>>Hey everyone. Welcome to the cubes presentation of the AWS startup showcase. This is season two, episode four, where we continue to talk with the AWS ecosystem partners, this topic, cybersecurity protect and detect against threats. I'm your host, Lisa Martin. I've got a new guest with me. Ryan Ferris joins me the VP of products and engineering at Anisha. Ryan. Welcome to the program. Great to have you. >>Thank you so much for having me. >>So let's dig right in. Why are software vendors turning to Anisha to help them address and access the nearly for over 200 billion market public sector, federal market for cloud services? What is that key event? >>Yeah, it's it. If you know anything about FedRAMP and if you've looked into it, it takes a long time to achieve Fedra. So when customers kind of go into this cold and they're from Mars and they're like, what is bed? They usually find that it's an 18 month journey, maybe a 24 month journey. And so Anisha helps shorten that journey with lower costs and faster time to market. So if you're waiting for our revenue stream from say a government entity, we can get you there faster and get you to a, a state of Fedra certified in a shorter time period. And that's the value problem. >>Faster time to value is critical for organizations. So let's look at this journey as you talked about it, what does the path to compliance look like for specifically for AWS customers with a nation and without help us understand the value add? >>Yeah. So if you're doing it without Angen or if you're just kind of doing it yourself, which some customers choose to do, then they have to go on that journey and kind of learn about three primary things. One thing is how do I just write the entire package? Like there there's a thing called an SSP or a, a system security plan. And that thing is maybe seven or 800 pages long. And you have to offer that all by yourself so you can get help with that or not. That's sort of the academic and, and, and tech writing piece of it. There's another piece of it around what does my environment look like? So as I am ruling out this Fedra solution, what are each piece in my environment that needs to be compliant with Fedra? And it's a voluminous amount of things can be either a dozen or maybe up to a hundred things that you have to tweak and change. So there's a technical deployment store here as well. And then the third thing is keeping you compliant in your AWS environment after you've achieved kind of that readiness state. So the journey does not stop once you achieve Fedra, ATO, it goes on and on and on, and Anisha helps customers kind of maintain and keep them there in that fully compliance state after achieving ATO, >>What's the timeframe for AWS customers in terms of going, alright, we realize we're going on this journey. It's challenging. We need An's help. What's the timeframe to get them actually certified. >>Yeah. We look at the timeframe between the moment you deploy and the moment you start writing about that tech, that Fedra package and when you're audit ready, and in the best case scenario, that could be a few months, right? But you're always, your mileage may vary based on kind of your application readiness and how ready you are to pursue that journey. So the fastest happy path is a few months to audit, audit an audit ready state, but then you have, you kinda have to go through a process whereby you're in the queue for Fedra. And that can kind of take maybe an extra few months, but it really is that that three month accelerated timeframe in the best case scenario, >>Got it. Three months accelerated timeframe. Are there other compliance standards that besides Fedra that you help organizations get compliance with? >>Right. So it's a great question. So FedRAMP in and of itself is just really hard to get to. It's just so many things that you have to do, but if you get to that state, it's based off of a standard called missed 853 specifically rev four, that's kind of a mouthful, but once you achieve that state, there's basically 325 controls that come along with fed moderate. And that buys you a lot of leverage in leeway in mapping and sort of crosswalking to other compliance levels. So if you achieve that state, you buy a lot of, kind of goodness with things that map to either PCI or even HIPAA or SOC two. And, and so you, you kind of get a big benefit and sort of a big bang for your buck by having achieved that, that state for Fedra. >>So from an AWS customer, talk to me about, obviously we talked about the time to value the speed with which you enable organizations to achieve compliance and, and readiness. What what's in it for me in terms of working with a nation as an AWS customer. >>Yeah. For, so for AWS specifically our stack, well, we have kind of two versions of our stack. One is meant for Azure and it's kind of cookie cutter and meant for folks that have an entrenched Azure footprint. The other is it's the majority of our market it's folks that want to in accelerator footprint in AWS. So what's in it for you is that Anan kind of presents something that looks pretty similar to a landing zone, but it's a little bit more peppered with complexity and with tuned configurations. So if you're an AWS customer and let's see you've had an environment for the last 5, 6, 7 years, we help you kind of take that environment and enhance it and become FedRAMP ready in a much faster state. And we are leveraging and utilizing a lot of native AWS core services like