(upbeat electronic music) >> Welcome back to everyone, to "theCUBE's" coverage here in Seattle, Washington for Amazon Web Services Partner Marketplace Seller Conference, combining their partner network with Marketplace forming a new organization called AWS Partner Organization. This is "theCUBE" coverage. I'm John Furrier, your host. We've got great "Cube" alumni here from Zscaler, a very successful cloud company doing great work. Stelio D'Alo, senior director of cloud business development and Raveesh Chugh, VP of Public Cloud Partnerships at Zscaler. Welcome back to "theCUBE." Good to see you guys. Thanks for coming on. >> Thank you. >> Thanks having us, John. >> So we've been doing a lot of coverage of Zscaler, what a great success story. I mean, the numbers are great. The business performance, it's in the top two, three, one, two, three in all metrics on public companies, SaaS. So you guys, check. Good job. >> Yes, thank you. >> So you guys have done a good job. Now you're here, selling through the Marketplace. You guys are a world class performing company in cloud SaaS, so you're in the front lines doing well. Now, Marketplace is a procurement front end opportunity for people to buy. Hey, self-service, buy and put things together. Sounds novel, what a great concept. Great cloud life. >> Yes. >> You guys are participating and now sellers are coming together. The merger of the public, the partner network with Marketplace. It feels like this is a second act for AWS to go to the next level. They got their training wheels done with partners. Now they're going to the next level. What do you guys think about this? >> Well, I think you're right, John. I think it is very much something that is in keeping with the way AWS does business. Very Amazonian, they're working back from the customer. What we're seeing is, our customers and in general, the market is gravitating towards purchase mechanisms and route to market that just are lower friction. So in the same way that companies are going through their digital transformations now, really modernizing the way they host applications and they reach the internet. They're also modernizing on the purchasing side, which is super exciting, because we're all motivated to help customers with that agility. >> You know, it's fun to watch and again I'm being really candid and props to you guys as a company. Now, everyone else is kind of following that. Okay, lift and shift, check, doing some things. Now they go, whoa, I can really build on this. People are building their own apps for their companies. Going to build their own stuff. They're going to use piece parts. They're going to put it together in a really scalable way. That's the new normal. Okay, so now they go okay, I'm going to just buy through the market, I get purchasing power. So you guys have been a real leader with AWS. Can you share what you guys are doing in the Marketplace? I think you guys are a nice example of how to execute the Marketplace. Take us through. What are you guys offering there? What's the contract look like? Is it multi-pronged? What's the approach? What do customers get if they go to the marketplace for Zscaler? >> Yeah, so it's been a very exciting story and been a very pleasing one for us with AWS marketplace. We see a huge growth potentially. There are more than 350,000 customers that are actively buying through Marketplace today. We expect that number to grow to around a million customers by the next, I would say, five to ten years and we want to be part of this wave. We see AWS Marketplace to be a channel where not only our resalers or our channel partners can come and transact, but also our GSIs like Accenture want to transact through this channel. We are doing a lot, in terms of bringing new customers through Marketplace, who want to not only close their deals, but close it in the next few hours. That's the beauty of Marketplace, the agility, the flexibility in terms of pricing that it provides to ISVs like us. If a customer wants to delay their payments by a couple of quarters, Marketplace supports that. If a customer wants to do monthly payments, Marketplace supports that. We are seeing lot of customers, big customers, that have signed EDPs, enterprise discount plans with AWS. These are multi-year cloud commits coming to us and saying we can retire our EDPs with AWS if we transact your solution through AWS Marketplace. So what we have done, as of today, we have all of our production services enabled through AWS Marketplace. What that means for customers, they can now retire their EDPs by buying Zscaler products through AWS Marketplace and in return get the full benefit of maximizing their EDP commits with AWS. >> So you guys are fully committed, no toe on the water, as we heard. You guys are all in. >> Absolutely, that's exactly the way to put it. We're all in, all of our solutions are available in the marketplace. As you mentioned, we're a SaaS provider. So we're one of the vendors in the Marketplace that have SaaS solutions. So unlike a lot of customers and even the market in general, associate the Marketplace for historical reasons, the way it started with a lot of monthly subscriptions and just dipping your toe in it from a consumer perspective. Whereas we're doing multimillion dollar, multi-year SaaS contracts. So the most complicated kinds of transactions you'd normally associate with enterprise software, we're doing in very low friction ways. >> On the Zscaler side going in low friction. >> Yep, yeah, that's right. >> How about the customer experience? >> So it is primarily the the customer that experiences. >> Driving it? >> Yeah, they're driving it and it's because rather than traditional methods of going through paperwork, purchase orders- >> What are some of the things that customers are saying about this, bcause I see two benefits, I'll say that. The friction, it's a channel, okay, for Zscaler. Let's be clear, but now you have a customer who's got a lot of Amazon. They're a trusted partner too. So why wouldn't they want to have one point of contact to use their purchasing power and you guys are okay with that. >> We're absolutely okay with it. The reason being, we're still doing the transaction and we can do the transaction with our... We're a channel first company, so that's another important distinction of how people tend to think of the Marketplace. We go through channel. A lot of our transactions are with traditional channel partners and you'd be surprised the kinds of, even the Telcos, carrier providers, are starting to embrace Marketplace. So from a customer perspective, it's less paperwork, less legal work. >> Yeah, I'd love to get your reaction to something, because I think this highlights to me what we've been reporting on with "theCUBE" with super cloud and other trends that are different in a good way. Taking it to the next level and that is that if you look at Zscaler, SaaS, SaaS is self-service, the scale, there's efficiencies. Marketplace first started out as a self-service catalog, a website, you know, click and choose, but now it's a different. He calls it a supply chain, like the CICD pipeline of buying software. He mentions that, there's also services. He put the Channel partners can come in. The GSIs, global system integrators can come in. So it's more than just a catalog now. It's kind of self-service procurement more than it is just a catalog of buy stuff. >> Yes, so yeah, I feel CEOs, CSOs of today should understand what Marketplace brings to the bear in terms of different kinds of services or Zscaler solutions that they can acquire through Marketplace and other ISV solutions, for that matter. I feel like we are at a point, after the pandemic, where there'll be a lot of digital exploration and companies can do more in terms of not just Marketplace, but also including the channel partners as part of deals. So you talked about channel conflict. AWS addressed this by bringing a program called CPPO in the picture, Channel Partner Private Offers. What that does is, we are not only bringing all our channel partners into deals. For renewals as well, they're the partner of record and they get paid alongside with the customer. So AWS does all the heavy lifting, in terms of disbursements of payments to us, to the channel partner, so it's a win-win situation for all. >> I mean, private offers and co-sale has been very popular. >> It has been, and that is our bread and butter in the Marketplace. Again, we do primarily three year contracts and so private offers work super well. A nice thing for us as a vendor is it provides a great amount of flexibility. Private Offer gives you a lot of optionality, in terms of how the constructs of the deal and whether or not you're working with a partner, how the partner is utilizing as well to resell to the end user. So, we've always talked about AWS giving IT agility. This gives purchasing and finance business agility. >> Yeah, and I think this comes up a lot. I just noticed this happening a lot more, where you see dedicated sessions, not just on DevOps and all the goodies of the cloud, financial strategy. >> Yeah. >> Seeing a lot more conversation around how to operationalize the business transactions in the cloud. >> Absolutely. >> This is the new, I mean it's not new, it's been thrown around, but not at a tech conference. You don't see that. So I got to ask you guys, what's the message to the CISOs and executives watching the business people about Zscaler in the Marketplace? What should they be looking at? What is the pitch for Zscaler for the Marketplace buyer? >> So I would say that we are a cloud-delivered network security service. We have been in this game for more than a decade. We have years of early head start with lots of features and functionality versus our competitors. If customers were to move into AWS Cloud, they can get rid of their next-gen firewalls and just have all the traffic routed through our Zscaler internet access and use Zscaler private access for accessing their private applications. We feel we have done everything in our capacity, in terms of enabling customers through Marketplace and will continue to participate in more features and functionality that Marketplace has to offer. We would like these customers to take advantage of their EDPs as well as their retirement and spend for the multi-commit through AWS Marketplace. Learn about what we have to offer and how we can really expedite the motion for them, if they want to procure our solutions through Marketplace >> You know, we're seeing an ability for them to get more creative, more progressive in terms of the purchasing. We're also doing, we're really excited about the ability to serve multiple markets. So we've had an immense amount of success in commercial. We also are seeing increasing amount of public sector, US federal government agencies that want to procure this way as well for the same reasons. So there's a lot of innovation going on. >> So you have the FedRAMP going on, you got all those certifications. >> Exactly right. So we are the first cloud-native solution to provide IL5 ATO, as well as FedRAMP pie and we make that all available, GSA schedule pricing through the AWS Marketplace, again through FSIs and other resellers. >> Public private partnerships have been a big factor, having that span of capability. I got to ask you about, this is a cool conversation, because now you're like, okay, I'm selling through the Marketplace. Companies themselves are changing how they operate. They don't just buy software that we used to use. So general purpose, bundled stuff. Oh yeah, I'm buying this product, because this has got a great solution and I have to get forced to use this firewall, because I bought this over here. That's not how companies are architecting and developing their businesses. It's no longer buying IT. They're building their company digitally. They have to be the application. So they're not sitting around, saying hey, can I get a solution? They're building and architecting their solution. This is kind of like the new enterprise that no one's talking about. They kind of, got to do their own work. >> Yes. >> There's no general purpose solution that maps every company. So they