>>Hello everyone. Welcome to the Super Cloud Event preview. I'm John Forry, host of the Cube, and with Dave Valante, host of the popular Super cloud events. This is Super Cloud two preview. I'm joined by industry leader and Cube alumni, Victoria Vigo, vice president of klos Cross Cloud Services at VMware. Vittorio. Great to see you. We're here for the preview of Super Cloud two on January 17th, virtual event, live stage performance, but streamed out to the audience virtually. We're gonna do a preview. Thanks for coming in. >>My pleasure. Always glad to be here. >>It's holiday time. We had the first super cloud on in August prior to VMware, explore North America prior to VMware, explore Europe prior to reinvent. We've been through that, but right now, super Cloud has got momentum. Super Cloud two has got some success. Before we dig into it, let's take a step back and set the table. What is Super Cloud and why is important? Why are people buzzing about it? Why is it a thing? >>Look, we have been in the cloud now for like 10, 15 years and the cloud is going strong and I, I would say that going cloud first was deliberate and strategic in most cases. In some cases the, the developer was going for the path of risk resistance, but in any sizable company, this caused the companies to end up in a multi-cloud world where 85% of the companies out there use two or multiple clouds. And with that comes what we call cloud chaos, because each cloud brings their own management tools, development tools, security. And so that increase the complexity and cost. And so we believe that it's time to usher a new era in cloud computing, which we, you call the super cloud. We call it cross cloud services, which allows our customers to have a single way to build, manage, secure, and access any application across any cloud. Lowering the cost and simplifying the environment. Since >>Dave Ante and I introduced and rift on the concept of Supercloud, as we talked about at reinvent last year, a lot has happened. Supercloud one, it was in August, but prior to that, great momentum in the industry. Great conversation. People are loving it, they're hating it, which means it's got some traction. Berkeley has come on board as with a position paper. They're kind of endorsing it. They call it something different. You call it cross cloud services, whatever it is. It's kind of the same theme we're seeing. And so the industry has recognized something is happening that's different than what Cloud one was or the first generation of cloud. Now we have something different. This Super Cloud two in January. This event has traction with practitioners, customers, big name brands, Sachs, fifth Avenue, Warner, media Financial, mercury Financial, other big names are here. They're leaning in. They're excited. Why the traction in the customer's industry converts over to, to the customer traction. Why is it happening? You, you get a lot of data. >>Well, in, in Super Cloud one, it was a vendor fest, right? But these vendors are smart people that get their vision from where, from the customers. This, this stuff doesn't happen in a vacuum. We all talk to customers and we tend to lean on the early adopters and the early adopters of the cloud are the ones that are telling us, we now are in a place where the complexity is too much. The cost is ballooning. We're going towards slow down potentially in the economy. We need to get better economics out of, of our cloud. And so every single customers I talked to today, or any sizable company as this problem, the developers have gone off, built all these applications, and now the business is coming to the operators and asking, where are my applications? Are they performing? What is the security posture? And how do we do compliance? And so now they're realizing we need to do something about this or it is gonna be unmanageable. >>I wanna go to a clip I pulled out from the, our video data lake and the cube. If we can go to that clip, it's Chuck Whitten Dell at a keynote. He was talking about what he calls multi-cloud by default, not by design. This is a state of the, of the industry. If we're gonna roll that clip, and I wanna get your reaction to that. >>Well, look, customers have woken up with multiple clouds, you know, multiple public clouds. On-premise clouds increasingly as the edge becomes much more a reality for customers clouds at the edge. And so that's what we mean by multi-cloud by default. It's not yet been designed strategically. I think our argument yesterday was it can be, and it should be, it is a very logical place for architecture to land because ultimately customers want the innovation across all of the hyperscale public clouds. They will see workloads and use cases where they wanna maintain an on-premise cloud. On-premise clouds are not going away. I mentioned edge Cloud, so it should be strategic. It's just not today. It doesn't work particularly well today. So when we say multi-cloud, by default we mean that's the state of the world. Today, our goal is to bring multi-cloud by design, as you heard. Yeah, I >>Mean, I, okay, Vittorio, that's, that's the head of Dell Technologies president. He obvious he runs it. Michael Dell's still around, but you know, he's the leader. This is a interesting observation. You know, he's not a customer. We have some customer equips we'll go to as well, but by default it kind of happened not by design. So we're now kind of in a zoom out issue where, okay, I got this environment just landed on me. What, what is the, what's your reaction to that clip of how multi-cloud has become present in, in everyone's on everyone's plate right now to deal with? Yeah, >>I it is, it is multi-cloud by default, I would call it by accident. We, we really got there by accident. I think now it's time to make it a strategic asset because look, we're using multiple cloud for a reason, because all these hyperscaler bring tremendous innovation that we want to leverage. But I strongly believe that in it, especially history repeat itself, right? And so if you look at the history of it, as was always when a new level of obstruction that simplify things, that we got the next level of innovation at the lower cost, you know, from going from c plus plus to Visual basic, going from integrating application at the bits of by layer to SOA and then web services. It's, it's only when we simplify the environment that we can go faster and lower cost. And the multi-cloud is ready for that level of obstruction today. >>You know, you've made some good points. You know, developers went crazy building great apps. Now they got, they gotta roll it out and operationalize it globally. A lot of compliance issues going on. The costs are going up. We got an economic challenge, but also agility with the cloud. So using cloud and or hybrid, you can get better agility. And also moving to the cloud, it's kind of still slow. Okay, so I get that at reinvent this year and at VMware explorer we were observing and we reported that you're seeing a transition to a new kind of ecosystem partner. Ones that aren't just ISVs anymore. You have ISVs, independent software vendors, but you got the emergence of bigger players that just, they got platforms, they have their own ecosystems. So you're seeing ecosystems on top of ecosystems where, you know, MongoDB CEO and the Databricks CEO both told me, we're not an isv, we're a platform built on a cloud. So this new kind of super cloudlike thing is going on. Why should someone pay attention to the super cloud movement? We're on two, we're gonna continue to do these out in the open. Anyone can participate. Why should people pay attention to this? Why should they come to the event? Why is this important? Is this truly an inflection point? And if they do pay attention, what should they pay attention to? >>I would pay attention to two things. If you are customers that are now starting to realize that you have a multi-cloud problem and the costs are getting outta control, look at what the leading vendors are saying, connect the dots with the early adopters and some of the customers that we are gonna have at Super Cloud two, and use those learning to not fall into the same trap. So I, I'll give you an example. I was talking to a Fortune 50 in Europe in my latest trip, and this is an a CIO that is telling me >>We build all these applications and now for compliance reason, the business is coming to me, I don't even know where they are, right? And so what I was telling him, so look, there are other customers that are already there. What did they do? They built a platform engineering team. What is the platform? Engineering team is a, is an operation team that understands how developers build modern applications and lays down the foundation across multiple clouds. So the developers can be developers and do their thing, which is writing code. But now you as a cio, as a, as a, as a governing body, as a security team can have the guardrail. So do you know that these applications are performing at a lower cost and are secure and compliant? >>Patura, you know, it's really encouraging and, and love to get your thoughts on this is one is the general consensus of industry leaders. I talked to like yourself in the round is the old way was soft complexity with more complexity. The cloud demand simplicity, you mentioned abstraction layer. This is our next inflection point. It's gotta be simpler and it's gotta be easy and it's gotta be performant. That's the table stakes of the cloud. What's your thoughts on this next wave of simplicity versus complexity? Because again, abstraction layers take away complexity, they should make it simpler. What's your thoughts? >>Yeah, so I'll give you few examples. One, on the development side and runtime. You, you one would think that Kubernetes will solve all the problems you have Kubernetes everywhere, just look at, but every cloud has a different distribution of Kubernetes, right? So for example, at VMware with tansu, we create a single place that allows you to deploy that any Kubernetes environment. But now you have one place to set your policies. We take care of the differences between this, this system. The second area is management, right? So once you have all everything deployed, how do you get a single object model that tells you where your stuff is and how it's performing, and then apply policies to it as well. So these are two areas and security and so on and so forth. So the idea is that figure out what you can abstract and make common across cloud. Make that simple and put it in one place while always allowing the developers to go underneath and use the differentiated features for innovation. >>Yeah, one of the areas I'm excited, I want to get your thoughts of too is, we haven't talked about this in the past, but it, I'll throw it out there. I think the, the new AI coming out chat, G P T and other things like lens, you see it and see new kinds of AI coming that's gonna be right in the heavy lifting opportunity to make things easier with AI and automation. I think AI will be a big factor in super cloud and, and cross cloud. What's your thoughts? >>Well, the one way to look at AI is, is one of the main, main services that you would want out of a multi-cloud, right? You want eventually, right now Google seems to have an edge, but you know, the competition creates, you know, innovation. So later on you wanna use something from Azure or from or from Oracle or something that, so you want at some point that is gonna be prone every single service in in the cloud is gonna be prone to obstruction and simplification. And I, I'm just excited about to see >>What book, I can't wait for the chat services to write code automatically for us. Well, >>They >>Do, they do. They're doing it now. They do. >>Oh, the other day, somebody, you know that I do this song par this for. So for fun sometimes. And somebody the other day said, ask the AI to write a parody song for multi-cloud. And so I have the lyrics stay >>Tuned. I should do that from my blog post. Hey, write a blog post on this January 17th, Victoria, thanks for coming in, sharing the preview bottom line. Why should people come? Why is it important? What's your final kind of takeaway? Billboard message >>History is repeat itself. It goes to three major inflection points, right? We had the inflection point with the cloud and the people that got left behind, they were not as competitive as the people that got on top o of this wave. The new wave is the super cloud, what we call cross cloud services. So if you are a customer that is experiencing this problem today, tune in to to hear from other customers in, in your same space. If you are behind, tune in to avoid the, the, the, the mistakes and the, the shortfalls of this new wave. And so that you can use multi-cloud to accelerate your business and kick butt in the future. >>All right. Kicking kick your names and kicking butt. Okay, we're here on J January 17th. Super Cloud two. Momentum continues. We'll be super cloud three. There'll be super cloud floor. More and more open conversations. Join the community, join the conversation. It's open. We want more voices. We want more, more industry. We want more customers. It's happening. A lot of momentum. Victoria, thank you for your time. Thank you. Okay. I'm John Farer, host of the Cube. Thanks for watching.

>>Okay, we're back. I'm Dave Valante with The Cube and you're watching Evolving Influx DB into the smart data platform made possible by influx data. Anna East Otis Georgio is here. She's a developer advocate for influx data and we're gonna dig into the rationale and value contribution behind several open source technologies that Influx DB is leveraging to increase the granularity of time series analysis analysis and bring the world of data into realtime analytics. Anna is welcome to the program. Thanks for coming on. >>Hi, thank you so much. It's a pleasure to be here. >>Oh, you're very welcome. Okay, so IO X is being touted as this next gen open source core for Influx db. And my understanding is that it leverages in memory, of course for speed. It's a kilo store, so it gives you compression efficiency, it's gonna give you faster query speeds, it gonna use store files and object storages. So you got very cost effective approach. Are these the salient points on the platform? I know there are probably dozens of other features, but what are the high level value points that people should understand? >>Sure, that's a great question. So some of the main requirements that IOCs is trying to achieve and some of the most impressive ones to me, the first one is that it aims to have no limits on cardinality and also allow you to write any kind of event data that you want, whether that's lift tag or a field. It also wants to deliver the best in class performance on analytics queries. In addition to our already well served metrics queries, we also wanna have operator control over memory usage. So you should be able to define how much memory is used for buffering caching and query processing. Some other really important parts is the ability to have bulk data export and import, super useful. Also, broader ecosystem compatibility where possible we aim to use and embrace emerging standards in the data analytics ecosystem and have compatibility with things like sql, Python, and maybe even pandas in the future. >>Okay, so a lot there. Now we talked to Brian about how you're using Rust and and which is not a new programming language and of course we had some drama around Russ during the pandemic with the Mozilla layoffs, but the formation of the Russ Foundation really addressed any of those concerns. You got big guns like Amazon and Google and Microsoft throwing their collective weights behind it. It's really, adoption is really starting to get steep on the S-curve. So lots of platforms, lots of adoption with rust, but why rust as an alternative to say c plus plus for example? >>Sure, that's a great question. So Rust was chosen because of his exceptional performance and rebi reliability. So while rust is synt tactically similar to c c plus plus and it has similar performance, it also compiles to a native code like c plus plus. But unlike c plus plus, it also has much better memory safety. So memory safety is protection against bugs or security vulnerabilities that lead to excessive memory usage or memory leaks. And rust achieves this memory safety due to its like innovative type system. Additionally, it doesn't allow for dangling pointers and dangling pointers are the main classes of errors that lead to exploitable security vulnerabilities in languages like c plus plus. So Russ like helps meet that requirement of having no limits on card for example, because it's, we're also using the Russ implementation of Apache Arrow and this control over memory and also Russ, Russ Russ's packaging system called crates IO offers everything that you need out of the box to have features like AY and a weight to fixed race conditions to protect against buffering overflows and to ensure thread safe ay caching structures as well. So essentially it's just like has all the control, all the fine grain control, you need to take advantage of memory and all your resources as well as possible so that you can handle those really, really high ity use cases. >>Yeah, and the more I learned about the the new engine and the, and the platform IOCs et cetera, you know, you, you see things like, you know, the old days not even to even today you do a lot of garbage collection in these, in these systems and there's an inverse, you know, impact relative to performance. So it looks like you're really, you know, the community is modernizing the platform, but I wanna talk about Apache Arrow for a moment. It's designed to address the constraints that are associated with analyzing large data sets. We, we know that, but please explain why, what, what is Arrow and and what does it bring to Influx db? >>Sure, yeah. So Arrow is a, a framework for defining in memory calmer data and so much of the efficiency and performance of IOCs comes from taking advantage of calmer data structures. And I will, if you don't mind, take a moment to kind of illustrate why calmer data structures are so valuable. Let's pretend that we are gathering field data about the temperature in our room and also maybe the temperature of our stove. And in our table we have those two temperature values as well as maybe a measurement value, timestamp value, maybe some other tag values that describe what room and what house, et cetera we're getting this data from. And so you can picture this table where we have like two rows with the two temperature values for both our room and the stove. Well usually our room temperature is regulated so those values don't change very often. >>So when you have calm oriented st calm oriented storage, essentially you take each row, each column and group it together. And so if that's the case and you're just taking temperature values from the room and a lot of those temperature values are the same, then you'll, you might be able to imagine how equal values will then neighbor each other and when they neighbor each other in the storage format. This provides a really perfect opportunity for cheap compression. And then this cheap compression enables high cardinality use cases. It also enables for faster scan rates. So if you wanna define like the min and max value of the temperature in the room across a thousand different points, you only have to get those a thousand different points in order to answer that question and you have those immediately available to you. But let's contrast this with a row oriented storage solution instead so that we can understand better the benefits of calmer oriented storage. >>So if you had a row oriented storage, you'd first have to look at every field like the temperature in, in the room and the temperature of the stove. You'd have to go across every tag value that maybe describes where the room is located or what model the stove is. And every timestamp you'd then have to pluck out that one temperature value that you want at that one times stamp and do that for every single row. So you're scanning across a ton more data and that's why row oriented doesn't provide the same efficiency as calmer and Apache Arrow is in memory calmer data, calmer data fit framework. So that's where a lot of the advantages come >>From. Okay. So you've basically described like a traditional database, a row approach, but I've seen like a lot of traditional databases say, okay, now we've got, we can handle colo format versus what you're talking about is really, you know, kind of native it, is it not as effective as the, is the form not as effective because it's largely a, a bolt on? Can you, can you like elucidate on that front? >>Yeah, it's, it's not as effective because you have more expensive compression and because you can't scan across the values as quickly. And so those are, that's pretty much the main reasons why, why RO row oriented storage isn't as efficient as calm, calmer oriented storage. >>Yeah. Got it. So let's talk about Arrow data fusion. What is data fusion? I know it's written in rust, but what does it bring to to the table here? >>Sure. So it's an extensible query execution framework and it uses Arrow as its in memory format. So the way that it helps influx DB IOx is that okay, it's great if you can write unlimited amount of cardinality into influx cbis, but if you don't have a query engine that can successfully query that data, then I don't know how much value it is for you. So data fusion helps enable the, the query process and transformation of that data. It also has a PANDAS API so that you could take advantage of PDA's data frames as well and all of the machine learning tools associated with pandas. >>Okay. You're also leveraging par K in the platform course. We heard a lot about Par K in the middle of the last decade cuz as a storage format to improve on Hadoop column stores. What are you doing with Par K and why is it important? >>Sure. So Par K is the calm oriented durable file format. So it's important because it'll enable bulk import and bulk export. It has compatibility with Python and pandas so it supports a broader ecosystem. Parque files also take very little disc disc space and they're faster to scan because again they're column oriented in particular, I think PAR K files are like 16 times cheaper than CSV files, just as kind of a point of reference. And so that's essentially a lot of the, the benefits of par k. >>Got it. Very popular. So and these, what exactly is influx data focusing on as a committer to these projects? What is your focus? What's the value that you're bringing to the community? >>Sure. So Influx DB first has contributed a lot of different, different things to the Apache ecosystem. For example, they contribute an implementation of Apache Arrow and go and that will support clearing with flux. Also, there has been a quite a few contributions to data fusion for things like memory optimization and supportive additional SQL features like support for timestamp, arithmetic and support for exist clauses and support for memory control. So yeah, Influx has contributed a a lot to the Apache ecosystem and continues to do so. And I think kind of the idea here is that if you can improve these upstream projects and then the long term strategy here is that the more you contribute and build those up, then the more you will perpetuate that cycle of improvement and the more we will invest in our own project as well. So it's just that kind of symbiotic relationship and appreciation of the open source community. >>Yeah. Got it. You got that virtuous cycle going, the people call it the flywheel. Give us your last thoughts and kind of summarize, you know, where what, what the big takeaways are from your perspective. >>So I think the big takeaway is that influx data is doing a lot of really exciting things with Influx DB IOCs and I really encourage if you are interested in learning more about the technologies that Influx is leveraging to produce IOCs, the challenges associated with it and all of the hard work questions and I just wanna learn more, then I would encourage you to go to the monthly tech talks and community office hours and they are on every second Wednesday of the month at 8:30 AM Pacific time. There's also a community forums and a community Slack channel. Look for the influx D DB underscore IAC channel specifically to learn more about how to join those office hours and those monthly tech tech talks as well as ask any questions they have about IOCs, what to expect and what you'd like to learn more about. I as a developer advocate, I wanna answer your questions. So if there's a particular technology or stack that you wanna dive deeper into and want more explanation about how influx TB leverages it to build IOCs, I will be really excited to produce content on that topic for you. >>Yeah, that's awesome. You guys have a really rich community, collaborate with your peers, solve problems, and you guys super responsive, so really appreciate that. All right, thank you so much and East for explaining all this open source stuff to the audience and why it's important to the future of data. >>Thank you. I really appreciate it. >>All right, you're very welcome. Okay, stay right there and in a moment I'll be back with Tim Yokum. He's the director of engineering for Influx Data and we're gonna talk about how you update a SaaS engine while the plane is flying at 30,000 feet. You don't wanna miss this.

>>This past May, The Cube in collaboration with Influx data shared with you the latest innovations in Time series databases. We talked at length about why a purpose built time series database for many use cases, was a superior alternative to general purpose databases trying to do the same thing. Now, you may, you may remember the time series data is any data that's stamped in time, and if it's stamped, it can be analyzed historically. And when we introduced the concept to the community, we talked about how in theory, those time slices could be taken, you know, every hour, every minute, every second, you know, down to the millisecond and how the world was moving toward realtime or near realtime data analysis to support physical infrastructure like sensors and other devices and IOT equipment. A time series databases have had to evolve to efficiently support realtime data in emerging use cases in iot T and other use cases. >>And to do that, new architectural innovations have to be brought to bear. As is often the case, open source software is the linchpin to those innovations. Hello and welcome to Evolving Influx DB into the smart Data platform, made possible by influx data and produced by the Cube. My name is Dave Valante and I'll be your host today. Now in this program we're going to dig pretty deep into what's happening with Time series data generally, and specifically how Influx DB is evolving to support new workloads and demands and data, and specifically around data analytics use cases in real time. Now, first we're gonna hear from Brian Gilmore, who is the director of IOT and emerging technologies at Influx Data. And we're gonna talk about the continued evolution of Influx DB and the new capabilities enabled by open source generally and specific tools. And in this program you're gonna hear a lot about things like Rust, implementation of Apache Arrow, the use of par k and tooling such as data fusion, which powering a new engine for Influx db. >>Now, these innovations, they evolve the idea of time series analysis by dramatically increasing the granularity of time series data by compressing the historical time slices, if you will, from, for example, minutes down to milliseconds. And at the same time, enabling real time analytics with an architecture that can process data much faster and much more efficiently. Now, after Brian, we're gonna hear from Anna East Dos Georgio, who is a developer advocate at In Flux Data. And we're gonna get into the why of these open source capabilities and how they contribute to the evolution of the Influx DB platform. And then we're gonna close the program with Tim Yokum, he's the director of engineering at Influx Data, and he's gonna explain how the Influx DB community actually evolved the data engine in mid-flight and which decisions went into the innovations that are coming to the market. Thank you for being here. We hope you enjoy the program. Let's get started. Okay, we're kicking things off with Brian Gilmore. He's the director of i t and emerging Technology at Influx State of Bryan. Welcome to the program. Thanks for coming on. >>Thanks Dave. Great to be here. I appreciate the time. >>Hey, explain why Influx db, you know, needs a new engine. Was there something wrong with the current engine? What's going on there? >>No, no, not at all. I mean, I think it's, for us, it's been about staying ahead of the market. I think, you know, if we think about what our customers are coming to us sort of with now, you know, related to requests like sql, you know, query support, things like that, we have to figure out a way to, to execute those for them in a way that will scale long term. And then we also, we wanna make sure we're innovating, we're sort of staying ahead of the market as well and sort of anticipating those future needs. So, you know, this is really a, a transparent change for our customers. I mean, I think we'll be adding new capabilities over time that sort of leverage this new engine, but you know, initially the customers who are using us are gonna see just great improvements in performance, you know, especially those that are working at the top end of the, of the workload scale, you know, the massive data volumes and things like that. >>Yeah, and we're gonna get into that today and the architecture and the like, but what was the catalyst for the enhancements? I mean, when and how did this all come about? >>Well, I mean, like three years ago we were primarily on premises, right? I mean, I think we had our open source, we had an enterprise product, you know, and, and sort of shifting that technology, especially the open source code base to a service basis where we were hosting it through, you know, multiple cloud providers. That was, that was, that was a long journey I guess, you know, phase one was, you know, we wanted to host enterprise for our customers, so we sort of created a service that we just managed and ran our enterprise product for them. You know, phase two of this cloud effort was to, to optimize for like multi-tenant, multi-cloud, be able to, to host it in a truly like sass manner where we could use, you know, some type of customer activity or consumption as the, the pricing vector, you know, And, and that was sort of the birth of the, of the real first influx DB cloud, you know, which has been really successful. >>We've seen, I think like 60,000 people sign up and we've got tons and tons of, of both enterprises as well as like new companies, developers, and of course a lot of home hobbyists and enthusiasts who are using out on a, on a daily basis, you know, and having that sort of big pool of, of very diverse and very customers to chat with as they're using the product, as they're giving us feedback, et cetera, has has, you know, pointed us in a really good direction in terms of making sure we're continuously improving that and then also making these big leaps as we're doing with this, with this new engine. >>Right. So you've called it a transparent change for customers, so I'm presuming it's non-disruptive, but I really wanna understand how much of a pivot this is and what, what does it take to make that shift from, you know, time series, you know, specialist to real time analytics and being able to support both? >>Yeah, I mean, it's much more of an evolution, I think, than like a shift or a pivot. You know, time series data is always gonna be fundamental and sort of the basis of the solutions that we offer our customers, and then also the ones that they're building on the sort of raw APIs of our platform themselves. You know, the time series market is one that we've worked diligently to lead. I mean, I think when it comes to like metrics, especially like sensor data and app and infrastructure metrics, if we're being honest though, I think our, our user base is well aware that the way we were architected was much more towards those sort of like backwards looking historical type analytics, which are key for troubleshooting and making sure you don't, you know, run into the same problem twice. But, you know, we had to ask ourselves like, what can we do to like better handle those queries from a performance and a, and a, you know, a time to response on the queries, and can we get that to the point where the results sets are coming back so quickly from the time of query that we can like limit that window down to minutes and then seconds. >>And now with this new engine, we're really starting to talk about a query window that could be like returning results in, in, you know, milliseconds of time since it hit the, the, the ingest queue. And that's, that's really getting to the point where as your data is available, you can use it and you can query it, you can visualize it, and you can do all those sort of magical things with it, you know? And I think getting all of that to a place where we're saying like, yes to the customer on, you know, all of the, the real time queries, the, the multiple language query support, but, you know, it was hard, but we're now at a spot where we can start introducing that to, you know, a a limited number of customers, strategic customers and strategic availability zones to start. But you know, everybody over time. >>So you're basically going from what happened to in, you can still do that obviously, but to what's happening now in the moment? >>Yeah, yeah. I mean if you think about time, it's always sort of past, right? I mean, like in the moment right now, whether you're talking about like a millisecond ago or a minute ago, you know, that's, that's pretty much right now, I think for most people, especially in these use cases where you have other sort of components of latency induced by the, by the underlying data collection, the architecture, the infrastructure, the, you know, the, the devices and you know, the sort of highly distributed nature of all of this. So yeah, I mean, getting, getting a customer or a user to be able to use the data as soon as it is available is what we're after here. >>I always thought, you know, real, I always thought of real time as before you lose the customer, but now in this context, maybe it's before the machine blows up. >>Yeah, it's, it's, I mean it is operationally or operational real time is different, you know, and that's one of the things that really triggered us to know that we were, we were heading in the right direction, is just how many sort of operational customers we have. You know, everything from like aerospace and defense. We've got companies monitoring satellites, we've got tons of industrial users, users using us as a processes storing on the plant floor, you know, and, and if we can satisfy their sort of demands for like real time historical perspective, that's awesome. I think what we're gonna do here is we're gonna start to like edge into the real time that they're used to in terms of, you know, the millisecond response times that they expect of their control systems, certainly not their, their historians and databases. >>I, is this available, these innovations to influx DB cloud customers only who can access this capability? >>Yeah. I mean commercially and today, yes. You know, I think we want to emphasize