(upbeat music) >> Narrator: From around the globe, it's the cube with digital coverage of AWS re:invent 2020, sponsored by Intel, AWS, and our community partners. >> Hey, welcome back, everybody. Jeff Frick here with the cube. Welcome back to our ongoing coverage of AWS re:invent 2020. It's virtual this year, just like everything is virtual this year. But it's still the biggest event in cloud, and we're excited to be back. I'd like to welcome in our next guest, he is Erez Yarkoni, head of cloud and telco technologies for checkpoint software technologies. There it is great to see you. >> Nice to see you, Jeff. Thank you for hosting me this morning. >> Absolutely, so let's jump into it. You've been in the cloud space. For a while I saw a great interview with you, I think like four or five years ago, when I was doing some research, and you're talking about, all the great innovation that's coming from cloud. That was years and years ago. Now, suddenly, we had COVID arrived. And I'm sure you've seen all the social media means who's driving your digital transformation, the CEO, the CMO, or COVID. And we don't know what the answer is. So first off, I'd just love to get your perspective, you've been in this a long time now that we're here in 2020, both in terms of the development of the cloud and the adoption of the cloud, as well as this accelerant that came into our lives in March. >> Hey Jeff, You know I have been lucky that I got to participate in this kind of innovation cycle of IT and technology. Earlier, I was a CIO for an organization, large organization, and we were adopting cloud. At the same time, as an organization, we were selling technologies and networks to our customers, and they were asking to adopt cloud and so on. And these are probably some of the early interviews we looked at. So I got lucky that I had to look at my own organization and understand where cloud is beneficial. And obviously, now I work with cybersecurity and secure in the cloud. So it's all come together. I think that as as cloud technologies came in, it really came in to help many of us address the fundamental need to come to market with business capabilities and functionality faster. For those of us in technology, you know we were probably always the bottleneck of our business counterparts that said. Well, if you could only do this for me, I could grow the business, I could change your business, I can go to other places, I can incrementally bring more customers, revenues, and so on. The cloud platforms have done a tremendous job allowing developers and operators have technology to change the speed in which they service their businesses. But with speed comes security. And I think the cloud platforms disneynow. Specifically, here platforms like AWS build security into into the cloud as well. But there's other needs in it and the pandemic or COVID. All it did is it shifted some of these motions into another gear and then it created some new business needs that can only be service that digital mean, you are now having a collaboration session over a digital channel where otherwise would be probably sitting in the same studio. So definitely collaboration has changed. Commerce have changed, especially for some organizations that never planned to do commerce over digital channels, small businesses and so on. Just think about the food delivery industry and how many new customers have now sole, restaurants that have now signed up for food delivery services that must have exploded. These continuous changes brought continuous needs to address security as well. AWS is allowing people to build some amazing applications. I watched the commercials when I watch football on Sunday. Right? So peloton and zoom in education and many other things. And yeah, so when people build those amazing applications, the next thing they need to do is make sure that the zoom session is secure. And nobody's crashing in if you have a bunch of kids doing zoom for school. >> Erez you talked on so many topics on that. So let's break a few of them down. First off, I just, you know thank goodness for cloud, right? >> Yeah >> If this pandemic had hit 10 years ago, 15 years ago, we would not have been able those of us in the IT industry to shift so easily to cloud based or excuse me to working from home or working from anywhere because of the cloud based applications huge enabler. But it's funny now once on what you just talked about, did you talk about cost savings? And I still find there's a lot of people that are looking at cloud as a way to save costs. You been in it for a while, and you know the truth is all about agility and speed of business, speed of adoption, speed of innovation. You said it in every single one of your answers. But it still seems to be a lag for a lot of people now with with COVID, and, you know securing people work from home, one of the big issues go back to security is increasing attack surface. And we know the increasing sophistication of the bad guys. Now, I'm hearing from some people that they're actually using old techniques that they used to use back in the day because they know people are at home, and maybe things are as locked down. You talk about security needs to bake be baked in all long the way we're using all these, more and more cloud based apps. How do people think about the security perspective? How do you bake it into everything that you do? And how do you respond to the increased attack surfaces that have now suddenly opened up to look like for probably a little while not just going back to the old way, anytime soon? >> Yeah, so you know, you you touched on that, you said that you hear about people using old secure the old attack methods or vectors or so on, coming back, because people are now at home and no longer behind a very secure environment in their office or in the data center, people had to maybe move things that they never thought they would call center operations. That was by definition, you showed up to the call center for certain organizations and moved it out. And they may have not been ready to move those applications so on, so they had to address the security of it. I think that's exactly it, which is now some of the reaction we had to have for just staying in business. We used kind of very older, or, we increased what we know about security about remote access by increasing VPN capacity for the organization or, or those type of methodologies. Now people are looking at what happened to our topology to our architecture, where are people and machines coming in to execute their work over the network? Where are the applications residing? What have we moved to the cloud because we had to know flex for capacity and speed and maybe localize and move it into regions and so on. I don't think it was about cost saving, as you think it was about business agility, especially in this phase. I actually think that at the end of the day, the big benefit from cloud is business agility. Cost has to come with it, we cannot sacrifice costs and everything we do. And we look at overall how we use cloud technologies and other technologies and make sure that the cost fits into what our business demands from a cost structure but it is about business agility. Now, it's also about security agility. So people are building, you know methods and capabilities to match the business agility with security and security was, at least for me, for instance, as as a CIO, security was a bottleneck. So when business demanded the Agile development, you