>>from the heart of Silicon Valley. It's the Q covering Comcast Innovation Date to you by Comcast. >>Hey, welcome back it ready? Geoffrey here with the Cube were in the Comcast Silicon Valley Innovation Center here in Sunnyvale, just off the runways here. Moffett feels really cool place, a lot of fun toys and gadgets that I have not got to play with yet, but I got to do before I leave. But the conversation today is really about customer experience. We had a small panel this morning of experts talking about customer experience. What does that mean? How do we do a better job at it? And we're excited. Have an expert brought in just for this conversation. She's a net Franz, the founder and CEO of C X Journey, and it's great to see you. >>Thank you. Thanks for having me. Glad to be here. Absolutely been a fun morning. >>What did you think? >>What were some of your impressions of the conversation this morning? You know >>what? It's always great to sit in a room with so many people who have been living and breathing this customer experience journey. And so it was great to hear what Comcast is doing. It was great to hear from some of the other folks in the room. What are some of the latest trends in terms of data and technology and where customer experiences headed? Yeah, it was awesome. >>So customer experiences, it's >>a little bit over. It's almost kind of digital transformation a little bit. Everyone's like experience, experience, experience. And that's a big, complicated topic. How do you help customers really kind of break it down, make it into something manageable, make it into something they can actually approach and have some success with >>us? So I spent a lot of my time working with clients who are brand new to this field, right? I had a former boss who said that they can't even spell C X. Right. So yes, so So yes. So I go in there and I really listen and understand what their pain points are and what they need help with and then get them started on that journey. Basically, soup did not see X strategy work. We typically start out making sure that the right foundation is in place in terms of the executives that they're all a line that they're all committed to this work. The culture. We've got the right culture in place. We've got, you know, some feedback from employees and from customers of what's going well and what's not. And then from there we dive right into a phase that I call understanding. And that's listening to customers listening to employees developing personas so that we can really understand who customers are and who are employees really are, and then also journey mapping to really walk in their shoes to understand the experience that they're having today and then design. Use that to design a better experience for tomorrow. So there's a lot of work that happens up front to make you know the things that we talked about in there this morning. >>Right? Happen. What's the biggest gap? Because everyone >>always talks about being customer centric. And I'm sure if you talk to any sea, of course, were customer centric and you know, we see it would like would like Amazon Andy Jassy and that team is just crazy hyper customer centric and they executed with specific behavior. So what's the part that's usually missing that they think their customer centric, but they're really not? >>Yeah, I think you just hit the nail on the head with the word execute, right? So there's a stat out there that's been out there for forever, and we know it. Every single company, every single business interviews or surveys us to death, right? So they have all this great feedback, but they do nothing with it. They just don't execute. They just don't act on it. And they've got such rich feedback and and and customers want to tell them, Hey, you're doing this well behaved. This is not going so well. So please fix it because we want to continue doing business with you. And so, yeah, it's about execution. I think that's one problem. The other problem is that they focus on the metrics and not on actually doing something with the feedback >>temporary experience. Do they just ignore it? Do they not have the systems to capture it? Are they are they kind of analysis? Paralysis? He just said they have all this great data, and I'm not doing anything about it. Why >>there it is that, too Analysis, paralysis. Let's just beat the numbers to death and and what's the What's the quote about beating the number until the beating the data until the talks >>kind of thing. You know, I don't know that something. I know I'm just mess that, >>but But yeah, they don't have the system in place to actually. Then take what they learn and go do something with it. And I think a big part of it. We talked about this in the room this morning, too. Was around having that commitment from the top, having the CEO say, Listen, we're doing this and we're going to when we listen to, our customers were going toe act on what we hear, So But they don't They don't have the infrastructure in place to actually go and then do it >>right. It's pretty interesting. You have, Ah, a deck that you shared in advance Eight Principles of customer centric city. Yes. And of the aid three are people people before products people before profits people before metrics. That sounds great, but it sounds contrary to everything we hear these days about measure, measure, measure, measure, measure. Right? It's human resource is it almost feels like we're kind of back to these kind of time. Motion studies in tryingto optimize people as if they're a machine as opposed to being a person. >>Yeah, well, it's It's not, because we have to. The way that we could think about is we have to put the human into this. That's what customer experience is all about, right? It's about putting the human in the experience. And it's interesting that you bring up that back because when I opened that talk, I'm show a comm your commercial from Acura, and it's if you've never seen it. It's called the test. If you can google it and find the video and it's really about. If we don't view them as dummies, something amazing happens. That's the tagline, right? And so it's really about people. The experience is all about people. Our business is all about people. That's why we're in business, right? It's all about the customer. It's for the customer. And who's gonna deliver that? Our employees? And so we've got to put the people first, and then the numbers will come >>right. Another one that you had in there, I just have to touch on was forget the golden rule, which which I always thought the golden rules of us. You know, he has the gold makes a >>rule. You're talking about a different golden, which is really treat. Treat others >>not the way you think they want, that you want to be treated but treat people the way that they want to be treated in such a small It's the pylons, but it's so important. >>It's so important. And I love this example that I share. Thio just recently read a book by Hal Rosenbluth called The Customer Comes Second, right, and to most people, that seems counterintuitive, but he's really referring to The employee comes more first, which I love, and I'm the example that he gives us. He's left handed and he goes into a restaurant. He frequents this restaurant all the time, and until I read this story, I never even thought about this. And now that I go to restaurants, I think about this all the time. The silverware is always on the right hand side, but he's left handed, so this restaurant that he frequents the waitress. He always seemed to have the same waitress she caught on, and so when when he would come into the restaurant, she would set the silvery down on the left hand side. for him that's treating people the way that they want to be treated. And that's what customer experience is all about, >>right? One of the topics that he talked about in the session this morning was, um, the reputation that service experiences really defined by the sum of all your interactions. And it's really important to kind of keep a ah view of that that it's not just an interaction with many, many interactions over a period of time that sounds so hard to manage. And then there's also this kind of the last experience, which is probably overweighted based on the whole. >>How do people >>keep that in mind? How did they How did they, you know, make sure that they're thinking that kind of holistically about the customer engagement across a number of fronts within the company. >>Well, you've got to think >>about it as think about it as a journey, not just touch points, not just a bunch of little touch points, because if you think about just the last experience or just a touch point, then you're thinking about transactions. You're not thinking about a relationship, and what we're trying to get at is customer relationships and not just transactional, you know, it's it's they're in, they're out, they're gone, right? So what? We want relationships. We want them to be customers for life. And and that's the only way that we're gonna do it is if we focus on the journey, >>right? What about the challenge of that which was special suddenly becomes the norm. And we talked a lot about, you know, kind of consumers ations of i t. Because as soon as I get great results on a Google search or, you know, I find exactly what I need on Amazon in two clicks and then to take that into whatever my be to be your B to C application as when Now those expectations are not being driven by what I promised to deliver. But they're being driven by all these third party app said. I have a no control up and they're probably developing at a faster pace of innovation that I can keep up housing people, you know, kind of absorb that deal with it and try to take some lessons from that in the delivery of their own application >>essay. You you brought up two things there which I want to address the 1st 1 to which was about the delighting customers. But to answer your question is really about focusing on your customers and your customers needs on. And that's why I talk a lot about customer understanding, right? It's it's about listening to your customers. It's about developing personas and really understanding who they are, what their pain points are, what their problems are, what needs. Are they trying to solve our problems? Are they trying to solve on and then walking in their shoes through journey, mapping? And that understanding allows us to design an experience for our customers, right for our customers. If we don't solve a problem up for our customers, they will go elsewhere and they'll get their problems solved elsewhere, right? So I think that's really important. The first part of your question was, our point was around delighting our customers, and you're absolutely right. We don't have to delight customers at every touch point. I know that's counter to what a lot of people might say or think, but to your point, once we delighted every touch point, now it becomes the new norm. It's an expectation that has now been set and now delight, Where does it stop? You know, Delight is here, and then it's here. And then it's here. And so So it's It's a whole different. So my thinking on that is that most businesses cannot delight at every touch point, and they certainly don't. Um, I think we need to meet expectations and the and the only way that we can do that is to listen and understand and and and then act on what we hear. And, um, most businesses are still very primitive, even when it comes to that, >>right? Okay. Give you the last word. What's what's the kind of the most consistent, easy to fix stumble that most customers are doing when you when you get engaged and you walk in, what's that one thing that you know with 90% confidence factor that when you walk in, this is gonna be, you know, one of these three or four little things that they should stop doing or that they should do just just just get off the baseline? >>Yeah, I think it's You know what I think it >>za combination of sort of speed and responsiveness. I'll give an example. I won't mean the company, but But I thought, man, in this day and age, this shouldn't be happening, right? It was a company that I contacted. I was supposed to set up an account and they said I couldn't for it just wasn't working. I tried different browsers, just wasn't working. So I sent them and eat. First. I tried to call, but I got stuck in Ivy are hell. And then I sent an email and my the email that I got back was an auto responder. That's I will reply within five business days. >>Five business days, Thio like, really, where? Why don't you just ask me to send a fax, right? You know, So So that's the kind >>of stuff that seriously I I want to solve that e mails like really in 2019. We're still responding in five business days. That's just that's just ludicrous. I think that's one of the and it's such it doesn't cost anything to respond in a timely manner and to respond at all right now. Here it is. It's been I haven't heard from them yet, so it's been like seven days now, so >>there's that just tweet tweet at the CEO going to, hopefully the >>CEO tweets and maybe doesn't tweet. >>I know, right? Yeah, well, in >>that you know nothing about opportunity for you because this is not an easy it's not an easy thing to do is it's hard to stay up with people's expectations and to drive new and innovative products when they don't necessarily even know how to engage with those things. >>Yeah, absolutely. Yeah, The field is wide open because, like I said, there's still so many companies that are still just trying to get the basics right. So >>Well, thanks for taking a few minutes of your time. Thanks for participating. Absolutely, She's in that. I'm Jeff. You're watching the Cube worth the Comcast Silicon Valley Innovation Center. Thanks for watching. We'll see next time.

>> Live from Las Vegas. It's theCUBE. Covering the AWS Accenture Executive Summit. Brought to you by Accenture. >> Welcome back, everyone to theCUBE's live coverage of the AWS Executive Summit here in Las Vegas. I'm your host, Rebecca Knight. We have today, Mahmoud El Assir, he is the CTO and Senior Vice President of Global Technology Services at Verizon. And Annette Rippert, Senior Managing Director, Accenture Technology, North America. Thank you so much for coming on theCUBE. >> Great to be here. >> Thanks for having us. >> So we are talking today about Verizon's migration to the cloud, but Verizon is a company that many people have familiarity with, Mahmoud. Just lay out a few facts and figures for our viewers here. >> Sure, I'll say Verizon is Fortune 16 company. Last year we made $126 billion dollars from our, kind of, loyal customers. We are, today we deployed, we were the first people to deploy 5G. And we have 98% coverage in U.S., so we are America's fastest and most reliable wireless service. >> So it's a company that touches so many of our lives. >> Yup. >> Earlier this year, Verizon selected AWS as its preferred cloud provider. What was, one, what was the impetus for moving to the cloud? And two why AWS? >> Yeah, that's a great question. But I'd like to zoom out a little but more and talk about what is Verizon? What's our mission and how kind of tackling it? So when you think about Verizon, our mission is to deliver the promise of the digital world, right? Enable, deploy 5G and enable the 4th Industrial Revolution. And as part of this, it's all about empowering humans to do more, right? And in global technology solutions our winning aspiration is to develop products and services that our customers and employees love. And then we, and also to be the destination for world class technology talent. And be the investment innovation center for the company. So when it comes to digital transformation we look at the enables and where we want to invest our energy and how do you want to leverage the right partners. So the heart of our technology transformation is the public cloud. When you think about what the public cloud, it's like where you want us. It will allow us to spend more of our energy building solutions and for our customers. And creating value for our customers. Also public cloud will allow us, and or business, to experiment faster, better and cheaper. In technology our focus is to always save on efficiency, speed and innovation. So that is our kind of model and at the heart of this, public cloud is a key kind of element for our journey. >> Well I want to get into that journey a little bit more, but Annette, I want to bring you into the conversation here. So, Verizon is one of the leading communications companies that is migrating to the cloud at this scale. >> Yes. >> What are some of the lessons, as you have helped and observed and also helped this partnership grow, what are some of the key takeaways that you would say? >> Well, I think there is a couple you know, if you take a look at some of the lessons that our clients learn. You know when at Accenture we go into the market really helping our clients think about how do we leverage technology for achieving business outcomes. You just talked about some extraordinary business outcomes that you're looking to achieve and you'll do that through a variety of things, including leveraging technology. And so, just like that we encourage our clients to be thinking about what is the business innovation? What is the outcome? The disruption that we're looking to achieve through leveraging technologies like AWS, right? I think secondly, if you think a little bit about the importance in that journey of communicating that vision. Of what will it mean to be able to leverage that kind of technology? You just communicated a very strong vision. And that's so important to the change journey that many of these organizations go on. You know there is the importance of the investment strategy, but ultimately, the innovation that the organization itself the engineers within the organization are a part of delivering, you know, the kind of innovation that you'll be delivering is really, it will not only make such a big impact on those in your enterprise, delivering that. But, you know, to all of us who are consumers of your business strategy which will be fabulous. And I think, in the end, you know, one of the most exciting things, and it's really sitting Alexis, as we were talking a little bit about some of what Verizon is doing earlier in the day, one of the most important things is really thinking about how this provides an opportunity for the enterprise to change. So, you know, moving to be a much more agile enterprise, being able to respond to market changes, and certainly in the business that you're in, the market is changing everyday. And so by leveraging innovative products like AWS' platform, you know it really provides the opportunity to constantly leverage new technology in that environment. >> And that, as you said, the market is changing everyday and customers, they're demanding things and companies are providing customers with things they don't even know that they want until they have them in their hands. How, at a time when customer differentiation is such a key competitive advantage, how are you staying ahead of the game and making sure that you know you're sort of getting inside the heads of your customers? And then you're also delivering what they want and expect. >> Customers comes first at Verizon, right? So it's at the heart of our technology is also leveraging emerging technology. So cloud is one, scaling AIML is another one. One of the big programs we're doing is, how do you move personalization to one-on-one personalization? How do you make every customer feel they have their own network, our network. Like their own network that's personalized for their needs. There own experience, their own plans. Their own recognition. So that's key. So today when you think about most companies do segmentation or personalization at the cluster level. So one of the biggest things is we're shifting now from systems of engagement, and systems of records. We're inserting systems of insights. A system of insight allows to build the DNA for every customer and will allow us to personalize the customer experience for every customer at the customer level based on all the data, kind of, we know about them, from the data they use with us, and will allow us to personalize their experience at every touch point. >> So what, how would that look like? What will a personalized customer experience at Verizon look like in the future going forward? What are some of your goals and aspirations? >> Imagine you're like a, you've bought every iPhone, since iPhone one through like iPhone ten, right? >> I can imagine that. >> So you're an iPhone enthusiast, right? So, when you come up on our website recommend, like the iPhone, the next iPhone say, the next iPhone is up, the next iPhone red is up or so. So we know more about you and your history and we recommend right accessories, we recommend and so we tell you, hey this stuff is coming. So you feel we're