>>Hey everyone. Welcome to the cubes presentation of the AWS startup showcase. This is season two, episode four, where we continue to talk with the AWS ecosystem partners, this topic, cybersecurity protect and detect against threats. I'm your host, Lisa Martin. I've got a new guest with me. Ryan Ferris joins me the VP of products and engineering at Anisha. Ryan. Welcome to the program. Great to have you. >>Thank you so much for having me. >>So let's dig right in. Why are software vendors turning to Anisha to help them address and access the nearly for over 200 billion market public sector, federal market for cloud services? What is that key event? >>Yeah, it's it. If you know anything about FedRAMP and if you've looked into it, it takes a long time to achieve Fedra. So when customers kind of go into this cold and they're from Mars and they're like, what is bed? They usually find that it's an 18 month journey, maybe a 24 month journey. And so Anisha helps shorten that journey with lower costs and faster time to market. So if you're waiting for our revenue stream from say a government entity, we can get you there faster and get you to a, a state of Fedra certified in a shorter time period. And that's the value problem. >>Faster time to value is critical for organizations. So let's look at this journey as you talked about it, what does the path to compliance look like for specifically for AWS customers with a nation and without help us understand the value add? >>Yeah. So if you're doing it without Angen or if you're just kind of doing it yourself, which some customers choose to do, then they have to go on that journey and kind of learn about three primary things. One thing is how do I just write the entire package? Like there there's a thing called an SSP or a, a system security plan. And that thing is maybe seven or 800 pages long. And you have to offer that all by yourself so you can get help with that or not. That's sort of the academic and, and, and tech writing piece of it. There's another piece of it around what does my environment look like? So as I am ruling out this Fedra solution, what are each piece in my environment that needs to be compliant with Fedra? And it's a voluminous amount of things can be either a dozen or maybe up to a hundred things that you have to tweak and change. So there's a technical deployment store here as well. And then the third thing is keeping you compliant in your AWS environment after you've achieved kind of that readiness state. So the journey does not stop once you achieve Fedra, ATO, it goes on and on and on, and Anisha helps customers kind of maintain and keep them there in that fully compliance state after achieving ATO, >>What's the timeframe for AWS customers in terms of going, alright, we realize we're going on this journey. It's challenging. We need An's help. What's the timeframe to get them actually certified. >>Yeah. We look at the timeframe between the moment you deploy and the moment you start writing about that tech, that Fedra package and when you're audit ready, and in the best case scenario, that could be a few months, right? But you're always, your mileage may vary based on kind of your application readiness and how ready you are to pursue that journey. So the fastest happy path is a few months to audit, audit an audit ready state, but then you have, you kinda have to go through a process whereby you're in the queue for Fedra. And that can kind of take maybe an extra few months, but it really is that that three month accelerated timeframe in the best case scenario, >>Got it. Three months accelerated timeframe. Are there other compliance standards that besides Fedra that you help organizations get compliance with? >>Right. So it's a great question. So FedRAMP in and of itself is just really hard to get to. It's just so many things that you have to do, but if you get to that state, it's based off of a standard called missed 853 specifically rev four, that's kind of a mouthful, but once you achieve that state, there's basically 325 controls that come along with fed moderate. And that buys you a lot of leverage in leeway in mapping and sort of crosswalking to other compliance levels. So if you achieve that state, you buy a lot of, kind of goodness with things that map to either PCI or even HIPAA or SOC two. And, and so you, you kind of get a big benefit and sort of a big bang for your buck by having achieved that, that state for Fedra. >>So from an AWS customer, talk to me about, obviously we talked about the time to value the speed with which you enable organizations to achieve compliance and, and readiness. What what's in it for me in terms of working with a nation as an AWS customer. >>Yeah. For, so for AWS specifically our stack, well, we have kind of two versions of our stack. One is meant for Azure and it's kind of cookie cutter and meant for folks that have an entrenched Azure footprint. The other is it's the majority of our market it's folks that want to in accelerator footprint in AWS. So what's in it for you is that Anan kind of presents something that looks pretty similar to a landing zone, but it's a little bit more peppered with complexity and with tuned configurations. So if you're an AWS customer and let's see you've had an environment for the last 5, 6, 7 years, we help you kind of take that environment and enhance it and become FedRAMP ready in a much faster state. And we are leveraging and utilizing a lot of native AWS core services like ECR, for example, is one we're just starting to lean into AWS inspector for bone scans, those types of things. And then kind of when you get up to that audit, ready state and through ATO, we aggregate a lot of that vulnerability information and vulnerability scanning information into a parable readable, actionable format. And most of those things, those gatherings of data are AWS specific functions that we kind of piggyback on. So we're heavily into cloud trail and, and quite heavy into kind of using the things that are already at our fingertips just by deploying into AWS. >>Yeah. Leveraging what they already are familiar with kind of meeting the customers where they are. I think these days is such an important factor to help organizations make the changes as quickly and dynamically as they need to. >>That's right. Yeah. That's perfect. Yeah. A lot of customers, you know, when, when they start on the journey, they kind of, they, they sort of uncover the, uncover the details around, well, I have an application and this application has existed for six or seven years. How do I get this thing FedRAMP ready? And what does onboarding mean to your stack? We try to make that specific step as easy as possible. So when I'm on the phone with prospects and I'm talking to 'em about embarking on a journey, I kind of get them to a mental model where they treat their application VPC or their application environment as sort of a, and we deploy a separate VPC into their, into their cloud account. And then we peer that information. It's kind of getting into the mechanics a little bit, but we try to make it as easy as possible to start doing the things that we're obliged to do for FedRAMP, for their application, like bone scans and, and operationalization of logging and things like that. And then we pull that information into our AIAN managed BPC. And I think once customers really start to understand and sort of synthesize that mental model, then they kind of have this Baha moment. They're like, oh, okay. Now I, now I really understand how your platform can accelerate this journey into a period that is no more than say two or three months of onboarding >>No more than two or three months. That's, that's a nice kind of guarantee for organizations who are you typically engaging with? Is it the CISO level or are there other folks involved in this conversation? >>Yeah, I, the CISO is probably the best persona to engage with, but it so varies from customer to customer and you never really know who's really gonna, oftentimes it's the CEO or, or sometimes it's a champion that might be the CFO or someone that's incentivized to really start getting market share for federal customers that they don't have access to. That might even be a VP of engineering that we're, that we're conversing with. But most often I think the CISO is central because the CISO of course wants to give in details of what does the staff consist of and exactly how are you helping me with this big burden of continuous monitoring that fed Fedra makes me do. And, and where, where do you fit in that story? So it's usually the CSO, >>Usually the CSO, but some of the other personas that you mentioned sounds like it's definitely a C level or at least a, an executive level conversation. >>It is. Yeah. I'll try to divide that a little bit from my persona. Like I, I run engineering and product. I'm usually dealing with a rather talking to and engaging with the CSO, but the folks that cut the check are either either the CEO or the CFO that really want to widen that kind of revenue stream that they don't have access to. And they're the real decision making personas in this deal. Now, after the decision decision is made, then, you know, they're vetting through VPs of engineering or engineering leaders or the CSO. So like the, the folks that pull the purse strings are usually, you know, the ones that are cutting the check to make this investment that is usually the CSO or rather CEO and the CFO. >>Got it. Okay. So if I'm an AWS customer and I'm on this journey for fed re certification, I've, I've been on it for a while. How do I know it's time to raise my hand or pick up the phone and call Anisha? >>Yeah. You know, some customers that we speak with have already tried to do it and maybe they've failed. Maybe they've been like 12 or 14 months into the journey. And they've said things like, we just don't know how to put the package together, or maybe they've engaged with the third party auditor. And the third party auditor has said, sorry, you guys need to go back to the drawing board or maybe they've missed a good percentage of the technical requirements and they need some consultation