know iterations, sprints, deliver functionality in weeks, and, you know keep pouring it into the environment. One of the inhibitors was security, right, we weren't ready for it, we weren't ready to release it. So we had to find a way to adopt it. And then came in companies like AWS, saying, we built some of that security built into the platform. And companies like checkpoint saying we have cloud security that moves at cloud speed and allows you to integrate into your CICD, environmental or, or processes and allows you to match the speed of the business with the speed of security. >> Yeah, that's great. I mean, again, I agree with you, 100%, it's all about agility, and speed of business. And being able to move faster just always surprises me how people how many people are still kind of stuck on the cost saving piece. And then the other thing, of course, which you're super aware of, if you've ever been to one of kind of the technical keynotes at AWS re:invent the amount of investment that they can make an infrastructure including security, in just, just completely over overshadows anything in an individual company can invest just in terms of the resources and then somebody like you guys can leverage on top of not only using the the massive Amazon, kind of core investments in security at the infrastructure layer, but then all the stuff that you guys can do in terms of securing the enterprise and helping make sure that the right people have access to the right information at the right time, but not a lot more than that. I wonder if you can talk about a new kind of zero trust in some of the evolution within security in terms of the posturing, and how you kind of make assumptions, as we said, it's no longer like a wall anymore, it's no longer talking about having these physical borders, or even logical borders, but it's really about access and breaking down access even to the person in the application and the data etc. >> Yeah, I think you asked specifically about zero trust, and I think that we want to move, maybe want to keep that the the theme here around the application security, I'll get to zero trust at the end. You know, so one of the things that that definitely is thematic, or what we see happening is, in the evolution in the maturity curve of adopting the cloud, the initial adoption was, maybe some lift shift from organizations and the IaaS layer was a big player. But the PaaS layers of the cloud are where all the interesting things happen, where all the exciting services, all the innovation coming from organizations like AWS, all the enablers for a business agility, and capabilities are coming from there. And when you start developing your applications for that PaaS layer, we start leveraging the services, the type of security changes, so you're no longer looking at network security, or maybe northeast, east west, north south, east west type of security on your network, you're now looking at security API's and securing the backplane of the cloud, from those services that they give you, you know you get to encrypt your buckets, you got to make sure your security groups are correct, you want to make sure your serverless functions are not executing anything malicious in them or, or talking to IP addresses, they shouldn't be. Same with your container, you want to make sure that your container code is scanned properly, you didn't download anything in there that's malicious. And obviously, have runtime security, both to make sure you're compliant from a posture perspective, you make compliance may require you to be PCI compliant one of those. So the elevation in which you execute to security changed from the from the stack from a kind of a traditional stack, requires different capabilities and between what AWS has built into the platform and what checkpoint puts together in cloud guard. This is big, the big target, then we get into, okay, so how do you access all these great things that we just built? Right? So we built these, this great application? It's sitting on AWS, it's using some of the great services there. How do you how do you get to it? Who gets to it? How do you get to it? This is where some of these, sassy and zero trusts come in. Because what happened is, you used to come into a lot of enterprise applications from the data center, then we moved some web apps, and you came over the web into the application. So we have some web firewalls and security for that. Now you're getting into every application from the edge of the network, because we are all at home, or we are we used to be traveling but a lot more of us are now at home coming over the edge of the network, we're adding IoT devices coming on via generic and so on, there's a lot more volume coming at you. And you get to find different ways than just VPN authentication of the traffic into so we are coming into the age of having to identify who's coming at the application at the capability at any given time. And that's where you come into the framework of zero trust, I, every time you come in, I'm going to authenticate that is you. And there's different methodologies in there. For instance, one of the things that we just added to our portfolio is the ability to put an agent, let's say in your around your AWS application, and allow remote access with no VPN to your enterprise app aah to an acquisition company we call odo without having to put a VPN so the administrator defines what applications are connected to the connector. They define who's the users that are allowed and authenticate them based on the authentication framework, let's say Octo, something like that, and allows them to come in and that that those are the type of capabilities you need in these new frameworks. So, how do you get to these great applications we're building? >> Right, right. And you touched on something really interesting, right, which is, which is the complexity is only going up? As you mentioned edge you mentioned a little bit of IoT, right, so as 5G comes on board, as IoT gets increasing amounts of traction. All these applications are API based there's all types of information flying back and forth, so I wonder if you can share kind of your guys thoughts on, applied machine learning and artificial intelligence to help, you know kind of get through all the all the signal or excuse me all the noise, find the signal, and really, you know bring more automation to help the security experts in the security systems be more effective at their jobs. >> Yeah, so I think a lot of what we talked about, until now was protecting establishing a new perimeter, there's not really a perimeter, right because we talked about the perimeter has grown and it's fuzzy and it's at scale that really doesn't allow you to say I have it for an undersea up to authentic everybody. But like you said, with that speed, and scale, came a lot of data, you got a lot of logs running in there, you're like got a lot of events, you got a lot of things that you can look into. And by looking into them, you can start with machine learning and those type of AI methodologies start looking both to identify things before they happen, or inform organizations and inform about things that are already happened and they're in and potentially remediate them. At checkpoint, for instance, we have something called the threat, the threat cloud, we collect these events from every gateway, every appliance, every virtual appliance, every type of security agent that we have around the world, into the flex cloud that processes