>>Hi, everybody. We're wrapping up day two of AWS reinforced the Cube's continuous coverage. My business partner, John furrier, and co-host is actually a Monaco, um, you know, getting ready to do a big crypto show over there. So they'll be reporting from there tomorrow. Check that out in the cube.net. Jeff Swain is here. He is the vice president of global programs store and tech alliances at CrowdStrike. Jeff, thanks for coming on. Thanks >>David. >>So tell us about your role, what store, help us understand that? >>Yeah, so CrowdStrike has a CrowdStrike store, which is, uh, effectively our marketplace within our application, and also available externally that allows customers to be able to review decide and trial products, not only from CrowdStrike, but also from our third party partners. So wherever we have a tech Alliance customer can come in, see the value of the integration, see how it works on our platform and the third parties platform, and then go and request a trial. So it's a very easy and dynamic way for a customer to understand that joint value proposition CrowdStrike has with various other, other vendors and our own products as well. >>So your role is to bring all these cool tech companies together and create incremental value. >>Yes. Um, we believe that the ecosystem is really a, a natural evolution of what's happened in terms of the crowd struck story. If you think that we started out with a, uh, you know, a very simple product in the very early days, 10, 10, 11 years ago, services company built a product. That product then became a platform with various modules in it. The next evolution of that is expanding out beyond our own platform and working into other areas of, of, of interest and value. So that's where the ecosystem comes into play. So you have to underpin that with some automations things like marketplaces and stores, you have to have integrations in place, joint applications and commercial vehicles to make that work. >>So I was walking around the other day and I, and it caught my eye and I sat there and listened for a better part of the presentation had to get back and do the queue, but it was a presentation between a CrowdStrike expert and an Okta expert. Yep. You know, better together was the whole thing. And, you know, I know it's kind of, and then they were describing how you guys compliment each other. So that would be an example, >>A perfect example. I mean, we, we, we compliment Okta and Okta complements us for very, in various different ways. And in fact, we sort of assemble that into different narratives that work well for our customers. So as an example with Okta, we ASEM, we work very well with them in zero trust. So we have a zero trust narrative that talks about how it works with Okta and also Zscaler. In fact, we have a, um, an Alliance through the cloud security Alliance where we're working to build practitioner guides, build, um, uh, a community of value across the different products to bring zero trust into some standardized, you know, uh, reference architectures and some standardized training that brings all of our products together for, for, for the user. That be example of a, of, one of the narratives that we have, they'd also play in our XDR narrative. Obviously XDR helps us bring telemetry in from different products. And again, we use XDR right across, you know, various, various, uh, tech >>Alliances. So, so take zero choice. So you'll take the concept of least privilege. Yep. And you'll apply that to what to end point to, you know, using identity Zscaler, you bring the cloud component. >>Correct. So then we are actually able to see how someone's traversing the entire organization. We can see who they are. We can see where they land. We can see what data they're accessing, where they're accessing. It gather a whole bunch of different telemetry around that and provide the security team with the ability to be able to see what someone's doing, enforce the, um, the, you know, access rights as, and where they need to see any anomalies or anomalous behavior within that and close it down before anything bad happens. So zero trust is a really important part of our, uh, of our, of, of, of our, um, narratives. >>And you have these plays or narratives with, with a bunch of ecosystem partners. Right? Correct. Mean, so take log management. >>Yep. >>Maybe add some context that, >>So, so around that happens, you may know we acquired, um, uh, humo, uh, right around that, where obviously we have to be able to ingest and have bridges out to a large variety of different platforms to be able to ship data into our platform. I mean, one of the values of humo is its ability to massively scale, um, and very, very easily cheaply bring, bring a lot of data into a simple place and have very fast searching. Well, what are you searching? You gotta go and have data sources. So, you know, very quickly we've built out a large number of integrations with, I think, over 30 partners to easily bring data into the Humira platform to let customers be able to have that advantage. >>So what role does AWS play in all this? >>AWS is a fantastic role in, um, both coordinating some of this in terms of, especially through the marketplace, the ability to, uh, coordinate our transactions between us and help us work together from a transactional basis, help the customer procure the right solutions together. But also AWS's nature. Natural, uh, inclination towards innovation means that they'll, they like to work with partners who, especially partners who are on their platform to drive a lot of innovation, to build out how customers are bringing more data together. Obviously it's beneficial to them in terms of the volumes of data that go computers that go across the AWS platform. But also they encourage us to work together. They, they, they say in some cases invest in those integrations. Um, they work with programs. They bring in third party reseller programs, uh, through C P O. So it gives us a, a platform gives us innovation. It gives us some structure. Um, it's been really exciting working with them. >>Now talk about CrowdStrike and your cloud strategy. How would you Des describe your cloud strategy? >>So we've been cloud native from day one. It's one of the, one of the founding principles of CrowdStrike. Um, as, as we were set up, uh, by a founder, so two elements, cloud native, and a single agent, and those two design principles have not been broken by us at any point through our history. It's very important that we, we stick to those two principles. Our cloud is, um, was born in AWS, um, and they've been supportive of us right through, right through our growth period. So we started out with one module, as I said, now we have, I think, 23 different modules and we're continually growing that. We also then have a lot of support for the cloud. So, you know, helping us understand what's happening within cloud environments so that our customers are better protected. In fact, the show here, we've announced two separate, um, uh, uh, incremental products to, to the cloud space. One that's very much focused on, um, adding, uh, better container or better visibility inside containers in our CNA product. And, um, and, and another area around how we do our threat hunting across the cloud. So we have a team of threat hunters, global best engineers who hunt right across our customers environments. We have a whole, whole bunch of additional cloud telemetry. So that's, that's been included into our, into our Overwatch threat hunting. >>So you'll ingest data from multiple clouds, right? You're running on AWS. Yes. But you can take data from anywhere from >>Anywhere, >>Including OnPrem. >>Um, so our sensor sits on laptops, servers, virtual servers devices. Do I devices wherever they need to say. Um, and then of it needs to be cloud connected. It comes into our, into our cloud. So we can, we can take information from instances in any cloud environment and any laptop, uh, to pretty much bring them in. And, uh, that's how it works, but it's a single cloud. I mean, our value proposition is that huge, um, uh, graph threat graph that we've built over the years, um, trillions and trillions of events per day, that we're now searching and using AI technologies to suite out. What's good. And what's bad. >>Yeah. So CrowdStrike, obviously we've reported on CrowdStrike in breaking analysis, a lot, CrowdStrike, Zscaler, Okta, a number of other, those, those companies you're partnering with all those guys, which is quite interesting. Yeah. You're all growing, you know, really nice, nice clips. I wonder, I always wonder in these situations, okay. As things get bigger and bigger and growth slows, we haven't seen that. See, you actually see the, we saw the cloud growth accelerating during the pandemic. Yeah. Right. But, but you know, you wonder, you see it all the time in this, in this industry is companies get big, they start doing M and a, they start getting it to adjacencies, you know, Google, apple, you know, uh, Cisco VMware, do you think you'll ever see a collision course with all these wonderful partners? Are we years away from that? Um, >>I think we're very careful with how we partner and who we partner with. Obviously we, we have discussions on what our future plans are to make sure that what we partner on is, is beneficial to both sides. Um, crowd strike itself. We're, we're growing all the time. You know, our platform has grown, as I said, the modules have grown, but in general, we've found is that our partners are taking the journey with us. Um, it's one of the advantages of, of the success that we've had is most of the partners want to be part of that journey rather than sort of, um, trying to go head on. But, you know, there's always opportunities for us to have open conversations and real dialogue to make sure that we do the right thing for the customer. And that's what drives everything that we do, you know, we're focused on the right products for the right >>Customers. What, what what's reinforcement like, what's the experience been? What, what's your takeaways from the show? >>Um, it's been a really excellent show for us in terms of, uh, getting out, meeting a lot, a lot of customers at a very decent senior level here. Actually's been very, very worthwhile. Um, we've had great response to the announcements that we've