that's a, for now our goal is to get our latest and greatest and our best to everybody over time. Of course. You know, one of the things we had to do here was like we double down on sort of our, our commitment to open source and availability. So like anybody today can take a look at the, the libraries in on our GitHub and, you know, can ex inspect it and even can try to, you know, implement or execute some of it themselves in their own infrastructure. You know, we are, we're committed to bringing our sort of latest and greatest to our cloud customers first for a couple of reasons. Number one, you know, there are big workloads and they have high expectations of us. I think number two, it also gives us the opportunity to monitor a little bit more closely how it's working, how they're using it, like how the system itself is performing. >>And so just, you know, being careful, maybe a little cautious in terms of, of, of how big we go with this right away, just sort of both limits, you know, the risk of, of, you know, any issues that can come with new software rollouts. We haven't seen anything so far, but also it does give us the opportunity to have like meaningful conversations with a small group of users who are using the products, but once we get through that and they give us two thumbs up on it, it'll be like, open the gates and let everybody in. It's gonna be exciting time for the whole ecosystem. >>Yeah, that makes a lot of sense. And you can do some experimentation and, you know, using the cloud resources. Let's dig into some of the architectural and technical innovations that are gonna help deliver on this vision. What, what should we know there? >>Well, I mean, I think foundationally we built the, the new core on Rust. You know, this is a new very sort of popular systems language, you know, it's extremely efficient, but it's also built for speed and memory safety, which goes back to that us being able to like deliver it in a way that is, you know, something we can inspect very closely, but then also rely on the fact that it's going to behave well. And if it does find error conditions, I mean we, we've loved working with Go and, you know, a lot of our libraries will continue to, to be sort of implemented in Go, but you know, when it came to this particular new engine, you know, that power performance and stability rust was critical. On top of that, like, we've also integrated Apache Arrow and Apache Parque for persistence. I think for anybody who's really familiar with the nuts and bolts of our backend and our TSI and our, our time series merged Trees, this is a big break from that, you know, arrow on the sort of in MI side and then Par K in the on disk side. >>It, it allows us to, to present, you know, a unified set of APIs for those really fast real time inquiries that we talked about, as well as for very large, you know, historical sort of bulk data archives in that PARQUE format, which is also cool because there's an entire ecosystem sort of popping up around Parque in terms of the machine learning community, you know, and getting that all to work, we had to glue it together with aero flight. That's sort of what we're using as our, our RPC component. You know, it handles the orchestration and the, the transportation of the Coer data. Now we're moving to like a true Coer database model for this, this version of the engine, you know, and it removes a lot of overhead for us in terms of having to manage all that serialization, the deserialization, and, you know, to that again, like blurring that line between real time and historical data. It's, you know, it's, it's highly optimized for both streaming micro batch and then batches, but true streaming as well. >>Yeah. Again, I mean, it's funny you mentioned Rust. It is, it's been around for a long time, but it's popularity is, is you know, really starting to hit that steep part of the S-curve. And, and we're gonna dig into to more of that, but give us any, is there anything else that we should know about Bryan? Give us the last word? >>Well, I mean, I think first I'd like everybody sort of watching just to like take a look at what we're offering in terms of early access in beta programs. I mean, if, if, if you wanna participate or if you wanna work sort of in terms of early access with the, with the new engine, please reach out to the team. I'm sure you know, there's a lot of communications going out and you know, it'll be highly featured on our, our website, you know, but reach out to the team, believe it or not, like we have a lot more going on than just the new engine. And so there are also other programs, things we're, we're offering to customers in terms of the user interface, data collection and things like that. And, you know, if you're a customer of ours and you have a sales team, a commercial team that you work with, you can reach out to them and see what you can get access to because we can flip a lot of stuff on, especially in cloud through feature flags. >>But if there's something new that you wanna try out, we'd just love to hear from you. And then, you know, our goal would be that as we give you access to all of these new cool features that, you know, you would give us continuous feedback on these products and services, not only like what you need today, but then what you'll need tomorrow to, to sort of build the next versions of your business. Because you know, the whole database, the ecosystem as it expands out into to, you know, this vertically oriented stack of cloud services and enterprise databases and edge databases, you know, it's gonna be what we all make it together, not just, you know, those of us who were employed by Influx db. And then finally I would just say please, like watch in ICE in Tim's sessions, like these are two of our best and brightest, They're totally brilliant, completely pragmatic, and they are most of all customer obsessed, which is amazing. And there's no better takes, like honestly on the, the sort of technical details of this, then there's, especially when it comes to like the value that these investments will, will bring to our customers and our communities. So encourage you to, to, you know, pay more attention to them than you did to me, for sure. >>Brian Gilmore, great stuff. Really appreciate your time. Thank you. >>Yeah, thanks Dave. It was awesome. Look forward to it. >>Yeah, me too. Looking forward to see how the, the community actually applies these new innovations and goes, goes beyond just the historical into the real time really hot area. As Brian said in a moment, I'll be right back with Anna East dos Georgio to dig into the critical aspects of key open source components of the Influx DB engine, including Rust, Arrow, Parque, data fusion. Keep it right there. You don't wanna miss this >>Time series Data is everywhere. The number of sensors, systems and applications generating time series data increases every day. All these data sources producing so much data can cause analysis paralysis. Influx DB is an entire platform designed with everything you need to quickly build applications that generate value from time series data influx. DB Cloud is a serverless solution, which means you don't need to buy or manage your own servers. There's no need to worry about provisioning because you only pay for what you use. Influx DB Cloud is fully managed so you get the newest features and enhancements as they're added to the platform's code base. It also means you can spend time building solutions and delivering value to your users instead of wasting time and effort managing something else. Influx TVB Cloud offers a range of security features to protect your data, multiple layers of redundancy ensure you don't lose any data access controls ensure that only the people who should see your data can see it. >>And encryption protects your data at rest and in transit between any of our regions or cloud providers. InfluxDB uses a single API across the entire platform suite so you can build on open source, deploy to the cloud and then then easily query data in the cloud at the edge or on prem using the same scripts. And InfluxDB is schemaless automatically adjusting to changes in the shape of your data without requiring changes in your application. Logic. InfluxDB Cloud is production ready from day one. All it needs is your data and your imagination. Get started today@influxdata.com slash cloud. >>Okay, we're back. I'm Dave Valante with a Cube and you're watching evolving Influx DB into the smart data platform made possible by influx data. Anna ETOs Georgio is here, she's a developer advocate for influx data and we're gonna dig into the rationale and value contribution behind several open source technologies that Influx DB is leveraging to increase the granularity of time series analysis analysis and bring the world of data into real-time analytics and is welcome to the program. Thanks for coming on. >>Hi, thank you so much. It's a pleasure to be here. >>Oh, you're very welcome. Okay, so IX is being touted as this next gen open source core for Influx db. And my understanding is that it leverages in memory of course for speed. It's a kilo store, so it gives you a compression efficiency, it's gonna give you faster query speeds, you store files and object storage, so you got very cost effective approach. Are these the salient points on the platform? I know there are probably dozens of other features, but what are the high level value points that people should understand? >>Sure, that's a great question. So some of the main requirements that IOx is trying to achieve and some of the most impressive ones to me, the first one is that it aims to have no limits on cardinality and also allow you to write any kind of event data that you want, whether that's live tag or a field. It also wants to deliver the best in class performance on analytics queries. In addition to our already well served metrics queries, we also wanna have operator control over memory usage. So you should be able to define how much memory is used for buffering caching and query processing. Some other really important parts is the ability to have bulk data export and import super useful. Also broader ecosystem compatibility where possible we aim to use and embrace emerging standards in the data analytics ecosystem and have compatibility with things like sql, Python, and maybe even pandas in the future. >>Okay, so lot there. Now we talked to Brian about how you're using Rust and which is not a new programming language and of course we had some drama around Rust during the pandemic with the Mozilla layoffs, but the formation of the Rust Foundation really addressed any of those concerns. You got big guns like Amazon and Google and Microsoft throwing their collective weights behind it. It's really, the adoption is really starting to get steep on the S-curve. So lots of platforms, lots of adoption with rust, but why rust as an alternative to say c plus plus for example? >>Sure, that's a great question. So Russ was chosen because of his exceptional performance and reliability. So while Russ is synt tactically similar to c plus plus and it has similar performance, it also compiles to a native code like c plus plus. But unlike c plus plus, it also has much better memory safety. So memory safety is protection against bugs or security vulnerabilities that lead to excessive memory usage or memory leaks. And rust achieves this memory safety due to its like innovative type system. Additionally, it doesn't allow for dangling pointers. And dangling pointers are the main classes of errors that lead to exploitable security vulnerabilities in languages like c plus plus. So Russ like helps meet that requirement of having no limits on ality, for example, because it's, we're also using the Russ implementation of Apache Arrow and this control over memory and also Russ Russ's packaging system called crates IO offers everything that you need out of the box to have features like AY and a weight to fix race conditions, to protection against buffering overflows and to ensure thread safe async cashing structures as well. So essentially it's just like has all the control, all the fine grain control, you need to take advantage of memory and all your resources as well as possible so that you can handle those really, really high ity use cases. >>Yeah, and the more I learn about the, the new engine and, and the platform IOCs et cetera, you know, you, you see things like, you know, the old days not even to even today you do a lot of garbage collection in these, in these systems and there's an inverse, you know, impact relative to performance. So it looks like you really, you know, the community is modernizing the platform, but I wanna talk about Apache Arrow for a moment. It it's designed to address the constraints that are associated with analyzing large data sets. We, we know that, but please explain why, what, what is Arrow and and what does it bring to Influx db? >>Sure, yeah. So Arrow is a, a framework for defining in memory calmer data. And so much of the efficiency and performance of IOx comes from taking advantage of calmer data structures. And I will, if you don't mind, take a moment to kind of of illustrate why column or data structures are so valuable. Let's pretend that we are gathering field data about the temperature in our room and also maybe the temperature of our stove. And in our table we have those two temperature values as well as maybe a measurement value, timestamp value, maybe some other tag values that describe what room and what house, et cetera we're getting this data from. And so you can picture this table where we have like two rows with the two temperature values for both our room and the stove. Well usually our room temperature is regulated so those values don't change very often. >>So when you have calm oriented st calm oriented storage, essentially you take each row, each column and group it together. And so if that's the case and you're just taking temperature values from the room and a lot of those temperature values are the same, then you'll, you might be able to imagine how equal values will then enable each other and when they neighbor each other in the storage format, this provides a really perfect opportunity for cheap compression. And then this cheap compression enables high cardinality use cases. It also enables for faster scan rates. So if you wanna define like the men and max value of the temperature in the room across a thousand different points, you only have to get those a thousand different points in order to answer that question and you have those immediately available to you. But let's contrast this with a row oriented storage solution instead so that we can understand better the benefits of calmer oriented storage. >>So if you had a row oriented storage, you'd first have to look at every field like the temperature in, in the room and the temperature of the stove. You'd have to go across every tag value that maybe describes where the room is located or what model the stove is. And every timestamp you'd then have to pluck out that one temperature value that you want at that one time stamp and do that for every single row. So you're scanning across a ton more data and that's why Rowe Oriented doesn't provide the same efficiency as calmer and Apache Arrow is in memory calmer data, commoner data fit framework. So that's where a lot of the advantages come >>From. Okay. So you basically described like a traditional database, a row approach, but I've seen like a lot of traditional database say, okay, now we've got, we can handle colo format versus what you're talking about is really, you know, kind of native i, is it not as effective? Is the, is the foreman not as effective because it's largely a, a bolt on? Can you, can you like elucidate on that front? >>Yeah, it's, it's not as effective because you have more expensive compression and because you can't scan across the values as quickly. And so those are, that's pretty much the main reasons why, why RO row oriented storage isn't as efficient as calm, calmer oriented storage. Yeah. >>Got it. So let's talk about Arrow Data Fusion. What is data fusion? I know it's written in Rust, but what does it bring to the table here? >>Sure. So it's an extensible query execution framework and it uses Arrow as it's in memory format. So the way that it helps in influx DB IOCs is that okay, it's great if you can write unlimited amount of cardinality into influx Cbis, but if you don't have a query engine that can successfully query that data, then I don't know how much value it is for you. So Data fusion helps enable the, the query process and transformation of that data. It also has a PANDAS API so that you could take advantage of PANDAS data frames as well and all of the machine learning tools associated with Pandas. >>Okay. You're also leveraging Par K in the platform cause we heard a lot about Par K in the middle of the last decade cuz as a storage format to improve on Hadoop column stores. What are you doing with Parque and why is it important? >>Sure. So parque is the column oriented durable file format. So it's important because it'll enable bulk import, bulk export, it has compatibility with Python and Pandas, so it supports a broader ecosystem. Par K files also take very little disc disc space and they're faster to scan because again, they're column oriented in particular, I think PAR K files are like 16 times cheaper than CSV files, just as kind of a point of reference. And so that's essentially a lot of the, the benefits of par k. >>Got it. Very popular. So and he's, what exactly is influx data focusing on as a committer to these projects? What is your focus? What's the value that you're bringing to the community? >>Sure. So Influx DB first has contributed a lot of different, different things to the Apache ecosystem. For example, they contribute an implementation of Apache Arrow and go and that will support clearing with flux. Also, there has been a quite a few contributions to data fusion for things like memory optimization and supportive additional SQL features like support for timestamp, arithmetic and support for exist clauses and support for memory control. So yeah, Influx has contributed a a lot to the Apache ecosystem and continues to do so. And I think kind of the idea here is that if you can improve these upstream projects and then the long term strategy here is that the more you contribute and build those up, then the more you will perpetuate that cycle of improvement and the more we will invest in our own project as well. So it's just that kind of symbiotic relationship and appreciation of the open source community. >>Yeah. Got it. You got that virtuous cycle going, the people call the flywheel. Give us your last thoughts and kind of summarize, you know, where what, what the big takeaways are from your perspective. >>So I think the big takeaway is that influx data is doing a lot of really exciting things with Influx DB IOx and I really encourage, if you are interested in learning more about the technologies that Influx is leveraging to produce IOCs, the challenges associated with it and all of the hard work questions and you just wanna learn more, then I would encourage you to go to the monthly Tech talks and community office hours and they are on every second Wednesday of the month at 8:30 AM Pacific time. There's also a community forums and a community Slack channel look for the influx DDB unders IAC channel specifically to learn more about how to join those office hours and those monthly tech tech talks as well as ask any questions they have about iacs, what to expect and what you'd like to learn more about. I as a developer advocate, I wanna answer your questions. So if there's a particular technology or stack that you wanna dive deeper into and want more explanation about how INFLUX DB leverages it to build IOCs, I will be really excited to produce content on that topic for you. >>Yeah, that's awesome. You guys have a really rich community, collaborate with your peers, solve problems, and, and you guys super responsive, so really appreciate that. All right, thank you so much Anise for explaining all this open source stuff to the audience and why it's important to the future of data. >>Thank you. I really appreciate it. >>All right, you're very welcome. Okay, stay right there and in a moment I'll be back with Tim Yoakum, he's the director of engineering for Influx Data and we're gonna talk about how you update a SAS engine while the plane is flying at 30,000 feet. You don't wanna miss this. >>I'm really glad that we went with InfluxDB Cloud for our hosting because it has saved us a ton of time. It's helped us move faster, it's saved us money. And also InfluxDB has good support. My name's Alex Nada. I am CTO at Noble nine. Noble Nine is a platform to measure and manage service level objectives, which is a great way of measuring the reliability of your systems. You can essentially think of an slo, the product we're providing to our customers as a bunch of time series. So we need a way to store that data and the corresponding time series that are related to those. The main reason that we settled on InfluxDB as we were shopping around is that InfluxDB has a very flexible query language and as a general purpose time series database, it basically had the set of features we were looking for. >>As our platform has grown, we found InfluxDB Cloud to be a really scalable solution. We can quickly iterate on new features and functionality because Influx Cloud is entirely managed, it probably saved us at least a full additional person on our team. We also have the option of running InfluxDB Enterprise, which gives us the ability to even host off the cloud or in a private cloud if that's preferred by a customer. Influx data has been really flexible in adapting to the hosting requirements that we have. They listened to the challenges we were facing and they helped us solve it. As we've continued to grow, I'm really happy we have influx data by our side. >>Okay, we're back with Tim Yokum, who is the director of engineering at Influx Data. Tim, welcome. Good to see you. >>Good to see you. Thanks for having me. >>You're really welcome. Listen, we've been covering open source software in the cube for more than a decade, and we've kind of watched the innovation from the big data ecosystem. The cloud has been being built out on open source, mobile, social platforms, key databases, and of course influx DB and influx data has been a big consumer and contributor of open source software. So my question to you is, where have you seen the biggest bang for the buck from open source software? >>So yeah, you know, influx really, we thrive at the intersection of commercial services and open, so open source software. So OSS keeps us on the cutting edge. We benefit from OSS in delivering our own service from our core storage engine technologies to web services temping engines. Our, our team stays lean and focused because we build on proven tools. We really build on the shoulders of giants and like you've mentioned, even better, we contribute a lot back to the projects that we use as well as our own product influx db. >>You know, but I gotta ask you, Tim, because one of the challenge that that we've seen in particular, you saw this in the heyday of Hadoop, the, the innovations come so fast and furious and as a software company you gotta place bets, you gotta, you know, commit people and sometimes those bets can be risky and not pay off well, how have you managed this challenge? >>Oh, it moves fast. Yeah, that, that's a benefit though because it, the community moves so quickly that today's hot technology can be tomorrow's dinosaur. And what we, what we tend to do is, is we fail fast and fail often. We try a lot of things. You know, you look at Kubernetes for example, that ecosystem is driven by thousands of intelligent developers, engineers, builders, they're adding value every day. So we have to really keep up with that. And as the stack changes, we, we try different technologies, we try different methods, and at the end of the day, we come up with a better platform as a result of just the constant change in the environment. It is a challenge for us, but it's, it's something that we just do every day. >>So we have a survey partner down in New York City called Enterprise Technology Research etr, and they do these quarterly surveys of about 1500 CIOs, IT practitioners, and they really have a good pulse on what's happening with spending. And the data shows that containers generally, but specifically Kubernetes is one of the areas that has kind of, it's been off the charts and seen the most significant adoption and velocity particularly, you know, along with cloud. But, but really Kubernetes is just, you know, still up until the right consistently even with, you know, the macro headwinds and all, all of the stuff that we're sick of talking about. But, so what are you doing with Kubernetes in the platform? >>Yeah, it, it's really central to our ability to run the product. When we first started out, we were just on AWS and, and the way we were running was, was a little bit like containers junior. Now we're running Kubernetes everywhere at aws, Azure, Google Cloud. It allows us to have a consistent experience across three different cloud providers and we can manage that in code so our developers can focus on delivering services, not trying to learn the intricacies of Amazon, Azure, and Google and figure out how to deliver services on those three clouds with all of their differences. >>Just to follow up on that, is it, no. So I presume it's sounds like there's a PAs layer there to allow you guys to have a consistent experience across clouds and out to the edge, you know, wherever is that, is that correct? >>Yeah, so we've basically built more or less platform engineering, This is the new hot phrase, you know, it, it's, Kubernetes has made a lot of things easy for us because we've built a platform that our developers can lean on and they only have to learn one way of deploying their application, managing their application. And so that, that just gets all of the underlying infrastructure out of the way and, and lets them focus on delivering influx cloud. >>Yeah, and I know I'm taking a little bit of a tangent, but is that, that, I'll call it a PAs layer if I can use that term. Is that, are there specific attributes to Influx db or is it kind of just generally off the shelf paths? You know, are there, is, is there any purpose built capability there that, that is, is value add or is it pretty much generic? >>So we really build, we, we look at things through, with a build versus buy through a, a build versus by lens. Some things we want to leverage cloud provider services, for instance, Postgres databases for metadata, perhaps we'll get that off of our plate, let someone else run that. We're going to deploy a platform that our engineers can, can deliver on that has consistency that is, is all generated from code that we can as a, as an SRE group, as an ops team, that we can manage with very few people really, and we can stamp out clusters across multiple regions and in no time. >>So how, so sometimes you build, sometimes you buy it. How do you make those decisions and and what does that mean for the, for the platform and for customers? >>Yeah, so what we're doing is, it's like everybody else will do, we're we're looking for trade offs that make sense. You know, we really want to protect our customers data. So we look for services that support our own software with the most uptime, reliability, and durability we can get. Some things are just going to be easier to have a cloud provider take care of on our behalf. We make that transparent for our own team. And of course for customers you don't even see that, but we don't want to try to reinvent the wheel, like I had mentioned with SQL data stores for metadata, perhaps let's build on top of what of these three large cloud providers have already perfected. And we can then focus on our platform engineering and we can have our developers then focus on the influx data, software, influx, cloud software. >>So take it to the customer level, what does it mean for them? What's the value that they're gonna get out of all these innovations that we've been been talking about today and what can they expect in the future? >>So first of all, people who use the OSS product are really gonna be at home on our cloud platform. You can run it on your desktop machine, on a single server, what have you, but then you want to scale up. We have some 270 terabytes of data across, over 4 billion series keys that people have stored. So there's a proven ability to scale now in terms of the open source, open source software and how we've developed the platform. You're getting highly available high cardinality time series platform. We manage it and, and really as, as I mentioned earlier, we can keep up with the state of the art. We keep reinventing, we keep deploying things in real time. We deploy to our platform every day repeatedly all the time. And it's that continuous deployment that allows us to continue testing things in flight, rolling things out that change new features, better ways of doing deployments, safer ways of doing deployments. >>All of that happens behind the scenes. And like we had mentioned earlier, Kubernetes, I mean that, that allows us to get that done. We couldn't do it without having that platform as a, as a base layer for us to then put our software on. So we, we iterate quickly. When you're on the, the Influx cloud platform, you really are able to, to take advantage of new features immediately. We roll things out every day and as those things go into production, you have, you have the ability to, to use them. And so in the end we want you to focus on getting actual insights from your data instead of running infrastructure, you know, let, let us do that for you. So, >>And that makes sense, but so is the, is the, are the innovations that we're talking about in the evolution of Influx db, do, do you see that as sort of a natural evolution for existing customers? I, is it, I'm sure the answer is both, but is it opening up new territory for customers? Can you add some color to that? >>Yeah, it really is it, it's a little bit of both. Any engineer will say, well, it depends. So cloud native technologies are, are really the hot thing. Iot, industrial iot especially, people want to just shove tons of data out there and be able to do queries immediately and they don't wanna manage infrastructure. What we've started to see are people that use the cloud service as their, their data store backbone and then they use edge computing with R OSS product to ingest data from say, multiple production lines and downsample that data, send the rest of that data off influx cloud where the heavy processing takes place. So really us being in all the different clouds and iterating on that and being in all sorts of different regions allows for people to really get out of the, the business of man trying to manage that big data, have us take care of that. And of course as we change the platform end users benefit from that immediately. And, >>And so obviously taking away a lot of the heavy lifting for the infrastructure, would you say the same thing about security, especially as you go out to IOT and the Edge? How should we be thinking about the value that you bring from a security perspective? >>Yeah, we take, we take security super seriously. It, it's built into our dna. We do a lot of work to ensure that our platform is secure, that the data we store is, is kept private. It's of course always a concern. You see in the news all the time, companies being compromised, you know, that's something that you can have an entire team working on, which we do to make sure that the data that you have, whether it's in transit, whether it's at rest, is always kept secure, is only viewable by you. You know, you look at things like software, bill of materials, if you're running this yourself, you have to go vet all sorts of different pieces of software. And we do that, you know, as we use new tools. That's something that, that's just part of our jobs to make sure that the platform that we're running it has, has fully vetted software and, and with open source especially, that's a lot of work. And so it's, it's definitely new territory. Supply chain attacks are, are definitely happening at a higher clip than they used to, but that is, that is really just part of a day in the, the life for folks like us that are, are building platforms. >>Yeah, and that's key. I mean especially when you start getting into the, the, you know, we talk about IOT and the operations technologies, the engineers running the, that infrastructure, you know, historically, as you know, Tim, they, they would air gap everything. That's how they kept it safe. But that's not feasible anymore. Everything's >>That >>Connected now, right? And so you've gotta have a partner that is again, take away that heavy lifting to r and d so you can focus on some of the other activities. Right. Give us the, the last word and the, the key takeaways from your perspective. >>Well, you know, from my perspective I see it as, as a a two lane approach with, with influx, with Anytime series data, you know, you've got a lot of stuff that you're gonna run on-prem, what you had mentioned, air gaping. Sure there's plenty of need for that, but at the end of the day, people that don't want to run big data centers, people that want torus their data to, to a company that's, that's got a full platform set up for them that they can build on, send that data over to the cloud, the cloud is not going away. I think more hybrid approach is, is where the future lives and that's what we're prepared for. >>Tim, really appreciate you coming to the program. Great stuff. Good to see you. >>Thanks very much. Appreciate it. >>Okay, in a moment I'll be back to wrap up. Today's session, you're watching The Cube. >>Are you looking for some help getting started with InfluxDB Telegraph or Flux Check >>Out Influx DB University >>Where you can find our entire catalog of free training that will help you make the most of your time series data >>Get >>Started for free@influxdbu.com. >>We'll see you in class. >>Okay, so we heard today from three experts on time series and data, how the Influx DB platform is evolving to support new ways of analyzing large data sets very efficiently and effectively in real time. And we learned that key open source components like Apache Arrow and the Rust Programming environment Data fusion par K are being leveraged to support realtime data analytics at scale. We also learned about the contributions in importance of open source software and how the Influx DB community is evolving the platform with minimal disruption to support new workloads, new use cases, and the future of realtime data analytics. Now remember these sessions, they're all available on demand. You can go to the cube.net to find those. Don't forget to check out silicon angle.com for all the news related to things enterprise and emerging tech. And you should also check out influx data.com. There you can learn about the company's products. You'll find developer resources like free courses. You could join the developer community and work with your peers to learn and solve problems. And there are plenty of other resources around use cases and customer stories on the website. This is Dave Valante. Thank you for watching Evolving Influx DB into the smart data platform, made possible by influx data and brought to you by the Cube, your leader in enterprise and emerging tech coverage.