watching out for you. You're like we know, we know you. We know you better than anybody. So at any touch point when you come to us we kind of tell you what's the next thing for you. And then even when you don't know we, like from a network kind of performance from everything we proactively, kind of cater for you. That's a big one. The other one, how do you, when you want to talk to us, how do you get leverage technology like Chatbots and conversationally AVRs and stuff. And make sure you feel you're like, we know you. If you have a different accent, we recognize the accent, then you say, hey do you want to speak in that language? >> (laughs) >> So imagine the power of doing that. Versus today you have to do, like you have Spanish AVR, you have to have a, or have a Spanish kind of call center. Imagine through a IML and Chatbots and stuff, you can recognize all the stuff and personalize the experience. Today at Verizon, we are known of our network superiority. And we have great customer experience but we want to be known also for our experience the same way we are known for our network. And we believe that at Verizon, there is always a higher gear. So we all aspire for the higher gear and aspire our customers to feel they have a Verizon for every customer. >> So this, that's from the customer experience. And as you said, the goal is to have the customer feel that the company empathizes with them and really gets them. What about the workforce changes? I mean Annette was talking about the importance of change management and the cultural shift that these kinds of transformations entail. Have you come up against any challenges at Verizon in terms of this migration? >> Sure I would say, at the heart of our kind of transformation, there are four main pillars. The first pillar is, enabling all these modern technologies. This is like cloud, Cloud Native, API, AI, ML. And especially go back to cloud, the time of enabling cloud was very important to get everybody on board at beginning of the journey. So one of our biggest thing is to get like the security team on board, as early in the process as possible, and make sure security team is a development team, not just a kind of a controls team. So having an engineering team on the security side is a big one to kind of automate all this kind of, all the security controls we need in the cloud so we have the right guardrails and have everything automated. Another thing, same thing like with the other teams. Get them on board in the journey have an advisory kind of board with the other team and security team and legal teams and everybody is onboarding on the journey. So that's I'd say key and pay lots of dividends investment upfront but pays lots of dividends so you can move faster. It's like more of a slow down to speed up. So that's a big one. The second one is, technology is one thing, but you need the culture. So you need to have sustainable momentum in this kind of movement. So the proxy we wanted to have is like have AWS certifications. Because you need 10% believers to have momentum. So our proxy to believers is AWS certifications. So we put a program in place we call it: Verizon Cloud Train. And that train basically is like a 12-week, six sprints, and we help our teams prepare for their certification. So last year we did more than a thousand, we have more than 1800 people probably right now certified with AWS. >> That is incredible. >> At the same time, we set up a dojo's, which are like emergent centers. So we have like 40, 50 seats in different cities and with like five six coaches. So if you are a team who wants to come in and move your application to the cloud, we help you do it. If you want to decompartmentalize your application to microservices we help you. If you want to do ABI's, we help you. So we helped you build deep expertise into these technologies we are doing. So that is like, transforming the teams, and up scaling, I would call it up scaling the talent, is key. Hiring great talent in key rolls is also key. The third pillar is changing the way we work from, what you call a project based, to outcome based. And this beyond agile. Agile is an enabler for this, but how do you change the model where everything is outcome based? Where you have the business and the technology team working together to move an outcome. If I want to increase my kind of video-on-demand revenue per customer, everybody making all the changes, experimenting, and making sure that's a need, is moving. It's not like I did my code, I delivered my, I did my testing, I deployed my app. It's what's a business and what's a customer kind of expectation. And fourth one is, how do you establish internal kind of communities and get out of a like the thiefdoms and stuff. And get a culture of kind of sharing and cheering for others. So we have like Dev Ops days internally within the company, bring in external, internal speakers. We have internal kind of intersourcing for some piece of code. So you have to fire on all cylinders I would say. And get as many kind of parties included as early in the process. And have also an objective to have everything as code. And it's a journey, so you have to always keep on exercising new muscles and more muscles and the more muscles you exercise, the faster you can go. >> So Mahmoud, Annette already shared with us her key learnings from your experience and your journey. What would you say, I mean you're hear at AWS reInvent, it's not your first rodeo, you've been to this conference many times before. When you're talking with other CTO's, CIO's and they're saying, hey, so how's it going for you? What's your advice for a company that is really just starting this, this process? >> Sure, I would say the movement to the public cloud is not just a cost play. I mean, cost needs to be, efficiency needs to be there, but that shouldn't be the primary kind of objective. The primary objective should be speed and innovation. At the same time, deliver a cost. Lots of people say, oh do I, is the same, you can't compare it same-for-same. Because it's different. On prem you can do like A, B testing. In the cloud you can do A to Z testing for much cheaper. You don't need everything you have on prem. You can experiment, so think about it as accelerating the speed of innovation. That's the key one. And I said it before, but I'll say it again. It's like all about having the right kind of, from like a security perspective, people will argue, oh public cloud is insecure? I would argue, public cloud can be more secure than on prem because you have all the tools to kind of automatically, kind of protect and detect and recover. And you have more tooling to allow you to be more secure. It's having the right kind of guardrails and the right controls, right automation and right teams. So it's, you have to build muscle across all these fronts. And have them as a front as possible. >> Great, and great note to end on. Thank you so much Mahmoud and Annette. >> Thank you. >> I appreciate it. >> Very good. >> Been really fun having you on the show. >> Thank you. >> Thank you for having us. >> We will have more >> Thanks, Ann. >> from theCUBE's live coverage of the AWS Executive Summit, coming up in just a little bit. (upbeat music)

>> Live, from Las Vegas. It's theCUBE. Covering the AWS Accenture Executive Summit brought to you by Accenture. >> Welcome back everyone to theCUBE's live coverage of the AWS Executive Summit. I'm your host, Rebecca Knight. We're joined by Annette Rippert. She is the Senior Managing Director Accenture Technology, North America. Thanks so much for coming on theCUBE. >> Well, I'm happy to be here today. >> So, let's talk a little bit about Accenture's innovation for society initiative. Give our viewers a little background on it. >> Sure. Well, you know, for quite a while we've been known as a company around innovation. But I think one thing that doesn't always come forward is the fact that you know, since our very early days we've had this very tight coupling with corporate citizenship, with philanthropy. In fact we invest 1% of our pre-taxed dollars in philanthropic related initiatives. And you know, for a number of years we've had initiatives like Tech4Good that are part of the DNA of our organization. So, when you think about the innovation side of the organization, and then you think about our philanthropic desires and couple that now with all of the digital technologies, really the possibilities are almost endless when you think about ways that, really, we strive to be able to conquer, not only business problems but societal problems with technology. >> So how do you decide where you're going to focus your energy, your time, your resources. How do you choose the biggest most pressing problems? >> Yes. Well I think one of the things that's really important is we always start with the business process or the societal issue itself as opposed to thinking about how can we use a particular technology to instantiate something we start with really, what's the social problem. And one of the ways that we do this, we have a global innovation contest. Our people get so excited to be apart of this as you could imagine. And one of the tracks is really around Tech4Good and so, teams from around the world think of ways that they can use technology to solve a particular societal issue. And it's really exciting to see the kind of innovations that come out of that. In the end the winners globally are funded to be able to take that idea and actually develop it and put it out in to use. >> So talk about some of the winners and the most exciting entrants from your perspective. >> Well, there's one that I think is maybe a good place to start and that's really around the area of home care, elder care, you know striving to keep a connection together with somebody who's in that circumstance. And being able to provide sort of a real world interaction. So, one of the teams took, with that in mind, concepts around natural language processing, around AI, and really IoT as well. Connecting in sensors in the home, whether that be to doors or to beds or to stoves which can represent safety concerns. And this innovation was built around an Amazon Echo show and around the Amazon platform. And really enables a lot of freedom and a opportunity for the person who's home bound like that to be able to interface with family, with caregivers and really better enable an independent living situation that extends that home care environment. >> So particularly, as the world's population is aging, that's something that we're experiencing here in the US, you can see how that really would help to solve a social challenge. >> Yes, pretty exciting. >> Yeah, so. Talk to me a little bit more about how this contest works in terms of teams within Accenture working together, collaborating and do the self-form the teams? Does Accenture tell them how to ... >> We announce the competition and people self-form it can be an individual, it can be a team. They do this on their own time. They spend time really thinking about how they can apply new concepts. So for us, it's a opportunity for people to learn but then they also think about wanting to address something that's another part of them, you know doing social good. So, it's also an opportunity to contribute and give back through the process of this competition. >> I know that one of the parts of the innovation for social good is the skills to succeed initiative. Can you tell our viewers a little bit more about that? >> Sure, well this is a program really that has taken off like wildfire and we've been doing it for many, many years and it's targeted with extending technology skills to individuals who come from lesser than means. It's a way of extending skills and capability and coaching to provide them the ability to really re-enter the work force. Re-enter the work force with skills and get on their feet. It's been something, it is pervasive across our business. Most of our people have participated in some way whether through coaching or other initiatives and it's been very successful. >> So you go in to these communities and coach marginalized communities? >> Yes, and then it provides an opportunity for them to be able to re-enter, whether re-enter the work force whether with us or any other organization. We look most to provide them with skills. We also provide them with other things that you don't think about when somebody is trying to re-enter the work force, whether that happens to be clothing or other capability to be able to get back on your feet. >> So let's talk about this moment in time in the technology industry. So we have this explosion of digital technologies, as you were saying, AI and machine learning and big data, data analytics and we have companies sort of coming together saying hey, there are a lot of pressing global challenge, societal challenges. We need to harness these technologies to solve them. I mean, do you think that, can you describe, since you are really on the ground, your boots on the ground in the middle of this, what it's like to be in this environment. Do you think that other companies are sort of following Accenture's lead? How would you describe what's going on? >> Well, I think that for a very long time, as I was mentioning, part of our mission statement as a company is to help the way the world works and lives. And so it's been kind of core to the way that we operate the business in our core values. But I think what's happening now is there's a lot more awareness of social good. And instead of supporting a charity or being a partner together with a charity, now we find ways we can really amplify our ability to make a difference. And that is by leveraging our capability around technology to help take that devotion of time, that interest, and really step it up in a pretty significant way. To bring that technology in a way that really's disruptive to changing the societal issue. >> But at the same time you don't want to necessarily start with the technology itself. You want to make sure you're starting with the problem. >> Well that really comes back to the way that we address business problems and the way we address the societal problems, is all of our people are taught concepts around designed thinking. Around human centered design. And so that concept of starting with what is the human problem, is a very natural course because that's the way that we solve all of our business problems. And so, I think that that's a, in thinking about how we solve those issues or collaborate in order to do that I think really drives a lot more complete answers in fact, to the kind of problems that we look to solve. And that's why starting with the societal issue and really what's at risk. What are we trying to address? And then thinking of creative ways to be disruptive around that. Some cases it's not even around the technology. It's about, you know, thinking in a new way about how to address those issues. >> And a cultural shift and getting people to, yeah exactly, collaborate differently. So I know you've just came from a hackathon and you were helping charities think different, think about a problem they wanted to solve and then think about how we could use technology to solve it. Tell our viewers a little bit more about the hackathon here. >> Sure, well you know, our interest in this area is, you can tell I'm very passionate about it. We invest a lot of time from a corporate standpoint and we're helping to sponsor this hackathon here at AWS re:Invent and we're doing that together with several organizations. For example, Girls Who Code, let me see, GameChanger, Compassion, and Goodwill are all other organizations that are participating in the hackathon. And had really interesting problems that they brought to the table. In fact, one of the problems that we talked about today, that the teams are over hacking away thinking about, is there are many organizations that sponsor very under privileged children and create, in this organization situation, they create a one to one relationship between a sponsor and a child and they were looking for ways to be able to connect those two parties by using natural language processing, they wanted to facilitate a near real time kind of dialogue across the boundaries of language in a way that ensures protection of the child and that there's nothing malicious that could happen through that direct connection. Of course we expect everyone to be well-meaning in that but part of the innovation is also protecting the children too. So the teams are over hacking away looking at this and several other kind of problems, social problems, Tech4Good type of initiatives throughout the day today. >> So at next year's, let's look in to our crystal balls here and think about what we're going to be talking about at next year's AWS Executive Summit. What is on the table for this year and what kinds of things are most exciting you that you're ... >> Well I think all the innovation, just further enables it, the way that we think about how we're using today, artificial intelligence, and you couple that together with so many other things around, whether, the example I just gave, around natural language processing and you couple that together with the societal and business problems that are here. I mean, it's really quite explosive. So you think about all of the new innovation that's being announced this week. I think the opportunity to be able to drive that even deeper into, whether it happens to business or societal problem, will be even more interesting next year. >> We'll end that, thank you so much for coming on theCUBE. It was great talking to you. >> Thank you. >> A really fun conversation. >> Enjoyed it. >> I'm Rebecca Knight. We will have more from the AWS Executive Summit coming up in just a little bit. (electronic music)