and I'm going to throw a number there, that's the closer about 80 billion a day transactions. >> 80 billion with B >> Yeah, and that allows us to, to process to apply machine learning and AI algorithms to find threat, and then inform all these great checkpoint security agents out there of new threats and prevent those threats from ever happening in the in the environment. Right? If you're operating on a on an AWS environment, there's a lot of blood flows happening in your environment, there's a lot of things to collect and look at, right. So in cloud guard, we offer something called logic log.ic, which allows you to harvest those logs, we enrich them and then we allow threat hunting inside those environment, right. So those types of capabilities are definitely kind of the future of advanced security, right. So beyond just establishing, it's like, you establish your security around what you do. And then you have your intelligence unit starting to identify what signals are out there allowing you to both prevent security breaches or any type of threats, but also remediate anything, any, you find the traces of things that happened and remediate them. >> Right, right. Well, there is that's, that's a great illustration of, kind of baking security into the multiple steps of the process and all the steps of the process. That's not just a bolt on anymore. It's got to be, part of everything you do and baked into everything you do. I still, I still wonder how certain companies that that are run by having people click on links that they're not familiar with still happen today. But I guess, I guess they still do. So as I give you the final word, again, you've been in this space for a long time, as we kind of turned to turn the page on 2020. What are some of your priorities we are you excited about for 2021? >> I think the most exciting things for us in cloud security in 2021 is we're releasing more capabilities into into the environment, we're in the maturity curve, of protecting, your network in the cloud, and then protecting your posture in the cloud. We're moving very strongly into predicting your runtime and applications in the cloud, your API's, and working with organizations through that maturity curve and getting them up to all the way up to threat hunting capabilities. And I think that'll be exciting because I hear from customers that they need to move quickly through that maturity curve of cloud security as they have accelerated and continue there to accelerate their move to the cloud. >> Well, that's great. Well, I think, no shortage of job security in the cloud security space. So I'm sure it will be a busy year. Well, it was thanks for sharing your insight. Really appreciate the time and it was great catching up. >> Thank you, Jeff, for your time today. And it was great talking to you. >> Absolutely. All right. Well, he's Erez I'm Jeff. You're watching the cubes, continuous coverage of AWS re:invent 2020 Thanks for watching. I'll see you next time. (upbeat music)

>> Announcer: Live from Las Vegas, it's theCUBE, covering InterConnect 2017. Brought to you by IBM. >> Hey, welcome back, everyone. Here live at the Mandalay Bay in Las Vegas for theCUBE's three-day exclusive coverage of IBM InterConnect 2017. I'm John Furrier. My co-host, Dave Vellante. Our next guest here is Greg Pepper, head of cloud security architects at Check Point Software Technologies. >> You got it. Good afternoon, gentlemen. >> Welcome, welcome to theCUBE. So, security obviously is big. You're seeing compel all the networks, every company out there is buying security, so there's been a security sprawl. But now you guys have a stock that's trading at a very high, 52-week high. Congratulations. >> Yeah, thank you. You know, some people forget about us. We've been doing this for 24 years, we've been the leaders in this industry for over two decades, but sometimes, we're the best kept secret in the industry. >> Unleash some of those secrets here. I know you guys probably can't go into too much secret sauce as a public company, but what's the software secret? Obviously, relationship with IBM is part of why you're here, but what's the Check Point secret sauce right now? >> I think first and foremost, we've built upon a legacy for the last 20 years. We didn't just acquire technology through acquisition, duct tape and paper clips and call it an architecture for our customers. We've built upon a consistent common platform building on our core strengths. I think the second thing that really differentiates us from some of the other guys you mentioned is our commitment and focus to security first. We are a security company end to end, and everything we do is built off of those tenets. And especially with the growth in security in the data center, its migration to cloud, the industry has kind of come back around to software, and though for a while we delivered hardware appliance to customers, 'cause it was the preferred consumption model, when customers go to the cloud, whether it's SoftLayer, Azure, Amazon, Google, and others, we don't have hardware to bring with you, so you need a software defined security strategy to play in the cloud today. >> What is that software defined security strategy? What's the hottest product that you guys have that's working best? >> Everything we have built on our core competencies of management and the gateways themselves. But these days, it's not enough to just be a firewall vendor, so advanced threat prevention, the ability to both prevent and detect malware from getting on the network, rather than just alerting you that something bad happened. We're providing additional access controls with data awareness. I don't need to plug into the network to tell you people are going to YouTube, Netflix, but what's the information about your organization that's being posted out there? Those are the interesting things that we can help differentiate and alert customers to what's going on. >> So, the perimeter's, with the cloud, all these APIs, microservices coming down the pike with cloud, that's the challenge. I mean, this whole idea of being data and software focused. How do you guys play in that world, and what's this focus there? >> The biggest change is moving away from the traditional management architecture to one that's driven by code. These days especially in the cloud to be agile with dev-ops, you have to have security be able to be deployed, programmed, managed, and monitored all through an API, and this is something over the last few years we've enhanced our products to enable automatic deployment in the cloud providers, automatic management, and also integration with people like IBM QRadar in a highly automated way. >> The big discussion in the last couple years in security has been, hey, it's not enough just to dig a moat around the castle. The queen wants to leave her castle, so we've got to, security's got to be everywhere, it's got to follow the data, and also response is another major focus of discussion, we've got to shift spending there. How has that impacted, first of all, you buy that, second of all, how has that impacted your business and your strategy? >> We definitely do agree, which is why as part of our end to end security strategy, the laptops, the desktops, the mobile devices is an area of increased focus for us. Where really just having the traditional perimeter alone is not adequate. The second thing we started to talk about is the ability to move into the cloud. A lot of the competitive solutions