>>This past May, The Cube in collaboration with Influx data shared with you the latest innovations in Time series databases. We talked at length about why a purpose built time series database for many use cases, was a superior alternative to general purpose databases trying to do the same thing. Now, you may, you may remember the time series data is any data that's stamped in time, and if it's stamped, it can be analyzed historically. And when we introduced the concept to the community, we talked about how in theory, those time slices could be taken, you know, every hour, every minute, every second, you know, down to the millisecond and how the world was moving toward realtime or near realtime data analysis to support physical infrastructure like sensors and other devices and IOT equipment. A time series databases have had to evolve to efficiently support realtime data in emerging use cases in iot T and other use cases. >>And to do that, new architectural innovations have to be brought to bear. As is often the case, open source software is the linchpin to those innovations. Hello and welcome to Evolving Influx DB into the smart Data platform, made possible by influx data and produced by the Cube. My name is Dave Valante and I'll be your host today. Now in this program we're going to dig pretty deep into what's happening with Time series data generally, and specifically how Influx DB is evolving to support new workloads and demands and data, and specifically around data analytics use cases in real time. Now, first we're gonna hear from Brian Gilmore, who is the director of IOT and emerging technologies at Influx Data. And we're gonna talk about the continued evolution of Influx DB and the new capabilities enabled by open source generally and specific tools. And in this program you're gonna hear a lot about things like Rust, implementation of Apache Arrow, the use of par k and tooling such as data fusion, which powering a new engine for Influx db. >>Now, these innovations, they evolve the idea of time series analysis by dramatically increasing the granularity of time series data by compressing the historical time slices, if you will, from, for example, minutes down to milliseconds. And at the same time, enabling real time analytics with an architecture that can process data much faster and much more efficiently. Now, after Brian, we're gonna hear from Anna East Dos Georgio, who is a developer advocate at In Flux Data. And we're gonna get into the why of these open source capabilities and how they contribute to the evolution of the Influx DB platform. And then we're gonna close the program with Tim Yokum, he's the director of engineering at Influx Data, and he's gonna explain how the Influx DB community actually evolved the data engine in mid-flight and which decisions went into the innovations that are coming to the market. Thank you for being here. We hope you enjoy the program. Let's get started. Okay, we're kicking things off with Brian Gilmore. He's the director of i t and emerging Technology at Influx State of Bryan. Welcome to the program. Thanks for coming on. >>Thanks Dave. Great to be here. I appreciate the time. >>Hey, explain why Influx db, you know, needs a new engine. Was there something wrong with the current engine? What's going on there? >>No, no, not at all. I mean, I think it's, for us, it's been about staying ahead of the market. I think, you know, if we think about what our customers are coming to us sort of with now, you know, related to requests like sql, you know, query support, things like that, we have to figure out a way to, to execute those for them in a way that will scale long term. And then we also, we wanna make sure we're innovating, we're sort of staying ahead of the market as well and sort of anticipating those future needs. So, you know, this is really a, a transparent change for our customers. I mean, I think we'll be adding new capabilities over time that sort of leverage this new engine, but you know, initially the customers who are using us are gonna see just great improvements in performance, you know, especially those that are working at the top end of the, of the workload scale, you know, the massive data volumes and things like that. >>Yeah, and we're gonna get into that today and the architecture and the like, but what was the catalyst for the enhancements? I mean, when and how did this all come about? >>Well, I mean, like three years ago we were primarily on premises, right? I mean, I think we had our open source, we had an enterprise product, you know, and, and sort of shifting that technology, especially the open source code base to a service basis where we were hosting it through, you know, multiple cloud providers. That was, that was, that was a long journey I guess, you know, phase one was, you know, we wanted to host enterprise for our customers, so we sort of created a service that we just managed and ran our enterprise product for them. You know, phase two of this cloud effort was to, to optimize for like multi-tenant, multi-cloud, be able to, to host it in a truly like sass manner where we could use, you know, some type of customer activity or consumption as the, the pricing vector, you know, And, and that was sort of the birth of the, of the real first influx DB cloud, you know, which has been really successful. >>We've seen, I think like 60,000 people sign up and we've got tons and tons of, of both enterprises as well as like new companies, developers, and of course a lot of home hobbyists and enthusiasts who are using out on a, on a daily basis, you know, and having that sort of big pool of, of very diverse and very customers to chat with as they're using the product, as they're giving us feedback, et cetera, has has, you know, pointed us in a really good direction in terms of making sure we're continuously improving that and then also making these big leaps as we're doing with this, with this new engine. >>Right. So you've called it a transparent change for customers, so I'm presuming it's non-disruptive, but I really wanna understand how much of a pivot this is and what, what does it take to make that shift from, you know, time series, you know, specialist to real time analytics and being able to support both? >>Yeah, I mean, it's much more of an evolution, I think, than like a shift or a pivot. You know, time series data is always gonna be fundamental and sort of the basis of the solutions that we offer our customers, and then also the ones that they're building on the sort of raw APIs of our platform themselves. You know, the time series market is one that we've worked diligently to lead. I mean, I think when it comes to like metrics, especially like sensor data and app and infrastructure metrics, if we're being honest though, I think our, our user base is well aware that the way we were architected was much more towards those sort of like backwards looking historical type analytics, which are key for troubleshooting and making sure you don't, you know, run into the same problem twice. But, you know, we had to ask ourselves like, what can we do to like better handle those queries from a performance and a, and a, you know, a time to response on the queries, and can we get that to the point where the results sets are coming back so quickly from the time of query that we can like limit that window down to minutes and then seconds. >>And now with this new engine, we're really starting to talk about a query window that could be like returning results in, in, you know, milliseconds of time since it hit the, the, the ingest queue. And that's, that's really getting to the point where as your data is available, you can use it and you can query it, you can visualize it, and you can do all those sort of magical things with it, you know? And I think getting all of that to a place where we're saying like, yes to the customer on, you know, all of the, the real time queries, the, the multiple language query support, but, you know, it was hard, but we're now at a spot where we can start introducing that to, you know, a a limited number of customers, strategic customers and strategic availability zones to start. But you know, everybody over time. >>So you're basically going from what happened to in, you can still do that obviously, but to what's happening now in the moment? >>Yeah, yeah. I mean if you think about time, it's always sort of past, right? I mean, like in the moment right now, whether you're talking about like a millisecond ago or a minute ago, you know, that's, that's pretty much right now, I think for most people, especially in these use cases where you have other sort of components of latency induced by the, by the underlying data collection, the architecture, the infrastructure, the, you know, the, the devices and you know, the sort of highly distributed nature of all of this. So yeah, I mean, getting, getting a customer or a user to be able to use the data as soon as it is available is what we're after here. >>I always thought, you know, real, I always thought of real time as before you lose the customer, but now in this context, maybe it's before the machine blows up. >>Yeah, it's, it's, I mean it is operationally or operational real time is different, you know, and that's one of the things that really triggered us to know that we were, we were heading in the right direction, is just how many sort of operational customers we have. You know, everything from like aerospace and defense. We've got companies monitoring satellites, we've got tons of industrial users, users using us as a processes storing on the plant floor, you know, and, and if we can satisfy their sort of demands for like real time historical perspective, that's awesome. I think what we're gonna do here is we're gonna start to like edge into the real time that they're used to in terms of, you know, the millisecond response times that they expect of their control systems, certainly not their, their historians and databases. >>I, is this available, these innovations to influx DB cloud customers only who can access this capability? >>Yeah. I mean commercially and today, yes. You know, I think we want to emphasize that's a, for now our goal is to get our latest and greatest and our best to everybody over time. Of course. You know, one of the things we had to do here was like we double down on sort of our, our commitment to open source and availability. So like anybody today can take a look at the, the libraries in on our GitHub and, you know, can ex inspect it and even can try to, you know, implement or execute some of it themselves in their own infrastructure. You know, we are, we're committed to bringing our sort of latest and greatest to our cloud customers first for a couple of reasons. Number one, you know, there are big workloads and they have high expectations of us. I think number two, it also gives us the opportunity to monitor a little bit more closely how it's working, how they're using it, like how the system itself is performing. >>And so just, you know, being careful, maybe a little cautious in terms of, of, of how big we go with this right away, just sort of both limits, you know, the risk of, of, you know, any issues that can come with new software rollouts. We haven't seen anything so far, but also it does give us the opportunity to have like meaningful conversations with a small group of users who are using the products, but once we get through that and they give us two thumbs up on it, it'll be like, open the gates and let everybody in. It's gonna be exciting time for the whole ecosystem. >>Yeah, that makes a lot of sense. And you can do some experimentation and, you know, using the cloud resources. Let's dig into some of the architectural and technical innovations that are gonna help deliver on this vision. What, what should we know there? >>Well, I mean, I think foundationally we built the, the new core on Rust. You know, this is a new very sort of popular systems language, you know, it's extremely efficient, but it's also built for speed and memory safety, which goes back to that us being able to like deliver it in a way that is, you know, something we can inspect very closely, but then also rely on the fact that it's going to behave well. And if it does find error conditions, I mean we, we've loved working with Go and, you know, a lot of our libraries will continue to, to be sort of implemented in Go, but you know, when it came to this particular new engine, you know, that power performance and stability rust was critical. On top of that, like, we've also integrated Apache Arrow and Apache Parque for persistence. I think for anybody who's really familiar with the nuts and bolts of our backend and our TSI and our, our time series merged Trees, this is a big break from that, you know, arrow on the sort of in MI side and then Par K in the on disk side. >>It, it allows us to, to present, you know, a unified set of APIs for those really fast real time inquiries that we talked about, as well as for very large, you know, historical sort of bulk data archives in that PARQUE format, which is also cool because there's an entire ecosystem sort of popping up around Parque in terms of the machine learning community, you know, and getting that all to work, we had to glue it together with aero flight. That's sort of what we're using as our, our RPC component. You know, it handles the orchestration and the, the transportation of the Coer data. Now we're moving to like a true Coer database model for this, this version of the engine, you know, and it removes a lot of overhead for us in terms of having to manage all that serialization, the deserialization, and, you know, to that again, like blurring that line between real time and historical data. It's, you know, it's, it's highly optimized for both streaming micro batch and then batches, but true streaming as well. >>Yeah. Again, I mean, it's funny you mentioned Rust. It is, it's been around for a long time, but it's popularity is, is you know, really starting to hit that steep part of the S-curve. And, and we're gonna dig into to more of that, but give us any, is there anything else that we should know about Bryan? Give us the last word? >>Well, I mean, I think first I'd like everybody sort of watching just to like take a look at what we're offering in terms of early access in beta programs. I mean, if, if, if you wanna participate or if you wanna work sort of in terms of early access with the, with the new engine, please reach out to the team. I'm sure you know, there's a lot of communications going out and you know, it'll be highly featured on our, our website, you know, but reach out to the team, believe it or not, like we have a lot more going on than just the new engine. And so there are also other programs, things we're, we're offering to customers in terms of the user interface, data collection and things like that. And, you know, if you're a customer of ours and you have a sales team, a commercial team that you work with, you can reach out to them and see what you can get access to because we can flip a lot of stuff on, especially in cloud through feature flags. >>But if there's something new that you wanna try out, we'd just love to hear from you. And then, you know, our goal would be that as we give you access to all of these new cool features that, you know, you would give us continuous feedback on these products and services, not only like what you need today, but then what you'll need tomorrow to, to sort of build the next versions of your business. Because you know, the whole database, the ecosystem as it expands out into to, you know, this vertically oriented stack of cloud services and enterprise databases and edge databases, you know, it's gonna be what we all make it together, not just, you know, those of us who were employed by Influx db. And then finally I would just say please, like watch in ICE in Tim's sessions, like these are two of our best and brightest, They're totally brilliant, completely pragmatic, and they are most of all customer obsessed, which is amazing. And there's no better takes, like honestly on the, the sort of technical details of this, then there's, especially when it comes to like the value that these investments will, will bring to our customers and our communities. So encourage you to, to, you know, pay more attention to them than you did to me, for sure. >>Brian Gilmore, great stuff. Really appreciate your time. Thank you. >>Yeah, thanks Dave. It was awesome. Look forward to it. >>Yeah, me too. Looking forward to see how the, the community actually applies these new innovations and goes, goes beyond just the historical into the real time really hot area. As Brian said in a moment, I'll be right back with Anna East dos Georgio to dig into the critical aspects of key open source components of the Influx DB engine, including Rust, Arrow, Parque, data fusion. Keep it right there. You don't wanna miss this >>Time series Data is everywhere. The number of sensors, systems and applications generating time series data increases every day. All these data sources producing so much data can cause analysis paralysis. Influx DB is an entire platform designed with everything you need to quickly build applications that generate value from time series data influx. DB Cloud is a serverless solution, which means you don't need to buy or manage your own servers. There's no need to worry about provisioning because you only pay for what you use. Influx DB Cloud is fully managed so you get the newest features and enhancements as they're added to the platform's code base. It also means you can spend time building solutions and delivering value to your users instead of wasting time and effort managing something else. Influx TVB Cloud offers a range of security features to protect your data, multiple layers of redundancy ensure you don't lose any data access controls ensure that only the people who should see your data can see it. >>And encryption protects your data at rest and in transit between any of our regions or cloud providers. InfluxDB uses a single API across the entire platform suite so you can build on open source, deploy to the cloud and then then easily query data in the cloud at the edge or on prem using the same scripts. And InfluxDB is schemaless automatically adjusting to changes in the shape of your data without requiring changes in your application. Logic. InfluxDB Cloud is production ready from day one. All it needs is your data and your imagination. Get started today@influxdata.com slash cloud. >>Okay, we're back. I'm Dave Valante with a Cube and you're watching evolving Influx DB into the smart data platform made possible by influx data. Anna ETOs Georgio is here, she's a developer advocate for influx data and we're gonna dig into the rationale and value contribution behind several open source technologies that Influx DB is leveraging to increase the granularity of time series analysis analysis and bring the world of data into real-time analytics and is welcome to the program. Thanks for coming on. >>Hi, thank you so much. It's a pleasure to be here. >>Oh, you're very welcome. Okay, so IX is being touted as this next gen open source core for Influx db. And my understanding is that it leverages in memory of course for speed. It's a kilo store, so it gives you a compression efficiency, it's gonna give you faster query speeds, you store files and object storage, so you got very cost effective approach. Are these the salient points on the platform? I know there are probably dozens of other features, but what are the high level value points that people should understand? >>Sure, that's a great question. So some of the main requirements that IOx is trying to achieve and some of the most impressive ones to me, the first one is that it aims to have no limits on cardinality and also allow you to write any kind of event data that you want, whether that's live tag or a field. It also wants to deliver the best in class performance on analytics queries. In addition to our already well served metrics queries, we also wanna have operator control over memory usage. So you should be able to define how much memory is used for buffering caching and query processing. Some other really important parts is the ability to have bulk data export and import super useful. Also broader ecosystem compatibility where possible we aim to use and embrace emerging standards in the data analytics ecosystem and have compatibility with things like sql, Python, and maybe even pandas in the future. >>Okay, so lot there. Now we talked to Brian about how you're using Rust and which is not a new programming language and of course we had some drama around Rust during the pandemic with the Mozilla layoffs, but the formation of the Rust Foundation really addressed any of those concerns. You got big guns like Amazon and Google and Microsoft throwing their collective weights behind it. It's really, the adoption is really starting to get steep on the S-curve. So lots of platforms, lots of adoption with rust, but why rust as an alternative to say c plus plus for example? >>Sure, that's a great question. So Russ was chosen because of his exceptional performance and reliability. So while Russ is synt tactically similar to c plus plus and it has similar performance, it also compiles to a native code like c plus plus. But unlike c plus plus, it also has much better memory safety. So memory safety is protection against bugs or security vulnerabilities that lead to excessive memory usage or memory leaks. And rust achieves this memory safety due to its like innovative type system. Additionally, it doesn't allow for dangling pointers. And dangling pointers are the main classes of errors that lead to exploitable security vulnerabilities in languages like c plus plus. So Russ like helps meet that requirement of having no limits on ality, for example, because it's, we're also using the Russ implementation of Apache Arrow and this control over memory and also Russ Russ's packaging system called crates IO offers everything that you need out of the box to have features like AY and a weight to fix race conditions, to protection against buffering overflows and to ensure thread safe async cashing structures as well. So essentially it's just like has all the control, all the fine grain control, you need to take advantage of memory and all your resources as well as possible so that you can handle those really, really high ity use cases. >>Yeah, and the more I learn about the, the new engine and, and the platform IOCs et cetera, you know, you, you see things like, you know, the old days not even to even today you do a lot of garbage collection in these, in these systems and there's an inverse, you know, impact relative to performance. So it looks like you really, you know, the community is modernizing the platform, but I wanna talk about Apache Arrow for a moment. It it's designed to address the constraints that are associated with analyzing large data sets. We, we know that, but please explain why, what, what is Arrow and and what does it bring to Influx db? >>Sure, yeah. So Arrow is a, a framework for defining in memory calmer data. And so much of the efficiency and performance of IOx comes from taking advantage of calmer data structures. And I will, if you don't mind, take a moment to kind of of illustrate why column or data structures are so valuable. Let's pretend that we are gathering field data about the temperature in our room and also maybe the temperature of our stove. And in our table we have those two temperature values as well as maybe a measurement value, timestamp value, maybe some other tag values that describe what room and what house, et cetera we're getting this data from. And so you can picture this table where we have like two rows with the two temperature values for both our room and the stove. Well usually our room temperature is regulated so those values don't change very often. >>So when you have calm oriented st calm oriented storage, essentially you take each row, each column and group it together. And so if that's the case and you're just taking temperature values from the room and a lot of those temperature values are the same, then you'll, you might be able to imagine how equal values will then enable each other and when they neighbor each other in the storage format, this provides a really perfect opportunity for cheap compression. And then this cheap compression enables high cardinality use cases. It also enables for faster scan rates. So if you wanna define like the men and max value of the temperature in the room across a thousand different points, you only have to get those a thousand different points in order to answer that question and you have those immediately available to you. But let's contrast this with a row oriented storage solution instead so that we can understand better the benefits of calmer oriented storage. >>So if you had a row oriented storage, you'd first have to look at every field like the temperature in, in the room and the temperature of the stove. You'd have to go across every tag value that maybe describes where the room is located or what model the stove is. And every timestamp you'd then have to pluck out that one temperature value that you want at that one time stamp and do that for every single row. So you're scanning across a ton more data and that's why Rowe Oriented doesn't provide the same efficiency as calmer and Apache Arrow is in memory calmer data, commoner data fit framework. So that's where a lot of the advantages come >>From. Okay. So you basically described like a traditional database, a row approach, but I've seen like a lot of traditional database say, okay, now we've got, we can handle colo format versus what you're talking about is really, you know, kind of native i, is it not as effective? Is the, is the foreman not as effective because it's largely a, a bolt on? Can you, can you like elucidate on that front? >>Yeah, it's, it's not as effective because you have more expensive compression and because you can't scan across the values as quickly. And so those are, that's pretty much the main reasons why, why RO row oriented storage isn't as efficient as calm, calmer oriented storage. Yeah. >>Got it. So let's talk about Arrow Data Fusion. What is data fusion? I know it's written in Rust, but what does it bring to the table here? >>Sure. So it's an extensible query execution framework and it uses Arrow as it's in memory format. So the way that it helps in influx DB IOCs is that okay, it's great if you can write unlimited amount of cardinality into influx Cbis, but if you don't have a query engine that can successfully query that data, then I don't know how much value it is for you. So Data fusion helps enable the, the query process and transformation of that data. It also has a PANDAS API so that you could take advantage of PANDAS data frames as well and all of the machine learning tools associated with Pandas. >>Okay. You're also leveraging Par K in the platform cause we heard a lot about Par K in the middle of the last decade cuz as a storage format to improve on Hadoop column stores. What are you doing with Parque and why is it important? >>Sure. So parque is the column oriented durable file format. So it's important because it'll enable bulk import, bulk export, it has compatibility with Python and Pandas, so it supports a broader ecosystem. Par K files also take very little disc disc space and they're faster to scan because again, they're column oriented in particular, I think PAR K files are like 16 times cheaper than CSV files, just as kind of a point of reference. And so that's essentially a lot of the, the benefits of par k. >>Got it. Very popular. So and he's, what exactly is influx data focusing on as a committer to these projects? What is your focus? What's the value that you're bringing to the community? >>Sure. So Influx DB first has contributed a lot of different, different things to the Apache ecosystem. For example, they contribute an implementation of Apache Arrow and go and that will support clearing with flux. Also, there has been a quite a few contributions to data fusion for things like memory optimization and supportive additional SQL features like support for timestamp, arithmetic and support for exist clauses and support for memory control. So yeah, Influx has contributed a a lot to the Apache ecosystem and continues to do so. And I think kind of the idea here is that if you can improve these upstream projects and then the long term strategy here is that the more you contribute and build those up, then the more you will perpetuate that cycle of improvement and the more we will invest in our own project as well. So it's just that kind of symbiotic relationship and appreciation of the open source community. >>Yeah. Got it. You got that virtuous cycle going, the people call the flywheel. Give us your last thoughts and kind of summarize, you know, where what, what the big takeaways are from your perspective. >>So I think the big takeaway is that influx data is doing a lot of really exciting things with Influx DB IOx and I really encourage, if you are interested in learning more about the technologies that Influx is leveraging to produce IOCs, the challenges associated with it and all of the hard work questions and you just wanna learn more, then I would encourage you to go to the monthly Tech talks and community office hours and they are on every second Wednesday of the month at 8:30 AM Pacific time. There's also a community forums and a community Slack channel look for the influx DDB unders IAC channel specifically to learn more about how to join those office hours and those monthly tech tech talks as well as ask any questions they have about iacs, what to expect and what you'd like to learn more about. I as a developer advocate, I wanna answer your questions. So if there's a particular technology or stack that you wanna dive deeper into and want more explanation about how INFLUX DB leverages it to build IOCs, I will be really excited to produce content on that topic for you. >>Yeah, that's awesome. You guys have a really rich community, collaborate with your peers, solve problems, and, and you guys super responsive, so really appreciate that. All right, thank you so much Anise for explaining all this open source stuff to the audience and why it's important to the future of data. >>Thank you. I really appreciate it. >>All right, you're very welcome. Okay, stay right there and in a moment I'll be back with Tim Yoakum, he's the director of engineering for Influx Data and we're gonna talk about how you update a SAS engine while the plane is flying at 30,000 feet. You don't wanna miss this. >>I'm really glad that we went with InfluxDB Cloud for our hosting because it has saved us a ton of time. It's helped us move faster, it's saved us money. And also InfluxDB has good support. My name's Alex Nada. I am CTO at Noble nine. Noble Nine is a platform to measure and manage service level objectives, which is a great way of measuring the reliability of your systems. You can essentially think of an slo, the product we're providing to our customers as a bunch of time series. So we need a way to store that data and the corresponding time series that are related to those. The main reason that we settled on InfluxDB as we were shopping around is that InfluxDB has a very flexible query language and as a general purpose time series database, it basically had the set of features we were looking for. >>As our platform has grown, we found InfluxDB Cloud to be a really scalable solution. We can quickly iterate on new features and functionality because Influx Cloud is entirely managed, it probably saved us at least a full additional person on our team. We also have the option of running InfluxDB Enterprise, which gives us the ability to even host off the cloud or in a private cloud if that's preferred by a customer. Influx data has been really flexible in adapting to the hosting requirements that we have. They listened to the challenges we were facing and they helped us solve it. As we've continued to grow, I'm really happy we have influx data by our side. >>Okay, we're back with Tim Yokum, who is the director of engineering at Influx Data. Tim, welcome. Good to see you. >>Good to see you. Thanks for having me. >>You're really welcome. Listen, we've been covering open source software in the cube for more than a decade, and we've kind of watched the innovation from the big data ecosystem. The cloud has been being built out on open source, mobile, social platforms, key databases, and of course influx DB and influx data has been a big consumer and contributor of open source software. So my question to you is, where have you seen the biggest bang for the buck from open source software? >>So yeah, you know, influx really, we thrive at the intersection of commercial services and open, so open source software. So OSS keeps us on the cutting edge. We benefit from OSS in delivering our own service from our core storage engine technologies to web services temping engines. Our, our team stays lean and focused because we build on proven tools. We really build on the shoulders of giants and like you've mentioned, even better, we contribute a lot back to the projects that we use as well as our own product influx db. >>You know, but I gotta ask you, Tim, because one of the challenge that that we've seen in particular, you saw this in the heyday of Hadoop, the, the innovations come so fast and furious and as a software company you gotta place bets, you gotta, you know, commit people and sometimes those bets can be risky and not pay off well, how have you managed this challenge? >>Oh, it moves fast. Yeah, that, that's a benefit though because it, the community moves so quickly that today's hot technology can be tomorrow's dinosaur. And what we, what we tend to do is, is we fail fast and fail often. We try a lot of things. You know, you look at Kubernetes for example, that ecosystem is driven by thousands of intelligent developers, engineers, builders, they're adding value every day. So we have to really keep up with that. And as the stack changes, we, we try different technologies, we try different methods, and at the end of the day, we come up with a better platform as a result of just the constant change in the environment. It is a challenge for us, but it's, it's something that we just do every day. >>So we have a survey partner down in New York City called Enterprise Technology Research etr, and they do these quarterly surveys of about 1500 CIOs, IT practitioners, and they really have a good pulse on what's happening with spending. And the data shows that containers generally, but specifically Kubernetes is one of the areas that has kind of, it's been off the charts and seen the most significant adoption and velocity particularly, you know, along with cloud. But, but really Kubernetes is just, you know, still up until the right consistently even with, you know, the macro headwinds and all, all of the stuff that we're sick of talking about. But, so what are you doing with Kubernetes in the platform? >>Yeah, it, it's really central to our ability to run the product. When we first started out, we were just on AWS and, and the way we were running was, was a little bit like containers junior. Now we're running Kubernetes everywhere at aws, Azure, Google Cloud. It allows us to have a consistent experience across three different cloud providers and we can manage that in code so our developers can focus on delivering services, not trying to learn the intricacies of Amazon, Azure, and Google and figure out how to deliver services on those three clouds with all of their differences. >>Just to follow up on that, is it, no. So I presume it's sounds like there's a PAs layer there to allow you guys to have a consistent experience across clouds and out to the edge, you know, wherever is that, is that correct? >>Yeah, so we've basically built more or less platform engineering, This is the new hot phrase, you know, it, it's, Kubernetes has made a lot of things easy for us because we've built a platform that our developers can lean on and they only have to learn one way of deploying their application, managing their application. And so that, that just gets all of the underlying infrastructure out of the way and, and lets them focus on delivering influx cloud. >>Yeah, and I know I'm taking a little bit of a tangent, but is that, that, I'll call it a PAs layer if I can use that term. Is that, are there specific attributes to Influx db or is it kind of just generally off the shelf paths? You know, are there, is, is there any purpose built capability there that, that is, is value add or is it pretty much generic? >>So we really build, we, we look at things through, with a build versus buy through a, a build versus by lens. Some things we want to leverage cloud provider services, for instance, Postgres databases for metadata, perhaps we'll get that off of our plate, let someone else run that. We're going to deploy a platform that our engineers can, can deliver on that has consistency that is, is all generated from code that we can as a, as an SRE group, as an ops team, that we can manage with very few people really, and we can stamp out clusters across multiple regions and in no time. >>So how, so sometimes you build, sometimes you buy it. How do you make those decisions and and what does that mean for the, for the platform and for customers? >>Yeah, so what we're doing is, it's like everybody else will do, we're we're looking for trade offs that make sense. You know, we really want to protect our customers data. So we look for services that support our own software with the most uptime, reliability, and durability we can get. Some things are just going to be easier to have a cloud provider take care of on our behalf. We make that transparent for our own team. And of course for customers you don't even see that, but we don't want to try to reinvent the wheel, like I had mentioned with SQL data stores for metadata, perhaps let's build on top of what of these three large cloud providers have already perfected. And we can then focus on our platform engineering and we can have our developers then focus on the influx data, software, influx, cloud software. >>So take it to the customer level, what does it mean for them? What's the value that they're gonna get out of all these innovations that we've been been talking about today and what can they expect in the future? >>So first of all, people who use the OSS product are really gonna be at home on our cloud platform. You can run it on your desktop machine, on a single server, what have you, but then you want to scale up. We have some 270 terabytes of data across, over 4 billion series keys that people have stored. So there's a proven ability to scale now in terms of the open source, open source software and how we've developed the platform. You're getting highly available high cardinality time series platform. We manage it and, and really as, as I mentioned earlier, we can keep up with the state of the art. We keep reinventing, we keep deploying things in real time. We deploy to our platform every day repeatedly all the time. And it's that continuous deployment that allows us to continue testing things in flight, rolling things out that change new features, better ways of doing deployments, safer ways of doing deployments. >>All of that happens behind the scenes. And like we had mentioned earlier, Kubernetes, I mean that, that allows us to get that done. We couldn't do it without having that platform as a, as a base layer for us to then put our software on. So we, we iterate quickly. When you're on the, the Influx cloud platform, you really are able to, to take advantage of new features immediately. We roll things out every day and as those things go into production, you have, you have the ability to, to use them. And so in the end we want you to focus on getting actual insights from your data instead of running infrastructure, you know, let, let us do that for you. So, >>And that makes sense, but so is the, is the, are the innovations that we're talking about in the evolution of Influx db, do, do you see that as sort of a natural evolution for existing customers? I, is it, I'm sure the answer is both, but is it opening up new territory for customers? Can you add some color to that? >>Yeah, it really is it, it's a little bit of both. Any engineer will say, well, it depends. So cloud native technologies are, are really the hot thing. Iot, industrial iot especially, people want to just shove tons of data out there and be able to do queries immediately and they don't wanna manage infrastructure. What we've started to see are people that use the cloud service as their, their data store backbone and then they use edge computing with R OSS product to ingest data from say, multiple production lines and downsample that data, send the rest of that data off influx cloud where the heavy processing takes place. So really us being in all the different clouds and iterating on that and being in all sorts of different regions allows for people to really get out of the, the business of man trying to manage that big data, have us take care of that. And of course as we change the platform end users benefit from that immediately. And, >>And so obviously taking away a lot of the heavy lifting for the infrastructure, would you say the same thing about security, especially as you go out to IOT and the Edge? How should we be thinking about the value that you bring from a security perspective? >>Yeah, we take, we take security super seriously. It, it's built into our dna. We do a lot of work to ensure that our platform is secure, that the data we store is, is kept private. It's of course always a concern. You see in the news all the time, companies being compromised, you know, that's something that you can have an entire team working on, which we do to make sure that the data that you have, whether it's in transit, whether it's at rest, is always kept secure, is only viewable by you. You know, you look at things like software, bill of materials, if you're running this yourself, you have to go vet all sorts of different pieces of software. And we do that, you know, as we use new tools. That's something that, that's just part of our jobs to make sure that the platform that we're running it has, has fully vetted software and, and with open source especially, that's a lot of work. And so it's, it's definitely new territory. Supply chain attacks are, are definitely happening at a higher clip than they used to, but that is, that is really just part of a day in the, the life for folks like us that are, are building platforms. >>Yeah, and that's key. I mean especially when you start getting into the, the, you know, we talk about IOT and the operations technologies, the engineers running the, that infrastructure, you know, historically, as you know, Tim, they, they would air gap everything. That's how they kept it safe. But that's not feasible anymore. Everything's >>That >>Connected now, right? And so you've gotta have a partner that is again, take away that heavy lifting to r and d so you can focus on some of the other activities. Right. Give us the, the last word and the, the key takeaways from your perspective. >>Well, you know, from my perspective I see it as, as a a two lane approach with, with influx, with Anytime series data, you know, you've got a lot of stuff that you're gonna run on-prem, what you had mentioned, air gaping. Sure there's plenty of need for that, but at the end of the day, people that don't want to run big data centers, people that want torus their data to, to a company that's, that's got a full platform set up for them that they can build on, send that data over to the cloud, the cloud is not going away. I think more hybrid approach is, is where the future lives and that's what we're prepared for. >>Tim, really appreciate you coming to the program. Great stuff. Good to see you. >>Thanks very much. Appreciate it. >>Okay, in a moment I'll be back to wrap up. Today's session, you're watching The Cube. >>Are you looking for some help getting started with InfluxDB Telegraph or Flux Check >>Out Influx DB University >>Where you can find our entire catalog of free training that will help you make the most of your time series data >>Get >>Started for free@influxdbu.com. >>We'll see you in class. >>Okay, so we heard today from three experts on time series and data, how the Influx DB platform is evolving to support new ways of analyzing large data sets very efficiently and effectively in real time. And we learned that key open source components like Apache Arrow and the Rust Programming environment Data fusion par K are being leveraged to support realtime data analytics at scale. We also learned about the contributions in importance of open source software and how the Influx DB community is evolving the platform with minimal disruption to support new workloads, new use cases, and the future of realtime data analytics. Now remember these sessions, they're all available on demand. You can go to the cube.net to find those. Don't forget to check out silicon angle.com for all the news related to things enterprise and emerging tech. And you should also check out influx data.com. There you can learn about the company's products. You'll find developer resources like free courses. You could join the developer community and work with your peers to learn and solve problems. And there are plenty of other resources around use cases and customer stories on the website. This is Dave Valante. Thank you for watching Evolving Influx DB into the smart data platform, made possible by influx data and brought to you by the Cube, your leader in enterprise and emerging tech coverage.