>>from around the globe. It's the Cube presenting Cuban cloud brought to you by silicon angle. Okay, >>we're now going to explore the vision of the future of cloud computing From the perspective of one of the leaders in the field, J G >>Share >>a pure off is the vice president of As Your Data ai and Edge at Microsoft G. Welcome to the Cuban cloud. Thanks so much for participating. >>Well, thank you, Dave, and it's a real pleasure to be here with you. And I just wanna welcome the audience as well. >>Well, jg judging from your title, we have a lot of ground to cover, and our audience is definitely interested in all the topics that are implied there. So let's get right into it. You know, we've said many times in the Cube that the new innovation cocktail comprises machine intelligence or a I applied to troves of data. With the scale of the cloud. It's it's no longer, you know, we're driven by Moore's law. It's really those three factors, and those ingredients are gonna power the next wave of value creation and the economy. So, first, do you buy into that premise? >>Yes, absolutely. we do buy into it. And I think, you know, one of the reasons why we put Data Analytics and Ai together is because all of that really begins with the collection of data and managing it and governing it, unlocking analytics in it. And we tend to see things like AI, the value creation that comes from a I as being on that continues off, having started off with really things like analytics and proceeding toe. You know, machine learning and the use of data. Interesting breaks. Yes. >>I'd like to get some more thoughts around a data and how you see the future data and the role of cloud and maybe how >>Microsoft, you >>know, strategy fits in there. I mean, you, your portfolio, you got you got sequel server, Azure, Azure sequel. You got arc, which is kinda azure everywhere for people that aren't familiar with that. You've got synapse. Which course that's all the integration a data warehouse, and get things ready for B I and consumption by the business and and the whole data pipeline and a lot of other services as your data bricks you got You got cosmos in their, uh, Blockchain. You've got open source services like Post Dress and my sequel. So lots of choices there. And I'm wondering, you know, how do you think about the future of Of of Cloud data platforms? It looks like your strategies, right tool for the right job? Is that fair? >>It is fair, but it's also just to step back and look at it. It's fundamentally what we see in this market today is that customer was the Sikh really a comprehensive proposition? And when I say a comprehensive proposition, it is sometimes not just about saying that. Hey, listen way No, you're a sequel server company. We absolutely trust that you have the best Azure sequel database in the cloud, but tell us more. We've got data that's sitting in her group systems. We've got data that's sitting in Post Press in things like mongo DB, right? So that open source proposition today and data and data management and database management has become front and center, so are really sort of push. There is when it comes to migration management, modernization of data to present the broadest possible choice to our customers so we can meet them where they are. However, when it comes to analytics. One of the things they asked for is give us a lot more convergence use. You know it, really, it isn't about having 50 different services. It's really about having that one comprehensive service that is converged. That's where things like synapse Fitzer, where in just land any kind of data in the leg and then use any compute engine on top of it to drive insights from it. So, fundamentally, you know, it is that flexibility that we really sort of focus on to meet our customers where they are and really not pushing our dogma and our beliefs on it. But to meet our customers according to the way they have deployed stuff like this. >>So that's great. I want to stick on this for a minute because, you know, I know when when I have guests on like yourself, do you never want to talk about you know, the competition? But that's all we ever talk about. That's all your customers ever talk about, because because the counter to that right tool for the right job and that I would say, is really kind of Amazon's approach is is that you got the single unified data platform, the mega database that does it all. And that's kind of Oracle's approach. It sounds like you wanna have your cake and eat it, too, so you you got the right tool for the right job approach. But you've got an integration layer that allows you to have that converge database. I wonder if you could add color to that and you confirm or deny what I just said. >>No, that's a That's a very fair observation, but I I say there's a nuance in what I sort of describe when it comes to data management. When it comes to APS, we have them customers with the broadest choice. Even in that, even in that perspective, we also offer convergence. So, case in point, when you think about Cosmos TV under that one sort of service, you get multiple engines, but with the same properties, right global distribution, the five nines availability. It gives customers the ability to basically choose when they have to build that new cloud native AB toe, adopt cosmos Davey and adopted in a way that it's and choose an engine that is most flexible. Tow them, however you know when it comes to say, you know, writing a sequel server, for example from organizing it you know you want. Sometimes you just want to lift and shift it into things. Like I asked In other cases, you want to completely rewrite it, so you need to have the flexibility of choice there that is presented by a legacy off What's its on premises? When it moved into things like analytics, we absolutely believe in convergence, right? So we don't believe that look, you need to have a relation of data warehouse that is separate from a loop system that is separate from, say, a B I system. That is just, you know, it's a bolt on for us. We love the proposition off, really building things that are so integrated that once you land data, once you prep it inside the lake, you can use it for analytics. You can use it for being. You can use it for machine learning. So I think you know, are sort of differentiated. Approach speaks for itself there. Well, >>that's that's interesting, because essentially, again, you're not saying it's an either or, and you're seeing a lot of that in the marketplace. You got some companies say no, it's the Data Lake and others saying No, no put in the data warehouse and that causes confusion and complexity around the data pipeline and a lot of calls. And I'd love to get your thoughts on this. Ah, lot of customers struggled to get value out of data and and specifically data product builders of frustrated that it takes too long to go from. You know, this idea of Hey, I have an idea for a data service and it could drive monetization, but to get there, you gotta go through this complex data lifecycle on pipeline and beg people to add new data sources. And do you do you feel like we have to rethink the way that we approach data architectures? >>Look, I think we do in the cloud, and I think what's happening today and I think the place where I see the most amount of rethink the most amount of push from our customers to really rethink is the area of analytics in a I. It's almost as if what worked in the past will not work going forward. Right? So when you think about analytics on in the Enterprise today, you have relational systems, you have produced systems. You've got data marts. You've got data warehouses. You've got enterprise data warehouses. You know, those large honking databases that you use, uh, to close your books with right? But when you start to modernize it, what deep you are saying is that we don't want to simply take all of that complexity that we've built over say, you know, 34 decades and simply migrated on mass exactly as they are into the cloud. What they really want is a completely different way of looking at things. And I think this is where services like synapse completely provide a differentiated proposition to our customers. What we say there is land the data in any way you see shape or form inside the lake. Once you landed inside the lake, you can essentially use a synapse studio toe. Prep it in the way that you like, use any compute engine of your choice and and operate on this data in any way that you see fit. So, case in point, if you want to hydrate relation all data warehouse, you can do so if you want to do ad hoc analytics using something like spark. You can do so if you want to invoke power. Bi I on that data or b i on that data you can do so if you want to bring in a machine learning model on this breath data you can do so, so inherently. So when customers buy into this proposition, what it solves for them and what it gives them is complete simplicity, right? One way to land the data, multiple ways to use it. And it's all eso. >>Should we think of synapse as an abstraction layer that abstracts away the complexity of the underlying technology? Is that a fair way toe? Think about it. >>Yeah, you can think of it that way. It abstracts away, Dave a couple of things. It takes away the type of data, you know, sort of the complexities related to the type of data. It takes away the complexity related to the size of data. It takes away the complexity related to creating pipelines around all these different types of data and fundamentally puts it in a place where it can be now consumed by any sort of entity inside the actual proposition. And by that token, even data breaks. You know, you can, in fact, use data breaks in in sort off an integrated way with a synapse, Right, >>Well, so that leads me to this notion of and then wonder if you buy into it s Oh, my inference is that a data warehouse or a data lake >>could >>just be a node in inside of a global data >>mesh on. >>Then it's synapses sort of managing, uh, that technology on top. Do you buy into that that global data mesh concept >>we do. And we actually do see our customers using synapse and the value proposition that it brings together in that way. Now it's not where they start. Often times when a customer comes and says, Look, I've got an enterprise data warehouse, I want to migrate it or I have a group system. I want to migrate it. But from there, the evolution is absolutely interesting to see. I give you an example. You know, one of the customers that we're very proud off his FedEx And what FedEx is doing is it's completely reimagining its's logistics system that basically the system that delivers What is it? The three million packages a day on in doing so in this covert times, with the view of basically delivering our covert vaccines. One of the ways they're doing it is basically using synapse. Synapse is essentially that analytic hub where they can get complete view into their logistic processes. Way things are moving, understand things like delays and really put all that together in a way that they can essentially get our packages and these vaccines delivered as quickly as possible. Another example, you know, is one of my favorite, uh, we see once customers buy into it, they essentially can do other things with it. So an example of this is, uh is really my favorite story is Peace Parks Initiative. It is the premier Air White Rhino Conservancy in the world. They essentially are using data that has landed in azure images in particular. So, basically, you know, use drones over the vast area that they patrol and use machine learning on this data to really figure out where is an issue and where there isn't an issue so that this part with about 200 rangers can scramble surgically versus having to read range across the last area that they cover. So What do you see here is you know, the importance is really getting your data in order. Landed consistently. Whatever the kind of data ideas build the right pipelines and then the possibilities of transformation are just endless. >>Yeah, that's very nice how you worked in some of the customer examples. I appreciate that. I wanna ask you, though, that that some people might say that putting in that layer while it clearly adds simplification and e think a great thing that they're begins over time to be be a gap, if you will, between the ability of that layer to integrate all the primitives and all the peace parts on that, that you lose some of that fine grain control and it slows you down. What would you say to that? >>Look, I think that's what we excel at, and that's what we completely sort of buy into on. It's our job to basically provide that level off integration that granularity in the way that so it's an art, absolutely admit it's an art. There are areas where people create simplicity and not a lot of you know, sort of knobs and dials and things like that. But there are areas where customers want flexibility, right? So I think just to give you an example of both of them in landing the data inconsistency in building pipelines, they want simplicity. They don't want complexity. They don't want 50 different places to do this. Just 100 to do it. When it comes to computing and reducing this data analyzing this data, they want flexibility. This is one of the reasons why we say, Hey, listen, you want to use data breaks? If you're you're buying into that proposition and you're absolutely happy with them, you can plug plug it into it. You want to use B I and no, essentially do a small data mart. You can use B I If you say that. Look, I've landed in the lake. I really only want to use em melt, bringing your animal models and party on. So that's where the flexibility comes in. So that's sort of really sort of think about it. Well, >>I like the strategy because, you know, my one of our guest, Jim Octagon, e E. I think one of the foremost thinkers on this notion of off the data mesh and her premises that that that data builders, data product and service builders air frustrated because the the big data system is generic to context. There's no context in there. But by having context in the big data architecture and system, you could get products to market much, much, much faster. So but that seems to be your philosophy. But I'm gonna jump ahead to do my ecosystem question. You've mentioned data breaks a couple of times. There's another partner that you have, which is snowflake. They're kind of trying to build out their own, uh, data cloud, if you will, on global mesh in and the one hand, their partner. On the other hand, there are competitors. How do you sort of balance and square that circle? >>Look, when I see snowflake, I actually see a partner. You know that when we essentially you know, we are. When you think about as you know, this is where I sort of step back and look at Azure as a whole and in azure as a whole. Companies like snowflakes are vital in our ecosystem, right? I mean, there are places we compete, but you know, effectively by helping them build the best snowflake service on Asia. We essentially are able toe, you know, differentiate and offer a differentiated value proposition compared to, say, a Google or on AWS. In fact, that's being our approach with data breaks as well, where you know they are effectively on multiple club, and our opportunity with data breaks is toe essentially integrate them in a way where we offer the best experience. The best integrations on Azure Barna That's always been a focus. >>That's hard to argue with. Strategy. Our data with our data partner eat er, shows Microsoft is both pervasive and impressively having a lot of momentum spending velocity within the budget cycles. I wanna come back thio ai a little bit. It's obviously one of the fastest growing areas in our in our survey data. As I said, clearly, Microsoft is a leader in this space. What's your what's your vision of the future of machine intelligence and how Microsoft will will participate in that opportunity? >>Yeah, so fundamentally, you know, we've built on decades of research around, you know, around, you know, essentially, you know, vision, speech and language that's being the three core building blocks and for the for a really focused period of time we focused on essentially ensuring human parody. So if you ever wondered what the keys to the kingdom are it, czar, it's the most we built in ensuring that the research posture that we've taken there, what we then done is essentially a couple of things we focused on, essentially looking at the spectrum. That is a I both from saying that, Hollis and you know it's gotta work for data. Analysts were looking toe basically use machine learning techniques, toe developers who are essentially, you know, coding and building a machine learning models from scratch. So for that select proposition manifesto us, as you know, really a. I focused on all skill levels. The other court thing we've done is that we've also said, Look, it will only work as long as people trust their data and they can trust their AI models. So there's a tremendous body of work and research we do in things like responsibility. So if you ask me where we sort of push on is fundamentally to make sure that we never lose sight of the fact that the spectrum off a I, and you can sort of come together for any skill level, and we keep that responsibly. I proposition. Absolutely strong now against that canvas, Dave. I'll also tell you that you know, as edge devices get way more capable, right where they can input on the edge, see a camera or a mike or something like that, you will see us pushing a lot more of that capability onto the edge as well. But to me, that's sort of a modality. But the core really is all skill levels and that responsible denia. >>Yeah, So that that brings me to this notion of wanna bring an edge and and hybrid cloud Understand how you're thinking about hybrid cloud multi cloud. Obviously one of your competitors, Amazon won't even say the word multi cloud you guys have, Ah, you know, different approach there. But what's the strategy with regard? Toe, toe hybrid. You know, Do you see the cloud you bringing azure to the edge? Maybe you could talk about that and talk about how you're different from the competition. >>Yeah, I think in the edge from Annette, you know, I live in I'll be the first one to say that the word nge itself is conflated. Okay, It's, uh but I will tell you, just focusing on hybrid. This is one of the places where you know I would say the 2020 if I would have looked back from a corporate perspective. In particular, it has Bean the most informative because we absolutely saw customers digitizing moving to the cloud. And we really saw hybrid in action. 2020 was the year that hybrid sort of really became really from a cloud computing perspective and an example of this is we understood it's not all or nothing. So sometimes customers want azure consistency in their data centers. This is where things like Azure stack comes in. Sometimes they basically come to us and say, We want the flexibility of adopting flexible pattern, you know, platforms like, say, containers orchestra, Cuban Pettis, so that we can essentially deployed wherever you want. And so when we design things like art, it was built for that flexibility in mind. So here is the beauty of what's something like our can do for you. If you have a kubernetes endpoint anywhere we can deploy and as your service onto it, that is the promise, which means if for some reason, the customer says that. Hey, I've got this kubernetes endpoint in AWS and I love as your sequel. You will be able to run as your sequel inside AWS. There's nothing that stops you from doing it so inherently you remember. Our first principle is always to meet our customers where they are. So from that perspective, multi cloud is here to stay. You know, we're never going to be the people that says, I'm sorry, we will never see a But it is a reality for our customers. >>So I wonder if we could close. Thank you for that by looking, looking back and then and then ahead. And I wanna e wanna put forth. Maybe it's, Ah criticism, but maybe not. Maybe it's an art of Microsoft, but But first you know, you get Microsoft an incredible job of transitioning. It's business as your nominee president Azzawi said. Our data shows that so two part question First, Microsoft got there by investing in the cloud, really changing its mind set, I think, in leveraging its huge software state and customer base to put Azure at the center of its strategy, and many have said me included that you got there by creating products that air Good enough. You know, we do a 1.0, it's not that great. And the two Dato, and maybe not the best, but acceptable for your customers. And that's allowed you to grow very rapidly expanding market. >>How >>do you respond to that? Is that is that a fair comment? Ume or than good enough? I wonder if you could share your >>thoughts, gave you? You hurt my feelings with that question. I don't hate me, g getting >>it out there. >>So there was. First of all, thank you for asking me that. You know, I am absolutely the biggest cheerleader. You'll find a Microsoft. I absolutely believe you know that I represent the work off almost 9000 engineers and we wake up every day worrying about our customer and worrying about the customer condition and toe. Absolutely. Make sure we deliver the best in the first time that we do. So when you take the platter off products we've delivered in nausea, be it as your sequel, be it as your cosmos TV synapse as your data breaks, which we did in partnership with data breaks, a za machine learning and recently when we prevail, we sort off, you know, sort of offered the world's first comprehensive data government solution in azure purview. I would humbly submit to you that we're leading the way and we're essentially showing how the future off data ai and the actual work in the cloud. >>I'd be disappointed if you if you had If you didn't, if you capitulated in any way J g So so thank you for that. And the kind of last question is, is looking forward and how you're thinking about the future of cloud last decade. A lot about your cloud migration simplifying infrastructure management, deployment SAS if eyeing my enterprise, lot of simplification and cost savings. And, of course, the redeployment of resource is toward digital transformation. Other other other valuable activities. How >>do >>you think this coming decade will will be defined? Will it be sort of more of the same? Or is there Is there something else out there? >>I think I think that the coming decade will be one where customers start one law outside value out of this. You know what happened in the last decade when people leave the foundation and people essentially looked at the world and said, Look, we've got to make the move, you know, the largely hybrid, but we're going to start making steps to basically digitize and modernize our platforms. I would tell you that with the amount of data that people are moving to the cloud just as an example, you're going to see use of analytics ai for business outcomes explode. You're also going to see a huge sort of focus on things like governance. You know, people need to know where the data is, what the data catalog continues, how to govern it, how to trust this data and given all other privacy and compliance regulations out there. Essentially, they're complying this posture. So I think the unlocking of outcomes versus simply Hey, I've saved money Second, really putting this comprehensive sort off, you know, governance, regime in place. And then, finally, security and trust. It's going to be more paramount than ever before. Yeah, >>nobody's gonna use the data if they don't trust it. I'm glad you brought up your security. It's It's a topic that hits number one on the CEO list. J G. Great conversation. Obviously the strategy is working, and thanks so much for participating in Cuba on cloud. >>Thank you. Thank you, David. I appreciate it and thank you to. Everybody was tuning in today. >>All right? And keep it right there. I'll be back with our next guest right after this short break.