out there don't play as well in the cloud because they're dependent on proprietary hardware. If you're a vendor that has custom ASICs, well, you don't have those ASICs when you go to the cloud. Whereas for us, our software defined security strategy, when we go to Amazon, Azure, SoftLayer, and other cloud providers, 100% of our core capabilities moves along with us. >> Talk that through the value proposition and the customer impact. So, it's more flexibility. Is it lower cost, is it speed, is it better response? >> I believe the primary driver for cloud adoption is agility, not always cost savings, although in some cases that is the case. However, the ability to grow and shrink on demand. In the past, our traditional enterprise customers would consume technology for their max resources. If I'm a large department store, I need to be able to handle Black Friday. Well, that's one week a year that you need that peak utilization. That ability to scale up and scale down is one of the major things driving people to the cloud. Well, security has to have the same model. We have to be able to automatically deploy, scale up for those large-scale events, but then also come back down to an average run-time use to help customers save money. >> How about analytics? How does that play into the security business? >> Yeah, I mean look, the whole reason we exist is to give interesting information for technology to be able to chew on, and the ability to provide the forensic auditing accounting for access controls and for our threat prevention, whether it's on the perimeter, in the cloud, in the core, on mobile and end-point devices, there's a reason after 20 years we've been the lead in the industry is 'cause we provide the best forensics data and integration with all the major leading SIM vendors out there. >> Yeah, the 20-year stair with Check Point. Obviously, the company's evolved a lot since then. Talk about the relationship with IBM, obviously we're here at IBM InterConnect, what are you guys doing with IBM? >> IBM's one of our best partners for over the last two decades. For over 18 years now, they've been a customer, a reseller, and a managed services security partner, so there's multiple organization within IBM that have relationship with Check Point to help secure the corporate assets, customer projects in our managed data centers, or even just purely security managed services. One of the exciting projects that we've been working on that was demonstrated at the security booth was an automated security deployment for the hybrid cloud, where the IBM team worked with us to help take security, automatically roll it out into Amazon and Azure, but also bring it into their MSS environment, their managed security services with zero touch, and they're able to provision, have it managed, monitored, and ready to rock and roll in less than 30 seconds. >> And they were doing that all in software? >> Greg: 100% in software, 100% in code with no human intervention. >> So take us through some of those use cases going forward. As you go talk to customers with IBM or on your own, you write on a lot of white board, I can imagine, so what are some of the white board conversations you're having, 'cause security architecture's one of these, kind of a moving train right now. What are some of the patterns you're seeing right now? >> First and foremost, there's a lot of cloud novice, this is new for all of us. So in the walk-jog-run mentality, we all need to come up with the basic terminology and fundamentals so we can have a more advanced conversation. Once we provide the basic knowledge transfer, the second step is how can you help me lift this legacy application and move it to a cloud-centric application, yet still give me the same levels of security and visibility, 'cause I can't go to the board and tell 'em, "Oh, we screwed up. "We moved to the cloud, and now our apps are not secure." As a matter of fact, for our largest customers, the most critical applications will not move to the cloud unless they have a clearly defined security strategy in place. >> So you lay out those parameters up front, then you kind of walk through it, I'd say crawl, walk, run, then jog. >> Greg: Absolutely. >> However you had it, but I mean, lot of people are kind of crawling, but now also, multi-cloud's a big theme here. So now, you're looking at multiple clouds, and some workloads might make sense for cloud one, two, or three depending on the workloads, but some stay on prem. >> 100%. >> And now you got the true private cloud trend where I'm going to have a cloud-like environment on prem. That's cool, development environment looks the same as the cloud, but I got multiple clouds. How do you guys deal with the multi-cloud and this idea of being consistent on prem and on cloud? >> First and foremost, being a software defined gateway, we have this unique capabilities that's the same on premise, Amazon, Azure, Google, SoftLayer, and others as well. Since we're not dependent upon hardware, we have consistent capabilities across all the clouds. The second thing I want to add is from a management perspective, we've built, excuse me, tight integrations with all the data center and cloud providers, so we're able to trust Amazon, VMware, Cisco, OpenStack, Google, and others and real-time integrate their applications and objects and metadata into our security policies, further tightening the integration and automation capabilities between those cloud providers. >> So, you're actively working with all the clouds to integrate in tightly to manage the security. You become the Switzerland for-- >> Look, we were the first of the major security vendors to both be in Amazon and Azure. We were the first achieve Amazon security competency. We were the first to support basic things like clustering and scale set support, which has been a very common deployment in the cloud as well. We've been in this cloud game for the last seven or eight years now, or as I like to joke, we've cloud up-times longer than some of my competitors have been in business. >> Microsoft was actually down on the cloud. We published a report today on siliconangle.com. Three cloud vendors down in a week. I'll give Amazon a little week there, but it's still, you're still going to see some these bumps in the road, but security, you can't have bumps, you got to be rock solid. >> The thing with today in cloud, whether it's the application, the servers, the storage and securities, you have to anticipate for that total failure situation. Heaven forbid, what happens if an east region went down? Case in point, when Amazon had their storage outage, Netflix was not interrupted at all. Now, other organizations that were only deployed in a single region, we were impacted. This is where, I think from an application architecture, one, we have to think beyond single region, single cloud provider. We have to anticipate the total catastrophic failure and how does our business continuity and disaster recovery work. And then, security has to be an integral portion of that. We can't bolt it on after the fact, it's got to be part of the foundation. >> Greg, great point. And by having software, gives you so much flexibility, I love that hybrid cloud example, but I want to get your thoughts on what you said earlier about lift and shift. That seems to be the parlance of the generation. It used to be rip and replace on the enterprise side, but that's not as easy as it is. To your point, you can't just throw it to the cloud, you