ECR, for example, is one we're just starting to lean into AWS inspector for bone scans, those types of things. And then kind of when you get up to that audit, ready state and through ATO, we aggregate a lot of that vulnerability information and vulnerability scanning information into a parable readable, actionable format. And most of those things, those gatherings of data are AWS specific functions that we kind of piggyback on. So we're heavily into cloud trail and, and quite heavy into kind of using the things that are already at our fingertips just by deploying into AWS. >>Yeah. Leveraging what they already are familiar with kind of meeting the customers where they are. I think these days is such an important factor to help organizations make the changes as quickly and dynamically as they need to. >>That's right. Yeah. That's perfect. Yeah. A lot of customers, you know, when, when they start on the journey, they kind of, they, they sort of uncover the, uncover the details around, well, I have an application and this application has existed for six or seven years. How do I get this thing FedRAMP ready? And what does onboarding mean to your stack? We try to make that specific step as easy as possible. So when I'm on the phone with prospects and I'm talking to 'em about embarking on a journey, I kind of get them to a mental model where they treat their application VPC or their application environment as sort of a, and we deploy a separate VPC into their, into their cloud account. And then we peer that information. It's kind of getting into the mechanics a little bit, but we try to make it as easy as possible to start doing the things that we're obliged to do for FedRAMP, for their application, like bone scans and, and operationalization of logging and things like that. And then we pull that information into our AIAN managed BPC. And I think once customers really start to understand and sort of synthesize that mental model, then they kind of have this Baha moment. They're like, oh, okay. Now I, now I really understand how your platform can accelerate this journey into a period that is no more than say two or three months of onboarding >>No more than two or three months. That's, that's a nice kind of guarantee for organizations who are you typically engaging with? Is it the CISO level or are there other folks involved in this conversation? >>Yeah, I, the CISO is probably the best persona to engage with, but it so varies from customer to customer and you never really know who's really gonna, oftentimes it's the CEO or, or sometimes it's a champion that might be the CFO or someone that's incentivized to really start getting market share for federal customers that they don't have access to. That might even be a VP of engineering that we're, that we're conversing with. But most often I think the CISO is central because the CISO of course wants to give in details of what does the staff consist of and exactly how are you helping me with this big burden of continuous monitoring that fed Fedra makes me do. And, and where, where do you fit in that story? So it's usually the CSO, >>Usually the CSO, but some of the other personas that you mentioned sounds like it's definitely a C level or at least a, an executive level conversation. >>It is. Yeah. I'll try to divide that a little bit from my persona. Like I, I run engineering and product. I'm usually dealing with a rather talking to and engaging with the CSO, but the folks that cut the check are either either the CEO or the CFO that really want to widen that kind of revenue stream that they don't have access to. And they're the real decision making personas in this deal. Now, after the decision decision is made, then, you know, they're vetting through VPs of engineering or engineering leaders or the CSO. So like the, the folks that pull the purse strings are usually, you know, the ones that are cutting the check to make this investment that is usually the CSO or rather CEO and the CFO. >>Got it. Okay. So if I'm an AWS customer and I'm on this journey for fed re certification, I've, I've been on it for a while. How do I know it's time to raise my hand or pick up the phone and call Anisha? >>Yeah. You know, some customers that we speak with have already tried to do it and maybe they've failed. Maybe they've been like 12 or 14 months into the journey. And they've said things like, we just don't know how to put the package together, or maybe they've engaged with the third party auditor. And the third party auditor has said, sorry, you guys need to go back to the drawing board or maybe they've missed a good percentage of the technical requirements and they need some consultation and advice or a cookie cutter approach. So it kind of, every journey is different when we are engaging. Sometimes folks are just coming in completely cold or maybe they failed. But the more interesting ones, and I think when we can look a little bit more like heroes are the ones that have tried it, and then a year later they come back, they come back to an, and they want that accelerated goodness. >>Do you have a favorite customer story that you think really articulates the value either from a customer who came in cold or a customer who came in after trying it on their own or with another partner for a year that you think really demonstrates the value that AIAN delivers? >>Yeah. There is a customer story that's sort of top of mind and it's, I think the guy primarily stuck in what tooling I'll anonymize