and advice or a cookie cutter approach. So it kind of, every journey is different when we are engaging. Sometimes folks are just coming in completely cold or maybe they failed. But the more interesting ones, and I think when we can look a little bit more like heroes are the ones that have tried it, and then a year later they come back, they come back to an, and they want that accelerated goodness. >>Do you have a favorite customer story that you think really articulates the value either from a customer who came in cold or a customer who came in after trying it on their own or with another partner for a year that you think really demonstrates the value that AIAN delivers? >>Yeah. There is a customer story that's sort of top of mind and it's, I think the guy primarily stuck in what tooling I'll anonymize the customer, but this customer kind of chose the wrong level of tooling as they embarked on their journey. And by tooling, I mean, let me get a little bit more specific here. You can't just choose any vulnerability scanner, for instance, if it's a SAS product, or if it's sending data or requests outside of your Fedra boundary, then you're gonna run into trouble. And this reference customer, or this prospect at the time kind of had a lot of friction there. So as they were bumping up against that three Pao deadline, they realized they had a lot of work to do. And we simplified that, that part of the journey substantially for them by essentially selecting and spoon feeding them and, and sort of accelerating that part of the deployment and technical journey for them. And they were very delighted by that part of it. >>When you're talking with customers who are in, in a state of, of change and fluxes, who isn't these days, we've seen the acceleration of digital transformation considerably over the last couple of years. How do you talk with them about a nation as an enabler of their digital transformation overall? >>Yeah. Digital transformation. It's a, it's a broad word. Isn't it like for, for customers that are moving from an on-prem world into the cloud world, you have this great opportunity to kind of start from scratch. And so for Anisha, we are deploying and maybe not start from scratch, but when you're moving from an on-prem environment into the cloud, your footprint, you have this really nice opportunity to embrace more of AWS core services and to kind of rebuild things, kind of make your architecture drastically improved, or like look different to be more supportable and like less operational overhead. And so when an nation presents itself as sort of this platform in a walled garden environment, some customers have this aha moment that like, if you're gonna move either a portion of your environment or a specific application to the cloud, AIAN really helps you establish that security within that boundary and that footprint in a, in a much more accelerated fashion, then if you were selecting each part of your security infrastructure and then trying to implement it by hand, and that's kind of where we shine. >>Got it. We talked about the personas that you're typically engaging with depending on the organization, but how do you help enterprise companies who say Anisha, we wanna improve DevOps efficiency. We wanna get our applications secure that are running on AWS and those that we may wanna move to AWS in the future. >>Yeah. This gets into futures a little bit, but part of our roadmap, a little bit of a, a kind of a look around the corner for our roadmap is that since we know so much about the FedRAMP environment and FedRAMP moderate and the standard called this 853, it's a really powerful security view. And it's also a really powerful compliance view. So, you know, as I was saying before that, if you achieve a lot of depth and excellence in nest 853, it buys you a lot of kind of crosswalk and applicability for SOC two and HIPAA and PCI. So for DevOps organizations and for just engineering organizations that want more pre-pro insight, there's no reason why you can't just deploy our platform and our stack in a pre fraud environment to get that security signaling such that you can catch things early and prevent maybe spillage or leakage or security issues to go into production. So one of the things that we're doing on a roadmap is a, a feature that we call compliance insights, whereby we present a frame of missed 853 RAV4 that you can deploy into any environment. And that particularly helps the DevOps role by saying, well, if I just, for example, exposed an S3 bucket to world, then I can catch that configuration, that compliance product and catch it, trap it and fix before it leaks out to. >>So you talked a little bit about kind of some of the things that are coming up on a, on the product side, what's next for Anisha, as we look at we're rounding out calendar year 22 coming into 2023, there's still so much change in the market. We've got to embrace that. What's next for the company. What can we expect from the VP of products and engineering? >>Yeah, I think in two, two big areas here, we're gonna double down on our Fedra offering offering, and just continuously improve it and improve it. We're pretty tempted to lean in more heavily to CMMC. We hear a lot about CMMC kind of on the periphery, but we just haven't quite felt the market pressure to really go after that. But there's definitely something there. And I would anticipate some offering that maps to that specific compliance that, that compliance framework. And then in the enterprise, we just month after month, we discuss more about how we can create more flexibility in our platform, such that commercial customers can get more of that goodness, and sort of more of that consolidation and time to market, particularly for small and mid-sized customers. So we'll be releasing more of those pieces of functionality in 2023 as well. >>So the commercial folks be on the lookout for that. >>Yes, absolutely. That's a huge untapped market for us. We're super excited about it and we'll be a little cagey on in our plans until we kind of get through this early availability period and then probably make a bigger splash in the first half of 2023. >>That sounds appropriate. Where can the audience go to learn more about what you guys are doing and maybe get ahead on some of those teaser that you just mentioned? >>Yeah. I think our marketing folks will push out more data sheets and marketing material on what's to come. And if you ever wanted to be part of this early availability program that I just discussed, or that I mentioned, you can always go to anan.com and ping us, and we'd be happy to have a conversation with you and we'll lift up the hood and allow you to look under there for, and just carry on the conversation around what's to come. >>All right, getting a peek of what's under the hood. That's always exciting, Ryan, thank you for joining me on this program. AWS startup showcase. We appreciate your time, your insights and a peek into what's going on at Anisha. >>Awesome. It was a pleasure. Thank you so much. >>Likewise. We wanna thank you for watching the AWS startup showcase for Ryan Ferris. I'm Lisa Martin stick right here on the, for great content coming your way. Take care.

(bright upbeat music) >> Welcome, everyone, to this Cube conversation. It's part of our season two, episode four of the ongoing AWS Startup Showcase Series. Today's theme, "Cybersecurity: Detect and Protect Against Threats." I'm your host, Lisa Martin. I've got one of our alumni back with us. Rakesh Narasimhan joins me, President and CEO of Anitian. Rakesh, it's great to have you back on the program. >> Thank you very much. Pleasure to be here. >> So some congratulations are in order. I see that Anitian was recently awarded nine global InfoSec awards at RSA conference just this year including couple great titles here hot company and security company of the year. Talk to the audience who knows Anitian what is it doing to enable and empower the digital transformation for enterprises that are, I mean, we've been talking about the acceleration of digital transformation. How is Anitian an enabler of that? >> Thank you again for the opportunity. I think the big change that we brought to the table in Anitian is really what is typically a very manual, complex time consuming and quite expensive process. We've just brought software innovations to it and really that's customers who are trying to do compliance or security in the cloud which just provide a platform that basically accelerates a customer's application migration to cloud. And so that ability is the software innovation that we were able to bring to the space and that just wasn't there before. And so we're just happy that we took the opportunity to innovate there and just bring it to the customers. >> So let's now talk to and address those AWS customers. When you're talking to prospects, existing AWS customers what do you say are the differentiators that makes Anitian so unique when in AWS. >> That's a great question. I think the biggest innovation, the biggest thing that we bring to the table is really an acceleration and timeline and completion of their application. So if you're a customer and you're trying to get into a new market for compliance, for example or you're trying to basically get a new application up and running in a secure environment in either one of those cases, we have a product offering a platform offering that enables you to quickly get up and running and get to production. And that's been the reason why we've enjoyed enormous success in the marketplace in the AWS customer base. >> One of the areas where I see that an Anitian has been very successful is in helping cloud software vendors get FedRAMP compliance and be able to access what is a huge federal market. How are you able to do that? >> Yeah, I think the big thing that we focused on was you have a complete class of SaaS vendors out there who provide enormous innovation that they bring to the marketplace but the government market in general has not been able to participate in it because it again, like I said, it's very complex. It takes time and it's very expensive. And so we