might have some gaps. As people look to lift and shift, which I always say is be careful, you got to have some concerns. How do you advise your customers when you say, "Hey, we're lifting and shifting to the cloud." >> For those people, I say don't bother. Right, if I'm going to move the same applications and same products and processes from my private data center to the cloud, why bother? If we're not taking advantage of the agility, elasticity, automation, and all the benefits that clouds has to offer, companies should be building new cloud-ready applications for the cloud. We should not just be lifting our legacy applications and like for like moving them to the cloud, 'cause we're not going to get the benefit in return on investment. >> And it's risky, too, by the way. I would agree with you. So, net new applications, no brainer. If the cloud's available, why not? >> Absolutely. >> Let's go back to the workload. Some clouds have better, like analytics use case is a great cloud, just throw IOT data into Amazon or Azure or Office 365 is Azure, and Amazon gets Kinesis, good stuff, and you've got Bluemix over here. You're starting to see that swim lanes of the different vendors. How do you view the differentiation between the vendors, and how do you advise customers? "Hey Greg, I don't know which cloud to go to. "What's your advice?" >> First and foremost, there's pros and cons to everyone's offering. >> It's kind of like Red Sox, Yankees, you know. It's like trying to-- >> Well, let's stop right there, Yankees for sure. >> Dave: You think? >> Absolutely. >> Dave: You really think? >> Well, maybe not in 2017, but-- >> Who's the Yankees, Microsoft or AWS? >> Microsoft probably the Yankees right now. Then again, from my perspective as a Red Sox fan, I'd say it's a tough call. >> (muttering) is the Yankee-killer. Anywhere, let's... >> Alright, go back. >> We digress. >> What I was I going to make a comment of is look for the adjunct services behind the basics, beyond the basic storage, compute and networking services that everybody has as kind of table stakes. For example, if you're someone who's a very heavy Microsoft Office 365 SharePoint user, you're using their business application suite, well, probably migration to Azure is a more natural transition, right. People who are similarly in the Google environment and using the Google suite of applications, it's a benefit to moving the applications there. And to be honest, people who are purely just into the raw compute horsepower and probably the most mature and largest cloud platform, well, Amazon has probably got a five-year head start on the rest of the guys. So, we try not to sit here and determine which of the three clouds is better, 'cause for us, we play in all of them, and our security footprint has to be consistent across all of them. I'll share with you an anecdotal use case from one of my retail customers is building a commerce platform in AWS. But all the corporate applications are moving to Azure, and separately now, they're looking at Google for other global applications as well. So for them, they're going to be in all three cloud providers, just with different applications finding more natural homes. >> Justin Youngblood was just on. He said, the IBM data said 70% of all organizations, or 70% of the organizations have three or more clouds, infrastructure clouds, right. >> I would believe that. >> Back to the security, I mean, the market's booming. In a way, it's unfortunate that the market's booming is 'cause it's such a huge problem that doesn't end. It's great for you. Each year, we look back at last year and say, okay, we feel more secure, and we don't. So, what's happening in the market? Are we finally going to get a handle on sort of how to deal with this, or is it just always going to be this good guy, bad guy, leap-frogging sort of endless loop? >> The big change these days are the bad guys are pros. This is their full-time job, they're very well funded, trained, and able. >> Dave: And they only have to succeed once. >> And remember, the cost of defense is exponentially higher than the cost of offense. So what it costs my banks and hospitals to secure their environment is 10 to 100-fold over what it costs the bad guys, either in the U.S. or some other nation-state, to attack those environments. I think the biggest challenge that most of our customers face, to be honest, is technology saturation. They've bought every product known to mankind. As I like to joke, for every threat, there's an app for that, and most of our customers have bought all three of them. But then they struggle operationally with the technology, and this is more of a people and a process issue than it is a product issue. There's a lot of great technology out there, ours and other vendors as well, but if it's not implemented and maintained properly, those potentially represent the weakest links. >> And there's new threats emerging, ransomware, for instance, is to your point they're overmanned, and the cost to even compare, or defend against that, but they're already hacked. They'll pay the ransom in bit coin to get their stuff back. >> And look, it's cheaper, quicker, and faster to maybe just whack the system and try and do some forensics clean-up than deploy a next generation end-point to try and detect and mitigate against ransomware, disk encryption, or other bots that may get on the end-points themselves. >> But I almost feel like the mitigation, I mean, you've got to have perimeter security, obviously, and continue to invest in that, but I feel like you're never going to stop somebody from penetrating your organization. What's the status on average, the company's penetrated for 200 and whatever end days before they know? 220, 250, whatever number you want. There's got to be more investment in remediating, responding, managing that complexity. And so, I guess the answer to my earlier question was, well, not any time soon. We're going to have to continue to invest in new approaches, new methodologies to deal with this inundation of data, which isn't going to subside. >> Well, but part of it too is in the past, most of the security controls that companies invested in, they put at the perimeter. So, they're overprotecting on the perimeter, but now, the attacks are coming in through the side door. Spearfishing attempts >> Dave: Or internally. >> They're coming in from laptops or mobile devices that leave the organization and come back in, and since most customers lack internal segmentation, a very small infection becomes a very big problem very quickly. So, a lot of customers now are trying to figure out how do I take what I've done in the perimeter and treat my data center, my campus as untrusted, segment and silo and create smaller fault-isolation domains so that heaven forbid there is a breach or an outbreak, it's contained to a smaller subzone, rather than, look at the Target situation, which came in from an HVAC vendor, moved into a payment system, and then exfiltrated millions of credit card records. >> And, or, and not or, but, and techniques to allow the response to focus on the things that matter, and like you said, organizations, CCOS, are inundated with technology, and they don't know necessarily which threats to go deal with. They've got so much data, and to the extent that they can narrow down those high value threats, that's going to help solve the problem. That's why I was asking the question about analytics before. >> That's where I think the partnership