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

>>Welcome back everyone to the Cube and Horizon three.ai special presentation. I'm John Furrier, host of the Cube. We with Chris Hill, Sector head for strategic accounts and federal@horizonthree.ai. Great innovative company. Chris, great to see you. Thanks for coming on the Cube. >>Yeah, like I said, you know, great to meet you John. Long time listener. First time call. So excited to be here with >>You guys. Yeah, we were talking before camera. You had Splunk back in 2013 and I think 2012 was our first splunk.com. Yep. And boy man, you know, talk about being in the right place at the right time. Now we're at another inflection point and Splunk continues to be relevant and continuing to have that data driving security and that interplay. And your ceo, former CTO of Splunk as well at Horizons Neha, who's been on before. Really innovative product you guys have, but you know, Yeah, don't wait for a brief to find out if you're locking the right data. This is the topic of this thread. Splunk is very much part of this new international expansion announcement with you guys. Tell us what are some of the challenges that you see where this is relevant for the Splunk and the Horizon AI as you guys expand Node zero out internationally? >>Yeah, well so across, so you know, my role within Splunk was working with our most strategic accounts. And so I look back to 2013 and I think about the sales process like working with, with our small customers. You know, it was, it was still very siloed back then. Like I was selling to an IT team that was either using us for IT operations. We generally would always even say, yeah, although we do security, we weren't really designed for it. We're a log management tool. And you know, we, and I'm sure you remember back then John, we were like sort of stepping into the security space and in the public sector domain that I was in, you know, security was 70% of what we did. When I look back to sort of the transformation that I was, was witnessing in that digital transformation, you know when I, you look at like 2019 to today, you look at how the IT team and the security teams are, have been forced to break down those barriers that they used to sort of be silo away, would not communicate one, you know, the security guys would be like, Oh this is my BA box it, you're not allowed in today. >>You can't get away with that. And I think that the value that we bring to, you know, and of course Splunk has been a huge leader in that space and continues to do innovation across the board. But I think what we've we're seeing in the space that I was talking with Patrick Kauflin, the SVP of security markets about this, is that, you know, what we've been able to do with Splunk is build a purpose built solution that allows Splunk to eat more data. So Splunk itself, as you well know, it's an ingest engine, right? So the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it, but without data it doesn't do anything, right? So how do you drive and how do you bring more data in? And most importantly from a customer perspective, how do you bring the right data in? >>And so if you think about what node zero and what we're doing in a Horizon three is that, sure we do pen testing, but because we're an autonomous pen testing tool, we do it continuously. So this whole thought of being like, Oh, crud like my customers, Oh yeah, we got a pen test coming up, it's gonna be six weeks. The wait. Oh yeah. You know, and everyone's gonna sit on their hands, Call me back in two months, Chris, we'll talk to you then. Right? Not, not a real efficient way to test your environment and shoot, we, we saw that with Uber this week. Right? You know, and that's a case where we could have helped. >>Well just real quick, explain the Uber thing cause it was a contractor. Just give a quick highlight of what happened so you can connect the >>Dots. Yeah, no problem. So there it was, I think it was one of those, you know, games where they would try and test an environment. And what the pen tester did was he kept on calling them MFA guys being like, I need to reset my password re to set my password. And eventually the customer service guy said, Okay, I'm resetting it. Once he had reset and bypassed the multifactor authentication, he then was able to get in and get access to the domain area that he was in or the, not the domain, but he was able to gain access to a partial part of the network. He then paralleled over to what would I assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains. And so within minutes they had access. And that's the sort of stuff that we do under, you know, a lot of these tools. >>Like not, and I'm not, you know, you think about the cacophony of tools that are out there in a CTA orchestra architecture, right? I'm gonna get like a Zscaler, I'm gonna have Okta, I'm gonna have a Splunk, I'm gonna do this sore system. I mean, I don't mean to name names, we're gonna have crowd strike or, or Sentinel one in there. It's just, it's a cacophony of things that don't work together. They weren't designed work together. And so we have seen so many times in our business through our customer support and just working with customers when we do their pen test, that there will be 5,000 servers out there. Three are misconfigured. Those three misconfigurations will create the open door. Cause remember the hacker only needs to be right once, the defender needs to be right all the time. And that's the challenge. And so that's why I'm really passionate about what we're doing here at Horizon three. I see this my digital transformation, migration and security going on, which we're at the tip of the sp, it's why I joined say Hall coming on this journey and just super excited about where the path's going and super excited about the relationship with Splunk. I get into more details on some of the specifics of that. But you know, >>I mean, well you're nailing, I mean we've been doing a lot of things around super cloud and this next gen environment, we're calling it NextGen. You're really seeing DevOps, obviously Dev SecOps has, has already won the IT role has moved to the developer shift left as an indicator of that. It's one of the many examples, higher velocity code software supply chain. You hear these things. That means that it is now in the developer hands, it is replaced by the new ops, data ops teams and security where there's a lot of horizontal thinking. To your point about access, there's no more perimeter. So >>That there is no perimeter. >>Huge. A hundred percent right, is really right on. I don't think it's one time, you know, to get in there. Once you're in, then you can hang out, move around, move laterally. Big problem. Okay, so we get that. Now, the challenges for these teams as they are transitioning organizationally, how do they figure out what to do? Okay, this is the next step. They already have Splunk, so now they're kind of in transition while protecting for a hundred percent ratio of success. So how would you look at that and describe the challenges? What do they do? What is, what are the teams facing with their data and what's next? What do they, what do they, what action do they take? >>So let's do some vernacular that folks will know. So if I think about dev sec ops, right? We both know what that means, that I'm gonna build security into the app, but no one really talks about SEC DevOps, right? How am I building security around the perimeter of what's going inside my ecosystem and what are they doing? And so if you think about what we're able to do with somebody like Splunk is we could pen test the entire environment from soup to nuts, right? So I'm gonna test the end points through to it. So I'm gonna look for misconfigurations, I'm gonna, and I'm gonna look for credential exposed credentials. You know, I'm gonna look for anything I can in the environment. Again, I'm gonna do it at at light speed. And, and what we're, what we're doing for that SEC dev space is to, you know, did you detect that we were in your environment? >>So did we alert Splunk or the SIM that there's someone in the environment laterally moving around? Did they, more importantly, did they log us into their environment? And when did they detect that log to trigger that log? Did they alert on us? And then finally, most importantly, for every CSO out there is gonna be did they stop us? And so that's how we, we, we do this in, I think you, when speaking with Stay Hall, before, you know, we've come up with this boils U Loop, but we call it fine fix verify. So what we do is we go in is we act as the attacker, right? We act in a production environment. So we're not gonna be, we're a passive attacker, but we will go in un credentialed UN agents. But we have to assume, have an assumed breach model, which means we're gonna put a Docker container in your environment and then we're going to fingerprint the environment. >>So we're gonna go out and do an asset survey. Now that's something that's not something that Splunk does super well, you know, so can Splunk see all the assets, do the same assets marry up? We're gonna log all that data and think then put load that into the Splunk sim or the smoke logging tools just to have it in enterprise, right? That's an immediate future ad that they've got. And then we've got the fix. So once we've completed our pen test, we are then gonna generate a report and we could talk about about these in a little bit later. But the reports will show an executive summary the assets that we found, which would be your asset discovery aspect of that, a fixed report. And the fixed report I think is probably the most important one. It will go down and identify what we did, how we did it, and then how to fix that. >>And then from that, the pen tester or the organization should fix those. Then they go back and run another test. And then they validate through like a change detection environment to see, hey, did those fixes taste, play take place? And you know, SNA Hall, when he was the CTO of JS o, he shared with me a number of times about, he's like, Man, there would be 15 more items on next week's punch sheet that we didn't know about. And it's, and it has to do with how we, you know, how they were prioritizing the CVEs and whatnot because they would take all CVS was critical or non-critical. And it's like we are able to create context in that environment that feeds better information into Splunk and whatnot. That >>Was a lot. That brings, that brings up the, the efficiency for Splunk specifically. The teams out there. By the way, the burnout thing is real. I mean, this whole, I just finished my list and I got 15 more or whatever the list just can, keeps, keeps growing. How did Node zero specifically help Splunk teams be more efficient? Now that's the question I want to get at, because this seems like a very scalable way for Splunk customers and teams, service teams to be more efficient. So the question is, how does Node zero help make Splunk specifically their service teams be more efficient? >>So to, so today in our early interactions with building Splunk customers, what we've seen are five things, and I'll start with sort of identifying the blind spots, right? So kind of what I just talked about with you. Did we detect, did we log, did we alert? Did they stop node zero, right? And so I would, I put that at, you know, a a a more layman's third grade term. And if I was gonna beat a fifth grader at this game would be, we can be the sparring partner for a Splunk enterprise customer, a Splunk essentials customer, someone using Splunk soar, or even just an enterprise Splunk customer that may be a small shop with three people and, and just wants to know where am I exposed. So by creating and generating these reports and then having the API that actually generates the dashboard, they can take all of these events that we've logged and log them in. >>And then where that then comes in is number two is how do we prioritize those logs, right? So how do we create visibility to logs that are, have critical impacts? And again, as I mentioned earlier, not all CVEs are high impact regard and also not all are low, right? So if you daisy chain a bunch of low CVEs together, boom, I've got a mission critical AP CVE that needs to be fixed now, such as a credential moving to an NT box that's got a text file with a bunch of passwords on it, that would be very bad. And then third would be verifying that you have all of the hosts. So one of the things that Splunk's not particularly great at, and they, they themselves, they don't do asset discovery. So do what assets do we see and what are they logging from that? And then for, from, for every event that they are able to identify the, one of the cool things that we can do is actually create this low-code, no-code environment. >>So they could let, you know, float customers can use Splunk. So to actually triage events and prioritize that events or where they're being routed within it to optimize the SOX team time to market or time to triage any given event. Obviously reducing mtr. And then finally, I think one of the neatest things that we'll be seeing us develop is our ability to build glass tables. So behind me you'll see one of our triage events and how we build a lock Lockheed Martin kill chain on that with a glass table, which is very familiar to this Splunk community. We're going to have the ability, not too distant future to allow people to search, observe on those IOCs. And if people aren't familiar with an ioc, it's an incident of compromise. So that's a vector that we want to drill into. And of course who's better at drilling in into data and Splunk. >>Yeah, this is a critical, this is awesome synergy there. I mean I can see a Splunk customer going, Man, this just gives me so much more capability. Action actionability. And also real understanding, and I think this is what I wanna dig into, if you don't mind understanding that critical impact, okay. Is kind of where I see this coming. I got the data, data ingest now data's data. But the question is what not to log, You know, where are things misconfigured? These are critical questions. So can you talk about what it means to understand critical impact? >>Yeah, so I think, you know, going back to those things that I just spoke about, a lot of those CVEs where you'll see low, low, low and then you daisy chain together and you're suddenly like, oh, this is high now. But then to your other impact of like if you're a, if you're a a Splunk customer, you know, and I had, I had several of them, I had one customer that, you know, terabytes of McAfee data being brought in and it was like, all right, there's a lot of other data that you probably also wanna bring, but they could only afford, wanted to do certain data sets because that's, and they didn't know how to prioritize or filter those data sets. And so we provide that opportunity to say, Hey, these are the critical ones to bring in. But there's also the ones that you don't necessarily need to bring in because low CVE in this case really does mean low cve. >>Like an ILO server would be one that, that's the print server where the, your admin credentials are on, on like a, a printer. And so there will be credentials on that. That's something that a hacker might go in to look at. So although the CVE on it is low, if you daisy chain was something that's able to get into that, you might say, ah, that's high. And we would then potentially rank it giving our AI logic to say that's a moderate. So put it on the scale and we prioritize though, versus a, a vulner review scanner's just gonna give you a bunch of CVEs and good luck. >>And translating that if I, if I can and tell me if I'm wrong, that kind of speaks to that whole lateral movement. That's it. Challenge, right? Print server, great example, look stupid low end, who's gonna wanna deal with the print server? Oh, but it's connected into a critical system. There's a path. Is that kind of what you're getting at? >>Yeah, I used daisy chain. I think that's from the community they came from. But it's, it's just a lateral movement. It's exactly what they're doing. And those low level, low critical lateral movements is where the hackers are getting in. Right? So that's what the beauty thing about the, the Uber example is that who would've thought, you know, I've got my multifactor authentication going in a human made a mistake. We can't, we can't not expect humans to make mistakes. Were fall, were fallible, right? Yeah. The reality is is once they were in the environment, they could have protected themselves by running enough pen tests to know that they had certain exposed credentials that would've stopped the breach. Yeah. And they did not, had not done that in their environment. And I'm not poking. Yeah, >>They put it's interesting trend though. I mean it's obvious if sometimes those low end items are also not protected well. So it's easy to get at from a hacker standpoint, but also the people in charge of them can be fished easily or spear fished because they're not paying attention. Cause they don't have to. No one ever told them, Hey, be careful of what you collect. >>Yeah. For the community that I came from, John, that's exactly how they, they would meet you at a, an international event introduce themselves as a graduate student. These are national actor states. Would you mind reviewing my thesis on such and such? And I was at Adobe at the time though I was working on this and start off, you get the pdf, they opened the PDF and whoever that customer was launches, and I don't know if you remember back in like 2002, 2008 time frame, there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it. And John, that's >>Or LinkedIn. Hey I wanna get a joke, we wanna hire you double the salary. Oh I'm gonna click on that for sure. You know? Yeah, >>Right. Exactly. Yeah. The one thing I would say to you is like when we look at like sort of, you know, cuz I think we did 10,000 pen test last year is it's probably over that now, you know, we have these sort of top 10 ways that we think then fine people coming into the environment. The funniest thing is that only one of them is a, a CVE related vulnerability. Like, you know, you guys know what they are, right? So it's it, but it's, it's like 2% of the attacks are occurring through the CVEs, but yet there's all that attention spent to that. Yeah. And very little attention spent to this pen testing side. Yeah. Which is sort of this continuous threat, you know, monitoring space and, and, and this vulnerability space where I think we play such an important role and I'm so excited to be a part of the tip of the spear on this one. >>Yeah. I'm old enough to know the movie sneakers, which I love as a, you know, watching that movie, you know, professional hackers are testing, testing, always testing the environment. I love this. I gotta ask you, as we kind of wrap up here, Chris, if you don't mind the benefits to team professional services from this alliance, big news Splunk and you guys work well together. We see that clearly. What are, what other benefits do professional services teams see from the Splunk and Horizon three AI alliance? >>So if you're a, I think for, from our, our, from both of our partners as we bring these guys together and many of them already are the same partner, right? Is that first off, the licensing model is probably one of the key areas that we really excel at. So if you're an end user, you can buy for the enterprise by the enter of IP addresses you're using. But if you're a partner working with this, there's solution ways that you can go in and we'll license as to MSPs and what that business model on our MSPs looks like. But the unique thing that we do here is this c plus license. And so the Consulting Plus license allows like a, somebody a small to midsize to some very large, you know, Fortune 100, you know, consulting firms uses by buying into a license called Consulting Plus where they can have unlimited access to as many ips as they want. >>But you can only run one test at a time. And as you can imagine when we're going and hacking passwords and checking hashes and decrypting hashes, that can take a while. So, but for the right customer, it's, it's a perfect tool. And so I I'm so excited about our ability to go to market with our partners so that we underhand to sell, understand how not to just sell too or not tell just to sell through, but we know how to sell with them as a good vendor partner. I think that that's one thing that we've done a really good job building bringing into market. >>Yeah. I think also the Splunk has had great success how they've enabled partners and professional services. Absolutely. They've, you know, the services that layer on top of Splunk are multifold tons of great benefits. So you guys vector right into that ride, that wave with >>Friction. And, and the cool thing is that in, you know, in one of our reports, which could be totally customized with someone else's logo, we're going to generate, you know, so I, I used to work at another organization, it wasn't Splunk, but we, we did, you know, pen testing as a, as a for, for customers and my pen testers would come on site, they, they do the engagement and they would leave. And then another really, someone would be, oh shoot, we got another sector that was breached and they'd call you back, you know, four weeks later. And so by August our entire pen testings teams would be sold out and it would be like, wow. And in March maybe, and they'd like, No, no, no, I gotta breach now. And, and, and then when they do go in, they go through, do the pen test and they hand over a PDF and they pat you on the back and say, there's where your problems are, you need to fix it. And the reality is, is that what we're gonna generate completely autonomously with no human interaction is we're gonna go and find all the permutations that anything we found and the fix for those permutations and then once you fixed everything, you just go back and run another pen test. Yeah. It's, you know, for what people pay for one pen test, they could have a tool that does that. Every, every pat patch on Tuesday pen test on Wednesday, you know, triage throughout the week, >>Green, yellow, red. I wanted to see colors show me green, green is good, right? Not red. >>And once CIO doesn't want, who doesn't want that dashboard, right? It's, it's, it is exactly it. And we can help bring, I think that, you know, I'm really excited about helping drive this with the Splunk team cuz they get that, they understand that it's the green, yellow, red dashboard and, and how do we help them find more green so that the other guys are >>In Yeah. And get in the data and do the right thing and be efficient with how you use the data, Know what to look at. So many things to pay attention to, you know, the combination of both and then, then go to market strategy. Real brilliant. Congratulations Chris. Thanks for coming on and sharing this news with the detail around this Splunk in action around the alliance. Thanks for sharing, >>John. My pleasure. Thanks. Look forward to seeing you soon. >>All right, great. We'll follow up and do another segment on DevOps and IT and security teams as the new new ops, but, and Super cloud, a bunch of other stuff. So thanks for coming on. And our next segment, the CEO of Verizon, three AA, will break down all the new news for us here on the cube. You're watching the cube, the leader in high tech enterprise coverage.

>>Okay, welcome back everyone to super cloud 22 here in our live studio performance. You're on stage in Palo Alto. I'm Sean fur. You're host with the queue with Dave ante. My co it's got a great industry ecosystem panel to discuss whether it's realer hype, David MC Janet CEO of Hashi Corp, hugely successful company as will LA forest field CTO, Colu and Victoria over yourgo from VMware guys. Thanks for coming on the queue. Appreciate it. Thanks for having us. So realer, hype, super cloud David. >>Well, I think it depends on the definition. >>Okay. How do you define super cloud start there? So I think we have a, >>I think we have a, like an inherently pragmatic view of super cloud of the idea of super cloud as you talk about it, which is, you know, for those of us that have been in the infrastructure world for a long time, we know there are really only six or seven categories of infrastructure. There's sort of the infrastructure security, networking databases, middleware, and, and, and, and really the message queuing aspects. And I think our view is that if the steady state of the world is multi-cloud, what you've seen is sort of some modicum of standardization across those different elements, you know, take, you know, take confluent. You know, I, I worked in the middleware world years ago, MQ series, and typical multicast was how you did message queuing. Well, you don't do that anymore. All the different cloud providers have their own message, queuing tech, there's, Google pub sub, and the equivalents across the different, different clouds. Kafka has provided a consistent way to do that. And they're not trying to project that. You can run everything connected. They're saying, Hey, you should standardize on Kafka for message cuing is that way you can have operational consistency. So I think to me, that's more how we think about it is sort of, there is sort of layer by layer of sort of de facto standardization for the lingo Franco. >>So a streaming super cloud is how you would think of it, or no, I just, or a component of >>Cloud that could be a super cloud. >>I just, I just think that there are like, if I'm gonna build an application message, queuing is gonna be a necessary element of it. I'm gonna use Kafka, not, you know, a native pub sub engine on one of the clouds, because operationally that's just the only way I can do it. So I think that's more, our view's much more pragmatic rather than trying to create like a single platform that you can run everywhere and deal with the networking realities of like network, you know, hops missing across those different worlds and have that be our responsibility. It's much more around, Hey, let's standardize each layer, operational >>Standardized layer that you can use to build a super cloud if that's in your, your intent or, yeah. Okay. >>And it reminds me of the web services days. You kind of go throwback there. I mean, we're kind of living the next gen of web services, the dream of that next level, because DevOps dev SecOps now is now gone mainstream. That's the big challenge we're hearing devs are doing great. Yep. But the ops teams and screen, they gotta go faster. This seems to be a core, I won't say blocker, but more of a drag to the innovation. >>Well, I I'll just get off, I'll hand it off to, to you guys. But I think the idea that like, you know, if I'm gonna have an app that's running on Amazon that needs to connect to a database that's running on, on the private data center, that's essentially the SOA notion, you know, w large that we're all trying to solve 20 years ago, but is much more complicated because you're brokering different identity models, different networking models. They're just much more complex. So that's where the ops bit is the constraint, you know, for me to build that app, not that complicated for the ops person to let it see traffic is another thing altogether. I think that's, that's the break point for so much of what looks easier to a developer is the operational reality of how you do that. And the good news is those are actually really well solved problems. They're just not broadly understood. >>Well, what's your take, you talk to customers all the time, field CTO, confluent, really doing well, streaming data. I mean, everyone's doing it now. They have to, yeah. These are new things that pop up that need solutions. You guys step up and doing more. What's your take on super cloud? >>Well, I mean, the way we address it honestly is we don't, it's gonna be honest. We don't think about super cloud much less is the fact that SAS is really being pushed down. Like if we rely on seven years ago and you took a look at SAS, like it was obvious if you were gonna build a product for an end consumer or business user, you'd do SAS. You'd be crazy not to. Right. But seven years ago, if you look at your average software company producing something for a developer that people building those apps, chances are you had an open source model. Yeah. Or, you know, self-managed, I think with the success of a lot of the companies that are here today, you know, snowflake data, bricks, Colu, it's, it's obvious that SaaS is the way to deliver software to the developers as well. And as such, because our product is provided that way to the developers across the clouds. That's, that's how they have a unifying data layer, right. They don't necessarily, you know, developers like many people don't necessarily wanna deal with the infrastructure. They just wanna consume cloud data services. Right. So that's how we help our customers span cloud. >>So we evenly that SAS was gonna be either built on a single cloud or in the case of service. Now they built their own cloud. Right. So increasingly we're seeing opportunities to build a Salesforce as well across clouds tap different, different, different services. So, so how does that evolve? Do you, some clouds have, you know, better capabilities in other clouds. So how does that all get sort of adjudicated, do you, do you devolve to the lowest common denominator? Or can you take the best of all of each? >>The whole point to that I think is that when you move from the business user and the personal consumer to the developer, you, you can no longer be on a cloud, right. There has to be locality to where applications are being developed. So we can't just deploy on a single cloud and have people send their data to that cloud. We have to be where the developer is. And our job is to make the most of each, an individual cloud to provide the same experience to them. Right. So yes, we're using the capabilities of each cloud, but we're hiding that to the developer. They don't shouldn't need to know or care. Right. >>Okay. And you're hiding that with the abstraction layer. We talked about this before Victoria, and that, that layer has what, some intelligence that has metadata knowledge that can adjudicate what, what, the best, where the best, you know, service is, or function of latency or data sovereignty. How do you see that? >>Well, I think as the, you need to instrument these applications so that you, you, you can get that data and then make the intelligent decision of where, where, where this, the deploy application. I think what Dave said is, is right. You know, the level of super cloud that they talking about is the standardization across messaging. And, and are you what's happening within the application, right? So you don't, you are not too dependent on the underlying, but then the application say that it takes the form of a, of a microservice, right. And you deploy that. There has to be a way for operator to say, okay, I see all these microservices running across clouds, and I can factor out how they're performing, how I, I, life lifecycle managed and all that. And so I think there is, there is, to me, there's the next level of the super cloud is how you factor this out. So an operator can actually keep up with the developers and make sense of all that and manage it. Like >>You guys that's time. Like its also like that's what Datadog does. So Datadog basically in allows you to instrument all those services, on-prem private data center, you know, all the different clouds to have a consistent view. I think that that's not a good example of a vendor that's created a, a sort of a level of standardization across a layer. And I think that's, that's more how we think about it. I think the notion of like a developer building an application, they can deploy and not have to worry where it exists. Yeah. Is more of a PAs kind of construct, you know, things like cloud Foundry have done a great job of, of doing that. But underneath that there's still infrastructure. There's still security. There's still networking underneath it. And I think that's where, you know, things like confluent and perhaps at the infrastructure layer have standardized, but >>You have off the shelf PAs, if I can call it that. Yeah. Kind of plain. And then, and then you have PAs and I think about, you mentioned snowflake, snowflake is with snow park, seems to be developing a PAs layer that's purpose built for their specific purpose of sharing data and governing data across multiple clouds call super paths. Is, is that a prerequisite of a super cloud you're building blocks. I'm hearing yeah. For super cloud. Is that a prerequisite for super cloud? That's different than PAs of 10 years ago. No, but I, >>But I think this is, there's just different layers. So it's like, I don't know how that the, the snowflake offering is built built, but I would guess it's probably built on Terraform and vault and cons underneath it. Cuz those are the ingredients with respect to how you would build a composite application that runs across multiple. And >>That's how Oracle that town that's how Oracle with the Microsoft announcement. They just, they just made if you saw that that was built on Terraform. Right. But, but they would claim that they, they did some special things within their past that were purpose built for, for sure. Low latency, for example, they're not gonna build that on, you know, open shift as an, as an example, they're gonna, you know, do their own little, you know, >>For sure, for sure. So I think what you're, you're pointing at and what Victoria was talking about is, Hey, can a vendor provided consistent experience across the application layer across these multiple clouds? And I would say, sure, just like, you know, you might build a mobile banking application that has a front end on Amazon in the back end running on vSphere on your private data center. Sure. But the ingredients you use to do that have to be, they can't be the cloud native aspects for how you do that. How do you think about, you know, the connectivity of, of like networking between that thing to this thing? Is it different on Amazon? Is it different on Azure? Is it different on, on Google? And so the, the, the, the companies that we all serve, that's what they're building, they're building composited applications. Snowflake is just an example of a company that we serve this building >>Composite. And, but, but, but don't those don't, you have to hide the complexity of that, those, those cloud native primitives that's your job, right. Is to actually it creates simplicity across clouds. Is it not? >>Why? Go ahead. You. >>Yeah, absolutely. I mean that in fact is what we're doing for developers that need to do event streaming, right. That need to process this data in real time. Now we're, we're doing the sort of things that Victoria was just talking about, like underneath the covers, of course, you know, we're using Kubernetes and we're managing the differences between the clouds, but we're hiding the, that, and we've become sort of a defacto standard across the cloud. So if I'm developing an app in any of those cloud, and I think we all know, and you were mentioning earlier every significant company's multi-cloud now all the large enterprises, I just got back from Brazil and like every single one of 'em have multiple clouds and on-prem right. So they need something that can span those. >>What's the challenge there. If you talk to those customers, because we're seeing the same thing, they have multiple clouds. Yeah. But it was kind of by default or they had some use case, either.net developers there with Azure, they'll do whatever cloud. And it kind of seems specialty relative to the cloud native that they're on what problems do they have because the complexity to run infrastructure risk code across clouds is hard. Right? So the trade up between native cloud and have better integration to complexity of multiple clouds seems to be a topic around super cloud. What are you seeing for, for issues that they might have or concerns? >>Yeah. I mean, honestly it is, it is hard to actually, so here's the thing that I think is kind of interesting though, by the way, is that I, I think we tend to, you know, if you're, if you're from a technical background, you tend to think of multicloud as a problem for the it organization. Like how do we solve this? How do we save money? But actually it's a business problem now, too, because every single one of these companies that have multiple clouds, they want to integrate their data, their products across these, and it it's inhibiting their innovation. It's hard to do, but that's where something like, you know, Hatchie Corp comes in right. Is to help solve that. So you can instrument it. It has to happen at each of these layers. And I suppose if it does happen at every single layer, then voila, we organically have something that amounts to Supercloud. Right. >>I love how you guys are representing each other's firms. And, but, but, and they also correct me if I'm a very similar, your customers want to, it is very similar, but your customers want to monetize, right. They want bring their tools, their software, their particular IP and their data and create, you know, every, every company's a software company, as you know, Andreesen says every company's becoming a cloud company to, to monetize in, in the future. Is that, is that a reasonable premise of super cloud? >>Yeah. I think, think everyone's trying to build composite applications to, to generate revenue. Like that's, that's why they're building applications. So yeah. One, 100%. I'm just gonna make it point cuz we see it as well. Like it's actually quite different by geography weirdly. So if you go to like different geographies, you see actually different cloud providers, more represented than others. So like in north America, Amazon's pretty dominant Japan. Amazon's pretty dominant. You go to Southeast Asia actually. It's not necessarily that way. Like it might be Google for, for whatever reason more hourly Bob. So this notion of multi's just the reality of one's everybody's dealing with. But yeah, I think everyone, everyone goes through the same process. What we've observed, they kind of go, there's like there's cloud V one and there's cloud V two. Yeah. Cloud V one is sort of the very tactical let's go build something on cloud cloud V two is like, whoa, whoa, whoa, whoa. And I have some stuff on Amazon, some stuff on Azure, some stuff on, on vSphere and I need some operational consistency. How do I think about zero trust across that way in a consistent way. And that's where this conversation comes into being. It's sort of, it's not like the first version of cloud it's actually when people step back and say, Hey, Hey, I wanna build composite applications to monetize. How am I gonna do that in an industrialized way? And that's the problem that you were for. It's >>Not, it's not as, it's not a no brainer like it was with cloud, go to the cloud, write an app. You're good here. It's architectural systems thinking, you gotta think about regions. What's the latency, you know, >>It's step back and go. Like, how are we gonna do this, this exactly. Like it's wanted to do one app, but how we do this at scale >>Zero trust is a great example. I mean, Amazon kind of had, was forced to get into the zero trust, you know, discussion that, that wasn't, you know, even a term that they used and now sort of, they're starting to talk about it, but within their domain. And so how do you do zero trust trust across cost to your point? >>I, I wonder if we're limiting our conversation too much to the, the very technical set of developers, cuz I'm thinking back at again, my example of C plus plus libraries C plus plus libraries makes it easier. And then visual BA visual basic. Right. And right now we don't have enough developers to build the software that we want to build. And so I want, and we are like now debating, oh, can we, do we hide that AI API from Google versus that SQL server API from, from Microsoft. I wonder at some point who cares? Right. You know, we, I think if we want to get really economy scale, we need to get to a level of abstraction for developers that really allows them to say, I don't need, for most of most of the procedural application that I need to build as a developer, as a, as a procedural developer, I don't care about this. Some, some propeller had, has done that for me. I just like plug it in my ID and, and I use it. And so I don't, I don't know how far we are from that, but if we don't get to that level, it fits me that we never gonna get really the, the economy or the cost of building application to the level. >>I was gonna ask you in the previous segment about low code, no code expanding the number of developers out there and you talking about propel heads. That's, that's what you guys all do. Yeah. You're the technical geniuses, right. To solve that problem so that, so you can have low code development is that I >>Don't think we have the right here. Cause I, we, we are still, you know, trying to solve that problem at that level. But, but >>That problem has to be solved first, right before we can address what you're talking about. >>Yeah. I, I worked very closely with one of my biggest mentors was Adam Bosworth that built, you know, all the APIs for visual basics and, and the SQL API to visual basic and all that stuff. And he always was on that front. In fact that his last job was at my, at AWS building that no code environment. So I'm a little detached from that. It just hit me as we were discussing this. It's like, maybe we're just like >>Creating, but I would, I would argue that you kind of gotta separate the two layers. So you think about the application platform layer that a developer interfaces to, you know, Victoria and I worked together years ago and one of the products we created was cloud Foundry, right? So this is the idea of like just, you know, CF push, just push this app artifact and I don't care. That's how you get the developer community written large to adopt something complicated by hiding all the complexity. And I think that that is one model. Yeah. Turns out Kubernetes is actually become a peer to that and perhaps become more popular. And that's what folks like Tanza are trying to do. But there's another layer underneath that, which is the infrastructure that supports it. Right? Yeah. Cause that's only needs to run on something. And I think that's, that's the separation we have to do. Yes. We're talking a little bit about the plumbing, but you know, we just easily be talking about the app layer. You need, both of them. Our point of view is you need to standardize at this layer just like you need standardize at this layer. >>Well, this is, this is infrastructure. This is DevOps V two >>Dev >>Ops. Yeah. And this is where I think the ops piece with open source, I would argue that open source is blooming more than ever. So I think there's plenty of developers coming. The automation question becomes interesting because I think what we're seeing is shift left is proving that there's app developers out there that wanna stay in their pipelining. They don't want to get in under the hood. They just want infrastructure as code, but then you got supply chain software issues there. We talked about the Docker on big time. So developers at the top, I think are gonna be fine. The question is what's the blocker. What's holding them back. And I don't see the devs piece Victoria as