katie's kind of like, okay, I want to go get the S3 bucket or whatever. There's like levels of like laziness. Yeah. Okay. I, yeah. Versus I'm really going to orchestrate Spearfish social engineer, the more sophisticated economy driven ones. Yeah. >>I think, you know what, this attackers, the hacks aren't being conducted the way they worked in the 10, five years ago, isn't saying that they been outsourced, there are sophisticated teams for building exploiters. This is the whole industry up there. Even the nation, it's an economy really. Right. So, um, the known badness or the known attacks, I think we have had tools. We have had their own tools, signature based tools, which would know, look for certain payloads and say, this is that I know it. Right. You get the stuff really starts sort of, uh, getting out of control when you have so many sort of different modalities running side by side. So much, so much moving attack surfaces, they will evolve. And you never know that you've scanned enough because you never happened because we just pushed the code. >>Yeah. So we've been covering the iron debt. Kim retired general, Keith Alexander, his company. They have this iron dome concept where there's more collective sharing. Um, how do you see that trend? Because I can almost imagine that the open-source man is going to love what you guys got. You're going to probably feed on it, like it's nobody's business, but then you start thinking, okay, we're going to be open. And you have a platform approach, not so much a tool based approach. So just give me tools. We all know that when does it, we cross over to the Nirvana of like real security sharing. Real-time telemetry data. >>And I want to answer this in two parts. The first part is really a lot of this wisdom is only in the community. It's a tribal knowledge. It's their informal feeds in from get up tickets. And you know, a lot of these things, what we're really doing with threat map, but as we are consolidating that and giving it out as a sort of platform that you can use, I like to go for free. This is the part you will never go to monetize this. And we are certain about disaster. What we are monetizing instead is you have, like I said, the x-ray or MRI scan of the cloud, which tells you what the pain points are. This is feel free. This is public collective good. This is a Patrick reader. This is for free. It's shocking. >>I took this long to get to that point, by the way, in this discussion. >>Yeah, >>This is this timing's perfect. >>Security is collective good. Right? And if you're doing open source, community-based, you know, programs like this is for the collector group. What we do look, this whole other set map is going to be open source. We going to make it a platform and our commercial version, which is called fetch Stryker, which is where we have our core IP, which is basically think about this way, right? If you figured out all the pain points and using tech map, or this was a free, and now you wanted the remedy for that pain feed to target a defense, we targeted quarantining of those statin workloads and all that stuff. And that's what our IP is. What we really do there is we said, look, you figured out the attack surface using tech fabric. Now I'm going to use threat Stryker to protect their attacks and stress >>Free. Not free to, or is that going to be Fort bang? >>Oh, that's for, okay. >>That's awesome. So you bring the goodness to the party, the goods to the party, again, share that collective, see where that goes. And the Stryker on top is how you guys monetize. >>And that's where we do some uniquely normal things. I would want to talk about that. If, if, if, if you know public probably for 30 seconds or so unique things we do in industry, which is basically being able to monitor what comes in, what goes out and what changes across time and space, because look, most of the modern attacks evolve over time and space, right? So you go to be able to see things like this. Here's a party structure, which has a vulnerability threats. Mapper told you that to strike. And what it does is it tells you a bunch of stress has a vulnerable again, know that somebody is sending a Melissa's HTP request, which has a malicious payload. And you know what, tomorrow there's a file system change. And there is outbound connection going to some funny place. That is the part that we're wanting this. >>Yeah. And you give away the tool to identify the threats and sell the hammer. >>That's giving you protection. >>Yeah. Yeah. Awesome. I love you guys love this product. I love how you're doing it. I got to ask you to define what is security as a microservice. >>So security is a microservice is a deployment modality for us. So defense, what defense has is one console. So defense is currently self posted by the customers within the infrastructure going forward. We'll also be launching a SAS version, the cloud version of it. But what happens as part of this deployment is they're running the management console, which is the gooey, and then a tiny sensor, which is collecting telemetric that is deployed as a microservice is what I'm saying. So you've got 10 containers running defenses level of container. That's, that's an eight or the Microsoft risk. And it utilizes, uh, EDP F you know, for tracing and all that stuff. Yeah. >>Awesome. Well, I think this is the beginning of a shift in the industry. You start to see dev ops and cloud native technologies become the operating model, not just dev dev ops are now in play and infrastructure as code, which is the ethos of a cloud generation is security is code. That's true. That's what you guys are doing. Thanks for coming on. Really appreciate it. Absolutely breaking news here in the queue, obviously great stuff. Open source continues to grow and win in the new model. Collaboration is the cube bringing you all the cover day one, the three days. I'm Jennifer, your host with Dave Nicholson. Thanks for watching.