focused on that opportunity to really make it easier for all these cloud service providers to be able to bring their innovations to the government market, for example, with FedRAMP and so we help with the automation and the acceleration with our platform offering on top of cloud providers like AWS, and that enables the SaaS provider to offer that opportunity that hitherto is not available to now make it available in the government marketplace. And that's a huge buyer, if you will their budgets are huge. They're still buying even on a downturn in the market even as commercial vendors, who look at that, that market everybody's nervous about it. But if you look at the government market they have budget, they're buying and that needs to be provided to the install base. And so we help make that happen. >> How does that make you unique from a competitive perspective to be able to accelerate veteran for AWS customers in particular? >> I think the biggest issue has always been three things, right? It's complex, it's time consuming but most importantly, how quickly can a company make their software innovations available to a large market has always been sort of the challenge especially in the federal market. So we basically pre-engineering a platform taking care of all the requirements of the standard in compliance and security and then essentially help the customer bring that innovation on top of the AWS environment and making that available to the customers and record time. That's the reason why we're able to enjoy the success. Historically, the space has been very very focused on a lot of consulting folks really providing consulting on an hourly basis. We thought of actually bringing a software oriented approach just like people buy email, they buy service and then all the innovations that come along with it for the subscription that you pay. It's a very similar concept we brought to this space prior to this, either people did it themselves or they hired a lot of consulting folks to tell them what to do. And that could take a long time and then not just time and expense but every single time they made a change they would still, again, have to go redo all that work. We just brought a platform approach which is well understood by now in the industry you pay a subscription, you buy a platform and all the innovations come along for them. So that's huge productivity, time to market but most importantly it enables them to achieve their revenue goals because they're trying to get to market and service the customer, right? So we help them accomplish that in record time. >> So you are really impacting your customer's bottom line. You've been very successful in helping AWS public sector customers to accelerate FedRAMP. As you talked about FedRAMP compliance how are you now switching gears to focus on the AWS commercial customers and even enterprise DevOps teams to be able to accelerate cloud application security? >> Yeah, I think, again we started from a place of humility, if you will. You know, there's a lot of vendors a lot of folks make a lot of claims. We wanted to make sure that we first we're very good at doing something. And that's something was really go after the federal market and the success we achieved in that marketplace had a few insights for ourselves which was people really struggle in all kinds of environments, not just public sector. And what we found is that commercial customers are also trying to go to cloud. They're also dealing with the issues of security in securing their environments. And it's really the DevOps and DevSecOps folks on whom this burden falls. And they have to answer to so many different constituencies in an enterprise company. And so we time and time again while we did the work in FedRAMP we learned that, you know it's not just about compliance. It's also about securing on a base of standards. So how could we provide the same pre-engineered environment for DevOps and DevSecops teams to be able to run that environment for their applications that became an 'aha' for us because we were running into it all the time in the public sector side. So we went and talked to a few customers and said, 'Hey, how about we do the same thing on the commercial side for you?' And I wish I could take credit for this but it's actually not true. It's actually customers who came to us and said, 'Hey you did this really well for us in public sector side. Could you provide the same thing for us in the commercial side?' where it's not about all the documentation and all the audits and things that happen on the compliance side of the house. I just want you to provide an environment so that our DevOps teams could just operate in that environment and Devs can work on it. Can you do that? And we'll pay you. And that was born really our idea of secure cloud enterprise. Our primary offering historically has been secure cloud compliance with a compliance business if you will, where people could go into market and have a completely new market to go after. Whereas in the enterprise side we brought those innovations, those learnings and brought it to a commercial market. And so that's the new product, if you will, that we're launching to service that customer base, if you will. >> So if I'm an AWS customer when do I know it's time to contact Anitian and say, 'Guys we need help and we think you're the right ones to help us accelerate.' >> Yeah, I think it's re really straightforward if you are a customer commercial SaaS vendor, if you will, that runs an AWS and you want to go after a new market then you come to us and we can help you quickly get to all the compliance standards so that you can go sell in the government marketplace. That's an offering we already have, or you are a a brand new company and B2B company and you're developing an application and you want a pre-engineered environment that passes all the security standards so that you don't have to worry about it. You have a subscription to AWS and you have a subscription to us. And then that basically provides you a secure environment in which you can start developing your applications and start developing, deploying them much like your DevOps cycle would work. So we provide that basis already for you. So if you're a customer on the B2B side and you're going to cloud to get your applications to the marketplace on AWS, we're a great solution for you to actually have that engineered platform in place already. So those are the two areas where you can contact us and we can help you out. >> And talk to me about when you are in customer conversations especially as we've had such challenging times the last couple of years, how have those customer conversations changed and evolved? Are you seeing an acceleration up the C-suite stack? Is this a key priority for the CEO and his or her team? >> Yeah, I think it's a phenomenal point. I think security's always been top of mind for folks, not just the C-suite, but in boardrooms as well. But you know, the key thing we found is that even in a down market, sometimes in the environment that is playing out in the macro environment. I think the thing that has not changed is people are still trying to figure out how to make their dollar go further. And how do I get a better return on investment? So if you look at our compliance business that growth is all about that market is growing. There's still opportunity, and people are still having budgets and spending. So commercial companies are still trying to figure out how can I extend my market reach into new markets? So that's an area that the C-suite is really interested in. Funny enough, you would think in the cyber world it's a CSOs who are the ones who actually are looking for solutions from us that certainly an audience but CEOs and CROs are the folks who really clamor for our solution because it is their ability to enter a new market and go after a new budget that can grow their business and have an ROI pretty quickly. That's the ability for them to make that decision. So it's very pertinent to their buying behavior that we have aligned ourselves to very simply put by engaging us. They get to go after a new market to establish a new line of revenue they didn't have before. So that's always interesting to any C-suite member as you can imagine. And that's the compliance side. >> Absolutely establishing new revenue streams is huge and that's a big competitive differentiator. We've seen a lot of customers that weren't able in any industry to do that during the challenging pandemic times. And that is a game changer for organizations across industries. >> Exactly, exactly. And wishing that play out, not just on that side, but even on the commercial side where people are also trying to figure out how do I basically make sure it's pre-done so that it's one less thing for me to have to worry about so that I can be more productive. I can get to market pretty quickly which means I can, again, deliver to my customers quickly which means revenue for them as well. So we are the security business, but really if you notice we're solving a business problem for our customers and we're aligned to their ROI so that it's relatively easier for them to make a decision. They certainly get security in compliance but the bigger benefit for them is to grow their business itself. So we are trying to accelerate that momentum for them. >> That's critical, and I'm sure your customers really appreciate the impact that you're having on their growth, their ability to deliver to what I can only presume is their demanding customers. As one of the things I know that's been in short supply the last couple of years, is patience and tolerance. Is there Rakesh a customer story that you think really articulates the value of what Anitian is delivering? Maybe a favorite customer story that you mentioned when you're giving talks? >> Sure, sure. We really have a very customer base across the landscape. If you think about our compliance business, Smartsheet is a great example who partnered early. They were not even in the cloud before. And then that's a great example with AWS where the three of us work together to offer Smartsheet the