hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

>>Yeah. Hello and welcome to the Cuba's International Women's Showcase, featuring International Women's Day. I'm John, host of the Kiwi here in California. Great remote guest. She's amazing founder and C e O of Cuba, and great to see you. Okay, thanks for coming on. Um, good to see you. >>You as well. Always a pleasure. You >>know, International Women's Day is the big celebration. We're doing a lot of interviews with great people making things happen, moving and shaking things. Um, but every day, International Women's Day, As far as I'm concerned, it's happening all around the world. But these are stories of innovation, the stories of changes, the stories of transformation for the better. You've been doing a lot of things. Um and I want to get into that. But let's start with your background. Tell us a bit about who you are and what you've got going on. >>Yeah, my background is a little strange. I used to be a maritime archaeologists. So dumb shit breaks for a little bit. That was amazing. I always just It's only partial just because it's actually a bit of truth to it, that learning how to, you know, handle things at depth really does train you to be a C e o. Because you learn to control your breath and and focus on the things that matter and not be so reactive because it's three activity that will panic that will kill you. Uh, always knowing how to reframe. Return to the basics. Um, there's a really good things to hold on to, even in the world of business. Right? So I at some point, ended up doing doing a lot of things. Largely business development, following my time diving and amazing woman. Um, another woman for International Women's Day named Doctor who was a biotech entrepreneur from Japan, stepping down as her role at the helm of her company. Um, and she wanted to launch a space for a young innovators from around the world who are doing amazing work to tackle this very complex challenges we all know exist, um, and figure out a way to give them time and space to do their best work and pursue their their highest visions for change. We decided that we would focus on for-profit companies largely who were using sustainable, scalable business models to pursue both profit and purpose. Um creating a virtuous cycle between the return of money to a company and putting that into to go even further and faster towards, um, solving a problem. Um, so we now have companies over 200 companies from around the world that we have helped support tackling every single, sustainable development goal. Um, and I'm proud to say, you know, particularly related to the subject that fifty-nine percent of our companies have a woman founder or CO-FOUNDER. Um, and 69% of the founder of color. Um, so we're working with entrepreneurs from every every area of the world. Many approximate to the problem that they are trying to solve, so they intimately understand it. Um, and they're doing amazing things. >>Yeah, you can help the great mission. You have a lot of other things going on your helping women encouraging them to your career in the tech sector. Um, good statistics could be better, right? Is higher and better. So, um, what are you guys doing? What, you specifically to help and encourage women to forge their career and tech? >>Yeah. I mean, look, the good news is I do think that it's getting better. I particularly think that we will see the adventure is improving. Um, it takes a while because the companies that have been funded up until now are still working in the biggest amount in the later stages. So I think that percentage hasn't been shifting. But I have to believe that that's a bit of an illusion, and then a couple of years, we're going to start to sea level out. But you know as well as I do that they're pretty poultry statistics in terms of the amount of venture that women like cos. Capture, Um, and the other ways that women are doubted, um, in terms of their ability and potential. Um, so we we love to work with any underrepresented group of entrepreneurs, and there's ways that we do that whether it's helping them sort of find their power and hold space and be confident. And, um, you know, be able to pitch to any room, talk to any investor, talk to any customer but also working to be directed about some of the systemic challenges, both in terms of talking to existing investors and trying to educate them to see the opportunities that they're missing because there is a an economic imperative to them understanding what they're missing. Um, but there's also some things that we're doing in-house to make sure that we're also helping to close capital gaps for all our entrepreneurs. So we actually now have a suite of three capital mechanisms that are entrepreneurs can access on the back end of our incubator, a microphone fund, which is very quick turnaround, small amounts of capital for entrepreneurs who existing opportunities owns, which is a tax destination. Just this in the U. S. But that's meant to be deployed so that they can access capital towards revenue without credit checks, collateral being put up, a slow moving pace of banks and C. D. S s. It's particularly useful for people who may not raise venture. And it's useful for, uh, you know, people who maybe don't have that friends and family check that they can expect similar. We've got a great angel network who look at the best impact deals from around the world. Um, and it doesn't have to be a housing company, just a great venture that's pursuing impact on profit. Um, and then lastly, we're just about to announce that we have a fund of our own on the back end of our incubator that funds only healthy and companies. Um, it's an early stage fund. Um, but watch this space because our pipeline is just increasing your every year. We used to sort of just 16 companies here. Now, we're serving 60 this year, so, um, yeah, it's really exciting. Um, and so obviously, it's really great that, you know, we're going to be able to help scale the impact that we want to see. Uh, ideally a lot. A lot faster. >>Well, you definitely taking control. I remember when we had a few years ago. I think four years ago, you just thinking about getting going and going now with great tailwind. Um, >>and the diversity >>of sources of capital as well as diversity of firms is increasing. That's helping, uh, that we're seeing, but you're also got the back end fun for the housing companies. But also, you've been involved in we capital for a long time. Can you talk about that? Because that's a specific supporting women entrepreneurs initiative. Um, yeah. What's up with capital share? That >>was That was another venture that I-i embarked on with such coz. Um as well as Sheila Johnson and Jonny Adam, Person who runs Rethink Impact. We capital is a group of about 16 women that I pulled together women investors to invest through rethink impact, which is another fun that is looking for impact businesses but predominantly looking for those businesses that are led by women. So this investment group is women supporting women. Um, through the use of deployment of capital, um, they're doing amazingly well. They've had some really stunning news recently that I'll let you dig up. >>I'll definitely thanks for the lead there. I'm gonna go jump on that story. >>Yeah, >>the Okay, Thanks for that lead on that trend, though in Silicon Valley and certainly in other areas that are hot like New York, Boston and D. C. Where you're at, um, you're seeing now multiple years in almost a decade in of the pioneers of these women, only funds or women only firms and your investment. Um, and it's starting to increase to under all underrepresented minorities and entrepreneurs. Right? So take us through how you see that because it's just getting more popular. Is that going to continue to accelerate in your mind? Are their networks of networks. They cross pollinating. >>Yeah, I think you know, it's It's I'm glad to see it. And, you know, it's been a long time coming. I think you know, I think we all look forward to a future where it's not necessary. Um, and you know, funds. Just invest in everyone Until then, making sure that we have specific pools of capital allocated to ensure that that, you know, those entrepreneurs who have not always been equally represented get to pursue their ideas not just because they deserve to pursue their ideas, but because the world needs their ideas. Right. And as I mentioned, there is a business imperative, right? We've got lots of examples of businesses like banks that you wouldn't have gotten a shot just because the investors just didn't understand the opportunity. Um, and I think that's normal. That's human. It happens to everyone. You are successful as an investor largely because you recognize patterns. And if something is, you know, outside of your life experience, you are not going to identify it. So it's very important that we create different kinds of capital run by different types of people. Um, and, uh, and you know. I know lots of investors have every type that are investing in these funds because they recognize that, you know, perhaps the highest growth potential is gonna come out of these, you know, particular kind of funds, which is really exciting. >>That's super important, because half the world is women, and that's just like the population is inspired by many new ventures. And that's super exciting trend. I wanna ask you about your other areas of doing a lot of work in the queue has been to buy multiple times, um, initially reporting on a region out there, and that's certainly isn't important part of the world. Um, you've got a lot of good news going on there. Can you share what's going on with, uh, the social entrepreneurship going on in Bahrain around the region? >>Yeah, I'm happy to. We we've actually been so privileged to work with a W S for a very long time. Almost since the start of the incubator they've supported are entrepreneurs, all of our entrepreneurs with access to cloud credits and services. Um, and we've sort of double down with a W S in the last couple of years in areas where We both want to create an uplift, um, for small businesses and rapidly growing tax solutions to these these social environmental problems. We see. So there's been an excellent partner to do that. And one of the areas we did in the water was with rain, particularly with women, tech startups, women tech startups in Bahrain. Yeah, we did that last year. We had an amazing group of women over in D. C. Um, and we continue to support them. One of them is actually in the process of raising. I think she just closed her seed round recently. And that's why for, um, al yet, um, and she created playbook, which is an amazing, uh, platform for women to take master classes and network and really sort of level up, as one says, Um, but also, um, the mall of work. Um uh, just really talented women over in Bahrain, um, pushing the envelope and all sorts of directions, and it was wonderful to get the opportunity to work with them. Um, that has now spawned another set of programs serving entrepreneurs in the Middle East in North Africa. They were also working on with us as well as the U S. State Department. Um, so we're going to be working for the next two years with entrepreneurs to help our recovery from covid. Um, in China. Um, and then I'm also proud to say that we're working with a W s in South Africa because there is just an extraordinary energy, you know, in the continent, Um, and some amazing entrepreneurial minds working on, you know, the many problems and opportunities that they're facing and recognizing. Um So we're supporting, you know, companies that are working on finding, um, skilled refugees to be able to help them resettle and use their talents and make money. Um, sadly, are very relevant company now with what's going on in Ukraine. Um, but also, uh, zombie and satellite company, um, companies that are preventing food, food waste by providing, um, solar-powered refrigerators to rural areas in South Africa. Um, so a lot of, um, you know, just incredible talent and ideas that we're seeing globally. Um, and happy to be doubling down on that with the help of a W s. >>That's awesome. Yeah, following the work when we met in D. C. And again, you always had this international view um it's International Women's Day. It's not North America >>Women's Day. It's >>International Women's Day. Can you share your thoughts on how that landscape is changing outside the U. S. For example, and around the world and how the international peace is important and you mentioned pattern matching? Um, you also, when you see patterns, they become trends. What do you see forming that have been that that are locked in on the U. C they're locked in on that are happening that are driving. What are some of those trends that you see on the international side that's evolving? >>Yeah. You know, I think the wonderful opportunity with the Internet and social media is that, you know, both, uh, we can be more transparent about areas for improvement and put a little pressure where maybe things are moving fast enough. We've all seen the power of that, Um, the other, um, you know, things that certainly in countries where women maybe as free to move and operate, they can still acquire skills education they can set up cos they can do so so much. Um, you know, through these amazing technologies that we now have at our disposal growing an amazing rates. Um, they can connect via zoom. Right? I think that while the pandemic definitely set women back and we should acknowledge that, um, uh, the things that the pandemic perhaps helped us to exponentially scale will move women forward. And perhaps that's the target to hang on to, to feel optimistic about where we're headed. >>And also, there's a lot of problems to solve. And I think one of the things we're seeing you mentioned the Ukraine situation. You're seeing the geopolitical landscape changing radically with technology driving a lot of value. So with problems comes opportunities. Um, innovation plays a big role. Can you share some of the successful stories that you were inspired by that you've seen, um, in the past couple of years. And as you look forward, what What some of those innovation stories look like? And what are you inspired by? >>Yeah. I mean, there's so, so many. Um, you know, we just, uh, had a couple of entrepreneurs, and just the last year, Um, you know, after I think everyone sort of took an initial breath with the pandemic, They realize that they either had an opportunity or they had a problem to solve to your point. Um, and they did that well or not. And or some of them, you know, just didn't didn't have any more cards to play and had to really pivot. Um, it was really interesting to see how everyone handled handled that particular moment in time. One company that I think of is everywhere. Um, and she had created a wearable device that you can just put on your ear. It looks like an earring right at the top of your ear. Um, and it was for her for herself because she suffered from pulmonary complications. And, uh, without more discreet wearable, you know, had to wear a huge device and look around and oxygen tank and, you know, just to sort of have a good quality of life. Um, it turns out, obviously, during covid, that is a very useful item, not just for patients suffering from covid and wanting to know what their oxygen levels were doing, but also potentially athletics. So, um, she's really been able to double down as a result of the trends from the pandemic. Um, and I'm really proud of part of her. And that's actually where another great one that we just just came through. Our last 15 is Maya. Um, and she had a brick and mortar store. Um, uh, called Cherry Blossom. Intimate where she helped women have an enjoyable experience finding, uh, and fitting bras post mastectomy to include sort of, you know, the necessary, um, prosthetics and things like that. Um, she even made it so that you could go with your friends who haven't had a mistake, and she could also find some lovely luxury. Um, but the pandemic meant that that experience was sort of off the table. Um, and what they did was she decided to make it a technological one. So now she's she's essentially will be part of it. You can, you know, go to my, um, online. And you can, um, you know, order, uh, measure yourself, work with a specialist, all online, get a few different options, figure out the one that's perfect for you and the rest back. Um, and I don't think without the pandemic, that would not have happened. So she's now able to serve exponentially more. Um, you know, women who deserve to feel like themselves post it to me. >>That's also a model and inspirational. I have to ask you for the young women out there watching. What advice would you share with them as they navigate into a world that's changing and evolving and getting better with other women, mentors and entrepreneurs and or just an ecosystem of community? What advice would you give them as they step into the world and have to engage and experience life? >>Yeah, gosh, part of me always wants to resist that they don't listen to anyone to do you follow your heart, follow your gut, or at least be careful who you listen to because a lot of people will want to give you advice. I would >>say, Uh, that's good advice. Don't take my advice. Well, you've been a great leader. Love the work, you're doing it and I'll say N D. C. But all around the world and again, there's so much change going on with innovation. I mean, just the advances in technology across the board, from with machine learning and AI from linguistics and understanding. And I think we're going to be a bigger community. Your thoughts on as you see community organically becoming a big part of how people are engaging. What's your what's your view As you look out across the landscape, communities becoming a big part of tribes. What's your vision on how the role of communities place? >>You know, we we actually do you think a lot about community and healthy. And we say that are you know, alchemy really is providing space, you know, physical and mental space to think, um, access access to capital access to networks, Um, community, Um, and the community piece is very, very important. Are entrepreneurs leave us like the number one thing that they miss is being among like-minded, um, you know, slightly slightly crazy audacious people. Um, and I often joked that we're building a kind army because it is, you know, it's people who want to do it differently if people want to do it with integrity. Is people who are in it for a very different motivations than just money. Um, and, you know, you start to feel the power of that group together and its entirety and what that might look like as as a community solving global problems. Um, and it really is inspiring. Um, I do think that people are starving for FaceTime and people time, real human time after the pandemic, I think they won't go away. It's a great tool, but we all want a little bit of that, and I will mention just along those lines. And if you don't mind a quick plug for an event that we're having March 16, Um, also in partnership with a W s called Build her relevant to International Women's Day as well. People can, either. If they're in the city, they can come in person. But we also have a virtual program, and we'll be listening to some of the most inspiring. Women leaders and entrepreneurs both in government and also the private sector share their knowledge on the side of the pandemic for for, you know, the next tribal group of women entrepreneurs and leaders. >>That's great. Well, you are on our website for sure. >>Thank you. Thank you. Appreciate it. >>And we love the fact that you're in our community as well. Doing great work. Thanks for spending time with the Cube and on International Women's Day celebration. Thanks for coming on and sharing. >>Thank you, John. >>Okay. The Cube International showcase Women's Day, featuring some great guests all around the world, Not just in the U S. But all over the world. I'm your host. Thanks for watching. Yeah, Yeah, yeah, hm, Yeah.