from the cube studios in Palo Alto in Boston connecting with thought leaders all around the world this is a cube conversation everyone welcome to this cube conversation here in the cubes Palo Alto Studios we're here with the quarantine crew I'm John for your host we've got a great guest John Madison CMO an EVP of products of Fortinet and today more than ever in this changing landscape accelerating faster and faster certainly as this covin 19 crisis has forced business to realize a lot of the at scale problems are at hand and a lot of things are exposed in terms of problems and opportunities you have to take care of one of them security John thanks for coming on cube and looking forward to chatting about your recent event you had this week and also the updates at Florida thanks for joining me yeah it's great to be here John so more than ever the innovation strategies are not just talking points anymore in board meetings or companies there's they actually have to come out of this pandemic and operate through it with real innovation with actionable outcomes they've got to get their house in order you're seeing projects really focusing in on the at scale problems which is essentially keep the network's run and keep the sick the security fabric in place this is critical path stuff but the innovation coming out of it has to be a growth play for companies and this has been a big thing so you guys are in the middle of it we've chatted about all the four to guard stuff and all this you're seeing all the traffic you're seeing all the all the impact this work at home has forced companies to not only deal to new realities but it's exposed some things they need to double down on and things they need to either get rid of or fix fast what's your take on all this yeah you know I think it took a lot of people by surprise and the first thing I would like to do is you know spank our employees our customers and partners for the work they've done in the last six to seven weeks now what was happening was a lot of customers had built their work from home programs around a certain percentage 5% 10% 15% and that's what they scaled it for then all of a sudden you know everybody had to work from home and so you went from maybe a thousand people to 10,000 or 5,000 to 50,000 they had to scale very quickly because this had to be implemented in hours and days not weeks and months luckily our systems are able to gaile very quickly we can scale using a security processing units which offload the CPU and allow a lot of users simultaneously to access through VPN SSL VPN IPSec VPN and then we have an implementation at home ranging from a very simple Microsoft Wyant all the way to our clients all the way to even off Buda gate firewalls at home so we really did work very hard to make sure that our customers could maintain their business proposition during these times you know I want to get those work at home and I think it's a little big Sdn story and you guys have been on for a long time I mean we've talked with your you and your folks many times around st Wynn and what it means to to have that in place but this work at home those numbers are off the charts strange and this is disruption this was an unforeseen disruption it's not like a hurricane or flood this is real and we've also talked with you guys and your team around the endpoint you know the edge of the network that's the explosion of the billions of edges this is just an industry kind of inside baseball conversation and then also the immersion of the lifestyle we now live in so you have a world where it was inside baseball for this industry now every company and everyone's feeling it this is a huge issue I'm at home I got to protect myself I got data I gotta have a VPN I mean this is a reality that just wasn't seen I mean what do you guys are what are you guys doing in this area well I think it changes that this long-term architect and so you know the past we talked about there being millions of edges and people go how many billions of edges and what's happened is if you're working from home that's an edge and so the long term architecture means that companies need to take care of where their network edges are now the SEM at home they had them at the branch office they have them at the end of prize and the data center in the cloud then we need to decide know where to apply the security is it at the endpoint is it at the edges is the data center or bout an S T one is absolutely essential because every edge you'll have whether that were home now whether it be in your data center or eCampus on the cloud needs that st-1 technology and make sure you can guide the applications in a secure manner what's interesting is I actually deployed st-1 in my home here I've got two ISP connections one week I'm casting off with AT&T now that may be overkill right now for most people about putting st-1 in their homes but I think long-term homes are gonna be part of the enterprise network it's just another eight take a minute to explain the SD win I would call it the this is a mill especially this is not your grandfather's st win I mean it's changed st when is the internet I mean basically at home what does that mean if users don't know care what the products are at the end of the day they're working at home so kind of SD win has taken on a new broader scope if you will it's not just the classic SD win or is it can you take us through I mean and this is a category that's becoming much broader what's your what's your nails is there yeah again I'm not saying that you know consumers are gonna be putting SD wine in the homes right now but if I'm an executive and I rely on my communication out there are lots of meetings during the day work from home I want it to be as reliable as possible so if my one is pee goes down and I can't get on the internet that's an issue if I have to ISPs I have much higher availability but more importantly us you and I can guide the applications where I want when they want I can make sure you know my normal home traffic goes off certain direction the certain on a VLAN and segmentation policy whereas my war can be completely set out so again I you know I think SDRAM technology is important for the home long term is important for the branch for the enterprise and the data center and Earls St ones built into all up all our forty gates have sp1 you just switch it on we think it's a four essential technology going forward to drive that cloud on-ramp real quick follow-up on that for the folks in the enterprise I see the enterprise will make it easier for their customers their users who are at home so it feels consumer II invisible if you will I think that's the short-term what's what are what are you seeing your customers and prospective customers thinking when they come back or as they operate now in this new reality when they say you know what we really miss forecasted this now they have to get back to business what are they gonna do do they do more sta on I mean what's the architecture how does that get done what's the conversation like you know as this evolved for the next it's gonna slowly open up it still it's going to be a new reality for at least 12 months what's the conversation with the customer right now when it comes to going in and taking care of this so it doesn't happen again yeah what I'm doing actually actually what I'm doing a lot of virtual ABC's obviously we usually have 200 our customers that come to our corporate quarters or executive briefings and I'm doing actually more virtually and a lot of the opening conversations is they don't think they're gonna go completely Hunter's under percent back to where they were there's always going to be now a fraction of work-from-home people they may move around some of their physical location so as I said the ST when is that piece on the edge whether it be your home ranch campus or data centers gonna be there to guide the applications guide the users and devices to the right applications of wherever they may be as it could be in the cloud of communion data center it could be anywhere and then the key conversation thereafter for customers long-term architecture wise is where do I apply my security stack and the security spat consists of basic things like antivirus all right yes more detection capabilities even even response to Isis given that stack how much do I put in the edge how much do I put in my endpoint how much do I put my branch how much I put in my campus data center and cloud and then how do I maintain a policy a single policy across all of those and then now and again maybe I have to move that stack cross so that's going to be the key long term architecture question for enterprises as they move to a slightly different composition of workforce in different locations is hey I've got to make sure every edge that I have I identify and I secure when SP ran and then how do I apply the security stack cross all the diff tell great insight thanks for sharing that I want to get your take on now speaking of working at home you're also the CMO as well as the EVP of products which is a unique job because you can talk about any think when the cube we love it you had an event accelerate 2020 the folks watching go to the hashtag on Twitter hashtag accelerate 20 that's the hash tag you'll see a lot of the the pictures of the slides and some commentary I was laying down some tweets all the analysts were as well what are some of the highlights for you is a great presentation by the CEO you gave a talk and there's a lot of breakouts you had to do a digital event because you couldn't hold the physical event so you kind of had a shelter-in-place kind of and how did it go and what are some of the highlights yeah on the one side I was a bit sad you know we had or what we call accelerates arrange for this year in Barcelona and New York Mexico and San Jose we had to cancel war for them and I'm very quickly spin up a digital event a virtual event and you know we end up there's some initial targets around you know you know each of our physical events we get between two and three thousand and so we're thinking you know if we got to ten thousand this would be great we actually ended up with thirty thirty-two thousand or something like that registered and actually the percentage that showed off was even higher so we had over 20,000 people actually come online and go through our keynotes we built it so you go through the keynotes then you can go off to the painting what we call the breakouts for more detail we did verticals oh it did more technology sessions and so it's great and you know we tried our best to answer the questions online because these things are on demand we had three we had one for the u.s. one premiere and won't write back and so there was times but to get that sort of exposure to me is amazing twenty thousand people on there listening and it connects into another subject which is education and fun yet for some time as invested I would say you know my CEO says but I'll invest a bit more in education versus the marketing advertising budget now go okay okay that's that hey we'll work on that but education for us we announced a few weeks ago that education is now training is free for customers for everybody and we'd also been you know leading the way by providing free training for our partners now it's completely free for everybody we have something called the network security expert which goes from one to eight one and two of that are actually open to the public right now and if I go to the end of last year we had about two to three thousand people maybe a week come on and do the training obviously majority doing the NSC one courses you get further through to eight it's more technical last week we had over eighty thousand people we just think about those numbers incredible because people you know having more time let's do the training and finding is as they're doing this training going up the stack more quickly and they're able to implement their tools more quickly so training for us is just exploded off the map and I and there's a new reality of all the unemployment and also people are at home and there's a lot of job about the skill gap before in another cube conversation it's it's more apparent than ever and why not make it free give people some hope give them some tools to be successful there's demand yes and it's not you know it's not just them you know IT professionals are Ennis e1 is a foundational course and you'll see kids and students and universities doing it and so Ben Mars granddad's dad's doing it so we we're getting all sorts of comments and social media about the training you know our foundation great stuff has a great we'll put a plug on that when should we get that amplified for its really good stuff I got to ask you about the event one of the things I really like about the presentation was from your CEO and you gave one as well was the clarity around the vision of security and a couple of things that were notable to me was the confluence of the collision between networking and security and at the intersection of those two forces you have an accelerated integrated policy dynamic to me this is the heart of DevOps of what used to be in cloud being kind of applied to security you have data you got all kinds of new things emerging new patterns new signals that's security so you got to be you got to be fast you got to identify things so you guys are in this business that's one force and the other one was the billions of edges and this idea that there's no perimeter so it's everything's immersive so illustrate some points of validation on that from your standpoint is that how you guys are seeing it unfold in the future is that happening now can you give us a feeling for whether where we are and that those those kind of paradigms yeah good point so I think it's been happening it's happening now has been happening the future you know if you look at networking and our CEO Enzi talked about this and that networking hasn't really cheer outing and switching we go back to 2000 we had 100 mega under megabit now you have formed a gigabit but the basic function we haven't really changed that much securities different we've gone from a firewall and we add VPN then we at next-gen firewall then we had SSL inspection now we've added sd1 and so this collisions kind of an equal in that you know networking's sped ahead and firewalling is stayed behind because it's just got too many applications on that so the basic principle premise of the company of putting net is to build and bring that together so it's best of all accelerate the basic security network security functions so you can consolidate multiple functions on one system and then bring networking and security together a really good example of security where or nexium firewall where you can accelerate and so our security processing units and my analogy simple analogy is GPUs inside games where their GPU offloads CPU to allow rendering to happen very quick it's the same for us RSP use way of a network SPU and we have a Content SPU which all flows the CPU to allow a security and networking do it be accelerated work now coming to your second point about the perimeter I I'm not quite sure whether the perimeters disappear and the reason I say that is customer still goes they have firewalls on the front of the networks they have endpoint protection they have protection in the cloud so it's not that the perimeters disappeared it's just but much larger and so now the perimeters sitting across all your infrastructure your endpoints your in factories you got IOT devices you've got workloads in different powered and that means you need to look very carefully at those and give visibility initially and then apply the control that control maybe it's a ten-point security it may be SD mine at the edge it may be a compliance template in the cloud but you need visibility of all those edges which have been created with the perimeters reading across the image it's interesting you bring up a good point we always have kind of debates over beers on this on this topic you know the old model was mote you know get the castle and the gate but here the perimeter of the edge if you believe there's an edge and I do believe you find it perfectly the edge is a perimeter it's an endpoint right so it's a door into the internet so are the network so is the perimeter just an end adorn there's more doors right so or service yeah just think about it the castle would did multiple doors is the back everyone's the door there's this dozle someday and you have to define those H's and have visibility of them and that's why things like network access control know for you know zero trust network access is really important making sure you kind of look at the edge inside your way and so your data center and then it's like you powd what workloads are spinning off and what's the configuration and what's there what's from a data perspective right your recommendation and I'm a customer looking at my network I got compute I got edge devices and users I realized there's a billions of edges on my network now and the realities hit me I wasn't really being proactive on investing what do I do what's the PlayBook for me as I start to rethink that and what do I put into place how do I get going now I got to rethink it I now recognize I got full validation I got to manage this I got to do something what's your recommendation to me if I'm a customer the key to me is and I've had this conversation now for the last five years and it's getting louder and louder and that is I suppose I spend a lot of money on point solution point but even end point may have five point products on there and so they're getting to the conclusion it's just too hard to manage I can't find all the right people I get so many alerts from so many security systems I can't work out what's going on and the conversation now is how do I deploy a platform we call it the security fabric now I don't deploy that fabric across my network I'm not saying you should go from 30 vendors to one vendor that would be nice of course but I what I'm saying as you go from 30 vendors down to maybe five or six platform the platform's perform multiple functions it could be they're out there you attach a platform a designer platform just birth protector or a particular organization or part of the network and so the platform allows you then to build automation and the automation allows you to see things more quickly and react to things more quickly and do things without manual intervention the platform approach it's absolutely starting to resonate yes you've still got very very large customers who put everything into segments of a C's Exedra book most customers now moving towards a yeah I think you know as you see and again back to that collision with the end of the intersection we have integrated policies if you're gonna do any integration which is the data problem so we talk about all the time to a lot of different tools can create silos and there's a use case for that but also creates problematic situations I mean a platform gives you a much more robust capability to be adaptive to be real time to program and automate yeah it's it's it's an issue if you've got 30 vendors and just be honest it's also an issue in the industry so I mean networking the story kind of worked out how to work together you can use the same different vendor switches and routers and they roughly work together with cybersecurity they've all been deal you know built totally separately not to even work and that's why you've got these multiple layers you've got a product the security problem then this got its own analytics engine and manager then you've got a manager of managers and an analyzer of analyzers and the sim system and then a saw I mean just goes on it makes it so complex for people and that's why I think they look into something a bit more simplified but most importantly the platform must be friendly from a consumption model you must be able to do an appliance where you need to do virtual machine SAS cloud native container whatever it may be because that network has changed in those ages as those edges move you've got them to have a platform that adaptable to the consumption model require you know I had a great cartridge with Phil Quaid you see your seaso over there and we were chatting around you know this idea of I won't say customization but there's no one turnkey monolithic application it seems to these platforms tend to be enabling where the seaso trend is to have teams building ok and and and almost a customized but building software to automate to solve their use case for their outcome so enabling that is a trend we're seeing so I think you guys are on the right track there any comment on your take on this enabling platform is that something that you guys are seeing that CSIS is looking at more in-house development more use case focus because they have the data they got real-time they need to be building on a platform not told what they could do yeah I think you've always had this this network team trying to build things fast and open and the security team trying to post things down and make it more secure you know it becomes even more problematic if you kind of go to the cloud where you've got pockets a developer's kind of thing do things in the DevOps way really as fast as possible and sometimes the controls are not put in place in fact no the big as I said the biggest issue for the cloud is not so much you know malware it it's more about miss configuration that's why you're seeing the big breaches and that's more of a customer thing to do and so I think what the seaso is trying to do is make sure they apply the controls appropriately and again their job has become much harder now we've got all the multitude of endpoints that they didn't have before they've got now there when that's not just the closed MPLS network is old off different types of broadband 5 G's coming towards the end of this year next year as well the data centers may have decreased a bit but they've still got datacenter capacity and they're probably got 5 or 6 hours and 20 different SAS applications that put a deal with and they've got to deal with developers in there so it's a harder job for them and they need to melt or add those tools but come back to that single point of management great stuff John Madison CMO EVP great insight there it's almost a master class right there you laid it all out on what's going on a final question any change is what any other news updates on the four net front I know you guys got some answer I didn't see the breakouts of the session I had something else going on I think I've been walking dog and do some other things but you know being at home and to take care of things what's new what's what's out that people might have missed that's coming out of for today you're telling me you didn't have 60 hour a breakout on dedicated I don't think yeah we've you know we've have a lot going on you know we have a big R&D team here in North America and Canada and with a lot of products coming out this time of the year we bring out our 40 OS network operating system with 6.4 over 300 new features inside there including new orchestration systems for sp1 and then also we actually launched on network processor seven and the board gate already 200 F powered by four network processor sevens it's some system out there and provide over 800 gigs of fire or capacities but in bill V explain acceleration they can do things like elephant flows huge flows of data so there's always there's always new products coming out of 14 it sure those are the two big ones for this quarter you guys certainly are great interviews to talk to great a lot of expertise there final final question you know everyone every company's got their culture Moore's laws cadence of Moore's laws Intel faster cheaper smaller what's the for Annette culture if you had to kind of boil it down what's it you guys are always pushing great products out there all high quality I'll see security you got to be buttoned up and have good ops and controls but you still need to push the envelope and have stadia what's the culture if you had to kind of boil the culture down for Porter net what would it be that's always an interesting question and so the company's been going since 2000 okay the founders are still there NZ's CEO and Michael Z's the CTO and I think that one of the philosophies is that listen to the customer very closely because you can get distracted by shiny objects all over the place I want to go and do this oh yeah let's build this what about this and in the end the customer and and what they want may get lost and so we listen very closely we use you know we have a very high content of technology people who can translate the customer use case into what we should build and so I think that's the culture we have and maintain that so we're very close to our customers we've been building very quickly for them make sure it works it needs tweaking then we'll look at it again a very very customer driven always great to hear from the founders you guys had a great event accelerate 20 that's the hashtag some great highlights on Twitter some commentary there and of course go to Ford a net site to check out the replays Sean man so thanks for taking the time to share your insights here on the cube conversation I really appreciate it thank you okay it's cube concert here in Palo Alto we're bringing you all the interviews during this time we have our quarantine crew the cube is virtual we'll do whatever it takes to get the interviews out there and get the stories out there and the people behind the tech making it happen I'm John Fourier thanks for watching [Music]