collaboration software public SaaS company, if you will, who really established themselves and differentiated themselves in the marketplace by offering that on AWS. And we helped them accomplish their FedRAMP itself not just for once, but you know they've been great customers of ours multiple renewals over the years and every single year that the business that they get on the federal sizes increased because of the work that they did first with us. And so, you know, we've look for more opportunities with them, certainly on that part. And increasingly we start thinking about where else can we help them grow? Because typically most customers have a thing to solve on a compliance standard, but it turns out that the compliance journey is, you know some companies are trying to do Socto to be able to even sell. Then you want to do electronic commerce. You might have to do PCI or you want to sell under the federal government. You'll have to do FedRAMP and FedRAMP has moderate, high but depending on the customers you have, including DOD and once you get to DOD, they'll ask for IL4 and IL5. So these are different compliance regimes. If you will think of them as a journey and we want to be the company that provides a seamless progression for customers as they're on that journey so that we can actually deliver something of value. We're not interested in nickel and diamond customers and charging them by the hour, we're a platform player. We want to make sure that they use it to basically get their ROI and growth happening. And we just take care of the hard part of making sure that they're in compliance, right? And similarly, we're bringing the same idea like Smartsheet. I told you about to a commercial marketplace of customers who can do the same thing for commercial apps in the cloud. And so that gives us a very clean way for customers to really become not just productive, but satisfy their customers quickly and hence grow their business. And we celebrate that collaboration and all of that happens because of AWS and our ability to focus on those customers >> Sounds like a great partnership and definite synergy there on I know, and, you know as well, how customer obsessed in their own words AWS. Speaking of customers one more question for you in terms of being on that journey that compliance journey, which isn't a destination, right? It's probably a zigzaggy path. Do you work with customers that both haven't started the process to FedRAMP plans or those that maybe have with a competitor are running into roadblocks? Are those both routes to market for you? >> Yeah, we interestingly enough historically we used to see a lot of folks who have tried to do it themselves and found it hard or for a variety of reasons they just gave up. And so they would come to us. We have also examples of customers who have tried to go down the consulting path and has not worked and come to us so that it's sort of a broken project. We start from there, but a majority of our business is people who've gotten a contract from one of the agencies. Then they're like, 'oh now what!' We need to get this done before September. And so what's the quickest way to get there. And generally that's where we can help you because we are the best, fastest way to get there. And so we get that mix of customers people who have already tried hasn't worked out people who have tried with other folks hasn't worked out, but a majority of the folks are people who don't even know, you know how to go about doing it, but they know they have to do it in order for them to keep the customer that they've won one of the agencies, if you will. So that has given us a very healthy perspective on how to help customers of different kinds in that journey. The other thing is, you know, we've grown tremendously in the last couple of years. And the other thing we learned is every customer is different. And we tried to bring a very common approach to addressing this problem. Even though customers come in all shapes and forms we have startup companies in, you know early forms of maturity. And we have like really iconic, you know unicorn companies who we've helped go through FedRAMP. So the gamut is large, but you know we're learning a lot by doing this. And I think that's the key thing for me. I want our company to be one that is growing with innovation, but at the same time keeping flexibility in our approach so that we are not just learning new things, we're delivering on the harder problems our customers are facing. Cause I think that's where software innovation can really play a big differentiating role. And that's the reason why I always enjoyed being at Anitian and growing the business and keeping the company really, fast moving and innovative. >> Speaking of being fast moving and innovative here we are coming up on the fourth quarter of calendar year 22, what's next for Anitian? What are some of the exciting things that have you pumped up? Have you mojo going for what's next for the rest of the year? >> Yeah, I think a big portion of my enthusiasm for the company and the road ahead is I think it's rare if you look at the industry, oftentimes you see companies that start out with a single solution and then are able to grow from there. One of the best advantages Anitian has is this platform centric approach to do compliance on the journey I talked about. So if you think about that journey every customer that is going to cloud has this challenge that, they either have to comply do a bunch of standards, one or many. And then how do I do that in a platform approach in a common way so that I don't have to worry about it. I play a subscription and I am just protected by that. And I actually get the marketplace. So that's a tremendous journey we are on. We've only done a few of them and we have a whole new set of compliance standards coming on our platform. So that's one way, look forward to that. The other one I'm really looking forward to is the commercial customers. There's a huge opportunity for people to really know that they're sitting on top of a very secure environment in AWS. And how do I quickly propel myself into the marketplace so that I can be differentiated. I can get to market quickly but I can also make sure my innovations are getting to the marketplace as a customer, right? So I think I'm really excited about the things we are bringing to market just not just this year, but next year early next year on the compliance side, as well as the commercial side, that'll actually differentiate us and make it a lasting part of a customer's journey. And that's, I think the best thing you can hope for building a lasting company where your innovations are powering the productivity of your customers in a meaningful manner. And I always feel proud of the team. You mentioned the awards, but honestly more than anything else, we've put together a great team. And the team does a tremendous job with a very good ecosystem of partners. And our humility is it's not just us it's the ecosystem together. And the partnership with Amazon that helps us be the company we are able to be. We live in really story times and we're lucky to be part of this opportunity if you will. >> Yeah better together. That ecosystem is incredibly powerful. Thank you so much Rakesh for talking about what's going on at Anition, how you're helping customers, accelerate FedRAMP compliance, what you're doing in the commercial space and how you're helping your customers really improve their bottom line. We thank you so much for partnering with the Cube for season two, episode four of the AWS startup showcase. >> My pleasure. Thank you very much. >> And we want to thank you for watching but keep it right here for more action on the Cube which as you know, is your leader in tech coverage. I'm Lisa Martin. See you next time. (lively music)

(upbeat music) >> Hello and welcome today's session of the cube presentation of the 80 best startup showcase. The next big thing in security featuring Anitian for the security track. I'm your host John Furrier. We're here with the CEO of Anitian, Rakesh Narasimhan, and Aditya Muppavarapu global segment leader of Dev ops for 80 minutes partner network, Rakesh, Aditya, Thanks for coming on. Appreciate it. >> Thank you very much, John. Pleasure is mine. >> So this is the track session. We're going to get into the, the into the details on the leadership of digital transformation and dev sec ops automation, cloud security and compliance. So let's get started. But first Rakesh, we last talked you guys had some awards, RSA conference, 2021, virtual. You guys got some serious awards. Give us the update. >> Yeah, thank you very much, John. Yeah, we were, you know, humbled to be recognized. You know, industry recognition is always a great thing. We deliver value for customers and the industry is recognizing it. So at the RSA conference, we got seven different awards you know, very excited that we were chosen for, you know publishers choice and security company of the year editor's choice and blood security and heart company in cloud security automation. So really thrilled about the recognition thanks. >> Awesome. Seven awards. I mean, RSA is obviously a show that's in transition itself. They're transforming no longer part of Dell technologies now kind of on their own kind of speaks to the wave we're in. So congratulations on the success. They're hot startup here in security track. Give us a quick overview what you guys are enabling because this transformation is everywhere. It's in every sector, it's in every vertical dev sec ops shifting left, you know day two operations get ops. All. This is all talking to one thing, developer, productivity programmable infrastructure with security. Rakesh give us a quick overview of >> Yeah. Exactly. Right. John, I think there's a big shift happening obviously to the cloud and, you know, affects every one of our lives in productivity in enterprise applications, consumers you name it. There's a huge change happening, but central to that theme is security. And so it's one of the areas we focus on Anitian is the fastest way for both existing and new applications to be developed