much. What do you guys think? Is it, is the, is the blocker ops or is it the developer experience? That's the blocker. >>It's both. There are enough people truthfully. >>That's true. Yeah. I mean, I think I sort of view the developer as sort of the engine of the digital innovation. So, you know, if you talk about creative destruction, that's, that was the economic equivalent of softwares, eating the world. The developers are the ones that are doing that innovation. It's absolutely essential that you make it super easy for them to consume. Right. So I think, you know, they're nerds, they want to deal with infrastructure to some degree, but I think they understand the value of getting a bag of Legos that they can construct something new around. And I think that's the key because honestly, I mean, no code may help for some things. Maybe I'm just old >>School, >>But I, I went through this before with like Delphy and there were some other ones and, and I hated it. Like I just wanted a code. Yeah. Right. So I think making them more efficient is, is absolutely good. >>But I think what, where you're going with that question is that the, the developers, they tend to stay ahead. They, they just, they're just gear, you know, wired that way. Right. So I think right now where there is a big bottleneck in developers, I think the operation team needs to catch up. Cuz I, I talk to these, these, these people like our customers all the time and I see them still stuck in the old world. Right. Gimme a bunch of VMs and I'll, I know how to manage well that world, you know, although as lag is gonna be there forever, so managing mainframe. But so if they, the world is all about microservices and containers and if the operation team doesn't get on top of it and the security team that then that they're gonna be a bottleneck. >>Okay. I want to ask you guys if the, if the companies can get through that knothole of having their ops teams and the dev teams work well together, what's the benefits of a Supercloud. How do you see the, the outcome if you kind of architect it, right? You think the big picture you zoom as saying what's the end game look like for Supercloud? Is that >>What I would >>Say? Or what's the Nirvana >>To me Nirvana is that you don't care. You just don't don't care. You know, you just think when you running building application, let's go back to the on-prem days. You don't care if it runs on HP or Dell or, you know, I'm gonna make some enemies here with my old, old family, but you know, you don't really care, right. What you want is the application is up and running and people can use it. Right. And so I think that Nirvana is that, you know, there is some, some computing power out there, some pass layer that allows me to deploy, build application. And I just like build code and I deploy it and I get value at a reasonable cost. I think one of the things that the super cloud for as far as we're concerned is cost. How do you manage monitor the cost across all this cloud? >>Make sure that you don't, the economics don't get outta whack. Right? How many companies we know that have gone to the cloud only to realize that holy crap, now I, I got the bill and, and you know, I, as a vendor, when I was in my previous company, you know, we had a whole team figuring out how to lower our cost on the one hyperscaler that we were using. So these are, you know, the, once you have in the super cloud, you don't care just you, you, you go with the path of least the best economics is. >>So what about the open versus closed debate will you were mentioning that we had snowflake here and data bricks is both ends of the spectrum. Yeah. You guys are building open standards across clouds. Clearly even the CLO, the walled gardens are using O open standards, but historically de facto standards have emerged and solved these problems. So the super cloud as a defacto standard, versus what data bricks is trying to do super cloud kind of as an, as an open platform, what are you, what are your thoughts on that? Can you actually have an, an open set of standards that can be a super cloud for a specific purpose, or will it just be built on open source technologies? >>Well, I mean, I, I think open source continues to be an important part of innovation, but I will say from a business model perspective, like the days, like when we started off, we were an open source company. I think that's really done in my opinion, because if you wanna be successful nowadays, you need to provide a cloud native SAS oriented product. It doesn't matter. What's running underneath the covers could be commercial closed source, open source. They just wanna service and they want to use it quite frankly. Now it's nice to have open source cuz the developers can download it and run on their laptop. But I, I can imagine in 10 years time actually, and you see most companies that are in the cloud providing SAS, you know, free $500 credit, they may not even be doing that. They'll just, you know, go whatever cloud provider that their company is telling them to use. They'll spin up their SAS product, they'll start playing with it. And that's how adoption will grow. Right? >>Yeah. I, I think, I mean my personal view is that it's, that it's infrastructure is pervasive enough. It exists at the bottom of everything that the standards emerge out of open source in my view. And you think about how something like Terraform is built, just, just pick one of the layers there's Terraform core. And then there's a plugin for everything you integrate with all of those are open source. There are over 2000 of these. We don't build them. Right. That's and it's the same way that drove Linux standardization years ago, like someone had to build the drivers for every piece of hardware in the world. The market does not do that twice. The market does that once. And so I, I I'm deeply convicted that opensource is the only way that this works at the infrastructure layer, because everybody relies on it at the application layer, you may have different kinds of databases. You may have different kind of runtime environments. And that's just the nature of it. You can't to have two different ways of doing network, >>Right? Because the stakes are so high, basically. >>Yeah. Cuz there's, there's an infinite number of the surface areas are so large. So I actually worked in product development years ago for middleware. And the biggest challenge was how do you keep the adapter ecosystem up to date to integrate with everything in the world? And the only way to do it in our view is through open source. And I think that's a fundamental philosophical view that it we're just, you know, grounded in. I think when people are making infrastructure decisions that span 20 years at the customer base, this is what they think about. They go which standard it will emerge based on the model of the vendor. And I don't think my personal view is, is it's not possible to do in a, in >>A, do you think that's a defacto standard kind of psychological perspective or is there actual material work being done or both in >>There it's, it's, it's a network effect thing. Right? So, so, you know, before Google releases a new service service on Google cloud, as part of the release checklist is does it support Terraform? They do that work, not us. Why? Because every one of their customers uses Terraform to interface with them and that's how it works. So see, so the philosophical view of, of the customers, okay, what am I making a standardize on for this layer for the next 30 years? It's kind of a no brainer. Philosophically. >>I tend, >>I think the standards are organically created based upon adoption. I mean, for instance, Terraform, we have a provider we're again, we're at the data layer that we created for you. So like, I don't think there's a board out there. I mean there are that creating standards. I think those days are kind of done to be honest, >>The, the Terraform provider for vSphere has been downloaded five and a half million times this year. Yeah. Right. Like, so, I >>Mean, these are unifying moments. This are like the de facto standards are really important process in these structural changes. I think that's something that we're looking at here at Supercloud is what's next? What has to unify look what Kubernetes has done? I mean, that's essentially the easy thing to orchestra, but people get behind it. So I see this is a big part of this next, the two. Totally. What do you guys see that's needed? What's the rallying unification point? Is it the past layer? Is it more infrastructure? I guess that's the question we're trying to, >>I think every layer will need that open source or a major traction from one of the proprietary vendor. But I, I agree with David, it's gonna be open source for the most part, but you know, going back to the original question of the whole panel, if I may, if this is reality of hype, look at the roster of companies that are presenting or participating today, these are all companies that have some sort of multi-cloud cross cloud, super cloud play. They're either public have real revenue or about to go public. So the answer to the question. Yeah, it's real. Yeah. >>And so, and there's more too, we had couldn't fit him in, but we, >>We chose super cloud on purpose cuz it kind of fun, John and I kind came up with it and, and but, but do you think it's, it hurts the industry to have this, try to put forth this new term or is it helpful to actually try to push the industry to define this new term? Or should it just be multi-cloud 2.0, >>I mean, conceptually it's different than multi-cloud right. I mean, in my opinion, right? So in that, in that respect, it has value, right? Because it's talking about something greater than just multi-cloud everyone's got multi-cloud well, >>To me multi-cloud is the, the problem I should say the opportunity. Yeah. Super cloud or we call it cross cloud is the solution to that channel. Let's >>Not call again. And we're debating that we're debating that in our cloud already panel where we're talking about is multi-cloud a problem yet that needs to get solved or is it not yet ready for a market to your point? Is it, are we, are we in the front end of coming into the true problem set, >>Give you definitely answer to that. The answer is yes. If you look at the customers that are there, they won, they have gone through the euphoria phase. They're all like, holy something, what, what are we gonna do about this? Right. >>And, but they don't know what to do. >>Yeah. And the more advanced ones as the vendor look at the end of the day, markets are created by vendors that build ed that customers wanna buy. Yeah. Because they get value >>And it's nuance. David, we were sort talking about before, but Goldman Sachs has announced they're analysis software vendor, right? Capital one is a software vendor. I've been really interested Liberty what Cerner does with what Oracle does with Cerner and in terms of them becoming super cloud vendors and monetizing that to me is that is their digital transformation. Do you guys, do you guys see that in the customer base? Am I way too far out of my, of my skis there or >>I think it's two different things. I think, I think basically it's the idea of building applications. If they monetize yeah. There and Cerner's gonna build those. And you know, I think about like, you know, IOT companies that sell that sell or, or you think people that sell like, you know, thermostats, they sell an application that monetizes those thermostats. Some of that runs on Amazon. Some of that runs a private data center. So they're basically in composite applications and monetize monetizing them for the particular vertical. I think that's what we ation every day. That's what, >>Yeah. You can, you can argue. That's not, not anything new, but what's new is they're doing that on the cloud and taking across multiple clouds. Multiple. Exactly. That's what makes >>Edge. And I think what we all participate in is, Hey, in order to do that, you need to drive standardization of how you do provisioning, how you do networking, how you do security to underpin those applications. I think that's what we're all >>Talking about, guys. It's great stuff. And I really appreciate you taking the time outta your day to help us continue the conversation to put out in the open. We wanna keep it out in the open. So in the last minute we have left, let's go down the line from a hash core perspective, confluent and VMware. What's your position on super cloud? What's the outcome that you would like to see from your standpoint, going out five years, what's it look like they will start with you? >>I just think people like sort under understanding that there is a layer by layer of view of how to interact across cloud, to provide operational consistency and decomposing it that way. Thinking about that way is the best way to enable people to build and run apps. >>We wanna help our customers work with their data in real time, regardless of where they're on primer in the cloud and super cloud can enable them to build applications that do that more effectively. That's that's great for us >>For tour you. >>I, my Niana for us is customers don't care, just that's computing out there. And it's a, it's a, it's a tool that allows me to grow my business and we make it all, all the differences and all the, the challenges, you know, >>Disappear, dial up, compute utility infrastructure, ISN >>Code. I open up the thought there's this water coming out? Yeah, I don't care. I got how I got here. I don't wanna care. Well, >>Thank you guys so much and congratulations on all your success in the marketplace, both of you guys and VMware and your new journey, and it's gonna be great to watch. Thanks for participating. Really appreciate it. Thank you, sir. Okay. This is super cloud 22, our events, a pilot. We're gonna get it out there in the open. We're gonna get the data we're gonna share with everyone out in the open on Silicon angle.com in the cube.net. We'll be back with more live coverage here in Palo Alto. After this short break.

>>The cube presents HPE discover 2022 brought to you by HPE. >>Welcome back to the cube. Lisa Martin and Dave ante here covering day one of HPE discover 22 live from Las Vegas. We've been having some great conversations today. So far. We've got three full days coming at you. This is close to the end of day one. We're gonna have an interesting conversation next with a may the executive vice president and chief people officer at HPE. Alan. Welcome to the cube. >>Thanks Lisa. Great to be here. Thanks Dave. >>It's great to be back in person. The keynote this morning, standing room, only people are ready. People are ready to be back to hear what HPE has been doing the last couple of years since the last conference, but I've heard you and Antonio talk about the human side of change. It's challenging humans. Humans are uncomfortable with change, right? Unfortunately we are, but it is a big challenge. How, what are some of the things that you're seeing as organizations are really looking and have to transform digitally? They gotta bring the humans along >>Well. You know, our folks as anybody is just bombarded with data these days bombarded with issues and, and it's really down to share of mind when it comes down to it. If, if you're asking someone to change first, you gotta break through the clutter. There's so many things going on in their world and in their life as individuals. But to me, the foundation is you really have to define what is the mission and purpose of the organization, and then make sure that individual feels safe and comfortable participating at work. I know those sound like soft things, but at the end of the day, you're not gonna have the gumption or the desire to change unless you care about something bigger than yourself and that you feel safe bringing your authentic self to work. >>So you have to be kind of, yeah. Have to be good at sales, I guess, because you have to sell the mission. Well, what do you do if somebody's not comfortable? If they, how do you get them to align? I mean, you, you, it's always a challenge. And that's like, I think what makes the people side of the equation so hard? What's your sort of secret sauce there? >>Well, I wouldn't say it's secret sauce, but you know, we define our mission is improving the way people work and live. Now that sounds so general. But the good thing about that is I think about every one of our 60,000 associates around the world can write theirselves into that mission. Sign >>Up >>For that. Yeah. It's not so specific that you think am I opting in, I am opting out. The other piece is you've gotta give employee voice. You have to give your team members an opportunity, not just to, you know, follow blindly, whatever you're saying, you don't want that. You actually want them to challenge it. You want 'em to say, Hey, what does that really mean, Alan? What does that mean, Antonio? When you say we're improving the way, you know, people work and live, what does it mean when we say commit and go or force for good, these are not just pithy phrases. They're ways to engage dialogue. That's how you get people to think and to create and innovate and to change >>And creating that employee experience and changing that and, and transforming that as obviously the world change, especially the last couple of years, but the employee experience and what they think. And are they, are we part of the vision? Are we, part of the mission is directly relates to the customer experience. Those two things to me are inextricably linked well >>In, in our company, it's all about innovation, but not innovation just for the sake of designing things, but to meet customer needs. So you've actually gotta inculcate in your workforce. A couple of things. One obviously is that freedom to be creative, but the other piece is actually actively listening to our customers and recognizing and understanding what they need and how we can satisfy those needs. When you can bring both of those things together, I tell you, you can do all kinds of things with your workforce. >>So, I mean, I'm hearing you obviously look for common ground, but sometimes there's, there's the dissonance, right? The, you know, creating that great human condition might not necessarily be advantageous for short-term profits. You're a public company. So, so how what's that discussion like, and, and, and I presume there's gotta be a long-term vision, but still how, how do you handle those types of >>Things? Well, that, that's what I call dynamic tension. Good, great organizations, encourage dynamic tension. They don't simply ask people to blindly adhere to whatever they're saying. They actually ask their employees to think and to create and to debate and to argue respectfully, of course, that's how you really get to that virtuous circle of innovation and people moving forward. Now, look, I, I'm not naive. We don't have 60,000 team members totally aligned on every point every day. But I think we've got the vast majority knowing ultimately where we're going. And frankly, some of the fun is figuring out how to get there. And that means that you've gotta have those open discussions to get there. >>Well, you talk about dynamic tension and at the first sort of thought of it, it sounds like it can be a challenging thing, but it also sounds like it can really be an accelerant to the culture and the ability for the company to move forward and obviously meet those customer demands. >>Well, if you're defining what's new in the world, that's the only way you get there because nobody has, you know, basically a lock on innovation or what's the best next thing. When you have the power of bringing a diverse set of individuals together and really create forms for them to explore debate, argue, as I mentioned, that's where you really move forward. >>How do you think about how, how, how has your thinking changed? The company's thinking changed post pandemic with regard to hybrid work, you have something Elon Musk, you gotta come to work at least 40 hours, or you're gone. We, we, we heard someone on wall street have similar things, say similar things and others have said, Hey, we have no headquarters anymore. You know, we're moving to, you know, someplace remote what's H HP's point of view on >>That. Well, thanks for that question in particular. And Dave, what you outlined is we seem to have a world of two extremes out there. Yeah. Where either companies say it's back to the old days pre COVID and you're not working unless I see the sweat on your brow and you're there at eight o'clock on Monday morning, then we have other companies say, Hey, it doesn't matter. Mail it in wherever you are around the world. You know, we're in between that, we think it's important that people do get together face to face. And in fact, we've asked our team members to come back a couple of three days a week in the office, but to do it in a purposeful, thoughtful way, it doesn't mean just coming in, swiping your bad shame that you were there. It means coming in to collaborate, to meet with customers, to celebrate, to innovate, to work with groups. >>So what we're trying to do now is orchestrate those moments that matter for our team members, for a reason, for them to be together. Now, there's no reason for them to come in the office. If they're on zoom or team meetings all day, we know that. But the fact is we believe that our culture thrives when people get together at least a bit during the week. So we're looking for that happy medium. I can't say we've got it all figured out, but I can tell you right now, we're not on those two extremes. We're absolutely center the plate. >>So you encouraged that. That was a great description. If somebody says, Hey, but I, I really want to go move to Bozeman, you know, and hang out there and I'll work remote and I'll, I'll be productive. You, you enable that as well. Or would you discourage that? Yeah. We've >>Hired people all over the world and we actually have people based upon their job classified. If they're so-called hybrid employees, the, the, the situation I mentioned, which is you're not required to come to the office, but we encourage it. In some cases we do have telecomm commuters. If they have the kind of job where they can work from Bozeman or from Bangalore or from any place else, we're open to that as well. Cuz we don't wanna rule out that talent. But the vast majority of our folks, we'd like to be pretty close to one of our centers of excellence to one of our offices, to one of our locations because that fuels our customers, our, our culture, and really it creates community. Now I can't predict the future, but frankly, a lot of the issues that we've seen through a, the, the pandemic around mental health, around isolation, around increased stress, those are not all gonna go away because people are getting back together. But I do think that the pandemic accelerated and exacerbated, some of those conditions, people do want to be together and we're gonna make that happen. >>I, I can't predict the future, but I often try and I, I predict, I think the hybrid model, it will be the dominant model going forward. And I think that that, that smart organizations will put incentives in place to get people together. Not, oh, you won't get promoted. No, but you're gonna, you're gonna actually enjoy getting together periodically with, with your teammates and we're gonna support you, you know, wherever you want to live. >>Yeah. >>What are some of the key skill sets these days that HPE is looking for to attract these folks in an increasingly digital world? What are some of those things you say ABC gotta have it. >>Well, interesting. You ask that. Get asked that question a lot. And people expect me to say, they gotta know C plus plus they've gotta, you know, know all the latest on AI. They gotta be a mathematical wizard to do all kinds of things that we do in algorithms. You know, it's not, it's not those factors. It's the behavioral factors. We're looking for people. First of all, that have intellectual curiosity. They thrive to learn. They thrive to innovate. They don't want to just do a job. They want to come in and they want to create something big. So I think that's first and foremost, the second one is we look for people that have some resiliency have they had in their experience broadly in life ever had to deal with stress with resistance, with, you know, uncomfortable situations. Not because that's our work environment, but because that's the world, the world is an actively changing one. >>And we need people who have got that resilience and that intellectual curiosity to kind of move forward. And then last but not least. And this goes back to our founder DNA. I, I talk about this a lot. Our founders, bill and Dave talked a lot about basic things, respect for one another collaboration, teamwork. That's our culture. Now that's not the culture that a lot of other firms have out there. And in some companies they have maybe a harder edge, but those are the things that really propel our organization. Those are the things our customers appreciate the most. >>What's your point of view on the, the so-called great resignation? Is it a sort of a media created dynamic? Is it something that is maybe a, a somewhat of a knee jerk reaction in the post isolation economy? How do you think about that? >>You know, I, it's real obviously, and, and we've seen some uptick in our, our turnover, although I'm happy to say our turnovers a half to a third of what our competitors are. So we, we seem to have been able to retain our folks pretty well. But I do think that coming out of the pandemic was a, an inflection point. For many people. It was such a searing experience in so many ways. It caused people to really reflect and say, do I want to do something different now? That's great. But I'd like to have them do something different in HPE, if they're one of our employees. So what we're focusing on is gigs. What's your next opportunity to learn something new, do something new, move to a different area. You know, we used to call it career development. Those days are gone of just job ladders and wait for the next job and wait for the next promotion. It's all about how can you give someone a new opportunity and challenge them. And when you're able to do that, I think you can create a real positive dynamic that results in greater retention. But I do think the great resurrection it's real, it's gonna persist one other data point. Well, before COVID supply and demand, I'm an economist, not a psychologist. And at the end of the day, we have fewer and fewer people available to do the kinds of work that we're trying to hire. So those two factors together do create some, some turnover. >>You know, what's interesting is certainly pre pandemic. The prediction was that machines were gonna replace humans, which has always happened, but for the first time ever, it's in cognitive functions. And there's a lot of concern in the press about, you know, the impact on, on jobs and employment seems like the reverses happened, which is often the way, but, but, but longer term, what's your point of view on, on, on that, that piece of, of the equation, people are talking about digital transformation, AI, we see robotic process automation. Initially, a lot of employees are really concerned. Whoa, they're gonna replace my job. We've certainly seen that. And you know, if you were, you see kiosks at the airport, people used to actually put up, you know, billboards and with, with the glue and paper and you know, those jobs are gone, but now other jobs are, are, are at risk. How do you think about that? What, what should companies like HPE and society do to help people get to the point where they can thrive in that environment? >>Yeah. Look, I, it, it's an observation that, that I could say based upon my career, I've seen for many, many years, I can remember back manufacturing when at least from a us perspective, many of those manufacturing firms were shedding jobs because of automation. And there are short term disruptions and those are real. Those are human. And we do have to help people through those. Now I think one obligation an employer has, is let's start with our own folks. Let's make sure we retrain them. Let's make sure we expose them to the latest skills. Let's give them an opportunity to grow and develop. So I think if we do those things, we can help people through those transitions over the long haul. I'm actually very optimistic. I believe that over time, people self-select, these things don't happen overnight. I'll give you one tiny little anecdote before the pandemic. All of this world about autonomous vehicles can eliminate truck drivers. Well, you know, back in the day I actually drove a truck and it's not just driving. You've gotta interact with somebody in a dock door. You've gotta do all kinds of other tasks that can't be automated. And so things will happen over time, but I don't think we're gonna see this massive social disruption people were worried about. There is an incumbent responsibility on firms to train their own people and to keep them up to speed. And that's something we're deeply committed to at HPE >>Is information technology, employment, a parallel. I mean, everybody thought the cloud was gonna destroy the it, you know, worker that didn't happen. They just sort of changed their skillset. They became, you know, cloud experts or cloud architects. Is there a parallel there? >>Yeah, I think there's absolutely a parallel. And while probably the, the rate of change is quicker in, in some tech industries than perhaps others. All we're doing is creating new markets and new opportunities. And ultimately the lack of, of skill that we have, the lack of talent in the external marketplace is gonna mean that it's still very much an opportunity for people to learn, grow, develop, and be employed. >>Do you think that's, it's a matter of, of, of awareness on people not really understanding that whether it's still fear? >>Well, I, I think there may be some of that, but again, I, I, I do think from a, a broader social perspective, there's probably some things that in the public policy we can do to improve education and training, particularly for new entrants and make sure they're learning the skills for tomorrow's jobs and not just today's, but can I'm optimistic. And I actually think most responsible companies get this. And if you talk to their CEOs, the top tier or three issues that they have include access to talent. So why don't we recycle repurpose and reuse to use the sustainability phrase instead of throwing people outta work that have all kinds of intellectual property and capability to be very productive. And that's what we do at HPE. >>And that curiosity, that's something that you can't teach, right? Exactly. Have it, or >>You don't. Exactly. >>So last question, in terms of, of looking at culture corporate culture, as a, as an accelerant, as a catalyst of digital transformation, how do you advise leadership teams? >>Well, I, we've done a fair amount of work in the last five years, defining the culture in very small frankly soundbites. And the way you make that come to life is back what I mentioned before. You have to engage people and ask them to debate it. What does it mean to say, commit and go? What does it mean to say force for good, those kind of conversations, help your culture evolve, help your culture become real and not just a bunch of words on some piece of paper or, or posters someplace. I will say from my experience, and, and particularly with a new entrance to the workforce, if you can't define your culture quickly for this next generation coming in, you're, you're, there's no way you're gonna attract that talent. And so put me on the spot. HPE is here to help people live and grow and work better, and we try to be a force for good. We focus on that and we create work that fits your life. Not the other way around. That's my elevator speech. It sounds pithy, but it's an invitation to have a deeper discussion. >>I love it. And I think this is only day one for us here, but I think that we're, we're seeing, and we're feeling that culture there's 8,000 or so HP folks, executives, partners, customers, ready to come back and innovate with each other. I think that culture is palpable, that you've created. >>Great. It's exciting. And thank you so much for being part of it. >>Thanks, Alan. Pleasure. Thanks, Alan. We appreciate your insights. Okay. For our guests. I'm Dave ante. I Lisa Martin stick around. You're watching the cube, the leader in live tech coverage, and we're gonna be back after your short break.

>>welcome back everyone. We're back to intermission. I'm hama in case you forgot and hear them with Brett and Peter. So what a great morning afternoon. We've had like we're now in the home stretch and you know, I really want to give a shout out to all of you who are sticking with us, especially if you're in different time zone than pacific. So I then jumped into the community rooms. The spanish won, the Brazilian won the french one. Everybody is just going strong. So again, so much so gratitude for that. Thank you for being so involved and really participating the chat rooms in the community. The chat windows in the community rooms are just going nuts. So it's, it's really good to see that. And as usual, Peter and brat had some great, very interactive panels and that was very exciting to watch. But you know, since they were on the panels, I decided to go and see some other things and I actually attended the last mile of container ization. That was, that was actually a very good session. We had a lot of good interactivity there. Yeah. And then while also talked about the container security in the cloud native world. So that was, I think that was your panel peter. That was, that was very exciting. And um, I want to share with everybody the numbers that we've been seeing for dr khan live. So as, as of, I'm sorry, said we need a drumroll. We do need a drum roll. Can you do a drum roll for me? No, no, no. >>Just a >>symbol. Okay, good. Go. Uh, we're at over 22,000 attendees um, today. So that's amazing. That's great. I love the sound effect. That's a great sound effect. The community rooms continue to be really engaged. We're still seeing hundreds of people in those rooms. So again shout out to everyone who is participating. And I felt again like a kid in a candy store didn't know which sessions to attend. They were all very interesting and you know, we're getting some good feedback on twitter. I want to read out some more tweets that we got and one in particular, I don't know whether to feel happy for this person or sad for this person, but it's uh well the initials are P. W. And he said that he was up at two am to watch the keynotes. So again, I'll let you decide whether you're it's a good thing or not, but we're happy to have you PW is awesome. Um as well. There was someone who said that these features are so needed. The things that dr announced this morning in the keynotes and that doctor has reacted to our pains and I think they mean has addressed their pain. So that was really gratifying to read. Yeah, really wonderful. That's some other countries that I didn't shout out before this just tells you what the breadth and scope of our community is. Indonesia, la paz Bolivia, Greece, Munich, Ukraine, oxford UK Australia Philippines. And there's just more and I'm going to do a special shadow to Montreal because that's where I'm from. So yes, applause for that. It was really great. And so I just want to thank all of you. Um, I want to encourage you when we talked about the power of community. Remember we're doing a fundraiser. So to combat Covid for Covid relief or actually all that money is going to go to UNICEF. Docker is contributing 10,000 and we're doing a go fund me. And the link is there on the screen. So please donate. You know, just $1. 1 person each of you donates $1. We would have raised over $22,000. So please please find it within you to contribute because again, our communities that are, that are the most effective are India and brazil, which are are very active doctor affinity. So please give back. I really appreciate that >>highlighted by the brazil. Yeah. >>You're going to brazil room and get them all to donate. Exactly. Um, also want to encourage, you know, if you're interested in participating in our, in our road map. Our public road map is on GIT hub. So it's get home dot com slash docker slash roadmap. And that's something that you can participate in and vote up features that you want to see. We love to get the community involved and participating in our, in our road map. So make sure to check that out. And I also want to note on that >>Hello can real quick. I'm sorry. Yeah, I talk about our road map all the time, but honestly folks out there are PMS are in their our ceo is in there that we do watch that. That is our roadmap is extremely, extremely important to us. So any features complaints, right, joining the conversation. That's a great way to get uh to interact with Docker in our products. Right. We we really highly valued the road map. Okay, back to your mama, sorry. >>Oh absolutely. And if you want to see us be even more responsive to what you need to participate in that road map discussion. That's really great. Um a couple of things coming up, just want to put the spotlight on. We have at 3 15 what's new with with desktop from our own ue cow. So I highly recommend that you attend that session and of course there's the Woman in tech live panel. So this is very exciting, moderated by yours truly and it has putting a spotlight on our women captains and our women developers. So that's very exciting. But I also hear that we're doing there's a session with jay frog coming up so peter, why don't you talk about that a little bit? >>Yeah, we have a session coming up from our partners from jay frog around devops patterns and anti patterns for continuous software updates. And another one that I'm extremely excited about is uh RM one talk from our very own Tony's from Docker. So if you have an M one and you're interested in multi arc architecture builds, check that out. It's gonna be a great, great talk. Um and then we have melissa McKay also from jay frog, talking about Docker and the container ecosystem and last but definitely not least. We'll check them all out there. Going to be great. But Brett is going to be doing I think the best panel that I'm gonna go watch and he made up a new word, it's called say this. I'm all about the trending new words today about this is gonna be awesome. Yeah. Yeah >>I'm going to have the battle bottle of the panels. >>Yeah. Yeah well mine's before years so we're not competing. So yeah we have we have two excellent panels in a row to finish off the day and just seven list is basically how to run, how can we run containers without managing servers? So it doesn't mean you don't actually have infrastructure just let's not manage service. Um Yeah and we we uh need to wrap it up and >>Uh before we do that I just want to um tell everyone that we actually have a promotion going on. So we um for those that sign up for a pro or team subscription, we're offering a 20% off so there's the U. R. L.. You can check out what the promotion is and this is for a new and returning users so you can use the promo code dr khan 21 all the information is on the website are really encourage you to check that out promotion for 20% off, join us for our panels. And we're doing a wrap up at five p.m. Where we'll have our own Ceo and that wrap up portion. Look forward to seeing there. All right, >>thank you too. All right everyone we'll see you on the next go around coming up next me and some other people awesome and Yeah. Mhm. Mhm. Yeah. >>Yeah. Yeah. Mhm. Is >>a really varied community. There's a lot of people with completely different backgrounds, completely different experience levels and completely different goals about how they want to use Docker. And I think that's really interesting. It's always easy to talk about the technology that I've used for so many years. I really love Doctor and I can find so many ways that it's useful and it's great to use in your day to day work clothes. I've >>used doctor for anything from um tracking airplanes with my son, which was a kind of cool project to more professional projects where we actually Built one of the first database as his services using docker even before it was 10 and I was released and we took it further and we start composing monitoring tools. We really start taking it to the next level. And we got to the point where I was trying to make everything in a container, I love to use >>doctor to make disposable project so I can download the project and it's been that up using Docker compose or something like that in a way that every developer that works in the project doesn't even need to know the underlying technology doesn't just need to run Docker compose up and the whole project is going to be up and running even if >>you're not using doctor and production, there are a lot of other ways that you can use doctor to make your life so much easier. As a developer, you can run your projects on your machine locally. Um as a tester you can actually launch test containers and be able to run um dependencies that your project requires. You can run real life versions so that um you're as close to production as possible. >>I was able to migrate most of the workloads from our on from uh to the cloud. Running complete IEDs inside a docker or running it or using it basically to replace their build scripts or using it to run not web applications but maybe compile c plus plus code or compile um projects that really just require some sort of consistency across their team, >>whether it be a web app or a database, I can control these all the same. That was really the power I saw within Doctors standardization and the portability >>doctor isn't the one that created containers uh and uh but it's the one that made it uh democratically possible, so everyone use it. And this effort has made the technology environment so much better for everyone that uses it, both for developers and for end users. So this >>past year has been quite interesting and I think we're all in the same boat here, so no one has, no one is an exception to this, but what we all learn from it is, you know, the community is very important and to lean on other people for help for assistance. >>Yeah, it's been really challenging of course, but I think the biggest and most obvious thing that I've learned both on a personal and a business perspective is just to be ready to adapt to change and don't be afraid of it either. I think it's worth noting that you should never really take it for granted that the paradigms of, you know, the world or technology or something like that aren't going to shift drastically and very, very quickly. >>I'm looking forward to what is coming down the pipe with doctor. What more are they going to throw our way in order to make our lives easier? >>It's very interesting to see the company grow and adapt the way it has. I mean it as well as the community, it's been very interesting to see, you know, how, you know, the return to develop our focus is now the main focus and I find that's very interesting because, you know, developers are the ones that really boost the doctor to where it is today. And if we keep on encouraging these developer innovation, we'll just see more tools being developed on top of Doctor in the future, and that's what I'm really excited to see with Doctor and the technology in the future.