got to pick the best piece parts and integrate them. >> Yes and I feel- >> Do you guys agree with that? >> Yeah, I agree with that and customers don't want to go for point solutions anymore. They want to go with a platform approach. They want go with a vendor that can not only cut down their vendors from multi-dozens to maybe a dozen or less and that's where, you know, we kind of have pivoted to the platform-centric approach, where we not only help customers with Cloud Network Security, but we also help customers with Cloud Native Application Protection Platform that we just recently launched. It's going by the name of the different elements, including Cloud Security Posture Management, Cloud Identity Event Management and so we are continuously doing more and more on the configuration and vulnerability side space. So if a customer has an AWS S3 bucket that is opened it can be detected and can be remediated. So all of those proactive steps we are taking, in terms of enhancing our portfolio, but we have come a long way as a company, as a platform that we have evolved in the Marketplace. >> What's the hottest product? >> The hottest product? >> In Marketplace right now. >> Well, the fastest growing products include our digital experience products and we have new Cloud Protection. So we've got Posture and Workload Protection as well and those are the fastest growing. For AWS customers a strong affinity also for ZPA, which provides you zero trust access to your workloads on AWS. So those are all the most popular in Marketplace. >> Yeah. >> So I would like to add that we recently launched and this has been a few years, a couple of years. We launched a product called Zscaler Digital X, the ZDX. >> Mm-hmm. >> What that product does is, let's say you're making a Zoom call and your WiFi network is laggy or it's a Zoom server that's laggy. It kind of detects where is the problem and it further tells the IT department you need to fix either the server on which Zoom is running, or fix your home network. So that is the beauty of the product. So I think we are seeing massive growth with some of our new editions in the portfolio, which is a long time coming. >> Yeah and certainly a lot of growth opportunities for you guys, as you come in. Where do you see Zscaler's big growth coming from product-wise? What's the big push? Actually, this is great upside for you here. >> Yeah. >> On the go to market side. Where's the big growth for Zscaler right now? So I think we are focused as a company on zero trust architecture. We want to securely connect users to apps, apps to apps, workloads to workloads and machines to machines. We want to give customers an experience where they have direct access to the apps that's hidden from the outside world and they can securely connect to the apps in a very succinct fashion. The user experience is second to none. A lot of customers use us on the Microsoft Office 365 side, where they see a lag in connecting to Microsoft Office 365 directly. They use the IE service to securely connect. >> Yeah, latency kills. >> Microsoft Office 365. >> Latency kills, as we always say, you know and security, you got to look at the pattern, you want to see that data. >> Yeah, and emerging use cases, there is an immense amount of white space and upside for us as well in emerging use cases, like OT, 5G, IOT. >> Yeah. >> Federal government, DOD. >> Oh god, tactical edge government. >> Security at the edge, absolutely, yeah. >> Where's the big edge? What's the edge challenge right now, if you have to put your finger on the edge, because right now that's the hot area, we're watching that. It's going to be highly contested. It's not yet clear, I mean certainly hybrid is the operating model, cloud, distributing, computing, but edge has got unique things that you can't really point to on premises that's the same. It's highly dynamic, you need high bandwidth, low latency, compute at the edge. The data has to be processed right there. What's the big thing at the edge right now? >> Well, so that's probably an emerging answer. I mean, we're working with our customers, they're inventing and they're kind of finding the use cases for those edge, but one of the good things about Zscaler is that we are able to, we've got low latency at the edge. We're able to work as a computer at the edge. We work on Outpost, Snowball, Snowcone, the Snow devices. So we can be wherever our customers need us. Mobile devices, there are a lot of applications where we've got to be either on embedded devices, on tractors, providing security for those IOT devices. So we're pretty comfortable with where we are being the- >> So that's why you guys are financially doing so well, performance wise. I got to ask you though, because I think that brings up the great point. If this is why I like the Marketplace, if I'm a customer, the edge is highly dynamic. It's changing all the time. I don't want to wait to buy something. If I got my solution architects on a product, I need to know I'm going to have zero trust built in and I need to push the button on Zscaler. I don't want to wait. So how does the procurement side impact? What have you guys seen? Share your thoughts on how Marketplace is working from the procurement standpoint, because it seems to me to be fast. Is that right, or is it still slow on their side? On the buyer side, because this to me would be a benefit to developers, if we say, hey, the procurement can just go really fast. I don't want to go through a bunch of PO approvals or slow meetings. >> It can be, that manifests itself in several ways, John. It can be, for instance, somebody wants to do a POC and traditionally you could take any amount of time to get budget approval, take it through. What if you had a pre-approved cloud budget and that was spent primarily through AWS Marketplace, because it's consolidated data on your AWS invoice. The ability to purchase a POC on the Marketplace could be done literally within minutes of the decision being made to go forward with it. So that's kind of a front end, you know, early stage use case. We've got examples we didn't talk about on our recent earnings call of how we have helped customers bring in their procurement with large million dollar, multimillion dollar deals. Even when a resaler's been involved, one of our resaler partners. Being able to accelerate deals, because there's so much less legal work and traditional bureaucratic effort. >> Agility. >> That agility purchasing process has allowed our customers to pull into the quarter, or the end of month, or end of quarter for them, deals that would've otherwise not been able to be done. >> So this is a great example of where you can set policy and kind of create some guard rails around innovation and integration deals, knowing if it's something that the edge is happening, say okay, here's some budget. We approved it, or Amazon gives credits and partnership going on. Then I'd say, hey, well green light this, not to exceed a million dollars, or whatever number in their range and then let people have the freedom to execute. >> You're absolutely right, so from the purchasing side, it does give them that agility. It eliminates a lot of the processes that would push out a purchase in actual execution past when the business decision is made and quite frankly, to be honest, AWS has been very accommodative. They're a great partner. They've invested a lot in Marketplace, Marketplace programs, to help customers do the right thing and do it more quickly as well as vendors like us to help our customers make the decisions they need to. >> Rising tide, a rising tide floats all boats and you guys are a great example of an independent company. Highly successful on your own. >> Yep. >> Certainly the numbers are clear. Wall Street loves Zscaler and economics are great. >> Our customer CSAT numbers are off the scale as well. >> Customers are great and now you've got the Marketplace. This is again, a new normal. A new kind of ecosystem is developing where it's not like the old monolithic ecosystems. The value creation and extraction is happening differently now. It's kind of interesting. >> Yes and I feel we have a long way to go, but what I can tell you is that Zscaler is in this for the long run. We are seeing some of the competitors erupt in the space as well, but they have a long way to go. What we have built requires years worth of R&D and features and thousands of customer's use cases which kind of lead to something what Zscaler has come up with today. What we have is very unique and is going to continuously be an innovation in the market in the years to come. In terms of being more cloud-savvy or more cloud-focused or more cloud-native than what the market has seen so far in the form of next-gen firewalls. >> I know you guys have got a lot of AI work. We've had many conversations with Howie over there. Great stuff and really appreciate you guys participating in our super cloud event we had and we'll see more of that where we're talking about the next generation clouds, really enabling that new disruptive, open-spanning capabilities across multiple environments to run cloud-native modern applications at scale and secure. Appreciate your time to come on "theCUBE". >> Thank you. >> Thank you very much. >> Thanks for having us. >> Thanks, I totally appreciate it. Zscaler, leading company here on "theCUBE" talking about their relationship with Marketplace as they continue to grow and succeed as technology goes to the next level in the cloud. Of course "theCUBE's" covering it here in Seattle. I'm John Furrier, your host. Thanks for watching. (peaceful electronic music)

(upbeat electronic music) >> Welcome back to everyone, to "theCUBE's" coverage here in Seattle, Washington for Amazon Web Services Partner Marketplace Seller Conference, combining their partner network with Marketplace forming a new organization called AWS Partner Organization. This is "theCUBE" coverage. I'm John Furrier, your host. We've got great "Cube" alumni here from Zscaler, a very successful cloud company doing great work. Stelio D'Alo, senior director of cloud business development and Raveesh Chugh, VP of Public Cloud Partnerships at Zscaler. Welcome back to "theCUBE." Good to see you guys. Thanks for coming on. >> Thank you. >> Thanks having us, John. >> So we've been doing a lot of coverage of Zscaler, what a great success story. I mean, the numbers are great. The business performance, it's in the top two, three, one, two, three in all metrics on public companies, SaaS. So you guys, check. Good job. >> Yes, thank you. >> So you guys have done a good job. Now you're here, selling through the Marketplace. You guys are a world class performing company in cloud SaaS, so you're in the front lines doing well. Now, Marketplace is a procurement front end opportunity for people to buy. Hey, self-service, buy and put things together. Sounds novel, what a great concept. Great cloud life. >> Yes. >> You guys are participating and now sellers are coming together. The merger of the public, the partner network with Marketplace. It feels like this is a second act for AWS to go to the next level. They got their training wheels done with partners. Now they're going to the next level. What do you guys think about this? >> Well, I think you're right, John. I think it is very much something that is in keeping with the way AWS does business. Very Amazonian, they're working back from the customer. What we're seeing is, our customers and in general, the market is gravitating towards purchase mechanisms and route to market that just are lower friction. So in the same way that companies are going through their digital transformations now, really modernizing the way they host applications and they reach the internet. They're also modernizing on the purchasing side, which is super exciting, because we're all motivated to help customers with that agility. >> You know, it's fun to watch and again I'm being really candid and props to you guys as a company. Now, everyone else is kind of following that. Okay, lift and shift, check, doing some things. Now they go, whoa, I can really build on this. People are building their own apps for their companies. Going to build