in the cloud. And so we make sure that you can get there fastest time to value and time to revenue pretty quickly by providing the best secure and compliance environment for you. That's really the core of what we do as a company. And we look forward to helping all of our customers and the industry >> Aditya you're a global segment lead at AWS partner network. You seeing on successful companies, you've got a winner here, obviously a success story. I want to get your take on this because this is a trend in cloud native scale, you know, heart, you know horizontally scalable, large scale, but shifting left, okay. Get ops big topics where code is being inspected in real time. People want automation. So I've got to ask you, what does shift left mean to to being out there and this in the security world? What does that mean? >> So, instead of applying your security and compliance guard rails only in production, we also need to apply them across your application development and delivery cycles. Instead of having one gate that becomes a bottleneck we should have multiple checkpoints at various stages. This provides a fast feedback for the developers while they're still in the context of developing that feature. So it's easier and less expensive fix the issues and what it is not is this doesn't mean you move all your focus to dev and ignore production. It also doesn't mean developers are now responsible for security and you can get rid of your security teams. We needed a process and a mechanism in place to leverage the expertise off the security teams and offer their services to the developers very early on in the development cycles, thereby enabling and empowering developers to write secure and compliant code >> I mean, to me not to put my old school hat on, but it's, you know I think to me, I view it as security at the point of coding right at the point of, I don't want to say point of sale but the point of writing the code and the old days it used to be like a patches and getting updates and provisioned into, into production. Same that kind of concept. But as a developer, that's kind of the focus is getting the latest knowledge either through tools and technologies to make it easier for me as a developer to inject at the point of code. Is that right? >> That's right. Yeah. >> So what makes Anitian so different and what's successful within AWS? That's, what's the why the success there? Can you share with us why they're so unique in AWS? >> So I think the biggest case for that is really you know, security, oftentimes security is thought of as an impediment sometimes actually believe it or not. So the configuration, the management, the deployment all of that, you got to be able to do and you got to be able to do that at scale. The great thing about the cloud at is scale and a big portion of that is automation. So what we at Anitian have done is taken that lifecycle of taking, you know applications on a variety of states. If you will, if you're trying to get to production you're trying to do one of two things. You're either you're trying to get into a compliance standard, like Fed Ramp you want a very predictable process, or you're just trying to get an application secure pretty quickly. So how can you do either one of those things becomes the challenge and we help you do that by having a pre-engineered environment where configuration defining deployment all that becomes very consistent and very predictable which means we've automated it in a way that it can scale. You can sort of almost have this regularly happening and not just one application with multiple applications for any company. That is, I think the biggest obstacle that has happened for a lot of folks in the enterprise for sure, to try to get to production and keep that cycle going continuously. And we help with that in a big way. That's one of the reasons why we're having a lot of adoption customers working with partners of course and getting industry recognition for it. >> Yeah. I mean, this is one of the benefits of cloud. I want to get you guys both reaction to this, where as things get going, it's kind of like that, you're you you got to take advantage. You can take advantage of all these solutions. So how many of his customer, I want to look for solutions that help me move the ball forward, not backwards right? So, or help me move the ball forward without building anything that I don't need or that's already been built. So here it sounds like if I get this right Anitian is saying, Hey if you're an Amazon customer I can accelerate you with Fed Ramp compliance. So you don't have to spend all these cycle times getting ready or hiring or operationalizing it is that right? I mean, is that the value proposition? >> They're very accurate, John. So what happens is, you know, we're working with Amazon web services, who's really innovated quite a bit in building all the building blocks, if you will. And so, you know, we're standing on the shoulders of giants if you will, to basically get the max level of automation and acceleration happen. So that just like customers have gotten used to not having to buy servers, but guide, compute and storage. If you will, now they're able to secure and also become compliant with the services that we offer. That level of acceleration I think is needed. If you believe that there's going to be a lot more cloud applications, lot more cloud. If you're going to achieve scale, you've got to automate. And if you want to automate, but secure as well you need a mechanism to doing that. That's really where Anitian comes in, if you will. >> Yeah. And I think Fedramp to me is just a great low hanging fruit example because everyone wants to get into the public sector market. They know how hard it is. Kind of like, you know, we want to do it, but stand in line we've got to get some resources. I'm not kind of get that. But the question I want to get to you Rakesh and Aditya is the bigger picture, which is, as you said more cloud applications are coming. So customers in the enterprise have, have or are building fast dev ops teams accelerate the security paradigm. How do you help those, those folks? Because that's really kind of where the action's going. The puck is going to go there too. Right? So beyond Fed Ramp there's other things >> Right? So I think, I think the way we approached it is really, there's like at least two different sets of customers, right? In the federal market itself. You just think about a commercial SAS companies who are trying to enter the, the, the, the the public sector market. Well, you need to clear a standard like Fed Ramp. So we're the fastest way to not just complete it but be able to start selling and producing revenue. That'd be market per using that functionality. If you will, to that market. Similarly, there's a lot of public sector organizations who are trying to move to the cloud because they have traditionally developed applications and architectures based on what they've done over the last 20 plus years. Well guess what, they're also trying to migrate. So how do you help both commercial companies as well as public sector companies transition, if you will to the cloud in a secure way, but also meeting a public standard. We're helping both those organizations to do that migration and that journey if you will, but it's premised on with pre-engineered it, it's the fastest way for you to get there for you to be able to provide your capability and functionality to the larger marketplace. That's one of the main reasons why I think the productivity jump is enormously high because that's how you get to larger marketplace, if you will, to serve that market >> Aditya. So they have to change your title from global segment leader, dev ops to dev sec ops 80 of his partner network here with this solution in a way it's kind of becoming standard. >> Yeah. Security is getting him embedded into all of your development and delivery life cycle. So that dev sec Ops is becoming more and more critical with customers migrating to the cloud and modernizing their applications. >> How much has automation playing into this? Because one of the things we're talking about fueling digital transformation is the automation component of the security piece here Rakesh How important is automation and what how do you set yourself up for that to be successful? >> That's big question. I think that the big key to that is automation. I think automation is there in general in the cloud space. People expect it, frankly. But I think that the key thing what we have done is pre-integrated not just our platform but a variety of the partner ecosystem are on AWS. And so when a customer is looking forward to taking an application and going to the cloud they're not just getting functionality from us and AWS but also a lot of partner functionality around it so that they don't have to build it. Remember this discussion we had earlier about how do you jumpstart that? Well, it's, it's, it's really, instead of them having the best of breed assemble we've pre done it for them, which means it's predictable, it's consistent it's configured correctly. They can rely on it. That allows us to be able to help them move faster which means they can go serve larger markets and obviously make money around it. >> Rakesh, I got to follow up on that and ask you specifically around this business model. Obviously cloud has become great service. Everyone kind of knows that and then kind of sees the edge coming next and all these other issues that are going to provide more opportunities. But I got to ask you for your company what industries and business models are you disrupting? >> Yeah, I think primarily to we're a classic example of software eating the world, right? Primarily what happens is most of the folks that certainly in the compliance arena are really trying to figure out how to do it themselves, right? And then that's primarily the group of people who are sort of trying to figure that out. And then there's a class of who do consulting who are trying to consult with you and what you should do. And we have taken a very software oriented approach built on Amazon that we will not