the customer, but this customer kind of chose the wrong level of tooling as they embarked on their journey. And by tooling, I mean, let me get a little bit more specific here. You can't just choose any vulnerability scanner, for instance, if it's a SAS product, or if it's sending data or requests outside of your Fedra boundary, then you're gonna run into trouble. And this reference customer, or this prospect at the time kind of had a lot of friction there. So as they were bumping up against that three Pao deadline, they realized they had a lot of work to do. And we simplified that, that part of the journey substantially for them by essentially selecting and spoon feeding them and, and sort of accelerating that part of the deployment and technical journey for them. And they were very delighted by that part of it. >>When you're talking with customers who are in, in a state of, of change and fluxes, who isn't these days, we've seen the acceleration of digital transformation considerably over the last couple of years. How do you talk with them about a nation as an enabler of their digital transformation overall? >>Yeah. Digital transformation. It's a, it's a broad word. Isn't it like for, for customers that are moving from an on-prem world into the cloud world, you have this great opportunity to kind of start from scratch. And so for Anisha, we are deploying and maybe not start from scratch, but when you're moving from an on-prem environment into the cloud, your footprint, you have this really nice opportunity to embrace more of AWS core services and to kind of rebuild things, kind of make your architecture drastically improved, or like look different to be more supportable and like less operational overhead. And so when an nation presents itself as sort of this platform in a walled garden environment, some customers have this aha moment that like, if you're gonna move either a portion of your environment or a specific application to the cloud, AIAN really helps you establish that security within that boundary and that footprint in a, in a much more accelerated fashion, then if you were selecting each part of your security infrastructure and then trying to implement it by hand, and that's kind of where we shine. >>Got it. We talked about the personas that you're typically engaging with depending on the organization, but how do you help enterprise companies who say Anisha, we wanna improve DevOps efficiency. We wanna get our applications secure that are running on AWS and those that we may wanna move to AWS in the future. >>Yeah. This gets into futures a little bit, but part of our roadmap, a little bit of a, a kind of a look around the corner for our roadmap is that since we know so much about the FedRAMP environment and FedRAMP moderate and the standard called this 853, it's a really powerful security view. And it's also a really powerful compliance view. So, you know, as I was saying before that, if you achieve a lot of depth and excellence in nest 853, it buys you a lot of kind of crosswalk and applicability for SOC two and HIPAA and PCI. So for DevOps organizations and for just engineering organizations that want more pre-pro insight, there's no reason why you can't just deploy our platform and our stack in a pre fraud environment to get that security signaling such that you can catch things early and prevent maybe spillage or leakage or security issues to go into production. So one of the things that we're doing on a roadmap is a, a feature that we call compliance insights, whereby we present a frame of missed 853 RAV4 that you can deploy into any environment. And that particularly helps the DevOps role by saying, well, if I just, for example, exposed an S3 bucket to world, then I can catch that configuration, that compliance product and catch it, trap it and fix before it leaks out to. >>So you talked a little bit about kind of some of the things that are coming up on a, on the product side, what's next for Anisha, as we look at we're rounding out calendar year 22 coming into 2023, there's still so much change in the market. We've got to embrace that. What's next for the company. What can we expect from the VP of products and engineering? >>Yeah, I think in two, two big areas here, we're gonna double down on our Fedra offering offering, and just continuously improve it and improve it. We're pretty tempted to lean in more heavily to CMMC. We hear a lot about CMMC kind of on the periphery, but we just haven't quite felt the market pressure to really go after that. But there's definitely something there. And I would anticipate some offering that maps to that specific compliance that, that compliance framework. And then in the enterprise, we just month after month, we discuss more about how we can create more flexibility in our platform, such that commercial customers can get more of that goodness, and sort of more of that consolidation and time to market, particularly for small and mid-sized customers. So we'll be releasing more of those pieces of functionality in 2023 as well. >>So the commercial folks be on the lookout for that. >>Yes, absolutely. That's a huge untapped market for us. We're super excited about it and we'll be a little cagey on in our plans until we kind of get through this early availability period and then probably make a bigger splash in the first half of 2023. >>That sounds appropriate. Where can the audience go to learn more about what you guys are doing and maybe get ahead on some