with IBM is so important for us, right, 'cause both what they do with Watson and big data analytics and QRadar as well, it's one thing to just create a bunch of alerts, but for most customers, that's a lot of noise. Give me the interesting bits of information. I don't care about these 10 million alerts over the last week. What are the most critical things that my team needs to address right now? And those are the things that collectively IBM and Check Point help. >> How about the competitive landscape? And you guys are kickin' butt, you're well over a billion, what, $1.7 billion company, roughly? >> A little more, but yeah. >> A little more than that, almost a $20 billion market cap, which you said earlier, John, stocks almost at an all-time high, so obviously compete with Palo Alto. Do you compete with HPE, with ArcSight a little bit? I mean, that acquistion, they sort of, that's-- >> They jettisoned some of their core products that were competitive, like TippingPoint. They've kept some of their ArcSight and other big data analytics, the drive service and storage and services out there. But they're as much a partner as they are a competitor. >> Dave: They are? Okay. >> I mean, I would say the usual competitive suspects, some of the guys you mentioned, some of the big route switch vendors like a Cisco or a Juniper out there. Actually, we're in the end-point mobile space as well, which brings in the Symantec and McAfee and Kaspersky. >> And so, right, okay, so what's your big differentiation? >> I think first and foremost is that we have an enterprise management solution that goes from the mobile to the end-point to the cloud to the network. We do it all through a singular console. We have the most scalable security platform in the marketplace today, and to be honest, we have the best security solution out there, both in terms of the effectiveness as well as the manageability. >> Dave: And you're profitable and you're growing. I'm going to throw that in. >> Greg: We've been profitable since day one. >> Greg, thanks for coming onto theCUBE. We really appreciate, give you the final word on the segment as the outlook going forward. Obviously, all the cloud vendors, you work with them all, all trying to be enterprise-ready. >> Yes. >> And they're all, we're the enterprise cloud. Amazon's now the enterprise cloud, Google was flaunting it at Google Next, they got some work to do. IBM certainly is in the enterprise, Oracle's in the enterprise, Microsoft's in the enterprise. Enterprise readiness and the next few years as security evolves, what are the key table stakes that the cloud guys need to continue to work on, continue to invest in, continue to innovate? >> I think the first thing, and this is across all technology, not just cloud, is that interoperability is the new best of breed. All of our customers are going to have a couple of trusted partners. No one enterprise is single-vendor end to end. But we have to be able to play nicely in the sandox. So, whether it's working with Cisco or McAfee or Microsoft or Symantec, if I don't work well with the other investments my companies and customers have invested in, they're not going to have me around for very long. >> And that's the truth. And multi-cloud, and workloads will fit best, 'cause the SaaS also defines some of these big cloud vendors as well. Microsoft SaaS is Office 365, if you have Microsoft, that's going to be some things for ya. Greg, thanks so much, appreciate it. Great commentary with Check Point Software Technologies, talking security, head of architecture here. Greg Pepper, thanks for joining us. This is theCUBE, more live coverage here, day three coverage from theCUBE after this short break. (electronic keyboard music)

>> Presenter: theCUBE presents Ignite '22, brought to you by Palo Alto Networks. >> Hey guys and girls. Welcome back to theCube's live coverage at Palo Alto Ignite '22. We're live at the MGM Grand Hotel in beautiful Las Vegas. Lisa Martin here with Dave Vellante. This is day one of our coverage. We've been talking with execs from Palo Alto, Partners, but one of our most exciting things is talking with Founders day. We get to do that next. >> The thing is, it's like I wrote this weekend in my breaking analysis. Understanding the problem in cybersecurity is really easy, but figuring out how to fix it ain't so much. >> It definitely isn't. >> So I'm excited to have Nir here. >> Very excited. Nir Zuk joins us, the founder and CTO of Palo Alto Networks. Welcome, Nir. Great to have you on the program. >> Thank you. >> So Palo Alto Networks, you founded it back in 2005. It's hard to believe that's been 18 years, almost. You did something different, which I want to get into. But tell us, what was it back then? Why did you found this company? >> I thought the world needed another cybersecurity company. I thought it's because there were so many cybersecurity vendors in the world, and just didn't make any sense. This industry has evolved in a very weird way, where every time there was a new challenge, rather than existing vendors dealing with a challenge, you had new vendors dealing with it, and I thought I could put a stop to it, and I think I did. >> You did something differently back in 2005, looking at where you are now, the leader, what was different in your mind back then? >> Yeah. When you found a new company, you have really two good options. There's also a bad option, but we'll skip that. You can either disrupt an existing market, or you can create a new market. So first, I decided to disrupt an existing market, go into an existing market first, network security, then cyber security, and change it. Change the way it works. And like I said, the challenges that every problem had a new vendor, and nobody just stepped back and said, "I think I can solve it with the platform." Meaning, I think I can spend some time not solving a specific problem, but building a platform that then can be used to solve many different problems. And that's what I've done, and that's what Palo Alto Networks has done, and that's where we are today. >> So you look back, you call it now, I think you call it a next gen firewall, but nothing in 2005, can it be next gen? Do you know the Silicon Valley Show? Do you know the show Silicon Valley? >> Oh! Yeah. >> Yeah, of course. >> You got to have a box. But it was a different kind of box- >> Actually. >> Explain that. >> Actually, it's exactly the same thing. You got to have a box. So I actually wanted to call it a necessary evil. Marketing wouldn't go for that. >> No. >> And the reason I wanted to call it a necessary evil, because one of the things that we've done in order to platform our cyber security, again, first network security now, also cloud security, and security operations, is to turn it into a SaaS delivered industry. Today every cyber security professional knows that, when they buy cyber security, they buy usually a SaaS delivered service. Back then, people thought I was crazy to think that customers are going to send their data to their vendor in order to process, and they wanted everything on premise and so on, but I said, "No, customers are going to send information to us for processing, because we have much more processing power than they have." And we needed something in the infrastructure to send us the information. So that's why I wanted to call it the necessary evil. We ended up calling it next generation firewall, which was probably a better term. >> Well, even Veritas. Remember Veritas? They