>> Welcome back to Cube On Cloud. My name is Paul Gillin, enterprise editor at SiliconANGLE, and I'm pleased to now have as a guest on the show. Amit Zephyr, excuse me, general manager, vice president of business application platform at Google cloud. Amit is a formerly EVP and corporate officer for product development at Oracle cloud, 24 years at Oracle, and by my account a veteran of seven previous appearances on theCube. Amit welcome, thanks for joining us. >> Thanks for having me Paul, it's always good to be back on theCube. >> Now you are... one of your big focus areas right now is on low-code and no-code. Of course this is a market that seems to be growing explosively. We often hear low code/no code used in the same breath as if they're the same thing. In fact, how are they different? >> I think it's a huge difference, now. I think industry started as low-code mode for many, many years. I mean, there were technologies, or tools provided for kind of helping developers be more productive that's what low-code was doing. It was not really meant, even though it was positioned for citizen developers it was very hard for a non technologist to really build application using low code. No-code is really meant as the word stands, no code. So there's really no coding, there's no understanding required about the underlying technology stack, or knowing how constructs works or how the data is laid out. All that stuff is kind of hidden and abstracted out from you. You are really focused as a citizen developer or a line of business user, in kind of delivering what your business application requirements are, and the business flows are, without having to know anything about writing any code. So you can build applications, you can build your interfaces and not have to learn anything about a single line of code. So that's really no-code and I think they getting to a phase now where the platforms have gotten much stronger and better where you can do very good productive applications without having to write a single line of code. So that's really the goal with no-code, and that's really the future in terms of how we will get more and more line of business users, or citizen developers to build applications they need for their day-to-day work. >> So when would you use one or the other? >> I think since low-code you would probably any developer has been around for eight, 10 years, if not longer where you extract out some of this stuff you can do some of the things in terms of not having to write some code where you have a lot of modules pre-built for you, and then when you want to mix a lot of changes, you go and drop into an ID and write some code or make some changes to a code. So you still get into that, and those are really focused towards semi-professional developers or IT in many cases or even developers who want to reduce the time required to start from, write and building an application. so it makes you much more productive. So if you are a really some semi-professional or you are a developer, you can either use use low-code to improve your productivity and not start from scratch. No-code is really used for folks who are really not interested in learning about coding, don't have any experience in it, and still want to be productive and build applications. And that's really when I would start with.. I would not give a low code to a citizen developer or a line of business user who has no experience with any coding. And that's not really.. It will only productive, They'll get frustrated and not deliver what you need, and not get anything out of it and many cases. >> Well, I've been around this industry long enough to remember fourth-generation languages and visual basic >> Yeah and the predecessors that never really caught on in a big way. I mean, they certainly had big audiences but, right now we're seeing 40, 50% annual market growth. Why is this market suddenly so hot? >> Yeah it's not a difference. I think that as you said, the 4G deal and I think a lot of those tools, even if you look at forms, and PLC and we kind of extracted out the technology and made it easier, but it was not very clear who they were targeting with that. They're still targeting the same developer audience. So the they never expanded the universe of users. It was same user base, just making it simpler for them. So, with those low-code tools, it never landed them getting more and more user base out of that. With no-code platforms, you are now expanding the user community. You are giving this capabilities to more and more users than a low-code tools could provide. That's why I think the growth is much faster. So if you find the right no-code platform, you will see a lot more adoption because you're solving a real problem, you are giving them a lot more capabilities and making the user productive without having to depend on IT in many cases, or having to wait for a lot of those big applications to be built for them even though they need it immediately. So I think that's why I think you're solving a real business problem and giving a lot more capabilities to users and no doubt the users love it and they start expanding the usage. It's very viral adoption in many cases after that. >> Historically the rap on these tools has been that, because they're typically interpreted, the performance is never going to be up to that of application written in C plus plus or something. Is that still the case? Is that a sort of structural weakness of no-code tools or is that changing? >> I think the early days probably not any more. I think if you look at what we are doing at Google Cloud for example, it's not interpreted, I mean, it does do a lot of heavy lifting underneath the covers, but, and you don't have to go into the coding part of it but it brings the whole Cloud platform with it, right? So the scalability, the security the performance, availability all that stuff is built into the platform. So it's not a tool, it's a platform. I think that's thing, the big difference. Most of the early days you will see a lot of these things as a tool, which you can use it, and there's nothing underneath the covers the run kinds are very weak, there's really not the full Cloud platform provided with it, but I think the way we seeing it now and over the last many years, what we have done and what we continue to do, is to bring the power of the Cloud platform with it. So you're not missing out on the scalability, the performance, security, even the compliance and governance is built in. So IT is part of the process even though they might not build an application themselves. And that's where I think the barriers have been lifted. And again, it's not a solution for everything also. I'm not saying that this would go in, if you want to build a full end to end e-commerce site for example, I would not use a no-code platform for it, because you're going to do a lot more heavy lifting, you might want to integrate with a lot of custom stuff, you might build a custom experience. All that kind of stuff might not be that doable, but there are a lot of use cases now, which you can deliver with a platform like what we've been building at Google cloud. >> So, talk about what you're doing at Google cloud. Do you have a play in both the low-code and the no-code market? Do you favor one over the other? >> Yeah no I think we've employed technologies and services across the gamut of different requirements, right? I mean, our goal is not that we will only address one market needs and we'll ignore the rest of the things required for our developer community. So as you know, Google cloud has been very focused for many years delivering capabilities for developer community. With technology we deliver the Kubernetes and containers tend to flow for AI, compute storage all that kind of stuff is really developer centric. We have a lot of developers build applications on it writing code. They have abstracted some of this stuff and provide a lot of low-code technologies like Firebase for building mobile apps, the millions of apps mobile apps built by developers using Firebase today that it does abstract out the technology. And then you don't have to do a lot of heavy lifting yourself. So we do provide a lot of low-code tooling as well. And now, as we see the need for no-code especially kind of empowering the line of business user and citizen developers, we acquired a company called AppSheet, early 2020, and integrated that as part of our Google Cloud Platform as well as the workspace. So the G suite, the Gmail, all the technology all the services we provide for productivity and collaboration. And allowed users to now extend that collaboration capabilities by adding a workflow, and adding another app experience as needed for a particular business user needs. So that's how we looking at it like making sure that we can deliver a platform for spectrum of different use cases. And get that flexibility for the end user in terms of whatever they need to do, we should be able to provide as part of a Google Cloud Platform now. >> So as far as Google Cloud's positioning, I mean you're number three in the market you're growing but not really changing the distance between you and Microsoft for what public information we've been able to see in AWS. In Microsoft you have a company that has a long history with developers and of development tools and really as is that as a core strength do you see your low-code/no-code strategy as being a way to make up ground on them? >> Yeah, I think that the way to look at the market, and again I know the industry analyst and the market loves to do rankings in this world but, I think the Cloud business is probably big enough for a lot of vendors. I mean, this is growing as the amazing pace as you know. And it is becoming, it's a large investment. It takes time for a lot of the vendors to deliver everything they need to. But today, if you look at a lot of the net new growth and lot of net new customers, we seeing a huge percentage of share coming to Google Cloud, right? And we continue to announce some of the public things and the results will come out again every quarter. And we tried to break out the Cloud segment in the Google results more regularly so that people get an idea of how well they're doing in the Cloud business. So we are very comfortable where we are in terms of our growth in terms of our adoption, as well as in terms of how we delivering all the value our customers require, right? So, note out one of the parts we want to do is make sure that we have a end to end offering for all of the different use cases customers require and no-code is one of the parts we want to deliver for our customers as well. We've done very good capabilities and our data analytics. We do a lot of work around AIML, industry solutions. You look at the adoption we've had around a lot of those platform and Hybrid and MultiCloud. It's been growing very, very fast. And this one more additional things we are going to do, so that we can deliver what our customers are asking for. We're not too worried about the rankings we are worried about really making sure we're delivering the value to our customers. And we're seeing that it doesn't end very well. And if you look at the numbers now, I mean the growth rate is higher than any other Cloud vendor as well as be seeing a huge amount of demand been on Google Cloud as well. >> Well, not to belabor the point, but naturally your growth rate is going to be higher if you're a third of the market, I mean, how important is it to you to break into, to surpass the number two? How important are rankings within the Google Cloud team, or are you focused mainly more on growth and just consistency? >> No, I don't think again, I'm not worried about... we are not focused on ranking, or any of that stuff typically, I think we were worried about making sure customers are satisfied, and the adding more and more customers. So if you look at the volume of customers we're signing up, a lot of the large deals they didn't... do we need to look at the announcement we'd made over the last year, has been tremendous momentum around that. Lot of large banks, lot of large telecommunication companies large enterprises, name them. I think all of them are starting to kind of pick up Google Cloud. So if you follow that, I think that's really what is satisfying for us. And the results are starting to show that growth and the momentum. So we can't cover the gap we had in the previous... Because Google Cloud started late in this market. So if Cloud business grows by accumulating revenue over many years. So I cant look at the history, I'm looking at the future really. And if you look at the growth for the new business and the percentage of the net new business, we're doing better than pretty much any other vendor out there. >> And you said you were stepping up your reference to disclose those numbers. Was that what I heard you say? >> I think every quarter you're seeing that, I think we started announcing our revenue and growth numbers, and we started to do a lot of reporting about our Cloud business and that you will start, you see more and more and more of that regularly from Google now. >> Let's get back just briefly to the low-code/no-code discussion. A lot of companies looking at how to roll this out right now. You've got some big governance issues involved here. If you have a lot of citizen developers you also have the potential for chaos. What advice are you giving customers using your tools for how they should organize around citizen development? >> Yeah, no, I think no doubt. If this needs to be adopted by enterprise you can't make it a completely rogue or a completely shadow based development capabilities. So part of our no-code platform, one thing you want to make sure that this is enterprise ready, it has many aspects required for that. One is compliance making sure you have all the regulatory things delivered for data, privacy, security. Second is governance. A lot of the IT departments want to make sure who's using this platform? How are they accessing it? Are they getting the right security privileges associated with that? Are we giving them the right permissions? So in our a no-code platform we adding all this compliance, and governance regulatory stuff as part of our underlying platform, even though the end user might not have to worry about it the person who's building applications shouldn't have to think about it, but we do want to give controls to IT as needed by the large enterprises. So that is a big part of how we deliver this. We're not thinking about this as like go and build it, and then we write it once you have to do things for your enterprise, and then get it to do it again and again. Because then it just a waste of time and you're not getting the benefit of the platform at all. So we bringing those things together where we have a very easy to use, very powerful no-code platform with the enterprise compliance as well as governance built into that platform as well. And that is really resonating. If you look at a lot of the customers we're working with they do require that and they get excited about it as well as the democratizing of all of their line of business users. They're very happy that they're getting that kind of a platform, which they can scale from and deliver the productivity required. >> Certainly going to make businesses look very different in the future. And speaking of futures, It is January it's time to do predictions. What are your predictions (laughs) for the Cloud for this year? >> No I think that I mean no doubt cloud has become the center for pretty much every company now, I think the digital transformation especially with COVID, has greatly accelerated. We have seen many customers now who are thinking of pieces of their platform, pieces of their workflow or business to be digitized. Now that's trying to do it for all of it. So the one part which we see for this year is the need for more and more of efficiency in the industry are verticalized business workflows. It's not just about providing a plain vanilla Cloud Platform but also providing a lot more content and business details and business workflows by industry segments. So we've been doing a lot of work and we expect a huge amount of that to be becoming more and more core part of our offering as well as what customers are asking for. Where you might need things around say know your customer kind of workflow for financial services, Telehealth for healthcare. I mean, every industry has specific things like demand management and demand forecasting for retail but making that as part of a Cloud service not just saying, hey, I have compute storage network. I have some kind of a platform go add it and go and build what you want for your industry needs, We want to provide them that all those kinds of business processes and content for those industries as well. So we identified six, seven, industries. We see that as a kind of the driving factor for our Cloud growth, as well as helping our customers be much more productive as well as seeing the value of Cloud being much more realistic for them versus just a replacement for the data center. I think that's really the big shift in 21 I think. And I think that will make a big difference for all the companies who are really trying to digitize and be in forefront of the needs as their customers require in the future. >> Of course all of this accelerated by the pandemic and all of the specialized needs that have emerged from that. >> And I think the bond, which is important as well, I think as you know, I mean, everybody talks about AIML as like a big thing. No doubt AIML is an important element of it, but if you make that usable and powerful through this kind of workflows and business processes, as well as particular business applications, I think you see a lot more interest in using it than just a plain manila framework or just technology for the technology sake. So we try to bring the power of AI and ML into this business and industry applications, where we have a lot of good technologists at Google who knows how to use all these things. You wanted to bring that into those applications and platforms >> Exciting times ahead. Amit Zavery thank you so much for joining us. You look just as comfortable as I would expect someone to be who is doing his eighth Cube interview. Thanks for joining us. >> (laughing) Thanks for having me, Paul. >> That's it for this segment of Cube On Cloud, I'm Paul Gillin, stay tuned. (soft music)

>> Welcome back to Cube On Cloud. My name is Paul Gillin, enterprise editor at SiliconANGLE, and I'm pleased to now have as a guest on the show. Amit Zephyr, excuse me, general manager, vice president of business application platform at Google cloud. Amit is a formerly EVP and corporate officer for product development at Oracle cloud, 24 years at Oracle, and by my account a veteran of seven previous appearances on theCube. Amit welcome, thanks for joining us. >> Thanks for having me Paul, it's always good to be back on theCube. >> Now you are... one of your big focus areas right now is on low-code and no-code. Of course this is a market that seems to be growing explosively. We often hear low code/no code used in the same breath as if they're the same thing. In fact, how are they different? >> I think it's a huge difference, now. I think industry started as local mode for many, many years. I mean, there were technologies, or tools provided for kind of helping developers be more productive that's what low-code was doing. It was not really meant, even though it was positioned for citizen developers it was very hard for a non technologist to really build application using low code. No-code is really meant as the word stands, no code. So there's really no coding, there's no understanding required about the underlying technology stack, or knowing how constructs works or how the data is laid out. All that stuff is kind of hidden and abstracted out from you. You are really focused as a citizen developer or a line of business user, in kind of delivering what your business application requirements are, and the business flows are, without having to know anything about writing any code. So you can build applications, you can build your interfaces and not have to learn anything about a single line of code. So that's really no-code and I think they getting to a phase now where the platforms have gotten much stronger and better where you can do very good productive applications without having to write a single line of code. So that's really the goal with no-code, and that's really the future in terms of how we will get more and more line of business users, or citizen developers to build applications they need for their day-to-day work. >> So when would you use one or the other? >> I think since low-code you would probably any developer has been around for eight, 10 years, if not longer where you extract out some of this stuff you can do some of the things in terms of not having to write some code where you have a lot of modules pre-built for you, and then when you want to mix a lot of changes, you go and drop into an ID and write some code or make some changes to a code. So you still get into that, and those are really focused towards semi-professional developers or IT in many cases or even developers who want to reduce the time required to start from, write and building an application. so it makes you much more productive. So if you are a really some semi-professional or you are a developer, you can either use use low-code to improve your productivity and not start from scratch. No-code is really used for folks who are really not interested in learning about coding, don't have any experience in it, and still want to be productive and build applications. And that's really when I would start with.. I would not give a low code to a citizen developer or a line of business user who has no experience with any coding. And that's not really.. It will only productive, They'll get frustrated and not deliver what you need, and not get anything out of it and many cases. >> Well, I've been around this industry long enough to remember fourth-generation languages and visual basic >> Yeah and the predecessors that never really caught on in a big way. I mean, they certainly had big audiences but, right now we're seeing 40, 50% annual market growth. Why is this market suddenly so hot? >> Yeah it's not a difference. I think that as you said, the 4G deal and I think a lot of those tools, even if you look at forms, and PLC and we kind of extracted out the technology and made it easier, but it was not very clear who they were targeting with that. They're still targeting the same developer audience. So the they never expanded the universe of users. It was same user base, just making it simpler for them. So, with those low-code tools, it never landed them getting more and more user base out of that. With no-code platforms, you are now expanding the user community. You are giving this capabilities to more and more users than a low-code tools could provide. That's why I think the growth is much faster. So if you find the right no-code platform, you will see a lot more adoption because you're solving a real problem, you are giving them a lot more capabilities and making the user productive without having to depend on IT in many cases, or having to wait for a lot of those big applications to be built for them even though they need it immediately. So I think that's why I think you're solving a real business problem and giving a lot more capabilities to users and no doubt the users love it and they start expanding the usage. It's very viral adoption in many cases after that. >> Historically the rap on these tools has been that, because they're typically interpreted, the performance is never going to be up to that of application written in C plus plus or something. Is that still the case? Is that a sort of structural weakness of no-code tools or is that changing? >> I think the early days probably not any more. I think if you look at what we are doing at Google Cloud for example, it's not interpreted, I mean, it does do a lot of heavy lifting underneath the covers, but, and you don't have to go into the coding part of it but it brings the whole Cloud platform with it, right? So the scalability, the security the performance, availability all that stuff is built into the platform. So it's not a tool, it's a platform. I think that's thing, the big difference. Most of the early days you will see a lot of these things as a tool, which you can use it, and there's nothing underneath the covers the run kinds are very weak, there's really not the full Cloud platform provided with it, but I think the way we seeing it now and over the last many years, what we have done and what we continue to do, is to bring the power of the Cloud platform with it. So you're not missing out on the scalability, the performance, security, even the compliance and governance is built in. So IT is part of the process even though they might not build an application themselves. And that's where I think the barriers have been lifted. And again, it's not a solution for everything also. I'm not saying that this would go in, if you want to build a full end to end e-commerce site for example, I would not use a no-code platform for it, because you're going to do a lot more heavy lifting, you might want to integrate with a lot of custom stuff, you might build a custom experience. All that kind of stuff might not be that doable, but there are a lot of use cases now, which you can deliver with a platform like what we've been building at Google cloud. >> So, talk about what you're doing at Google cloud. Do you have a play in both the low-code and the no-code market? Do you favor one over the other? >> Yeah no I think we've employed technologies and services across the gamut of different requirements, right? I mean, our goal is not that we will only address one market needs and we'll ignore the rest of the things required for our developer community. So as you know, Google cloud has been very focused for many years delivering capabilities for developer community. With technology we deliver the Kubernetes and containers tend to flow for AI, compute storage all that kind of stuff is really developer centric. We have a lot of developers build applications on it writing code. They have abstracted some of this stuff and provide a lot of low-code technologies like Firebase for building mobile apps, the millions of apps mobile apps built by developers using Firebase today that it does abstract out the technology. And then you don't have to do a lot of heavy lifting yourself. So we do provide a lot of low-code tooling as well. And now, as we see the need for no-code especially kind of empowering the line of business user and citizen developers, we acquired a company called AppSheet, early 2020, and integrated that as part of our Google Cloud Platform as well as the workspace. So the G suite, the Gmail, all the technology all the services we provide for productivity and collaboration. And allowed users to now extend that collaboration capabilities by adding a workflow, and adding another app experience as needed for a particular business user needs. So that's how we looking at it like making sure that we can deliver a platform for spectrum of different use cases. And get that flexibility for the end user in terms of whatever they need to do, we should be able to provide as part of a Google Cloud Platform now. >> So as far as Google Cloud's positioning, I mean you're number three in the market you're growing but not really changing the distance between you and Microsoft for what public information we've been able to see in AWS. In Microsoft you have a company that has a long history with developers and of development tools and really as is that as a core strength do you see your low-code/no-code strategy as being a way to make up ground on them? >> Yeah, I think that the way to look at the market, and again I know the industry analyst and the market loves to do rankings in this world but, I think the Cloud business is probably big enough for a lot of vendors. I mean, this is growing as the amazing pace as you know. And it is becoming, it's a large investment. It takes time for a lot of the vendors to deliver everything they need to. But today, if you look at a lot of the net new growth and lot of net new customers, we seeing a huge percentage of share coming to Google Cloud, right? And we continue to announce some of the public things and the results will come out again every quarter. And we tried to break out the Cloud segment in the Google results more regularly so that people get an idea of how well they're doing in the Cloud business. So we are very comfortable where we are in terms of our growth in terms of our adoption, as well as in terms of how we delivering all the value our customers require, right? So, note out one of the parts we want to do is make sure that we have a end to end offering for all of the different use cases customers require and no-code is one of the parts we want to deliver for our customers as well. We've done very good capabilities and our data analytics. We do a lot of work around AIML, industry solutions. You look at the adoption we've had around a lot of those platform and Hybrid and MultiCloud. It's been growing very, very fast. And this one more additional things we are going to do, so that we can deliver what our customers are asking for. We're not too worried about the rankings we are worried about really making sure we're delivering the value to our customers. And we're seeing that it doesn't end very well. And if you look at the numbers now, I mean the growth rate is higher than any other Cloud vendor as well as be seeing a huge amount of demand been on Google Cloud as well. >> Well, not to belabor the point, but naturally your growth rate is going to be higher if you're a third of the market, I mean, how important is it to you to break into, to surpass the number two? How important are rankings within the Google Cloud team, or are you focused mainly more on growth and just consistency? >> No, I don't think again, I'm not worried about... we are not focused on ranking, or any of that stuff typically, I think we were worried about making sure customers are satisfied, and the adding more and more customers. So if you look at the volume of customers we're signing up, a lot of the large deals they didn't... do we need to look at the announcement we'd made over the last year, has been tremendous momentum around that. Lot of large banks, lot of large telecommunication companies large enterprises, name them. I think all of them are starting to kind of pick up Google Cloud. So if you follow that, I think that's really what is satisfying for us. And the results are starting to show that growth and the momentum. So we can't cover the gap we had in the previous... Because Google Cloud started late in this market. So if Cloud business grows by accumulating revenue over many years. So I cant look at the history, I'm looking at the future really. And if you look at the growth for the new business and the percentage of the net new business, we're doing better than pretty much any other vendor out there. >> And you said you were stepping up your reference to disclose those numbers. Was that what I heard you say? >> I think every quarter you're seeing that, I think we started announcing our revenue and growth numbers, and we started to do a lot of reporting about our Cloud business and that you will start, you see more and more and more of that regularly from Google now. >> Let's get back just briefly to the low-code/no-code discussion. A lot of companies looking at how to roll this out right now. You've got some big governance issues involved here. If you have a lot of citizen developers you also have the potential for chaos. What advice are you giving customers using your tools for how they should organize around citizen development? >> Yeah, no, I think no doubt. If this needs to be adopted by enterprise you can't make it a completely rogue or a completely shadow based development capabilities. So part of our no-code platform, one thing you want to make sure that this is enterprise ready, it has many aspects required for that. One is compliance making sure you have all the regulatory things delivered for data, privacy, security. Second is governance. A lot of the IT departments want to make sure who's using this platform? How are they accessing it? Are they getting the right security privileges associated with that? Are we giving them the right permissions? So in our a no-code platform we adding all this compliance, and governance regulatory stuff as part of our underlying platform, even though the end user might not have to worry about it the person who's building applications shouldn't have to think about it, but we do want to give controls to IT as needed by the large enterprises. So that is a big part of how we deliver this. We're not thinking about this as like go and build it, and then we write it once you have to do things for your enterprise, and then get it to do it again and again. Because then it just a waste of time and you're not getting the benefit of the platform at all. So we bringing those things together where we have a very easy to use, very powerful no-code platform with the enterprise compliance as well as governance built into that platform as well. And that is really resonating. If you look at a lot of the customers we're working with they do require that and they get excited about it as well as the democratizing of all of their line of business users. They're very happy that they're getting that kind of a platform, which they can scale from and deliver the productivity required. >> Certainly going to make businesses look very different in the future. And speaking of futures, It is January it's time to do predictions. What are your predictions (laughs) for the Cloud for this year? >> No I think that I mean no doubt cloud has become the center for pretty much every company now, I think the digital transformation especially with COVID, has greatly accelerated. We have seen many customers now who are thinking of pieces of their platform, pieces of their workflow or business to be digitized. Now that's trying to do it for all of it. So the one part which we see for this year is the need for more and more of efficiency in the industry are verticalized business workflows. It's not just about providing a plain vanilla Cloud Platform but also providing a lot more content and business details and business workflows by industry segments. So we've been doing a lot of work and we expect a huge amount of that to be becoming more and more core part of our offering as well as what customers are asking for. Where you might need things around say know your customer kind of workflow for financial services, Telehealth for healthcare. I mean, every industry has specific things like demand management and demand forecasting for retail but making that as part of a Cloud service not just saying, hey, I have compute storage network. I have some kind of a platform go add it and go and build what you want for your industry needs, We want to provide them that all those kinds of business processes and content for those industries as well. So we identified six, seven, industries. We see that as a kind of the driving factor for our Cloud growth, as well as helping our customers be much more productive as well as seeing the value of Cloud being much more realistic for them versus just a replacement for the data center. I think that's really the big shift in 21 I think. And I think that will make a big difference for all the companies who are really trying to digitize and be in forefront of the needs as their customers require in the future. >> Of course all of this accelerated by the pandemic and all of the specialized needs that have emerged from that. >> And I think the bond, which is important as well, I think as you know, I mean, everybody talks about AIML as like a big thing. No doubt AIML is an important element of it, but if you make that usable and powerful through this kind of workflows and business processes, as well as particular business applications, I think you see a lot more interest in using it than just a plain manila framework or just technology for the technology sake. So we try to bring the power of AI and ML into this business and industry applications, where we have a lot of good technologists at Google who knows how to use all these things. You wanted to bring that into those applications and platforms >> Exciting times ahead. Amit Zavery thank you so much for joining us. You look just as comfortable as I would expect someone to be who is doing his eighth Cube interview. Thanks for joining us. >> (laughing) Thanks for having me, Paul. >> That's it for this segment of Cube On Cloud, I'm Paul Gillin, stay tuned. (soft music)