only help you fast forward that but also, you know, get you compliant but also keep you compliant because it's a cycle much like in other industries you've seen there used to be a time when people that email and they used to run email servers and ran the email servers and backups and things of that nature that transitioned over time where people procure that service from somebody else. And it's still a secure, it's still a scalable and they can rely on that service without having to be in that business if you will. So we see us disrupting the consulting and do it yourself world to actually providing a dependable service out there that you can rely on for security and compliance. >> Awesome. Aditya, I got to ask you on the Amazon side obviously you see a lot of it there. What are some of the challenges that you see with security? >> One of the main challenges I see that is that the landscape itself is rapidly changing. As customers are migrating to the cloud and modernizing what used to be a simple monolithic application running on a server and a office or a data center is now distributed hybrid and spans across development practices like microservices managed services, packaged applications, et cetera and also in the infrastructure platform choices have dramatically increased to from on-prem to call data centers, to edge computing, IOT VMs containers, serverless a lot more options. All these leads to more complexity and it increased the number of threat vectors exponentially though this advancement was great from a usability perspective. It now created a whole slew of challenges. This, this is complex. It's very hard to keep up. It's not something you set and forget. One needs to make sure you have the right guardrails in place to make sure you're continuously compliant with with your own policies are also with regulatory compliance frameworks that are needed for your business. Like GDPR, PCI, DSS, Nast, HIPAA Sox, Fed Ramp, et cetera >> For Rakesh. We're specifically on the dev ops efficiency with Amazon. What do you guys, what's your top few value proposition points? You say >> Biggest value proposition honestly is keeping and maintaining security while you're in compliance at scale with speed. I think those are big issues for companies. Like if you, if you're a company you're trying to be in the cloud, you want to enter the federal market. For example, you got to get that quickly. So what could take a lot of money? 18 - 24 months, our prawn malleable we've just completely automated back. And so within a quarter, depending on quickly the two organizations can work. We can get you into the marketplace. That that speed is of enormous value to companies. But also to remember that as Aditya pointed out there's a lot of complexity in the kind of architecture that is evolved but we have to feel like people like in the issue of what we can help customers would is as much as you take advantage of all the cloud style architecture providing the simplicity of providing security consistently and providing compliance consistently quickly. I think there'll always be a value for that because people are always trying to get faster and cheaper quicker. And I think we're able to do that. But remember, security is not just about fast. It's got to be secure, right? We got to be effective, not just efficient but I think that's a big value prop that we're able to bring to the table on AWS. >> Well I want to go, I got you here. I'll see what showcasing you guys as the hot startup who is your customer on Amazon? I'll see, you have customers that sell in marketplace for fedramp. That's a huge, that's the people who are in business to sell software but also other enterprises as well. Right? So could you just quickly break down your customers? And then when do they know it's time to call a Anitian? >> Yeah, so we have two large groups of customers. If you will. Certainly the commercial segment, as well as in the public sector and the commercial side, you have lots of companies in the cyber security enterprise collaboration as a little robotic process automation, all those categories of companies in the commercial environment they're trying to enter the public sector federal market to go sell their services. Well, you have to get compliant. We are the fastest path to get you there time to value type of revenue we can accomplish for you. That's a group of customers we, we have in market. And then we have the other side, which is a lot of government agencies who are themselves trying to migrate to the cloud. So if you're trying to get your applications for sure once on hybrid or on-premise, and you're trying to go to the AWS cloud, well, we're a great way for you to have a pre-engineered environment into which you can move in. So not only are you secure it's, pre-built, it can scale to the cloud that you're in front of migrate to. So we have both those particular sites if you will, of the marketplace. And then in market, we have lots of agencies, big and small and the government side, but also all these categories in the commercial side that I mentioned >> For Rakesh, Anitian's helping a lot of companies sell them to the public sector market. How big is the public sector federal market >> Right? Yeah. Billions of dollars. More than $250 billion is what people say but it's a very large market, but, but remember it's any any commercial SAS company who's trying to go into that federal market is a target market. We can help that customer get in into that market. >> And just real quick, their choice alternative to not working with the Anitian is what? months the pain. And what's the heavy lift as Andy Jassy would say the heavy lifting, undifferentiated lifting a lot of paperwork, a lot of hoops to jump through. Good. Can you just paint a picture of the paths with, and without >> There's three key areas that I think customers or, you know companies have to do, A. they have to understand the standard B. They have to really figure out the technology the integration, the partners, and the platform itself. It's a lift to basically get all of that together and then actually produce the documentation produce all the configuration and in a repeatable way. And that's just to get one application up there. Well, guess what? Not only do you need to get that up there you need to keep that compliant. And then our future standards come in. You need to go upgrade to that. So the best way for me to describe that is either you you come to the Anitian and we make that age just a service that is subscribed to to keep you compliant and grow or you can try to build it yourself, or you try to go get consulting companies to tell you what to do. You still have to do the work. So those are your sort of choices, if you will, which is one of the reasons why we're enjoying the growth we are because we're making it easy and productive for for companies to get there faster. >> Aditya, I want to get to you real quick. Obviously AWS partnering, they're also known as APN. You guys see some of the best hot startups. They all kind of have the same pattern like this. They do something that's hard. They make it easier. They go faster, more. Cost-effective what's the pattern in this cloud-scale world as startups. We're going to be featuring, you know, every as much as we can hot startups coming out of your network, there's a pattern here. What would you say? They are? Well as the DevOps obviously cloud native, besides iterate, move faster. What's the pattern you're seeing for the successful companies. >> It's like, like Andy's says, it's figuring out how to continuously reinvent yourself is the key to stay successful in this market. >> Awesome. For Rakesh, real big success. Congratulations on your awards. I got to ask you, we're asking all the, all the companies this question, what is your defining contribution to the future of cloud scale? >> Great question. I think when I think about what can be accomplished in the future, not just in the past, I think cloud is a huge phenomenon that has completely up-ended the architecture for all sorts of things commercial government, you know, consumer and enterprise. If you will, I would think we would be humbly the people who will ensure that lots of B2B companies and government organizations are able to move to the cloud and are able to be secure and compliant because I believe that there'll be more and more of that happening in the cloud. And the more that is available, just like the commercial world is takes advantage of all those features. I feel like public government organizations also can accomplish the same things very quickly because of folks like us, which means you have a larger segment of population that you can support. That's only going to make the planet more successful. I'm a big optimist when it comes to tech. I know there's a lot of folks who would look down upon tech or I'll think about it as not great. I'm a very big optimist around tech improving people's lives. And I think we have our own humble role in enabling that to happen in the security and compliance >> Well, anything, in my opinion I'm really a big fan of your work and your team. Anything that could bring great innovation into the public sector faster and more effective as good win for society. So I think it's a great mission. Thanks for, for sharing and congratulations on your awards and thanks for being part of our 80 best startup showcase. Appreciate it Rakesh thank you >> Thank you. >> Okay. This is the cube coverage of 80 startup showcase. I'm John for your host of the cube. This is the next big thing in security Anitian in the security track. Thanks for watching. (Up beat music)