their own stuff. They're going to use piece parts. They're going to put it together in a really scalable way. That's the new normal. Okay, so now they go okay, I'm going to just buy through the market, I get purchasing power. So you guys have been a real leader with AWS. Can you share what you guys are doing in the Marketplace? I think you guys are a nice example of how to execute the Marketplace. Take us through. What are you guys offering there? What's the contract look like? Is it multi-pronged? What's the approach? What do customers get if they go to the marketplace for Zscaler? >> Yeah, so it's been a very exciting story and been a very pleasing one for us with AWS marketplace. We see a huge growth potentially. There are more than 350,000 customers that are actively buying through Marketplace today. We expect that number to grow to around a million customers by the next, I would say, five to ten years and we want to be part of this wave. We see AWS Marketplace to be a channel where not only our resalers or our channel partners can come and transact, but also our GSIs like Accenture want to transact through this channel. We are doing a lot, in terms of bringing new customers through Marketplace, who want to not only close their deals, but close it in the next few hours. That's the beauty of Marketplace, the agility, the flexibility in terms of pricing that it provides to ISVs like us. If a customer wants to delay their payments by a couple of quarters, Marketplace supports that. If a customer wants to do monthly payments, Marketplace supports that. We are seeing lot of customers, big customers, that have signed EDPs, enterprise discount plans with AWS. These are multi-year cloud commits coming to us and saying we can retire our EDPs with AWS if we transact your solution through AWS Marketplace. So what we have done, as of today, we have all of our production services enabled through AWS Marketplace. What that means for customers, they can now retire their EDPs by buying Zscaler products through AWS Marketplace and in return get the full benefit of maximizing their EDP commits with AWS. >> So you guys are fully committed, no toe on the water, as we heard. You guys are all in. >> Absolutely, that's exactly the way to put it. We're all in, all of our solutions are available in the marketplace. As you mentioned, we're a SaaS provider. So we're one of the vendors in the Marketplace that have SaaS solutions. So unlike a lot of customers and even the market in general, associate the Marketplace for historical reasons, the way it started with a lot of monthly subscriptions and just dipping your toe in it from a consumer perspective. Whereas we're doing multimillion dollar, multi-year SaaS contracts. So the most complicated kinds of transactions you'd normally associate with enterprise software, we're doing in very low friction ways. >> On the Zscaler side going in low friction. >> Yep, yeah, that's right. >> How about the customer experience? >> So it is primarily the the customer that experiences. >> Driving it? >> Yeah, they're driving it and it's because rather than traditional methods of going through paperwork, purchase orders- >> What are some of the things that customers are saying about this, bcause I see two benefits, I'll say that. The friction, it's a channel, okay, for Zscaler. Let's be clear, but now you have a customer who's got a lot of Amazon. They're a trusted partner too. So why wouldn't they want to have one point of contact to use their purchasing power and you guys are okay with that. >> We're absolutely okay with it. The reason being, we're still doing the transaction and we can do the transaction with our... We're a channel first company, so that's another important distinction of how people tend to think of the Marketplace. We go through channel. A lot of our transactions are with traditional channel partners and you'd be surprised the kinds of, even the Telcos, carrier providers, are starting to embrace Marketplace. So from a customer perspective, it's less paperwork, less legal work. >> Yeah, I'd love to get your reaction to something, because I think this highlights to me what we've been reporting on with "theCUBE" with super cloud and other trends that are different in a good way. Taking it to the next level and that is that if you look at Zscaler, SaaS, SaaS is self-service, the scale, there's efficiencies. Marketplace first started out as a self-service catalog, a website, you know, click and choose, but now it's a different. He calls it a supply chain, like the CICD pipeline of buying software. He mentions that, there's also services. He put the Channel partners can come in. The GSIs, global system integrators can come in. So it's more than just a catalog now. It's kind of self-service procurement more than it is just a catalog of buy stuff. >> Yes, so yeah, I feel CEOs, CSOs of today should understand what Marketplace brings to the bear in terms of different kinds of services or Zscaler solutions that they can acquire through Marketplace and other ISV solutions, for that matter. I feel like we are at a point, after the pandemic, where there'll be a lot of digital exploration and companies can do more in terms of not just Marketplace, but also including the channel partners as part of deals. So you talked about channel conflict. AWS addressed this by bringing a program called CPPO in the picture, Channel Partner Private Offers. What that does is, we are not only bringing all our channel partners into deals. For renewals as well, they're the partner of record and they get paid alongside with the customer. So AWS does all the heavy lifting, in terms of disbursements of payments to us, to the channel partner, so it's a win-win situation for all. >> I mean, private offers and co-sale has been very popular. >> It has been, and that is our bread and butter in the Marketplace. Again, we do primarily three year contracts and so private offers work super well. A nice thing for us as a vendor is it provides a great amount of flexibility. Private Offer gives you a lot of optionality, in terms of how the constructs of the deal and whether or not you're working with a partner, how the partner is utilizing as well to resell to the end user. So, we've always talked about AWS giving IT agility. This gives purchasing and finance business agility. >> Yeah, and I think this comes up a lot. I just noticed this happening a lot more, where you see dedicated sessions, not just on DevOps and all the goodies of the cloud, financial strategy. >> Yeah. >> Seeing a lot more conversation around how to operationalize the business transactions in the cloud. >> Absolutely. >> This is the new, I mean it's not new, it's been thrown around, but not at a tech conference. You don't see that. So I got to ask you guys, what's the message to the CISOs and executives watching the business people about Zscaler in the Marketplace? What should they be looking at? What is the pitch for Zscaler for the Marketplace buyer? >> So I would say that we are a cloud-delivered network security service. We have been in this game for more than a decade. We have years of early head start with lots of features and functionality versus our competitors. If customers were to move into AWS Cloud, they can get rid of their next-gen firewalls and just have all the traffic routed through our Zscaler internet access and use Zscaler private access for accessing their private applications. We feel we have done everything in our capacity, in terms of enabling customers through Marketplace and will continue to participate in more features and functionality that Marketplace has to offer. We would like these customers to take advantage of their EDPs as well as their retirement and spend for the multi-commit through AWS Marketplace. Learn about what we have to offer and how we can really expedite the motion for them, if they want to procure our solutions through Marketplace >> You know, we're seeing an ability for them to get more creative, more progressive in terms of the purchasing. We're also doing, we're really excited about the ability to serve multiple markets. So we've had an immense amount of success in commercial. We also are seeing increasing amount of public sector, US federal government agencies that want to procure this way as well for the same reasons. So there's a lot of innovation going on. >> So you have the FedRAMP going on, you got all those certifications. >> Exactly right. So we are the first cloud-native solution to provide IL5 ATO, as well as FedRAMP pie and we make that all available, GSA schedule pricing through the AWS Marketplace, again through FSIs and other resellers. >> Public private partnerships have been a big factor, having that span of capability. I got to ask you about, this is a cool conversation, because now you're like, okay, I'm selling through the Marketplace. Companies themselves are changing how they operate. They don't just buy software that we used to use. So general purpose, bundled stuff. Oh yeah, I'm buying this product, because this has got a great solution and I have to get forced to use this firewall, because I bought this over here. That's not how companies are architecting and developing their businesses. It's no longer buying IT. They're building their company digitally. They have to be the application. So they're not sitting around, saying hey, can I get a solution? They're building and architecting their solution. This is kind of like the new enterprise that no one's talking about. They kind of, got to do their own work. >> Yes. >> There's no general purpose solution that maps every company. So they got to pick the best piece parts and integrate them. >> Yes and I feel- >> Do you guys agree with that? >> Yeah, I agree with that and customers don't want to go for point solutions anymore. They want to go with a platform approach. They want go with a vendor that can not only cut down their vendors from multi-dozens to maybe a dozen or less and that's where, you know, we kind of have pivoted to the platform-centric approach, where we not only help customers with Cloud Network Security, but we also help customers with Cloud Native Application Protection Platform that we just recently launched. It's going by the name of the different elements, including Cloud Security Posture Management, Cloud Identity Event Management and so we are continuously doing more and more on the configuration and vulnerability side space. So if a customer has an AWS S3 bucket that is opened it can be detected and can be remediated. So all of those proactive steps we are taking, in terms of enhancing our portfolio, but we have come a long way as a company, as a platform that we have evolved in the Marketplace. >> What's the hottest product? >> The hottest product? >> In Marketplace right now. >> Well, the fastest growing products include our digital experience products and we have new Cloud Protection. So we've got Posture and Workload Protection as well and those are the fastest growing. For AWS customers a strong affinity also for ZPA, which provides you zero trust access to your workloads on AWS. So those are all the most popular in Marketplace. >> Yeah. >> So I would like to add that we recently launched and this has been a few years, a couple of years. We launched a product called Zscaler Digital X, the ZDX. >> Mm-hmm. >> What that product does is, let's say you're making a Zoom call and your WiFi network is laggy or it's a Zoom server that's laggy. It kind of detects where is the problem and it further tells the IT department you need to fix either the server on which Zoom is running, or fix your home network. So that is the beauty of the product. So I think we are seeing massive growth with some of our new editions in the portfolio, which is a long time coming. >> Yeah and certainly a lot of growth opportunities for you guys, as you come in. Where do you see Zscaler's big growth coming from product-wise? What's the big push? Actually, this is great upside for you here. >> Yeah. >> On the go to market side. Where's the big growth for Zscaler right now? So I think we are focused as a company on zero trust architecture. We want to securely connect users to apps, apps