had the no hardware agenda. Even they have a box. So it is like you say, you got to have it. >> It's necessary. >> Okay. You did this, you started this on your own cloud, kind of like Salesforce, ServiceNow. >> Correct. >> Similar now- >> Build your own data centers. >> Build your own data center. Okay, I call it a cloud, but no. >> No, it's the same. There's no cloud, it's just someone else's computer. >> According to Larry Ellison, he was actually probably right about that. But over time, you've had this closer partnership with the public clouds. >> Correct. >> What does that bring you and your customers, and how hard was that to navigate? >> It wasn't that hard for us, because we didn't have that many services. Usually it's harder. Of course, we didn't do a lift and shift, which is their own thing to do with the cloud. We rebuild things for the cloud, and the benefits, of course, are time to market, scale, agility, and in some cases also, cost. >> Yeah, some cases. >> In some cases. >> So you have a sort of a hybrid model today. You still run your own data centers, do you not? >> Very few. >> Really? >> There are very, very few things that we have to do on hardware, like simulating malware and things that cannot be done in a virtual machine, which is pretty much the only option you have in the cloud. They provide bare metal, but doesn't serve our needs. I think that we don't view cloud, and your viewers should not be viewing cloud, as a place where they're going to save money. It's a place where they're going to make money. >> I like that. >> You make much more money, because you're more agile. >> And that's why this conversation is all about, your cost of goods sold they're going to be so high, you're going to have to come back to your own data centers. That's not on your mind right now. What's on your mind is advancing the unit, right? >> Look, my own data center would limit me in scale, would limit my agility. If you want to build something new, you don't have all the PaaS services, the platform as a service, services like database, and AI, and so on. I have to build them myself. It takes time. So yeah, it's going to be cheaper, but I'm not going to be delivering the same thing. So my revenues will be much lower. >> Less top line. What can humans do better than machines? You were talking about your keynote... I'm just going to chat a little bit. You were talking about your keynote. Basically, if you guys didn't see the keynote, that AI is going to run every soc within five years, that was a great prediction that you made. >> Correct. >> And they're going to do things that you can't do today, and then in the future, they're going to do things that you can't... Better than you can do. >> And you just have to be comfortable with that. >> So what do you think humans can do today and in the future better than machines? >> Look, humans can always do better than machines. The human mind can do things that machines cannot do. We are conscious, I don't think machines will be conscious. And you can do things... My point was not that machines can do things that humans cannot do. They can just do it better. The things that humans do today, machines can do better, once machines do that, humans will be free to do things that they don't do today, that machines cannot do. >> Like what? >> Like finding the most difficult, most covert attacks, dealing with the most difficult incidents, things that machines just can't do. Just that today, humans are consumed by finding attacks that machines can find, by dealing with incidents that machines can deal with. It's a waste of time. We leave it to the machines and go and focus on the most difficult problems, and then have the machines learn from you, so that next time or a hundred or a thousand times from now, they can do it themselves, and you focus on the even more difficult. >> Yeah, just like after 9/11, they said that we lack the creativity. That's what humans have, that machines don't, at least today. >> Machines don't. Yeah, look, every airplane has two pilots, even though airplanes have been flying themselves for 30 years now, why do you have two pilots, to do the things that machines cannot do? Like land on the Hudson, right? You always need humans to do the things that machines cannot do. But to leave the things that machines can do to the machines, they'll do it better. >> And autonomous vehicles need breaks. (indistinct) >> In your customer conversations, are customers really grappling with that, are they going, "Yeah, you're right?" >> It depends. It's hard for customers to let go of old habits. First, the habit of buying a hundred different solutions from a hundred different vendors, and you know what? Why would I trust one vendor to do everything, put all my eggs in the same basket? They have all kind of slogans as to why not to do that, even though it's been proven again and again that, doing everything in one system with one brain, versus a hundred systems with a hundred brains, work much better. So that's one thing. The second thing is, we always have the same issue that we've had, I think, since the industrial revolution, of what machines are going to take away my job. No, they're just going to make your job better. So I think that some of our customers are also grappling with that, like, "What do I do if the machines take over?" And of course, like we've said, the machines aren't taking over. They're going to do the benign work, you're going to do the interesting work. You should embrace it. >> When I think about your history as a technology pro, from Check Point, a couple of startups, one of the things that always frustrated you, is when when a larger company bought you out, you ended up getting sucked into the bureaucratic vortex. How do you avoid that at Palo Alto Networks? >> So first, you mean when we acquire company? >> Yes. >> The first thing is that, when we acquire companies, we always acquire for integration. Meaning, we don't just buy something and then leave it on the side, and try to sell it here and there. We integrate it into the core of our products. So that's very important, so that the technology lives, thrives and continues to grow as part of our bigger platform. And I think that the second thing that is very important, from past experience what we've learned, is to put the people that we acquire in key positions. Meaning, you don't buy a company and then put the leader of that company five levels below the CEO. You always put them in very senior positions. Almost always, we have the leaders of the companies that we acquire, be two levels below the CEO, so very senior in the company, so they can influence and make changes. >> So two questions related to that. One is, as you grow your team, can you be both integrated? And second part of the question, can you be both integrated and best of breed? Second part of the question is, do you even have to be? >> So I'll answer it in the third way, which is, I don't think you can be best of breed without being integrated in cybersecurity. And the reason is, again, this split brain that I've mentioned twice. When you have different products do a part of cybersecurity and they don't talk to each other, and they don't share a single brain, you always compromise. You start looking for things the wrong way. I can be a little bit technical here, but please. Take the example of, traditionally you would buy an IDS/IPS, separately from your filtering, separately from DNS security. One of the most important