>> Narrator: From the cube studios in Palo Alto, in Boston connecting with thought leaders all around the world. This is a CUBE conversation. >> Hi, welcome to this CUBE conversation. I'm John Furrier, host of the cube here in Palo Alto studios for a great startup showcase preview Rakesh Narasimhan, president and CEO of Anitian, great company, hot startup really getting a great tailwind with COVID and their technology, Rakesh great to see you. Thanks for coming on theCUBE >> Thank you for the opportunity John, great to be here. >> So you guys have a very strong company, a lot of growth a lot of action happening around public private sector. Obviously with cloud scale, we've seen a lot of benefits but the COVID and now the growth plans coming out of COVID. As people start to think about post COVID recovery. Cloud is a big part of it. You guys have been taking a big success playbook out of cloud scale. Take a minute to explain, before I get into some of my questions around what you guys are doing and your value proposition. Talk about the company. What do you guys do? What's the purpose? Why do you exist? >> Wait, thanks again, good to be here. Talking about a mission as well as the story of growth here. Our primary value proposition as a company is really helping customers both in government, as well as commercial achieve compliance and security in the fastest time possible. Lots of companies are going through a digital transformation, but you know public sector, there's a lot of speed that they require in terms of moving their applications. People are trying to go to the cloud. And when I talk to customers I hear three things all the time. A they're trying to move to the cloud. B, they're trying to, you know, remote was always there, but COVID has dramatically compressed the time in which everybody has to provide the functionality right now. And lastly, securing the apps and data. Those are the three priorities we hear from customers all the time. Anitian as a company is able to dramatically get you time to market and time to value on both your compliance and security needs. That's really why the cabin was formed. This is a space where premiere really most of the people are manual time tasks and it's a classic software play to basically go transform that and automate that. >> Okay, great. Thanks for the overview. Get it, get it, get in and talk about the value proposition specifically that you guys offer. Are you guys targeting the enterprise? Is it public sector or is it both? What's the target audience, target customer that you're going after and why would they want to engage with you guys? >> Yeah, so I think it's a it's a timely space where there's a lot of commercials software as a service companies who are trying to expand into the larger government market. And to do that, you've got to be compliant on some sort of standard if you will. Right? And so let's take an example. It's FedRAMP. So we've taken a ton of essay in a SaaS companies, if you will we're trying get into the market and we get them within 60 to 90 days into a compliance. In the time of a quarter, a SaaS company can enter a federal market the ability to sell it on the cost of doing it is recouped in the first deal that they make. So time to speed and time to actually be able to go expand into a vertical market is one of the main value propositions on the SaaS side of house. Also, we have a lot of government agencies who are trying to move to the cloud. And so if you look at Amazon, they're trying to get a lot of customers who are going to adopt the cloud. We provide a pre-engineered solution that integrates all the, the, the value of partners along with Amazon and bring those applications from government agencies to the cloud. So on both sides, both getting public sector companies or agencies, we're trying to get to the cloud as well as SaaS companies who are trying to get a, you know joining a market where it just enabling and accelerating the time to market. That's a huge ROI of right away >> As an amazing value proposition. You're on both sides of the fence. They are playing, you know kind of the in-between moving people around, back and forth helping people back and forth. If I get this right, let me just see if I get this right. So you guys, so almost say I'm a fast growing startup. born in the cloud. Amazon has a zillion of partners that are that are kicking butt. They're doing great. I say, Hey, I want to get into the public sector or the public sector or an agency wants to work with a startup. Then the old world was you got to go stand in line, get certified, do all those hoops to get certified FedRAMP or whatever, and then or hire staff to go, you know, be government sector. And then that was the old way. You guys essentially shortcut that by saying you provide a platform to allow me, the customer was enterprise customer who's a Saas get into the market faster. Is that right? >> That's right. I think that a big portion of that is, you know there's only two kinds, right? People who are trying to do it themselves or people who are trying to get consultants to tell them what to do our value proposition is why are you like you're in a business to do something very specific getting a secure and compliant. It's something we can do for you, but time, money quickly. But the most important thing is it's not a one and done thing, right? So this is, this is where we come in. And just like what the email security business used to be, right? People used to run their own email servers to run their email. Well, who does that anymore right? Well, most of them have actually gone out. We did a similar example of getting compliance for other companies and we actually do it through software and we have an ongoing relationship and make sure that that current compliance is maintained, but also other compliances you can see that come up we're able to help them upgrade cycle. >> Well, that's a great point. Well, you know, the cloud scales it's not one and done it's one and continue because you have iteration you have day two operations. You have all these kinds of cloud ops that require that kind of ongoing. I won't say maintenance. It's not maintenance anymore. It used to be maintenance. Now it's like, you know, it's operations it's a new feature. >> You're doing intervention, but it's, you're not done yet. You have to keep evolving as the market evolves. We've got customers not paying us for just one thing that would have been three years ago. We've got to keep that refreshed. And also more current and up to date which is one of the benefits of cloud, right? It can move quickly, but it can also bring new things to the market pretty quickly as well. So they benefit because of the inventions we're doing and the partner ecosystem around us. >> It's a classic case of software new marketplaces that exist new ways of doing business. It's a whole new wave. It's an old way. It's getting, getting trashed in my opinion in new ways, coming in fast >> When you have to evolve, right? Architectures evolve, time goes on and new things come up right? >> Hybrid, hybrid cloud too is forcing this big time because you have now environments and an organizations shifting now multiple clouds, multiple vendors integrating quickly huge challenge. >> I think it's a fair point, John. But one of the things I always remember is, you know you have to be effective first and then once you're effective, you can become efficient. In other words, it's good that customers have an option to have a software platform to go get their compliance and security needs done. If you could do that on one cloud, that it solves and then you're going to go to multiple clouds and you know, it has been a great partner to make sure that they are making everything available for us to be able to build a great solution on the platform and its ecosystem around it which helps us basically be the equivalent of, you know standing on the giants, giant shoulders, if you will to bring that value to the marketplace. >> So what do you guys do? That's unique for inside Amazon, for Amazon startups? Why are you guys successful in helping these companies do the fedRAMP thing? What's the big secret sauce? >> Yeah, so there's actually three separate parts to it. First is we actually have worked already with a fair amount of folks who actually provide functionality on Amazon. So for example, a FedRAMP solution might require us to work with a SIM vendor and endpoint protection as well as container security, if you will. So we've worked with vendors who already work on Amazon, AWS, and pre-integrated that into the environment so that when we go deploy, for the customer's application that's not something they have to worry about. It's already there. The licensing is there, the deployment is ready. They don't have to do any of that. So that's pre-integration you could think about it. Then there's the automation provided by our platform itself. We have a platform that we deploy into the account. And so all the innovations that we are doing about taking the integration and then automating all the requirements for the security controls that are part of standard such as FedRAMP, for example. So once you do the pre-integration and you have software innovation from us and the third part we provide is a actual SecOps service, which is based on the platform. We actually help the customer, not have to worry about the threat hunting, threat mitigation itself. It's a service available all the time. And so the combination of those three things it turns out is sort of the biggest headache for customers, whether you're in commercial SaaS vendor or if you're in the agency side, we are sort of a one-stop shop to get you there and compliance. Similarly, we have an offering called secure cloud. And what happened is a little story for you. We started doing this compliance automation and as we were doing them a lot of commercial companies looked at that and say you know what I like about what you folks are doing? You sort of standardize the way we deploy a secure environment. So, you know, we like the security guys in our organization and the like it, because it complies with the security controls, the business guys like it because you're doing it in a certain budget and time the dev guys like it because we're not telling them what to do. We have created a secure environment and they liked developing in it, but they have ops folks are the ones that really benefit from having to make sure that security guys like it, it's in budget and the developers can be productive. That aha moment actually came from customers to it. They said, I