to apps, workloads to workloads and machines to machines. We want to give customers an experience where they have direct access to the apps that's hidden from the outside world and they can securely connect to the apps in a very succinct fashion. The user experience is second to none. A lot of customers use us on the Microsoft Office 365 side, where they see a lag in connecting to Microsoft Office 365 directly. They use the IE service to securely connect. >> Yeah, latency kills. >> Microsoft Office 365. >> Latency kills, as we always say, you know and security, you got to look at the pattern, you want to see that data. >> Yeah, and emerging use cases, there is an immense amount of white space and upside for us as well in emerging use cases, like OT, 5G, IOT. >> Yeah. >> Federal government, DOD. >> Oh god, tactical edge government. >> Security at the edge, absolutely, yeah. >> Where's the big edge? What's the edge challenge right now, if you have to put your finger on the edge, because right now that's the hot area, we're watching that. It's going to be highly contested. It's not yet clear, I mean certainly hybrid is the operating model, cloud, distributing, computing, but edge has got unique things that you can't really point to on premises that's the same. It's highly dynamic, you need high bandwidth, low latency, compute at the edge. The data has to be processed right there. What's the big thing at the edge right now? >> Well, so that's probably an emerging answer. I mean, we're working with our customers, they're inventing and they're kind of finding the use cases for those edge, but one of the good things about Zscaler is that we are able to, we've got low latency at the edge. We're able to work as a computer at the edge. We work on Outpost, Snowball, Snowcone, the Snow devices. So we can be wherever our customers need us. Mobile devices, there are a lot of applications where we've got to be either on embedded devices, on tractors, providing security for those IOT devices. So we're pretty comfortable with where we are being the- >> So that's why you guys are financially doing so well, performance wise. I got to ask you though, because I think that brings up the great point. If this is why I like the Marketplace, if I'm a customer, the edge is highly dynamic. It's changing all the time. I don't want to wait to buy something. If I got my solution architects on a product, I need to know I'm going to have zero trust built in and I need to push the button on Zscaler. I don't want to wait. So how does the procurement side impact? What have you guys seen? Share your thoughts on how Marketplace is working from the procurement standpoint, because it seems to me to be fast. Is that right, or is it still slow on their side? On the buyer side, because this to me would be a benefit to developers, if we say, hey, the procurement can just go really fast. I don't want to go through a bunch of PO approvals or slow meetings. >> It can be, that manifests itself in several ways, John. It can be, for instance, somebody wants to do a POC and traditionally you could take any amount of time to get budget approval, take it through. What if you had a pre-approved cloud budget and that was spent primarily through AWS Marketplace, because it's consolidated data on your AWS invoice. The ability to purchase a POC on the Marketplace could be done literally within minutes of the decision being made to go forward with it. So that's kind of a front end, you know, early stage use case. We've got examples we didn't talk about on our recent earnings call of how we have helped customers bring in their procurement with large million dollar, multimillion dollar deals. Even when a resaler's been involved, one of our resaler partners. Being able to accelerate deals, because there's so much less legal work and traditional bureaucratic effort. >> Agility. >> That agility purchasing process has allowed our customers to pull into the quarter, or the end of month, or end of quarter for them, deals that would've otherwise not been able to be done. >> So this is a great example of where you can set policy and kind of create some guard rails around innovation and integration deals, knowing if it's something that the edge is happening, say okay, here's some budget. We approved it, or Amazon gives credits and partnership going on. Then I'd say, hey, well green light this, not to exceed a million dollars, or whatever number in their range and then let people have the freedom to execute. >> You're absolutely right, so from the purchasing side, it does give them that agility. It eliminates a lot of the processes that would push out a purchase in actual execution past when the business decision is made and quite frankly, to be honest, AWS has been very accommodative. They're a great partner. They've invested a lot in Marketplace, Marketplace programs, to help customers do the right thing and do it more quickly as well as vendors like us to help our customers make the decisions they need to. >> Rising tide, a rising tide floats all boats and you guys are a great example of an independent company. Highly successful on your own. >> Yep. >> Certainly the numbers are clear. Wall Street loves Zscaler and economics are great. >> Our customer CSAT numbers are off the scale as well. >> Customers are great and now you've got the Marketplace. This is again, a new normal. A new kind of ecosystem is developing where it's not like the old monolithic ecosystems. The value creation and extraction is happening differently now. It's kind of interesting. >> Yes and I feel we have a long way to go, but what I can tell you is that Zscaler is in this for the long run. We are seeing some of the competitors erupt in the space as well, but they have a long way to go. What we have built requires years worth of R&D and features and thousands of customer's use cases which kind of lead to something what Zscaler has come up with today. What we have is very unique and is going to continuously be an innovation in the market in the years to come. In terms of being more cloud-savvy or more cloud-focused or more cloud-native than what the market has seen so far in the form of next-gen firewalls. >> I know you guys have got a lot of AI work. We've had many conversations with Howie over there. Great stuff and really appreciate you guys participating in our super cloud event we had and we'll see more of that where we're talking about the next generation clouds, really enabling that new disruptive, open-spanning capabilities across multiple environments to run cloud-native modern applications at scale and secure. Appreciate your time to come on "theCUBE". >> Thank you. >> Thank you very much. >> Thanks for having us. >> Thanks, I totally appreciate it. Zscaler, leading company here on "theCUBE" talking about their relationship with Marketplace as they continue to grow and succeed as technology goes to the next level in the cloud. Of course "theCUBE's" covering it here in Seattle. I'm John Furrier, your host. Thanks for watching. (peaceful electronic music)

>>Hey everyone. Welcome to the cubes presentation of the AWS startup showcase. This is season two, episode four, where we continue to talk with the AWS ecosystem partners, this topic, cybersecurity protect and detect against threats. I'm your host, Lisa Martin. I've got a new guest with me. Ryan Ferris joins me the VP of products and engineering at Anisha. Ryan. Welcome to the program. Great to have you. >>Thank you so much for having me. >>So let's dig right in. Why are software vendors turning to Anisha to help them address and access the nearly for over 200 billion market public sector, federal market for cloud services? What is that key event? >>Yeah, it's it. If you know anything about FedRAMP and if you've looked into it, it takes a long time to achieve Fedra. So when customers kind of go into this cold and they're from Mars and they're like, what is bed? They usually find that it's an 18 month journey, maybe a 24 month journey. And so Anisha helps shorten that journey with lower costs and faster time to market. So if you're waiting for our revenue stream from say a government entity, we can get you there faster and get you to a, a state of Fedra certified in a shorter time period. And that's the value problem. >>Faster time to value is critical for organizations. So let's look at this journey as you talked about it, what does the path to compliance look like for specifically for AWS customers with a nation and without help us understand the value add? >>Yeah. So if you're doing it without Angen or if you're just kind of doing it yourself, which some customers choose to do, then they have to go on that journey and kind of learn about three primary things. One thing is how do I just write the entire package? Like there there's a thing called an SSP or a, a system security plan. And that thing is maybe seven or 800 pages long. And you have to offer that all by yourself so you can get help with that or not. That's sort of the academic and, and, and tech writing piece of it. There's another piece of it around what does my environment look like? So as I am ruling out this Fedra solution, what are each piece in my environment that needs to be compliant with Fedra? And it's a voluminous amount of things can be either a dozen or maybe up to a hundred things that you have to tweak and change. So there's a technical deployment store here as well. And then the third thing is keeping you compliant in your AWS environment after you've achieved kind of that readiness state. So the journey does not stop once you achieve Fedra, ATO, it goes on and on and on, and Anisha helps customers kind of maintain and keep them there in that fully compliance state after achieving ATO, >>What's the timeframe for AWS customers in terms of going, alright, we realize we're going on this journey. It's challenging. We need An's help. What's the timeframe to get them actually certified. >>Yeah. We look at the timeframe between the moment you deploy and the moment you start writing about that tech, that Fedra package and when you're audit ready, and in the best case scenario, that could be a few months, right? But you're always, your mileage may vary based on kind of your application readiness and how ready you are to pursue that journey. So the fastest happy path is a few months to audit, audit an audit ready state, but then you have, you kinda have to go through a process whereby you're in the queue for Fedra. And that can kind of take maybe an extra few months, but it really is that that three month accelerated timeframe in the best case scenario, >>Got it. Three months accelerated timeframe. Are there other compliance standards that besides Fedra that you help organizations get compliance with? >>Right. So it's a great question. So FedRAMP in and of itself is just really hard to get to. It's just so many things that you have to do, but if you get to that state, it's based off of a standard called missed 853 specifically rev four, that's kind of a mouthful, but once you achieve that state, there's basically 325 controls that come along with fed moderate. And that buys you a lot of leverage in leeway in mapping and sort of crosswalking to other compliance levels. So if you achieve that state, you buy a lot of, kind of goodness with things that map to either PCI or even HIPAA or SOC two. And, and so you, you kind of get a big benefit and sort of a big bang for your buck by having achieved that, that state for Fedra. >>So from an AWS customer, talk to me about, obviously we talked about the time to value the speed with which you enable organizations to achieve compliance and, and readiness. What what's in it for me in terms of working with a nation as an AWS customer. >>Yeah. For, so for AWS specifically our stack, well, we have kind of two versions of our stack. One is meant for Azure and it's kind of cookie cutter and meant for folks that have an entrenched Azure footprint. The other is it's the majority of our market it's folks that want to in accelerator footprint in AWS. So what's in it for you is that Anan kind of presents something that looks pretty similar to a landing zone, but it's a little bit more