>>you welcome to the cubes, continuing coverage of Splunk dot com. 21 I'm lisa martin of a couple guests here with me. Next talking about Splunk H P E N. Deloitte, please welcome Casey Clark, Managing Director and chief architect at Deloitte and Elias Alanya Master Technologists Office of the North American C T O at H P E. Guys welcome to the program. Great to have you. >>Thank you lisa. It's great to be here. >>Thanks lisa >>Here we still are in this virtual world the last 18 months, so many challenges, some opportunities, some silver linings but some of the big challenges that organizations are facing this rapid shift to remote work. The rapid acceleration In digital transformation ran somewhere up nearly 11 x in the first half of this year alone. Solar winds talk to me about some of the challenges that organizations are facing and how you're helping them deal with that Casey >>we'll start with you So most of our clients as we move to virtual um have accelerated their adoption of multiple cloud platforms. You know, moving into a W S into Azure into google. And one of the biggest challenges is in this distributed environment, they still have significant workloads on prem Part of the workloads are in office 3 65. Part of them are in salesforce part of them they're moving into AWS or big data workloads into google. How do you make this all manageable from both. A security point of view and accelerating threats. Uh make that much worse but also from an operational point of view, you know, how do I do application performance management when I have workloads in the cloud calling. Api is back on prem into the mainframe. How do I make an operationally when I have tons of containers and virtual machines operating out there? So the importance of Splunk and good log management observe ability along with all the security management and the security logs and being able to monitor for your environment in this complex distributed environment is absolutely critical and it's just going to get more complex as we get more distributed. >>How can companies given the complexity? How can companies with these complicated I. T. Landscapes get ahead of some of these issues? >>One of the things that we really focused on making sure that you're getting ahead of those and you know we work with organizations like Splunk and Deloitte is how do we how do we collect all of the data? Not just a little bit of it, you know Splunk, help and Deloitte are helping us look across all of those places. We want to make sure that we can can really ingest everything that's out there and then let the tools like Splunk then use all of that data. We found a lot of organizations really struggle with that and with the retention of that data it's been a challenge. So those are things that we really worked hard on figuring out with organizations out there um how to how to ingest retain and then modernize how they do those things at the same time. >>I was reading the Splunk state of Security report which they surveyed over 500 security leaders I think it was over nine um global economies and they said 78% of security and I. T. Leaders worry 78% that they're going to be hit by something like solar winds. Um That style of attack Splunk saying security is a data problem but also looking at all this talk about being on the defensive and preventing attacks the threat landscape escaping companies also have to plan for growth. They have to plan for agility. How do you both help them accomplished? Both at the same time Casey will start with you. >>Well fundamentally on the security front you start with security by design. You're designing the logging the monitoring the defenses into the systems as they are being designed up front as opposed to adding them when you get to Um you know you 80 or production environment. So security by design much like devops and Fc cops is pushing that attitude towards security back earlier in the process so that each of the systems as we're developing them um have the defenses that are needed and have the logging that are embedded in them and the standards for logging so that you don't just get a lot of different kinds of data you get the data you actually need coming into the system and then setting up the correlation of that data so you can identify those threats early through a i through predictive analytics, you get to identify things more quickly. You know, it's all about reducing cycle times and getting better information by designing it in from the beginning, >>standing in from the beginning that shifting left Elias. What are your thoughts about this, enabling that defense, designing an upfront and also enabling organizations to have the agility to grow and expand? >>Yes, sort of reminded of something our friends with the Blue oval used to say in manufacturing quality isn't inspected, it's built in right and and two cases point you have to build it in. We've we've definitely worked with delight to do that and we've set up systems so that they have true agility. We've done things like container ice block with kubernetes uh you know, work with object storage. A lot of the new modern technologies that maybe organizations aren't quite accustomed to yet are still getting on board with. And so we wrap those up in our HP Green Lake managed services so that we can provide those things to organizations that aren't maybe aren't ready for them yet. But the threat landscape is such that you have to be able to do those things if you're not orchestrating these thousands and thousands of containers with something like kubernetes, it's just it becomes such a manual labor intensive process. And so that that labor intensive, non automated process. That's the thing that we're trying to remove. >>Well that's an inhibitor to growth, right number one there, let's go ahead and dig into the HP. Deloitte Splunk solution case. I'm going to go back over to, you talk to me about kind of the catalyst for developing the solution and then we'll dig into it in terms of what it's delivering. >>So Deloitte has had long term partnerships with both H B E and Splunk and we're very excited about working together with them on this solution. Um the HP Green Light, which is hardware by subscription, the flexibility of that platform, you know, the cost effectiveness of the platform. Be able to run workloads like Splunk on it that are constantly changing. You have peaks and valleys depending on, you know, how much work you're doing, how many logs are coming in and so being able to expand that environment quickly through containerized architecture, Oz Funk, which is what we worked on, um you know, with the HP Green Light team uh and and also with spunk so that we can Federated the workloads and everything that's going on on prem with workloads that are in the cloud and doing it very flexibly with the HP on prim platform as well as, you know, Splunk on google and Azure and Splunk cloud um and then having one pane of glass that goes across all of it has been very exciting. You know, we were getting lots of interest in the demo of what we've done on the Green light platform and the partnership has been going great, uh >>that single pane of glass is so critical. We talked about cloud complexity a few minutes ago, customers are dealing with so many different applications there now in this hybrid multi cloud world, it's probably only going to proliferate, Let's talk to me about H P. S perspective and how you're going to help reduce the cloud complexity that customers in every industry are facing. >>Yeah, so within the HP Green Lake umbrella of portfolio, we have set up our uh admiral container platform, for example, are Green Lake management services. We bring all these things together in a way that that really can accelerate applications uh that can make the magic that Deloitte does work underneath. And so when, when our friends at Deloitte go and build something, someone has to, has to bring that to life, has to run it for for our customers. And so that's what Hb Green Lake does, then we do that in a way that fundamentally aligns to the business cycles that go on. And so, uh you know, we think of cloud as an operating model, not necessarily just a physical destination. And so we work on prem Coehlo public hybrid Green Lake spans across all of those and can bring together in a way that really helps customers. We've seen so many times, they have these silos and islands of data. Um you know, you've got uh data being generated in the cloud. Well, you need Splunk in the cloud, you've got the energy generated in uh, Amelia, Well you've got spunk into me and so so Deloitte's really done some great things to help us put that together and then we, we underpin that with the, with the green like uh management services with our software and our infrastructure to make it all >>work. Yeah, Elias, one of the areas that you just mentioned is is one of the hottest trends that we've noticed out there. A lot of clients, you know, with the competition for skilled resources out there on the engineering side and operations are looking at managed services as an option to building, you know, their own technology, you know, hiring their own team, running it themselves and the work that we do with both on the security side as well as operations to provide managed services for our clients in collaboration with companies like HP E and running of the Green Lake platform platforms as well as one cloud, those combined services together and delivered as a managed service uh to our clients is an exciting trend out there that um, is increasingly seen as very cost effective for our clients >>saving cost is key case. I want to get your perspective on what you think differentiates this, this solution, the technology alliance, what are the differentiators in this from Deloitte's lens. >>So bringing the expertise of a company like HP and the flexibility and expand ability of the Green lake platform and the container ization that they've done with Israel, you know, it's, it's bringing that cloud like automation and virtual and flexibility to on uh, the on prem and the hybrid cloud solution combined with Splunk who is rapidly expanding not only what they do in the security space where the constantly changing security landscape out there, but also in observe ability application, performance management, um, Ai ops, um, you know, fully automated and integrated response to operational events that are out there. So HP is doing what they do really well and adapting to this new world. Splunk is constantly changing their products to make it easier for us to go after those operational issues. And Deloitte is coming in with both the industry and the technical experience to bring it all together, you know, how do you log the right things, you know, how do you identify, you know, the real signal versus the noise out there? You know, when you're collecting massive amounts of log data, you know, how do you make it actionable? How can you automate those actions? So by bringing together all three of these berms together, uh we can bring a much better, much, much more effective solutions to our clients in much shorter time frames, >>Shorter time frames are key given that one of the things we've learned in the last 18 months, is that real time is really business critical for companies in every industry unless I want to get your perspective from a technology lens, talk to me about the differentiators here, what this solution is three way alliance brings to your customers. >>Yeah, sure thing. We've done a lot of work with Deloitte and with Intel also on performance optimization, which is, is key for any application and that gets to what I mentioned earlier of bringing more data in some of the work that we've done with until we've able been able to accelerate Are the ingest rate of Splunk by about 17 times, which is pretty incredible. Uh, and that allows us to do more or do more with less and that can help reduce the cost. Also done a lot of work on the, on the setup side. So there's a lot of complexities in running a big enterprise application like Splunk. Um, it does a lot of great things but with that comes some complications for sure. And so, uh, a lot of the work that we've done is to help really make this production ready at scale disaster tolerance and bring all of those things together. And that >>requires a fair amount of >>work on the back end to make sure that we can, we can do that at scale and, and to be a, you know, to run, you know, in a way that businesses of significant size can take advantage of these things without having to worry about what happens if I lose a data center or what happens if I lose a region. Um And and to do those things with absolute assurance >>That's critical case you have a question for you. How will this solution help facilitate one of the positives that we've seen during the last 18 months and that is the strengthening of the IT security relationship. What are your thoughts there? >>I think one of the important things here is that the standardization and automation of what we're what we're bringing together you know so that security can monitor all the different things that are being configured because I can go in and look at the automation that it's creating them. So we have a very dynamic environment now with the new cloud based and virtualized environment so going in and manually configuring anything anymore. It's just not possible. Not when you're managing tens of thousands of servers out there. So security working together very closely with operations and collaborating on that automation so that the managed services are are configured right from the beginning as we talked about security about design. Operations by design in the beginning it's that early collaboration and that shift left that is giving us the very close collaboration that results in good telemetry, good visibility you know good reaction times on the other end. >>That collaboration is something that we've also seen is really a key theme that's emerged I think from all of us in every industry in the last 18 months. And I want to punt the last question to you and that's where can customers go to learn more information? How do they get started with this solution? >>A great way to get started is to reach out to our partners like Deloitte, they can help you on that journey. Hp. Es there, of course. Hp dot com. We have a number of white papers, collateral presentations, reference architecture is you name it, it's out there. But really every organization is unique. Every every challenge that we come up with always requires a little bit of hard thinking and and so that's why we have the partnership >>to be able to work with customers and collaborate. I'll say to really identify what their challenges are, how they help them in this very dynamic. No doubt continuing to be dynamic market. Thank you both so much for joining me talking to me about what Deloitte Splunk NHP are doing, how you're helping customers address that cloud complexity from the security lens, the operations lens. We appreciate your time. >>Thanks lisa. Thank you lisa tonight >>For my guests. I'm Lisa Martin, you're watching the cubes coverage of splunk.com 21. Yeah. Mhm

>>mhm. Here live in Washington D. C. For two days of wall to wall coverage. I'm john for your host of the cube. Got two great guests here, constant Thompson V. P. Of diversity equity inclusion program at a core american council of renewable energy and Blair Anderson, director of public policy industries at AWS. Thanks for coming on the cube. Thanks for having us. So first of all, big announcement on stage max Peterson, head of public sector announced some big news with a core. Tell us what it >>is. Well we are going to be partnered with amazon to do a supply chain study on how we can best diversify the renewable energy supply chain. So we're actually gonna have baseline data on where we should start to be able to create a program that's going to be a model for the renewable energy industry on how to develop and support the success of black women and bipac owned um firms. So >>this program that you're running accelerate accelerate your programs and membership tell more has it worked? And why the successes having, what is amazon's relationship with it Besides funding? Is there other things you can talk about? >>Yeah. So accelerate wouldn't have been possible if it wasn't for people like Shannon Kellogg with a W. S. Um who about a year ago after the George Floyd murders said, you know, what are we doing as a core? He sits on our board um in this area and we had to say nothing. So um Shannon. And a group of leaders got together and workshop this idea. Let's create a membership program for women and minority owned businesses so that they can be successful in renewable energy. Let's pick a cohort and let's do whether it takes to make them successful. Everything from introducing them to business connects, to mentoring them to even legal services for them. >>Well, yeah, this is like an interesting dynamic. Remember Andy Jassy was on stage when he was the ceo of a W S a year ago, I kind of was preaching, you hate that, I said that word, but preaching to the audience build, build, build, there's an entrepreneurship, public sector vibe going on right now, very entrepreneurial across every industry. I mean, this is a real thing that's going on. >>Yeah, so we're super excited about this opportunity, the work that core has done to lead on this program for the last year, especially with Constance coming in, becoming the leader has kind of been able to take this idea that she mentioned that AWS was kind of a founding member at the genesis of it about a year ago. She's taking this idea that many of these folks put on paper And been able to turn it into a really hard substantive efforts to move it forward. So we've been able to have great conversations with many of these 15 companies that have been brought into the program and start building a relationship with them. I think, as you have seen around a WS like we believe strongly in innovation and creativity. the renewable energy industry is very similarly there is a lot of kind of thinking big and innovative spirit that needs to take place in that space and having the diversity at all levels of these companies is kind of an important component to be able to move that entrepreneurship forward. >>You know, cost is one of the things that we've been reporting on until getting on the cube is right in the wheelhouse of what you're doing is a cultural change happening. And that cultural change with amazon and cloud computing is causing structural changes which are opportunities like radical structural changes. So that means old incumbent, the old guard as you guys call it, this can be replaced not because people hate them because they're inadequate. So you start to see this kind of mindset shift, entrepreneurial, impact oriented I can make a change but actually I can level up pretty quick because the people in charge don't know cloud, I mean I hate to put it bluntly like that, but if you're not on that edge, if you're not not on that wave, your driftwood. >>Yeah. You know it's funny you say that I like to call it, our members are making systemic disruptions to the system in a very equitable way, meaning our members are in communities like Chicago Jackson Tennessee there in the north end of texas, they are in um everywhere and they're in the communities, making these systemic disruptions to the way things happen, the way we talk about renewable energy to the way we deploy solar, they're making those kind of changes. So to your point they're doing it, we have to catch up to them because they're already out there, they're moving their entrepreneurial, >>it's like, it's like there's a class of entrepreneurship and evolving and it's like everyone's got the pedigree, this or that knowledge is knowledge and you can apply it in software, you could be shrink wrapped software you put on the shelves called shelf where no successful inventory, give it back cloud computing. If you're not successful. Like right now it's not working. So if you don't have results, no one bought it, it must not work. So it's easy to identify what's working. Yes, so that eliminates a lot of dogma, a lot of weird blocking. It's true, this is a democratization of >>absolutely, I think you're talking about transparency and transparency is one of the tenets of inclusion. If you're truly doing things to be inclusive, transparent and that's where you see the changes, that's exactly what you're talking >>about data driven. That's one thing I love about this data world data is now part of like how apps are built, it's not like a database, then you go fetch a file data is now transparently available. If you know what to look for it if it's available. So the whole old silo mentality, this is one of the amazon strength blair you guys are doing. So I have to ask how is this translating out in the public policy world because you know, when you can make this kind of change quicker, you're gonna have some wins under your belt. Yeah, you gotta double down on those. I >>think, I think there's a lot of transformation we're talking about in this conversation. You take kind of one of the missions we're talking about here, which is around clean energy and the expansion of clean energy, Aws and Amazon. We have procured 10 gigawatts of renewable power and making us the largest corporate procure globally, to kind of put that in maybe a little bit more approachable context, that's the equivalent of powering 2.5 million homes. Um and there's still farther to go to be able to meet that kind of think big that is happening in the industry right now, you have to have a broad, diverse industry to be able to reach all those communities to be, have kind of all types of different leaders in it, because we need everybody at the table both for the industry, but also for the communities that are being served. >>What does sustainability mean to you? Because this is a core focus, I know the energy things huge, but it's not obvious to some people, but it's getting better. What are the what's the core 10ets behind the sustainability strategy? >>Yeah, no, I think there's a lot of different ways you can take a stab at that for us. It's uh probably most uh out there in the public that people talk about is our climate pledge. This is kind of a um goal that we've set to be uh net zero carbon by 2040 which is 10, 10 years ahead of the paris Climate change within that. There are components of that that are related to electric vehicles, clean energy, renewable energy procurement, carbon offset programs around the world. I think throughout all of that is kind of coming back to, as you said, with sustainability and approaching climate change as a as an issue that needs a comprehensive holistic approach to talk >>about some of the stories and the members that you have because is the recruiting strategy climate change? Or is there another like how do you because renewable energy could be a no brainer, but how to get people excited? Like save the world. What's the what's the what's the, what are people aligning with then? What's their reaction? So, >>You know, it's very simply the way we see with our members, most of our members, 87% of them are in the solar area. Many of them when we talk about sustainability, how can people live their lives in a way where they save money on their energy bills? How can communities understand how they can harness their own renewable energy, make a little money from that, but also live their lives in a very peaceful, sustainable, peaceful, sustainable way. Right, so that's part of it as an example, a couple of examples is that we have um 548 capital is a member company. And keep in mind that these are early startup companies. 5 48 capital is in Chicago and their models started off with we want all homes in our communities and these are places in the hood, some of them um son text works with people, it works with spanish speaking customers solely in texas where they explain to them the benefits of renewable energy. They explain the benefits of a sustainability and what it is. I mean that's so that's kind of what we're looking >>at here is just kind of show up and just kind of telling the truth >>exactly and show them the benefits that they've kind of not been leading on. Actually. The other thing is that this is about economics. So this renewable energy movement that we're going through is about economics. It is a it's our next wave of being able to ensure americans are able to live lives in a in a way that's meaningful economic. >>Well you've got visibility on the unit economics event good energy. There's also a community angle. >>Yes, absolutely. >>About some of those stories around the community response to this idea, wow this actually is gettable. Yeah, we >>solar is one of our members and it's owned by the first female community solar own company out of. She's out of Baltimore but she has a solar farm here in D. C. And what she did was was engaged churches in how can you get involved in this renewable energy movement? How can you save money? How can you create a community around around this work? We sold as an example of that um son text, I have to mention them again. They speak with they work with only spanish speaking customers who had no clue about this and who are now making having their lives live better because of it, >>you know, affecting change is hard now you've got a tailwind with structural change in systemic opportunities there. What are the blockers? What are the blockers right now? Is an awareness, is it participation community? >>I'm sorry, it's your show and I've >>interrupted, you know, >>we talk about entrepreneurs in the space, particularly women and those from bipod communities. The first thing that you'll hear is they'll say we don't have access to capital people. The terms around getting capital to start up are tough and their barriers there's so that's one the second is awareness and that's awareness of introducing them to companies that might want to do business with them. So that's something that's a benefit for a core occurs. Members are all people who touch every renewable energy transaction from the finances to the developers to the to the buyers. So this is what makes it unique. So what we're doing with accelerate is breaking down the barriers of access to capital by introducing them to people who can potentially support their work but also introducing them to companies that can help them be a part of their supply chain, which is why the study that max announced is amazing because we're going to be able to have baseline data on what, what are the demographics of the supply chain in the renewable energy and what can we do about it? And we're gonna scale accelerate to be a model for the industry >>and that's the transparency angle. Get the baseline, understand this is classic Amazonian thinking, get the baseline, raise the bar, >>you can see why you get >>so OK, so a lot of great stories, how do people get involved? Obviously amazon is taking the lead leadership role here. What can people do to get involved? >>So if you want to support the program as amazon is a corn dot org accelerate or Thompson at a core dot org. That's my email address. If you'd like to become a member company and accelerate program will be opening up applications towards the latter part of this year november december again a core dot org slash accelerate >>renewable energy. What's the coolest thing you've seen so far in your programme around neutral energy um, could be story, it could be people story could be tech story. What's the coolest thing you've seen spot there? Yeah, you really did. You >>know, I think we have a company called clear look, that's a member there out of Jackson Tennessee and they're actually working with retailers are renewable energy credits to create, to create renewable energy farms in their area. And I, what I think is so cool is that she's disrupting the way that you go about using renewable energy credits. Clear loop dot org. Look them >>up in the new york times. Had a story. I'm just reading California other areas. We have a high density of electric vehicles, it's training the power grid. So this idea of coming in, come back is what it's not sure yet. It's not, this is kind of where it's going. So okay, what's the cool thing you've seen? >>No, for me, I've just enjoyed kind of, I've enjoyed the journey. I think the moment for me where I could see that this was real and this was going to be a impactful program constants organized. It's called a speed dating, a virtual speed dating for us with about eight different companies and it was fascinating to get on, spend some time being able to interact with eight different companies. Um, who we probably would not have ever had kind of introduction to before in the past either. They didn't know how to get in touch with us. We didn't know how to get in touch with them and it kind of opens your eyes to all the different ways. People are approaching this problem and starts the executives who I had in these colors. You can see their wheels spinning the ideas sparking of oh there's some cool ideas here. There's something new that we could do. We should explore further. Nothing I can announce at the moment but lots of lots of good uh I'm >>sure the baseline max got baseline studies. I'm sure there will be a lot of doubling down opportunities on success or not success because you want to have the data, you know what to work on. Its true cause a great mission. I'm really impressed. Congratulations. Thank you announcement and love the programme. Thank you. Take a minute to give a plug anyone or public >>thanks Shannon Kellogg. Shannon was really behind it. He's a member of our board represents a W. S. And was really behind, we gotta do something. It's got to be unique and it's got to be something intentional. And here we are today I want to give a >>great opportunity. Thanks for coming in, appreciate it. Thank you for having more cube coverage here from Washington D. C. Amazon web services, public Sector summit. An event in person where people are face to face. This is great stuff is the cube right back after this short break. Mhm. Mhm. Mhm