like what you did for compliance automation any that different other applications. And that's how we got under the secure cloud business as well. >> Yeah. It's, it's funny how these aha moments happen because you solve the need and people go, Hey, I want more of that. And I see why software vendors would want to turn to you to help sell into that huge federal market. It's just, it's so much faster and it takes the pain away. They get in market fast. It's a cloud value proposition get in quickly and then you know, get a position and keep solving value there. So I got the question, if that's, if that's happening which it is, who are you disrupting? What industries and business models are you changing or replacing? What's that, what's the big disruption? >> I see, you know, in the compliance side, there's there's really two, two sides there's compliance. And then the security, right? And the compliance side I see really people who are trying to do it themselves. You know, that's still is a large portion of the market that they haven't realized that, you know this is not a core competency of ours. We just need to have somebody else do this for us. I think that's generally, mostly we ran into and over time they don't get the FedRAMP or PCI compliance. And then they come to us. We got a lot of customers who come to us because they've tried and failed. And so they want to get on with us because of our growth in the marketplace. So that's one and second is a larger market is really in the compliance side. Historically has been a lot of consulting companies. They, they ship bodies to your company and that's what they do. And that's for a particular FedRAMP compliance regime. The next year, you want to do something else, guess what? We're going to go higher and more consultants to that market. So we basically provide a software approach to automating the need for the customer have basically started really disrupting that market against traditional competitors if you will. So that's compliance and the secure cloud, it's not very different. If you can imagine going back 15, 20 years if somebody told you, that the way you will buy compute storage and networking is you will go to a website and you'll sign up with an account and procure it. People would probably run you out of the room at that time, because they'd be like, Hey I'll buy from one of the vendors they'll ship. They'll come to my building the rack and stack them. Well, that changed dramatically over time because of the acceleration, we're doing something similar which is why do I need to assemble an endpoint solution or a firewall or something else? And by the way, by the time I do this next year there's a new vendor saying that they have something better, right? So we have done something similar to the journey we're on. If the pre integrate pre provide functionality from the best vendors out there. So the customer's applications can be in that environment benefiting from all that invention the ecosystem and the cloud provider themselves instead of having to worry about am I getting the right end point solution or firewall or STEM, and do I have it configured properly? And is this the best combination of things I have? Will you basically provide that functionality so that they don't have to think about that? And that reflects in the results we're having. >> It's amazing disruption. I think you brought up earlier devops efficiency and security applicant and your application in a way you got dev the DevOps, ethos, now dev sec ops is being applied to compliance. I mean basically, it's your compliance automation platform software but Devops and security ethos DevSecOps is just the enablement for you. It's just the playbook, right? Is that, is that kind of how it is? Because DevOps is applies to all verticals now and security is needed. >> I think, I think it's much more it's here present, right? Which is a, an issue for most organizations enterprise agencies and government or commercial vendors. If you will, the whole market, this market has gotten up because they learned you can get things into production is a big need out there. And you do that really well on effectively. You need a great DevOps organization. Think of us as sort of a DevSecOps in a box that we can deploy and that helps the customers get to market faster, right? So speed is important. So certainly the effectiveness of that is important, but at the same time, do you achieve the compliance? Do you achieve the securities even bigger bar, if you will and in today's industry and marketplace you can't talk about a digital transformation cycle and talk about a three-year project. If you will. I think it has to be shorter and they have to actually see the return pretty quickly. And that's primarily the reason why, if you think about Anitian's story, we're solving a business problem but the way we're doing it, this actually provided for the DevSecOps and DevOps folks, if you will but it solves a business problem for the companies whether you're a commercial or government that's the reason why I think it's much more interesting. >> Yeah and I think one of the things that's interesting with cloud is you need to have that automation and you're essentially taking care of the compliance problem that everyone has because once the SaaS vendor gets in value proposition where they're growing they start to get customers that say, Hey, do you have a pen test? Can I get a SOC report? I mean, all these little kind of things start emerging where they got to go build it and go, wait, we didn't get that. What are we going to do? I got to have that built in and deliver that every time not a one-off it used to be you do a pen test or you do some things and you're done and you lock the code down. Not anymore. >> Fair enough. I think it's a continuous thing, right? It's not just when I'm done but also it's not just one and done, but this is not static. It's very dynamic, but the apps are changing. The functionality is changing. The things they interact with are changing. That's the beauty of the cloud, right? You have all this ability to be able to move faster, but with it comes certain responsibilities, if you will. And so that we take our job seriously to ensure that while you're innovating with your application out there our job is to make sure that we're keeping up with you not just in securing you and making you compliant but also keeping you compliant so that you're not running a foul in terms of all these other standards, if you will that's one benefit of it, frankly, at the end of the day the customers benefit the most, right? Because you can better functionality faster. And frankly, it's driving pricing as well. And so that's got to be a larger issue for the industry in general, frankly. >> Awesome, great insight, Rakesh. I've got to ask a question. If I'm the customer, when do I know it's time to call you? Is there a markers or signs that are clear? I say, well, I need to call immediately. That's something's going down here. When, what's the tail sign >> Two tells are really one is you want to expand into the market. You want to grow your business revenue. If you want to add more revenue in a large market like federal government or public sector in general then we're the fastest way to get you there, just revenue, right? So if you want to make more money we can get you there faster, quicker than anybody else. And then keep you there by the way. The other tell is, if you want to stop time in terms of investment in trying to figure out how to assemble the best of breed, if you will you know, a lot of the, you know, Amazon sellers. In fact, they, they bring a lot of customers to us where they bring us saying here's the fastest way for you to get secure quickly so that your application can go out to the marketplace and scale and still be secure. So in both sides, both on the compliance side and automation, as well as the secure applied side, the clear tell is when people are trying to grow their business. And they're trying to secure while growing their business. Both of those are clear tells when we get brought in. >> Yeah. So on the business, logic is simple. I want to go into new market and the other side, I got my product ready. I got to get the products up to speed and standardized with all the compliance. >> Sure. Right. >> Awesome, well great conversation. Thanks for coming on and sharing the story and the value proposition and the business model and all the secret sauce. Final question. I'll just give you the last minute here to put a plug in for the company. What are you guys looking for? Are you guys hiring, state of the company? Any vitals you'd like to share in terms of status momentum take a minute to get the plug in. >> Great. Thank, thank you for the opportunity, John more than anything else. Happy to share the story and the growth at Anitian. If you are a customer that is contemplating doing any sort of compliance or you're trying to figure out how to get secure pretty quickly with a pre-engineered platform one of the best guys to be around in the, in the marketplace, we work on Amazon and AWS folks. Get in touch with the AWS rep or get in touch with us directly. I can, I'll give you my email. It's my first name dot last name@anitian.com. Go ahead and send the email and we'll help you with your compliance and security needs as well. Growing like crazy, you know, in the middle of a pandemic, we, you know, we, we're lucky we live in professions where we're able to move things remotely not everybody else is. But we are able to take care of our customers and secure them, keep them compliant, phenomenal growth. We're growing like crazy in terms of our business as well as people send me mail. If you're interested in joining the company or want to be a partner with us happy to help you with that. Okay. >> Rakesh Narasimhan president and CEO of Anitian. What a great business model, helping companies make money faster by getting into new markets. If you're a cloud-scale great, great success. Thanks for coming on. >> Thank you, John. Take care. >> Okay, This is the CUBE conversation. I'm John Furrier. Thanks for watching.