peppered with complexity and with tuned configurations. So if you're an AWS customer and let's see you've had an environment for the last 5, 6, 7 years, we help you kind of take that environment and enhance it and become FedRAMP ready in a much faster state. And we are leveraging and utilizing a lot of native AWS core services like ECR, for example, is one we're just starting to lean into AWS inspector for bone scans, those types of things. And then kind of when you get up to that audit, ready state and through ATO, we aggregate a lot of that vulnerability information and vulnerability scanning information into a parable readable, actionable format. And most of those things, those gatherings of data are AWS specific functions that we kind of piggyback on. So we're heavily into cloud trail and, and quite heavy into kind of using the things that are already at our fingertips just by deploying into AWS. >>Yeah. Leveraging what they already are familiar with kind of meeting the customers where they are. I think these days is such an important factor to help organizations make the changes as quickly and dynamically as they need to. >>That's right. Yeah. That's perfect. Yeah. A lot of customers, you know, when, when they start on the journey, they kind of, they, they sort of uncover the, uncover the details around, well, I have an application and this application has existed for six or seven years. How do I get this thing FedRAMP ready? And what does onboarding mean to your stack? We try to make that specific step as easy as possible. So when I'm on the phone with prospects and I'm talking to 'em about embarking on a journey, I kind of get them to a mental model where they treat their application VPC or their application environment as sort of a, and we deploy a separate VPC into their, into their cloud account. And then we peer that information. It's kind of getting into the mechanics a little bit, but we try to make it as easy as possible to start doing the things that we're obliged to do for FedRAMP, for their application, like bone scans and, and operationalization of logging and things like that. And then we pull that information into our AIAN managed BPC. And I think once customers really start to understand and sort of synthesize that mental model, then they kind of have this Baha moment. They're like, oh, okay. Now I, now I really understand how your platform can accelerate this journey into a period that is no more than say two or three months of onboarding >>No more than two or three months. That's, that's a nice kind of guarantee for organizations who are you typically engaging with? Is it the CISO level or are there other folks involved in this conversation? >>Yeah, I, the CISO is probably the best persona to engage with, but it so varies from customer to customer and you never really know who's really gonna, oftentimes it's the CEO or, or sometimes it's a champion that might be the CFO or someone that's incentivized to really start getting market share for federal customers that they don't have access to. That might even be a VP of engineering that we're, that we're conversing with. But most often I think the CISO is central because the CISO of course wants to give in details of what does the staff consist of and exactly how are you helping me with this big burden of continuous monitoring that fed Fedra makes me do. And, and where, where do you fit in that story? So it's usually the CSO, >>Usually the CSO, but some of the other personas that you mentioned sounds like it's definitely a C level or at least a, an executive level conversation. >>It is. Yeah. I'll try to divide that a little bit from my persona. Like I, I run engineering and product. I'm usually dealing with a rather talking to and engaging with the CSO, but the folks that cut the check are either either the CEO or the CFO that really want to widen that kind of revenue stream that they don't have access to. And they're the real decision making personas in this deal. Now, after the decision decision is made, then, you know, they're vetting through VPs of engineering or engineering leaders or the CSO. So like the, the folks that pull the purse strings are usually, you know, the ones that are cutting the check to make this investment that is usually the CSO or rather CEO and the CFO. >>Got it. Okay. So if I'm an AWS customer and I'm on this journey for fed re certification, I've, I've been on it for a while. How do I know it's time to raise my hand or pick up the phone and call Anisha? >>Yeah. You know, some customers that we speak with have already tried to do it and maybe they've failed. Maybe they've been like 12 or 14 months into the journey. And they've said things like, we just don't know how to put the package together, or maybe they've engaged with the third party auditor. And the third party auditor has said, sorry, you guys need to go back to the drawing board or maybe they've missed a good percentage of the technical requirements and they need some consultation and advice or a cookie cutter approach. So it kind of, every journey is different when we are engaging. Sometimes folks are just coming in completely cold or maybe they failed. But the more interesting ones, and I think when we can look a little bit more like heroes are the ones that have tried it, and then a year later they come back, they come back to an, and they want that accelerated goodness. >>Do you have a favorite customer story that you think really articulates the value either from a customer who came in cold or a customer who came in after trying it on their own or with another partner for a year that you think really demonstrates the value that AIAN delivers? >>Yeah. There is a customer story that's sort of top of mind and it's, I think the guy primarily stuck in what tooling I'll anonymize the customer, but this customer kind of chose the wrong level of tooling as they embarked on their journey. And by tooling, I mean, let me get a little bit more specific here. You can't just choose any vulnerability scanner, for instance, if it's a SAS product, or if it's sending data or requests outside of your Fedra boundary, then you're gonna run into trouble. And this reference customer, or this prospect at the time kind of had a lot of friction there. So as they were bumping up against that three Pao deadline, they realized they had a lot of work to do. And we simplified that, that part of the journey substantially for them by essentially selecting and spoon feeding them and, and sort of accelerating that part of the deployment and technical journey for them. And they were very delighted by that part of it. >>When you're talking with customers who are in, in a state of, of change and fluxes, who isn't these days, we've seen the acceleration of digital transformation considerably over the last couple of years. How do you talk with them about a nation as an enabler of their digital transformation overall? >>Yeah. Digital transformation. It's a, it's a broad word. Isn't it like for, for customers that are moving from an on-prem world into the cloud world, you have this great opportunity to kind of start from scratch. And so for Anisha, we are deploying and maybe not start from scratch, but when you're moving from an on-prem environment into the cloud, your footprint, you have this really nice opportunity to embrace more of AWS core services and to kind of rebuild things, kind of make your architecture drastically improved, or like look different to be more supportable and like less operational overhead. And so when an nation presents itself as sort of this platform in a walled garden environment, some customers have this aha moment that like, if you're gonna move either a portion of your environment or a specific application to the cloud, AIAN really helps you establish that security within that boundary and that footprint in a, in a much more accelerated fashion, then if you were selecting each part of your security infrastructure and then trying to implement it by hand, and that's kind of where we shine. >>Got it. We talked about the personas that you're typically engaging with depending on the organization, but how do you help enterprise companies who say Anisha, we wanna improve DevOps efficiency. We wanna get our applications secure that are running on AWS and those that we may wanna move to AWS in the future. >>Yeah. This gets into futures a little bit, but part of our roadmap, a little bit of a, a kind of a look around the corner for our roadmap is that since we know so much about the FedRAMP environment and FedRAMP moderate and the standard called this 853, it's a really powerful security view. And it's also a really powerful compliance view. So, you know, as I was saying before that, if you achieve a lot of depth and excellence in nest 853, it buys you a lot of kind of crosswalk and applicability for SOC two and HIPAA and PCI. So for DevOps organizations and for just engineering organizations that want more pre-pro insight, there's no reason why you can't just deploy our platform and our stack in a pre fraud environment to get that security signaling such that you can catch things early and prevent maybe spillage or leakage or security issues to go into production. So one of the things that we're doing on a roadmap is a, a feature that we call compliance insights, whereby we present a frame of missed 853 RAV4 that you can deploy into any environment. And that particularly helps the DevOps role by saying, well, if I just, for example, exposed an S3 bucket to world, then I can catch that configuration, that compliance product and catch it, trap it and fix before it leaks out to. >>So you talked a little bit about kind of some of the things that are coming up on a, on the product side, what's next for Anisha, as we look at we're rounding out calendar year 22 coming into 2023, there's still so much change in the market. We've got to embrace that. What's next for the company. What can we expect from the VP of products and engineering? >>Yeah, I think in two, two big areas here, we're gonna double down on our Fedra offering offering, and just continuously improve it and improve it. We're pretty tempted to lean in more heavily to CMMC. We hear a lot about CMMC kind of on the periphery, but we just haven't quite felt the market pressure to really go after that. But there's definitely something there. And I would anticipate some offering that maps to that specific compliance that, that compliance framework. And then in the enterprise, we just month after month, we discuss more about how we can create more flexibility in our platform, such that commercial customers can get more of that goodness, and sort of more of that consolidation and time to market, particularly for small and mid-sized customers. So we'll be releasing more of those pieces of functionality in 2023 as well. >>So the commercial folks be on the lookout for that. >>Yes, absolutely. That's a huge untapped market for us. We're super excited about it and we'll be a little cagey on in our plans until we kind of get through this early availability period and then probably make a bigger splash in the first half of 2023. >>That sounds appropriate. Where can the audience go to learn more about what you guys are doing and maybe get ahead on some of those teaser that you just mentioned? >>Yeah. I think our marketing folks will push out more data sheets and marketing material on what's to come. And if you ever wanted to be part of this early availability program that I just discussed, or that I mentioned, you can always go to anan.com and ping us, and we'd be happy to have a conversation with you and we'll lift up the hood and allow you to look under there for, and just carry on the conversation around what's to come. >>All right, getting a peek of what's under the hood. That's always exciting, Ryan, thank you for joining me on this program. AWS startup showcase. We appreciate your time, your insights and a peek into what's going on at Anisha. >>Awesome. It was a pleasure. Thank you so much. >>Likewise. We wanna thank you for watching the AWS startup showcase for Ryan Ferris. I'm Lisa Martin stick right here on the, for great content coming your way. Take care.