of those teaser that you just mentioned? >>Yeah. I think our marketing folks will push out more data sheets and marketing material on what's to come. And if you ever wanted to be part of this early availability program that I just discussed, or that I mentioned, you can always go to anan.com and ping us, and we'd be happy to have a conversation with you and we'll lift up the hood and allow you to look under there for, and just carry on the conversation around what's to come. >>All right, getting a peek of what's under the hood. That's always exciting, Ryan, thank you for joining me on this program. AWS startup showcase. We appreciate your time, your insights and a peek into what's going on at Anisha. >>Awesome. It was a pleasure. Thank you so much. >>Likewise. We wanna thank you for watching the AWS startup showcase for Ryan Ferris. I'm Lisa Martin stick right here on the, for great content coming your way. Take care.

>>Hey everyone. Welcome back to the cubes day two coverage of VMware Explorer, 22 from San Francisco. Lisa Martin, back here with you with Dave Nicholson, we have a couple of guests from VMware. Joining us, please. Welcome Jay Workman, senior director, cloud partner, and alliances marketing, and Jeff Thompson, VP cloud provider sales at VMware guys. It's great to have you on the program. >>Ah, good to be here. Thanks for having us on. >>We're gonna be talking about a really interesting topic. Sovereign cloud. What is sovereign cloud? Jeff? Why is it important, but fundamentally, what is >>It? Yeah, well, we were just talking a second ago. Aren't we? And it's not about royalty. So yeah, data sovereignty is really becoming super important. It's about the regulation and control of data. So lots of countries now are being very careful and advising companies around where to place data and the jurisdictional controls mandate that personal data or otherwise has to be secured. We ask, we have to have access controls around it and privacy controls around it. So data sovereign clouds are clouds that have been built by our cloud providers in, in, in VMware that specifically satisfy the requirements of those jurisdictions and regulated industries. So we've built a, a little program around that. We launched it about a year ago and continuing to add cloud providers to that. >>Yeah, and I, I think it's also important just to build on what Jeff said is, is who can access that data is becoming increasingly important data is, is almost in it's. It is becoming a bit of a currency. There's a lot of value in data and securing that data is, is becoming over the years increasingly important. So it's, it's not like we built a problem or we created a solution for problem that didn't exist. It's gotten it's, it's been a problem for a while. It's getting exponentially bigger data is expanding and growing exponentially, and it's becoming increasingly important for organizations and companies to realize where my data sits, who can access it, what types of data needs to go and what type of clouds. And it's very, very aligned with multi-cloud because some data can sit in a, in a public cloud, which is fine, but some data needs to be secure. It needs to be resident within country. And so this is, this is what we're addressing through our partners. >>Yeah, I, yeah, I was just gonna add to that. I think there's a classification there there's data residency, and then there's data sovereignty. So residency is just about where is the data, which country is it in sovereignty is around who can access that data. And that's the critical aspect of, of data sovereignty who's got control and access to that data. And how do we make sure that all the controls are in place to make sure that only the right people can get access to that data? Yeah. >>So let's, let's sort of build from the ground up an example, and let's use Western Europe as an example, just because state to state in the United States, although California is about to adopt European standards for privacy in a, in a unique, in a unique, unique way, pick a country in, in Europe, I'm a service provider. I have an offering and that offering includes a stack of hardware and I'm running what we frequently refer to as the STDC or software defined data center stack. So I've got NEX and I've got vs N and I've got vSphere and I'm running and I have a cloud and you have all of the operational tools around that, and you can spin up VMs and render under applications there. And here we are within the borders of this country, what makes it a sovereign cloud at that? So at that point, is that a sovereign cloud or? >>No, not yet. Not it's close. I mean, you nailed, >>What's >>A secret sauce. You nailed the technology underpinning. So we've got 4,500 plus cloud provider partners around the world. Less than 10% of those partners are running the full STDC stack, which we've branded as VMware cloud verified. So the technology underpinning from our perspective is the starting point. Okay. For sovereignty. So they, they, they need that right. Technology. Okay. >>Verified is required for sovereign. Yes. >>Okay. Cloud verified is the required technology stack for sovereign. So they've got vSphere vs. A NSX in there. Okay. A lot of these partners are also offering a multitenant cloud with VMware cloud director on top of that, which is great. That's the starting point. But then we've, we've set a list of standards above and beyond that, in addition to the technology, they've gotta meet certain