our Studios in the heart of Silicon Valley Palo Alto California this is a cute conversation hello and welcome to the cube studios in Palo Alto California for another cube conversation where we go in-depth with thought leaders driving innovation across the tech industry I'm your host Peter Burris almost everybody's heard of the term black hat and white hat and it constitutes groups of individuals that are either attacking or defending security challenges it's been an arms race for the past 10 20 30 years as the world has become more digital and an arms race that many of us are concern that black hats appear to have the upper hand but there's new developments in technology and new classes of tooling that are actually racing to the aid of white hats and could very well upset that equilibrium in favor of the white hats to have that conversation about the Ascension of the white hats we're joined by Derek manky who's chief security insights and global threat alliances lead at Ford Annette dereck thanks for joining us for another cube conversation it's always a pleasure speaking yeah all right Derrick let's start what's going on afforda labs at four Dannette so 2019 we've seen a ton of development a lot pretty much on track with our predictions when we talked last year obviously a big increase in volume thanks offense of automation we're also seeing low volume attacks that are disrupting big business models I'm talking about targeted ransom attacks right you know criminals that are able to get into networks caused millions of dollars of damages thanks to critical revenue streams being out usually in the public sector we've seen a lot of this we've seen a rise in sophistication the adversary's are not slowing down AET s advanced evasion techniques are on the rise and so you know to do this and for the guard loves to be able to track this and map this we're not just relying on blogs anymore and you know 40 50 page white papers so we're actually looking at that playbooks now mapping the adversary's understanding their tools techniques procedures how they're operating why they're operating who are they hitting on and what what might be their next move so that's a big development on the intelligence sides here all right so I mentioned upfront this notion that the white hats may be ascending I'm implying a prediction here tell us a little bit about what we see on the horizon for that concept of the white hats ascending and specifically why is there reason to be optimistic yeah so as it's it's it's been gloomy for you for decades like he said and for many reasons right and I think those reasons there are no secrets I mean cyber criminals and black hats have always been able to move very you know with with agility right I'm sorry crime has no borders it's often a slap on the wrist that they get they can do a million things are on they don't care there's no ethics and quite frankly no no rules by right on the white hand side we've always had rules binding us we've had to we've had to take due care and we've had to move methodically which slows us down so a lot of that comes in place because of frameworks because of technology as well having to move um after it's in able to it with frameworks so specifically with you know making corrective action and things like that so those are the challenges that we face against but you know like thinking ahead to to 2020 particularly with the use of artificial intelligence everybody talks about AI you know it's it's impacted our daily lives but when it comes to cybersecurity on the white hat side um you know a proper AI and machine learning model it takes time you think it can take you years in fact in our case in our experience about four to five years before we can actually roll it out to production but the good news is that we have been investing and when I say we I'm just talking to the industry in general and wait we've been investing into this technology because quite frankly we've had to it takes a lot of data it takes a lot of smart minds a lot of investment a lot of processing power and that foundation has now been set over the last five years if we look at the blackcats it's not the case and why because they've been enjoying living off the land on a low-hanging truth path of least resistance because they've been able to so one of the things that's changing that equilibrium then is the availability of AI as you said it could take four or five years to get to a point we've actually got useful AI is it can have an impact I guess that means that we've been working on these things for four or five years what's the state of the art with AI as it pertains to security and are we seeing different phases of development start to emerge as we gain more experience with these technologies yeah absolutely and it's quite exciting right ai isn't this universal brain that's that's always good the world's problems that everyone thinks it might right it's very specific it relies on machine learning models each machine learning model is very specific to its task right I mean you know voice learning technology versus autonomous vehicle driving versus cybersecurity it's very different when it comes to the swimming purposes so so in essence the way I look at it you know there's three generations of AI we have generation 1 which was the past generation 2 which is a current where we are now and the generation 3 is where we're going so generation 1 was pretty simple right it was just a central processing lyrtle of machine learning model that'll take in data they'll correlate that data and then take action based off of it some simple inputs simple output right generation to where we're currently sitting is more advances looking at pattern recognition more advanced inputs are distributed models where we have the you know sensor is lying around networks I'm talking about even IOT devices security appliances and so forth but still report up to this centralized brain that's learning and acting on things but where things get really interesting moving forward in 2020 gets into this third generation where you have especially you know moving towards about computer sorry I'm computing where you have localized learning notes that are actually processing and learning so you can think of them as these mini brains instead of having this monolithic centralized brain you have individual learning modes individual brains doing their own machine learning that are actually connected to each other learning from each other speaking to each other it's a very powerful model we actually refer to this as federated machine learning in our industry so we've been first phase we simply use statistics to correlate events take action yeah now we're doing exceptions pattern recognition or exceptions and building patterns and in the future we're going to be able to further distribute at that so that increasingly the AI is going to work with other AI so that the aggregate this federated aggregate gets better I got that right yeah absolutely and what's the advantage of that a couple of things I'm it's very similar to the human immune system right I mean if you have you know if I were to cut my finger on my hand what's gonna happen well localized white blood cells get localized not nothing from a foreign entity or further away in my body are gonna come to the rescue and start healing right it's the same idea it's because it's interconnected within the nervous system it's the same idea of this federated machine learning right if security appliance is to detect a threat locally on-site its able to alert other security appliances so that they can actually take action on this and learn from that as well so connected machine learning models it means that that you know by properly implementing these these AI this federated AI machine learning models in an organization that that system is able to actually in an auto you may pick up what that threat is be able to act on that threat which means it's able to respond to these threats quicker shut them down to the point where it can be you know virtually instantaneous right before you know that the damage is done and bleeding starts happening so the common time safe common baseline is constantly getting better even as we're giving opportunities for local local managers to perform the work in response to local conditions so that takes us to the next notion of we've got this federated a la a I on the horizon how are people how is the role of people security professionals going to change what kind of recipes are they going to follow to ensure that they are working in a maximally productive way with these new capabilities these new federated capabilities especially as we think about the introduction of 5g and greater density of devices and faster speeds and lower latencies yeah so you know that the the the the world of cyber computer cyber security has always been incredibly complex so we're trying to simplify that and that's where again this this federated machine learning comes into place particularly with playbooks so you know if we look at 2019 and where we're going in 2020 we've put a lot of a lot of groundwork quite frankly into pioneering the work of playbooks right so when I say playbooks I'm talking about adversary's playbook knowing the offense knowing the tools techniques procedures the way that these cybercrime operations are moving right and the black hats are moving the more that we can understand that the more we can predict their next move and that centralized language right once you know that offense we can start to create automated Blue Team playbook so defensive play books that a human that that's a security technology can automatically integrate and respond to it but to getting back to your question we can actually create human readable sea cecil guides that can actually say look there's a threat here's why it's a problem here's here here are the gaps in your security that we've identified if you're some recommended course of action as my deity right so that's that's where the humans and the machines are really going to be worked working together and and quite frankly moving speed being able to do that a machine level but also being being able to simplify a complex landscape that is where we can actually gain traction right that this is part of that ascendancy of the white hat because because it's it's allowing us to move in a more agile nature it's an it's allowing us to gain ground against heat actors and quite frankly it allows us to start disrupting their business model right it's more resilient Network in the future this leads to the whole notion of self-healing networks as well that quite frankly just makes it a big pain it disrupts your business model it forces them to go back to the drawing board - well it also seems as though when we start talking about 5g that the speeds as I said the speeds the dentin see the reduced latency the the potential for a bad thing to propagate very quickly demands that we have a more consistent coherent response at both the Machine level but also at the people level we 5g into this conversation what's what will be the impact of 5g on how these playbooks and AI start to come together over the next few years yeah it's it's it's it's gonna be very impactful it's gonna take a couple of years and we're just at the dawn of 5g right now but if you think of 5g you're talking about a lot more volume essentially as we move to the future we're entering into the age of five G and edge computing and 5g and edge computing is gonna start eating the cloud in a sense that more of that processing power that was in the cloud is starting to shift now towards edge computing right this is that on-premises so it is gonna allow models like I was talking about federated machine learning models at first from the the white hats point of view which I again I think we are in the driver's seat and in a better you know more advantageous position here because we have more experience again like I said we've been doing this for years where the black hats quite frankly haven't yes they're toying with it but not to the same level at scale that we have but you know you know it's I'm always a realist this isn't a completely rosy picture I mean there it is optimistic that we are able to get this upper hand it has to be done right but if we think about the weaponization of 5g that's also very large problem right last year we're talking about sworn networks right the idea of sworn networks is a whole bunch of devices that can connect to each other share intelligence and then act to do something like a large-scale DDoS attack that's absolutely in the in the realm of possibility when it comes to the weaponization of 5g as well so one of the things I guess the last question I want to ask you is you noted that these play books incorporate the human element in ways that are uniquely human so having C so readable recipes for how people have to respond does that also elevate the conversation with the business and does allows us to do a better job of understanding risk pricing risk and appropriately investing to manage and assure the business against risk in the right way absolutely absolutely it does yeah yeah because the more you know about going back to the playbook some more you know about the office and their tools you know you the more you know about how much of a danger it is what sort of targets they're after right I mean if they're just going trying to look to to to collect a little bit of information on you know to do some reconnaissance that first phase attack might not cause a lot of damage but if this group is knowing to go in hit hard steal intellectual property shut down critical business streams to do s that in the past we know and we've seen has caused four or five million dollars from one you know from one breach that's a very good way to start classifying risk so yeah I mean it's all about really understanding the picture first on the offense and that's exactly what these automated playbook guides are going to be doing on the on the on the blue team and again not only from a CSE suite perspective certainly that on the human level but the nice thing about the play books is because we've done the research the threat hunting and understood this you know from a machine level it's also able to put a lot of those automated let's say day-to-day decisions making security operation center is so I'm talking about like sect DevOps much more efficient to so he's talking about more density at the edge amongst these devices I also want to bring back one last thought here and that is you said that historically some of the black hats have been able to act with a degree of impunity they haven't necessarily been hit hard there a lot of slapping on the wrist as I think you said talk about how the playbooks and AI is going to allow them to more appropriately share data with others that can help both now but also in some of the forensics and the the enforcement side namely the the legal and policing world how are we going to share the responsibility or how is that going to change over the next few years to incorporate some of the folks that actually can then turn a defense into a legal attack illumination this is what I call it right so again if we look at the current state we've made great strides great progress you know working with law enforcement so we've set up public private sector relationships we need to do that have security experts working with law enforcement law enforcement working on there and to train process prosecutors to understand cybercrime and so forth that foundation has been set but it's still slow-moving you know there's only a limited amount of playbooks right now it takes a lot of work to unearth and and and do to really move the needle what we need to do again like we're talking about is to integrate artificial intelligence with playbooks the more that we understand about groups the more that we do this threat illumination the more we have cover about them the more we know about them and by doing that we can start to form predictive models right basically I always say old habits die hard so you know if an attacker goes in hits a network and they're successful following a certain sequence of patterns they're likely going to follow that say that's that same sequence on their next victim or their next target so the more that we understand about that the more that we can forecast eight from a mitigation standpoint but the also by the same token the more correlation we're doing on these playbooks the more machine learning we're doing on this playbooks the more we were able to do attribution and attribution is the Holy Grail it's always been the toughest thing to do when it comes to research but by combining the framework that we're using with playbooks and AI machine learning it's a very very powerful recipe and that's that's what we need to get right and move forward in the right direction Derrick McKey ordinance chief of security insights and threat alliances thanks again for being on the cube it's a pleasure anytime happy to talk and I want to thank you for joining us for another cube conversation I'm Peter Burris see you next time [Music]

our Studios in the heart of Silicon Valley Palo Alto California this is a cute conversation hello and welcome to the cube studios in Palo Alto California for another cube conversation where we go in-depth with thought leaders driving innovation across the tech industry I'm your host Peter Burris almost everybody's heard of the term black hat and white hat and it constitutes groups of individuals that are either attacking or defending security challenges it's been an arms race for the past 10 20 30 years as the world has become more digital and an arms race that many of us are concern that black hats appear to have the upper hand but there's new developments in technology and new classes of tooling that are actually racing to the aid of white hats and could very well upset that equilibrium in favor of the white hats to have that conversation about the Ascension of the white hats we're joined by Derek manky who's chief security insights and global threat alliances lead at Ford Annette dereck thanks for joining us for another cube conversation it's always a pleasure speaking yeah all right Derrick let's start what's going on afforda labs at four Dannette so 2019 we've seen a ton of development a lot pretty much on track with our predictions when we talked last year obviously a big increase in volume thanks offense of automation we're also seeing low volume attacks that are disrupting big business models I'm talking about targeted ransom attacks right you know criminals that are able to get into networks caused millions of dollars of damages thanks to critical revenue streams being out usually in the public sector we've seen a lot of this we've seen a rise in sophistication the adversary's are not slowing down AET s advanced evasion techniques are on the rise and so you know to do this and for the guard loves to be able to track this and map this we're not just relying on blogs anymore and you know 40 50 page white papers so we're actually looking at that playbooks now mapping the adversary's understanding their tools techniques procedures how they're operating why they're operating who are they hitting on and what what might be their next move so that's a big development on the intelligence sides here all right so I mentioned upfront this notion that the white hats may be ascending I'm implying a prediction here tell us a little bit about what we see on the horizon for that concept of the white hats ascending and specifically why is there reason to be optimistic yeah so as it's it's it's been gloomy for you for decades like he said and for many reasons right and I think those reasons there are no secrets I mean cyber criminals and black hats have always been able to move very you know with with agility right I'm sorry crime has no borders it's often a slap on the wrist that they get they can do a million things are on they don't care there's no ethics and quite frankly no no rules by right on the white hand side we've always had rules binding us we've had to we've had to take due care and we've had to move methodically which slows us down so a lot of that comes in place because of frameworks because of technology as well having to move um after it's in able to it with frameworks so specifically with you know making corrective action and things like that so those are the challenges that we face against but you know like thinking ahead to to 2020 particularly with the use of artificial intelligence everybody talks about AI you know it's it's impacted our daily lives but when it comes to cybersecurity on the white hat side um you know a proper AI and machine learning model it takes time you think it can take you years in fact in our case in our experience about four to five years before we can actually roll it out to production but the good news is that we have been investing and when I say we I'm just