>>Welcome to the cubes, continuing coverage of AWS reinvent 2021. I'm your host, Lisa Martin. We are running one of the industry's most important and largest hybrid tech events of the year. This year with AWS and its ecosystem partners. We have two life studios, two remote studios, and over 100 guests. So stick around as we talk about the next 10 years of cloud innovation, I'm very excited to be joined by another Lisa from Zscaler. Lisa Lorenzen is here with me, the field CTO for the Americas. She's here to talk about ZScaler's mission to make doing business and navigating change a simpler, faster, and more productive experience. Lisa, welcome to the program. >>Thank you. It's a pleasure to be here. >>So let's talk about Zscaler in AWS. Talk to me about the partnership, what you guys are doing together. >>Yeah, definitely. Z scaler is a strategic security ISV partner with AWS. So we provide AWS customers with zero trust, secure remote access to AWS, and this can improve their security posture as well as their user experience with AWS. These scaler recently announced that we are the first and only cloud security service to achieve the FedRAMP PI authorization to operate. And that FedRAMP ZPA service is built on AWS gov cloud. ZScaler's also an AWS marketplace seller where our customers can purchase our zero trust exchange services as well as request or high value security assessments. We're excited about that as we're seeing a rapid increase in customer adoption as these scaler via the AWS marketplace, we vetted our software on AWS edge services that support emerging use cases, including 5g, IOT, and OT. So for example, Zscaler runs on wavelength, outposts, snowball and snowcones, and Zscaler has strategic partnerships with leading AWS service providers and system integration partners, including Verizon NTT, BT, Accenture, Deloitte, and many of the leading national and regional AWS consulting partners. >>Great summary there. So you mentioned something I want to get more understanding on this. It sounds like it's a differentiator for CSO scale. You said that you guys recently announced to the first and only cloud security service to achieve FedRAMP high. Uh, ATO built on AWS gov cloud. Talk to me about and what the significance of that is. >>I L five authorization to operate means that we are able to protect federal assets for the department of defense, as well as for the civilian agencies. It just extends the certification of our cloud by the government to ensure that we meet all of the requirements to protect that military side of the house, as well as the civilian side of the house. >>Got it super important there, let's talk about zero trust. It's a super hot topic. We've seen so many changes to the threat landscape during the pandemic. How are some of the ways that Z scaler and AWS are helping customers tackle this together? >>Well, I'd actually like to answer that by telling a little bit of a story. Um, Growmark is one of our Z scaler and AWS success stories when they had to send everyone home to work from home overnight, the quote that we had from is the users just went home and nothing changed. ZPA made work from anywhere, just work, and they were able to maintain complete business continuity. So even though their employers might have had poor internet service at home, or, you know, 80 challenging infrastructure, if you've got kids on your wifi bunch of kids in the neighborhood doing remote school, everyone's working from home, you don't have the reliability or the, maybe the bandwidth capacity that you would when you're sitting in an office. And Zscaler private access is a cloud delivered zero trust solution that leverages dynamic resilient, TLS encrypted tunnels to connect the user to an application rather than putting an end point on a network. >>And the reason that's important is it makes for a much more reliable and resilient service, even in environments that may not have the best connectivity I live out in the county. I really, some days think that there's a hamster on a wheel somewhere in my cable modem network, and I am a consumer of this, right. I connect to Z scaler over Zscaler private access, I'm protected by Zscaler internet access. And so I access our internal applications that are running in AWS as well this way. And it makes a huge difference. Growmark really started with an SAP migration to AWS, and this was long before the pandemic. So they started out looking for that better user experience and the zero trust capability. They were able to ensure that their SAP environment was dark to the internet, even though it was running in the cloud. And that put them in this position to leverage that zero trust service when the pandemic was upon us, >>That ability or that quote that you mentioned, it just worked was absolutely critical for all of us in every industry. And I'm sure a lot of folks who were trying to manage working from home, the spouses from home kids doing, you know, school online also felt like you with the hamster on the wheel, I'm sure their internet access, but being able to have that business continuity was table-stakes especially early on for most organizations. We saw a lot of digital transformation, a lot of acceleration of it in the last 20 months during the pandemic. Talk to me about how Z scaler helps customers from a digital transformation perspective and maybe what some of the things were that you saw in the last 20 months that have accelerated >>Absolutely. Um, another example, there would be Jefferson health, and really, as we saw during the pandemic, as you say, it accelerated a lot of the existing trends of mobility, but also migration to the cloud. And when you move applications to the cloud, honestly, it's a complex environment and maybe the controls and the risk landscape is not as well. Understood. So Z scaler also has another solution, which is our cloud security posture management. And this is really ensuring that your configuration on your environment, that those workloads run in is controlled, understood correctly, coordinated and configured. So as deference and health migrated to the cloud first model, they were able to leverage the scalers workload posture to measure and control that risk. Again, it's environment where the combination of AWS and Z scaler together gives them a flexible, resilient solution that they can be confident is correctly configured and thoroughly locked down. >>And that's critical for businesses in any organization, especially as quickly as how quickly things changed in the last 20 months or so I do wonder how your customer conversations have has changed as I introduced you as the field CTO of the America's proceeds killer. I'm sure you talk with a lot of customers. How has the security posture, um, zero trust? How has that risen up within the organizational chain? Is that something that the board is concerned about? >>My gosh, yes. And zero trust really has gone through the Gartner hype cycle. You've got the introduction, the peak of interest, the trough of despair, and then really rising back into what's actually feasible. Only zero trust has done that on a timeline of over a decade. When the term was first introduced, I was working with firewall VPN enact technology, and frankly, we didn't necessarily have the flexibility, the scalability, or the resilience to offer true zero trust. You can try to do that with network security controls, but when you're really protecting a user connecting to an application, you've got an abstraction layer mismatch. What we're seeing now is the reemergence of zero trust as a priority. And this was greatly accelerated honestly by the cybersecurity executive order that came out a few months ago from the Biden administration, which made zero trust a priority for the federal government and the public sector, but also raised visibility on zero trust for the private sector as well. >>When we're looking at zero trust as a way to perhaps ward off some of these high profile breaches and outages like the colonial pipeline, whole situation that was based on some legacy technology for remote access that was exploited and led to a breach that they had to take their entire infrastructure offline to mitigate. If we can look at more modern delivery mechanisms and more sophisticated controls for zero trust, that helps the board address a number of challenges ranging from obviously risk management, but also agility and cost reduction in an environment where more than ever belts are being tightened. New ways of delivering applications are being considered. But the ability to innovate is more important than ever. >>It is more important than ever the ability to innovate, but it really changing security landscape. I'm glad to hear that you're seeing, uh, this change as a result of the executive order that president Biden put down in the summer. That's good news. It sounds like there's some progress being made there, but we saw, you mentioned colonial pipeline. We saw a lot in the last 20, 22 months or so with ransomware becoming a household word, also becoming something that is a matter of when companies in any industry get hit and versus if it's no longer kind of that choice anymore. So talk to me about some of the threats and some of the stats that Z scaler has seen particularly in the last 20, 22 months. >>Oh gosh. Well, let's see. I'm just going to focus on the last 12 months, cause that's really where we've got some of the best data. We've seen a 500% increase in ransomware delivered over encrypted channels. And what that means is it's really critical to have scalable SSL inspection that can operate at wire speed without impeding the user experience or delay in critical projects, server communications, activities that need to happen without any introduced in any additional latency. So if you think about what that takes the Z scaler internet access solution is protecting users, outbound access in the same way that Zscaler private access protects access to private resources. So we're really seeing more and more organizations seeing that both of these services are necessary to deliver a comprehensive zero trust. You have to protect and control the outbound traffic to make sure that nothing good leaks out, nothing bad sneaks in. >>And at the same time, you have to protect and control the inbound traffic and inbound is, you know, a much broader definition with apps in the data center in the cloud these days. We're also seeing that 30% of malware is delivered through trusted applications like file shares or collaboration tools. So it's no longer enough to only inspect web traffic. Now you have to be able to really inspect all flavors of traffic when you're doing that outbound protection. So another good example where Z scaler and AWS work together here is in Amazon workspaces. And there's a huge trend towards desktop as a service, for example, and organizations are starting to recognize that they need to protect both the user experience and also the connectivity onward in Amazon workspaces, the same way that they would for a traditional end user device. So we see Z scaler running in the Amazon workspaces instances to protect that outbound traffic and control that inbound traffic as well. >>Another big area is the ransomware infections are not the problem. It's the result. So over half of the ransomware infections include data theft or leakage. And that is a double whammy because you get what's called double extortion where not only do you have to pay to unlock your machines, but you have to pay not to have that stolen data exposed to the rest of the world. So it's more important than ever to be able to break that kill chain as early as possible to ensure that the or the server traffic itself isn't exposed to the initial infection vector. If you do happen to get an infection vector that sneaks through, you need to be able to control the lateral movement so that it doesn't spread in your environment. And then if both of those controls fail, you also need the outbound protection such as CASBY and DLP to ensure that even if they get into the environment, they can't exfiltrate any of the data that they find as a result. We're seeing that the largest security risk today is lateral movement inside the corporate network. And that's one of the things that makes these ransomware double extortion situations, such a problem. >>Last question for you. And we've got about a minute left. I'm curious, you said over 50% of ransomware attacks are now double extortion. How do you guys help customers combat that? So >>We really deliver a solution that eliminates a lot of the attack surface and a lot of the risks. We have no inbound listener, unlike a traditional VPN. So the outbound only connections mean you don't have the external attack surface. You can write these granular policy controls to eliminate lateral movement. And because we integrate with customer's existing identity and access management, we can eliminate the credential exposure that can lead to a larger spread in a compromised environment. We also can eliminate the problem of unpatched gateways, which led to things like colonial pipeline or some of the other major breaches we've seen recently. And we can remove that single point of failure. So you can rely on dynamic optimized traffic distribution for all of these secure services. Basically, what we're trying to do is make it simpler and more secure at the same time, >>Simpler and more secure at the same time is what everyone needs regardless of industry. Lisa, thank you for joining me today, talking about Zscaler in AWS, zero trust the threat landscape that you're seeing, and also how's the scaler and AWS together can help customers mitigate those growing risks. We appreciate your insights and your thoughtfulness. >>Thank you >>For Lisa Lorenzen. I'm Lisa Martin. You're watching the cubes coverage of AWS reinvent stick around more great content coming up next.