>>from around the globe. It's the Cube with digital coverage of Dell Technologies. World Digital Experience Brought to You by Dell Technologies. >>Welcome to the Cubes Coverage of Dell Technologies World 2020. The Digital Experience. I'm Lisa Martin, and I'm pleased to welcome back a Cube alumni and a new Cube member to the program today. China. My Mondal is back with US Director of Solutions Marketing for Dell Technologies China. But it's great to see you at Dell Technologies world, even though we're very specially death. >>Happy to be back. Thank you, Lisa. >>And Thomas Henson is joining us for the first time. Global business development manager for a I and analytics. Thomas, Welcome to the Cube. >>I am excited to be here. It's my first virtual cube. >>Yeah, well, you better make it a good one. All right. I said we're talking about a I so so much has changed John to me. The last time I saw you were probably were sitting a lot closer together. So much has changed in the last 67 months, but a lot has changed with the adoption of Ai Thomas. Kick us off. What are some of the big things feeling ai adoption right now? >>Yeah, I >>would have to >>say the two biggest things right now or as we look at accelerated compute and by accelerated compute we're not just talking about the continuation of Moore's law, but how In Data Analytics, we're actually doing more processing now with GP use, which give us faster insights. And so now we have the ability to get quicker insights in jobs that may have taken, you know, taking weeks to months a song as we were measuring. And then the second portion is when we start to talk about the innovation going on in the software and framework world, right? So no longer do you have toe know C plus plus or a lower level language. You can actually do it in Python and even pull it off of Get Hub. And it's all part of that open source community. So we're seeing Mawr more folks in the field of data science and deep learning that can actually implement some code. And then we've got faster compute to be able to process that. >>Tell me, what are your thoughts? >>Think I want to add? Is the explosive growth off data on that's actually are fulfilling the AI adoption. Think off. Like all the devices we have, the i o t. On age devices are doing data are pumping data into the pipeline. Our high resolution satellite imagery, all social media generating data. No. All of this data are actually helping the adoption off a I because now we have very granular data tow our friend the AI model Make the AI models are much better. Besides, so the combination off both in, uh, data the power off Like GPU, power surfers are coupled with the inefficient in the eye after and tools helping off. Well, the AI growth that we're seeing today >>trying to make one of the things that we've known for a while now is that it's for a I to be valuable. It's about extracting value from that. Did it? You talked about the massive explosion and data, but yet we know for a long time we've been talking about AI for decades. Initiatives can fail. What can Dell Technologies do now to help companies have successfully I project? >>Yeah, eso As you were saying, Lisa, what we're seeing is the companies are trying to add up AI Technologies toe Dr Value and extract value from their data set. Now the way it needs to be framed is there is a business challenge that customers air trying to solve. The business challenge gets transformed into a data science problem. That data scientist is going toe work with the high technology, trained them on it. That data science problem gets to the data science solution on. Then it needs to be mapped to production deployment as a business solution. What happens? Ah, lot off. The time is the companies do not plan for output transition from all scale proof of concept that it a scientists are playing with, like a smaller set of data two, when it goes toe the large production deployment dealing with terabytes toe terabyte self data. Now that's where we come in. At their technologies, we have into end solutions for the, uh for the ai for pollution in the customers journeys starting from proof of concept to production. And it is all a seamless consular and very scalable. >>So if some of the challenges there are just starting with iterations. Thomas question for you as business development manager, those folks that John um I talked about the data scientists, the business. How are you helping them come together from the beginning so that when the POC is initiated, it actually can go on the right trajectory to be successful? >>No, that's a great point. And just to kind of build off of what Shonda my was talking about, You know, we call it that last mile, right? Like, Hey, I've got a great POC. How do I get into production? Well, if you have executive sponsorship and it's like, Hey, everybody was on board, but it's gonna take six months to a year. It's like, Whoa, you're gonna lose some momentum. So where we help our customers is, you know, by partnering with them to show them how to build, you know, from an i t. And infrastructure perspective what that ai architectural looks like, right? So we have multiple solutions around that, and at the end of the day, it's about just like Sean. Um, I was saying, You know, we may start off with a project that maybe it's only half a terabyte. Maybe it's 10 terabytes, but once you go into production, if it turns out to be three petabytes four petabytes. Nobody really, you know, has the infrastructure built unless they built on those solid practices. And that's where our solutions come in. So we can go from small scale laboratory all the way large scale production without having to move any of that data. Right? So, you know, at the heart of that is power scale and giving you that ability to scale your data and no more data migration so that you can handle one PC or multiple PCs as those models continue to improve as you start to move into production >>and I'm sticking with you 1st. 2nd 0, sorry. Trying to go ahead. >>So I was going to add that, uh, just like posthumous said right. So if you were a data scientist, you are working with this data science workstations, but getting the data from, uh, L M c our scales thes scale out platform and, uh, as it is growing from, you see two large kills production data can stay in place with the power scale platform. You can add notes, and it can grow to petabytes. And you can add in not just the workstations, but also our They'll power it, solve our switches building out our enter A I ready solutions are already solution for your production. Giving are very seamless experience from the data scientist with the i t. >>So China may will stick with you then. I'm curious to know in the last 6 to 7 months since 2020 has gone in a very different direction thing we all would have predicted our last Dell Technologies world together. What are you seeing? China. My in terms of acceleration or maybe different industries. What our customers needs, how they changed. I guess I should say in the in 2020. >>So in 2020 we're seeing the adoption off a I even more rapidly. Uh, if you think about customers ranging from like say, uh, media and entertainment industry toe, uh, the customer services off any organization to, uh the healthcare and life sciences with lots off genome analysts is going on in all of these places where we're dealing with large are datasets. We're seeing ah, lot off adoption foster processing off A. I R. Technologies, uh, giving with, say, the all the research that the's Biosciences organizations are happening. Uh, Thomas, I know like you are working with, like, a customer. So, uh, can you give us a little bit more example in there? >>Yes, one of the areas. You know, we're talking about 2021 of the things that we're seeing Mawr and Mawr is just the expansion of Just look at the need for customer support, right arm or folks working remotely their arm or folks that are learning remote. I know my child is going through virtual schools, So think about your I t organization and how Maney calls you're having now to expand. And so this is a great area where we're starting to see innovation within a I and model building to be ableto have you know, let's call it, you know, the next generation of chatbots rights. You can actually build these models off the data toe, augment those soup sports systems >>because you >>have two choices, right? You can either. You know, you you can either expand out your call center right for for we're not sure how long or you can use AI and analytics to help augment to help maybe answer some of those first baseline questions. The great thing about customers who are choosing power scale and Dell Technologies. Their partner is they already have. The resource is to be able to hold on to that data That's gonna help them train those models to help. >>So, Thomas, whenever we're talking about data, the explosions it brings to mind compliance. Protection, security. We've seen ransom where really skyrocket in 2020. Just you know, the other week there was the VA was hit. Um, I think there was also a social media Facebook instagram ticktock, 235 million users because there was an unsecured cloud database. So that vector is expanding. How can you help customers? Customers accelerate their AI projects? Well, ensuring compliance and protection and security of that data. >>Really? That's the sweet spot for power scale. We're talking with customers, right? You know, built on one FS with all the security features in mind. And I, too, came from the analytics world. So I remember in the early days of Hadoop, where, you know, as a software developer, we didn't need security, right? We you know, we were doing researching stuff, but then when we took it to the customer and and we're pushing to production, But what about all the security features. We needed >>the same thing >>for artificial intelligence, right? We want toe. We want to make sure that we're putting those security features and compliance is in. And that's where you know, from from an AI architecture perspective, by starting with one FS is at the heart of that solution. You can know that you're protecting for you know, all the enterprise features that you need, whether it be from compliance, thio, data strategy, toe backup and recovery as well. >>So when we're talking about big data volumes Chanda, mind we have to talk about the hyper scale er's talk to us about, you know, they each offer azure A W s Google cloud hundreds of AI services. So how does DEL help customers use the public cloud the data that's created outside of it and use all of those use that the right AI services to extract that value? >>Yeah. Now, as you mentioned, all of these hyper scholars are they differentiate with our office is like a i m l r Deep Learning Technologies, right? And as our customer, you want toe leverage based off all the, uh, all the cloud has to offer and not stuck with one particular cloud provider. However, we're talking about terabytes off data, right? So if you are happy with what doing service A from cloud provider say Google what you want to move to take advantage off another surface off from Asia? It comes with a very high English p a migration risk on time it will take to move the data itself. Now that's not good, right? As the customer, we should be able to live for it. Best off breed our cloud services for AI and for that matter, for anything across the board. Now, how we help customers is you can have all of your data say, in a managed, uh, managed cloud service provider running on power scale. But then you can connect from this managed cloud service provider directly toe any off the hyper scholars. You can connect toe aws, azure, Google Cloud and even, like even, uh, the in place analytics that power scale offers you can run. Uh, those, uh I mean, run those clouds AI services directly on that data simultaneously from these three, and I'll add like one more thing, right? Thes keep learning. Technologies need GPU power solvers, right? and cloud even within like one cloud is not homogeneous environment. Like sometimes you'll find a US East has or gp part solvers. But like you are in the West and the same for other providers. No, with our still our technologies cloud power scale for multi cloud our scale is sitting outside off those hyper scholars connected directly to our any off this on. Then you can burst into different clouds, take advantage off our spot. Instances on are like leverage. All the GP is not from one particular service provider part. All of those be our hyper scholars. So those are some examples off the work we're doing in the multi cloud world for a I >>So that's day. You're talking about data there. So powers failed for multi cloud for data that's created outside the public club. But Thomas, what about for data that's created inside the cloud? How does Del help with that? >>Yes. So, this year, we actually released a solution, uh, in conjunction with G C. P. So within Google Cloud, you can have power scale for one fs, right? And so that's that native native feature. So, you know, goes through all the compliance and all the features within being a part of that G c p natively eso counts towards your credits and your GP Google building as well. But it's still all the features that you have. And so we've been running some, actually, some benchmarks. So we've got a couple of white papers out there, that kind of detail. You know what we can do from an artificial intelligence perspective back to Sean Demise Example. We were just talking about, you know, being able to use more and more GPU. So we we've done that to run some of our AI benchmarks against that and then also, you know, jumped into the Hadoop space. But because you know, that's 11 area from a power scale, prospective customers were really interested. Um, and they have been for years. And then, really, the the awesome portion about this is for customers that are looking for a hybrid solution. Or maybe it's their first kickoff to it. So back Lisa to those compliance features that we were talking about those air still inherent within that native Google G C P one fs version, but then also for customers that have it on prim. You can use those same features to burst your data into, um, your isil on cluster using all the same native tools that you've been using for years within your enterprise. >>God, it's so starting out for power. Skill for Google Cloud Trying to get back to you Kind of wrapping things up here. What are some of the things that we're going to see next from Dell from an AI Solutions perspective? >>Yes. So we are working on many different interesting projects ranging from, uh, the latest, uh, in video Salford's that they have announced d d x a 100. And in fact, two weeks ago at GTC, uh, Syria announced take too far parts with, uh, it takes a 100 solvers. We're part off that ecosystem. And we are working with, uh, the leading, uh uh, solutions toe benchmark, our ai, uh, environments, uh, for all the storage, uh, ensuring, like we are providing, like, all the throughput and scalability that we have to offer >>Thomas finishing with you from the customer perspective. As we talked about so many changes this year alone as we approach calendar year 2021 what are some of the things that Dell is doing with its customers with its partners, the hyper scale er's and video, for example, Do you think customers are really going to be able to truly accelerate successful AI projects? >>Yeah. So the first thing I'd like to talk about is what we're doing with the D. G. S A 100. So this month that GTC you saw our solution for a reference architecture for the G s, a 100 plus power scale. So you talk about speed and how we can move customers insights. I mean, some of the numbers that we're seeing off of that are really a really amazing right. And so this is gives the customers the ability to still, you know, take all the features and use use I salon and one f s, um, like they have in the past, but now combined with the speed of the A 100 still be ableto speed up. How fast they're using those building out those deep learning models and then secondly, with that that gives them the ability to scale to. So there's some features inherent within this reference architecture that allow for you to make more use, right? So bring mawr data scientists and more modelers GP use because that's one thing you don't see Data scientist turning away right there always like, Hey, you know, I mean, this this project here needs needs a GPU. And so, you know, from a power scale one fs perspective, we want to be able to make sure that we're supporting that. So that as that data continues to grow, which, you know we're seeing is one of the large factors. Whenever we're talking about artificial intelligence is the scale for the data. We wanna them to be able to continue to build out that data consolidation area for all these multiple different workloads. That air coming in. >>Excellent, Thomas. Thanks for sharing that. Hopefully next time we get to see you guys in person and we can talk about a customer who has done something very successful with you guys. Kind of me. Always great to talk to you. Thank you for joining us. >>Thank you. Thank you >>for China. May Mandel and Thomas Henson. I'm Lisa Martin. You're watching the cubes Coverage of Dell Technologies, World 2020

>>from around the globe. It's the Cube with digital coverage of VM World 2020 brought to you by VM Ware and its ecosystem partners. Hello and welcome back to the cubes. Virtual coverage of VM World 2020 Virtual I'm John for your host of the Cube, our 11th year covering V emeralds. Not in person. It's virtual. I'm with my coast, Dave. A lot, of course. Ah, guest has been on every year since the cubes existed. Sanjay Putin, who is now the chief operating officer for VM Ware Sanjay, Great to see you. It's our 11th years. Virtual. We're not in person. Usually high five are going around. But hey, virtual fist pump, >>virtual pissed bump to you, John and Dave, always a pleasure to talk to you. I give you more than a virtual pistol. Here's a virtual hug. >>Well, so >>great. Back at great. >>Great to have you on. First of all, a lot more people attending the emerald this year because it's virtual again, it doesn't have the face to face. It is a community and technical events, so people do value that face to face. Um, but it is virtually a ton of content, great guests. You guys have a great program here, Very customer centric. Kind of. The theme is, you know, unpredictable future eyes is really what it's all about. We've talked about covert you've been on before. What's going on in your perspective? What's the theme of your main talks? >>Ah, yeah. Thank you, John. It's always a pleasure to talk to you folks. We we felt as we thought, about how we could make this content dynamic. We always want to make it fresh. You know, a virtual show of this kind and program of this kind. We all are becoming experts at many Ted talks or ESPN. Whatever your favorite program is 60 minutes on becoming digital producers of content. So it has to be crisp, and everybody I think was doing this has found ways by which you reduce the content. You know, Pat and I would have normally given 90 minute keynotes on day one and then 90 minutes again on day two. So 180 minutes worth of content were reduced that now into something that is that entire 180 minutes in something that is but 60 minutes. You you get a chance to use as you've seen from the keynote an incredible, incredible, you know, packed array of both announcements from Pat myself. So we really thought about how we could organize this in a way where the content was clear, crisp and compelling. Thekla's piece of it needed also be concise, but then supplemented with hundreds of sessions that were as often as possible, made it a goal that if you're gonna do a break out session that has to be incorporate or lead with the customer, so you'll see not just that we have some incredible sea level speakers from customers that have featured in in our pattern, Mikey notes like John Donahoe, CEO of Nike or Lorry beer C I, a global sea of JPMorgan Chase partner Baba, who is CEO of Zuma Jensen Wang, who is CEO of video. Incredible people. Then we also had some luminaries. We're gonna be talking in our vision track people like in the annuity. I mean, one of the most powerful women the world many years ranked by Fortune magazine, chairman, CEO Pepsi or Bryan Stevenson, the person who start in just mercy. If you watch that movie, he's a really key fighter for social justice and criminal. You know, reform and jails and the incarceration systems. And Malala made an appearance. Do I asked her personally, I got to know her and her dad's and she spoke two years ago. I asked her toe making appearance with us. So it's a really, really exciting until we get to do some creative stuff in terms of digital content this year. >>So on the product side and the momentum side, you have great decisions you guys have made in the past. We covered that with Pat Gelsinger, but the business performance has been very strong with VM. Where, uh, props to you guys, Where does this all tie together for in your mind? Because you have the transformation going on in a highly accelerated rate. You know, cov were not in person, but Cove in 19 has proven, uh, customers that they have to move faster. It's a highly accelerated world, a lot. Lots changing. Multi cloud has been on the radar. You got security. All the things you guys are doing, you got the AI announcements that have been pumping. Thean video thing was pretty solid. That project Monterey. What does the customer walk away from this year and and with VM where? What is the main theme? What what's their call to action? What's what do they need to be doing? >>I think there's sort of three things we would encourage customers to really think about. Number one is, as they think about everything in infrastructure, serves APS as they think about their APS. We want them to really push the frontier of how they modernize their athletic applications. And we think that whole initiative off how you modernized applications driven by containers. You know, 20 years ago when I was a developer coming out of college C, C plus, plus Java and then emerge, these companies have worked on J two ee frameworks. Web Logic, Be Aware logic and IBM Web Street. It made the development off. Whatever is e commerce applications of portals? Whatever was in the late nineties, early two thousands much, much easier. That entire world has gotten even easier and much more Micro service based now with containers. We've been talking about kubernetes for a while, but now we've become the leading enterprise, contain a platform making some incredible investments, but we want to not just broaden this platform. We simplified. It is You've heard everything in the end. What works in threes, right? It's sort of like almost t shirt sizing small, medium, large. So we now have tens Ooh, in the standard. The advanced the enterprise editions with lots of packaging behind that. That makes it a very broad and deep platform. We also have a basic version of it. So in some sense it's sort of like an extra small. In addition to the small medium large so tends to and everything around at modernization, I think would be message number one number two alongside modernization. You're also thinking about migration of your workloads and the breadth and depth of, um, er Cloud Foundation now of being able to really solve, not just use cases, you are traditionally done, but also new ai use cases. Was the reason Jensen and us kind of partner that, and I mean what a great company and video has become. You know, the king maker of these ai driven applications? Why not run those AI applications on the best infrastructure on the planet? Remember, that's a coming together of both of our platforms to help customers. You know automotive banking fraud detection is a number of AI use cases that now get our best and we want it. And the same thing then applies to Project Monterey, which takes the B c f e m A Cloud Foundation proposition to smart Knicks on Dell, HP Lenovo are embracing the in video Intel's and Pen Sandoz in that smart make architectural, however, that so that entire world of multi cloud being operative Phobia Macleod Foundation on Prem and all of its extended use cases like AI or Smart Knicks or Edge, but then also into the AWS Azure, Google Multi Cloud world. We obviously had a preferred relationship with Amazon that's going incredibly well, but you also saw some announcements last week from, uh, Microsoft Azure about azure BMR solutions at their conference ignite. So we feel very good about the migration opportunity alongside of modernization on the third priority, gentlemen would be security. It's obviously a topic that I most recently taken uninterested in my day job is CEO of the company running the front office customer facing revenue functions by night job by Joe Coffin has been driving. The security strategy for the company has been incredibly enlightening to talk, to see SOS and drive this intrinsic security or zero trust from the network to end point and workload and cloud security. And we made some exciting announcements there around bringing together MAWR capabilities with NSX and Z scaler and a problem black and workload security. And of course, Lassiter wouldn't cover all of this. But I would say if I was a attendee of the conference those the three things I want them to take away what BMR is doing in the future of APS what you're doing, the future of a multi cloud world and how we're making security relevant for distributed workforce. >>I know David >>so much to talk about here, Sanjay. So, uh, talk about modern APS? That's one of the five franchise platforms VM Ware has a history of going from, you know, Challenger toe dominant player. You saw that with end user computing, and there's many, many other examples, so you are clearly one of the top, you know. Let's call it five or six platforms out there. We know what those are, uh, and but critical to that modern APS. Focus is developers, and I think it's fair to say that that's not your wheelhouse today, but you're making moves there. You agree that that is, that is a critical part of modern APS, and you update us on what you're doing for that community to really take a leadership position there. >>Yeah, no, I think it's a very good point, David. We way seek to constantly say humble and hungry. There's never any assumption from us that VM Ware is completely earned anyplace off rightful leadership until we get thousands, tens of thousands. You know, we have a half a million customers running on our virtualization sets of products that have made us successful for 20 years 70 million virtual machines. But we have toe earn that right and containers, and I think there will be probably 10 times as many containers is their virtual machines. So if it took us 20 years to not just become the leader in in virtual machines but have 70 million virtual machines, I don't think it will be 20 years before there's a billion containers and we seek to be the leader in that platform. Now, why, Why VM Where and why do you think we can win in their long term. What are we doing with developers Number one? We do think there is a container capability independent of virtual machine. And that's what you know, this entire world of what hefty on pivotal brought to us on. You know, many of the hundreds of customers that are using what was formerly pivotal and FDR now what's called Tan Xue have I mean the the case. Studies of what those customers are doing are absolutely incredible. When I listen to them, you take Dick's sporting goods. I mean, they are building curbside, pick up a lot of the world. Now the pandemic is doing e commerce and curbside pick up people are going to the store, That's all based on Tan Xue. We've had companies within this sort of world of pandemic working on contact, tracing app. Some of the diagnostic tools built without they were the lab services and on the 10 zoo platform banks. Large banks are increasingly standardizing on a lot of their consumer facing or wealth management type of applications, anything that they're building rapidly on this container platform. So it's incredible the use cases I'm hearing public sector. The U. S. Air Force was talking about how they've done this. Many of them are not public about how they're modernizing dams, and I tend to learn the best from these vertical use case studies. I mean, I spend a significant part of my life is you know, it s a P and increasingly I want to help the company become a lot more vertical. Use case in banking, public sector, telco manufacturing, CPG retail top four or five where we're seeing a lot of recurrence of these. The Tan Xue portfolio actually brings us closest to almost that s a P type of dialogue because we're having an apse dialogue in the in the speak of an industry as opposed to bits and bytes Notice I haven't talked at all about kubernetes or containers. I'm talking about the business problem being solved in a retailer or a bank or public sector or whatever have you now from a developer audience, which was the second part of your question? Dave, you know, we talked about this, I think a year or two ago. We have five million developers today that we've been able to, you know, as bringing these acquisitions earn some audience with about two or three million from from the spring community and two or three million from the economic community. So think of those five million people who don't know us because of two acquisitions we don't. Obviously spring was inside Vienna where went out of pivotal and then came back. So we really have spent a lot of time with that community. A few weeks ago, we had spring one. You guys are aware of that? That conference record number of attendees okay, Registered, I think of all 40 or 50,000, which is, you know, much bigger than the physical event. And then a substantial number of them attended live physical. So we saw a great momentum out of spring one, and we're really going to take care of that, That that community base of developers as they care about Java Manami also doing really, really well. But then I think the rial audience it now has to come from us becoming part of the conversation. That coupon at AWS re invent at ignite not just the world, I mean via world is not gonna be the only place where infrastructure and developers come to. We're gonna have to be at other events which are very prominent and then have a developer marketplace. So it's gonna be a multiyear effort. We're okay with that. To grow that group of about five million developers that we today Kate or two on then I think there will be three or four other companies that also play very prominently to developers AWS, Microsoft and Google. And if we're one among those three or four companies and remembers including that list, we feel very good about our ability to be in a place where this is a shared community, takes a village to approach and an appeal to those developers. I think there will be one of those four companies that's doing this for many years to >>come. Santa, I got to get your take on. I love your reference to the Web days and how the development environment change and how the simplicity came along very relevant to how we're seeing this digital transformation. But I want to get your thoughts on how you guys were doing pre and now during and Post Cove it. You already had a complicated thing coming on. You had multi cloud. You guys were expanding your into end you had acquisitions, you mentioned a few of them. And then cove it hit. Okay, so now you have Everything is changing you got. He's got more complex city. You have more solutions, and then the customer psychology is change. You got to spectrums of customers, people trying to save their business because it's changed, their customer behavior has changed. And you have other customers that are doubling down because they have a tailwind from Cove it, whether it's a modern app, you know, coming like Zoom and others are doing well because of the environment. So you got your customers air in this in this in this, in this storm, you know, they're trying to save down, modernized or or or go faster. How are you guys changing? Because it's impacted how you sell. People are selling differently, how you implement and how you support customers, because you already had kind of the whole multi cloud going on with the modern APS. I get that, but Cove, it has changed things. How are you guys adopting and changing to meet the customer needs who are just trying to save their business on re factor or double down and continue >>John. Great question. I think I also talked about some of this in one of your previous digital events that you and I talked about. I mean, you go back to the last week of February 1st week of March, actually back up, even in January, my last trip on a plane. Ah, major trip outside this country was the World Economic Forum in Davos. And, you know, there were thousands of us packed into the small digits in Switzerland. I was sitting having dinner with Andy Jassy in a restaurant one night that day. Little did we know. A month later, everything would change on DWhite. We began to do in late February. Early March was first. Take care of employees. You always wanna have the pulse, check employees and be in touch with them. Because the health and safety of employees is much more important than the profits of, um, where you know. So we took care of that. Make sure that folks were taking care of older parents were in good place. We fortunately not lost anyone to death. Covert. We had some covert cases, but they've recovered on. This is an incredible pandemic that connects all of us in the human fabric. It has no separation off skin color or ethnicity or gender, a little bit of difference in people who are older, who might be more affected or prone to it. But we just have to, and it's taught me to be a significantly more empathetic. I began to do certain things that I didn't do before, but I felt was the right thing to do. For example, I've begun to do 25 30 minute calls with every one of my key countries. You know, as I know you, I run customer operations, all of the go to market field teams reporting to me on. I felt it was important for me to be showing up, not just in the big company meetings. We do that and big town halls where you know, some fractions. 30,000 people of VM ware attend, but, you know, go on, do a town hall for everybody in a virtual zoom session in Japan. But in their time zone. So 10 o'clock my time in the night, uh, then do one in China and Australia kind of almost travel around the world virtually, and it's not long calls 25 30 minutes, where 1st 10 or 15 minutes I'm sharing with them what I'm seeing across other countries, the world encouraging them to focus on a few priorities, which I'll talk about in a second and then listening to them for 10 15 minutes and be, uh and then the call on time or maybe even a little earlier, because every one of us is going to resume button going from call to call the call. We're tired of T. There's also mental, you know, fatigue that we've gotta worry about. Mental well, being long term. So that's one that I personally began to change. I began to also get energy because in the past, you know, I would travel to Europe or Asia. You know, 40 50%. My life has travel. It takes a day out of your life on either end, your jet lag. And then even when you get to a Tokyo or Beijing or to Bangalore or the London, getting between sites of these customers is like a 45 minute, sometimes in our commute. Now I'm able to do many of these 25 30 minute call, so I set myself a goal to talk to 1000 chief security officers. I know a lot of CEOs and CFOs from my times at S A P and VM ware, but I didn't know many security officers who often either work for a CEO or report directly to the legal counsel on accountable to the audit committee of the board. And I got a list of these 1,002,000 people we called email them. Man, I gotta tell you, people willing to talk to me just coming, you know, into this I'm about 500 into that. And it was role modeling to my teams that the top of the company is willing to spend as much time as possible. And I have probably gotten a lot more productive in customer conversations now than ever before. And then the final piece of your question, which is what do we tell the customer in terms about portfolio? So these were just more the practices that I was able to adapt during this time that have given me energy on dial, kind of get scared of two things from the portfolio perspective. I think we began to don't notice two things. One is Theo entire move of migration and modernization around the cloud. I describe that as you know, for example, moving to Amazon is a migration opportunity to azure modernization. Is that whole Tan Xue Eminem? Migration of modernization is highly relevant right now. In fact, taking more speed data center spending might be on hold on freeze as people kind of holding till depend, emmick or the GDP recovers. But migration of modernization is accelerating, so we wanna accelerate that part of our portfolio. One of the products we have a cloud on Amazon or Cloud Health or Tan Xue and maybe the other offerings for the other public dog. The second part about portfolio that we're seeing acceleration around is distributed workforce security work from home work from anywhere. And that's that combination off workspace, one for both endpoint management, virtual desktops, common black envelope loud and the announcements we've now made with Z scaler for, uh, distributed work for security or what the analysts called secure access. So message. That's beautiful because everyone working from home, even if they come back to the office, needs a very different model of security and were now becoming a leader in that area. of security. So these two parts of the portfolio you take the five franchise pillars and put them into these two buckets. We began to see momentum. And the final thing, I would say, Guys, just on a soft note. You know, I've had to just think about ways in which I balance work and family. It's just really easy. You know what, 67 months into this pandemic to burn out? Ah, now I've encouraged my team. We've got to think about this as a marathon, not a sprint. Do the personal things that you wanna do that will make your life better through this pandemic. That in practice is that you keep after it. I'll give you one example. I began biking with my kids and during the summer months were able to bike later. Even now in the fall, we're able to do that often, and I hope that's a practice I'm able to do much more often, even after the pandemic. So develop some activities with your family or with the people that you love the most that are seeing you a lot more and hopefully enjoying that time with them that you will keep even after this pandemic ends. >>So, Sanjay, I love that you're spending all this time with CSOs. I mean, I have a Well, maybe not not 1000 but dozens. And they're such smart people. They're really, you know, in the thick of things you mentioned, you know, your partnership with the scale ahead. Scott Stricklin on who is the C. C so of Wyndham? He was talking about the security club. But since the pandemic, there's really three waves. There's the cloud security, the identity, access management and endpoint security. And one of the things that CSOs will tell you is the lack of talent is their biggest challenge. And they're drowning in all these products. And so how should we think about your approach to security and potentially simplifying their lives? >>Yeah. You know, Dave, we talked about this, I think last year, maybe the year before, and what we were trying to do in security was really simplified because the security industry is like 5000 vendors, and it's like, you know, going to a doctor and she tells you to stay healthy. You gotta have 5000 tablets. You just cannot eat that many tablets you take you days, weeks, maybe a month to eat that many tablets. So ah, grand simplification has to happen where that health becomes part of your diet. You eat your proteins and vegetables, you drink your water, do your exercise. And the analogy and security is we cannot deploy dozens of agents and hundreds of alerts and many, many consoles. Uh, infrastructure players like us that have control points. We have 70 million virtual machines. We have 75 million virtual switches. We have, you know, tens of million's off workspace, one of carbon black endpoints that we manage and secure its incumbent enough to take security and making a lot more part of the infrastructure. Reduce the need for dozens and dozens of point tools. And with that comes a grand simplification of both the labor involved in learning all these tools. Andi, eventually also the cost of ownership off those particular tool. So that's one other thing we're seeking to do is increasingly be