>>let's bring in jerry Chen from Greylock is he here? Let's bring him in there? He is. >>Hey john good to see you. >>Hey congratulations on an amazing talk and thesis on the castles on the cloud. Thanks for coming on. >>All right, well thanks for reading it. Um, always were being put a piece of work out out of the ether, not sure what the responses, but it seemed to resonate with a bunch of developers, founders, investors and folks like yourself. So smart people seem to gravitate to us. So thank you very much. >>Well, one of the benefits of doing the Cube for 11 years, Jerry's, we have videotape of many, many people talking about what the future will hold. You kind of are on this early, it wasn't called castles in the cloud, but you were all, I was, we had many conversations were kind of connecting the dots in real time, but you've been on this for a while it's great to see the work. I really think you nailed this. I think you're absolutely on point here. So let's get into it. What is castles in the cloud? New research come out from Greylock that you spearheaded? It's collaborative effort, but you've got data behind it. Give a quick overview of what is castle the cloud, The new modes of competitive advantage for companies. >>Yeah, it's as a group project that our team put together but basically john the question is how do you win in the cloud? Remember the conversation we had eight years ago when amazon re event was holy cow like can you compete with them? Like is it a winner? Take all, Winner take most. And if it is winner take most. Where are the white spaces for some starts to to emerge clearly the past eight years in the cloud this journey we've seen big companies data breaks, snowflakes, elastic mongo data robot. And so um they spotted the question is you know, why are the castles in the cloud? The big three cloud providers amazon google and as you're winning, you know, what advantage do they have? And then given their modes of scale network effects, how can you as a startup win? And so look, there are 500 plus services between all three cloud vendors but there are like 500 plus um startups, competing gets a cloud vendors and there's like almost 100 unicorn of private companies competing successfully against the cloud vendors, including public companies. So like Alaska Mongo snowflake, No data breaks. Not public yet. Hashtag or not public yet. These are some examples of the names that I think are winning and watch this space because you see more of these guys storm the castle if you will. >>Yeah. And you know one of the things that's a funny metaphor because it has many different implications. One, as we talk about security, the perimeter of the gates, the most being on land, but now you're in the cloud, you have also different security paradigm. You have a different um new kinds of services that are coming on board faster than ever before, not just from the cloud players, but from companies contributing into the ecosystem. So the combination of the big three making the market the main markets, you, I think you call it 31 markets that we know of that probably maybe more. And then you have this notion of sub market, which means that there's like, we used to call it white space back in the day. Remember how many whites? Where's the white space? I mean if you're in the cloud there's like a zillion white spaces. So talk about this sub market dynamic between markets and that are being enabled by the cloud players and how these sub markets play into it. >>Sure. So first, the first problem was what we did, we downloaded all the services for the big three clowns. Right. And you know what as recalls a database or database service, like a document dB and amazon is like Cosmo, dB and Azure. So first thing first is we had to like look at all three cloud providers and you? Re categorize all the services almost 500 Apples, Apples, Apples, # one. Number two, is you look at all these markets or sub markets and said, okay, how can we cluster these services into things that you know, you and I can rock. Right, That's what amazon as well. And google think about it is very different. And the beauty of the cloud is this kind of fat long tail of services for developers. So instead of like oracle as a single database for all your needs, they're like 20 or 30 different databases from time series um, analytics, databases we're talking rocks at later today, right? Um uh, document databases like mongo search database like elastic and so what happens is there's not one giant market like databases, there's a database market and 30 40 sub markets that serve the needs developers. So the Great News is cloud has reduced the cost and create something that new for developers. Um also the good uses for a start up, you can find plenty of white speech solving a pain point very specific to a different type of problem >>and you can sequence up the power law to this. I love the power of a metaphor, you know, used to be a very thin neck note no torso and then a long tail. But now as you're pointing out this expansion of the fat tail of services but also this big tam's and markets available at the top of the power law where you see coming like snowflake essentially take on the data warehousing market by basically sitting on amazon and re factoring with new services and then getting a flywheel completely changing the economic unit economics completely changing the consumption model completely changing the value proposition literally >>you snowflake has created like storm create a hole that mode or that castle wall against red shift. Then companies like rock set real time analytics, It's Russian right behind snowflakes saying, hey snowflake is great for data warehouse, but it's not fast enough for real time analytics. Let me give you something new to your, your parallel argument. Even the big optics snowflake have created kind of a wake behind them that created even more white space for Gaza rock set. So that's exciting for guys like media. >>And then also as we were talking about our last episode two or quarter two of our showcase, um, from a VC came on, it's like the old shelf where you didn't know if a company's successful until they had to return the inventory now with cloud. If you're not successful, you know it right away. It's like, it's like there's no debate. Like, I mean you're either winning or not. This is like that's so instrumented. So a company can have a good better mousetrap and win and fill the white space and then move up. >>It goes both ways. The cloud vendor, the big three amazon google and Azure for sure. They instrument their own class. They know john which ecosystem partners doing well in which ecosystems doing poorly and they hear from the customers exactly what they want. So it goes both ways they can weaponize that just as well as you started to weaponize that info >>and that's the big argument of do that snowflake still pays the amazon bills, they're still there. So again, repatriation comes back. That's a big conversation that's come up. Um, what's your quick take on that? Because if you're gonna have a castle in the cloud, then you're gonna bring it back to land. I mean, what's that dynamic? Where do you see that compete? Because on one hand is innovation, the other ones maybe cost efficiency. Is that a growth indicator? Slow down? What's your view on the movement from and to the cloud? >>I think there's probably three forces you're finding here. One is the cost advantage in the scale advantage of cloud. So that I think has been going for the past eight years. There's a repatriation movement for a certain subset of customers, I think for cost purposes makes sense. I think that's a tiny handful that believe they can actually run things better than a cloud. The third thing we're seeing around repatriation is not necessary against cloud, but you're gonna see more decentralized clouds and things pushed to the edge. Right? So you look at companies like Cloudflare Fastly or a company that we're investing in Cato networks. All ideas focus on secure access at the edge. And so I think that's not repatriation of my own data center, but it's kind of a disaggregated of cloud from one giant monolithic cloud, like AWS East or like a google region in europe to multiple smaller clouds for governance purposes, security purposes or legacy purposes. >>So I'm looking at my notes here, looking down on the screen here for this to read this because it's uh to cut and paste from your thesis on the cloud, the cloud. The of the $38 billion invested uh this quarter. Um uh Ai and ml number one um analytics number two, security number three. Actually security number one. But you can see the bubbles here. So all those are data problems I need to ask you. I see data is hot data as intellectual property. How do you look at that? Because we've been reporting on this and we just started the cube conversation around workflows as intellectual property. If you have scale and your motives in the cloud, you could argue that data and the workflows around those data streams is intellectual property, it's a protocol. >>I believe both are. And they just kind of go hand in hand like peanut butter and jelly. Right? So data for sure. I p So if you know people talk about days in the oil, the new resource. That's largely true because the powers a bunch. But the workflow to your point john is sticky because every company is a unique snowflake, right? Like the process used to run the cube and your business different how we run our business. So if you can build a workflow that leverages the data that's super sticky. So in terms of switching costs, if my work is very bespoke to your business then I think that's competitive advantage. >>Well certainly your workflow is a lot different than the cube. You guys. Just a lot of billions of dollars in capital. Uh, we're talking to all the people out here jerry. Great to have you on final thought on your thesis. Where does it go from here? What's been the reaction? Uh, no, you put it out there. Great, love the research. I think you're on point on this one. Where did, where's it go from here? >>We have to follow pieces. Um, in the near term one around, you know, deep diver on open source. So look out for that pretty soon. And how that's been a powerful strategy a second is this kind of disaggregated of the cloud be a Blockchain and you know, decentralized apps, be edge applications. So that's in the near term two more pieces of, of deep dive we're doing. And then the goal here is to update this on a quarterly and annual basis. So we're getting submissions from founders that wanted to say, hey, you missed us Or he screwed up here. We got the big cloud vendors saying, Hey jerry, we just lost his new things. So our goal here is to update this every single year and then probably do look back saying, okay, uh, were we wrong? We're right. And then let's say the castle clouds 2022 we'll see the difference were the more unicorns, were there more services were the IPO's happening. So look for some short term work from us on analytics, like around open source and clouds. And then next year we hope that all this forward saying, Hey, you have two year, what's happening? What's changing? >>Great stuff And, and congratulations on the Southern news. You guys put another half a billion dollars into early, early stage, which is your roots. Are you still doing a lot of great investments in a lot of unicorns? Congratulations that great luck on the team. Thanks for coming on And congratulations. You nailed this one. I think I'm gonna look back and say that this is a pretty seminal piece of work here. Thanks for for sharing. >>Thanks john, Thanks for having me as >>always.

>>Welcome to the AWS Startup. Showcase new breakthroughs in devops, did analytics and cloud management tools. I'm lisa martin, I've got Jordan share here with the next vice president of corporate marketing Ops ramp, Jordan welcome to the program >>lisa It's great to be here. Great to talk about some of the stuff. Thanks for having me. >>Yeah let's break this down. Tell me, first of all about Ops ramp, how is it facilitating the transformation of I. T. Ops helping companies as your website says control the chaos. >>Sure. So option is an availability platform for the modern enterprise. We consolidate digital I. T. Operations management into one place. So availability as you can imagine um is a consistent challenge for I. T. Operations teams in large enterprises maintaining service assurance, making sure that services are up available, performing uh Ops tramp is the platform that powers all of that and we bring a lot of different features and functions to bear in driving availability. I think about ai ops I think about hybrid infrastructure monitoring, multi cloud monitoring, that's all part of the options offering. Modern enterprise. >>Talk to me about back in 2014 what the founders saw of Ops ramps, what were some of the gaps in the market that they saw that this needs to be addressed and no one's >>doing? It's a great question. So abstract was originally founded as part of an MSP offering. So we were a platform serving managed service providers who wanted to consolidate the infrastructure of their clients onto one multi tenant platform. What they noticed was that these enterprise customers of the MSP s whom we served. Really appreciated that promise of being able to consolidate infrastructure, being able to visualize different alerts, different critical incidents that might arise all on one platform. And so that's when we decided to raise around and take it directly to the enterprise so they could have the same kind of visibility and control that MSP s were delivering back to them, >>Visibility and control is essential, especially if your objective is to help control the chaos. Talk to me about some of the trends that you've seen, especially in the last 18 months, as we've been in such a dynamic market, we've seen the rapid acceleration of digital business transformation. What are some of those key trends especially with respect to a I ops that you think are really poignant. >>Yeah. You know, we like to think over here that the pandemic didn't really change a whole lot, accelerated a whole lot. And so we started to see at least within the past 12 to 18 months this acceleration of moving to the cloud, you know, Gardner forecasted that I thi enterprises, large enterprises are going to be spending upwards of 300 billion um in the move to the public cloud. So that has really facilitated some of the decisions that we have made and the promises that we offer to our customers, number one, Number two, with the move to remote work and the adoption of a lot of different digital tools and uh the creation and implementation of a lot of different digital customer services. Um It has forced these enterprises whom we serve to really rethink how they provide flexibility and control to their larger enterprise. I. T. Teams that might be distributed might be working remote might be in different locations. How can they consolidate infrastructure as it gets more and more complex. So that's where ops tramp has really created the most value. So we think about two things. Number one I want to consolidate my multi cloud environments so services via AWS for example or other cloud providers. How do I bring that within? How do I bring that control within my enterprise within the context of maybe additional private cloud offerings or public cloud infrastructure. Number one. Number two how do I get control over the constant flood of alerts but I'm getting from these different digital services and tools all in one place. Um you know so we are responding to that need by for example uh implementing a really rich robust ai ops functionality within the train platform to both be able to consolidate those alerts that are coming through and really escalate the critical ones um for to allow I. T. Operations seems to be a little bit more proactive and understand how incidents are happening and giving them the ability to remediate those incidents become before they become business critical and can really shut down the internet. >>Speaking of the enterprise. I'm curious if your customer conversations have changed in level in the last 18 months as everything has become chaotic for quite a while. We're still in we've been in a hybrid cloud world for a while. We are in a hybrid workforce situation. Have you noticed an escalation up the stack in terms of the c suite of going we need to make sure that we're leveraging cloud properly financially responsibly and ensuring that we have this ability and all the services that we're delivering. >>You mean are they sweating more And are they coming to us when they're sweating more? Yeah. Yeah for sure. The short answer is yes. So let me give you a great example. Um One of our recent customers they manufacture chips microchips and what they've noticed is that number one demand has grown um due to the increase in digital transformation. Um Number two supply chains have become more constricted for them specifically so they're asking themselves. All right how can we equip our I. T. Operations teams to maintain the availability of different logistics services within our organization So that they can both maintain service availability of these different logistic logistic services um and be able to stay on deadline as much as they possibly can um during a supply chain crisis that we're facing right now. And number two how can we as we move to the cloud and we see a distribution of our workforce still be able to maintain I. T. Operation services regardless. Um That is a need in particular in particular the supply chain um constraint issue. Uh That is a need that has arisen only in the last 18 months and it is a perfect use case for ops ramp or a platform that allows you to consolidate I. T. Operations to one place and give flexibility control across a distributed environment with a number of different new digital services that have been implemented. To solve some of these challenges. >>Talk to me about Ai ops as a facilitator of that availability visibility in this hybrid world that is still somewhat chaotic. >>Yeah great question. So originally it was al gore algorithmic operations is coined by Gardner today it's artificial intelligence in its operations. So the notion there is simple right there's a lot of data coming in on throughout the I. T. Operations organization. How can we look for patterns within that data to help us understand and act more proactively. Um From an operational perspective well there are a lot of promises uh that go along with A. I. Ops that it's going to completely transform these I. T. Organizations that it's going to reduce headcount. Um We don't necessarily find that to be true. What we do find true though is that the original promise behind a IOP still exists right we need to look for patterns in the data and we need to be able to drive insights from those patterns so that is what the Ai ops feature functionality within abstract really does. It looks for patterns within alerts and helps you understand what these patterns ultimately mean. Let me give you a great example so we have different algorithms within the train platform for co occurring events or for downstream events that help us indicate, okay if a number of these events are happening across one geography or one um business service for example we can actually look for those co occurring patterns and we can see that there may be one resource or set of resources that is actually causing a bunch of these incidents for a bunch of these alerts upstream of all the actual alerts themselves. So instead of the ICTy Operations organization having to go in and remediate a bunch of different distributed alerts, they can actually look at that upstream alert and say okay that's the one that really matters, that's where I need to pay most of my attention to. Um and that's where I'm going to deploy a team or open up a ticket or escalate to I. T. S. M. Or a variety of different things because I know that these co occurring alerts are creating a pattern that's driving some insight. Um so that's just part of the overall Ops tramp Ai Ops um promise or uh you know there's there's tons more that goes along with the biopsy but we really want to take some of the load and reduce some of the alerts that these icy operations teams are having to deal with on a daily basis. >>So let's talk about how you do that from a practical perspective, is looking at some of the notes that your team provided and according to I. D. C. This was a report from asia pacific excluding Japan that 75% of global two K enterprises are going to adopt a I Ai Ops by 2023 but a lot of Ai ops projects have been built on and haven't been successful. How does abstract help change flip the script on that? >>So it really comes down to the quality of the data right? If you have a bolt on tool, you have to optimize that tool for the different data lakes or data warehouses or sources of data that exists within your operational organization. I think about multi cloud apps across the multiplied environment. So I have to optimize the data that is coming in from each of those different cloud providers onto a bolt on tool to make sure that the data that's being fed to the tool is accurate and it is a true reflection of what's going on in the operational organization. That's number one. If you look at ops tramp and the differentiation there. Um op tramp is a big data platform at its core. So you bring ops tramp in, you optimize it for your overall infrastructure mix and then the data that gets fed into the ai ops feature functionality is the same across the board. There is no further optimization. So what that means is that the insights that are being driven by the outside perhaps platform are more sophisticated, they're more nuanced, there are more accurate representation and they're probably driving ultimately better insights than sticking a tool on top of five different existing data warehouses or data lakes. >>So if you've got a customer and I'm sure that you do enterprises, as we said, going to be adopting this substantially by 2023 which is just around the corner, how do you help them sort through the infrastructure and the ecosystem that they have so that they're not bolting things on but rather they can actually really build this very intuitively to deliver that availability and the visibility that they need fast. >>Yeah, so a couple of different comments on that ways that we try to help. Number one, I think it's critical for us to understand the challenges of the modern I. T. Infrastructure environment, across different verticals, different industries. So when we walk into any of our clients, we already have a good mix of their challenges. Is it Iot? Are they dealing with a bunch of different devices at the edge, are they, you know, a telecom with uh critical incidents is incidents in the network that they need to remediate. Um Number two, we try to smooth the glide path into understanding the obscene ramp platform and promise early. So what does that mean? It means we offer a free trial of the platform itself at tried out abstract dot com, you can set up up to 1000 resources for free with an unlimited number of users for 14 days and kick the tires particularly in multi cloud monitoring and see what sorts of insights you can determine um, just within those two weeks and in fact we're, we put our cards on the table and we say you can probably see your first insights into your infrastructure within 20 minutes of setting up the abstract free trial um, and if you don't want to bring your resources, your own resources to it will even provide a collection of resources preloaded onto the platform so you can try it out yourself without having to get, you know, a bunch of approvals to load infrastructure in there. So two pieces, number one, it's this proof of concept proof of value where we try to understand the clients pain and number two, if you want to kick the tires on it yourself, we can offer that with this free trial offering. >>So what I'm hearing and that is fast time to value which in these days is absolutely essential. How does that differentiate ops ramp as a technology company and >>from your customer's perspective? Yeah, so I appreciate that. And the meantime to incite is one of the critical aspects of our product roadmap, we really want to drive down that time to value coefficient because it's what these operations teams need as complexity grows really if you take a step back right, everything is getting more complex. So it's not only the pandemic and the rise of multi cloud but it's more digital customer experience is to compete. It's the availability, it's the need of a modern enterprise to be agile. All of those things translate basically into speed and flexibility and agility. So if there's one guiding light of ops tram it's really to equip the operations team with the tools that they need to move flexibly with the business. There is a department in any modern enterprise today if they need access to the public cloud and they have a credit card they're getting on AWS right now and they are spinning up a host of services. We want to be the platform that still gives the central IT operations team some aspect of control over that with the ability with without taking away the ability of that you know siloed operations team somewhere in some geo geographic region. We want to empower them to be able to spend up that AWS service but at the same time we want to just know that exists and be able to control it. >>How can A I A facilitator of better alignment between I. T. Tops and the business as you just gave a great example of the business getting the credit card spending up services that they need for their line of business or their function and then from a cultural perspective I'm just curious how can A. I. R. S. B. A facilitator of those two groups working better together in a constantly complex environment. >>That's a great question. So imagine if I. T. Operations did more than just keep the lights on. Imagine if you knew that your I. T. Operations team could be more proactive and more productive about alerts incidents and insights from infrastructure monitoring. What that means is that you are free to create any kind of digital customer experience that you would want to drive value back to your end user. It means that no longer do you think about it? Operations is this big hodgepodge of technology that you have to spend you know hundreds of millions of dollars a year in network operations teams and centers and technologies just to keep control of right by consolidating everything down to one place one sas based platform like this it frees up the business to be able to innovate. Um You know take advantage of new technologies that come around and really to work flexibly with the needs of the business as it grows. That's the promise of a tramp. We're here to replace you know these old appliances or different management packs of tools that exists that you consistently have to add an optimized and tune to feel to to empower the operations team to act like that. Um The truth is that is that everything is SAT space now, everything is status based and when you get to the core of infrastructure, it needs to be managed to be a SAs and thats ops ramp in a nutshell, >>I like that nutshell, that's excellent. I want to know a little bit about your go to market with a W. S. Talk to me a little bit about the partnership there and where can what's your go to market like? Essentially, >>yeah, so were included in the AWS marketplace, we have an integration with a W. S um as the de facto biggest cloud provider in the world. We have to play nice with them. Um and obviously the insights that we drive on the option platform have to be insights that you need from your AWS experience. You know, it has to be similar to cloudwatch or in a lot of, in a lot of cases um it has to be as rich as the cloudwatch experience in order for you to want to use op tramp within the context of the different other multi cloud providers, so that's how abstract works. Um you know, we understand that there's a lot of AWS certified professionals who work with who work at Ops tramp, who understand what AWS is doing and who consistently introduce new features that play well with the service is the service library that AWS currently offers today. >>Got it as we look ahead to 2022 hopefully a better year than 2020 and 2021. What are some of the things that you're excited about? What are some of the things on the ops ramp road map that you can share with us? >>Yeah, so you know, the other, the other big aspect of uh the new landscape of IT operations is observe ability. We're really excited about observe ability, we think that it is the new landscape of monitoring um you know, the idea of being able to find unknown unknowns that exists within your operational stack is important to us to be able to consolidate that with the power of ai ops so that you now have machine learning on top of your ability to find unknown unknown issues. That's that's going to be super exciting for us. I know the product team is taking a hard look at how to drive hybrid, observe ability within the abstract platform. So how do we give a better operational perspective to on prem public cloud and private cloud infrastructure moving forward and how do we ingest alerts before they're even alerts? I mean that's observe ability in a nutshell, if I'm getting in and I'm checking the option platform every day, then that's a workflow that we can remove by creating a better observe ability posture within the train platform. So now the platform is going to run unsupervised right in the background um and ai apps is going to be able to take action on predictive incidents before they ever occur, that's what we're looking at in the future. You know, everything is getting more complex. We've heard this story a million times before, we want to be the platform that can handle that complexity on a massive scale, >>finding the unknown, unknowns, converting them into knowns I imagine is going to be more and more critical across every industry. Last question for you, given the culture and the dynamics of the market that we're in, are there any industries and all of trump's is seeing is really key targets for this type of technology. >>The nice thing about ops tramp is we are we are really vertical neutral, right? Any industry that has complexity and that's every industry can really take advantage of a platform like this. We have seen recent success particularly in finance manufacturing, health care because they deal with new emerging types of complexity that they are not necessarily cared for. So I think about some of our clients, some of our friends in the finance industry, you know, um as transactions accelerate as new customer experiences arise uh these are things that their operations teams need to be equipped for and that's where up tramp really drives value. What's more is that these uh these industries are also somewhat legacy, so they have a foot in the old way of doing things, they have a foot in the data center, you know, there are many financial institutions that have large data center footprint for security considerations. And so if they are living in the data center and they want to make the move to cloud, then they need something like cops ramp to be able to keep a foot in both sides of the equation, >>right, Keep that availability and that visibility. Jordan, thank you for joining me today and talking to us about ops around the capabilities that Ai ops can deliver to enterprises in any industry. The facilitation of of the I. T. Folks in the business folks and what you guys are doing with AWS, we appreciate your time. >>Absolutely lisa, thank you very much. Thanks for the great questions. If you ever need a job in corporate marketing, you seem like you're a natural fit. I'll >>call you awesome. >>Thank you >>for Jordan share. I'm lisa martin, You're watching the AWS startup showcase.