jurisdiction requirements, certain local compliance requirements and certifications. They've gotta be able to address the data re data residency requirements of their particular jurisdiction. So it's going above and beyond. But to your point, it does vary by country. >>Okay. So, so in this hypothetical example, this is this country. You a stand, I love it. When people talk about Stan, people talk about EMIA and you know, I, I love AMEA food. Isn't AIAN food. One. There's no such thing as a European until you have an Italian, a Britain, a German yep. In Florida arguing about how our beer and our coffee is terrible. Right. Right. Then they're all European. They go home and they don't like each other. Yeah. So, but let's just pretend that there's a thing called Europe. So this, so there's this, so we've got a border, we know residency, right. Because it physically is here. Yep. But what are the things in terms of sovereignty? So you're talking about a lot of kind of certification and validation, making sure that, that everything maps to those existing rules. So is, this is, this is a lot of this administrative and I mean, administrative in the, in the sort of state administrative terminology, >>I I'm let's build on your example. Yeah. So we were talking about food and obviously we know the best food in the world comes from England. >>Of course it does. Yeah. I, no doubt. I agree. I Don not get that. I do. I do do agree. Yeah. >>So UK cloud, fantastic partner for us. Okay. Whether they're one of our first sovereign cloud providers in the program. So UK cloud, they satisfied the requirements with the local UK government. They built out their cloud verified. They built out a stack specifically that enables them to satisfy the requirements of being a sovereign cloud provider. They have local data centers inside the UK. The data from the local government is placed into those data centers. And it's managed by UK people on UK soil so that they know the privacy, they know the security aspects, the compliance, all of that wrapped up on top of a secure SDDC platform. Okay. Satisfies the requirements of the UK government, that they are managing that data in a sovereign way that, that, that aligns to the jurisdictional control that they expect from a company like UK cloud. Well, >>I think to build on that, a UK cloud is an example of certain employees at UK, UK cloud will have certain levels of clearance from the UK government who can access and work on certain databases that are stored within UK cloud. So they're, they're addressing it from multiple fronts, not just with their hardware, software data center framework, but actually at the individual compliance level and individual security clearance level as to who can go in and work on that data. And it's not just a governmental, it's not a public sector thing. I mean, any highly regulated industry, healthcare, financial services, they're all gonna need this type of data protection and data sovereignty. >>Can this work in a hyperscaler? So you've got you, have, you have VMC AVS, right? GC V C >>O >>CVAs O CVS. Thank you. Can it be, can, can a sovereign cloud be created on top of physical infrastructure that is in one of those hyperscalers, >>From our perspective, it's not truly sovereign. If, if it's a United States based company operating in Germany, operating in the UK and a local customer or organization in Germany, or the UK wants to deploy workloads in that cloud, we wouldn't classify that as totally sovereign. Okay. Because by virtue of the cloud act in the United States, that gives the us government rights to request or potentially view some of that data. Yeah. Because it's, it's coming out of a us based operator data center sitting on foreign soil so that the us government has some overreach into that. And some of that data may actually be stored. Some of the metadata may reside back in the us and the customer may not know. So certain workloads would be ideally suited for that. But for something that needs to be truly sovereign and local data residency, that it wouldn't be a good fit. I think that >>Perspectives key thing, going back to residency versus sovereignty. Yeah. It can be, let's go to our UK example. It can be on a hyperscaler in the UK now it's resident in the UK, but some of the metadata, the profiling information could be accessible by the entity in the United States. For example, there now it's not sovereign anymore. So that's the key difference between a, what we view as a pro you know, a pure sovereign cloud play and then maybe a hyperscaler that's got more residency than sovereignty. >>Yeah. We talk a lot about partnerships. This seems to be a unique opportunity for a certain segment of partners yeah. To give that really is an opportunity for them to have a line of business established. That's unique from some of the hyperscale cloud providers. Yeah. Where, where sort of the, the modesty of your size might be an advantage if you're in a local. Yes. You're in Italy and you are a service provider. There sounds like a great fit, >>That's it? Yeah. You've always had the, the beauty of our program. We have 4,500 cloud providers and obviously not, all of them are able to provide a data, a sovereign cloud. We have 20 in the program today in, in the country. You you'd expect them to be in, you know, the UK, Italy, Italy, France, Germany, over in Asia Pacific. We have in Australia and New Zealand, Japan, and, and we have Canada and Latin America to, to