apart off that education off security professionals were both investing in ah, lot of off, you know, kind of threat protection research on many of our folks you know who are in a threat. Behavioral analytics, you know, kind of thread research. And people have come out of deep hacking experience with the government and others give back to the community and teaching classes. Um, in universities, there are a couple of non profits that are really investing in security, transfer education off CSOs and their teams were contributing to that from the standpoint off the ways in which we can give back both in time talent and also a treasure. So I think is we think about this. You're going to see us making this a long term play. We have a billion dollar security business today. There's not many companies that have, you know, a billion dollar plus of security is probably just two or three, and some of them have hit a wall in terms of their progress sport. We want to be one of the leaders in cybersecurity, and we think we need to do this both in building great product satisfying customers. But then also investing in the learning, the training enable remember, one of the things of B M worlds bright is thes hands on labs and all the training enable that happened at this event. So we will use both our platform. We in world in a variety of about the virtual environments to ensure that we get the best education of security to professional. >>So >>that's gonna be exciting, Because if you look at some of the evaluations of some of the pure plays I mean, you're a cloud security business growing a triple digits and, you know, you see some of these guys with, you know, $30 billion valuations, But I wanted to ask you about the market, E v m. Where used to be so simple Right now, you guys have expanded your tam dramatically. How are you thinking about, you know, the market opportunity? You've got your five franchise platforms. I know you're very disciplined about identifying markets, and then, you know, saying, Okay, now we're gonna go compete. But how do you look at the market and the market data? Give us the update there. >>Yeah, I think. Dave, listen, you know, I like davinci statement. You know, simplicity is the greatest form of sophistication, and I think you've touched on something that which is cos we get bigger. You know, I've had the great privilege of working for two great companies. s a P and B M where the bulk of my last 15 plus years And if something I've learned, you know, it's very easy. Both companies was to throw these TLS three letter acronyms, okay? And I use an acronym and describing the three letter acronyms like er or s ex. I mean, they're all acronyms and a new employee who comes to this company. You know, Carol Property, for example. We just hired her from Google. Is our CMO her first comments like, My goodness, there is a lot of off acronyms here. I've gotta you need a glossary? I had the same reaction when I joined B. M or seven years ago and had the same reaction when I joined the S A. P 15 years ago. Now, of course, two or three years into it, you learn everything and it becomes part of your speed. We have toe constantly. It's like an accordion like you expanded by making it mawr of luminous and deep. But as you do that it gets complex, you then have to simplify it. And that's the job of all of us leaders and I this year, just exemplifying that I don't have it perfect. One of the gifts I do have this communication being able to simplify things. I recorded a five minute video off our five franchise pill. It's just so that the casual person didn't know VM where it could understand on. Then, when I'm on your shore and when on with Jim Cramer and CNBC, I try to simplify, simplify, simplify, simplify because the more you can talk and analogies and pictures, the more the casual user. I mean, of course, and some other audiences. I'm talking to investors. Get it on. Then, Of course, as you go deeper, it should be like progressive layers or feeling of an onion. You can get deeper. It's not like the entire discussion with Sanjay Putin on my team is like, you know, empty suit. It's a superficial discussion. We could go deeper, but you don't have to begin the discussion in the bowels off that, and that's really what we don't do. And then the other part of your question was, how do we think about new markets? You know, we always start with Listen, you sort of core in contact our borough come sort of Jeffrey Moore, Andi in the Jeffrey more context. You think about things that you do really well and then ask yourself outside of that what the Jason sees that are closest to you, that your customers are asking you to advance into on that, either organically to partnerships or through acquisitions. I think John and I talked about in the previous dialogue about the framework of build partner and by, and we always think about it in that order. Where do we advance and any of the moves we've made six years ago, seven years ago and I joined the I felt VM are needed to make a move into mobile to really cement opposition in end user computing. And it took me some time to convince my peers and then the board that we should by Air One, which at that time was the biggest acquisition we've ever done. Okay. Similarly, I'm sure prior to me about Joe Tucci, Pat Nelson. We're thinking about nice here, and I'm moving to networking. Those were too big, inorganic moves. +78 years of Raghu was very involved in that. The decisions we moved to the make the move in the public cloud myself. Rgu pack very involved in the decision. Their toe partner with Amazon, the change and divest be cloud air and then invested in organic effort around what's become the Claudia. That's an organic effort that was an acquisition fast forward to last year. It took me a while to really Are you internally convinced people and then make the move off the second biggest acquisition we made in carbon black and endpoint security cement the security story that we're talking about? Rgu did a similar piece of good work around ad monetization to justify that pivotal needed to come back in. So but you could see all these pieces being adjacent to the core, right? And then you ask yourself, Is that context meaning we could leave it to a partner like you don't see us get into the hardware game we're partnering with. Obviously, the players like Dell and HP, Lenovo and the smart Knick players like Intel in video. In Pensando, you see that as part of the Project Monterey announcement. But the adjacent seas, for example, last year into app modernization up the stack and into security, which I'd say Maura's adjacent horizontal to us. We're now made a lot more logical. And as we then convince ourselves that we could do it, convince our board, make the move, We then have to go and tell our customers. Right? And this entire effort of talking to CSOs What am I doing is doing the same thing that I did to my board last year, simplified to 15 minutes and get thousands of them to understand it. Received feedback, improve it, invest further. And actually, some of the moves were now making this year around our partnership in distributed Workforce Security and Cloud Security and Z scaler. What we're announcing an XDR and Security Analytics. All of the big announcements of security of this conference came from what we heard last year between the last 12 months of my last year. Well, you know, keynote around security, and now, and I predict next year it'll be even further. That's how you advance the puck every year. >>Sanjay, I want to get your thoughts. So now we have a couple minutes left. But we did pull the audience and the community to get some questions for you, since it's virtually wanted to get some representation there. So I got three questions for you. First question, what comes after Cloud and number two is VM Ware security company. And three. What company had you wish you had acquired? >>Oh, my goodness. Okay, the third one eyes gonna be the turkey is one, I think. Listen, because I'm gonna give you my personal opinion, and some of it was probably predates me, so I could probably safely So do that. And maybe put the blame on Joe Tucci or somebody else is no longer here. But let me kind of give you the first two. What comes after cloud? I think clouds gonna be with us for a long time. First off this multi cloud world, you just look at the moment, um, that AWS and azure and the other clouds all have. It's incredible on I think this that multi cloud from phenomenon. But if there's an adapt ation of it, it's gonna be three forms of cloud. People are really only focus today in private public cloud. You have to remember the edge and Telco Cloud and this pendulum off the right balance of workloads between the data center called it a private cloud. The public cloud on one end and the telco edge on the other end. I think we're in a really good position for workloads to really swing between all three of those locations. Three other part that I think comes as a sequel to Cloud is cloud native. All of the capabilities a serverless functions but also containers that you know. Obviously the one could think of that a sister topics to cloud but the entire world of containers. The other seat, uh, then cloud a cloud native will also be topics, but these were all fairly connected. That's how I'd answer the first question. A security company? Absolutely. We you know, we aspire to be one of the leading companies in cyber security. I don't think they will be only one. We have to show this by the wealth on breath of our customers. The revenue momentum we have Gartner ranking us or the analysts ranking us in top rights of magic quadrants being viewed as an innovator simplifying the stack. But listen, we weren't even on the radar. We weren't speaking of the security conferences years ago. Now we are. We have a billion dollar security business, 20,000 plus customers, really strong presences and network endpoint and workload and Cloud Security. The three Coppola's a lot more coming in Security analytics, Cloud Security distributed workforce Security. So we're here to stay. And if anything, BMR persist through this, we're planning for multi your five or 10 year timeframe. And in that course I mean, the competition is smaller. Companies that don't have the breadth and depth of the n words are Andy muscle and are going market. We just have to keep building great products and serving customer on the third man. There's so many. But I mean, I think Listen, when I was looking back, I always wondered this is before I joined so I could say the summit speculatively on. Don't you know, make this This is BMR. Sorry. This is Sanjay one's opinion. Not VM. I gotta make very, very clear. Well, listen, I would have if I was at BMO in 2012 or 2013. I would love to about service now then service. It was a great company. I don't even know maybe the company's talk, but then talk about a very successful company at that time now. Maybe their priorities were different. I wasn't at the company at the time, but I can speculate if that had happened, that would have been an interesting Now I think that was during the time of Paul Maritz here and and so on. So for them, maybe there were other priorities the company need to get done. But at that time, of course, today s so it's not as big of a even slightly bigger market cap than us. So that's not happening. But that's a great example of a good company that I think would have at that time fit very well with VM Ware. And then there's probably we don't look back and regret we move forward. I mean, I think about the acquisitions we have made the big ones. Okay, Nice era air watch pop in black. Pivotal. The big moves we've made in terms of partnership. Amazon. What? We're announcing this This, you know, this week within video and Z scaler. So you never look back and regret. You always look for >>follow up on that To follow up on that from a developer, entrepreneurial or partner Perspective. Can you share where the white spaces for people to innovate around vm Where where where can people partner and play. Whether I'm an entrepreneur in a garage or venture back, funded or say a partner pivoting and or resetting with Govind, where's the white spaces with them? >>I think that, you know, there's gonna be a number off places where the Tan Xue platform develops, as it kind of makes it relevant to developers. I mean, there's, I think the first way we think about this is to make ourselves relevant toe all of that ecosystem around the C I. C. D type apply platform. They're really good partners of ours. They're like, get lab, You know, all of the ways in which open source communities, you know will play alongside that Hash E Corp. Jay frog there number of these companies that are partnering with us and we're excited about all of their relevancy to tend to, and it's our job to go and make that marketplace better and better. You're going to hear more about that coming up from us on. Then there's the set of data companies, you know, con fluent. You know, of course, you've seen a big I p o of a snowflake. All of those data companies, we'll need a very natural synergy. If you think about the old days of middleware, middleware is always sort of separate from the database. I think that's starting to kind of coalesce. And Data and analytics placed on top of the modern day middleware, which is containers I think it's gonna be now does VM or play physically is a data company. We don't know today we're gonna partner very heavily. But picking the right set of partners been fluent is a good example of one on. There's many of the next generation database companies that you're going to see us partner with that will become part of that marketplace influence. And I think, as you see us certainly produce out the VM Ware marketplace for developers. I think this is gonna be a game changing opportunity for us to really take those five million developers and work with the leading companies. You know, I use the example of get Lab is an example get help there. Others that appeal to developers tie them into our developer framework. The one thing you learn about developers, you can't have a mindset. With that, you all come to just us. It's a very mingled village off multiple ecosystems and Venn diagrams that are coalescing. If you try to take over the world, the developer community just basically shuns you. You have to have a very vibrant way in which you are mingling, which is why I described. It's like, Listen, we want our developers to come to our conferences and reinvent and ignite and get the best experience of all those provide tools that coincide with everybody. You have to take a holistic view of this on if you do that over many years, just like the security topic. This is a multi year pursuit for us to be relevant. Developers. We feel good about the future being bright. >>David got five minutes e. >>I thought you were gonna say Zoom, Sanjay, that was That was my wildcard. >>Well, listen, you know, I think it was more recently and very fast catapult Thio success, and I don't know that that's clearly in the complete, you know, sweet spot of the anywhere. I mean, you know, unified collaboration would have probably put us in much more competition with teams and, well, back someone you always have to think about what's in the in the bailiwick of what's closest to us, but zooms a great partner. Uh, I mean, obviously you love to acquire anybody that's hot, but Eric's doing really well. I mean, Erica, I'm sure he had many people try to come to buy him. I'm just so proud of him as a friend of all that he was named to Time magazine Top 100. But what he's done is phenomenon. I think he could build a company that's just his important, his Facebook. So, you know, I encourage him. Don't sell, keep building the company and you'll build a company that's going to be, you know, the enterprise version of Facebook. And I think that's a tremendous opportunity to do this better than anybody else is doing. And you know, I'm as an immigrant. He's, you know, China. Born now American, I'm Indian born, American, assim immigrants. We both have a similar story. I learned a lot from him. I learned a lot from him, from on speed on speed and how to move fast, he tells me he learns a thing to do for me on scale. We teach each other. It's a beautiful friendship. >>We'll make sure you put in a good word for the Kiwi. One more zoom integration >>for a final word or the zoom that is the future Facebook of the enterprise. Whatever, Sanjay, Thank >>you for connecting with us. Virtually. It is a digital foundation. It is an unpredictable world. Um, it's gonna change. It could be software to find the operating models or changing you guys. We're changing how you serve customers with new chief up commercial customer officer you have in place, which is a new hire. Congratulations. And you guys were flexing with the market and you got a tailwind. So congratulations, >>John and Dave. Always a pleasure. We couldn't do this without the partnership. Also with you. Congratulations of Successful Cube. And in its new digital format, Thank you for being with us With VM world here on. Do you know all that you're doing to get the story out? The guests that you have on the show, they look forward, including the nonviable people like, Hey, can I get on the Cuban like, Absolutely. Because they look at your platform is away. I'm telling this story. Thanks for all you're doing. I wish you health and safety. >>I'm gonna bring more community. And Dave is, you know, and Sanjay, and it's easier without the travel. Get more interviews, tell more stories and tell the most important stories. And thank you for telling your story and VM World story here of the emerald 2020. Sanjay Poon in the chief operating officer here on the Cube I'm John for a day Volonte. Thanks for watching Cube Virtual. Thanks for watching.

>>from around the globe. It's the Cube with coverage of Coop con and cloud, native con Europe 2020 Virtual brought to you by Red Hat, The Cloud Native Computing Foundation and its ecosystem partners >>Welcome back. This is the Cube coverage of Cube Con Cloud, native con, the European show for 2020. I'm your host to Minuteman. And when we talk about the container world, we talk about what's happening in cloud. Native storage has been one of those sticking points. One of those things that you know has been challenging, that we've been looking to mature and really happy to welcome back to the program two of our cube alumni to give us the update on the state of storage for the container world. Both of them are oh, founders and CEOs. First of all, we have Xiang Yang from Rancher Labs, of course, was recently acquired by Sue Save it and the intention to acquire on and also joining us from early the relay. Who is with port works? Shang Amerli. Thanks so much for joining us. Thank you. Thank you. Alright. So early. I actually I'm going to start with you just cause you know we've seen, you know, a couple of waves of companies working on storage. In this environment, we know storage is difficult. Um, And when we change how we're building things, there's architectural things that can happen. Eso maybe if you could just give us a snapshot, you know, Port works, you know, was created to help unpack this. You know, straight on here in 2020 you know, where you see things in the overall kind of computer storage landscape? >>Absolutely. Still, before I kind of jump into port works. I just want to take a minute to publicly congratulate the the whole rancher team, and and Shang and Shannon And will China have known those folks for a while there? They're kind of true entrepreneurs. They represent the serial entrepreneur spirit that that so many folks know in the valley, and so, you know, great outcome for them. We're very happy for them and ah, big congrats and shout out to the whole team. What works is is a little over five years old, and we've been kind of right from the inception of the company recognized that to put containers in production, you're gonna have to solve, not just the orchestration problem. But the issue of storage and data orchestration and so in a natural kubernetes orchestrates containers and what works orchestrates storage and data. And more specifically, by doing that, what we enable is enterprises to be able to take APS that are containerized into production at scale and and have high availability. Disaster recovery, backup all of the things that for decades I t has had to do and has done to support application, reliability and availability. But essentially we're doing it for purpose with the purpose build solution for containerized workloads. >>Alright, shaming. Of course, storage is a piece of the overall puzzle that that ranchers trying to help with. Maybe if you could just refresh our audience on Longhorn, which your organization has its open source. It's now being managed by the CN. CF is my understanding. So help us bring Longhorn into the discussion >>thanks to. So I'm really glad to be here. We've I think rancher and port work started about the same time, and we started with a slightly different focus. More is exactly right to get containers going, you really need both so that the computer angle orchestrating containers as well as orchestrating the storage and the data. So rancher started with, ah, it's slightly stronger focus on orchestrating containers themselves, but pretty quickly, we realized, as adoption of containers grow, we really need it to be able to handle ah, storage feather. And like any new technology, you know, uh, Kubernetes and containers created some interesting new requirements and opportunities, and at the time, really, they weren't. Ah, a lot of good technologies available, you know, technologies like rook and SEF at the time was very, very premature, I think, Ah, the You know, we actually early on try to incorporate ah, the cluster technology. And it was just it was just not easy. And And at the time I think port Works was, ah, very busy developing. Ah, what turned out to be there flagship product, which we end up, end up, uh, partnering very, very closely. But but early on, we really had no choice but to start developing our own storage technology. So Long horn. As a piece of container storage technology, it's actually almost as oh, there's rancher itself. When about funding engineers, we hired he he ended up, you know, working on it and Then over the years, you know the focus shift that I think the original version was written in C plus plus, and over the years it's now being completely re written in Golan. It was originally written more for Docker workload. Now, of course, everything is kubernetes centric. And last year we you know, we we decided to donate the Longhorn Open Source project to CN CF. And now it's a CN CF sandbox project, and the adoption is just growing really quickly. And just earlier this year, we we finally ah decided to we're ready to offer a commercial support for it. So So that's that's where rancher is. And with longhorn and container storage technology. >>Yeah, it has been really interesting to watch in this ecosystem. A couple of years ago, one of the Q con shows I was talking to people coming out of the Believe It was the Sigs, the special interest group for storage, and it was just like, Wow, it was heated. Words were, you know, back and forth. There's not a lot of agreement there. Anybody that knows the storage industry knows that you know standards in various ways of doing things often are contentious and there's there's differences of opinion. Look at the storage industry. You know, there's a reason why there's so many different solutions out there. So maybe it love to hear from early. From your standpoint, things are coming to get a little bit more. There are still a number of options out there. So you know, why is this kind of coop petition? I actually good for the industry? >>Yeah, I think this is a classic example of Coop petition. Right? Let's let's start with the cooperation part right? The first part of time the you know, the early days of CN, CF, and even sort of the Google Communities team, I think, was really very focused on compute and and subsequent years. In the last 34 years, there's been a greater attention to making the whole stack works, because that's what it's going to take to take a the enterprise class production and put it in, you know, enterprise class application and put it in production. So extensions like C and I for networking and CS I container storage interface. We're kind of put together by a working group and and ah ah you know both both in the CN CF, but also within the kubernetes Google community. That's you talked about six storage as an example. And, you know, as always happens, right? Like it It looks a little bit in the early days. Like like a polo game, right where folks are really? Ah, you know, seemingly, uh, you know, working with each other on on top of the pool. But underneath they're kicking each other furiously. But that was a long time back, and we've graduated from then into really cooperating. And I think it's something we should all be proud of. Where now the CS I interface is really a A really very, very strong and complete solution tow, allowing communities to orchestrate storage and data. So it's really strengthened both communities and the kubernetes ecosystem. Now the competition part. Let's kind of spend. I want to spend a couple of minutes on that too, right? Um, you know, one of the classic things that people sometimes confuse is the difference between an overlay and an interface. CSC is wonderful because it defines how the two layers off essentially kind of old style storage. You know, whether it's a san or ah cloud, elastic storage bucket or all of those interact with community. So the the definition of that interface kind of lay down some rules and parameters for how that interaction should happen. However, you still always need an overlay like Port Works that that actually drives that interface and enables Kubernetes to actually manage that storage. And that's where the competition is. And, you know, she mentioned stuff and bluster and rook and kind of derivatives of those. And I think those have been around really venerable and and really excellent products for born in a different era for a different time open stack, object storage and all of that not really meant for kind of primary workloads. And they've been they've been trying to be adapted for, for for us, for this kind of workload. Port Works is really a built from right from the inception to be designed for communities and for kubernetes workloads at enterprise scale. And so I think, you know, as I as I look at the landscape, we welcome the fact that there are so many more people acknowledging that there is a vital need for data orchestration on kubernetes right, that that's why everybody and their brother now has a CS I interface. However, I think there's a big difference between having an interface. This is actually having the software that provides the functionality for H. A, D R. And and for backup, as as the kind of life cycle matures and doing it not just at scale, but in a way that allows kind of really significant removal or reduction off the storage admin role and replaces it with self service that is fully automated within communities. Yeah, if I >>can, you know, add something that that I completely agree. I mean, over the Longhorns been around for a long time. Like I said, I'm really happy that over the years it hasn't really impacted our wonderful collaborative partnership with what works. I mean, Poll works has always been one of our premier partners. We have a lot of, ah, common customers in this fight. I know these guys rave about what works. I don't think they'll ever get out for works. Ah, home or not? Uh huh. Exactly. Like Morissette, you know, in the in the storage space, there's interface, which a lot of different implementations can plugging, and that's kind of how rancher works. So we always tell people Rancher works with three types of storage implementations. One is let we call legacy storage. You know, your netapp, your DMC, your pure storage and those are really solid. But they were not suddenly not designed to work with containers to start with, but it doesn't matter. They've all written CS I interfaces that would enable containers to take advantage of. The second type is some of the cloud a block storage or file storage services like EBS, GFS, Google Cloud storage and support for these storage back and the CS I drivers practically come with kubernetes itself, so those are very well supported. But there's still a huge amount of opportunities for the third type of you know, we call container Native Storage. So that is where Port Works and the Longhorn and other solutions like open EBS storage OS. All these guys fitting is a very vibrant ecosystem of innovation going on there. So those solutions are able to create basically reliable storage from scratch. You know, when you from from just local disks and they're actually also able to add a lot of value on top of whatever traditional or cloud based, persistent storage you already have. So so the whole system, the whole ecosystem, is developing very quickly. A lot of these solutions work with each other, and I think to me it's really less of a competition or even Coop petition. It's really more off raising the bar for for the capabilities so that we can accelerate the amount of workload that's been moved onto this wonderful kubernetes platform in the end of the benefit. Everyone, >>Well, I appreciate you both laying out some of the options, you know, showing just a quick follow up on that. I think back if you want. 15 years ago was often okay. I'm using my GMC for my block. I'm using my netapp for the file. I'm wondering in the cloud native space, if we expect that you might have multiple different data engine types in there you mentioned you know, I might want port works for my high performance. You said open EBS, very popular in the last CN CF survey might be another one there. So is do we think some of it is just kind of repeating itself that storage is not monolithic and in a micro service architecture. You know, different environments need different storage requirements. >>Yeah, I mean quick. I love to hear more is view as well, especially about you know, about how the ecosystem is developing. But from my perspective, just just the range of capabilities that's now we expect out of storage vendors or data management vendors is just increased tremendously. You know, in the old days, if you can store blocks to object store file, that's it. Right. So now it's this is just table stakes. Then then what comes after that? There will be 345 additional layers of requirements come all the way from backup, restore the our search indexing analytics. So I really think all of this potentially off or in the in the bucket of the storage ecosystem, and I just can't wait to see how this stuff will play out. I think we're still very, very early stages, and and there, you know what? What, what what containers did is they made fundamentally the workload portable, but the data itself still holds a lot of gravity. And then just so much work to do to leverage the fundamental work load portability. Marry that with some form of universal data management or data portability. I think that would really, uh, at least the industry to the next level. Marie? >>Yeah. Shanghai Bean couldn't. Couldn't have said it better. Right? Let me let me let me kind of give you Ah, sample. Right. We're at about 160 plus customers now, you know, adding several by the month. Um, just with just with rancher alone, right, we are. We have common customers in all common video expedient Roche March X, Western Asset Management. You know, charter communications. So we're in production with a number off rancher customers. What are these customers want? And why are they kind of looking at a a a Port works class of solution to use, You know, Xiang's example of the multiple types, right? Many times, people can get started with something in the early days, which has a CS I interface with maybe say, $10 or 8 to 10 nodes with a solution that allows them to at least kind of verify that they can run the stack up and down with, say, you know, a a rancher type orchestrator, workloads that are containerized on and a network plug in and a storage plugging. But really, once they start to get beyond 20 notes or so, then there are problems that are very, very unique to containers and kubernetes that pop up that you don't see in a in a non containerized environment, right? Some. What are some of these things, right? Simple examples are how can you actually run 10 to hundreds of containers on a server, with each one of those containers belonging to a different application and having different requirements? How do you actually scale? Not to 16 nodes, which is sort of make typically, maybe Max of what a San might go to. But hundreds and thousands of notes, like many of our customers, are doing like T Mobile Comcast. They're running this thing at 600 thousands of notes or scale is one issue. Here is a critical critical difference that that something that's designed for Kubernetes does right. We are providing all off the storage functions that Shang just described at container granted, granularity versus machine granularity. One way to think about this is the old Data center was in machine based construct. Construct everything you know. VM Ware is the leader, sort of in that all of the way. You think of storage as villains. You think of compute and CPUs, everything. Sub sub nets, right? All off. Traditional infrastructure is very, very machine centric. What kubernetes and containers do is move it into becoming an app defined control plane, right? One of the things were super excited about is the fact that Kubernetes is really not just a container orchestrator, but actually a orchestrator for infrastructure in an app defined way. And by doing that, they have turned, uh, you know, control off the infrastructure via communities over to a kubernetes segment. The same person who uses rancher uses port works at NVIDIA, for example to manage storage as they use it, to manage the compute and to manage containers. And and that's marvellous, because now what has happened is this thing is now fully automated at scale and and actually can run without the intervention off a storage admin. No more trouble tickets, right? No more requests to say, Hey, give me another 20 terabytes. All of that happens automatically with the solution like port works. And in fact, if you think about it in the world of real time services that we're all headed towards right Services like uber now are expected in enterprises machine learning. Ai all of these things analytics that that change talk about are things that you expect to run in a fully automated way across vast amounts of data that are distributed sometimes in the edge. And you can't do that unless you're fully automated and and not really the storage admin intervention. And that's kind of the solution that we provide. >>Alright, well, we're just about out of time. If I could just last piece is, you know, early and saying to talk about where we are with long for and what we should expect to see through the rest of this year and get some early for you to you know, what differentiates port works from Just, you know, the open source version. So And maybe if we start with just kind of long or in general and then really from from your standpoint, >>yeah, so it's so so the go along one is really to lower the bar for folks to run state for workloads on on kubernetes we want you know, the the Longhorn is 100% open source and it's owned by CN cf now. So we in terms of features and functionalities is obviously a small subset of what a true enterprise grade solution like Port Works or, um, CEO on that that could provide. So there's just, you know, the storage role. Ah, future settle. The roadmap is very rich. I don't think it's not really Ranchers go Oh, our Longhorns goal to, you know, to try to turn itself into a into a plug in replacement for these enterprise, great storage or data management solutions. But But they're you know, there's some critical critical feature gaps that we need address. And that's what the team is gonna be focusing on, perhaps for the rest of the year. >>Yeah, uh, still, I would I would kind of, you know, echo what Chang said, right? I think folks make it started with solutions, like longer or even a plug in connector plug in with one of their existing storage vendors, whether it's pure netapp or or EMC from our viewpoint, that's wonderful, because that allows them to kind of graduate to where they're considering storage and data as part of the stack. They really should that's the way they're going to succeed by by looking at it as a whole and really with, You know, it's a great way to get started on a proof of concept architecture where your focus initially is very much on the orchestration and the container ization part. But But, as Xiang pointed out, you know what what rancher did, what I entered it for Kubernetes was build a simple, elegant, robust solution that kind of democratized communities. We're doing the same thing for communities storage right? What Port works does is have a solution that is simple, elegant, fully automated, scalable and robust. But more importantly, it's a complete data platform, right? We we go where all these solutions start, but don't kind of venture forward. We are a full, complete lifecycle management for data across that whole life cycle. So there's many many customers now are buying port works and then adding deal right up front, and then a few months later they might come back and I'd backup from ports. So two shanks point right because of the uniqueness of the kubernetes workload, because it is an app defined control plane, not machine to find what is happening is it's disrupting, Just like just like virtualization day. VM exist today because because they focused on a VM version off. You know, the their backup solution. So the same thing is happening. Kubernetes workloads are district causing disruption of the D r and backup and storage market with solutions like sports. >>Wonderful. Merlin Chang. Thank you so much for the updates. Absolutely. The promise of containers A Z you were saying? Really, is that that Atomic unit getting closer to the application really requires storage to be a full and useful solution. So great to see the progress that's being made. Thank you so much for joining us. >>Welcome, Shannon. We look forward to ah, working with you as you reach for the stars. Congratulations again. We look >>forward to the containing partnership morally and thank you. Still for the opportunity here. >>Absolutely great talking to both of you And stay tuned. Lots more coverage of the Cube Cube Con cloud, native con 2020 Europe. I'm stew minimum. And thank you for watching the Cube. Yeah, yeah, yeah, yeah, yeah, yeah