made. There's been a lot of, lot of activity through the booth, which is always great to see, um, from a, actually from a partnership perspective from my world, you know, I've had a large number of really great meetings with the AWSs leadership as well about what we can do together. Um, and the future looks really bright. >>Who's the, when you, when you think in thinking about, and I know you're not, you know, selling direct, but when you think about the constituencies, when you think about all the, the partners in your ecosystem that you're, you're building and collaborating with, who do you guys collectively talk to? You know, who do you appeal to? Is it the CISO? Is it the, you know, other security practitioners? Yeah. Is it the line of business? Is it the CIO architect who are the actors that you're sort of collaborating with in your customer >>Side? Yeah, it's really interesting obviously, cuz there's different personas depending on what it is that we're doing. Um, someone who's really interested in our log management narrative for example, is probably going to be maybe from the, the DevOps, um, uh, team or from, from that area for a C app. It's going to be someone in the cloud architecture, cloud security architecture space. Um, zero trust again will be someone who's got a bit of an identity, our area and privacy to them as well. Um, a lot of this comes up to the CISO and that's often our, you know, our, our, our economic buyer would be be in that space. But one of the things we have to do is we go into adjacent markets is learn the personas there and understand their habits and their buying cycles and, and, and build value propositions that work for those people. So it's an ongoing exercise. >>How do you see the CISO role evolving, uh, given, you know, cloud? One of my takeaways from Mr event is like, I feel like cloud is becoming the first line of defense. Mm-hmm <affirmative> the CISO and the developers becoming the second line of defense audit is like the third line of defense. Some people agree with that. Some people do so just merit bear said, no, no, it's all integrated into one thing. And I'm like, no, it's not, but okay. Yeah. But, but how is the CSO role evolving given that the cloud is becoming so much more prominent today? >>I think it's it's at this point, everyone said, you know, the CSO needs to evolve to being a direct member of the directly responsible to the board. This is something that we've all said for many years. Sure. If you look at what we see in the threat report, if you look at what we're seeing from the threat landscape, you know, the volume of threats that are coming through, not diminishing in any way, but in fact, the size and the impact of what they're doing is getting worse. So it, the risk that's being, um, uh, uh, that's being experienced is just getting worse all the time. However, we have different options for resolving that issue. You can go down a services led path with a, with an MDR player, like our file can complete, uh, process, or you can go down with an MSP. So the CISO's role is now not just on what products and how to Def, how to use them to best defend, but also what products, what services are available. >>What am I gonna invest in, in my team versus what am I going to push to a, to a, to a third party to look after for me. And we're seeing more and more companies at the going up the light up the, the, the enterprise stack, trusting us in our Falcon complete team, um, uh, with, with, with parts of their defense portfolio. So I think that role that you, you know, the CISO's role is developing all the time into something that's portfolio oriented. How am I getting value for service as well as value for money from products? It's a really interesting, it's really interesting development, um, in terms of what they have to deal with. Uh, you know, I still think that the, the visibility that you see from the endpoint is where's where it's where the, the Decron jewels are still it's where the data is. Mm-hmm <affirmative>. Um, and I think that's really why crowd strike is a unique proposition in that space. It's what >>We protect. So when you say the end point is where the data is, paint a picture of that. >>Well, if you think about, if a, if an actor is after at a personal information or IP, they're often going to be going down to the laptop or the, or the, or the virtual instance level to look for that within the weakest part, we've always said is people, um, and the more dive, the more open you are with that, the wider your audience there, the, the more risk you carry within that space, you know, we don't think endpoints laptops or phones, you know, servers, um, comput instances inside the cloud. They're all endpoint to us. Workloads is a better word. In fact, >>Those work, sorry, what's a better word >>Workloads >>Workloads. >>Okay. Yeah. We often talk about workloads rather than >>Is it data store and >>Endpoint? Yeah. If it's computer or not, it's, it's, it's basically, uh, it's a workload where, where we can put a sensor. How >>About a, how about a backup Corpus, uh, a backup backup Corpus of data? >>Well, I think if there's a, if there's a place that we can put a sensor on it to see whether it's being, you know, active or not, and we can track the telemetry from it, we would consider >>That sensor would be an agent. Yeah. An agent. Yeah. Yeah. Okay. And so you said single agent, >>We have one agent that runs all of our products this way, again, one of the design principles and, and the basics of our company, >>Because one of the things that we've seen, maybe tell me if you don't see this, is, is that a lot of times ransomware attackers will go after the, the, the backup Corpus mm-hmm <affirmative> disable it. Yeah. Because, you know, once you get that, you can't recover a hundred percent. Yeah. And they'll encrypt the, all the data on the network, and then they'll, they'll hold the backup Corpus hostage. >>This is one of the great advantages of how CrowdStrike and how our platform works. In fact, you know, um, a lot of other vendors talk in terms of, uh, you know, known bad known good, and, and, and indicators of compromise. Right. You know, I know this IP address has been compromised. I know that anything originating from here is bad. Um, what CrowdStrike looks at is, is, is we've built up a very, very, um, substantial, uh, library of what we call indicators of attack. Indications of attack are looking at the potential for attack. And whether, whether that in conjunction that specific piece of telemetry in conjunction with others makes the attack more likely. So for example, if someone, um, opens an email, we don't think that's necessarily, you know, a, a, a risk point, right. Um, but if someone opens an email and they click on an attachment, we think, well, maybe there's, there's, you know, that's happens billions of times a day, so still not bad, but if that then spills up, you know, a process, and if that process then starts to enumerate hard drives and start to look for backups, you know, we're getting more suspicious all the time. >>Um, and if they're then cause an encryption routine, we can be pretty certain at that point that what we've got in play is, is ransomware attack. Um, by looking at the holistic attack, the whole process of it, and having that sort of fingerprint of what that may look like. And in combining that with our knowledge of bad actors, our intelligence in the field, we've got a very good view on what may happen there. So exactly to your point, if we see, um, someone going after backups as part of a wider process that helps us identify that something of something bad is, is about to happen in terms of ransomware attack allows us to take action against it, put in the appropriate containment or blocking, >>And then explain. So, you know, when people hear agents, they're like, oh, another agent to manage, but I was talking to somebody the other day and saying, know, we're gonna integrate with the CrowdStrike agent because it's so robust. Correct. And what we are doing is, which is agent list is it's good, it's lightweight, but we can't get the data. Yep. You know, so explain that. So there's a trade off, right? I mean, you gotta manage an agent, right. But obviously it's working, your customers are, are adopting. >>So it's an extremely lightweight agent. That's always been the, the premise for this. And I think when George founded the company, one of the things he noticed was, you know, how long it was taking for someone to scan it, get us, get through a scan while they were trying to get an email out before a plane took off. And he said, you know, we can't have this. So, so he was looking at how do we make this as light as possible? Um, and, uh, and so that's one of been principle for us, right from day one. And you're right. Um, third parties do want to leverage our agent because of it's robustness. We look at pretty much everything that's happening as a telemetry event, once, once power hits the CPU through, till it drops out. So we've got very rich knowledge of what's happening on every single device or, or workload that's out there. >>And it's very usable for other people, as far as the customer's concerned, if a third party can use that information rather than have to deploy another agent, that's a huge win for the customer. I think we all know that proliferation of agents, Harrison, that's what, that was the old way of doing things. You know, people would acquire products and try and bundle 'em together and what they ended up with multiple agents competing for resources on the, on the system, by having one agent well defined, well architected, what we have is a modern, a modern software architecture to solve modern problems. >>Okay. So, uh, last question. Yep. When during the pandemic, we noticed that the, um, everything changed, obviously work from home remote work, and that the implications on the CISO were these permanent changes. And we reported on this and breaking analysis and other except endpoint, uh, you guys CrowdStrike, uh, uh, identity Okta got a boost, uh, cloud security, Zscaler. Yep. You know, got a boost, rethinking the network network. Security became top of mind that, and that we said is these are permanent changes, but now as we exit, but they were rushed as we exit the isolation economy. What can we