>>And welcome back to the cubes coverage of AWS summit public sector here live in Washington, DC, where we're actually having a physical event, but also broadcasting to a hybrid audience digitally. I'm John, your hosted, like you've got a great panel here. Martin Rieger's chief solutions, officer stack armor, the thin poli who's with Splunk group vice president of partner go to market Americas and public sector, and Troy Bertram, vice president sales, a telos. Good to see you guys. Thanks for coming on. It's great to be. So you guys stuck on them to have a great solution on AWS called faster. Okay. Which is nice name what's what's it all about? >>So faster is about getting cloud service providers to an authorization, to operate with the federal government, uh, basically as fast as possible. It is the collection of threat alert, which is a fed ramp designed solution and boundary solution. That includes all those key security stack components. Uh, primarily our partners over at Splunk and telos. Uh, those products are scripted, streamlined, and designed to get customers there as fast as possible in a compliant manner. >>I love the acronym fast tr faster on AWS. Uh, how did you guys come up with the threat alerts concept? What did, what's this all about? How did it all come together? >>Uh, threat alert was, was born out of one of our primary services, which is migration and, uh, for roughly about a five-year stretch migrating federal agency systems, um, to Amazon, both east, west and gov cloud, uh, we recognized quickly that there was a need to include a security stack of common components, such as vulnerability scanning, uh, security incident event monitoring, uh, as well as a number of other key components designed around the continuous monitoring aspect of it. And so we quickly realized that, you know, the packaging of this solution and putting together a dashboard that allows us to tie everything in, uh, deploy very, very quickly through infrastructure as a code, um, was a vehicle that could help, uh, our customers and CSPs as well as agencies get through the FedRAMP ATO process. Um, quickly >>Talk about the relationship with Splunk and telos. How's this all connecting with? Just what's your role? >>Yeah, so really with the support of NIST and the new Oscar standard, which I'm going to make sure I get the acronym right. Open securities controls, assessment language, or asked gal, um, with our release of Exacta and automation of the compliance standards working with, and the framework, we've been able to look at best of breed partners in the industry, and it is all around acceleration of how can we move faster to deliver the end customer, the controls they need and want in a secure compliant manner. Um, and as someone that served in the government, right, it's, it's passion for the mission. And that's really what brought the three companies together >>And my opinion, by the way, congratulations on Telus going public. You guys do a lot of great cyber work. Congratulations. Now that data is the heart of this. I mean, Splunk that's all you guys do is think about data. How do you guys connect into, into the product? >>Well, it's exactly that really providing that data platform, then they analytics capability to enable the subject matter experts to bring the data to life. Right. And that's what we, that's why these partnerships are so important to Splunk because, uh, they have the subject matter expertise and can really leverage the power of the data platform to provide services to customers. >>Yeah. One of the big trends that's kind of underreported, in my opinion, is that partnerships required to kind of get the cyber security equation, right? This is a huge trend. People are sharing, but also working together. How, how do you guys see that evolving? Because you know, there has to be an openness around the data. There has to be more open solutions. How do you guys see that evolving? Um, >>Well you kind of hit the hammer on the heads. Splunk is, is essentially the heart and soul of our auditing logging and continuous monitoring piece. Um, in terms of, of the relationships and how we all work together. We we've evolved now to a point where we are able to pre-stage customers well in advance. Um, and in working with our partners, uh, tell us on Splunk. By the time we get started with a customer, we, we reduced the amount of time this takes, uh, on average by 40%, um, and even faster with the exact piece because, uh, as, as Troy kind of mentioned, the OSC gal component, um, is the future of accreditation. And it's certainly not limited to fed ramp, but that machine language, that XML Yammel Jason code, we've got things to the point where not only are we deploying Splunk in a, in a scripted pre-configured manner to work with our technology, we're also doing the same thing with Exacta. >>So the controls are three documented for everything that we provide, which means we don't have to spend the time going through the process of saying, okay, tell me what you're doing. We already have that down. The other best of breed type components that were mentioned by Troy. Um, it's the same thing, right? So customers, when they show up, they have a security stack that's ready to go. They already have FIPs compliance for encryption. They already have hardening in place so that when, when they approach us, all they've really got to do is deploy their application and close a very small gap in documentation, which we do with Exacta and then auditors can come in, hit the, they can jump, get what they need out of Exacta. And eventually once everyone else catches up to OSC gal, we'll be connecting systems to other systems and just pushing the package, the days of PDFs. And those are almost gone >>As someone that went through, um, achieving an ATO, the paper process and the Excel spreadsheets. It's a nightmare. And you've got sales engineers, you've got solution architects that are spending their time, not focused on delivering mission outcomes or new products and services to our public sector customers, but on the process and the paperwork, >>Can you share order of magnitude the old way, time wasting versus this solution? What's, what's gained cause that's key. This needs a resources when people are >>Every CFO ad in ISV wants to do two things, right? They want to support the sales efforts to move into the federal or state environment, right? We're talking about fed ramp, but state ramp is upon us now. So they want two things. How do I do this at the lowest cost possible limit my resources that are really expensive on the engineering side and how do I shrink the amount of time? So 40% is a very conservative estimate. I believe that we can continue with implementations of Bosco and other ingestation points, especially across government. We can shrink that time, which reduces the cost immensely >>The time savings day. What about the stack? >>But if you want to put it in perspective, right? I've been doing this since the beginning in 2012, and I've stood up three different three pills. I've audited over 200 companies. I've been doing this a long time. And in the beginning it was an average of 12 months just to get someone ready, just to get ready. That didn't include the audit time. So we've evolved to a point now where on average, that's down to 12 weeks. And that was before the inclusion of the exact piece. We were able to shave off four more weeks with that, to the point where we're down to eight weeks and the government is pushing to try to get towards a 30 day ATO. And I think Oscar was the answer for that. And so to give you an idea of where we were to where we are now, we went from 12 months to 12 weeks. >>That's huge. So the data is the key in here. And then you got faster on AWS. Love the name wa how does that compare to other ATO solutions? How do you guys see that comparing a wonder place? >>I think in terms of the other solutions that are available out there, there, there's a couple key things that, that I think the rest of the market is trying to do to catch up. And one of those is the dashboard technology that we have in place integrates directly with Splunk and with Exacta, it pulls in from all the AWS sources that are available in terms of security and information and centralizes it in one spot. And so nobody else is doing that and we've been doing it for years. And this, this to me, OSS gal, and the addition of the exact component was the next evolution. >>Um, on the partnership side, how do you guys see it evolving? What's next >>More continuous monitoring, I think, right. It's not just about a FedRAMP authorization, but continuous monitoring in general for, for all of our public sector. >>That's day two operations continues ongoing AI operations. There's gotta be some machine learning in here somewhere. Is there? >>Yeah. I'll speak to the partnerships a little bit. And I think even back to AWS, right? Why we're here and it's great to be in person is it's around us working together as an industry and companies, right? The authority to operate on AWS, the ATO and AWS was started to bring like-minded companies together to help solve these problems. Yeah. >>I mean, it's a real benefit. It really shows that you can put a stack together, right. And then save time like that 12 months to 12 weeks. That's what cloud's about right now. Then the question is security. Think you should get that right. That is going to be an evolution. What's the vision of the product? >>Um, well, there's two things around that we, we, we talked about, yes, it's, it's planned prepare authorized, right? That is the current fed ramp mantra and post ATO. The continuous monitoring piece is really a core element. But in terms of the future three PAOs, the third-party assessment organizations that, that audit our customers, that, that we're all preparing together. Eventually they're systems, they're all developing audit systems around. And so where we're going is the auditor will connect to Exacta and they will simply over API or whatever calls they make. They will pull all of that audit information control information, which is only going to accelerate this even more. >>Yeah. I mean, the observability, the data, the automation all plays into more speed, more agility, faster, >>And, and meeting all of the standards, right? Whether it's smart Z or it's HIPAA state Ram home in Austin, Texas Tex ramp is, is a thing, right? How do we help each one of these customers with their own compliance or super smart, >>You know, the business model of reduce the steps it takes to do something, make it easier and faster is a good business model. Wow. >>It's not, it's becoming an ecosystem right. In the sense that, um, you know, Oscar has been under development for three years and, and, and stack armor, we've been supporting some components at NIST, but to the point where, uh, once we eliminate the, the traditional paper, you know, word doc XL PDF, um, and get to a point where everything is tied together. But one there's one important aspect to this is that it's all in boundary. So the authorization boundary is that invisible red line. We draw around everything in scope for an audit. And so that, by the way, is another critical component. The Splunk servers are in boundary. The exact servers are in boundary, which is a huge, huge element to this. >>Yeah. Good. Great. To see the spunk partnership, adding value here with telos, good, your cybersecurity expertise, pulling it all together. It's a great solution. >>It is, and great partners to work with, right? And I know that we will have additional solutions and product offerings in the future. >>Martin treadmill, Bethann. Thanks for coming on the queue. Appreciate it. Enjoy the rest of the show. As we wind down day two of cube live coverage in-person event, AWS public sector summit in Washington, DC. This is the cube. We right back after this short break,