(bright intro music) >> Hello and welcome to theCUBE coverage of AnsibleFest 2021, virtual, hybrid, all online now. It's been a hell of a year. It's been going great with all the interactions. AnsibleFest 2021, Carol Chen is here. She's the Principal Community Architect for Ansible Community with Red Hat. Carol, thanks for coming on the AnsibleFest 2021 virtual coverage. >> Thanks for having me here, John. >> You know, one of the things about the pandemic I was mentioning, there's the online communities have been really, that have been online, have thrived. Developers know how to do virtual, and virtual, first, now is becoming a norm for developers. So the pandemic, although it's been a really big inconvenience for many, developers, actually, haven't been truly impacted other than the face to face interactions around hallway conversations and events. You're seeing a lot more community open conversations happening more than ever before, just the trend itself was hot. Now you have more people collaborating. What's the state of the Ansible Community right now? Because you know, online content at an all-time high, I'm seeing videos hit. I've seen a lot of content flowing. All around the internet seems to be more action. What's the state of the Ansible Community? >> Yeah, definitely. And actually, from the very start Ansible Community is a very much online community because of the diverse nature in terms of, you know, geographical distribution and just people from all of the world coming together. So initially, I mean, of course we do have like in-person meet-ups, which were a popular thing before the pandemic. That kind of took a little backseat and while it turned virtual, initially, people were like wondering what to do, but, you know, we are used to video conferences and online chats. So virtual meet-ups became quite a popular thing in the first half of the pandemic. So pretty much most of last year, we actually saw a slight rise in the number of, the median number of attendees at these meet-ups, because it's more accessible. You can attend from home, you can, you know, you don't have to go to a physical place to attend these meet-ups. However, this year we are starting to see some virtual fatigue and, you know, the numbers are dropping a little bit, but, you know, hopefully with the, some parts of the world are opening up and we are seeing some meet-ups coming into, in person again, depending on the region, of course, because it's not the same around the world. But I think that the need for people to connect socially is always there, whether it's online or in person. And the Ansible Community is pretty strong in that. And I want to stress that a lot of these meet-ups are organized by the community members, not necessarily by Red Hat or the Ansible team. So, you know, the desire to connect with other people in the community has always there and it's going on strong. >> Yeah, that's a good call out on the community side. I think that the affinity groups around the communities, self forming these meet-ups. >> Right. >> People want to meet in person, that's going to come back. You're starting to see that hybrid. But it's also, you're starting to see again, a fatigue for being like attending these virtual events. But at the same time, you're seeing the asynchronous consumption still go high, too. You're seeing, "Okay, I can do a fly by the event." Or if it's in person, "I'd prefer that." But there's still a lot more asynchronous going on, and a lot more opportunities to contribute. And you guys have done this contributor summits virtually. Can you talk about that trend? Tell me about the virtual contributor summits. >> Sure. So of course we have our regular community meetings, weekly, in fact. But the contributor summit is a place where we can actually gather, previously it was face-to-face, usually part of AnsibleFest, like the day before or after, depending. And, you know, to really, you know, hash out different discussions and more in-depth technical analyses of different parts of the project that we were working on. Even though, virtually, we are still able to do that, and we are, actually, able to increase in frequency of these events. Usually, it used to be once or twice a year, depending on whether or not we have, when we have the AnsibleFest. But last year we had three contributors summits. And this year, the third one will happen along with AnsibleFest in September, end of September, so in this week. So yeah, you know, there's definitely the advantage of making things easier to, for participants. But um... >> Talk about the vibe- Talk about the vibe of the summit. I mean, these contributors. I mean, what's it like and