expect going forward? >>I think to earlier point the ability for us to work across all of those areas and work better, you know, everyone was very much concentrating on delivered their own product as best as they could, as quickly as they could to meet the demands of the pandemic. Now we can go through a place of making sure that we work really, really well together as different units to solve the customer problem. So trim some of the trim trim, some of the, of, of, of the, the fat out of any integrations that we may have built quickly to solve a problem. Now we can focus on doing it really well. What we're seeing is a proliferation in our world of more applications in our store. So tighter integration inside our UI with our third party products, um, and a lot of demand for that. So really the, the customer experience is as seamless as possible. We talk about, you know, frictionless is what we want to see. Um, and that's, you know, the boost that the, the, the disruption got from the pan from the pandemic was fantastic start of the innovation. Right now, we have the opportunity to bring everything together, to really solve some excellent problems for customers, um, and make the world safer place. >>Jeff, great summary. Thank you for coming on. I'm gonna, I'm gonna give my quick take on, on this reinforc. I mean, I think very clearly AWS is, is enforcing the notion that that security is, is job one for them from the, the nitro chip, you know, all the way up the stack all the way through the culture. I mean, I think we heard that at, at this event. Um, I think you heard, you know, some great announcements, a lot of the stuff around, you know, threat detection and, and, and automation and, and, and reasoning, which is great. I don't think you heard a lot on how AWS are making the CISO's life simpler. I think a lot of that goes to the ecosystem. Mm-hmm <affirmative> maybe, uh, but the other thing is AWS leaving a lot of room, a lot of meat in the bone, as we like to say sometimes for the, for the ecosystem. >>Mm. Um, you know, security is a good example. I mean, you know, Microsoft makes a lot of money and security. AWS doesn't make a ton of money in security. It's just sort of comes with it. I think we're also seeing the changing role, the CISO, I think the cloud is becoming the first line of the fence, CISO and developers. The next line audit is really the third line and developer. The developer role is becoming increasingly important and, and frankly sophisticated, they gotta worry about securing the containers. They gotta worry about the run time. They have to worry about the platform as a service. And so, you know, developers need the team with the, with the, with the security operations team. So that's kind of my takeaway here. I think the event was, was, was good. It was not, it wasn't oversubscribed. I think people in, in Boston this time of year at the beach, um, whereas last 2019, you know, it was June. And so you get, you had a, a bigger attendance, but that's kind of my takeaway. Anything you'd add to that, Jeff, >>I think the quality has been here. Yeah. Um, you know, maybe not the quantity the quality has certainly been here. Um, I think, you know, there is, uh, a lot of innovation that's happening in the security industry. I think AWS has got some good products that they they're helping deliver, but as you said, they're there to help us support us and, and the other ISVs to really come together and build our best of breed overall solution that helps our customers and solve some of that complexity that you're seeing. And some of that uncertainty you're seeing is who has to solve what problem in the stack. Yeah. >>Well, thanks for that. Thanks for that. Thanks for help me wrap up here. The, the security space remains one that's highly fragmented, highly complex, you know, lack of talent is, is the, the problem that most organizations have. Lena smart of MongoDB doesn't have that problem nor does AWS, I guess cuz they're AWS and, and Mongo. Uh, but that's a wrap here from, from day two, the cube go to the cube.net. You'll see all these videos, youtube.com/silicon angle. If you want, you know, the YouTube link. Yeah. You can go there. Silicon angle.com is where we publish all the, the news of the day. wikibon.com for, for the research. This is Dave ante. Look for John furrier from Monica at, uh, the, the crypto event, uh, all this week. And we will see you next time. Thanks for watching.

>> From theCUBE studios in Palo Alto in Boston, bringing you data-driven insights from theCUBE in ETR. This is Breaking Analysis with Dave Vellante. >> Despite the more than $100 billion spent each year fighting Cyber-crime. When we do an end-of-the year look back and ask "How did we do?" The answer is invariably the same, "Worse than last year." Pre pandemic, the picture was disheartening, but since March of 2020 the situation has only worsened as cyber-criminals have become increasingly sophisticated, better funded and more brazen. SecOps pros continue to fight, but unlike conventional wars, this one has no end. Now the flip side of course, is that markets continue to value cybersecurity firms at significant premiums. Because this huge market will continue to grow by double digits for the foreseeable future. Hello and welcome to this week's Wikibon theCUBE Insights powered by ETR. In this Breaking Analysis, we look at the state of cybersecurity in 2021 and beyond. We'll update you with the latest survey data from enterprise technology research and share the fundamentals that have investors piling into the security space like never before. Let's start with the customer view. Cybersecurity remains the number one priority for CIOs and CSOs. This latest ETR survey, once again asked IT buyers to rank their top priorities for the next 12 months. Now the last three polling period dating back to last March. Cybersecurity has outranked every top spending category, including cloud, data analytics, productivity software, networking, AI, and automation or RPA. Now this shouldn't surprise anybody, but it underscores the challenges that organizations face. Not only are they in the midst of a non-optional digital transformation, but they have to also fund a cyber war that has no ceasefires, no truces, and no exit path. Now there's much more going on in cybersecurity than ransomware, but certainly that has the attention of executives. And it's becoming more and more lucrative for attackers. Here's a snapshot of some of the more well-documented attacks this decade many which have occurred in very recent months. CNA Financial, they got hit earlier this year and paid a $40 million ransom. The Ireland Health Service also got hit this year and refused to pay the ransom, but it's estimated that the cost to recover and the damage to the organization exceeded half a billion dollars. The request was for a $20 million ransom. The JBS meat company hack, they paid $11 million. CWT travel paid $5 million. The disruption from the Colonial Pipeline company, was widely reported they paid more than $4 million, as the Brenntag, the chemical company. The NBA got hit. Computer makers, Quanta and Acer also. More than 2,000 random attacks were reported to the FBI in the first seven months of 2021. Up more than 60% from 2020. Now, as I've said many times, you don't have to be a genius to be a ransomware as today. Anyone can go on the dark web, tap into ransomware as a service. Attackers, they have insidious names like darkside, evil, the cobalt, crime gang, wizard spider, the Lazarus gang, and numerous others. Criminals they have negotiation services is most typically the attackers, they'll demand a specific amount of money but they're willing to compromise in an exchange of cryptocurrency for decryption keys. And as mentioned, it's not just ransomware supply chain attacks like the solar winds hack hit organizations within the U.S government and companies like Mimecast this year. Now, while these attacks often do end up in a ransom situation. The attackers sometimes find it more lucrative to live off the land and stealth fashion and ex filtrates sensitive data that can be sold or in the case of many financial institution attacks they'll steal information from say a chief investment officer that signals an upcoming trading strategy and then the attackers will front run that trade in the stock market. Now, of course phishing, remains one of the most prominent threats. Only escalated by the work from home trend as users bring their own devices and of course home networks are less secure. So it's bad, worse than ever before. But you know, if there's a problem, entrepreneurs and investors, they're going to be there to solve it. So here's a LinkedIn post from one of the top investors in the business, Mike Speiser. He was a founding investor in Snowflake. He helped get pure storage to escape velocity and many, many other successes. This hit my LinkedIn feed the other day, his company Sutter Hill Ventures is co-leading a 1.3 Series D on an $8.3 billion valuation. They're putting in over $200 million. Now Lacework is a threat detection software company that looks at security as a data problem and they monitor exposures across clouds. So very timely. So watch that company. They're going to soar. Now the right hand chart shows venture investments in cybersecurity over the past several years. You can see it exploded in 2019 to $7.6 billion. And people thought the market was peaking at that time, if you recall. But then investments rose a little bit to $7.8 billion in 2020 right in the middle of lockdown. And then the hybrid work, the cloud, the new normal thesis kicked in big time. It's in full gear this year. You can see nearly $12 billion invested in cybersecurity in the first half of 2021 alone. So the money keeps coming in as the problem gets worse and the market gets more crowded. Now we'd like to show this slide from Optiv, it's their security taxonomy. It'll make your eyes cross. It's so packed with companies in different sectors. We'll put a link in our posts, so you can stare at this. We've used this truck before. It's pretty good. It's comprehensive and it's worth spending some time to see what that landscape looks like. But now let's reduce this down a bit and bring in some of the ETR data. This is survey data from October that shows net score or