>>Welcome back to HP discover 2021 the virtual version. My name is Dave Volonte and you're watching the cube. We're here with Manav said Donna, who is the global head of sales and market development for cognitive business operations at Tata consultancy services Tcs. And we're gonna dig in to digital transformation and take a deeper dive into the customer journeys. Welcome Manav, >>thank you. Dave, thank you for inviting me to this. Uh appreciate and looking forward to have an intriguing dialogue. You Me too. >>Me too. I mean we talk about digital transformation all the time prior to the pandemic. You know, a lot of it was kind of buzz wordy um and there's a lot of complacency around it. But as we know if you weren't digital during the pandemic you're out of business but people were forced into it. They were rushed into I called the force marched the digital so you really didn't have time to be planned full. And now people are stepping back and saying, okay now we have an opportunity to get digital right and put that in air quotes. How do you think about digital transformation? What do you mean by that? >>Okay, see I think uh the way we look at it at this, yes, I will, I will probably take a step back where in um while the digital transformation has been in play, not just over the last year since the pandemic began, but um even before then uh where the shift uh in the customer organization that we have been seeing is largely from being product centric to be purpose centric, wherein the whole focus of the entire existence is to be able to serve the purpose for their consumers, their customers and so on and so forth. And and if you look at it, for example, total energies right? The looking to sell or produce fuel. They are looking to be responsible energy company producing, reliable, affordable and clean energy for the consumers. Right? Similarly, there are other examples damaged shipyards who are looking to be more of a maritime solutions provider rather than just a shipbuilding company. Uh, so, so what's really happening when the purpose is being the driving force behind any organizations agenda or even reason of existence? That purpose is actually the driving force also followed the digital transformation. That is basically shifting the pace of the way businesses are looking to drive consumer experiences, time to market and so on, so forth. Right? And if you see our we launched our new brand positioning in the last quarter, that's building on belief and and that's basically centered around this whole purpose driven mindset. What that means is that we believe that and then the technology is enabling digital transformation are going to be the pillar of the whole shift of the re imagination of the business models wearing businesses are coming together across industries and driven by the key goal of serving the customer in terms of driving the enhanced experience rather than just selling a product. So that's basically is really happening. And having said that now in the last year or so, what pandemic has done is basically accelerated the pace by a condom. Deep right? So so in that sense, some of the organizations that were not ready at that point, they are also kind of transformation and and and taking that leap frog, I would say so from that perspective and going by again by our brand positioning statement, building on belief, right? That's really helping towards that pretty good thing, the overall journey, three horizon business and I'll come to that in a minute, but I hope it is answering your question of what digital transformation and how pandemic has really helped it. >>I just want to get 1 um point of clarification you said and you cut out there for a second, you said go from product centric too, >>but to centric >>platform centric, got it, >>but centric >>purpose centric uh building on belief, got it. Okay, so something else you said they picked up on, you talked about um actually you know crossing industries and this is something that's new and that's enabled by digital. I want to get your thoughts on it. I mean if you look at industry structures historically, whether it's manufacturing or automotive or financial services or healthcare or media and entertainment, whatever it is, there was a value chain, there is a value chain that's built up in that business might be uh it might be R. And D. Sales and marketing, service, manufacturing, etcetera. And if you are in that industry, you largely stayed in that industry forever. And now you're seeing these, a lot of big company, a lot of big tech companies having a dual disruption agenda, not only horizontally to from a technical standpoint, but you're seeing amazon get into grocery, you know, they're they're buying studios, you're seeing your Apple get into finance. And so the enabler is data in digital and that talks to the business model re imagination that you're talking about. >>Absolutely and absolutely exactly what is happening, that's what I'm really talking about. And we are firmly believing that boundaries or those boundaries are going to be blood even more so going forward, as I took a few examples and you also talked about Apple, or or even amazon all the for example. Right, so all these technology companies are just being disrupted. So, having, having said that, that data being the new fuel at the same time, Cloud being the new er now cloud as a technology that is enabling the business model. Re imagination is not just on the outside, but also on the red side. And and that's where the boundaries are becoming so closer between edge and the cloud. And how how do we give that flexibility for to the customers, to people to adopt those digital technologies across the enterprise? Right. That's what, that's what the ship that we have been seeing. >>How do you see ecosystems playing in this? I mean it's kind of, I know it's an overused term but it seems to me to be increasingly important, its power of many versus the resources of one or a few. How do you see ecosystems driving? You know, this, this purpose driven business you talk about? >>Um very, very closely I would say, and I'll give you examples also in that sense. Right faster. Um if I talk about the journey I mentioned briefly earlier about three horizon based journey, right. The first and foremost being the setting up the digital foundation that basically could be through the combination of cloud, iOT analytics, artificial intelligence and so on so forth. Right? And then eventually moving on to re imagination of business models and then leveraging the purpose led ecosystem. Now in the Horizon one, when we are setting up the digital foundation, that is where the whole ecosystem comes into play. Where and where and if I talk about our co innovation network partners like HP, where we are working together to really bring in that flexibility for the customers, even in on premise environment, giving them that kind of uh features that they can experience also in the cloud to be really able to leverage the whole our beat at the edge or in the cloud. So that's where the kind of ecosystem coming together and and and those are also some of the challenges that we have seen that customers are facing today to be able to achieve the first horizon in that journey. The challenges like accelerated or all the time to market challenges. Like are they able to achieve the flexibility to be able to offer to the business and and challenges? Like are they able to achieve transformation at scale or is it just appointed um pointed poc sort of thing? Right so bringing the ecosystem together is able to help customers address those challenges, be it in terms of consumption driven, addressing the flexibility needs, be it in terms of the pre integrated solutions addressing the challenges related to time to market and so on and so forth. >>Can we stay on? The challenges for a minute? As I said, pre pandemic, there was a lot of complacency. We've all seen that meme of the wrecking ball coming in and kind of a tongue in cheek joke, but but the complacency is gone, so so there's there also, but still organizational challenges. It's not complacency anymore, but what's the right regime? What's the right approach? Uh everybody wants to get digital right, but a lot of people, you know, that's a do you see that as a challenge? Actually, not knowing where to prioritize it and you know, how can you help in that regard? >>Yeah, So, and I would also like to like to talk about what we have done in in certain with certain customer with challenges. Um some of the things I'll introduce TCS Cognex here, this is our platform which basically brings together the capabilities in a pre integrated uh, for, of predefined solutions accelerators of our value builders as we call it, um, for customers to be able to just integrate their environments to be able to manage the whole infrastructure or of the landscape in a completely automated and analytics driven manner. Right, so that's that's one way of addressing those challenges. What it also does is it gives that um power to the stakeholders in the organization to be able to address the key challenge of time to market because it is giving out or coming out in a pre integrated manner and be able to achieve that benefits or realize the benefits of transformation In in an accelerated time frame instead of waiting for 18-24 months, how can it be done in 3-6 months, for example. Right. That's that's that's one set and and similarly, uh if I talk about the flexibility, right, consumption driven manner is extremely, extremely important. And if I talk about hybrid cloud, so to say right today, About 1-2% of the on premise infrastructure is actually in a consumption driven manner while cloud is always gonna consumption to a manner. The trends that we're seeing is that by next year about minimum 15% of the on premise infrastructure in a hybrid cloud environment will be about or will be delivering a consumption-driven manner and and that's what is going to address the various the opportunity as well as the challenge to address that particular aspect of flexibility and that's where the ecosystem with the likes of us, teachers and HP coming together to provide solutions that are addressing those needs of our consumers. >>And when you talk about the consumption driven, obviously talking about things like HP Green Lake, that's a model that enables that kind of consumption model. You know, I feel like, I mean, I feel like that's kind of table stakes to be honest with, you, pointed out 1 to 2% of it. I said wow, clouds been around for a long time and now, but now we're seeing the rapid adoption 15% and we're also seeing, I mean I think I'll give H PE some props on this because they've got their whole company behind it, but there has to be a complimentary shift in the mindset of OK, we're not now selling boxes anymore and I think HP has done a pretty good job of this. They've made some announcements recently to that effect. They're doing an HPC. We just saw some storage announcements, so it's no longer, hey, here's a box to sell it and this is where a company like Tcs comes to play. You, you've, you've never had that box mentality, you have a solutions mentality and so, so the industry is moving in a very rapid pace now. My question is, are the customers ready for it? Are they ready for it? Because they have the cloud experience, are they ready for it on prem and what do they need to do to get ready for that? >>See um, to answer your first question already and what really is the trigger point for them being ready? The answer is yes. Okay. Um, I would say a large percentage of the customer base was ready even before pandemic, but pandemic has really made it even more prominent in the customer and that has become a need. We are seeing so many customers today. I mean, uh, in my global role, I'm seeing across industries and across markets right from north America to Australia Japan. We're in, we're in the need for having consumption. Everyone is even at on premise while cloud is definitely there, but even at on premise is so much so that really is the trigger um, at the same time now what is really driving that trigger apart from pandemic is to be able to offer that flexibility to their business. Businesses are basically reimagining, reimagining their whole uh where they are reaching out to their customers, where they are expanding into the newer markets and the speed is extremely, extremely important and that's what is really being the whole consumption, let's >>peel the onion on that. Somebody asked me this the other day why why as reserves. I said the same thing, flexibility and they're like, yeah, okay, but give me some examples. And so I said, well, first of all, they're paying by the drink. So it's a much fairer for the customer model instead of okay, charge them for what they're not even going to use or what they might use for a day or two or a month. The other is experimentation. It just seems to me that in the digital world you got to fail fast, You don't know, you don't know what, you don't know. And so these consumption models allow you to spin up experiments very quickly and cheaply and only pay for what you use is, am I, am I getting that right? >>Absolutely, Absolutely. And and and that that's exactly what the model is, that we as uh as a partner together, that we are offering. Only one thing that I would want to highlight here is, um while that's the foundation, as I said, it is setting up the digital foundation, giving the customers the flexibility. And if I talk about example, uh one of our british large, I am who really is leveraging this technology for them to be able to bring more resilience and boring traing and scales departments uh to be able to, you know, on the manufacturing line and ultimately driving to the sales value chain. So those are the things that are happening. And you took an example of basically talked about consuming purely as a service what you use. This model is basically expanding everywhere very recently. I mean I saw an out of bicycle as a service. I mean instead of buying a new bicycle, I'm just able to get one bicycle, you use it for a month, return it back to the to the owner to be able to use it only when I need it, let's say for example, so that's what is really happening even in the digital transformation, I just needed for a time basis for a particular purpose. I served that purpose, ultimately driving the business resilience, agility and then ultimately serving that purpose. Yeah, >>I think I'd love your thoughts on this. I think the real opportunity here is to for for technology companies like HP. E working with TCS to create a layer I called a layer that spans on prem name your favorite cloud or multiple clouds goes across clouds goes out to the edge. That's a layer that that hides all the underlying complexity. You're going to take care of that for me uh because it's complicated. No question about it, the bigger the universe gets, the more complicated gets. But as as a customer, I want to hide that complexity because I don't want people doing plumbing, I want people focus on on strategic initiatives and that to me, seems to be the killer app, if you will of infrastructure in the future. Is that that abstraction layer? Do you see it that way? >>Absolutely. And that's where the easiest Cognex comes into play very strongly. Right? As I said earlier, it's basically it said actually uh an air driven human machine collaboration suite. So what that really means, it is bringing together the capabilities from analytics to ai with our machine first principles and and really giving that obstructing player in a pre integrated manner from edged right up to the cloud and bringing it all together for the customers. So that that's exactly what how we are really helping the customers, um a team that, again, addressing those challenges of exploration, time to market flexibility and more importantly unifying the entire landscape into one single view if I am a C I O, or if I am a CFO, I want to see what is important to me, rather than going through multiple different dashboards support, so to say, Right, so that's what pieces Cognex, there's an important role in obstructing everything and presenting, identified you and in a draft formed service delivery model for the customers. >>So the history of TCS is pretty amazing. You guys have, I mean, the, the ascendancy of the company over the decades is actually so, so impressive now and your relationship with HP and now, of course, HP goes back, I think it goes back to the 90s. Maybe you could talk a little bit about that relationship, where it's come from, how it's evolving and where you want to see it going. >>So I think it's a um uh when you go back so long, right? Uh the only way you're able to sustain that long relationship when there is a value that we have been able to deliver to each other, and more importantly, the value that we have been able to deliver to our customers, right? And that has always been the, the mantra of the whole relationship and that continues to be going forward as well. So, so in that regard, I mean, while I would rather focus more on the future, history is definitely good, but I think going forward, um the kind of work that we're doing together to be able to solve some of our customers globally across the base across the industries is extremely valuable, both to us as well as two HP, I'm sure. And and that's where we are really looking to have uh, providing real value to our customers, not just from the technology perspective, ultimately elevating that value. How do we help them solve the business problems and not just the technology solutions? >>Well, I think we've learned that that's the 11 big thing we learned from the cloud is if you just shove all your stuff in the cloud lifted and shifted it. So what, uh, it's that operating model that you talked about earlier, that really is how you, you, you drop, you know, if you're a large company, you're talking about billions, uh, to the bottom line, not, you know, hundreds of thousands or millions, but that's, that's a game changer. I'll give you a final word enough. >>Absolutely. Absolutely. I mean, as they said, I think, um, I hope I would not end up repeating my mistake, but, but that, um, solving the business problems, leveraging technology and, and irrespective of the location where the technology is based being on edge or on the cloud. It's the whole model of addressing the customer demands and the customers need is extremely, extremely important. So that's that's what the whole mantra is and that's what is really were driving us forward together in the journey, >>major shifts in industry. Digital is is the driver and and Manav. Thanks so much for being on the cube. Really appreciate your time. >>Sure, thank you. Thank you for having me >>And thanks for being with us for HP Discover 2021 the virtual version. You're watching the Cube, the leader in digital tech coverage. Keep it right there.