talking to the industry in general and wait we've been investing into this technology because quite frankly we've had to it takes a lot of data it takes a lot of smart minds a lot of investment a lot of processing power and that foundation has now been set over the last five years if we look at the blackcats it's not the case and why because they've been enjoying living off the land on a low-hanging truth path of least resistance because they've been able to so one of the things that's changing that equilibrium then is the availability of AI as you said it could take four or five years to get to a point we've actually got useful AI is it can have an impact I guess that means that we've been working on these things for four or five years what's the state of the art with AI as it pertains to security and are we seeing different phases of development start to emerge as we gain more experience with these technologies yeah absolutely and it's quite exciting right ai isn't this universal brain that's that's always good the world's problems that everyone thinks it might right it's very specific it relies on machine learning models each machine learning model is very specific to its task right I mean you know voice learning technology versus autonomous vehicle driving versus cybersecurity it's very different when it comes to the swimming purposes so so in essence the way I look at it you know there's three generations of AI we have generation 1 which was the past generation 2 which is a current where we are now and the generation 3 is where we're going so generation 1 was pretty simple right it was just a central processing lyrtle of machine learning model that'll take in data they'll correlate that data and then take action based off of it some simple inputs simple output right generation to where we're currently sitting is more advances looking at pattern recognition more advanced inputs are distributed models where we have the you know sensor is lying around networks I'm talking about even IOT devices security appliances and so forth but still report up to this centralized brain that's learning and acting on things but where things get really interesting moving forward in 2020 gets into this third generation where you have especially you know moving towards about computer sorry I'm computing where you have localized learning notes that are actually processing and learning so you can think of them as these mini brains instead of having this monolithic centralized brain you have individual learning modes individual brains doing their own machine learning that are actually connected to each other learning from each other speaking to each other it's a very powerful model we actually refer to this as federated machine learning in our industry so we've been first phase we simply use statistics to correlate events take action yeah now we're doing exceptions pattern recognition or exceptions and building patterns and in the future we're going to be able to further distribute at that so that increasingly the AI is going to work with other AI so that the aggregate this federated aggregate gets better I got that right yeah absolutely and what's the advantage of that a couple of things I'm it's very similar to the human immune system right I mean if you have you know if I were to cut my finger on my hand what's gonna happen well localized white blood cells get localized not nothing from a foreign entity or further away in my body are gonna come to the rescue and start healing right it's the same idea it's because it's interconnected within the nervous system it's the same idea of this federated machine learning right if security appliance is to detect a threat locally on-site its able to alert other security appliances so that they can actually take action on this and learn from that as well so connected machine learning models it means that that you know by properly implementing these these AI this federated AI machine learning models in an organization that that system is able to actually in an auto you may pick up what that threat is be able to act on that threat which means it's able to respond to these threats quicker shut them down to the point where it can be you know virtually instantaneous right before you know that the damage is done and bleeding starts happening so the common time safe common baseline is constantly getting better even as we're giving opportunities for local local managers to perform the work in response to local conditions so that takes us to the next notion of we've got this federated a la a I on the horizon how are people how is the role of people security professionals going to change what kind of recipes are they going to follow to ensure that they are working in a maximally productive way with these new capabilities these new federated capabilities especially as we think about the introduction of 5g and greater density of devices and faster speeds and lower latencies yeah so you know that the the the the world of cyber computer cyber security has always been incredibly complex so we're trying to simplify that and that's where again this this federated machine learning comes into place particularly with playbooks so you know if we look at 2019 and where we're going in 2020 we've put a lot of a lot of groundwork quite frankly into pioneering the work of playbooks right so when I say playbooks I'm talking about adversary's playbook knowing the offense knowing the tools techniques procedures the way that these cybercrime operations are moving right and the black hats are moving the more that we can understand that the more we can predict their next move and that centralized language right once you know that offense we can start to create automated Blue Team playbook so defensive play books that a human that that's a security technology can automatically integrate and respond to it but to getting back to your question we can actually create human readable sea cecil guides that can actually say look there's a threat here's why it's a problem here's here here are the gaps in your security that we've identified if you're some recommended course of action as my deity right so that's that's where the humans and the machines are really going to be worked working together and and quite frankly moving speed being able to do that a machine level but also being being able to simplify a complex landscape that is where we can actually gain traction right that this is part of that ascendancy of the white hat because because it's it's allowing us to move in a more agile nature it's an it's allowing us to gain ground against heat actors and quite frankly it allows us to start disrupting their business model right it's more resilient Network in the future this leads to the whole notion of self-healing networks as well that quite frankly just makes it a big pain it disrupts your business model it forces them to go back to the drawing board - well it also seems as though when we start talking about 5g that the speeds as I said the speeds the dentin see the reduced latency the the potential for a bad thing to propagate very quickly demands that we have a more consistent coherent response at both the Machine level but also at the people level we 5g into this conversation what's what will be the impact of 5g on how these playbooks and AI start to come together over the next few years yeah it's it's it's it's gonna be very impactful it's gonna take a couple of years and we're just at the dawn of 5g right now but if you think of 5g you're talking about a lot more volume essentially as we move to the future we're entering into the age of five G and edge computing and 5g and edge computing is gonna start eating the cloud in a sense that more of that processing power that was in the cloud is starting to shift now towards edge computing right this is that on-premises so it is gonna allow models like I was talking about federated machine learning models at first from the the white hats point of view which I again I think we are in the driver's seat and in a better you know more advantageous position here because we have more experience again like I said we've been doing this for years where the black hats quite frankly haven't yes they're toying with it but not to the same level at scale that we have but you know you know it's I'm always a realist this isn't a completely rosy picture I mean there it is optimistic that we are able to get this upper hand it has to be done right but if we think about the weaponization of 5g that's also very large problem right last year we're talking about sworn networks right the idea of sworn networks is a whole bunch of devices that can connect to each other share intelligence and then act to do something like a large-scale DDoS attack that's absolutely in the in the realm of possibility when it comes to the weaponization of 5g as well so one of the things I guess the last question I want to ask you is you noted that these play books incorporate the human element in ways that are uniquely human so having C so readable recipes for how people have to respond does that also elevate the conversation with the business and does allows us to do a better job of understanding risk pricing risk and appropriately investing to manage and assure the business against risk in the right way absolutely absolutely it does yeah yeah because the more you know about going back to the playbook some more you know about the office and their tools you know you the more you know about how much of a danger it is what sort of targets they're after right I mean if they're just going trying to look to to to collect a little bit of information on you know to do some reconnaissance that first phase attack might not cause a lot of damage but if this group is knowing to go in hit hard steal intellectual property shut down critical business streams to do s that in the past we know and we've seen has caused four or five million dollars from one you know from one breach that's a very good way to start classifying risk so yeah I mean it's all about really understanding the picture first on the offense and that's exactly what these automated playbook guides are going to be doing on the on the on the blue team and again not only from a CSE suite perspective certainly that on the human level but the nice thing about the play books is because we've done the research the threat hunting and understood this you know from a machine level it's also able to put a lot of those automated let's say day-to-day decisions making security operation center is so I'm talking about like sect DevOps much more efficient to so he's talking about more density at the edge amongst these devices I also want to bring back one last thought here and that is you said that historically some of the black hats have been able to act with a degree of impunity they haven't necessarily been hit hard there a lot of slapping on the wrist as I think you said talk about how the playbooks and AI is going to allow them to more appropriately share data with others that can help both now but also in some of the forensics and the the enforcement side namely the the legal and policing world how are we going to share the responsibility or how is that going to change over the next few years to incorporate some of the folks that actually can then turn a defense into a legal attack illumination this is what I call it right so again if we look at the current state we've made great strides great progress you know working with law enforcement so we've set up public private sector relationships we need to do that have security experts working with law enforcement law enforcement working on there and to train process prosecutors to understand cybercrime and so forth that foundation has been set but it's still slow-moving you know there's only a limited amount of playbooks right now it takes a lot of work to unearth and and and do to really move the needle what we need to do again like we're talking about is to integrate artificial intelligence with playbooks the more that we understand about groups the more that we do this threat illumination the more we have cover about them the more we know about them and by doing that we can start to form predictive models right basically I always say old habits die hard so you know if an attacker goes in hits a network and they're successful following a certain sequence of patterns they're likely going to follow that say that's that same sequence on their next victim or their next target so the more that we understand about that the more that we can forecast eight from a mitigation standpoint but the also by the same token the more correlation we're doing on these playbooks the more machine learning we're doing on this playbooks the more we were able to do attribution and attribution is the Holy Grail it's always been the toughest thing to do when it comes to research but by combining the framework that we're using with playbooks and AI machine learning it's a very very powerful recipe and that's that's what we need to get right and move forward in the right direction Derrick McKey ordinance chief of security insights and threat alliances thanks again for being on the cube it's a pleasure anytime happy to talk and I want to thank you for joining us for another cube conversation I'm Peter Burris see you next time [Music]

>> from our studios in the heart of Silicon Valley, Palo Alto, California It is a cute conversation. >> Well, the Special Cube conversation. We are here in Palo Alto, California, Cube studios here. Tony, Gino, Domenico, Who's the senior security strategist and research at for Net and four to guard labs live from Las Vegas. Where Black Hat and then Def Con security activities happening, Tony, also known as Tony G. Tony G. Welcome to this cube conversation. >> Hey, Thanks, John. Thanks for having me. >> So a lot of action happening in Vegas. We just live there all the time with events. You're there on the ground. You guys have seen all the action there. You guys are just published. Your quarterly threat report got a copy of it right here with the threat index on it. Talk about the quarterly global threats report. Because the backdrop that we're living in today, also a year at the conference and the cutting edge is security is impacting businesses that at such a level, we must have shell shock from all the breaches and threats they're going on. Every day you hear another story, another story, another hack, more breaches. It said all time high. >> Yeah, you know, I think a lot of people start to get numb to the whole thing. You know, it's almost like they're kind of throwing your hands up and say, Oh, well, I just kind of give up. I don't know what else to do, but I mean, obviously, there are a lot of different things that you can do to be able to make sure that you secure your cybersecurity program so at least you minimize the risk of these particular routes is happening. But with that said with the Threat Landscape report, what we typically dio is we start out with his overall threat index, and we started this last year. If we fast forward to where we are in this actual cue to report, it's been one year now, and the bad news is that the threats are continuing to increase their getting more sophisticated. The evasion techniques are getting more advanced, and we've seen an uptick of about 4% and threat volume over the year before. Now the silver lining is I think we expected the threat volume to be much higher. So I think you know, though it is continuing to increase. I think the good news is it's probably not increasing as fast as we thought it was going to. >> Well, you know, it's always You have to know what you have to look for. Blood. People talk about what you can't see, and there's a lot of a blind spot that's become a data problem. I just want to let people know that. Confined the report, go to Ford Nets, ah website. There's a block there for the details, all the threat index. But the notable point is is only up 4% from the position year of a year that the attempts are more sophisticated. Guys gotta ask you, Is there stuff that we're not seeing in there? Is there blind spots? What's the net net of the current situation? Because observe ability is a hot topic and cloud computing, which essentially monitoring two point. Oh, but you gotta be able to see everything. Are we seeing everything? What's what's out there? >> Well, I mean, I think us as Ford, a guard on Darcy, have cyber threat in challenges. I think we're seeing a good amount, but when you talk about visibility, if you go back down into the organizations. I think that's where there's There's definitely a gap there because a lot of the conversations that I have with organizations is they don't necessarily have all the visibility they need from cloud all the way down to the end point. So there are some times that you're not gonna be able to catch certain things now. With that said, if we go back to the report at the end of the day, the adversaries have some challenges to be able to break into an organization. And, of course, the obvious one is they have to be able to circumvent our security controls. And I think as a security community, we've gotten a lot better of being able to identify when the threat is coming into an organization. Now, on the flip side, Oh, if you refer back to the minor Attack knowledge base, you'll see a specific tactic category called defense evasions. There's about 60 plus techniques, evasion techniques the adversary has at their disposal, at least that we know may there may be others, but so they do have a lot of opportunity, a lot of different techniques to be able to leverage with that, said There's one technique. It's, ah, disabling security tools that we started seeing a bit of an increase in this last cue to threat landscape report. So a lot of different types of threats and mile where have the capability to be ableto one look at the different processes that may be running on a work station, identifying which one of those processes happen to be security tools and then disabling them whether they're no, maybe they might just be able to turn the no, the actual service off. Or maybe there's something in the registry that they can tweak. That'll disable the actual security control. Um, maybe they'll actually suppress the alerts whatever. They conduce you to make sure that that security control doesn't prevent them from doing that malicious activity. Now, with that said, on the flip side, you know, from an organization for perspective, you want to make sure that you're able to identify when someone's turning on and turning off those security control to any type of alert that might be coming out of that control also. And this is a big one because a lot of organizations and this certainly do this minimize who has the ability to turn those particular security controls on and off. In the worst cases, you don't wanna have all of your employees uh, the you don't want to give them the ability to be able to turn those controls on and off. You're never gonna be ableto baseline. You're never gonna be able to identify a, you know, anomalous activity in the environment, and you're basically gonna lose your visibility. >> I mean, this increase in male wearing exploit activity you guys were pointing out clearly challenge the other thing that the report kind of She's out. I want to get your opinion on this. Is that the The upping? The ante on the evasion tactics has been very big trend. The adversaries are out there. They're upping the ante. You guys, we're upping the guarantees. This game you continue this flight will continues. Talk about this. This feature of upping the ante on evasion tactics. >> Yes. So that's what I was that I was kind of ah, referring to before with all the different types of evasion techniques. But what I will say is most of the all the threats these days all have some type of evasion capabilities. A great example of this is every quarter. If you didn't know. We look at different types of actors and different types of threats, and we find one that's interesting for us to dig into and where create was called an actual playbook, where we want to be able to dissect that particular threat or those threat actor methodologies and be able to determine what other tactics and corresponding techniques, which sometimes of course, includes evasion techniques. Now, the one that we focused on for this quarter was called His Ego's Was Ego, says a specific threat that is an information stealer. So it's gathering information, really based on the mission goals off, whatever that particular campaign is, and it's been around for a while. I'm going all the way back to 2011. Now you might be asking yourself, Why did we actually choose this? Well, there's a couple different reasons. One happens to be the fact that we've seen an uptick in this activity. Usually when we see that it's something we want to dive into a little bit more. Number two. Though this is a tactic of the of the adversary, what they'll do is they'll have their threat there for a little while, and then local doorman. They'll stop using that particular malware. That's no specific sort of threat. They'll let the dust settle that things die down. Organizations will let their guard down a little bit on that specific threat. Security organizations Ah, vendors might actually do the same. Let that digital dust kind of settle, and then they'll come back. Bigger, faster, stronger. And that's exactly what Z ghosted is. Ah, we looked at a specific campaign in this new mall where the new and improved Mauer, where is they're adding in other capabilities for not just being able to siphon information from your machine, but they're also now can capture video from your webcam. Also, the evasion techniques since Iran that particular subject, what they're also able to do is they're looking at their application logs. Your system logs your security logs, the leading them making a lot more difficult from a forensic perspective. Bill, go back and figure out what happened, what that actual malware was doing on the machine. Another interesting one is Ah, there. We're looking at a specific J peg file, so they're looking for that hash. And if the hash was there the axle? Um, our wouldn't run. We didn't know what that was. So we researched a little bit more on What we found out was that J Peg file happened to be a desktop sort of picture for one of the sandboxes. So it knew if that particular J pick was present, it wasn't going to run because it knew it was being analyzed in a sandbox. So that was a second interesting thing. The 3rd 1 that really leaned us towards digging into this is a lot of the actual security community attribute this particular threat back to cyber criminals that are located in China. The specific campaign we were focused on was on a government agency, also in China, So that was kind of interesting. So you're continuing to see these. These mile wears of maybe sort of go dormant for a little bit, but they always seem to come back bigger, faster, stronger. >> And that's by design. This is that long, whole long view that these adversaries we're taking in there as he organized this economy's behind what they're doing. They're targeting this, not just hit and run. It's get in, have a campaign. This long game is very much active. Howto enterprises. Get on, get on top of this. I