spending momentum on the vertical axis and market share or pervasiveness in the dataset on the horizontal axis. That's a measure of mentioned share if you will. Now this is just isolated on the information security sector within the ETR taxonomies. No filters in terms of the number of responses. So it's every company that ETR picks up in cybersecurity from its buyer surveys. Now companies above that red line, we consider them to have a highly elevated spending momentum for their products and services. And you can see, there are a lot of companies that are in this map first of all, and several above that magic mark. So you can see the momentum of Microsoft and Palo Alto. That's most impressive because of their size, their pervasiveness in the study, Cisco and Splunk are also quite prominent. They don't have as much spending momentum, but they're pretty respectable. And you can see the companies that have been real movers in this market that we've been reporting on for a while. Okta, CrowdStrike, Zscaler, CyberArk, SailPoint, Authzero, all companies that we've extensively covered in previous breaking analysis episodes as the up and comers. And isn't it interesting that Datadog is now showing up in the vertical axis. You see that in the left-hand side up high, they're becoming more and more competitive to Splunk in this space as an alternative and lines are blurring between observability, log analytics, security, and as we previously reported even backup and recovery. But now let's simplify this picture a bit more and filter down a little bit further. This chart shows the same X, Y view. Same data construct and framework, but we required more than a hundred responses to hit the chart. So the companies, they have to have a notable market presence in the ETR survey. It's perhaps a bit less crowded, but still very packed. Isn't it? You can see firms that are less prominent in the space like Datadog fell off. The big companies we mentioned, obviously still prominent Microsoft, Palo Alto, Cisco and Splunk and then those with real momentum, they stand out a little bit. There's somewhat smaller, but they're gaining traction in the market. As we felt they would Okta and Auth zero, which Okta acquired as we reported on earlier this year, both showing strength as our CrowdStrike, Zscaler, CyberArk, which does identity and competition with Okta and SentinelOne, which went public mid this year. The company SentinelOne uses AI to do threat detection and has been doing quite well. SalePoint and Proofpoint are right on that red elevated line and then there's a big pack in the middle. Look, this is not an easy market to track. It's virtually every company plays in security. Look, AWS says some of the most advanced security in the business but they're not in the chart specifically, but you see Microsoft is. Because much of AWS security is built into services. Amazon customers heavily rely on the Amazon ecosystem which is in the Amazon marketplace for security products. And often they associate their security spend with those partners and not necessarily Amazon. And you'll see networking companies you see right there, like Juniper and the bottom there and in the ETR data set and the players like VMware in the middle of the pack. They've been really acquisitive for example, with carbon black. And the, of course, you've got a lot of legacy players like McAfee and RSA and IBM. Look, virtually every company has a security story and that will only become more common in the coming years. Now here's another look at the ETR data it's in the raw form, but it'll give you a sense of two things; One is how the data from the previous chart is plotted. And two, it gives you a time series of the data. So the data lists the top companies in the ETR data sets sorted by the October net score in the right most column. Again, that measures spending momentum. So to make the cut here, you had to have more than a hundred mentions which is shown on the left-hand side of the chart that shared N, IE that's shared accounts in the dataset. And you can track the data from last October, July of this year and the most recent October, 2021 survey. So we, drew that red line just about at the 40% net score market coincidentally, there are 10 companies that are over that figure over that bar. We sometimes call out the four star companies. We give four stars to those companies that both are in the top 10 and spending momentum and the top in prominence are shared N in the dataset. So some of these 10 would fit into that profile by that methodology, specifically, Microsoft, Okta, CrowdStrike, and Palo Alto networks. They would be the four star companies. Now a couple of other things to point out here, DDoS attacks, they're still relevant, and they're real threat. So a company like CloudFlare which is just above that red line they play in that space. Now we've also shaded the companies in the fat middle. A lot of these companies like Cisco and Splunk for example, they're major players in the security space with very strong offerings and customer affinity. We sometimes give them two stars. So this is what makes this market so interesting. It's not like the high end discourage market where literally every vendor in the Gartner magic quadrant is up in the right, okay. And there's only five or four or five, six vendors there. This market is diverse with many, many segments and sub segments, and it's such a vital space. And there's so many holes to fill with an ever changing threat landscape as we've seen in the last two years. So this is in part which makes it such a good market for investors. There's a lot of room for growth and not just from stealing market share. That's certainly an opportunity there, but things like cloud, multi-cloud, shifting end points, the edge ,and so forth make this space really ripe for investments. And to underscore this, we put together this little chart of some of the pure play security firms to see how their stock performance has done recently. So you can see that here, you know, it's a little hard to read, but it's not hard to see that Okta, CrowdStrike, Zscaler on the left have been big movers. These charts where possible all show a cross here, starting at the lockdown last year. The only exception is SentinelOne which IPO mid this year. So that's the point March, 2020 when the whole world changed and security priorities really started to shift to accommodate the work from home. But it's quite obvious that since the pandemic, these six companies have been on a tear for the fundamental reason that hybrid work has created a shift in spending priorities for CSOs. No longer are organizations just spending on hardening a perimeter, that perimeter has been blown away. The network is flattening. Work is what you do, it's no longer a place. As such threats are on the rise and cloud, endpoint security, identity access tools there become increasingly vital and the vendors who provide them are on the rise. So it's no surprise that the players that we've listed here which play quite prominently in those markets are all on fire. So now in summary, I want to stress that while the picture is sometimes discouraging. The entire world is becoming more and more tuned in to the cyber threat. And that's a good thing. Money is pouring in. Look, technology got us into this problem and technology is a defensive weapon that will help us continue this fight. But it's going to take more than technology. And I want to share something. We get dozens and dozens of in bounds this time of the year because we do an annual predictions posts. So folks and they want to help us out. So now most of the in bounds and the predictions that we get, they're just kind of observations or frankly, non predictions that can't really be measured as like where you right, or where you're wrong. So for the most part I like predictions that are binary. For example, last December we predicted their IT spending in 2021 would rebound and grow at 4% relative to 2020. Well, it did rebound but that prediction really wasn't as accurate as I'd like. It was frankly wrong. We think it's actually the market's going to actually grow. Spending's going to grow more like 7% this year. Not to worry plenty of our predictions came true, but we'll leave that for another day. Anyway, I got an email from Dean Fisk of Fisk partners. It's a PR firm representing an individual named Lyndon Brown chief of strategy officer of Pondurance. Pondurance is a security consultancy. And the email had the standard, Hey, in case you're working on a predictions post this year end, blah, blah, blah. But instead of sharing with me, a bunch of non predictions, the notes said here's some trends in cybersecurity that might be worth thinking about. And there were a few predictions sprinkled in there, but I wanted to call it a couple of the comments from Linden Brown, whom I don't know, I never met the guy, but I really thought his trends were spot on. The first was a stat I'll share that the United Nations report cyber crime is up 600% due to the pandemic. If as if I couldn't feel worse already. His first point though was that the hybrid workplace will be the new frontier for cyber. Yes, we totally agree. There are permanent shifts taking place. And we actually predicted that last year, but he further cited that many companies went from zero to full digital transformation overnight and many are still on that journey. And his point is that hybrid work is going to require a complete overhaul of how we think about security. We think this is very true. Now the other point that stood out is that governments are going to crack down on this behavior. And we've seen this where criminals have had their critical infrastructure dismantled by governments. No doubt the U.S government has the capabilities to do so. And it is very much focused on this issue. But it's tricky as Robert Gates, who was the former defense secretary, told me a few years back in theCUBE. He said, well, we have the best offense. We also have the most to lose. So we have to be very careful, but Linden's key point was you are going to see a much more forward and aggressive public policy and new laws that give crime fighters more latitude . Again, it's tricky kind of like the Patriot act was tricky but it's coming. Now, another call-out from Linden shares his assertion