dovetail, you know, the United States. But those are the people that have had these long term relationships with the local governments, with these regulated industries and providing those services for many, many years. It's just that now data sovereignty has become more important. And they're able to go that extra mile and say, Hey, we've been doing this pretty much, you know, for decades, but now we're gonna put a wrap and some branding around it and do these extra checks because we absolutely know that we can provide the sovereignty that's required. >>And that's been one of the beautiful things about the entire initiative is we're actually, we're learning a lot from our partners in these countries to Jeff's point have been doing this. They've been long time, VMware partners they've been doing sovereignty. And so collectively together, we're able to really establish a pretty robust framework from, from our perspective, what does data sovereignty mean? Why does it matter? And then that's gonna help us work with the customers, help them decide which workloads need to go and which type of cloud. And it dovetails very, very nicely into a multi-cloud that's a reality. So some of those workloads can sit in the public sector and the hyperscalers and some of 'em need to be sovereign. Yeah. So it's, it's a great solution for our customers >>When you're in customer conversations, especially as, you know, data sovereign to be is becomes a global problem. Where, who are you talking to? Are you talking to CIOs? Are you talking to chief data officers? I imagine this is a pretty senior level conversation. >>Yeah. I it's, I think it's all of the above. Really. It depends. Who's managing the data. What type of customer is it? What vertical market are they in? What compliance regulations are they are they beholden to as a, as an enterprise, depending on which country they're in and do they have a need for a public cloud, they may already be all localized, you know? So it really depends, but it, it could be any of those. It's generally I think a fair, fairly senior level conversation. And it's, it's, it's, it's consultancy, it's us understanding what their needs are working with our partners and figuring out what's the best solution for them. >>And I think going back to, they've probably having those conversations for a long time already. Yeah. Because they probably have had workloads in there for years, maybe even decades. It's just that now sovereignty has become, you know, a more popular, you know, requirements to satisfy. And so they've gone going back to, they've gone the extra mile with those as the trusted advisor with those people. They've all been working with for many, many years to do that work. >>And what sort of any examples you mentioned some of the highly regulated industries, healthcare, financial services, any customer come to mind that you think really articulates the value of what VMware's delivering through its service through its cloud provider program. That makes the obvious why VMware an obvious answer? >>Wow. I, I, I get there's, there's so many it's, it's actually, it's each of our different cloud providers. They bring their win wise to us. And we just have, we have a great library now of assets that are on our sovereign cloud website of those win wires. So it's many industries, many, many countries. So you can really pick, pick your, your choice. There. That's >>A good problem >>To have, >>To the example of UK cloud they're, they're really focused on the UK government. So some of them aren't gonna be referenced. Well, we may have indication of a major financial services company in Australia has deployed with AU cloud, one of our partners. So we we've also got some semi blind references like that. And, and to some degree, a lot of these are maintained as fairly private wins and whatnot for obvious security reasons, but, and we're building it and building that library up, >>You mentioned the number 4,500, a couple of times, you, you referencing VMware cloud provider partners or correct program partners. So VCP P yes. So 45, 4500 is the, kind of, is the, is the number, you know, >>That's the number >>Globally of our okay. >>Partners that are offering a commercial cloud service based at a minimum with vSphere and they're. And many of 'em have many more of our technologies. And we've got little under 10% of those that have the cloud verified designation that are running that full STDC, stack >>Somebody, somebody Talli up, all of that. And the argument has been made that, that rep that, that would mean that VMware cloud. And although some of it's on IAS from hyperscale cloud providers. Sure. But that, that rep, that means that VMware has the third or fourth largest cloud on the planet already right now. >>Right. Yep. >>Which is kind of interesting because yeah. If you go back to when, what 2016 or so when VMC was at least baned about yeah. Is that right? A lot of people were skeptical. I was skeptical very long history with VMware at the time. And I was skeptical. I I'm thinking, nah, it's not gonna work. Yeah. This is desperation. Sorry, pat. I love you. But it's desperation. Right. AWS, their attitude is in this transaction. Sure. Send us some customers we'll them. Yeah. Right. I very, very cynical about it. Completely proved me wrong. Obviously. Where did it go? Went from AWS to Azure to right. Yeah. To GCP, to Oracle, >>Oracle, Alibaba, >>Alibaba. Yep. Globally. >>We've got IBM. Yep. Right. >>Yeah. So