mean, is it Ah, is it Ah, people process Issue is it's, um, tech from four to guard labs or what? What's what's for the Nets view on this? Because, I mean, I can see that happening all the time. It has >> happened. Yeah, it's It's really it's a combination of everything on this combination. You kind of hit like some of it, its people, its processes and technology. Of course, we have a people shortage of skilled resource is, but that's a key part of it. You always need to have those skills. Resource is also making sure you have the right process. Is how you actually monitoring things. I know. Ah, you know, a lot of folks may not actually be monitoring all the things that they need to be monitoring from, Ah, what is really happening out there on the internet today? So making sure you have clear visibility into your environment and you can understand and maybe getting point in time what your situational awareness is. You you, for my technology perspective, you start to see and this is kind of a trend. We're starting the leverage artificial intelligence, automation. The threats are coming, and it's such a high volume. Once they hit the the environment, instead of taking hours for your incident response to be about, at least you know not necessarily mitigate, but isolate or contain the breach. It takes a while. So if you start to leverage some artificial intelligence and automatic response with the security controls are working together. That's a big that's a big part of it. >> Awesome. Thanks for coming. This is a huge problem. Think no one can let their guard down these days? Certainly with service, they're expanding. We're gonna get to that talk track in the second. I want to get quickly. Get your thoughts on ransom, where this continues to be, a drum that keeps on beating. From a tax standpoint, it's almost as if when when the attackers need money, they just get the same ransomware target again. You know, they get, they pay in. Bitcoin. This is This has been kind of a really lucrative but persistent problem with Ransomware. This what? Where what's going on with Ransomware? What's this state of the report and what's the state of the industry right now in solving that? >> Yeah. You know, we looked into this a little bit in last quarter and actually a few quarters, and this is a continuous sort of trend ransom, where typically is where you know, it's on the cyber crime ecosystem, and a lot of times the actual threat itself is being delivered through some type of ah, phishing email where you need a user to be able to click a langur clicking attachment is usually kind of a pray and spray thing. But what we're seeing is more of ah, no sort of ah, you know, more of a targeted approach. What they'll do is to look for do some reconnaissance on organizations that may not have the security posture that they really need. Tohave, it's not as mature, and they know that they might be able to get that particular ransomware payload in there undetected. So they do a little reconnaissance there, And some of the trend here that we're actually seeing is there looking at externally RTP sessions. There's a lot of RTP sessions, the remote desktop protocol sessions that organizations have externally so they can enter into their environment. But these RTP sessions are basically not a secure as they need to be either week username and passwords or they are vulnerable and haven't actually been passed. They're taking advantage of those they're entering and there and then once they have that initial access into the network, they spread their payload all throughout the environment and hold all those the those devices hostage for a specific ransom. Now, if you don't have the, you know, particular backup strategy to be able to get that ransom we're out of there and get your your information back on those machines again. Sometimes you actually may be forced to pay that ransom. Not that I'm recommending that you sort of do so, but you see, or organizations are decided to go ahead and pay that ransom. And the more they do that, the more the adversary is gonna say, Hey, I'm coming back, and I know I'm gonna be able to get more and more. >> Yeah, because they don't usually fix the problem or they come back in and it's like a bank. Open bank blank check for them. They come in and keep on hitting >> Yeah >> same target over and over again. We've seen that at hospitals. We've seen it kind of the the more anemic I t department where they don't have the full guard capabilities there. >> Yeah, and I would have gone was really becoming a big issue, you know? And I'll, uh, ask you a question here, John. I mean, what what does Microsoft s A N D. H s have in common for this last quarter? >> Um, Robin Hood? >> Yeah. That attacks a good guess. Way have in common is the fact that each one of them urged the public to patch a new vulnerability that was just released on the RTP sessions called Blue Keep. And the reason why they was so hyped about this, making sure that people get out there and patch because it was were mobile. You didn't really need tohave a user click a link or click and attachment. You know, basically, when you would actually exploit that vulnerability, it could spread like wildfire. And that's what were mobile is a great example of that is with wannacry. A couple years ago, it spread so quickly, so everybody was really focused on making sure that vulnerability actually gets patched. Adding onto that we did a little bit of research on our own and ransom Internet scans, and there's about 800,000 different devices that are vulnerable to that particular ah, new vulnerability that was announced. And, you know, I still think a lot of people haven't actually patched all of that, and that's a real big concern, especially because of the trend that we just talked about Ransomware payload. The threat actors are looking at are Rdp as the initial access into the environment. >> So on blue Keep. That's the one you were talking about, right? So what is the status of that? You said There's a lot of vulnerable is out. There are people patching it, is it Is it being moving down, the down the path in terms of our people on it? What's your take on that? What's the assessment? >> Yeah, so I think some people are starting to patch, but shoot, you know, the scans that we do, there's still a lot of unpacked systems out there, and I would also say we're not seeing what's inside the network. There may be other RTP sessions in the environment inside of an organization's environment, which really means Now, if Ransomware happens to get in there that has that capability than to be able to spread like the of some RTP vulnerability that's gonna be even a lot more difficult to be able to stop that once it's inside a network. I mean, some of the recommendations, obviously, for this one is you want to be able to patch your RTP sessions, you know, for one. Also, if you want to be able to enable network authentication, that's really gonna help us. Well, now I would also say, You know, maybe you want a hard in your user name and passwords, but if you can't do some of this stuff, at least put some mitigating controls in place. Maybe you can isolate some of those particular systems, limit the amount of AH access organizations have or their employees have to that, or maybe even just totally isolated. If it's possible, internal network segmentation is a big part of making sure you can. You're able to mitigate some of these put potential risks, or at least minimize the damage that they may cause. >> Tony G. I want to get your thoughts on your opinion and analysis expert opinion on um, the attack surface area with digital and then ultimately, what companies can do for Let's let's start with the surface area. What's your analysis there? Ah, lot of companies are recognizing. I'll see with Coyote and other digital devices. The surface area is just everywhere, right? So I got on the perimeter days. That's kind of well known. It's out there. What's the current digital surface area threats look like? What's your opinion? >> Sure, Yeah, it's Ah, now it's funny. These days, I say no, Jenna tell you everything that seems to be made as an I P address on it, which means it's actually able to access the Internet. And if they can access the Internet, the bad guys can probably reach out and touch it. And that's really the crux of the problem of these days. So anything that is being created is out on the Internet. And, yeah, like, we all know there's really not a really rigid security process to make sure that that particular device as secure is that secure as it actually needs to be Now. We talked earlier on about You know, I ot as relates to maybe home routers and how you need to be ableto hard in that because you were seeing a lot of io teapot nets that air taking over those home routers and creating these super large I ot botnets on the other side of it. You know, we've seen ah lot of skate of systems now that traditionally were in air gapped environments. Now they're being brought into the traditional network. They're being connected there. So there's an issue there, but one of the ones we haven't actually talked a lot about and we see you're starting to see the adversaries focus on these little bit more as devices in smart homes and smart buildings in this queue to threat landscape report. There was a vulnerability in one of these you motion business management systems. And, you know, we looked at all the different exploits out there, and the adversaries were actually looking at targeting that specific exploit on that. That's smart management building service device. We had about 1% of all of our exploit, uh, hits on that device. Now that might not seem like a lot, but in the grand scheme of things, when we're collecting billions and billions of events, it's a fairly substantial amount. What, now that we're Lee starts a kind of bring a whole another thought process into as a security professional as someone responds double for securing my cyber assets? What if I include in my cyber assets now widen include all the business management systems that my employees, Aaron, for my overall business. Now that that actually might be connected to my internal network, where all of my other cyber assets are. Maybe it actually should be. Maybe should be part of your vulnerability mentioned audibly patch management process. But what about all the devices in your smart home? Now? You know, all these different things are available, and you know what the trend is, John, right? I mean, the actual trend is to work from home. So you have a lot of your remote workers have, ah, great access into the environment. Now there's a great conduit for the obvious areas to be ableto break into some of those smart home devices and maybe that figure out from there there on the employees machine. And that kind of gets him into, you know, the other environment. So I would say, Start looking at maybe you don't wanna have those home devices as part of, ah, what you're responsible for protecting, but you definitely want to make sure your remote users have a hardened access into the environment. They're separated from all of those other smart, smart home devices and educate your employees on that and the user awareness training programs. Talk to them about what's happening out there, how the adversaries air starting to compromise, or at least focus on some of them smart devices in their home environment. >> These entry points are you point out, are just so pervasive. You have work at home totally right. That's a great trend that a lot of companies going to. And this is virtual first common, a world. We build this new new generation of workers. They wanna work anywhere. So no, you gotta think about all that. Those devices that your son or your daughter brought home your husband. Your wife installed a new light bulb with an I peed connection to it fully threaded processor. >> I know it. Gosh, this kind of concern me, it's safer. And what's hot these days is the webcam, right? Let's say you have an animal and you happen to go away. You always want to know what your animals doing, right? So you have these Webcams here. I bet you someone might be placing a webcam that might be near where they actually sit down and work on their computer. Someone compromises that webcam you may be. They can see some of the year's name and password that you're using a log in. Maybe they can see some information that might be sensitive on your computer. You know, it's the The options are endless here. >> Tony G. I want to get your thoughts on how companies protect themselves, because this is the real threat. A ni O t. Doesn't help either. Industrial I ot to just Internet of things, whether it's humans working at home, too, you know, sensors and light bulbs inside other factory floors or whatever means everywhere. Now the surface area is anything with a knife he address in power and connectivity. How do companies protect themselves? What's the playbook? What's coming out of Red hat? What's coming out of Fort Annette? What are you advising? What's the playbook? >> Yeah, you know I am. You know, when I get asked this question a lot, I really I sound like a broken record. Sometimes I try to find so many different ways to spin it. You know, maybe I could actually kind of say it like this, and it's always means the same thing. Work on the fundamentals and John you mentioned earlier from the very beginning. Visibility, visibility, visibility. If you can't understand all the assets that you're protecting within your environment, it's game over. From the beginning, I don't care what other whiz bang product you bring into the environment. If you're not aware of what you're actually protecting, there's just no way that you're gonna be able to understand what threats are happening out your network at a higher level. It's all about situational awareness. I want to make sure if I'm if I'm a C so I want my security operations team to have situational awareness at any given moment, all over the environment, right? So that's one thing. No grabbing that overall sort of visibility. And then once you can understand where all your assets are, what type of information's on those assets, you get a good idea of what your vulnerabilities are. You start monitoring that stuff. You can also start understanding some of different types of jabs. I know it's challenging because you've got everything in the cloud all the way down to the other end point. All these mobile devices. It's not easy, but I think if you focus on that a little bit more, it's gonna go a longer way. And I also mentioned we as humans. When something happens into the environment, we can only act so fast. And I kind of alluded to this earlier on in this interview where we need to make sure that we're leveraging automation, artificial in intelligence to help us be able to determine when threats happened. You know, it's actually be in the environment being able to determine some anomalous activity and taking action. It may not be able to re mediate, but at least it can take some initial action. The security controls can talk to each other, isolate the particular threat and let you fight to the attack, give you more time to figure out what's going on. If you can reduce the amount of time it takes you to identify the threat and isolate it, the better chances that you're gonna have to be able to minimize the overall impact of that particular Reno. >> Tony, just you jogging up a lot of memories from interviews I've had in the past. I've interviewed the four star generals, had an essay, had a cyber command. You get >> a lot of >> military kind of thinkers behind the security practice because there is a keeping eyes on the enemy on the target on the adversary kind of dialogue going on. They all talk about automation and augmenting the human piece of it, which is making sure that you have as much realty. I'm information as possible so you can keep your eyes on the targets and understand, to your point contextual awareness. This seems to be the biggest problem that Caesar's heir focused on. How to eliminate the tasks that take the eyes off the targets and keep the situational winners on on point. Your thoughts on that? >> Yeah, I have to. You know what, son I used to be? Oh, and I still do. And now I do a lot of presentations about situational awareness and being ableto build your you know, your security operations center to get that visibility. And, you know, I always start off with the question of you know, when your C so walks in and says, Hey, I saw something in the news about a specific threat. How are we able to deal with that? 95% of the responses are Well, I have to kind of go back and kind of like, you don't have to actually come dig in and, you know, see, and it takes them a while for the audio. >> So there's a classic. So let me get back to your boss. What? Patch patch? That, um Tony. Chief, Thank you so much for the insight. Great Congressional. The Holy Report. Keep up the good work. Um, quick, Quick story on black hat. What's the vibe in Vegas? Def con is right around the corner after it. Um, you seeing the security industry become much more broader? See, as the industry service area becomes from technical to business impact, you starting to see that the industry change Amazon Web service has had an event cloud security called reinforce. You starting to see a much broader scope to the industry? What's the big news coming out of black at? >> Yeah, you know, it's it's a lot of the same thing that actually kind of changes. There's just so many different vendors that are coming in with different types of security solutions, and that's awesome. That is really good with that, said, though, you know, we talked about the security shortage that we don't have a lot of security professionals with the right skill sets. What ends up happening is you know, these folks that may not have that particular skill, you know, needed. They're being placed in these higher level of security positions, and they're coming to these events and they're overwhelmed because they're all they'll have a saw slight. It's all over a similar message, but slightly different. So how did they determine which one is actually better than the others? So it's, um, I would say from that side, it gets to be a little bit kind of challenging, but at the same time, No, I mean, we continued to advance. I mean, from the, uh, no, from the actual technical controls, solutions perspective, you know, You know, we talked about it. They're going, we're getting better with automation, doing the things that the humans used to do, automating that a little bit more, letting technology do some of that mundane, everyday kind of grind activities that we would as humans would do it, take us a little bit longer. Push that off. Let the actual technology controls deal with that so that you can focus like you had mentioned before on those higher level you know, issues and also the overall sort of strategy on either howto actually not allow the officer to come in or haven't determined once they're in and how quickly will be able to get them out. >> You know, we talked. We have a panel of seashells that we talk to, and we were running a you know, surveys through them through the Cube insights Most see says, we talk Thio after they won't want to talk off the record. I don't want anyone know they work for. They all talked him. They say, Look, I'm bombarded with more and more security solutions. I'm actually trying to reduce the number of suppliers and increase the number of partners, and this is nuanced point. But to your what you're getting at is a tsunami of new things, new threats, new solutions that could be either features or platforms or tools, whatever. But most si SOS wanna build an engineering team. They wanna have full stack developers on site. They wanna have compliance team's investigative teams, situational awareness teams. And they want a partner with with suppliers where they went partners, not just suppliers. So reduce the number suppliers, increase the partners. What's your take on that year? A big partner. A lot of the biggest companies you >> get in that state spring. Yeah. I mean, that's that's actually really our whole strategy. Overall strategy for Ford. Annette is, and that's why we came up with this security fabric. We know that skills are really not as not as prevalent as that they actually need to be. And of course, you know there's not endless amounts of money as well, right? And you want to be able to get these particular security controls to talk to each other, and this is why we built this security fabric. We want to make sure that the controls that we're actually gonna build him, and we have quite a few different types of, you know, security controls that work together to give you the visibility that you're really looking for, and then years Ah, you know, trusted partner that you can actually kind of come to And we can work with you on one identifying the different types of ways the adversaries air moving into the environment and ensuring that we have security controls in place to be able to thwart the threat. Actor playbook. Making sure that we have a defensive playbook that aligns with those actual ttp is in the offensive playbook, and we can actually either detect or ultimately protect against that malicious activity. >> Tony G. Thanks for sharing your insights here on the cube conversation. We'll have to come back to you on some of these follow on conversations. Love to get your thoughts on Observe ability. Visibility on. Get into this. What kind of platforms are needed to go this next generation with cloud security and surface area being so massive? So thanks for spending the time. Appreciate it. >> Thanks a lot, Right. We only have >> a great time in Vegas. This is Cube conversation. I'm John for here in Palo Alto. Tony G with Fortinet in Las Vegas. Thanks for watching