that natural disasters will bring increased cyber risk. And I thought this was a really astute point because natural disasters they're on the rise. And when there's chaos, there's cash opportunities for criminals. And I'll add to this that the supply chain risk is far from over. This is going to be continuing theme this coming year and beyond. And one of the things that Linden Brown said in his note to me is essentially you can't take humans out of the equation. Automation alone can't solve the problem, but some companies operate as though they can. Just as bad human behavior, can tramp good security, Good human education and behavior is going to be a key weapon in this endless war. Now the last point is we're going to see continued escalation government crackdowns are going to bring retaliation and to Gates' point. The U.S has a lot at stake. So expect insurance premiums are going to go through the roof. That's assuming you can even get cyber insurance. And so we got to hope for the best, but for sure, we have to plan for the worst because it's coming. Deploy technology aggressively but people in process will ultimately be the other ingredients that allow us to live to battle for another day. Okay. That's a wrap for today. Remember these episodes they're all available as podcasts, wherever you listen just search "breaking analysis" podcast. Check out ETR his website at ETR.plus. We also publish a full report every week on Wikibond.com and siliconangle.com. You can get in touch. Email me @david.volante@tsiliconangle.com or you can DM me @dvellante. Comment on our LinkedIn posts. This is Dave Vellante for theCUBE insights powered by ETR. Have a great week. everybody stay safe, be well. And we'll see you next time. (techno music)

(upbeat music) (upbeat music) >> Hello, and welcome back to theCUBE's coverage of Red Hat Summit 2021 virtual. I'm John furrier, host of theCUBE We've got a great segment with a customer Roberto Calandrini, Head of Architecture, Digital and AI services for Snam customer need to leak oil and gas and AI services for Snam customer need to leak oil and gas great industrial IOT and digital transformation. Roberto, thank you for coming on the cube and spending the time. >> Hi, John. Good to see you. Thank you for inviting me. >> That's awesome. Before we get started, I love the story and again I think security edge and in, in in disease industry for disruptions is huge story here. But before we get started, talk about Snam. Give me a quick overview of Snam, who you guys are. What's your focus customers you have and your role there. >> Of course. So it was not is one of the major global energy infrastructure company and is managing a international and a national asset specifically and a national asset specifically in the natural gas utility segment. There's what the story Kelly Snam did. And it recently positioned itself as a leader of the energy transition, investing a lot in startups of the energy transition, investing a lot in startups mostly focused on, for example, H2 so hydrogen, these the very recent topic, bio Nathan with numb for environment sustainable mobility, energy efficiency, and reforestation. So we kind of So we kind of expanded our core businesses in terms of positioning ourselves much more within the energy transition segments and still developing a lot, what we used to do in the natural gas, in the natural gas industry. And my role there is, as you said, Head of Architecture And my role there is, as you said, Head of Architecture Digital and AI Services. So I'm basically responsible for managing the entire technology stack of Snam and focusing a lot on developing artificial intelligence services for our business lines. >> That's awesome. Well, thanks for sharing that. Let's talk about the digital transmission you've been rearchitecting. You guys redesign your applications map impacting your architecture from the data center to the edge recently, even the center of that your responsibility for the business. What were the business drivers and objectives for you to reach that transformation goal and target? >> Yeah, thanks for, for the question. So they basically, we were mainly interested in exploiting three main three main objectives with our transformation. The first was very much related to our business strategy. So having a more agile So having a more agile and flexible digital architecture that will still on one one end provide us with the reliability that we need in order to sustain our business critical application. And on the other end, provide the agility And on the other end, provide the agility and flexibility the speed in some sense that our new business line will lead in order to succeed. So let's say speed and agility. The second one was a focus on platformization and servitization of our industry specific application. So what we used to develop, as So what we used to develop, as let's say, very focused full stack application now, thanks to the modern architectures can be developed on top of platforms or using microservices. on top of platforms or using microservices. And that will apart from providing us agility And that will apart from providing us agility and flexibility will give us more alignment will give us more alignment between what we invest. So the cost of our software development efforts So the cost of our software development efforts and the business value we derive and the business value we derive from the software we produce basically. >> John: Can I... >> So I focus on value. >> Can I ask you real quick on the business drivers? Can you talk about the impact of domain expertise? One of the trends we're seeing is you want to scale of cloud and having an architecture that's going to enable value creation and customer value for your customers but in these vertical disruptions these new opportunities in these industries like you're a very specialized industry get natural gas and you still need that domain expertise if you want to tap in and advantage of the AI. >> Absolutely. >> Can you share your vision on how you're doing that and how that relates to the business driver? >> Yeah. So let's say that this is very, very aligned with >> Yeah. So let's say that this is very, very aligned with with our strategy that focuses with our strategy that focuses on platformization servitization. So if you think So if you think about how we can explore the best, the value of our people so our industry specific expertise, there are two main ways. The first is to build from scratch as we used to do The first is to build from scratch as we used to do in the past full stack applications that are really focused on a specific, this specific need of a business line. And so focused on the business side of the industry or we can leverage modern architecture and develop services that serve that specific need. and develop services that serve that specific need. So this will let us basically being able to So this will let us basically being able to So this will let us basically being able to satisfy our internal customer. So our internal clients and the business need and at the same time, being able to use that software so that service for an external customer or potential potentially for, for our peers. So in order to provide value exploiting our business expertise, in order to, for example you cited AI using what we developed as an AI system, for example, for two in order to solve demand for customer problems and provide that same business value for, for for other companies that are are they share our same business need. >> Yeah. It's a data workload. I mean, it's at the end of the day you need the data >> Exactly. >> and that's going to come back. I want to unpack the data workload when we talk about the edge, but real quick, I want to talk about the role red hat played in your journey to execute your architecture and transformation. Can you share how Red Hat helped you in this? >> Sure. So let's say that, you know, >> Sure. So let's say that, you know, it all began in two, 2018. it all began in two, 2018. When we started to set up our cloud readiness map When we started to set up our cloud readiness map in order to assess what we will, we'll be able to transform. in order to assess what we will, we'll be able to transform. So scale lift and shift or refactor of of our application map into a modern architecture application. into a modern architecture application. So this cloud readiness journey started So this cloud readiness journey started with assessing the level of modularity with assessing the level of modularity with assessing the level of modularity in some way of some of our main applications. And what we started to do is to develop the first blueprints in order to start to develop new system in order to start to develop new system and new application on a cloud native framework and new application on a cloud native framework and Red Hat really Apple with this but providing a container orchestration platform OpenShift on which we started to build up our new, our new application, that up our new, our new application, that so the cloud native application by application map so the cloud native application by application map then in 2019, we started to accelerate this then in 2019, we started to accelerate this let's say moving to a CNA environment journey. let's say moving to a CNA environment journey. let's say moving to a CNA environment journey. And we started to move the first 10 to 20% And we started to move the first 10 to 20% of our workload on the platform as a service environment. of our workload on the platform as a service environment. So an OpenShift and this is something that we are still doing while at the same time, developing different project at the same time, developing different project that tries to turn what we used to have developed that tries to turn what we used to have developed as custom application toward platforms. as custom application toward platforms. So we are basically transforming our application map leveraging the power for what regards to the customer application of modern architectures. So microservices bays So microservices bays and the container orchestration platform provided by Red Hat OpenShift. And at the same time the other main technological driver is platform migration. the other main technological driver is platform