along the way, it would be easy to look at that trajectory and say, okay, wow, hyperscale cloud. Yeah. Everything's consolidating great. There's gonna be five or six or 10 of these players. And that's it. And everybody else is out in the cold. Yeah. But it turns out that long tail, if you look at the chart of who the largest VCP P partners are, that long tail of the smaller ones seem to be carving out specialized yes. Niches where you can imagine now, at some point in the future, you sum up this long tail and it becomes larger than maybe one of the hyperscale cloud providers. Right. I don't think a lot of people predicted that. I think, I think people predicted the demise of VMware and frankly, a lot of people in the VMware ecosystem, just like they predicted the demise of the mainframe. Sure. The storage area network fill in the blank. I >>Mean, Jeff and I we've oh yeah. We've been on the, Jeff's been a little longer than I have, but we've been working together for 10 plus years on this. And we've, we've heard that many times. Yeah. Yeah. Our, our ecosystem has grown over the years. We've seen some consolidation, some M and a activity, but we're, we're not even actively recruiting partners and it's growing, we're focused on helping our partners gain more, share internally, gain, more share at wallet, but we're still getting organic growth in the program. Really. So it, it shows, I think that there is value in what we can offer them as a platform to build a cloud on. >>Yeah. What's been interesting is there's there's growth and there's some transition as well. Right? So there's been traditional cloud providers. Who've built a cloud in their data center, some sovereign, some not. And then there's other partners that are adopting VCP P because of our SA. So we've either converted some technology from product into SA or we've built net new SA or we've acquired companies that have been SA only. And now we have a bigger portfolio that service providers, cloud providers, managed service providers are all interested in. So you get resellers channel partners. Who've historically been doing ELAs and reselling to end customers. They're transitioning their business into doing recurring revenue and the only game in town where you really wanna do recurring revenues, VCP P. So our ecosystem is both growing because our cloud providers with their data center are doing more with our customers. And then we're adding more managed service providers because of our SA portfolio. And that, that, that combo, that one, two punch is creating a much bigger VCP P ecosystem overall. >>Yeah. >>Impressive. >>Do you think we have a better idea of what sovereign cloud means? Yes. I think we do. >>It's not Royal. >>It's all about royalty, >>All royalty. What are some of the things Jeff, as we look on the horizon, obviously seven to 10,000 people here at, at VMwares where people really excited to be back. They want to hear it from VMware. They wanna hear from its partner ecosystem, the community. What are some of the things that you think are on the horizon where sovereign cloud is concerned that are really opportunities yeah. For businesses to get it right. >>Yeah. We're in the early days of this, I think there's still a whole bunch of rules, regulatory laws that have not been defined yet. So I think there's gonna be some more learning. There's gonna be some top down guidance like Gaia X in Europe. That's the way that they're defining who gets access and control over what data and what's in. And what's out of that. So we're gonna get more of these Gaia X type things happening around the world, and they're all gonna be slightly different. Everyone's gonna have to understand what they are, how to interpret and then build something around them. So we need to stay on top of that, myself and Jay, to make sure that we've got the right cloud providers in the right space to capitalize on that, build out the sovereign cloud program over time and make sure that what they're building to support aligns with these different requirements that are out there across different countries. So it's an evolving landscape. That's >>Yeah. And one of the things too, we're also doing from a product perspective to better enable partners to, to address these sovereign cloud workloads is where we have, we have gaps maybe in our portfolio is we're partner partnering with some of our ISVs, like a, Konic like a Forex vem. So we can give our partners object storage or ransomware protection to add on to their sovereign cloud service, all accessible through our cloud director consult. So we're, we're enhancing the program that way. And to Jeff's point earlier, we've got 20 partners today. We're hoping to double that by the end of our fiscal year and, and just take a very methodical approach to growth of the program. >>Sounds great guys, early innings though. Thank you so much for joining Dave and me talking about what software and cloud is describing it to us, and also talking about the difference between that data residency and all the, all of the challenges and the, in the landscape that customers are facing. They can go turn to VMware and its ecosystem for that help. We appreciate your insights and your time. Guys. Thank >>You >>For >>Having us. Our >>Pleasure. Appreciate it >>For our guests and Dave Nicholson. I'm Lisa Martin. You've been watching the cube. This is the end of day, two coverage of VMware Explorer, 2022. Have a great rest of your day. We'll see you tomorrow.