what are people experiencing? Are they just contributing code? They working on projects? Is it hackathons? Is it more, >> Right. >> What's the format of, what are people preferring? What's the best practice? >> So, what we want to encourage is not just one person giving presentations and like a one-way thing, but actually a dialogue. So a lot of these discussions are kind of interactive. So we use tools that allow people, not just like streaming one direction, but people can also appear on video and talk and express their opinions and join the discussions or in chat if they prefer not to show their face. But in any case, it's a lot of times it's not a full presentation, but perhaps an introduction for 5, 10 minutes. And then we go to discussion of a certain topic in-depth. So it's a very, I would say discussion-based, and also we are introducing a hackathon at this contributor summit, because I think it's quite a popular thing for people to get hands-on experience or work on something right away with people to support them then and there. So, you know, you can get results in real-time. So in actual fact, even before the pandemic, our contributor summits have had like, a virtual online component. So we were doing hybrid events before they were, you know, called popular hybrid events, but... >> Before they were necessary, it was cool. >> Right, Right. Exactly. So, because like I said, our contributors are from around the world, so we always made sure that they had a way of participating in the contributor summit as well. >> Yeah. I think that's really important to point out. I mean, I won't say it's cool to do hybrids necessary now because of the pandemic, but that format actually is interesting because you got a linear event that's physical face to face. Certainly that's super valuable when that comes back. But now that the online side has kind of been tied together with the simulated live asynchronous capability, you have this new format. Talk about how you guys are taking that to the next level around trust. Because one of the things about being face-to-face and then being online and knowing people is working together and getting a feeling of trusting each other, right? So, this is a- >> Right. huge part of community. >> How are you guys, now that we're more dispersed than ever, how are you guys handling, or facilitating and nurturing that trust equation? >> Right. So as a open source project, one of the key things is we do a lot of the things in the open. We, you know, the pull request, the development of the code is all done in the open. That's, you know, a very kind of implicit trust that you can have through that. And also the community meetings are open up to the public. Anybody can join if they're interested in. And even if you're not able to join the meetings because time zones or whatever, we share the meeting minutes after the meetings to everyone. Which brings me to, we actually started a newsletter for the community called the Bullhorn, since last April, I think. Because, you know, again, we are trying to explore more channels to be able to reach to different people who may not be able to attend in person, or even during the same time as the community meetings. So they can have this bi-weekly newsletter every two weeks that, you know, shares the meeting minutes. What has been discussed, the new developments in the community, the new collections, updates, new tools and so on. So definitely we see, like, we want to improve the communication to the community and ways that they can provide feedback to us as well. >> And that's called the Bullhorn? That's just getting the word out? >> Yeah, Bullhorn. Yes. Thank you. >> It's like the updates, like it's like, you know, a quick, quick executive summary of kind of what's happening. Is that kind of the vibe? >> Right, Right. >> Okay. Well, I want to ask you specifically, I heard about this new Community Steering Committee. What's the purpose of this? What's this evolving into? Can you give us some background on the purpose and the objective of the community? >> Yeah Sure. Yeah. We established the Ansible Community Steering Committee earlier this year, and as we were saying that the Ansible project is growing, so of course the user community, and also, they're very happy to say that the contributor community is growing. So, you know, we want to provide a better structure for the upstream Ansible project. And a lot of changes are taking place that we want to have some, a group of people to be able to facilitate that. For example, people are, want to make, create new collections, Ansible collections, for automated technologies that they are, you know, working on, or even contribute to existing collections that they have invested interest in. So what are some of the procedures and policies that are needed? Right? So the Steering Committee defines these procedures and make sure that the new content coming in are in compliance to the policies and so on. I mean, this kind of decision-making and stuff has been happening in the committee, I mean the community in an ad hoc manner, to a large extent, even before this. But having the Steering Committee will provide, to add more structure, like I said, and also guidance and accountability for the Ansible Community. >> That's awesome. You know, I love, first