migration. So with basically trying to leverage, especially for the processes that are already very standardized. for the processes that are already very standardized. So usually corporate processes. So staff SEF function processes what we're doing there is to build on top of very what we're doing there is to build on top of very let's say industry standard platform. I don't want to, to provide you with names but you can imagine most but you can imagine most of them are software as a service platforms. And this is really happiness because we are as a target. And this is really happiness because we are as a target. We are, we have as, as a target for 2022 to basically have the number for 2022 to basically have the number of application with respect to the number of application our application map of 2018. our application map of 2018. >> So big, big step increase in applications. >> Yeah, yeah, yeah >> That's great. That's cool. And then the ecosystem of energy efficiency and aiming for lower carbon emissions that's a goal you guys are helping with. How is Red Hat helping in the ecosystem in your ecosystem? Do you see them going above and beyond? >> You know, the, for what regards to new business lines? I think that the container orchestration platform I think that the container orchestration platform so OpenShift would provide us with the right level so OpenShift would provide us with the right level of flexibility and agility to move of flexibility and agility to move at the speed of those businesses. That is quite different with respect to our classical ones and frequently needs a much higher speed of development. and frequently needs a much higher speed of development. >> Yeah. Awesome. Well, that's great. Great to see that success with Red Hat let's let's shift gears to the topic of the edge. >> Yeah We've been reporting on Silicon angle industrial edge for many years now. And we were calling out the security potential there as risky, obviously it's, it's it's industrial there's you also got generic edge which is consumer edge and everything in between the edge is just part of the network. And you think about this, this is important for you are what are you doing for you are what are you doing with the edge and IOT from a use case standpoint? What have you already done? And what are you planning to deploy soon? Take us through your, your edge IOT use case how it is today and how you see it tomorrow. >> So let's say that Snam has long OT history that basically started that Snam has long OT history that basically started at the very beginning of our SCADA system. So what we have right now is quite complex Brown So what we have right fields situation for what regards edges and gateways fields situation for what regards edges and gateways fields situation for what regards edges and gateways and technical component that resides on, on the field. and technical component that resides on, on the field. So you can, you, you, you must consider that the Italian network is for the modern that the Italian network is for the modern modern 34,000 kilometers and modern 34,000 kilometers and as many different plants, small, medium, and as many different plants, small, medium, and and large plants spread across the country. and large plants spread across the country. And what we are trying to do leveraging also Red Hat technologies among with Red Hat technologies among with with others is trying to get the benefit with others is trying to get the benefit of containers and microservice development. So the benefit coming from cloud native application and getting those to the edge. from cloud native application and getting those to the edge. So the usual problem So the usual problem with OT as historically been a standardization with OT as historically been a standardization so a very heterogeneous number of components Virginia's protocols of components Virginia's protocols in order for them to communicate with the charters and relatively low level of security. with the charters and relatively low level of security. This is, this was mainly due to the segregation principle This is, this was mainly due to the segregation principle physical segregation principle that used to physical segregation principle that used to dominate the OT field with IOT. Of course, as you were saying we are terrifically expanding the attack surface we are terrifically expanding the attack surface from the cybersecurity standpoint, but at the same time that is mainly why we are approaching that is mainly why we are approaching in a very structural way. Our technology stack implementation including security by design in all our architectural blueprints and implementation. And we strongly believe that pushing the capability And we strongly believe that pushing the capability of container orchestration and containerization to the edge and being able to orchestrate that from the cloud or from our data centers will provide us with a very high level of high-quality and flexibility and the capability to exploited best the geographical distribution of the data. to exploited best the geographical distribution of the data. You know, you were saying a center point will be You know, you were saying a center point will be was soaked around data, and it is correct, but it in our specific case, our data basically came from points in our specific case, our data basically came from points in our specific case, our data basically came from points as I was saying, spread it all across the country. So having different data, gravity points enabled So having different data, gravity points enabled by container rise and centrally orchestrated by container rise and centrally orchestrated by container rise and centrally orchestrated environments will enable us to get the best also environments will enable us to get the best also in terms of, from the cybersecurity perspective because what will be acquired on the centralized environment is only exclusively on the centralized environment is only exclusively what is needed at the centralized environment. what is needed at the centralized environment. All the rest on our target architecture will be entirely elaborated on the field, very close to where the data physically on the field, very close to where the data physically and this will be excludable exclusively enabled by by a containerized approach. >> That's awesome. Great, great. A use case there, Roberto, what's next A use case there, Roberto, what's next for your future plans and your technology journey? Obviously AI is going to be very important and data and leveraging that you've got the core cloud data center edge perspective. >> Yeah, of course. Yeah. What, what, what's next? >> What's your future? Let's say, let's say that what we currently implemented is Let's say, let's say that what we currently implemented is and in average cloud environment so we basically have two data center and one cloud tenant, our infrastructure due to, again and one cloud tenant, our infrastructure due to, again and one cloud tenant, our infrastructure due to, again the use of OpenShifts will be easily extensible the use of OpenShifts will be easily extensible the use of OpenShifts will be easily extensible to other potentially to other cloud providers. So we will move, we're evaluating the move to a multicloud So we will move, we're evaluating the move to a multicloud a hybrid multicloud environment. At the same time our main focus right now is to close our IOT foundation. our main focus right now is to close our IOT foundation. And within the IOT foundation I think the main focus right now is on gateways and edges. I think the main focus right now is on gateways and edges. As you were saying, these are quite complex components As you were saying, these are quite complex components and must be greatly evaluated, especially from the cybersecurity standpoint and last from the cybersecurity standpoint and last but not least the data we need to. but not least the data we need to we started our data platform journey and we currently are acquiring data from legacy systems and we currently are acquiring data from legacy systems different kinds of legacy system and SCADA system. What we would like to reach is a complete IOT What we would like to reach is a complete IOT What we would like to reach is a complete IOT acquisition system that will be directly connected to our components, acquiring data on the field. Right now we are in, let's say Right now we are in, let's say in the middle of this digital transformation and we are hemming to close our and we are hemming to close our our journey in the next couple of years. >> That's great, Roberto, great story. Love the conversation. First of all, I love your title Head of Architecture, Digital AI Services. I mean, that speaks to this modern error of, of, of cloud distributed computing. You hit all the hit, all the key things, right? It's an architectural system distributed system. It's a digital business. Now, even though there's physical assets offline, online coming together in a modern way and AI really speaks to the underlying data which is combination of many, many things, you know you're you get all the action there. >> Roberto: Yeah! >> How do you feel? What's your advice to other people in the same boat you're in? >> No, I, I think that, that the interesting part of what we do that the interesting part of what we do at least in, in my specific area, and this is what digital at least in, in my specific area, and this is what digital or sustained for is digital service design. This is something new that is quite uncommon within the utility sector. And it is basically a group of people that apart And it is basically a group of people that apart from being technologists focus a lot on the interaction from being technologists focus a lot on the interaction design of what we are or what we are trying to build design of what we are or what we are trying to build in terms of the technology stack. So these are people that basically try to make the very So these are people that basically try to make the very complex technology stack we talk about in our interview much more simple the, to the final user and think about the level of interaction, complexity about the level of interaction, complexity that all our user will have with our technology stack. Especially when we talk about IOT now, and you start to interact, not just with digital systems, but also with digital or physical systems. with digital or physical systems. So yes, we, we, we have a lot on our plate >> It reminds me of the late eighties, early nineties when open standards really hit the scene and then incubated and then accelerated was seeing that same dynamic happening now with cloud. And you're a pioneer and really appreciate you taking the time to come on The Cube and speak with me about this and share your story. And more importantly than Red Hat success there. 'cause it's Red Hat summit, a story here, Roberto. Thank you very much for sharing your insights and experiences. >> Thank you for your time, John. This has been a pleasure. >> Really appreciate it. Okay. That's Red Hat CUBE coverage here with theCUBE. I'm John furrier. Thanks for watching. (upbeat music)

