>>live from Atlanta, Georgia. It's the Q covering Answerable Fest 2019. Brought to you by Red Hat. >>Okay, welcome back. Everyone is the live Cube coverage for two days here in Atlanta, Georgia for instable fest. I'm John Furrier, My Coast stupid in with the Cube. Ted Julian, vice president, product management, formerly CEO. Resilient now part of an IBM company. Back to doing V P of product management. Again, you don't really ask. Welcome to welcome back to the Cube. Good to see you. It's a >>pleasure to be here. Thanks. >>So I see product management. Holistic thinking is the big discussion here. The thing that's coming out of this event is configuration management, a siloed point activity now, more of a platform. You're seeing more of a systems architecture thinking going into some of these platform discussion. Security certainly has been there. They're here now. A lot of pressure, the out of things built in with security but maintaining the onslaught of threats and landscape changes going on. That's what you do. >>It's rough out there. >>What what's going on? What are the key trends that customers should be aware of when thinking about configurations? Because automation can help. Yeah, maybe all use cases, but >>way need to do something and because customers definitely need help. The alerts that they're dealing with them both in the volume and the severity is like nothing we've ever seen before. At the same time we're talking about earlier, right, the regulatory impact also really big difference just in the last two or three years. Huge skills, gap shortage also a critical problem. People can't find enough people to do this work. That's very difficult to keep so clearly we need to do something different. And there's no doubt that orchestration and automation and configuration management, as a component of that is we've barely scratched the surface of the potential there. To help solve some of >>the open source is, is helping a lot of people now. Seeing the light first was cloud, the skeptics said. There's no security and cloud now. There is open source securities there, but still, proprietary systems have security. But the mayor may not be talented. Your point, so automation is an opportunity. How are companies dealing with the mishmash or the multi platform solutions that are out there >>at your right to ask the question it is driving, um, the problem in a big way. Years ago we tried this security automation within security, like in the early days of firewalls and the Web and stuff like that, and it didn't go well. Unintended consequences. But think two things have changed. The environments changed, which has raised the stakes for the need to be able to do this stuff to a whole different level. But at the same time, the technology matured enormously. There's been multiple platforms shifts since then, and so security teams. They're both kind of desperate for a better solution, but also better options now than they had before. And so it's for this reason that we're starting to see people adopt orchestration and automation now in a way that we didn't see in the last time around. >>But the thing is that we were hearing here is that people are trying to automate the same things and some of these holes in the infrastructure, whether it's an S three bucket, this is basic stuff. This is not rocket science. Yeah, so on these known use cases, this makes total sense that a playbook or automation could help kind of feel those holes. >>We talk about it as a journey, you know? And I don't think any two organizations journey is the same, nor does it really even need to be the same. So we've seen some customers, for example, take the approach of what's a high volume type of incident that we deal with. And if we could apply orchestration and automation, they were gonna get great our eye right? We see 4000 phishing attacks every month or what have you. And that's certainly one way to do it. Yeah, but those other times with one, >>though, I have to go >>into that point. There's other people that are like, you know, gathering forensics on an end point right now. Incredibly manual process. We need to be able to do that globally. Do we do it every day? No, we don't. But if we could automate that and get those results back in more like a couple hours, as opposed to two days, because the guy we need in Sweden is out of the office or whatever, that could mean the difference between ah, low level incident were able to contain and something that goes global. And so that's the use case we wanna chase, so I don't think there's a right or wrong answer. >>Depends on the environment. Ah, whole host of the whole thing about security is no general purpose software anymore. You have to really make it custom because every environments different. >>I mean, gosh, you guys Aaron Arcee, right? It's nuts. There's thousands of vendors. I mean, there's hundreds of vendors that are really products. They're not the features masquerading as products that are masquerading as companies. But there's a reason why that's been the case, and it's because the risk is so high. >>The desperation to >>yes, exactly good word choice. Yeah. >>So what? One of the things that reminded me of security is this morning hearing about, you