>> Everyone. Welcome to a special cube conversation. We're here in Palo Alto, California Cube Studios. I'm John, four year host of the Q. We hear Atomic Wild, the CEO of Snapper out. Tom. Great to see you. You doing? I'm great. Thanks. You guys. You're launching Snapper. Snapper out. What is the company? What do you guys launching? Tell us. >> Well, quite simply stated were delivering a new class of network operating system for the cloud native era. Andrea Lee. What that does, is it. It delivers on the promise of time to service for applications. Always on security assurance and compliance. Andi greater operational efficiency, which is really one of the things that's been plaguing organizations tonight. >> How long is the company been around? This is the first public launch. A solution? Talk about the history real quick. >> So the company was founded in two thousand fifteen by some former operators from Apple. They built and ran Apple. Sort of biggest public facing data centers from the networking perspective on DH. You know, we've been working diligently on this. This is a new class of operating system that was really inspired by, you know, that their time building out those data centers on def. You, you kind of look back. NETWORKINGS not really had any major disruptive innovation in the last twenty five, thirty years. Ah, but back into the two thousand six, with the advent of a Ws and the and the new sort of big, hyper scaler tze, those guys started to realize that the network was something that was kind of getting in the way of their operational efficiency, of being able to automate and drive the network at scale on DSO. Our founders, you know, went through that whole sort of discovery process and things when when they were Apple on DH, you know, and the hyper scales drove the advent of this kind of white box disaggregated networking, separating the software operating system from the hardware and the reason behind that was really around game great gaining greater control because it's a legacy. Networking vendors were not delivering what was needed, and they needed to get more control on DSO. Are found us. You really saw the opportunity to say, Look, we think that there's a way of solving what an operator really needs and what an organization needs and one of the big challenges. There is howto networking operations. Teams collaborate with dev up stings because the devil teams are responsible for, you know, time to service for the application. And that's, you know, that's really the value of the organization. And so, you know, they set out to solve that problem to say, Well, hell, can we build a network operating system on what they realised was that you know what Deb Ops had done is embrace. It's a cloud. Native principles container ization, virtual ization, my crack services on DH. So what we've done is we've built from the ground up a newly architected network operating system that is a fully containerized micro services architecture that embeds coup Panetti's on DH allows the networking for this first time to be brought natively into the de bop store chain. Sonett ops teams can still sort of control and deploy the network and define policy and things. But now they don't have to worry about that is, you know, sort of annoying day today, tasks where, you know the Devil apps engineer is tryingto get an application on the network and, you know, they have to just do sort of some, you know, pretty trivial movies that changes things. And so, you know, in in doing that, what we also figured out was we could solve, you know, problems not just around the operational efficiencies and the time to service, but also a lot of security >> issues as well. So a lot of development going public with the product you mentioned. Cooper Netease, top of cloud. >> What are the >> big shifts in the industry that you guys air riding on because you have tail winds get cloud? Yeah, What is the way that you're on? Can you take a minute to explain some of the big shifts in the industry that's going, guys? >> Yeah, well, I I think there's several things. I think one of the biggest is that, you know, every single organization out there is looking nervously over its shoulder because we live in an age of very, very rapid disruption. It's kind of you know what call the Amazon affect. You know, those big, established companies who've been around for many, many years, who are being disrupted by, you know, Jason, you know, cos we're in adjacent spaces or new start ups coming in so everybody near realizes they need to use technology to their advantage, and they have to disrupt themselves Before, you know, they're they're disrupted. So? So that's one of the big drivers and And so time to service speed, efficiency are all sort of paramount. When you were in, you know, any C suite, you know, discussion, those air. Those are things that come up a ll the time from a technology perspective. We're seeing things, things changing significantly and how we use technology. And, you know, So everything is mobile. Ah, you know, we have the advent of I O t coming in, and so, you know, lots of services and moving to the edge. And so the data centers that were traditionally completely centralized and they'll sort of starting to distribute a little bit of well, eh? So you have this, you know, idea of sort of age data centers in H compute. So there's there's a lot of things, you know, changing and happening. And there's a lot of opportunity for us to deliver, you know, some strong value in this. >> So they obviously the cloud native trend you mentioned is big. That's driving the application market. De bobs you mentioned earlier huge we've seen years now in years of evidence of growth yet on dev ups. Okay, so now it's coming down into the network how? How our company's solving challenges for application developers that are in a devil's world because that seems to be the growth. And the sooner the pressure's coming from is that more requirements coming from the applications to the network. How are companies solving this problem? >> So, you know, So I think from the computer and storage side, things have moved along, you know, pretty, pretty, pretty swiftly eso, you know, as an application engineer. What? What you want is you want the infrastructure to service. You just You just want it to do what the application needs. Unfortunately, you know, traditionally, infrastructures has has been the other way around. You know, you deploy the infrastructure and you say, Okay, well, this is what the application could do within the constraints of the infrastructure and networking has, you know, just continued that idea. And so what you want to do is you want to take this idea of you we've talked before about infrastructure as code, you know. How do you make it? So is when an application engineer rights and application, he can actually regard the infrastructure as almost like a code library. And that's something that a lot of legacy vendors have talked about marketed to for some time. But the reality is-- >> It makes a lot of sense. >> Yeah, it does. It makes a ton of sense. But the reality is that all they could do was offer up some, you know, proprietary APIs and and programmatic interfaces. And the big challenge was the actual architecture of a network operating system was not designed in a way to actually enable that that infrastructure to react in the proper way by developing this containerized microservices architecture on by embedding communities and putting native DevOps tool chains you know inside the operating system. We actually can deliver on the promise of infrastructure as code. >> and this is what everyone wants. I gotta ask you, if everyone wants this and we hearing all around the Cuban all the events we go to clearly a requirement becoming table stakes. But what? What's been preventing people from doing this? >> Well, it's it's the architecture. I mean, if you look at, I call them Legacy Network architectures, but network architecture. Yeah, network operating system itself. The actual you know, the operating system that exists on the physical switch. That is where the problem starts, because that is designed as one big >> blob off >> coat. So all of the features Aaron there, they're all in the same place. They all sort of interact with each other, and it gives you reliability problems that give you innovation problems, because every time you change something, it has a knock on effect. If there's a bug and you have to fix that bug, you have to replace the entire blob. If you replace the entire blob, you have to down the switch or, you know, do some kind of complex patching. If there's a security vulnerability, you have to either differ like actually fixing their on DH, become non complaint or you have to down the switch. And you know we live in an age, As I said, where everything is on all the time, everything is mobile, you know, everybody wants their services right here right now. And the very you know, the very existence of a business depends on being able to deliver those applications all the time. So you can't bring network's down. So when when we've taken this micro services approach and we've containerized the actual infrastructure, you know, on the protocols and everything else, everything existed in its own container. Now, if there's a security vulnerability, we can replace just that container. If you're not using certain services on the operating system, you could kill those containers. And in the process, you reduce the threat surface off the the operating system in the switch. Where is in a legacy world with this monolithic blob, you can just you can turn off the features, but the code still there, the threat surfaces huge, and you're still vulnerable. So what's the >> solution to this and snap route? Fix this. What's the operational benefits? How do you guys play into fixing? The problems have been holding everyone back. >> Well, I think you know collaboration, I think is, you know, is one of the big benefits. You know, Quite frankly, I think there's, you know, there's there's been sort of tension in organizations. I think unfairly network operating operations teams have been, you know, treated as you know, holding things back or non responsive, whatever, anything that's completely unfair because actually, the problem is with the the vendor community. We haven't been delivering the tools that enable them to, you know, deliver the services they need. And so with you know, with our approach with this cloud native approach, we're actually able, sort of, you know, bring the net net tops world. You know, closer to Deb. Ops allow this Khun collaboration to happen on give you you know that the benefit ofthe I Abel sort of coordinated approach to delivering the application and the application is the value that the business delivers on. Biff, you know, if your application stops working, I mean, you know this in your personal life, right? You know, we use our phones and our devices. You try, use an application and it and it's not working. You're going to go and find a competitive. You're just going to go and say, Oh, well, you know, you saw download something else from the APP store on DH. So, you know, availability is a huge thing for businesses today on the network has been one of the most vulnerable pieces in terms of availability. Not because not necessarily because people are attacking it, but because it's so complex. And brittle that any time you change anything, things fall to pieces. And that's why people don't want to touch the network. And that is why we had the rise of the whole Sgn movement. The ESPN movement was on approach That said, we need to make the network more dynamic. And so, rather than addressing the actual operating system, put overlays over the top, create overlays and allow Deb ops teams to do what they need to do to deploy applications over the top of your fairly done plumbing. What we're saying is, look, we're going to simplify and claps. Thatyou don't need translation layers, and a PR is You don't need overlays. You don't need all of that stuff. We're now re architect in the operating system itself. So you, Khun Natively, address that and you know and directly, you know, control the policy that you need to deploy an application. >> Don, This is about modern infrastructure. It's what cloud is modernizing all parts of the value changing how people by consume, deploy, provide valued application known as you guys are part of that. How do people engage with snap route? So I say, Okay, this is the direction. I'm going. I'm going. I'm in cloud native and doing Cooper Netease. I got containing amusing microspheres betting my company's future on this direction. And a lot of people are. Yep. How doe I engage with you guys. And how do you fit into the equation? >> Right? So s so first of all, you know, initial engagement, you know, website linked in Facebook. You know, we're on all of those things. Weigh, You know, we're in customer trials right now. Invaders right now, you know, where was the launching the product? So you know where we'll be shipping off of your first commercial deployments. But as faras, you know how and where are the good? You know, the good opportunities to to deploy us on. Obviously, there are, you know, sort of new. Come, we're high growth companies who, you know, we're talking to who, you know, kind of wanna build off us as a base to start with. But if you already have ah, large investment in disorder deployed legacy equipment we can fit in quite nicely on. And we can still add a ton of value because one of the big problem areas, he's actually the top of rack, Switch the double racks, which is actually where Dev ops and Net ops come together. It's the first place where compute on the application touched the network on DH. This is where usually Annette, ops engineer, spends a lot of time doing, you know, fairly said of your trivial tasks to help applications, you get onto the network and you know, it's a big >> waste of conversion. You see, you think you're playing at the top Iraq switch, >> that is, that is a good place for for somebody to start to get a tremendous amount of value out of our product. You don't need to replace the entire network. You don't have to have us into end. You don't have to have us in the corps if you deploy us at the top of Rex, which so, you know, take a white box device. You know, deploy our operating system on top is very, very simple to do. The network engineer Khun very simply get that device up and running a little token. Figure itself. And then the Dev ops engineers can, you know, come in and say How would employ an application And I didn't need the network to do the following things, and the device will configure itself in that way. >> This is really two worlds coming together. Network operations and developer operations coming together. Yeah. How do you see that? Coming together and meshing together? Obviously, the top of Rex, which you mentioned? A key area where you get your kogel work. But as those cultural communities come together, you know, network operations and depth there, they're seeing benefits with each other. How are those worlds colliding? What's the benefit? What's it going to look like? And what's the opportunity? >> Yeah, well, I you know, I mean, first of all, I think that there's this misconception that these two over there, you know, these two types of organizations don't want to collaborate anything. That's a complete miss misconception. I mean, everybody wants to do the right thing they wanted, You know, their business is to grow ondas. I said earlier. I mean, I think the problem is that, you know, the vendor community is not delivered, as you know, a set of tools and products and capabilities that enable this collaboration. Andi, you know, that's what we're bringing to the table. But I do think you know that there's this This sort of, you know, this cross pollination, this this this ability to you don't have to learn each other's area of expertise. You don't suddenly have to become a networking expert. You know, the dead box engineer doesn't become a networking expert. Vice versa. But there is this, you know, there's there's this point of view, no collaboration and harmony that we can create where there was a lot of tension on DH, you know, and, you know, in fact, there was, you know, a lot of problems that way. Consider harmonize that and allow these organizations to just, you know, move forward with what really counts, which is growing the business. >> Tom, thanks for coming in. I appreciate your time. Original launch. Final question for you. Taking me displaying your background. Your previous roles in networking. We first met when you were at a PHP that he's being. Then why you attracted to snap Prada's as an opportunity on what's. >> Yeah, so, you know, I'm I've been in networking for over thirty years on and help me on DH. You know, network in security. Various roles, mostly in sort of product Rolls product management. You know, pride to snap her out. I was the general manager of the data center networking group HP on DH. You know, I got to do some, you know, fabulous things at HP. We have, you know, quite a ruber. And in other things there which have been hugely successful. So it was a lot of fun. But I came to the point with my career there, where I realized, you know, I I done, you know, many of the things that I wanted to do, and also, you know, most of the opportunities that were there in transforming and transitioning that company. And I wanted to get back to my start up roots on DH. You know, the, you know, long conversation. >> No data centers, these apple guys. >> Yeah, Andi, you know, And so I started talking Teo to snap Brown on, you know, they were asking my advice and things. And the one of the things that attracted me, as you say was it's a company built by operators for operators. You know, it's I, You know, I've never had the opportunity to be in a company founded by operators who just intrinsically know what the customer problem is on B because they've lived it. And And I think you really do have to live it to truly understand on DH. So, you know, that was a huge plus for me. I was really attracted, Teo, that Adam and Glenn, our founders, you know, really interesting great guys. But also there's this inflection point. There's this inflection point in the marking and market and everything to do with, you know, start ups and successful startups is not just having the right innovative technology, which I truly believe we do but having the right overthere innovative technology at the right time. And the timing here is perfect. I mean, child native, you know, Cuba netease, the movement behind Cuba. Netease is just a force unto itself. You know, Dev Ops is, you know, is really moving forward. There's a huge sort of groundswell within the networking team community to, you know, to modernize and to, you know, toe toe. Contribute more to the success of business s So we have a massive >> opportunity. And And the trend of programmable networks Infrastructure is code is happening now. He wanted rubber is hitting the road now? >> Yeah, absolutely. You know it's, you know, we'll go through the usual adoption curves of, you know, early adopters and mass market etcetera. And so, you know, there's a There's a journey ahead of us, but but yeah. No, I mean, you know, people are doing this right now. >> Well, congratulations on your launch net, right? We'll be watching you. Really innovative. Moving right to the core of the devices with an operating system. No abstraction. Layers with Cooper Netease. Interesting architecture. Looking forward to following it. Dominic Wild CEO Snapper out here inside the Cube studios and fellow Also, I'm John Ferrier. Thanks for watching.

welcome to the cube I'm Lisa Martin with Keith Townsend and we are in Orlando sa piece sapphire now 2018 we're very proud to be in the NetApp booth now that sa very long standing partnership with sa PA welcome to Cuba thank you we're so glad you guys are here over a million people are expected to engage with the SH the experience both in person and online that's enormous yes sa P is the cash register of the world 70% of the world's transactions go through si people most of us don't see it a lot of the SI p products like Hybris like Arriba success factors are built on meta meta is 26 years young now and has undergone a big transformation from traditional storage company to more cloud we're gonna be now that data management company for hybrid clouds every customer has a different rate of motion to the cloud that's why we have to spend an awful lot of time listening to our customers don't and then talkative the c-level executives in the business side to say what are your what are your expectations about the technology right whether if the reduction of labor improved quality again overall equipment effectiveness and help them understand what the treaty chuckles on choice we're hearing for customers is I need choice I need to move my data around on-prem into whatever hyper hyper scalar environment you want fast efficient with analytics readouts everybody looks at their phone when we make a deposit we expect to see that deposit instantaneously right the business needs to operate just as instantaneously and a company like NetApp could build this data fabric to connect them seamlessly so that the customers have choice it's interaction of sensors and to way taking IOT data in and then also feeding it back into signals but that's part of the interface of the software people can deploy much more effectively with a lower skill set right so there's not that hurdle really allows the administrators to configure dream workspace where you can get all the data that you need to work with in one place takes all that noise and makes it into one screen so that you can just simply make and change the data the way you would expect to on a spreadsheet sa P is serious about this C for Hana move of being able to say you know what we are going to create an ecosystem of truck if you have a developer and your enterprise and you say you know what I'm a big sa p user but I actually want to develop a custom map or are there some things I might do then s ap makes available to Leonardo a machine learning foundation and you can take advantage of that and develop a customized again not just a products company but an ecosystem company on C sapphire in Orlando is a great example of how they're expanding the brand is that say P can't do everything so we work with a lot of specialists we were critiques we couldn't do this without hardware partners with storage Annette app has proven you know to be one of those partners that could deal with a myriad of data types from a myriad of applications that forces the stretch into voice recognition that voices the data mining and data analytics and the like augmented intelligence to augment humanity this connection of humans and machines working together they're doing all this genomic research personalized medicine for cancer patients throughout Europe using Hana I even know about it public safety if you could think about that that's a big thing to focus on thinking about using drones for first responders smart farming throughout all the Netherlands reducing pesticide use water usage dramatically down and they increased yields by 10% helping customers change their business change industries save lives pretty cool stuff yeah SAV has a little ways to go yet that that's kind of you talk to any HDI customer validated and certified for Hana is a bad word today but s ap understands it in their there they're moving to certify the pot platform for HDI so I thought that was a great example of them listening to customers and continuing to transform over the years we'd love to hear you know from customers hey can I eat with a buddy could I put this object you know on that object together and build a process basically there's almost everywhere place where the net up product will fit but again we have to make session where's the place to start step back and look at what perhaps other competitors have done in their space or in completely different industries are compared to making great content the cute makes great content that content would be found people will take notice you make a great product that impacts people's lives it's no wonder that s ap is near the top of that brand recognition brand value seventeenth on the list so if you want to become a leader or a thought leader in your own specific industry join the SMP HANA community make the investments in SP Leonardo work with SP work with net after and like Bill says let's get it done thank you all for being here we're a static for having the cube in our booth Lisa Martin with Keith Townsend on the cube from the net out booth at SVP sapphire now 2018 thanks for watching [Music]