>> Announcer: From Copenhagen, Denmark, it's theCUBE. Covering KubeCon and CloudNativeCon Europe 2018. Brought to you by the Cloud Native Computing Foundation and its ecosystem partners. >> Hello and welcome back to the live CUBE coverage here in Copenhagen, Denmark, for KubeCon 2018, Kubernetes European conference. This is theCUBE, I'm John Furrier, my co-host Lauren Cooney here with Adrian Cockcroft who is the Vice President of Cloud Architecture and Strategy for Amazon Web Services, AWS. CUBE alumni, great to see you, a legend in the industry, great to have you on board today. Thanks for coming on. >> Thanks very much. >> Quick update, Amazon, we were at AWS Summit recently, I was at re:Invent last year, it gets bigger and bigger just continue to grow. Congratulations on successful great earnings. You guys posted last week, just continuing to show the scale and leverage that the cloud has. So, again, nothing really new here, cloud is winning and the model of choice. So you guys are doing a great job, so congratulations. Open source, you're handling a lot of that now. This community here, is all about driving cloud standards. >> Adrian: Yeah. >> Your guys position on that is? Standards are great, you do what customers want, as Andy Jassy always says, what's the update? I mean, what's new since Austin last year? >> Yeah, well, it's been great to be back on had a great video of us talking at Austin, it's been very helpful to get the message out of what we're doing in containers and what the open source team that I lead has been up to. It's been very nice. Since then we've done quite a lot. We were talking about doing things then, which we've now actually done and delivered on. We're getting closer to getting our Kubernetes service out, EKS. We hired Bob Wise, he started with us in January, he's the general manager of EKS. Some of you may know Bob has been working with Kubernetes since the early days. He was on the CNCF board before he joined us. He's working very hard, they have a team cranking away on all the things we need to do to get the EKS service out. So that's been major focus, just get it out. We have a lot of people signed up for the preview. Huge interest, we're onboarding a lot of people every week, and we're getting good feedback from people. We have demos of it in the booth here this week. >> So you guys are very customer-centric, following you guys closely as you know. What's the feedback that you're hearing and what are you guys ingesting from an intelligence standpoint from the field. Obviously, a new constituent, not new, but a major constituent is open source communities, as well as paying enterprise customers? What's the feedback? What are you hearing? I would say beyond tire kicking, there's general interest in what Kubernetes has enabled. What's Amazon's view of that? >> Yeah, well, open source in general is always getting a larger slice of what people want to do. Generally, people are trying to get off of their enterprise solutions and evolving into an open source space and then you kind of evolve from that into buying it as a service. So that's kind of the evolution from one trend, custom or enterprise software, to open source to as a service. And we're standing up all of these tools as a service to make them easier to consume for people. Just, everybody's happy to do that. What I'm hearing from customers is that that's what they're looking for. They want it to be easy to use, they want it to scale, they want it to be reliable and work, and that's what we're good at doing. And then they want to track the latest moves in the industry and run with the latest technologies and that's what Kubernetes and the CNCF is doing, gathering together a lot of technologies. Building the community around it, just able to move faster than we'd move on our own. We're leveraging all of those things into what we're doing. >> And the status of EKS right now is in preview? And the estimated timetable for GA? >> In the next few months. >> Next few months. >> You know, get it out then right now it's running in Oregon, in our Oregon data center, so the previews are all happening there. That gets us our initial thing and then everyone go okay, we want to in our other regions, so we have to do that. So another service we have is Fargate, which is basically say just here's a container, I want to run it, you don't have to declare a node or an instance to run it first. We launched that at re:Invent, that's already in production obviously, we just rolled that out to four regions. That's in Virginia, Oregon, Dublin and Ohio right now. A huge interest in Fargate, it lets you simplify your deployments a little bit. We just posted a new blog post that we have an open source blog, you can find if you want to keep up with what's going on with the open source team at AWS. Just another post this morning and it's a first pass at getting Fargate to work with Kubernetes using Virtual Kubelet which is a project that was kicked off by, it's an experimental project, not part of the core Kubernetes system. But it's running on the side. It's something that Microsoft came up with a little while ago. So we now have, we're working with them. We did a pull request, they accepted it, so that team and AWS and a few other customers and other people in the community, working together to provide you a way to start up Fargate as the underlying layer for provisioning containers underneath Kubernetes as the API for doing you know the management of that. >> So who do you work with mostly when you're working in open source? Who do you partner with? What communities are you engaging with in particular? >> It's all over. >> All over? >> Wherever the communities are we're engaging with them. >> Lauren: Okay, any particular ones that stand out? >> Other than CNCF, we have a lot of engagement with Apache Hadoop ecosystem. A lot of work in data science, there's many, many projects in that space. In AI and machine learning, we've sponsored, we've spend a lot of time working with Apache MXNet, we were also working off with TensorFlow by Torch and Caffe and there's a lot, those are all open source frameworks so there's lots of contributions there. In the serverless arena, we have our own SAM service application model. We've been open sourcing more of that recently ourselves and we're working with various other people. Across these different groups there's different conferences you go to, there's different things we do. We just sponsored Rails Conference. My team sponsors and manages most of the open source conference events we go to now. We just did RAILCON, we're doing a Rust conference, soon I think, there's Python conferences. I forget when all these are. There's a massive calendar of conferences that we're supporting. >> Make sure you email us that that list, we're interested actually in looking at what the news and action is. >> So the language ones, AltCon's our flagship one, we'll be top-level sponsor there. When we get to the U.S., CubeCon in Seattle, it's right there, it's two weeks after re:Invent. It's going to be much easier to manage. When we go to re:Invent it's like everyone just wants to take that week off, right. We got a week for everyone to recover and then it's in the hometown. >> You still have that look in your eyes when we interviewed you in Austin you came down, we both were pretty exhausted after re:Invent. >> Yeah, so we announced a bunch of things on Wednesday and Thursday and I had to turn it into a keynote by Tuesday and get everyone to agree. That's what was going on, that was very compressed. We have more time and all of the engineering teams that really want to be at an event like this, were right in the hometown for a lot. >> What's it like workin' at Amazon, I got to ask you it since you brought it up. I mean and you guys run hard at Amazon, you're releasing stuff with a pace that's unbelievable. I mean, I get blown away every year. Almost seems like, inhuman that that you guys can run at that pace. And earnings, obviously, the business results speak for themselves, what's it like there? I mean, you put your running shoes on, you run a marathon every day. >> It's lots of small teams working relatively independently and that scales and that's something other engineering organizations have trouble with. They build hierarchies that slow down. We have a really good engineering culture where every time you start a new team, it runs at its own speed. We've shown that as we add more and more resources, more teams, they are just executing. In fact, their accelerated, they're building on top of other things. We get to build higher and higher level abstractions to layer into. Just getting easier and easier to build things. We're accelerating our pace of innovation there's no slowing down. >> I was telling Jassy they're going to write a Harvard Business School case study on a lot of the management practices, but certainly the impact on the business side with the model that you guys do. But I got to ask you, on the momentum side, super impressed with SageMaker. I predicted on theCUBE at AWS Summit that that will be the fastest growing service. It will overtake Aurora, I think that is currently on stage, presented as the fastest growing service. SageMaker is really popular. Updates there, its role in the community. Obviously, Kubernete's a good fit for orchestrating things. We heard about CubeFlow, is an interesting model. What's going on