>>Welcome back to HP discover 2021 the virtual version. My name is Dave Volonte and you're watching the cube. We're here with Manav said Donna, who is the global head of sales and market development for cognitive business operations at Tata consultancy services Tcs. And we're gonna dig in to digital transformation and take a deeper dive into the customer journeys. Welcome Manav, >>thank you. Dave, thank you for inviting me to this. Uh appreciate and looking forward to have an intriguing dialogue. You Me too. >>Me too. I mean we talk about digital transformation all the time prior to the pandemic. You know, a lot of it was kind of buzz wordy um and there's a lot of complacency around it. But as we know if you weren't digital during the pandemic you're out of business. But people were forced into it. They were rushed into I called the force marched to digital so you really didn't have time to be planned full. And now people are stepping back and saying, okay now we have an opportunity to get digital right and put that in air quotes. How do you think about digital transformation? What do you mean by that? >>Okay. See I think uh the way we look at it at this, yes, I will, I will probably take a step back where in um while the digital transformation has been in play, not just over the last year since the pandemic began, but um even before then uh where the shift in the customer organization that we have been seeing is largely from being product centric to be purpose centric wearing the whole focus of the entire existence is to be able to serve the purpose for their consumers, their customers and so on and so forth. And and if you look at it, for example, total energies right? The looking to sell or produce fuel, they are looking to be responsible energy company producing, reliable, affordable and clean energy for the consumers. Right? Similarly, there are other examples damaged shipyards who are looking to be more of a maritime solutions provider rather than just a shipbuilding company. Uh, so, so what's really happening when the purpose is being the driving force behind any organizations agenda or even reason of existence? That purpose is actually the driving force also followed the digital transformation. That is basically shifting the pace of the way businesses are looking to drive consumer experiences time to market and so on, so forth. Right? And if you see our we launched our new brand positioning in the last quarter, that's building on belief and and that's basically centered around this whole purpose driven mindset. Uh, what that means is that we believe that and the technology is enabling digital transformation are going to be the pillar of the whole shift of the re imagination of the business models where in businesses are coming together across industries and driven by the key goal of serving the customer in terms of driving the enhanced experience rather than just selling a product. So that's basically is really happening. And having said that now in the last year or so, what pandemic has done is basically accelerated the pace by a condom leap. Right? So, so in that sense, some of the organizations that were not ready at that point, they are also kind of transformation and and and taking that leap frog, I would say so from that perspective and going by again by our brand positioning statement, building on belief, right? That's really helping towards that pretty good thing, the overall journey, three horizon business and I'll come to that in a minute, but I hope it is answering your question of what digital transformation and how pandemic has really helped it. >>I just want to get 1 um point of clarification you said and you cut out there for a second, you said go from product centric too, >>but to centric >>platform centric, got it, >>but centric >>purpose centric uh building on belief, got it. Okay, so something else you said they picked up on, you talked about um actually you know crossing industries and this is something that's new and that's enabled by digital. I want to get your thoughts on it. I mean if you look at industry structures historically, whether it's manufacturing or automotive or financial services or healthcare or media and entertainment, whatever it is, there was a value chain, there is a value chain that's built up in that business might be uh it might be R. And D. Sales and marketing, service, manufacturing, etcetera. And if you are in that industry, you largely stayed in that industry forever. And now you're seeing these, a lot of big company, a lot of big tech companies having a dual disruption agenda, not only horizontally to from a technical standpoint, but you're seeing amazon get into grocery, you know, they're they're buying studios, you're seeing your Apple get into finance, and so the enabler is data and digital and that talks to the business model re imagination that you're talking about. >>Absolutely and absolutely exactly what is happening, that's what I'm really talking about. And we are firmly believing that boundaries or those boundaries are going to be blood even more so going forward as I took a few examples and you also talked about Apple, or or even amazon all the for example. Right, so all these technology companies are just being disrupted. So, having, having said that, that data being the new fuel at the same time, cloud being the new er now cloud as a technology that is enabling the business model re imagination is not just on the outside, but also on the edge side. And and that's where the boundaries are becoming so closer between edge and the cloud. And how how do we give that flexibility for to the customers to be able to adopt those digital technologies across the enterprise? Right. That's what, that's what the ship that we have been seeing. >>How do you see ecosystems playing in this? I mean it's kind of, I know it's an overused term but it seems to me to be increasingly important, its power of many versus the resources of one or a few. How do you see ecosystems driving? You know, this, this purpose driven business you talk about? >>Um very, very closely I would say, and I'll give you examples also in that sense. Right faster. Um if I talk about the journey I mentioned briefly earlier about three horizon based journey, right? The first and foremost being the setting up the digital foundation that basically could be through the combination of cloud, iOT analytics, artificial intelligence and so on, so forth. Right? And then eventually moving on to re imagination of business models and then leveraging the purpose let ecosystem Now in the Horizon one when we are setting up the digital foundation that is where the whole ecosystem comes into play. Where and where and if I talk about our co innovation network partners like HP, where we are working together to to really bring in that flexibility for the customers even in on premise environment, giving them that kind of uh features that they can experience also in the cloud to be really able to leverage the whole our beat at the edge or at the clouds. So that's where the kind of ecosystem coming together and and and those are also some of the challenges that we have seen that customers are facing today to be able to achieve the first horizon in that journey. The challenges like accelerated or or the time to market challenges. Like are they able to achieve the flexibility to be able to offer to the business and and challenges? Like are they able to achieve transformation at scale or is it just appointed um pointed poc sort of thing? Right. So bringing the ecosystem together is able to help customers address those challenges, be it in terms of consumption driven, addressing the flexibility needs be it in terms of the pre integrated solutions addressing the challenges related to time to market and so and so forth. >>Can we stay on the challenges for a minute? As I said, pre pandemic. There was a lot of complacency. We've all seen that meme of the wrecking ball coming in and kind of a tongue in cheek joke, but but the complacency is gone, so so there's there also, but still organizational challenges. It's not complacency anymore, but what's the right regime, what's the right approach? Uh everybody wants to get digital right, but a lot of people, you know, that's a do you see that as a challenge? Actually not knowing where to prioritize it and you know, how can you help in that regard? >>Yeah, So, and I would also like to like to talk about what we have done in in certain with certain customer with challenges. Um, some of the things I'll introduce TCS Cognex here, this is our platform which basically brings together the capabilities in a pre integrated uh, for of predefined solutions accelerators of our value builders as we call it, um, for customers to be able to just integrate their environments to be able to manage the whole infrastructure or of the landscape in a completely automated and analytics driven manner. Right, so that's that's one way of addressing those challenges. What it also does is it gives that um power to the stakeholders in the organization to be able to address that key challenge of time to market because it is giving out or coming out in a pre integrated manner and be able to achieve that benefits or realize the benefits of transformation In in an accelerated time frame instead of waiting for 18-24 months, how can it be done in 3-6 months, for example. Right, that's that's that's one set and and similarly, uh if I talk about the flexibility, right, consumption driven manner is extremely, extremely important. And if I talk about hybrid cloud, so to say right today, about 1 to 2% of the on premise infrastructure is actually in a consumption driven manner while cloud is always gonna consumption driven manner, The trends that we're seeing is that by next year about minimum 15% of the on premise infrastructure in a hybrid cloud environment will be about or will be delivering a consumption-driven manner and that's what is going to address the various the opportunity as well as the challenge to address that particular aspect of flexibility and that's where the ecosystem with the likes of us pcs and HP coming together to provide solutions that are addressing those needs of our consumers. >>And when you talk about the consumption driven, obviously talking about things like HP Green Lake, that's a model that enables that kind of consumption model. You know, I feel like, I mean, I feel like that's kind of table stakes to be honest with, you, pointed out 1 to 2% of it. I said wow, clouds been around for a long time and now, but now we're seeing the rapid adoption 15% and we're also seeing, I mean I think I'll give H PE some props on this because they got their whole company behind it, but there has to be a complimentary shift in the mindset of OK, we're not now selling boxes anymore and I think HP has done a pretty good job of this. They've made some announcements recently to that effect. They're doing an HPC. We just saw some storage announcements so it's no longer, hey, here's a box to sell it and this is where a company like Tcs comes to play. You, you've, you've never had that box mentality, you have a solutions mentality and so, so the industry is moving in a very rapid pace now. My question is, are the customers ready for it? Are they ready for it? Because they have the cloud experience, are they ready for it on prem and what do they need to do to get ready for that? >>See um, to answer your first question already and what really is the trigger point for them being ready? The answer is yes. Okay. Um, I would say a large percentage of the customer base was ready even before pandemic, but pandemic has really made it even more prominent in the customer and that has become a need, We are seeing so many customers today, I mean, uh, in my global role, I'm seeing across industries and across markets right from north America to Australia japan. We're in, we're in the need for having consumption. Everyone is even at on premise while cloud is definitely there, but even at on premise is so much so that really is the trigger um, at the same time now what is really driving that trigger apart from pandemic is to be able to offer that flexibility to their business. Businesses are basically reimagining, reimagining their whole uh where they are reaching out to their customers where they are expanding into the nuclear markets and the speed is extremely, extremely important. And that's what is really putting the whole, let's >>peel the onion on that. Somebody asked me this the other day why why as reserves? I said the same thing, flexibility and they're like, yeah, okay, but give me some examples. And so I said, well, first of all, they're paying by the drink. So it's a much fairer for the customer model instead of okay, charge them for what they're not even gonna use or what they might use for a day or two or a month. The other is experimentation. It just seems to me that in the digital world you got to fail fast, you don't know, you don't know what, you don't know. And so these consumption models allow you to spin up experiments very quickly and cheaply and only pay for what you use is. Am I am I getting that right? >>Absolutely, Absolutely. And and and that that's exactly what the model is, that we as well as the partner together, that we are offering. Only one thing that I would want to highlight here is um while that's the foundation, as I said, it is setting up the digital foundation, giving the customers the flexibility. And if I talk about example, uh one of our british large, uh I am who really is leveraging this technology for them to be able to bring more resilience and boring the lettering and scales, departments uh to be able to, you know, on the manufacturing line and ultimately driving to the sales value chain. So those are the things that are happening. And you took an example of basically talked about consuming purely as a service. What you use. This model is basically expanding everywhere very recently. I mean I saw an out of bicycle as a service. I mean instead of buying a new bicycle, I'm just able to get one bicycle, you use it or for a month, return it back to the to the owner to be able to use it only when I need it, let's say for example, so that's what is really happening even in the digital transformation, I just need it for a time basis for a particular purpose. I served that purpose, ultimately driving the business resilience, agility and then ultimately serving that purpose. Yeah, >>I think I'd love your, your thoughts on this. I think the real opportunity here is to for for technology companies like HP, working with TCS to create a layer I called a layer that spans on prem name your favorite cloud or multiple clouds goes across clouds goes out to the edge, that's the layer that that hides all the underlying complexity. You're going to take care of that for me uh because it's complicated. No question about it, the bigger the universe gets, the more complicated gets. But as as a customer, I want to hide that complexity because I don't want people doing plumbing, I want people focus on on strategic initiatives and that's, to me, seems to be the killer app if you will of infrastructure in the future. Is that that abstraction layer? Do you see it that way? >>Absolutely. And that's where the easiest Cognex comes into play very strongly. Right? As I said earlier, it's basically it said actually uh an air driven human machine collaboration suite. So what that really means, it is bringing together the capabilities from analytics to ai with our machine first principles and and really giving that obstructing layer in a pre integrated manner from edged right up to the cloud and bringing it all together for the customers. So that that's exactly what how we are really helping the customers, um a team that again, addressing those challenges of exploration, time to market flexibility and more importantly unifying the entire landscape into one single view. If I am a C I O, or if I am a CFO, I want to see what is important to me, rather than going to multiple different dashboard support so to save. Right? So that's where pieces Cognex plays an important role in obstructing everything and presenting that unified do and in a transformed service delivery model for the customers. >>So the history of TCS is pretty amazing. You guys have, I mean, the, the ascendancy of the company over the decades is actually so, so impressive. Now in your relationship with HP and now, of course, HP goes back, I think it goes back to the 90s, maybe you could talk a little bit about that relationship, where it's come from, how it's evolving and where you want to see it going. >>So I think it's uh, when you go back so long, right? Uh the only way you're able to sustain that long relationship when there is a value that we have been able to deliver to each other, and more importantly, the value that we have been able to deliver to our customers, right? And that has always been the, the mantra of the whole relationship and that continues to be going forward as well. So, so in that regard, I mean, while I would rather focus more on the future, history is definitely good, but I think going forward, um the kind of work that we're doing together to be able to solve some of our customers globally across the base across the industries is extremely valuable, both to us as well as two HP, I'm sure, and that's where we are really looking to have uh, providing real value to our customers, not just from the technology perspective, ultimately elevating that value. How do we help them solve the business problems and not just the technology solutions? >>Well, I think we've learned that that's the 11 big thing we learned from the cloud is if you just shove all your stuff in the cloud lifted and shifted it. So, what, um, it's that operating model that you talked about earlier, that really is how you, you you drop, you know, if you're a large company, you're talking about billions to the bottom line, not hundreds of thousands or millions, but that's that's a game changer. I'll give you a final word enough. >>Absolutely, Absolutely. I mean, as they said, I think, um, I hope I will not end up repeating my mistake, but, but that, um, solving the business problems, leveraging technology and, and irrespective of the location where the technology is based being on edge or on the cloud. It's the whole model of addressing the customer demands and the customers need is extremely, extremely important. So that's that's what the whole mantra is and that's what is really driving us forward together in the journey. >>Major shifts in industry digital is is the driver and and Manav thanks so much for being on the cube. Really appreciate your time. >>Sure, thank you. Thank you for having me >>And thanks for being with us for HP Discover 2021 the virtual version. You're watching the Cube, the leader in digital tech coverage. Keep it right there. >>Mhm.

>>Welcome back to the cubes coverage of dr khan 2021 virtual. I'm john for a host of the cube. Got a great cube segment here at Donnie Bergholz, VP of products at Docker Industry veterans, seeing all the ways of innovation now uh had a product that dr dani great to see you. >>It's great to see you again to john >>hey, great program this year, Dr khan almost pushing the envelope again. Just the world's changed significantly over the past few years in this past year has been pretty crazy last year were virtual at the beginning of the pandemic, the watershed moment. Dr khan 2020 you know, with virtual event and then share action packed keynote track, uh four tracks run share build accelerate, you got a cube track, you've got live hits. Uh, community rooms global, huge growth in the developer community around Docker Kubernetes is now well understood by everyone and the general consensus is everyone's in production with it moving like a fast train cloud natives at the center of the action coupons, very operational operators. Dr khan's very development focus. So this is a key developer event really in the CNC F cloud native world. What's going on the process? Give us the update? >>Yeah. And I think you made a fantastic point there, john which is the developer focus. Uh, I joined dr back in october of last year and one of the first things that I did was make sure that we were going out there listening to our customers, having a lot of fresh conversations with them and using those as the core product strategy as we were talking to customers. What we learned fell into three big buckets around building sharing and running modern applications. So we've used those to create our product strategy which is based on solving problems that our customers and developers using Docker care about rather than lot of product strategies that I've come across as an analyst and as a leader on the enterprise side, which are very much feature factory driven of like here's the thing we can ship it, what kind of shove it in your face and try and sell it to you. So I'm really excited about what we're doing a doctor by delivering things that are developers really care about based on problems that they have told us are really valuable to solve problems that when we win, we went together and so we're focused on helping developers really accelerate their application delivery. So what are we doing? There's so much stuff and you know, if you've seen the keynote already, you'll see more and more of that. We announced for really big things and a lot of smaller things as well, um things like uh doctor verified publisher program which brings more trusted content. Um the doctor deV environments that help teams collaborate more effectively, um dr desktop on apple silicon bringing environments to the latest and greatest of machines that everybody is trying to get ahold of. Especially now that cps are harder to come by. Uh uh as well as uh some of those little things like scoped personal access tokens, which makes it easier for people to use a Ci pipeline without having to give it full right privileges and be concerned that if they get hacked, if the sea acrobatic it's hacked, then they get hacked to we're trying to help them defend against those kinds of cases. >>It's funny you made me think of the eye with the apple silicon comment, the supply chain threats that you've seen in hardware. And even here I'm hearing the word kicked around just in the CTO of doctor used the word supply chain, software supply chain. So again, you bring up this idea of supply chain, you mentioned trust. I can almost see the dots connecting, you know, in real time out in the audience out there saying, okay, you've got trust supply chain hardware, software, containers, there's no perimeter and clouds. You have to have a kind of unit level security. This is kind of a big deal. Can you just unpack this trend? Because this is a security kind of anywhere kind of not going to use a buzzword, but like supply chain actually hits home here. Like talk about that. What? All wise all this means? >>Yeah, I think Doctor is in a really interesting position in terms of how development teams and enterprises are adopting it, because it's been around for long enough that enterprises have come to trust Docker and it's really gotten in there in a way that a lot of brand new technologies have not. And yet we're still pushing the boundaries of innovation at the same time. So when when we think about where dr fits in for developers, we've got dr official images, which are probably adopted the default for anything you're going to do in a container. You go and get a doctor official image and start doing it. But then what Right? You pulling a bunch of those, you start building applications, you start pulling other libraries, you build your own code on top, um, on your DEV environment where you're probably running doctor desktop to do so. And so we've got content coming from a trusted source, we've got dr running on the developer laptop and then we've got everything else like where else does it go from there? Uh, and so there's a ton of um, both problem and opportunity to help bring all that complex kind of spaghetti pipeline mess together and help provide people with the path of they can have confidence in while they're doing so. It's interesting because it's different for developers than it is for option. Security teams very, very different in terms of what they care about. >>So talk about the automation impact because I can see two things happening. One is the trusted environment, more containers everywhere. And then you have more developers coming on board. Right? So actually more people writing code, not just bots, machines and humans. So you have more people flooding in writing code, more containers everywhere that need to be trusted? What's the impact to the environment? What's the but how do you, how does develop experience get easier and simpler when that's happening? >>We see that as you get more and more content, The tail, the long tail continues to extend, right, more and more community generated third party content. People publishing their own applications on Docker hub and all across the Internet. And that makes the importance of being able to discover things that you can trust that you can incorporate without worrying about what might be there all the more important. So we've got dr official images today, we announced the doctor verified publisher program. All these are things that we're doing to try and make it easier for developers to find the good stuff to use it and not worry about it and just move on with their lives. >>What's your vision and what's your, what stalkers take on the collaboration aspect of coding? I think it's one of the key themes here. Where does that fit in? What's the story with collaboration? >>Yeah, we see this as an area that really has been left behind around the adoption of containers, the adoption of kubernetes, the focus has been so much on that pipeline and that path and production and production container orchestration where we watched the generation of kubernetes arise and most of the vendors in the space, we're doing some kind of top down infrastructure deal right selling to the VP of Ops or something along those lines. Um and so the development of those applications really was left by the wayside because that's not a problem that the VP of us cares about, but it's a very interesting problem as we think about dr being focused on developers now to help those teams collaborate because no application is built in a closet. Every single application that is built is built in partnership with other developers, with product managers, with designers, all these people who need to somehow work together to review not only the source code, but the application as a whole. >>What does the product? Um, Evolution looked like as Justin Cormack and I were talking about, you know, developer productivity, the simplification containers as a P. I. S. What is the, what is the priority? How, how do you look at that? Because the securities front and center and a variety of security partners here in the ecosystem. Where's the priorities on the road map? You can, if someone asked you, hey Donnie, what's the bottom line? What's the product strategy? >>Yeah, our priority is the team. First and foremost, it is not optimizing for the single developer, it is optimizing for that team working together effectively. We feel that that is a very underserved audience of that developer team as a unit. Um, if you look at everybody in the container space, like I said, they're all kind of focused on operations, production, cloud environments, not on that team. And so we see that as a great opportunity to solve really important problems that nobody else is doing a great job of solving today. >>I gotta ask you on the team formation is the general consensus. Also in a lot of my interviews here at dr khan and outside in the industry, is that the, the monolithic organization building monolithic applications certainly has been disrupted. Certainly the engineering teams now look like they're going to be into end workloads, full visibility and to end with an s sorry, on the team, everyone kind of built in these teams. We kind of platform engineering flexing in between. So you don't have that kind of like silent organization certainly has been discussed for well, but this seems to be the standard. Now, what's your take on this and is that what you mean by teams that could you share your view on how people are organizing teams? Because certainly get hub and a lot of other leaders are saying, yeah, we see the same way these teams have, you know, threaded leaders and or fully baked team members inside these teams. >>Yeah, we definitely see that team as a cross functional team. It's not, you know, your your old world, we might have been like, you've got the development team here, you've got the QA team here, you've got the operations team there. It's completely not that it's that team is it's got developers on it. If there are dedicated testers or software engineers and test their on it, if they need to have a devops person or an SRE there on it as well, it's all part of the same team and that team is building on top of the platforms that are exposed by other teams. And that's the big shift that I think has been in the works for probably a decade at this point has been that kind of rotation of responsibilities that you used to be, that DEV's owned the DEV environment and DEV test and ops owned Prod and everything about PROd and now it's much more that there are platforms that span every environment and there's a platform team responsible for each one of those components that delivers