>> Live from Las Vegas, it's theCube, covering AWS re:Invent 2018. Brought to you by Amazon Web Services, Intel, and their ecosystem partners. >> Well welcome back here at the Sands expos. We continue our coverage here on theCube of AWS re:Invent. We said about 40,000 attendees this week. We're just off the show floor, it is been jam packed, with a lot of energy, all day today. Justin Warren and John Walls we're joined up by Ramin Sayar who is the President, CEO of Sumo Logic. Ramin, how are you are doing. >> Good, thanks for having me back today. >> You bet, always good to have you back on theCube. You made some news, had an announcement yesterday that kind of takes your AWS linkage or partnership to a new level. Tell us a little bit about that. >> Yeah, so in short, you know we've been partnering with Amazon for well over eight years. We've been born and bred in the Cloud as a multi tenant service. And, over the years we've been working on a variety of ways to improve some operational best practices, not just innovations and products, and that's led us to really push Amazon to do more in security. Because, the security, posture, practices, understanding in the cloud world, is fundamentally different than that on prem in the traditional world. >> Yeah. So one of the key points of the announcement was some efforts that we're continuing with Amazon around security and bringing cloud first security posture, best practices as well as integrations, some things we've already announced, as well some things I may hypothetically be announced tomorrow. >> Okay, So tell us about that discussion. Alright, you say its been going on for some time. The need to bring a higher level of awareness or concern, however you want to word it, to security in the public cloud. I mean, how's that evolved and then where's that going to go? >> Well I guess, there's two ways looking at it. You know, one is, its really centered on the fact that there's a big movement right now for the lift and shift of workloads to the cloud. >> Yeah. >> And you can't bring along all the baggage that's associated with these workloads, because you're modernizing these applications, and fundamentally it requires different ways of instrumenting, collecting, analyzing and last and definitely not least, the tsunami of data that's being generated because of these distribute applications. You can't take the old way of writing rules to presuppose events and security issues in this new world. So we've been pushing Amazon really, really hard to build practices. So a competency was one of the things we first started with them, right? And that competency led us to understand it's not just about guard duty, it's not just about some simple best practices, but how we bring the broader community together. So, we're taking this on the road with them, bringing the MSPs or managed service providers, as well as managed security service providers together and building this integrated practice to them, and with them, so they can take it out as a channel. What are you expecting people to get out of this. So when you've this roadshow and you've taken this show on the road and you've got all this MSPs to sign up to this way of doing things. Where do you see them taking from where they are today and where they will end up at the end of this. >> Yes as simply put, managed service providers or managed security providers, are one vehicle. >> A lot of this is actually, teaching the practitioners, in terms of CSO's, security operations, and security analysts. Like what should you consider, what should you use in the cloud. So it's not just about VPC flow logs, it's not just about AWS config or guard duty, but the combination of what the Amazon does or AWS does, at the infrastructure level, coupled with what Sumo does at the security analytics level is what delivers that best in class cloud service for security. >> Right. >> And so it's educating 'em on that first. >> Second piece is, really pushing that responsibility not just as a security operations or a security analyst team, but upstream into the development teams. And so that's part of this whole notion that Sumo's been aggressively pushing called DevSecOps. It's a responsibility everybody in the organization, not just the people downstream that get the hangover when a breach happens. >> Right. >> Right? >> Feels like we've been talking about that idea of embedding bending security into, well, security is everyone's issue, and that we need to move it upstream, and you shift it left as a lot of people like to say. So, where we you think we are on that journey? So we've been talking about it for a little while. It feels like we still actually right at the beginning of that kind of movement. >> So, it's funny you say that, 'cause we're thinking about this before this event and categorically we see in born in the clouds types of companies, they have a security first principle mind already. And so, naturally as, they just look at it as another data source that they have to manage, not as a burden. And so, that's a difference with traditional security companies, the enterprise, who feel like, oh great my developers are going over there and now it's a burden for me to manage that. So, I think from the born and bred cloud perspective, adoption is super high. The ones that are doing the lift and shift now, we're trying to get the CSO's to be the champions. So we enter a lot of times there versus just the devops students. And so as a result, that's helping us educate the CSO's to take it down to the sock or the analyst so they can understand, what should I even use with Amazon and how does Sumo support that? >> Yeah, so it sounds like a lot of these more traditional companies are doing, in the same way that the cloud has changed the way developers