of all, I love your title, Principal Community Architect. And you know, one of the things I've always been a big fan of with Ansible, and now as part of Red Hat, is one, Red Hat didn't screw up Ansible. They let it become what it was and became really big with the combination. But the community has always been content driven. And now you've got recipes, you've got collections, you've got content, but the community piece is key. And right now, more than ever with the pandemic, community is more important than ever before. Open source is more important than ever before. How do you look at the architecture of how to sustain and evolve communities to be more inclusive and to grow and to survive and thrive post pandemic? What's your learnings? What's your vision on architecting community for the future? >> I think the key thing is to really find channels and ways to listen to the community. We talk about how to reach our newsletter or whatever, meetings to the community, but it's also what's coming from them. If we don't listen to what they have to say, we don't know what they want and how we can make the community better, the process better for them. I mean, I've been managing different open source communities before Ansible, but every community is different, right? I cannot say what worked for the previous community works for this. So I always try to reach out to the current members in the Ansible Community and hear what they have to say, their complaints, their criticisms, good and bad, because, you know, without those feedback, we cannot grow and we cannot improve. So, and I myself, I've lived in three different continents. So I know the struggle of whether it's like language barriers or time zone restrictions. So, you know, we keep all these in mind as we, you know, build our relationships with the community. >> And I think there's, I think there's a real opportunity with this new virtual standards that not yet emerged. I mean, you mentioned you've been doing hybrid, which has always been part of a physical event, which is going to become normal. But I think there's an opportunity that we're learning in this past a year and a half, where there are new, there are new things and there's, it's good, bad and ugly. I mean, there's been some really ugly conferences. Virtual's a bit painful. But there's also been some really nice moments where people are seeing interaction. So is there any learnings that you've taken away from this past year and a half that you can point to that you might want to share with folks watching around how to tap into the magical moments that could be enabled by, you know, the virtual and or bringing people together? >> You know, I myself, I'm a lover of technology, anything new I like to try. So definitely in this pandemic there's been lots of opportunities to try different technologies. What works, what doesn't work. I think, you know, just trying things out helps. I know sometimes people are resistant to change. I myself sometimes find it hard to change my ways in, in certain, you know, I'm used to this too. I want to use it most of the time, but. But anyway, you know, give, things a chance, but most, I think most importantly, is focus on the people. Because technology aside, it is the people you are reaching out to. Right? So again, listen what they have to say. You know? If this doesn't work for them, find out what they prefer, or you know, what, how we can make things better to improve things for them. So I always keep the focus on the people, on the community and, you know, give new technology a chance. And you know sometimes it works out, sometimes it doesn't, but you don't know 'til try and yeah, just- >> Jump in the water is warm. >> Hope for the best. >> Come on in, water is fine. So the meet-ups are happening. >> Right. >> People are getting together where there, where there's a geography opportunity where there's not a lot of scaring, too much scare going on with the meet-ups. So that's cool. What, what is the current AnsibleFest 2021 key thing that you'd like people to walk away with Carol? Because obviously the momentum is continuing. The world needs to go on. We are seeing hybrid, and then we're going to end up coming out of this soon. What's the, what's the key message this year from the AnsibleFest 2021, from the community. >> That, Ansible is open, Ansible is, you know, open to contributions from anyone. And especially the Ansible Community team is working very hard to make things easy and accessible. So please feel free to visit Ansible.com/community for ways of reaching us. And, you know, use Ansible to automate your stuff, and then use the free time that you have from that to spend more time for your family and friends. >> That's great. Be open. Listen. Now you've got a Steering Committee to steer that ship in the right direction. Congratulations. Thanks for coming on theCUBE and for the update, really appreciate it. Again, props to the community at the Ansible part of Red Hat. You guys do a great job. And again, we'll see you on the other side of the pandemic and thanks for coming in remotely all the way in Finland. >> Thank you so much for having me. Its been my pleasure. Thanks. >> Thank you, Carol. I'm John Furrier for AnsibleFest 2021 coverage. This is theCUBE. Thanks for watching. (bright exit music)