it in a self service way. And then there are teams that build on top of that that own their application all the way from development through to production, they support it there on call for it. This is how we work internally, our development teams in our product development teams, I should say, because they're cross functional, really take ownership for their applications and it's it's a super powerful imperative. It gives people the ability to iterate much more quickly by taking away a lot of those gatekeepers. And it's it's the same thing as a matter of fact, when I was at an enterprise before I joined dr it's the same thing we did. A big part of our strategy was creating these self service platforms so that product teams could move quickly. >>Remember I interviewed during the QB was awesome. Great concept. Go back to look at that tape. That's not exactly not tape, it's on disk, but Great. Great concept. Let me ask you one more question on that because one of the things that's clear that's coming out even in the university areas Engineering DeVOPS has now brought in much more of a focus of the SRE that used to be an ops role but now becomes becoming developer. I mean it's DEVOPS, as you said, it's been going on for a while over a decade now it's much more clear that this s. R. Re engineering role is key. So with that I've always thought Doctor and containers is a perfect integration tool capability. I mean why not? I mean that's one of the benefits of containers as you allow, you can contain arise things. So if you play out what you just said about the team's integration is huge. Talk about how you see that evolving as a product person. >>Yeah. I think as you say, the integration is huge. Um You know, one way that I look at it is that the application itself or the service itself is defined by either a container or a set of containers. Um And the product development team cares about what's inside of that set of containers up and to that container layer or that group of containers layer. Whether that's the doctor file with its containers. Docker compose those kinds of things and then there might be a platform team responsible for running a great kubernetes environment, whether they're using a cloud platform or in house and they care about everything outside of the containers, up to the containers as that interface. Uh So when we think about those focuses, like Docker is all about that application in words. Um And a lot of the more production oriented containers vendors are container outwards. So it's very different when we think about the kinds of problems we want to solve. It's about making that application definition really easy and portable and enabling a clean handoff to SRE teams who may be responsible for running that Apple product. >>You brought up trusted content, trusted containers, modern applications earlier. What does trusted containers mean to you? I mean that's I mean obviously means security built in but there's a lot of migration there with containers, containers coming in and out of clusters all the time. They're being orchestrated. They're being used with state and state stateless data. What does trusted content mean? >>No. Really, for us, the focus is an interesting one because when we think about building, sharing and running applications for developers, our run means we want to give developers are great interface into the production environment. We don't want to provide the production environment. And so some of those problems are ones we deeply care about where the developers are making sure that they've got a trusted, secure, verifiable path to get the content that they are incorporating into their app all the way to production or to a point of hand off. If there is a point of hand off, once it gets to production, it becomes the problem of different products and different vendors to make it really easy for those same enterprises to effectively secure that application and project. >>What does containers is as an A P. I mean that's just docker reference classic approach or is there a new definition to containers as a piece? Our container ap >>Yeah, I think the question becomes really interesting when you start thinking about what's inside of each one of those containers and how you might be able to use those as building blocks. Even thinking about trends that are on the rise, like Loco Noko development, how could you imagine incorporating containers or a service composed of a group of containers um, into one of those kinds of contexts to do so you have to have a clean ap that you can define and published in support of how a different component would interface with every one of those containers. What are the ports? What are the protocols? What are the formats? Every one of those things is important to creating an API >>So I gotta ask you don? T put you on the spot because you've been on many, many sides of the table, analyst Docker, you've been at an enterprise doing some hardcore devops. If I'm a customer out there and say I'm a classic main street enterprise. Hey Donnie, I'm putting my teams, we're kicking ass. We've been kicking the tires, been in the cloud pandemics, giving us a little lift, we know it to double down on, we feel good about where we're going. Um, but I got a couple clouds out there. I'm all in on one. I got another one going, but I'm going hybrid all the way. I don't even know what multi cloud is yet, but hybrid means edge and ultimately distributed computing. What do I do? What's the doctor Playbook, What do you, what do you say to me? How do you keep me calm and motivated? Yeah, >>I think, you know, the reality is like you say every company is going to be running in multiple different environments. Um It's probably not the same application in multiple environments and different apps and they've gotten to a place maybe accidentally as different business units are different functions started picking different clouds of their choice and getting them there. But in the end of it, like the company as a whole has to figure out how do I support that and how do I make it all work together effectively and deal with all the different, not just levels of expertise in these different environments, but the different levels of performance and latency to expect as you have applications that may need to run across all those, um you know, I used to work in the travel industry and you might have somebody trying to book a flight and that's but you know, bouncing across a cloud to a data center, to a different cloud, to a service provider and on back and you can imagine very quickly, how do you solve for those latency problems that we know are correlated to user experience and in an e commerce kind of context correlated with revenue because people balance if they can't get a good response, it's complicated. The fact is it's just it's a hard problem to solve. Um containers can definitely help solve part of that by providing a consistent platform that lets you take your applications from place to place. That lets you build a consistent set of expertise so that, you know, a container here is like a container, there is like a container over there um And work with those in a fairly consistent way. But there's always going to be differences. I think it's very dangerous to assume that because you have a container in multiple places, it's going to provide the same levels of guarantees. And we had a lot of these conversations back in the early 2010s when private cloud was really starting to pick up steam and we said Oh let's make compatible storage layers. Uh And it was true to a point you could provide api compatibility but you had to run as hard as you could to keep up with the changes and you couldn't provide the same level of resiliency, You couldn't provide the same level of data protection, you couldn't provide the same level of performance and global footprint and all those provide what what does the A. P. I mean to a developer using it. It's all of those things regardless of whether they're in an api spec somewhere. >>That's a great call out looking at the how things are moving so fast and you just got to keep up. It's almost like you want some peace, peace time kind of philosophy. So I gotta ask you as you look at the landscape again, you've got a unique perspective running product over a docker which puts you at the front lines and looking at the whole marketplace as as a whole cloud native. But you also been an analyst. I got to ask you what does success look like because as the world changes that it's not always obvious until you see it. And then you know that success and then some people are trying different approaches. How do you tell the winners from the losers or the better approaches versus the ones that struggle? Is there a pattern that you're seeing emerge from the pandemic as a team is a tech? What's the, what's the pattern of success that you see? Development teams and organizations deploying that's working and what's a sign of bad things? >>Yeah, I think, you know, one of the biggest patterns is the ability to iterate quickly and learn fast. You know, if there's nothing else that you can do, you just think about what are those basic principles that let you be Agile? Not as a development team. Agile is a company getting from those ideas and that customer feedback all the way through the loop. To build that thing, tested with your customers before you ship it, get it out there. Maybe you do some kind of a modern deployment practice to decrease your risk as you're doing so right. It's Canary, it's rolling, releases its blue green, all those things Right? How do you d risk, how do you experiment while you're doing so and how do you stay agile so that you're able to provide customer value as fast as possible? Almost every failure pattern that you see is one that happens because you're not listening to your customers effectively and often enough and you're not iterating quickly enough so you're building in a direction that is not what they wanted or needed, >>you know, looking at Dr khan 2021 this year, look at the calendar, the cube tracks in there, which I'm excited to do a bunch of coverage on. It's always fun. But you got the classic build share run, which is the ethos of Doctor, but you get a new track called accelerate, there is an acceleration coming out of the pandemic more than ever. Um it's been pretty cool. I mean you're seeing a lot more action in all areas but talk about the acceleration with containers and what you what you're seeing on the landscape side of the industry and how that's impacting customers. What specifically is this acceleration really all about? >>Yeah, when I think about what acceleration means to me, it's about how do you avoid building things, avoid finding things that you don't need to spend your time on? How can you pick things up? Incorporate those into your workflows, incorporate those into your applications that you don't have to build it yourself right, you can accelerate every time you want to accelerate. Its because somebody else built something that you can then reuse and build on top of whether its application components, whether that's SAs or apps, developer services, whether that's pre integrated pipelines. So you've already got plug ins and tools that work every one of those things as an accelerator, A lot of them are delivered by all kinds of different vendors all over the map. And so if they don't integrate well together, if there aren't open A. P. S, if there aren't pre integrated offerings, it's not gonna be an accelerator is gonna be exactly the opposite. It's going to be I want to get this thing in, let me bring in five or six different consulting teams to start trying to piece all this stuff together. Big, big slow down. So the pretty integrated solutions, the open A. P. S. Those are the kinds of things that really are going to accelerate people. >>I can't I can't agree with you more on this whole slowdown thing. And one of the hardest things to do is insert new team members are new kind of rules and process into kind of already accelerated momentum, which is hard. This is a hard new kind of a cloud native dynamic, which is scale and speed are critical, right? So it's one of those things that's actually benefit. But if you don't rein it in a little bit, how do you balance that? What's your advice to folks? This is, this is a common problem. I mean, it could get away from you. It's on one hand, but if you slow down too much, it's a gridlock and you, you misfire. What's your thoughts on this? >>Yeah, that, that balance of scale and speed. Um, and it definitely is a balance there. You know, I think there's always a danger of over architect ng for your current state of reality. Um, and you know, one of the things that I've learned over the years is, you've got to, you got to scale your process and scale your architecture to where you're at and where you're going to be soon, if you start Designing for five years, 10 years down the road, um it's going to slow you down in the short term and you might never get to where you thought you were going to be in five or 10 years. You've got to build for where you're at, built for where you're going soon, you're not gonna go for the future. And this is, it ties into these ideas like evolutionary architecture, like how do you build in a way that makes change easy because, you know, things are always going to change. Um, you know, some of the recent trends around things like project product playing so well to this, right? It's not like a project team comes together and builds the solution and then walks away and the solution works untouched for years or decades. Instead, it's it's that agile approach of is a product team there long lived. They own what they're building and they support it and they continue to enhance it, going forward to improve their ability to meet their customers needs over time. >>Yeah, and I think that's a super important point. The magical product team that just scales infinitely by itself while you're sleeping is different. Again, the team formation is an indicator of that. So, I think this whole agility going to the next level really is all about, you know, a series of these teams. Micro micro teams. Microservices, I mean, again, monolithic applications yielded monolithic organizations. >>Microservices >>brings in kind of this open source ethos, this new hate to use the term to Pizza team because it's an Amazonian thing, but it kind of applies here, Right? So you got to have these teams. I had to focus and to end and take ownership of that, whether it's product, platform or project at the end of the day, you're still serving customers. Final question for you on. Well, I got you here. I know end user experience you brought this up earlier. This is a huge important piece. I think last year, you and I talked about this briefly in our interview as developers come to the front lines of the business, some of them all don't have M B A. S and that always, you know, going to business school and some of the best engineers shouldn't go to business school in my opinion, But but you know, they have to learn the vernacular of complex topics, understand quality, get bring craft into the software more and more developers on the front lines closer and closer to the customer as they go direct. This is a huge change from just 5, 10 years ago. What's your thoughts on this? And what do you tell people when when they say hey donnie what how should I ah posture to the customer? What can I do to get better? What do you say to that? >>Yeah it's a great question. Um and it's one that I think a lot of companies are struggling to solve. How do we bring developers closer to the customers? And what does that mean? One of the things that we do regularly at Dr is we bring our developers along on customer interviews. So our product managers are constantly out there, you know kind of beating the virtual street, talking to developers talking to customers. Um and regularly they'll bring developers on the same team along. This is super valuable in helping our developers really build an understanding of the customers are building for, right. It may not even be about that specific thing that they're building on that one day. Um but it's about understanding the customer's needs and really making that something that is internalized in the way they think about how do they solve problems? How do they design solutions? How do they do? So in a way that is much more likely to resonate with the customers. Um Do they have an NBA? No, but where do you start? You gotta start somewhere? You start by bringing people into the conversation, so we don't expect them to lead an interview. We expect them to come along, learn and ask questions. And what happens so often is that people with, you know, the business in other companies might say yeah, developers, they're just these tech people will just like give him a set of requirements and they'll deliver stuff. Um but bring them along for the ride and letting them interact with the customers that are using their product is an amazing and exciting experience for developers. We hear consistently just super excited, treat back. >>It's clearly the trend. I mean one of the best, the best performing teams have the business and developers working together. It's really interesting phenomenon. I think it's going to change the makeup of taking that and to end approach to a whole nother level dani. Great to have you on. Great to see you final question. Um take a minute to put a plug in for the product team over there. What are you working on? What are you most excited about? Give a quick plug? >>You know, I am super excited about what we're doing in both trusted content and around team collaboration. Um I think both of those are just going to be amazing. Amazing opportunities to improve how developers are working on their microservices. It's so fragmented, it's so complicated that helping make that easier is going to be really important and valuable an area for development teams to focus on. >>Uh, Dr khan 2021 Virtual, Donnie Bergholz, VP of products and Dakar, good friend of the CUBA and the industry as well. Dani, thanks for that. Great insight and sharing some gems you drop there. Thanks. >>All right. Thank you. All >>right. Dr khan coverage I'm john for your host of the cube, The Cube track here at Dakar 2021 virtual. Thanks for watching. Mhm.

>>from around the globe. It's the >>cube >>With digital coverage of IBM think 2021 brought to you by IBM. Welcome back to the cube coverage of IBM Think 2021. I'm john for the host of the cube here for virtual event Cameron Siva who's here with corporate vice president with a M. D. Uh CVP and business development. Great to see you. Thanks for coming on the cube. >>Nice to be. It's an honor to be here. >>You know, love A. M. D. Love the growth, love the processors. Epic 7000 and three series was just launched. Its out in the field. Give us a quick overview of the of the of the processor, how it's doing and how it's going to help us in the data center and the edge >>for sure. No this is uh this is an exciting time for A. M. D. This is probably one of the most exciting times uh to be honest and in my 2020 plus years of uh working in sex industry, I think I've never been this excited about a new product as I am about the the third generation ethic processor that were just announced. Um So the Epic 7003, what we're calling it a series processor. It's just a fantastic product. We not only have the fastest server processor in the world with the AMG Epic 7763 but we also have the fastest CPU core so that the process of being the complete package to complete socket and then we also the fastest poor in the world with the the Epic um 72 F three for frequency. So that one runs run super fast on each core. And then we also have 64 cores in the CPU. So it's it's addressing both kind of what we call scale up and scale out. So it's overall overall just just an enormous, enormous product line that that I think um you know, we'll be we'll be amazing within within IBM IBM cloud. Um The processor itself includes 256 megabytes of L three cache, um you know, cash is super important for a variety of workloads in the large cache size. We have shown our we've seen scale in particular cloud applications, but across the board, um you know, database, uh java all sorts of things. This processor is also based on the Zen three core, which is basically 19% more instructions per cycle relative to ours, N two. So that was the prior generation, the second generation Epic Force, which is called Rome. So this this new CPU is actually quite a bit more capable. It runs also at a higher frequency with both the 64 4 and the frequency optimized device. Um and finally, we have um what we call all in features. So rather than kind of segment our product line and charge you for every little, you know, little thing you turn on or off. We actually have all in features includes, you know, really importantly security, which is becoming a big, big team and something that we're partnering with IBM very closely on um and then also things like 628 lanes of pc I E gen four, um are your faces that grew up to four terabytes so you can do these big large uh large um in memory databases. The pc I interfaces gives you lots and lots of storage capability so all in all super products um and we're super excited to be working with IBM honest. >>Well let's get into some of the details on this impact because obviously it's not just one place where these processes are going to live. You're seeing a distributed surface area core to edge um, cloud and hybrid is now in play. It's pretty much standard now. Multi cloud on the horizon. Company's gonna start realizing, okay, I gotta put this to work and I want to get more insights out of the data and civilian applications that are evolving on this. But you guys have seen some growth in the cloud with the Epic processors, what can customers expect and why our cloud providers choosing Epic processors, >>you know, a big part of this is actually the fact that I that am be um delivers upon our roadmap. So we, we kind of do what we say and say what we do and we delivered on time. Um so we actually announced I think was back in august of 2019, their second generation, Epic part and then now in March, we are now in the third generation. Very much on schedule. Very much um, intern expectations and meeting the performance that we had told the industry and told our customers that we're going to meet back then. So it's a really super important pieces that our customers are now learning to expect performance, jenin, Jenin and on time from A. M. D, which is, which is uh, I think really a big part of our success. The second thing is, I think, you know, we are, we are a leader in terms of the core density that we provide and cloud in particular really values high density. So the 64 cores is absolutely unique today in the industry and that it has the ability to be offered both in uh bare metal. Um, as we have been deployed in uh, in IBM cloud and also in virtualized type environment. So it has that ability to spend a lot of different use cases. Um and you can, you know, you can run each core uh really fast, But then also have the scale out and then be able to take advantage of all 64 cores. Each core has two threads up to 128 threads per socket. It's a super powerful uh CPU and it has a lot of value for um for the for the cloud cloud provider, they're actually about over 400 total instances by the way of A. M. D processors out there. And that's all the flavors, of course, not just that they're generation, but still it's it's starting to really proliferate. We're trying to see uh M d I think all across the cloud, >>more cores, more threads all goodness. I gotta ask you, you know, I interviewed Arvin the ceo of IBM before he was Ceo at a conference and you know, he's always been, I know him, he's always loved cloud, right? So, um, but he sees a little bit differently than just being like copying the clouds. He sees it as we see it unfolding here, I think Hybrid. Um, and so I can almost see the playbook evolving. You know, Red has an operating system, Cloud and Edge is a distributed system, it's got that vibe of a system architecture, almost got processors everywhere. Could you give us a sense of the over an overview of the work you're doing with IBM Cloud and what a M. D s role is there? And I'm curious, could you share for the folks watching too? >>For sure. For sure. By the way, IBM cloud is a fantastic partner to work with. So, so, first off you talked about about the hybrid, hybrid cloud is a really important thing for us and that's um that's an area that we are definitely focused in on. Uh but in terms of our specific joint partnerships and we do have an announcement last year. Um so it's it's it's somewhat public, but we are working together on Ai where IBM is a is an undisputed leader with Watson and some of the technologies that you guys bring there. So we're bringing together, you know, it's kind of this real hard work goodness with IBM problems and know how on the AI side. In addition, IBM is also known for um you know, really enterprise grade, yeah, security and working with some of the key sectors that need and value, reliability, security, availability, um in those areas. Uh and so I think that partnership, we have quite a bit of uh quite a strong relationship and partnership around working together on security and doing confidential computer. >>Tell us more about the confidential computing. This is a joint development agreement, is a joint venture joint development agreement. Give us more detail on this. Tell us more about this announcement with IBM cloud, an AMG confidential computing. >>So that's right. So so what uh you know, there's some key pillars to this. One of this is being able to to work together, define open standards, open architecture. Um so jointly with an IBM and also pulling in something assets in terms of red hat to be able to work together and pull together a confidential computer that can so some some key ideas here, we can work with work within a hybrid cloud. We can work within the IBM cloud and to be able to provide you with, provide, provide our joint customers are and customers with uh with unprecedented security and reliability uh in the cloud, >>what's the future of processors, I mean, what should people think when they expect to see innovation? Um Certainly data centers are evolving with core core features to work with hybrid operating model in the cloud. People are getting that edge relationship basically the data centers a large edge, but now you've got the other edges, we got industrial edges, you got consumers, people wearables, you're gonna have more and more devices big and small. Um what's the what's the road map look like? How do you describe the future of a. M. D. In in the IBM world? >>I think I think R I B M M D partnership is bright, future is bright for sure, and I think there's there's a lot of key pieces there. Uh you know, I think IBM brings a lot of value in terms of being able to take on those up earlier, upper uh layers of software and that and the full stack um so IBM strength has really been, you know, as a systems company and as a software company. Right, So combining that with the Andes Silicon, uh divided and see few devices really really is is it's a great combination, I see, you know, I see um growth in uh you know, obviously in in deploying kind of this, this scale out model where we have these very large uh large core count Cpus I see that trend continuing for sure. Uh you know, I think that that is gonna, that is sort of the way of the future that you want cloud data applications that can scale across multi multiple cores within the socket and then across clusters of Cpus with within the data center um and IBM is in a really good position to take advantage of that to go to, to to drive that within the cloud. That income combination with IBM s presence on prem uh and so that's that's where the hybrid hybrid cloud value proposition comes in um and so we actually see ourselves uh you know, playing in both sides, so we do have a very strong presence now and increasingly so on premises as well. And we we partner we were very interested in working with IBM on the on on premises uh with some of some of the key customers and then offering that hybrid connectivity onto, onto the the IBM cloud as well. >>I B M and M. D. Great partnership, great for clarifying and and sharing that insight come, I appreciate it. Thanks for for coming on the cube, I do want to ask you while I got you here. Um kind of a curveball question if you don't mind. As you see hybrid cloud developing one of the big trends is this ecosystem play right? So you're seeing connections between IBM and their and their partners being much more integrated. So cloud has been a big KPI kind of model. You connect people through a. P. I. S. There's a big trend that we're seeing and we're seeing this really in our reporting on silicon angle the rise of a cloud service provider within these ecosystems where hey, I could build on top of IBM cloud and build a great business. Um and as I do that, I might want to look at an architecture like an AMG, how does that fit into to your view as a doing business development over at A. M. D. I mean because because people are building on top of these ecosystems are building their own clouds on top of cloud, you're seeing data. Cloud, just seeing these kinds of clouds, specialty clouds. So I mean we could have a cute cloud on top of IBM maybe someday. So, so I might want to build out a whole, I might be a cloud. So that's more processors needed for you. So how do you see this enablement? Because IBM is going to want to do that, it's kind of like, I'm kind of connecting the dots here in real time, but what's your, what's your take on that? What's your reaction? >>I think, I think that's I think that's right and I think m d isn't, it isn't a pretty good position with IBM to be able to, to enable that. Um we do have some very significant osD partnerships, a lot of which that are leveraged into IBM um such as Red hat of course, but also like VM ware and Nutanix. Um this provide these always V partners provide kind of the base level infrastructure that we can then build upon and then have that have that A P I. And be able to build build um uh the the multi cloud environments that you're talking about. Um and I think that, I think that's right. I think that is that is one of the uh you know, kind of future trends that that we will see uh you know, services that are offered on top of IBM cloud that take advantage of the the capabilities of the platform that come with it. Um and you know, the bare metal offerings that that IBM offer on their cloud is also quite unique um and hyper very performance. Um and so this actually gives um I think uh the the kind of uh call the medic cloud that unique ability to kind of go in and take advantage of the M. D. Hardware at a performance level and at a um uh to take advantage of that infrastructure better than they could in another cloud environments. I think that's that's that's actually very key and very uh one of the one of the features of the IBM problems that differentiates it >>so much headroom there corns really appreciate you sharing that. I think it's a great opportunity. As I say, if you're you want to build and compete. Finally, there's no with the white space with no competition or be better than the competition. So as they say in business, thank you for coming on sharing. Great great future ahead for all builders out there. Thanks for coming on the cube. >>Thanks thank you very much. >>Okay. IBM think cube coverage here. I'm john for your host. Thanks for watching. Mm