>> Announcer: Live from Orlando Florida. It's the Cube. Covering Pentaho World 2017. Brought to you by Hitachi Vantara. >> Welcome back to the Cube's live coverage of Pentaho World brought to you by Hitachi Vantara. I'm your host, Rebecca Knight along with my co-host, Jim Kobielus. We are joined by Geo Thomas. He is the director of It at Benefits Science a healthcare insurance analytics company. Thanks so much for coming on the Cube, Geo. >> Thank-you, thanks for having me. >> So Benefits Science is a company launched out of MIT, tell our viewers a little bit more about the company. >> Okay, so Benefits Science is a healthcare data analytic company which co-founded by MIT (mumbles). Doctor (mumbles) and Doctor Stephen so far and we have one more partner. We do data analytics on the healthcare side and we work with employers and the brokers to analyze the data and give them dashboards and workbooks, and so that's what we mainly do. And we, yeah. >> So, as you said, you work with employers to save them healthcare dollars. Can you get into the nitty-gritty a little bit more. >> That's exactly right, so what we do is we empower employers to manage their employee benefits. Providing them the data analytic tools and other optimization tools, and we give them a very fine clear picture of how these plans are performing, and how they can optimize their plans in the near future by giving plan optimization tools and (mumbles) algorithms and things like that. >> You refer this as a manage service for your clients or do you provide specifically licensed software that helps them do this for themselves? From their own premises. >> We are a Cloud platform, and we provide our platform as a sub-lease for our clients. So, we get the data from them and we provide data analytic tool by mashing of this data and they use our platform to see those reports and insights and things like that. >> So, healthcare data is a really special kind of complicated when it comes to data because there's so many security and privacy issues related to it, how do you go about it managing this kind of data? >> Healthcare data is a very complex, very huge and we can't expect what comes next and there a lot of regulations and there are a lot of security issues, so we take all these with upmost priority. So, our company is a SOC1, SOC2, certified company. Which covers a lot of regulations by itself. Our employee's, Benefits Science employees, are really very much aware of these heap of rules. And they are all certified. We have lots of internal an external audits and regulations throughout the place so that would cover all this compliance issues, mainly. >> From an operational standpoint, how are you managing the day-to-day, day-in and day-out, do you provide a data warehouse within which you load it and then from which you do the analysis? What's the sense for how you architected your environment and then where how Pentaho plays into the overall picture? >> We take the data. Once we get the data, we measure the data. So, how we do those, we use Pentahos, and then two and two. Because it gives us a very standardized methodology to process this data, so we identify the PHP data. We sample it, scramble it, and then we do the (mumbles). And once the data element is done, and nobody touches any of those PA jobs or the jobs which we created with Pentaho, and we run this in a very secure environment in which we put all this transformed data into a data analytical platform. >> When you say scramble, you're referring to masking and anonmyzing the data? >> Correct, yes. >> That's what I assumed, you tell me, that's required by HIPA, that you do it that way? >> Yes, that's correct, yeah, yeah. So, we don't take all the data for the development. We take only the sample data, and then we scramble it and we (mumbles) all this information. >> So, what kind of results have you seen in your company since using Pentaho? >> So, I started in almost one year back and when we started, we had 20 tenants. Now, we have 200 tenants, so that's the summary of recently of what I'm seeing because Pentaho gives us lot of flexibility to standardize and make proper checks and balances throughout the data pipeline and we had created very huge test framework which can run automatically. So, all these things would benefit us to board a client because right now, onboarding a client would take less than a week. >> When you say test run automatically what sort of test are you referring to? >> So, we create test scripts, and we created a test suit framework by using Pentaho Jobs. And we schedule that. That test suit what we do is every, whenever any tenant comes in, developers can create N number of test cases and plug that in. So, it is growing and that will run automatically. Along with the PA jobs. So, that gives us a number of outputs and checks and balances and depending on the results we board the client. >> Saving healthcare dollars, spending healthcare dollars. This is really part of the national conversation. How much does Benefits Science really feel a responsibility to weigh-in on these issues. We heard a lot from the CEO this morning about how Pentaho really views its guiding principles as doing good in the world and bettering society. >> The double bottom line. >> Very true, very true, because as Benefits Science company our vision, our motto is not to just built some software and give to customers and get some money. Our vision is to help people or employers reduce the healthcare cost, so. Our data scientists built this great plan optimization tool or (mumbles) to provide employers to look at, "Okay, these "are the large claimant details, which means we might have "to go and find out the reasons and work with them "to reduce the cost." So, we are giving all the tools for them and another thing is the data (mumbles) analyzer our users love it, because we provided a simplified cube for them to drag and drop and create the reports and they can easily drag a couple of data elements and come up with, "Okay, these are the paid amounts "which we paid last month, and this has to go down." So, they can come up with their own strategies to make it down, at least, for the next year and on. >> In terms of user's being able to, in a self-service basis define their views and their reports. Do you take that intelligence that you gained from users and then bring that back into the basic service in terms of adjusting the data model? The set of canned reports or dashboards you provide? What do you do in that regard? >> Yeah, so we have a custom insight reports. Which will give pretty good idea about what this data meant to be for the customers. Like drag dashboards or large claimants or quality measures so things like that. We also have another data science group works on this AI tools or machine-learning algorithms to provide more predictive analysis. So, that would give users a different perspective of, "Okay, if we do this, we can reduce the cost." >> Is that WECA or? >> No, we are using. That's another thing I want to go back and tell them. There is a WECA here, we probably have to start using it. So, right now, we are not, right now we are using RN Python. There's something called (mumbles). So, that's what we use. >> What are some challenges that you are facing right now? What is keeping you up at night? What do you want the next versions of Pentaho to solve for you? >> I'm Director of IT, so I care about IT more than the business. So, my challenge is always how I can board more clients within a short span of time. The scalability, the security, how we can make it compliant. So, I was listening to that ATO, what are the new things coming in ATO? One of the main thing I was looking at is the scalability that is there is something called Worker Naught, that's got announced in ATO. Which you can scale as a docker, and you can spin off as many dockers as you want, and it will work by itself. That's fantastic, I'm really looking forward to get that scalability into our system. >> So, you're saying your IT environment. Your focused now more and more on a Cloud data environment that takes the application functionality and wraps it as containers? So, that's where you're going? And then you're saying that, I don't want to put words in your mouth, what you're doing is consistent with where Pentaho's going with their overall product platform? >> We are hosting an (mumbles) Cloud with Pentaho. So, Pentaho is also going into that direction. Makes me very happy because we are really looking forward to get that working in the Cloud. The thing is the. The Worker Naught, what they're talking about? Is what we were thinking of implementing on our own. So, now they have their own Worker Naught which we can just take and put it there. So, that's very good news. >> I wanted to ask you about the talent shortage in technology because that is something that the CEO talked about, Karen Perlich talked about, too. Is this real dearth of talent in data science. There was a piece in the New York Times just the other day that talked about how data scientists just a PHD can come out and make a half a million dollars in Silicon Valley. What do you think will be the real change and will get more and more graduates into this field. It seems as though the money should be enticement enough. >> That's a million dollar question though. We are in the same boat. >> You're a Massachusetts' based company, it should be. >> Even with that, we are finding a lot of difficulties to get some good data scientists. Because the moment you pass out as data scientist they're asking half a million, so. >> Literally I saw an article the other day. A good data scientist in Silicon Valley can fetch upwards of a half a million per year, so. Imagine in other regions, and now Massachusetts has no shortage of educated, smart people, but still. >> They have that level, then yes. These tools would help, and. Building that artificial intelligence on top of these tools would help, definitely, to have some sort of, not depending on data scientists so much. That even others can do those kind of things. >> So, you might not need the talent in a way. >> I'm looking forward to that because I was listening to your session in the morning. Very impressed with that because that's where I'm also trying to see where the world is heading to. >> So, you make recommendations to your clients about how they should start structure their healthcare insurance plans or employees. Do you have a capability right now within Benefits Science to basically embed a recommendation engine of that sort to help advisors on your staff to work with clients to recommend the right set of options or approaches pulling from the data, that's already there? >> Yes, that's already there. So, we provide recommendations for clients by using these algorithms. So, we have this plan optimization tool. Which will give you, if you do such and such things this is going to go down in the next year. Or there is a plan designed data. So, whenever an enrollment happens the main thing that they look at is what plan they have to sell at for their set of employees. So, every case is unique. So, we put a lot of historical data information and we put those machine-learning algorithms in there and then we come up with. We clean that model with all this data and we predict for each tenant. So, we have that right now. >> Geo, thanks so much for coming on the Cube. It's been really fun talking to you. >> Thanks for having me. >> I'm Rebecca Knight for Jim Kobielus. We will have more from the Cube's live coverage of Pentaho World, just after this. (calm electronica music)