with SageMaker how is it interplaying with Kubernetes? >> People that want to run, if you're running on-premise, cluster of GPU enabled machines then CubeFlow is a great way of doing that. You're on TensorFlow, that manages your cluster, you run CubeFlow on top. SageMaker is running at very low scale and like a lot of things we do at AWS, what you need to run an individual cluster for any one customer is different from running a multi-tenant service. SageMaker sits on top of ECS and it's now one of the largest generators of traffic to ECS which is Amazon's horizontally scaled, multi-tenant, cluster management system, which is now doing hundreds of millions of container launches a week. That is continuing to grow. We see Kubernetes as it's a more portable abstraction. It has some more, different layers of API's and a big community around it. But for the heavy lifting of running tens of thousands of containers in for a single application, we're still at the level where ECS does that every day and Kubernetes that's kind of the extreme case, where a few people are pushing it. It'll gradually grow scale. >> It's evolution. >> There's an evolution here. But the interesting things are, we're starting to get some convergence on some of the interfaces. Like the interfacing at CNA, CNA is the way you do networking on containers and there is one way of doing that, that is shared by everybody through CNA. EKS uses it, BCS uses it and Kubernetes uses it. >> And the impact of customers is what for that? What's the impact? >> It means the networking structures you want to set up will be the same. And the capabilities and the interfaces. But what happens on AWS is because it has a direct plug-in, you can hook it up to our accelerated networking infrastructure. So, AWS's instances right now, we've offloaded most of the network traffic processing. You're running 25 gigabits of traffic, that's quite a lot of work even for a big CPU, but it's handled by the the Nitro plug-in architecture we have, this in our latest instance type. So if you talked a bit about that at re:Invent but what you're getting is enormous, complete hypervisor offload at the core machine level. You get to use that accelerated networking. You're plugging into that interface. But that, if you want to have a huge number of containers on a machine and you're not really trying to drive very high throughput, then you can use Calico and we support that as well. So, multiple different ways but all through the same thing, the same plug-ins on both. >> System portability. You mentioned some stats, what's the numbers you mentioned? How many containers you're launching a week, hundreds of thousands? On ECS, our container platform that's been out for a few years, so hundreds of millions a week. It's really growing very fast. The containers are taking off everywhere. >> Microservices growth is, again that's the architecture. As architecture is a big part of the conversation what's your dialogue with customers? Because the modern software architecture in cloud, looks a lot different than what it was in the three layered approach that used to be the web stack. >> Yeah, and I think to add to that, you know we were just talking to folks about how in large enterprise organizations, you're still finding groups that do waterfall development. How are you working to kind of bring these customers and these developers into the future, per se? >> Yeah, that's actually, I spend about half my time managing the open source team and recruiting. The other half is talking to customers about this topic. I spend my time traveling around the world, talking at summits and events like this and meeting with customers. There's lots of different problems slowing people down. I think you see three phases of adoption of cloud, in general. One is just speed. I want to get something done quickly, I have a business need, I want to do it. I want machines in minutes instead of months, right, and that speeds everything up so you get something done quickly. The second phase is where you're starting to do stuff at scale and that's where you need cloud native. You really need to have elastic services, you can scale down as well as up, otherwise, you just end up with a lot of idle machines that cost you too much and it's not giving you the flexibility. The third phase we're getting into is complete data center shutdown. If you look at investing in a new data center or data center refresh or just opening an AWS account, it really doesn't make sense nowadays. We're seeing lots of large enterprises either considering it or well into it. Some are a long way into this. When you shut down the data center all of the backend core infrastructure starts coming out. So we're starting to see sort of mainframe replacement and the really critical business systems being replaced. Those are the interesting conversations, that's one of the areas that I'm particularly interested in right now and it's leading into this other buzzword, if you like, called chaos engineering. Which is sort of the, think of it as the availability model for cloud native and microservices. We're just starting a working group at CNCF around chaos engineering, is being started this week. So you can get a bit involved in how we can build some standards. >> That's going to be at Stanford? >> It's here, I mean it's a working group. >> Okay, online. >> The CNCF working group, they are wherever the people are, right. >> So, what is that conversation when you talk about that mainframe kind of conversation or shut down data centers to the cloud. What is the key thing that you promote, up front, that needs to get done by the by the customer? I mean, obviously you have the pillars, the key pillars, but you think about microservices it's a global platform, it's not a lift and shift situation, kind of is, it shut down, but I mean not at that scale. But, security, identity, authentication, there's no perimeter so you know microservices, potentially going to scale. What are the things that you promote upfront, that they have to do up front. What are the up front, table stake decisions? >> For management level, the real problem is people problems. And it's a technology problem somewhere down in the weeds. Really, if you don't get the people structures right then you'll spend forever going through these migrations. So if you sort of bite the bullet and do the reorganization that's needed first and get the right people in the right place, then you move much faster through it. I say a lot of the time, we're way upstream of picking a technology, it's much more about understanding the sort of DevOps, Agile and the organizational structures for these more cellular based organizations, you know, AWS is a great example of that. Netflix are another good example of that. Capital One is becoming a good example of that too. In banking, they're going much faster because they've already gone through that. >> So they're taking the Amazon model, small teams. Is that your general recommendation? What's your general recommendation? >> Well, this is the whole point of microservices, is that they're built by these small teams. It's called Conway's law, which says that the code will end up looking like the team, the org structure that built it. So, if you set up a lots of small teams, you will end up with microservices. That's just the way it works, right. If you try to take your existing siloed architecture with your long waterfall things, it's very hard not to build a monolith. Getting the org structure done first is right. Then we get into kind of the landing zone thing. You could spend years just debating what your architecture should be and some people have and then every year they come back, and it's changing faster than they can decide what to do. That's another kind of like analysis paralysis mode you see some larger enterprises in. I always think just do it. What's the standard best practice, layout my accounts like this, my networks like this, my structures we call it landing zone. We get somebody up to speed incredibly quickly and it's the beaten path. We're starting to build automation around these on boarding things, we're just getting stuff going. >> That's great. >> Yeah, and then going back to the sort of chaos engineering kind of idea, one of the first things I should think you should put into this infrastructure is the disaster recovery automation. Because if that gets there before the apps do, then the apps learn to live with the chaos monkeys and things like that. Really, one of the first apps we installed at Netflix was Chaos Monkey. It wasn't added later, it was there when you arrived. Your app had to survive the chaos that was in the system. So, think of that as, it used to be disaster recovery was incredibly expensive, hard to build, custom and very difficult to test. People very rarely run through their disaster recovery testing data center fail over, but if you build it in on day one, you can build it automated. I think Kubernetes is particularly interesting because the API's to do that automation are there. So we're looking at automating injecting failure at the Kubernetes level and also injecting into the underlying machines that are running Good Maze, like attacking the control plane to make sure that the control plane recovery works. I think there's a lot we can do there to automate it and make it into a low-cost, productized, safe, reliable thing, that you do a lot. Rather than being something that everyone's scared of doing that. >> Or they bolted on after they make decisions and the retrofit, pre-existing conditions into a disaster recovery. Which is chaotic in and of itself. >> So, get the org chart right and then actually get the disaster recovery patterns. If you need something highly available, do that first, before the apps turn up. >> Adrian, thanks for coming on, chaos engineering, congratulations and again, we know you know a little about Netflix, you know that environment, and been big Amazon customer. Congratulations on your success, looking forward to keeping in touch. Thanks for coming on and sharing the AWS perspective on theCUBE. I'm John Furrier, Lauren Cooney live in Denmark for KubeCon 2018 part of the CNC at the Cloud Native Compute Foundation. We'll back with more live coverage, stay with us. We'll be right back. (upbeat music)