>>from around the globe. It's the >>cube >>With digital coverage of IBM think 2021 brought to you by IBM. Hello and welcome back to the cubes coverage of IBM Think 2021 virtual. I'm john for a year host of the cube. We're virtual this year in real life. Soon, right around the corner as we come out of code, we've got a great guest cube alumni jerry, cuomo IBM fellow V P C T O for IBM automation jerry, Great to see you uh nonsense got almost since the early days of the cube. Good to see you, >>john thrilled to be back again. Thank you >>what I love about our conversations. One is your super technical, you've got patents under your belt during the cutting edge. You've been involved in web services and web technologies for a long, long time. You constantly riding the wave and also your creator of a great podcast called the art of automation, which is the subject of this discussion as automation becomes central in cloud operations and hybrid cloud, which is the main theme of this event this year and the industry so great to see you. Uh First team is a little background for the folks that may not know you about your history with IBM and who you are. >>Yeah, so thanks john, So I'm I'm jerry Carrillo, I've been with IBM for about three decades and I started my career at IBM research in Yorktown at the dawn of the internet and I've been incredibly fortunate, as you mentioned to be on the forefront of many technology trends over the last three decades. Internet software middleware, including being one of the founding fathers of web sphere software, uh I recently helped launch the IBM Blockchain initiative and now all about aI powered automation, which actually brings me back to my roots of studying AI and graduate school. So it's kind of come full circle for me, you know, really you know, enjoying the topic. >>You know, these funny, you mentioned aI in graduate school, I was really kind of into a I when I was an undergraduate and get a masters degree in computer science, I kind of went the NBA route. But if you think about what was going on in the eighties during those systems times, a lot of the concepts of systems programming and cloud operations kind of gel well together. So you've got this confluence of computer science and engineering A. K A. Now devops sec cops coming together. This is actually a really unique time to bring back the best of the best concepts, whether it's A I and systems and computer science and engineering into the automation. Could you share your view on this because you're in a unique position, you've been there, done that now. You're on the cutting edge with your thoughts. >>Yeah, absolutely, john And just when you think of automation and time, automation is not new, literally, if you go into Wikipedia and you look up automation, you see patents and references to like steam engine regulators at the dawn of the industrial era. Right? So automation has been around and and in the simplest form automation, whether it was back then, um whether it was in the 80s or today, it's about applying technology and that that performs, that uses like technology software to perform tasks that were once exclusively done by us humans. Right? So, but now what we're seeing is a I coming into the picture and and changing the landscape in an interesting way. But I think at its essence, you know, automation is this two step dance of both eliminating repetitive, mundane tasks. That helped reduce errors and free up our time. So we get back the gift of time but also helps. It's not about taking jobs away at that point, as I said, it's a two step dance, that's step one. But if you stop there, you're not getting the full value. Step two is to augment our skills right? And and to use automation to help augment our skills and we get speed, we get quality, we get lower costs, we get improved user experience. So whether it was back in the steam engine times or today with a I automation is evolving with technology >>and it's interesting to its you know, as a student of the history of the computer industry as you are and now a creator with your podcast which we'll get to in a second, you're starting to see the intersection of these concepts are not bespoke as much as they used to be. You got transformation. Digital, transformation and innovation are connected and scale. If you think about those three concepts they don't stand alone anymore. They can stand alone but they work better together transformation. And is the innovation innovation provides cloud scale. So if you think about automation, automation is powering this dynamic of taking all that undifferentiated heavy lifting and moving the creativity and the skill set into higher integrated areas. Can you share >>your john Yeah no right on there when you talk about transformation, jeez look around us, the pandemic has made transformation and specifically digital transformation the default so everything is digital. You know whether it's ordering a pizza, you know visiting a doctor through telemedicine or or this zoom webex based workplace that we live in. But picture of telemedicine environment right? Talking about transformation and going digital With 10 x more users. They can't hire 10 x more support staff and think about it I forgot my password. Um Does does this work on my version of the Apple iphone or all of that kind of stuff? So their support desks or lit up? Right. So uh as they scale digitally automation is the relief that that comes into play which is which is just in time. Right? So the digital transformation needs automation and john I think about it like this um businesses like cars are have become computers right? So they are programmable. So automation software just like in the cars it makes you know the car self driving? I think about the Tesla model three which I recently test drove. Um so with this digital acceleration digital opens the door for automation And now we can use about a self driving business. We can use about uh maybe that's step one, right? That's the um remove repetitive work, but maybe we can actually augment business to have an autopilot so it doesn't eat us there all the time to drive. And that's the scale that you talked about. That's the scale we need. So automation is really like the peanut butter and chocolate Digital is the peanut butter, automation is the chocolate. They go well together and they produce amazing tastes. >>You know, that's a really, that's a really interesting insight and I will just put an exclamation point on that because you mentioned self driving business, you're implying, you said the computer, the business is a computer. So if you just just think about that mind blowing concept for a second, if it's a computer, what's the operating system and what's the suite of applications that are on top of it? So, Okay, let's go in the old days at a Windows machine and you had office, which is a system software, applications, software construct. Okay, If you map that to the entire company, you're talking about Red hat and IBM kind of come working together. Kind of connects the dots a little bit on what Red Hackett because they're not bring system company. So if hybrid cloud is the system mm hybrid, then you got the applications suite is all software for the That's >>right. That's right. And if you, you know, if you listen to anything these days about what IBM stands words, hybrid cloud and and think red hat as as, you know, kind of the core element of that with open shift in a I right. And both of those really matter in terms of automation and maybe I'll come back to the hybrid cloud and red hat thing in a second. Let's just talk about you know Watson and Ai, you know, which is the application and you mentioned scale, which I'm so glad you did. You know a I could help scale automation. And the trick is is that ai automation sometimes gets stuck right? It gets stuck when it's working with data that is noisy or unstructured. Right? So there's a lot of structured data in your organization and it it with that we can breeze through automation. But if there is more ambiguous data unstructured noisy, you need a human in the loop. And when you get a human in the loop, it slows things down. So what a I can start to do a I. And its subordinates, machine learning, natural language processing, computer vision. We can start to make sense of both unstructured and structured data together and we can make a big deal going forward. Right? So that's that's the way I part you mentioned Red hat and and hybrid cloud part. We'll think about it this way. When you shop, how many stores do you don't just shop in one store? Right. You you go to specialty stores to pick up that special uh ketchup, I don't know or must store and maybe do shopping another store, customers using clouds john aren't very different. You know, they have their specialty places to go. Maybe they're going to be running workloads and google involving search and a I related to search, right? And they're going to be using other clouds for more specialty things. Right? So from that perspective, that's a view of hybrid, you know, customers today, you know, take that shopping analogy, they're going to be using sales force or service Now, IBM cloud, they have a private cloud, right? So, when you think about automating that world, All right. It's the real world. It's how we shop, whether it's for groceries or for cloud, right? So the hybrid cloud is a reality. Um and how do you make sense of a high of that? Right, Because when when an average customer has five clouds, How do you deal with five things? Right. How do you make it easy normalize? And that's what red hat really >>does. It's interesting. I just just share with you the and I interviewed Arvin um who is now the ceo of IBM when he was at Red Hat some in 2019 in SAn Francisco before he made the acquisition here that I was, I was peppered with questions like you know, you need to get this cloud and he loves cloud, you know, he loves clouds. So so he was smiling, he just wanted to say it, I wanted to just say it and I think Red Hat brings that operating kind of mindset where the clouds are just subsystems in the Os >>yes of the middle >>where which is now software which is software to find business. And this kind of is the talk of your, your your views. Now you have a podcast called Art of automation. Want to get that in there for the folks watching uh search for the podcast, Art of automation. This is the stories that you tell. Tell us some stories from this phenomenon. What's the impact of automation for the holistic picture? >>Well, it starts with a lot of, I guess it starts with customers. The stories start with the customers. So we're hearing from customers that Ai and automation is where they're investing in 2021. Um for all the reasons we briefly mentioned and and IBM has a lot to offer there. So we've made a I powered automation of priority but john in the pursuit of making it a priority. I've started talking with many of our subject matter experts and was floored by their knowledge, their energy, their passion and their stories. And I said we can't keep this to ourselves, we can't keep this locked away, we have to share it, we have to let it out. So, so basically this is what started the podcast around that. And since then we've had many industry luminaries from IBM and outside, starting with customers, we had claus Jensen who is the ceo of memorial clones Kettering hospital to talk about automation and health care. And he shared great stories. You need to listen to them about. Automation is not going to take the place of doctors, but automation will help better read um x rays and look at those shades of gray on the X ray and interpret it much better than we can and be able to ingest all of the up to date medical research to provide pointers and make connections that the human may not be able to do in that moment. Right. So the two working together or better than any individual carol Poulsen recently joined me to talk and she's the C. I. O. For cooperators to talk about automation and insurance. And she had some great stories to uh so john with that a bunch of IBM great IBM fellows like Rama Agra jew, who is one of Forbes top 20 women in AI research, talking about Ai ops and also Russia near pori talking and Russia has been working on Watson since jeopardy to tell stories about ultimately now how we're teaching ai to code and all the modern programming languages and really automating application modernization and the like uh, 14 episodes in we have those under our belt, About 6000 downloads so far. So it's it's coming along pretty well. Thanks. >>Thanks for being done. Yeah. The key is your your content creator now as well as a fellow and this is the democratization, as we say, direct to audience, share those stories also here. And thank you released an e book. Tell us a little quickly about that. We've got one minute left, give a quick plug. >>The book echoes the podcast chapters relate to the, to the episodes of the book. We're dropping the first five chapters plus forward for free on the IBM website. Other chapters will become available um, and drop as they become available. The book makes the content searchable on the internet. We go into more detail with advice on how to get started. You get to hear the topics and the voice of those subject matter experts and uh I really, you know, suggest you go out and check it out. >>Alright, jerry, cuomo IBM fellow VPC T IBM automation um also a content creator podcast, art of automation, jerry. We're gonna lift it listed on our silicon angle and our cube sites. Get you some extra love on that. Love the podcast. Love the focus on sharing from experts in the field. Thanks for coming on. >>Thank you so much for having me again, john >>Okay. I'm John Fryer with the Cube here for IBM think 2021. Thanks for watching.

>> from Bahrain. It's the Q recovery AWS public sector Bahrain, brought to you by Amazon Web service is >> hello and welcome to the cube coverage here for a W s summit in by rain in the Middle East. I'm John for the host of the Cube, where here's our second year covering the evolution of cloud computing in the region. Changing the landscape of entrepreneurship Government society actually, data is the new oil so excited to have our next guest, Abdula Elmo, I kill who's the co founder and partner at rain hot. Start up with some seed funding, I think has cracked the code on the crypto money making aspect of crypto currency. Welcome to the Cube. Thank you. Thank you. So let's get started. You guys have a small team, get some seed funding. Interesting strategy on crypt. Everyone. When I see oh, kind of a fraudulent markets international, we all come and watch in the I c e o u s cramping down on it. Ah, lot of entrepreneurs love this market. A lot of innovation. You guys had a different approach and do some very innovative taking me explain what rain is doing because you've cracked the code on Crypto to Fiat. That's right, which has been the legit use case for making this all this >> Absolutely so all of the founders, the four founders? Yeah, Badawi, A. J. Nelson, Joseph Lago and I We've been in this industry for quite a while. We've been here 56 years, and we've seen all the hype cycles come and go about sometimes about Blockchain technology itself sometimes about the i c e o craze. Uh, and we've really just bought came down to what is the bit viable business model? We all were all entrepreneurs and we had looking for a new opportunity. Does with a lot of people coming into this industry with those with any innovation, lots of opportunities arise. And we've looked at the world and the world had many exchanges that were the most successful businesses in this industry. The exchanges facilitating the trade that was the most interest. That was the highest demand. That was the real use case. And we found that, um, there were exchanges popping up from around the world, but they weren't here any in the in the Middle East yet, And perhaps it was due to a regulatory, uncertain see or other difficulties of coming into this market. But Bahrain really opened up for us and we met with the Central Bank of Bahrain about three or four years ago and things really got started from there. >> And being a marketplace, you gotta have a lot of, you know, governance. It's all a lot of regulatory pressures from the folks that started. People who watch the Cube know that we've been very bullish on Krypton. We love Blockchain as an underlying technology. Yeah, that's, um, sustainability issues around Bitcoin and others. We recognize that, but in general this is a wave that cannot be denied. The moneys flow, right? So money's flowing in Kryptos, you scripted a crypto. You guys have the Fiat piece of it. So this brings on the first kind of liquidity opportunity in crypto thio. Real money? >> Yeah, absolutely. So that's our main goal is we're serving both retail and institutions and we believe there's going to be a lot of traffic from the traditional finance world, from institutions and individual investors into the crypt, a world and the opposite as well. A lot of people had challenges with taking the profits out of exchanges and withdrawing them to their bank in a regulatory compliant way. And that's really what we're solving here for the lowest fees in the region. >> But rain, once the blubbering, was to be modern society. They're going all in on cloud computing. They want to be a cloud country. They're open to new ideas. What attracted you, these guys? What made them different as it was that their vision was their posture on oversight? What was some of the things that make makes it work here? >> Well, at first it was the reception The behind central bank had a fintech unit already in in 2000 I think set a release 2017. So that was great. I think other central banks around the region and the world we're just starting. Then there was the behind fintech beh ah, dedicated working space for fintech companies here. So the ecosystem and the reception was really what attracted us at the beginning, other than knowing that Bahrain was a good financial hub for quite some time for the region. So we joined the Bahrain, um, Central banks regulatory sandbox which allowed us to experiment and test whether we can do this in a safe and secure way. And about a year and 1/2 later, uh, central bank drafted the regulations. Four crypto asset exchanges, brokerages s. So now that the regulation have got drafted and published, we graduated from the sandbox. Thankfully, and we were allowed to apply for the license shortly after we applied. We we earned the license. Thankfully. >> So what's next? What's goes on now? You do a lot of get a lot of work, A lot of coding. Gotta make sure the fintech compliance a lot of hurdles there. Yeah, I can understand that. What's now next? Got the regulation place? Yep. You'd expand. What's the plan? >> Well, we announced the license and Ah, a tte the same time, we also announced closing our seed round. So with that, we were able to grow our team the past month from, um, 8 to 9 people to 15 to 17 people now, and just more and more joining on board every day and are really our focus is growth. Now we're out of the sandbox. We don't have the limitations of the sandbox we had before, and we have banking relationships already made with different Banks s. So now we're just trying to reach out for the market. So we have grown our customer support team growing our engineering team hiring and comply a compliance officer, um, and other growth aspect. Just moving forward, >> getting up the basics of the business. That's right. What's your target audience gonna be? The inside solutions at first retail. What's the target audience? It's >> really both. It depends on what the market is providing. We've see institutional demand that has always relied on. When we spoke with institutions, they always relied on getting the license first because they don't want to operate with anyone unlike since, which makes it ah, you know, really interesting, because that means they haven't been able to get into the digital asset of crypto asset world the past few years while it's going up and down. So we we see ah, 50 50 divide most likely and what's going to be similar ratio than the rest of the world. But right now it's a lot of retail. Customers >> feel great to get your perspective here. It's even in the space. For a while, we saw the fire hype cycle go up, then the wet blanket Crypto Winter hit? Yeah, in the United States. Certainly it put a clamp down on most I CEOs. The SEC is right looking at a bunch of stars behavior, you know, Pretty Wild West is they call it, but an internationally still been pretty active even in the crypt A winter Go back, say 2018 Go back Last year on March it kind of stopped, got cold and then frosted over. Now it's been a block of ice. If you descript a winter, what's your take on it? What's the vibe? Internationally, I'll see Still money still flowing Bitcoins over 10,000 I think this morning, but still a lot of activity. Yes, some tokens have fallen away. Some are staying around. What's your assessment? >> So we've seen a lot of ah cycles. If you've been in this industry for 567 years, you'll see that we've had multiple of these winters, some of them lost, lasting longer than others on dhe. This late last one didn't didn't last as long as the one before. So what we really every time we see a ah boom, we have ah lot of media and a lot of people coming in brand new, trying to educate themselves about What is this? So we see just on everlasting cycle of just expansion on dhe. The price right now is not at the all time high, but it's still considered pretty significant at the beginning of the year was only about three or $4000. Right now it's about 10,000 and $100 for for a Bitcoin a cz with the eye CEOs. There have been a lot of concerns, rightfully so, because anyone can whip out a token and start selling it almost a security. But the central banker behind has a list of acceptable crypto assets that they will allow us to list. So right now we only have four crypto currencies are assets Bitcoin like coin ethereum and X R P. But nothing more than that at the time. And we hope to add more in the future. >> Ripples been taken some hits lately in the U. S. What about Eos and some of the other ones around the coin gets a corner, get some growth, you seeing some new things. How you guys gonna be evaluating some of these other new currencies? Is there a formula, you keep an eye on them. What's the consisted of concensus? What's that >> right? So we are agnostic to choosing the crypto asset that the color customers want to invest in it. If the central bank of behind accept this as secure liquid enough and, um, essentially time tested as well, For if it's been around for, let's say, 3 to 5 years with no network issues, then maybe retail customers can invest in it. But if it if it is just came up a brand new, we might come up. It's not time tested. Security wise, um, it hasn't gone through some certain pressures that are necessary for a network for payments are storing of value. >> So the central bank makes the decision on what they're gonna accept. What they >> listed in viable. That's right. But we we take customer input all the time. We started with just three, and then we had a lot of demand for exactly here in the region, and way listed it after getting improved. >> So we can't get Cube coin up there, can we? >> It defends the eyes that thinks he's coming. Okay, coming for two years in a row, knows >> what's coming. What's your final thoughts? The entrepreneurs out there because it's a lot of activity. This is one of those things where persistence really matters. No, your space Stay humble. Yeah, deal with these cycles because they are happening right? There is a There is a high velocity of cycles seasons, if you will, winter and summer. >> Well, I really think people should be should be more calculated to think long term with this technology. A lot of people are trying to make a quick buck or just make something, um, thinking that it's just a quick way to make money. But I really think people should educate themselves, both the entrepreneurs and the the retail investors that, uh, you know about the market about the technology so they can really see where the use cases might be of most need to the market. >> Talk about your, uh, your expansion plans. You have to to co founders in the US You're the co founders in Egypt. Is there gonna be a remote team? Is it going to be in by rain? What's the what's the hiring look like? Where's that where people will be located. >> So most of our if not all, of our customer support. Our client service agents are here in the in Bahrain. Um, we have the phone co founders now the to Joseph and a J from the Bay area there in behind as well here for the majority of the year there in the office. Now, um, the the engineering team, however, is a little scattered. Sometimes we we find we're security is a really high priority for us. It's the number one priority for us, as any Cryptocurrency exchange would be. So we re really scout talent and from the U. S. From Canada from other places around the world. Eso our engineering team is based in the Bay Area and other places in the U. S. Um, aside from Joseph, who leads it, who's the co founder here and behind. And the rest of the business and customer team is here behind. >> So really, the gating factor on hiring is making sure security's number one. So it's not so much. Get people filled in an office on the engineering front. >> No, it's definitely way. Look for high quality candidates, so that's our priority. We may be a small team, but they're all superstars. To be honest, >> what's been the biggest challenge that you guys have to overcome in this process because it's tough to get the license wasn't just being patient was. It's the diligence. What were some of the things that you overcame that were challenges? >> Well, it's it's definitely it definitely was a challenge to talk to. Ah, lot of regulators in the region. In general, Bahrain was by far the most cooperative. So right now the challenge is perhaps talking to other regulators when you talk expansion plans, we hoped we are serving the whole Middle East here from the from behind. But we'd idly, ideally want to also set up banking in Kuwait or youe or Saudi just so we can have better, quicker, on and off ramps for the customers. They're >> one of the big stories out. See Amazon Web service. It has a region here, um, pretty important. Pretty big deal. What's your take on what you think is gonna do for the region having a Amazon region multiple availability zones? What's that going to do for the entrepreneurship equation? >> I mean, it's fantastic. You see a lot of excitement here from entrepreneurs in the region and especially with regulation. How about having customer data stored here in the region? Um, it's really going to help. A lot of entrepreneurs also mitigate, You know, any downtime from hosting it in other places? >> New generation of entrepreneurship Hitting the scene here, isn't it? >> Yeah, it's really exciting. Lots of funding going around. Lots of ideas. Pretty really, really exciting for all entrepreneurs. >> Fail fast. As we always say, No one likes failure, but it takes Takes guts to start a company course. Of course. You know, thanks for coming. I appreciate it and say congratulations on your success. Thank you. Coverage Here we are in by rain for AWS summit. We're back with more after this short break.