actually write code and use infrastructure, it sounds like the security practices that have been born in the cloud are actually starting to make their way back up or upstream if you will into this more traditional companies and they're cloudifying the way they run things. Which is an interesting parallel to the what we're seeing with the infrastructure where it's becoming more hybrid. So we're kind of getting this hybrid security model of the old way of doing things and the cloud way of doing things. >> Yeah, and I think the interesting piece of that is, it's profoundly changing the operating model. Right, historically all this teams been siloed. They use their silo tools for security over here, for monitoring over there, for troubleshooting over here, right, for building and release systems over there. And this new way of deploying, building, running, securing workloads and more importantly cloud services now, it's fundamentally broke down those barriers. And so by nature, what's it done is, forced those team to either come together to collaborate, in a lot of cases what we say in accounts is also, there's a single throat to choke. Person that's owning that service owns and end to end. Right, and so our platform uniquely helps all those different constituents across the organization really share and collaborate, but also rely on one vendor, and one platform that spans not just obviously here with Amazon and Amazon Web Services, but also GCP, Azure, and 40% of the data we collect every day comes from on prem. We give them that single platform that spans everything that they need. >> What is the, if there is a fundamental problem that when somebody who has, they look at their migration and they say, okay public cloud that's where we're going, from a security stand point is it that, they are going to a space that they don't have total control over or they are going to a space, now this is the way we used to do it, and now you're going to, you're coming at it from a different side. I don't know if it that's by-end, I mean what is the kind of like the-- >> So I think it comes down to three things. I think one is mindset change. So we look for progressive CSO's that believe in the vision of fundamentally doing things different. Two is debunking the myth. And I say that because SIM has been a dirty word for years. Useless services and technology and vendors that have been pimping SIM for years and have not delivered on the value. >> Don't minse words, tell me what you think Ramin. >> No, been all seriousness, and so we have a job to clean up that dirty work. So with the cloud SIM and what we're doing on top of Amazon in supporting other cloud providers, we're trying to make it sexy again. But more importantly, make it real, deliver value through our cloud SIM. And the third is, we're trying to break down the silos. It's not just a security operations schemes anymore. And they understand that, in order for them to have that holistic control, because at the end of the day it's about control, they need to have accountability upstream and they need to be partnering with the devops teams. And so that's the value we bring because the devops team, the cyber liability engineers, the tech ops, platform engineering are all using Sumo. So now we can connect the CSO to them and they can have one unified way. Share it lights tiered model for data, they can have access control, predictable cost and then more importantly going forward allows them to start analyze data, different values, different sets as they need to through a consumption model. >> You say you're trying the SIM sexy again, which is an interesting way of putting it. What are you seeing customers using Sumo logic for that really gets your intent? What's something you think would be a thing that people here in this show should really pay attention to? Why should people use it? >> So are you a gamer? >> I have been known to game on occasion. >> Do you play Pokemon or Fortnite? >> No, I keep getting pestered to get Fortnite, but no, I'm an old schooler. I like Borderlands 2. >> So you do, okay. So I'll give two different contrasting examples in the gaming industry for example. So Pokemon, guess who their average age user is? >> About eight? >> No. >> No? >> Kids. Young kids. And so for them it's about protecting identity. Right, and protecting privacy of it's users, kids for parents. So we help them with privacy and controls. You compare that with Fortnight. We help fortify Fortnight because Fortnight needs to look at the metadata, what's going on in the game. Right, they're looking at all the actions from the chat, from the text, from the things that were unplanned in the game, to get a sense of how the real game experience is. They're both securing but in different ways. You compare/contrast that to outside of gaming, media, online retailers, what do we help them with? They have audit responsibilities because they take payments for PCI. They have health care responsibilities, because HIPAA compliance. They have regulatory responsibilities with GDPR. Right? And so we help all of them with the audit and compliance, but also we give them the threat and investigation capabilities when and if they have a breach or when they have an audit issue. >> So you are not a Pokemon player? >> I played Pokemon Go for a while, then I was like, I'm too busy hosting theCube. I don't have time for that. >> Ramin, thanks for being with us, we appreciate the story and wish you continued success. Sumo Logic just about 50 yards from our spot here on the floor, drawing a lot of attention in your booth. So, congratulations on that as well. >> Thanks for having me again, great seeing you guys. >> You bet. Alright, back with more here on theCube. We're at AWS re:Invent in Las Vegas. (soft alternative music)