know, J P. Morgan going through the transformation from the ticketing system. Tau wait to make a great case study two. I need to be able to automate things. So, you know, we know that response time is so critically important in the security area. So tell us how that meshes together from security and automation toe be able to response, and you know, whether it be patching or, you know, responding to an attack, >>there's huge opportunity gains there on. We've seen customers do some really remarkable things that start with what you're discussing, which is if we could automate that fishing process to a degree and we have 4000 of those a month and we're able to maybe shrink a response time by 80 some or more percent, which is what we've seen. That's a lot of savings right there. And you know, the meat and potatoes there is. You already have a fishing Neil Alias. Probably that that employees report those phishing attacks, too. But what if we just monitored that? We stripped those emails, stripped out the attachments, and we could automate all the manual grunt work that an analyst would otherwise do right? Is that and is there in execute a ble? Is that execute herbal? Unknown bad? What command and control servers is it talk to? Are those known bads those air 10 tabs That analyst could have opening their browser if we could automate all of that. So when they go into the case, it's all just sitting there for them. Huge time saver. >>It's the great proof point of the people plus machines. How do you make make sure that the people that when they get the information, they're not having to do too much grunt work. They get really focused on the things where their expertise in skill sets are needed, as opposed to just buried. You >>nailed it. I mean, automation is a great role to play, but it really is a subset of orchestration. It's when you can bring those two things together and really fuse the people process and technology via orchestration. That's when you get really game changing improvements. >>Talk about the relationship between you guys or silly, unanswerable. Where's the fit? What you guys doing together? Why year give a quick plug for what you working on? >>Yeah, absolutely. So just by working with customers, we kind of discovered that there was this growing groundswell of answerable use within our customer base. It was largely an I T, whereas that IBM resilient. We're selling mainly in a security. Um, and once we uncovered that were like, Oh my gosh, there's all these integrations that already exists. They're already using them for I t use cases on that side of the house, but a lot of the same work needs to be done as part of a security workflow. And so we built our integration where, literally you install that integration into resilient. And we have a visual workflow editor where you can define a sophisticated workflow. And what's that? Integration is in place. All of your instable integrations air there for you. You drag and drop them on near workflow. You can string them all together. I mean, it's really, really powerful. >>It's interesting. Stew and I and David Lattin Ovary Brother Q. Post. We got hundreds of events we see every conference. Everyone's going for the control plane layer. Don't control the data. I mean, it's aspiration, but it's You can't just say it. You gotta earn it. What's happening here is interesting in this country. Configuration management. Little sector is growing up because they control the plumbing, the control of the hardware, the piece parts right to the operating system. So the abstraction lee. It provides great value as it moves up the stack, no doubt, and this is where the impact is, and you guys are seeing it. So this dependency between or the interdependence between software glue that ties the core underpinnings together, whether it's observe ability data. It's not a silo, just context, which they're integrating together. This the collision course? Yeah. What's the impact gonna be here? What's your thesis on this? >>That's why there is such great synergy is because they are really were sort of the domain expertise Doreen experts on the security point of view and our ability to leverage that automation set of functions that answerable provides into this framework where you can define that workflow and all the rest that specific to some security use cases eyes just very, very complimentary to one another. >>This is a new kind of a 2.0 Kana infrastructure dynamic, where this enables program ability. Because if these are the control switch is on the gear and the equipment and the network routes, >>yeah, and where things get really interesting is when you do that in the context of ah, workflow and a case management system, which is part of what we provide, then you get a lot of really valuable metrics that are otherwise lost. If you're purely just at a point to point tool to to automation realm, and that allows you to look at organizational improvements because you're able to marry. Well, first of all, you can do things like better understand what kind of value those I t controls. Air providing you and the automation that you're able to deliver. But you can relate that to your people in your process as well. And so you can see, for example, that while we