>> live from San Francisco, celebrating 10 years of high tech coverage. It's the Cube covering Veum, World 2019 brought to you by the M Wear and its ecosystem partners. >> Welcome back to San Francisco. Day three of our coverage here on the Cube Of'em world 2019. I'm John Wall's Glad to have you here aboard for our continuing coverage here Day Volonte is also joining me, as is the sartorially resplendent Eric Herzog, cm of and vice president. Global storage channels that IBM storage. Eric, good to see you and love the shirt. Very >> nice. Thank you. Well, always have a wine shirts when I'm on the Cube >> I love in a long time Cuba to we might say, I'm sure he's got the record. Yeah, might pay. Well, >> you and pattern, neck and neck. We'll go to >> the vault. And well, >> since Pat used to be my boss, you know, couch out a path. >> Well, okay. Let the little show what IBM think. Maybe. Well, that's OK. Let's just start off a big picture. We're in all this, you know. Hybrid. Multilingual. This discussion went on this week. Obviously, just your thoughts about general trends and where the business is going now supposed to wear? Maybe we're 23 years ago. Well, the >> good thing is for IBM storage, and we actually came to your partner and titty wiki Bond when our new general manager, Ed Walsh, joined. And we came and we saw Dave and John at the old office are at your offices, and we did a pitch about hybrid multi cloud. Remember that gave us some feedback of how to create a new slide. So we created a slide based on Dave's input, and we were doing that two and 1/2 years ago. So we're running around telling the storage analyst Storage Press about hybrid multi cloud based on IBM storage. How weaken transparently move data, things we do with backup, Of course. An archive. You've got about 450 small and medium cloud providers. Their backup is a service engine. Is our spectrum protect? And so we talked about that. So Dave helped us craft the slide to make it better, because he said, we left a couple things >> out that Eric >> owes you. There were a few other analysts I'm sure you talked to and got input, but but us really were the first toe to combine those things in your in your marketing presentations. But >> let's I'd love to get >> an update on the business. Yes, help people understand the IBM storage organization. You guys created the storage business, you know, years and years and years ago. It's a it's a you know you've got your core business, which is column arms dealers. But there's a lot of Regent IBM, the Cloud Division. You've got the service's division, but so help us understand this sort of organizational structure. So >> the IBM story division's part of IBM Systems, which includes both the mainframe products Z and the Power Server entities. So it's a server in storage division. Um, the Easy guys in particular, have a lots of software that they sell and not just mainframe. So they have a very, very large software business, as do we. As you know, from looking at people that do the numbers, We're the second largest storage software company in the world, and the bulk of that software's not running on IBM gear. So, for example, spectrum protect will back up anyone's array spectrum scale and our IBM Cloud Object storage are sold this software only software defined as the spectrum virtualized. You could basically create a J. Bader Jabo after your favorite distributor or reseller and create your honor. Rates are software, but the all of the infrastructure would actually not be ours, not branded by us. And you call us for tech support for the software side. But if you had a bad power supplier fan, you'd have to call, you know, the reseller distributor said this very robust storage software business. Obviously you make sure that was compatible with the other server elements of IBM systems. But the bulk of our storage is actually sitting connect to some server that doesn't have an IBM logo on it. So that's the bulk of our business connected to Intel servers of all types that used to include, of course, IBM Intel Server division, which was sold off to Lenovo. So we still have a very robust business in the array space that has nothing to do with working on a power machine are working on a Z machine, although we clearly worked very heavily with them and have a number of things going with him, including something that's coming very shortly in the middle of September on some new high end products that we're going to dio >> went 90 Sea Counts All this stuff. Do they >> count to give IBM credit for all the storage that lives inside of the IBM Cloud? Do you get you get credit for that or >> not get credit for that? So when they count our number, it's only the systems that we sell and the storage software that we sell. So if you look at if we were a standalone company, which would include support service made everything, some of which we don't get credit for, right, the support and service is a different entity at IBM that does that, UM, the service's group, the tech support that all goes to someone else. We don't have a new credit >> so hypothetical I don't I don't think this is the case, but let's say hypothetically, if pure storage sold an array into IBM Cloud, they would get credit for it. But if you're array and I'm sure this happens is inside of the IBM, you don't get credit for it. >> That's true interesting, so it's somewhat undercounts. Part of that is the >> way we internally count because we're selling it to ourselves. >> But that's it. >> It's not. It's more of an accounting thing, but it's different when we sell the anybody else. So, for example, we sell the hundreds of cloud providers who in theory compete with the IBM Cloud Division >> to you Get credit for that. You get credit for your own away. That's way work. But if we were standing >> on coming for, say, government, we were Zog in store and I bought the company away, we would be about a $6.3 billion standalone storage software company. That's what we would be if we were all in because support service manes. If we were our own company with our own right legal entity, just like net app or the other guys, we'd be Stanley would be in that, you know, low $6 billion range, counting everything all in. When we do report publicly, we only report our storage system because we don't report our storage software business. And as you notice a few times, our CFO has made comments. If we did count, the storage software visit would be ex, and he's publicly stated that price at least two times. Since I've been an idea when he talks about the software on, but legally we only talk about IBM storage systems. When he publicly state our numbers out onto Wall Street, that's all >> we publicly report. So, um, you're like, you're like a walking sheet of knowledge here, but I wonder if you could take the audience through the portfolio. Oh, it's vast. How should we think about it? And the names have changed. You talk about, you know, 250 a raise, whatever it is the old sand volume control. And now it's a spectrum virtualized, >> right? So take us to the portfolio. What's the current? It's free straight for. >> We have really three elements in the portfolio, all built around, if you will, solution plays. But the three real elements in the portfolio our storage arrays, storage systems, we have entry mid range and high end, just like our competitors do. We lead with all flash, but we still sell hybrid and obviously, for backup, an archive. We still sell all hard drive right for those workloads. So and we have filed blocking object just like most other guys do, Um, for an array, then we have a business built around software, and we have two key elements. Their software defined storage, and we saw that software completely stand alone. It happens, too, by the way, be embedded on the arrays. So, for example, Dave, you mentioned Spectrum virtualized that ship's on flash systems and store wise. But if you don't want our raise, we will sell you just spectrum virtualized alone for block spectrum scale for Big Big Data A. I file Workloads and IBM caught object storage, which could all of them could be bought on an array. But they also could be bought. Itjust Standalone component. Yes, there's a software so part of the advantage we feel that delivers. It's some of the people that have software defined storage, that air raid guys. It's not the same software, so for us, it's easier for us to support and service. It's easier for a stack developing have leading it. Features is not running two different pieces of software running, one that happens to have a software on Lee version or an array embedded version. So we've got that, and then the third is around modern data protection, and that's really it. So a modern data protection portfolio built around spectrum, protect and Protect Plus and some other elements. A software to find storage where we sell the software only, and then arrays. That's it. It's really three things and not show. Now they're all kinds components underneath the hood. But what we really do is we sell. We don't really run around and talk about off last race. We talk about hybrid multi cloud. Now all of our flash raise and a lot of our software defined storage will automatically tear data out, too. Hybrid multi cloud configurations. We just So we lead with that same thing. We have one around cyber resiliency. Now, the one thing that spans the whole portfolio of cyber resiliency way have cyber rebellion see and a raise. We have some softer on the mainframe called Safeguarded Copy that creates immutable copies and has extra extra security for the management rights. You've got management control, and if you have a malware ransomware attack, you couldn't recover to these known good copies. So that's a piece of software that we sell on the mainframe on >> how much growth have you seen in that in? Because he's never reveals if you've got it resonating pervasive, right, Pervasive. So >> we've got, for example, malware and ransomware detection. Also, Inspector protect. So it's taken example. So I'm going to steal from the Cube and I'm gonna ask Dave and for you, I want a billion dollars and Dave's gonna laugh at me because he used a spectrum protect. He's gonna start laughing. But if I'm the ransomware guy, what do I do? I go after your snapshots, your replicas and your backup data sets. First, I make sure I've got those under control. And then when I tell you I'm holding you for ransom, you can't go back to a known good copy. So Ransomware goes after backup snaps and replicas first. Then it goes half your primary storage. So what we do, inspector protect, for example, is we know that at Weeki Bond and the Cube, you back up every night from 11 32 1 30 takes two hours to back you up every night. It's noon. There's tons of activity in the backup data sets. What the heck is going on? We send it out to the admin, So the admin for the Cube wicky bond takes a look and says, No server failure. So you can't be doing a lot of recovery because of a bad server. No storage failures. What the heck is going on? It could be a possible mount where ransomware attack. So that type of technology, we encrypt it, rest on all of our store to raise. We have both tape and tape and cloud air gapping. I'm gonna ask you about that. We've got both types of air gapped >> used to hate tape. Now he loves my love, right? No, I used to hate it, But now I love it because it's like the last resort, just in case. And you do air gapping when you do a WR gapping with customers, Do you kind of rotate the You know, it's like, uh, you know, the Yasser Arafat used to move every night. You sleep in a different place, right? You gonna rotate the >> weird analogy? You do >> some stuff. There's a whole strategy >> of how we outlined how you would do a tape air gap, you a cloud air gap. Of course you're replicating or snapping out to the cloud anyway, so they can't get to that. So if you have a failure, we haven't known good copy, depending on what time that is, right. And then you just recover. Cover back to that and even something simple. We have data rest, encryption. Okay. A lot of people don't use it or won't use it on storage because it's often software based, and so is permanent. Well, in our D s platform on the mainframe, we can encrypt with no performance hit on our flash system products we can encrypt with no performance it on our high end store. Wise, we have four models on the two high end stores models we could encrypt with no performance penalty. So why would you not encrypt all your debt? When there's a performance penalty, you have to sort of pick and choose. My God, I got to encrypt this valuable financial data, but, boy, I really wish it wasn't so slow with us. There is no performance it when you encrypt. So we have encryption at rest, encryption at flight malware and ran somewhere detection. We've got worm, which is important, obviously, doesn't mean I can't steal from wicked Bond Cube, but I certainly can't go change all your account numbers for all your vendors. For sake. of argument, right? So and there's obviously heavily regulated industries that still require worm technology, right? Immutable on the fine, by the way, you could always if it's wormed, you could encrypt it if you want to write. Because Worm just means it's immutable. It doesn't. It's not a different data type. It's just a mutable version of that data. >> So the cyber resiliency is interesting, and it leads me to another question I have around just are, indeed so A lot of companies in this industry do a lot of D developing next generation products. I think, you know, look a t m c when you were there, you know, this >> was a lot of there. Wasn't a ton, >> of course, are a lot of patents and stuff like that. IBM does corps are a lot of research and research facilities, brainiac scientists, I want if you could talk about how the storage division takes advantage of that, either specifically, is it relates to cyber resiliency. But generally, >> yes, so as you know, IBM has got, I think it's like 12 12 or 15 research on Lee sites that that's all they do, and everyone there is, in fact, my office had to be. Akiyama didn't labs, and there's two labs actually hear. The AMA didn't research lab and the Silicon Valley lab, which is very close about five miles away. Beautiful. Almost everything. There is research. There's a few product management guys I happen, Navid desk there every once. Well, see a sales guy or two. But essentially, they're all Richard with PhDs from the leading inverse now at Al Madden and many sites, all the divisions have their own research teams there. There's a heavy storage contingent at Al Midan as an example. Same thing in Zurich. So, for example, we just announced last week, as you know, stuff that will work with Quantum on the tape side. So you don't have to worry about because one of things, obviously, that people complain about quantum computing, whether it's us or anyone else, the quantum computing you can crack basically any encryption. Well, guess what? IBM research has developed tape that can be encrypted. So if using quantum computer, whether it be IBM or someone else's when you go with quantum computing, you can have secured data because the quantum computer can't actually cracked the encryption that we just put into that new tape that was done at IBM Research. How >> far away are we from From Quantum, actually being ableto be deployed and even minor use cases. >> Well, we've got available right now in ibm dot com for Betas. So we've got several 1000 people who have been accidents in it. And entities, we've been talking publicly in the 3 to 7 year timeframe for quantum computer crap out. Should it? Well, no, because if you do the right sort of security, you don't but the power. So if you're envisioning one of my favorite movies, I robot, right where she's doing her talking and that's that would really be quantum in all honesty. But at the same time, you know, the key thing IBM is all about ethics and all about how we do things, whether it be what we do with our diversity programs and hiring. And IBM is always, you know, at the forefront of doing and promoting ethical this and ethical. Then >> you do a customer data is huge. >> Yeah, and what we do with the customer data sets right, we do. GDP are, for example, all over the world were not required by law to do it really Only in Europe we do it everywhere. And so if you're not, if you're in California, if you happen to be in Zimbabwe or you're in Brazil, you get the same protection of GDP are even though we're not legally required to do it. And why are we doing that? Because they're always concerned about customers data, and we know they're paranoid about it. We want to make sure people feel comfortable with IBM. We do. Quantum computing will end up in that same vein. >> But you know, I don't worry about you guys. I were about the guys on the other side of the fence, the ones that I worry about, the same thing Capabilities knew that was >> on, of course. And you know, he talked about it in his speech, and he talked about action on the Cube yesterday about some of his comments on the point, and he mentioned that was based on Blockchain. What he said was Blockchain is a great technology. They've got Blockchain is no. IBM is a big believer in Blockchain. We promoted all over the place and in fact we've done all kinds of different Blockchain things we just did. One announced it last week with Australia with the Australian. I think it is with their equivalent of Wall Street. We've done some stuff with Merrick, the big shipping container thing, and it's a big consortium. That's all legal stuff that was really talking about someone using it the wrong way. And he's very specific point out that Blockchain is a great technology if used ethically, and IBM is all about how we do it. So we make sure whether be quantum computing, Blockchain, et cetera, that everything we do at IBM is about helping the end users, making sure that we're making, for example, open source. As you know. Well, the number one provider of open source technology pre read had acquisition is IBM. We submit Maur into the open community. Renounce Now are we able to make some money off of that? Sure we are, but we do it for a reason, because IBM believes as day point out in this core research. Open computing is court research, and we just join the Open Foundation last week as well. So we're really big on making sure that what we do ourselves is Ethel now We try to make sure that what happens in the hands of people who buy our technology, which we can always track, is also done ethically. And we go out of our way to join the right industry. Associations work with governments, work with whatever we need to do to help make sure that technology could really be iRobot. Anyone who thinks that's not true. If you talk to your grandparent's goto, go to the moon. What are you talking about? >> What Star Trek. It's always >> come to me. Oh, yeah, >> I mean, if you're your iPhone is basically the old community. Transport is the only thing I wish I could have the transfer. Aziz. You know, >> David has the same frame us up. I'm afraid of flying, and I I felt like two million miles on United and David. He's laughs about flowers, so I'm waiting for the transport. I know that's why anymore there's a cone over here. Go stand. Or maybe maybe with a little bit of like, I'm selling my Bitcoin. No, hang on, just hold on. There's always a comeback. Not always. There could be a comeback because Derek always enjoy it as always. Thanks for the good seeing you. All right, Back with more Veum. World 2019 The Cube live in San Francisco.