have two teams, they're doing that the ones in the day shift ones in the night shift. They have access to the same tool sets, but ones more effective than the other. First of all, you know that. But then, having known that you can now drill into that and figure out OK, why is the day shift better than the night shift? And you can say, Oh, well, they're doing things a little bit differently, maybe with how they're orchestrating this other team is, Or maybe they're not orchestrating it. All right? And you're having that. And then now you are able to knowledge share and, um improve that process to drive that continuous improvement. >>So this operational efficiency comes from breaking down these siloed exactly mentality data sets or staff? >>Yeah, and pairing. That was not just as I said, the IittIe automation aspect of weaken now do that 80% faster. But what about the people in the process aspect? We even bring that into the mix as well. You get that next limit layer of insight which kind of allows you to tap into another layer of productivity. >>So this is an alignment issue. This brings that back. The core cultural shift of Dev ups. This is the beginning of what operationalize ng Dev ops looks like. >>Yes. Yeah, >>people are working together. >>It's really, really well put. I mean, it gets back to how this question got started, which is what is this energy? And to me, this energy really is that you have these siloed all too often siloed functions of I t operations and security operations. And this integration between resilient and answerable is the glue that starts to pull those two things together to unlock everything we just talked about. >>Awesome. That's great. >>Yeah, well, you know, research has shown that you know, Dev Ops embracing, delivering and shipping code more frequently actually can improve security. Not You know what? We have to go through this separate process and slow everything down. So are you seeing what? What is that kind of end state organization look like? Oh, >>I mean, that's a huge transformation. And it's something that on the security field we've been struggling with for the longest time, because when we were in kind of a waterfall mode of sort of doing things I mean your timeframe of uncovering a security issue, addressing it in code code, getting deployed to a meaningful enough fashion and over a long enough time to get a benefit that could be years, right? But now that we're in this model, I mean, that could be so much, much more quickly obtained and obviously not only other great just General Roo I improvements that come from that, but your ability to shrink the threat window as a result of this as well as huge and that is crucial because all the same things that us, the good guys they're doing to be able to automate our defenses, the bad guys, they're doing the same thing in terms of how they're automating their attacks. And so we really have to. We have no choice. >>So, Ted, you were acquired by IBM. IBM made quite sizeable acquisition with Red Hat. Tell us what your IBM with danceable. How that should play out >>there is just enormous potential. And answerable is a big, big piece of it, without a doubt. And I think we're just scratching the tip of the iceberg for the benefits. They're just in the from resilience point of view. And, you know, we're not to stay in touch because we have some really interesting things coming down the pike in terms of next gen platforms and the role that that answer will complain those two and how those stretch across the security portfolio with an IBM more broadly and then even beyond that. >>Well, we want to keep in touch. We certainly have initiated Cube coverage this year on security. Cyber little bit going for a broader than the enterprise. Looking at the edge edges. You know about the perimeter. Being just disabled by this new service area takes one penetration lightbulb I p address. So again, organizing and configuring these policy based systems sounds like a configuration problem. Yeah, it is. This is where the software's gonna do it. Ted, Thanks for coming on. Sharing the insights. Any other updates on your front. What do you are most interested in what? Give us a quick update on what you're working on. >>Um, well, we're just getting started with the answerable stuff, so that's particularly notable here, but also kind of modern, modernizing our portfolio, and that really gets to the whole open shift side of the equation and the Red Hat acquisition as well, So not ready to announce anything yet. But some interesting things going on there that that kind of pull this all together and that serve as just one part of the foundation for the marriage between red at 9 p.m. and wanna sneak a value can bring the >>customers any sneak peek at all on the new direct. Sorry time. At least lips sink ships Don't do it. Love to no. >>Blame me for asking. >>Hey, I got a feeling hasn't automation. And somewhere in there Ted, thanks for sharing your insights. It was great to see Cuba coverage here. Danceable fest. I'm jumpers to minimum, breaking out all the action as this new automation feeds A I's gonna change the stack game as data is moving up to stack. This isn't Cube. Bring all the data will be back up to the short break. >>Um