things we do in network security is to find combining control connections. Combining control connections where the adversaries controlling something behind your firewall and is now going around your network, is usually the key heel of the attack. That's why attacks like ransomware, that don't have a commanding control connection, are so difficult to deal with, by the way. So commanding control connections are a key seal of the attacks, and there are three different technologies that deal with it. Neural filtering for neural based commanding control, DNS security for DNS based commanding control, and IDS/IPS for general commanding control. If those are three different products, they'll be doing the wrong things. The oral filter will try to find things that it's not really good at, that the IPS really need to find, and the DN... It doesn't work. It works much better when it's one product doing everything. So I think the choice is not between best of breed and integrated. I think the only choice is integrated, because that's the only way to be best of breed. >> And behind that technology is some kind of realtime data store, I'll call it data lake, database. >> Yeah. >> Whatever. >> It's all driven by the same data. All the URLs, all the domain graph. Everything goes to one big data lake. We collect about... I think we collect about, a few petabytes per day. I don't write the exact number of data. It's all going to the same data lake, and all the intelligence is driven by that. >> So you mentioned in a cheeky comment about, why you founded the company, there weren't enough cybersecurity companies. >> Yeah. >> Clearly the term expansion strategy that Palo Alto Networks has done has been very successful. You've been, as you talked about, very focused on integration, not just from the technology perspective, but from the people perspective as well. >> Correct. >> So why are there still so many cybersecurity companies, and what are you thinking Palo Alto Networks can do to change that? >> So first, I think that there are a lot of cybersecurity companies out there, because there's a lot of money going into cybersecurity. If you look at the number of companies that have been really successful, it's a very small percentage of those cybersecurity companies. And also look, we're not going to be responsible for all the innovation in cybersecurity. We need other people to innovate. It's also... Look, always the question is, "Do you buy something or do you build it yourself?" Now we think we're the smartest people in the world. Of course, we can build everything, but it's not always true that we can build everything. Know that we're the smartest people in the world, for sure. You see, when you are a startup, you live and die by the thing that you build. Meaning if it's good, it works. If it's not good, you die. You run out of money, you shut down, and you just lost four years of your life to this, at least. >> At least. >> When you're a large company, yeah, I can go and find a hundred engineers and hire them. And especially nowadays, it becomes easier, as it became easier, and give them money, and have them go and build the same thing that the startup is building, but they're part of a bigger company, and they'll have more coffee breaks, and they'll be less incentive to go and do that, because the company will survive with or without them. So that's why startups can do things much better, sometimes than larger companies. We can do things better than startups, when it comes to being data driven because we have the data, and nobody can compete against the amount of data that we have. So we have a good combination of finding the right startups that have already built something, already proven that it works with some customers, and of course, building a lot of things internally that we cannot do outside. >> I heard you say in one of the, I dunno, dozens of videos I've listened to you talked to. The industry doesn't need or doesn't want another IoT stovepipe. Okay, I agree. So you got on-prem, AWS, Azure, Google, maybe Alibaba, IoT is going to be all over the place. So can you build, I call it the security super cloud, in other words, a consistent experience with the same policies and edicts across all my estates, irrespective of physical location? Is that technically feasible? Is it what you are trying to do? >> Certainly, what we're trying to do with Prisma Cloud, with our cloud security product, it works across all the clouds that you mentioned, and Oracle as well. It's almost entirely possible. >> Almost. >> Almost. Well, the things that... What you do is you normalize the language that the different cloud scale providers use, into one language. This cloud calls it a S3, and so, AWS calls it S3, and (indistinct) calls it GCS, and so on. So you normalize their terminology, and then build policy using a common terminology that your customers have to get used to. Of course, there are things that are different between the different cloud providers that cannot be normalized, and there, it has to be cloud specific. >> In that instance. So is that, in part, your strategy, is to actually build that? >> Of course. >> And does that necessitate running on all the major clouds? >> Of course. It's not just part of our strategy, it's a major part of our strategy. >> Compulsory. >> Look, as a standalone vendor that is not a cloud provider, we have two advantages. The first one is we're security product, security focused. So we can do much better than them when it comes to security. If you are a AWS, GCP, Azure, and so on, you're not going to put your best people on security, you're going to put them on the core business that you have. So we can do much better. Hey, that's interesting. >> Well, that's not how they talk. >> I don't care how they talk. >> Now that's interesting. >> When something is 4% of your business, you're not going to put it... You're not going to put your best people there. It's just, why would you? You put your best people on 96%. >> That's not driving their revenue. >> Look, it's simple. It's not what we- >> With all due respect. With all due respect. >> So I think we do security much better than them, and they become the good enough, and we become the premium. But certainly, the second thing that give us an advantage and the right to be a standalone security provider, is that we're multicloud, private cloud and all the major cloud providers. >> But they also have a different role. I mean, your role is not the security, the Nitro card or the Graviton chip, or is it? >> They are responsible for securing up to the operating system. We secure everything. >> They do a pretty good job of that. >> No, they do, certainly they have to. If they get bridged at that level, it's not just that one customer is going to suffer, the entire customer base. They have to spend a lot of time and money on it, and frankly, that's where they put their best security people. Securing the infrastructure, not building some cloud security feature. >> Absolutely. >> So Palo Alto Networks is, as we wrap here, on track to nearly double its revenues to nearly seven billion in FY '23, just compared to 2020, you were quoted in the press by saying, "We will be the first $100 billion cyber company." What is next for Palo Alto to achieve that? >> Yeah, so it was Nikesh, our CEO and chairman, that was quoted saying that, "We will double to a hundred billion." I don't think he gave it a timeframe, but what it takes is to double the sales, right? We're at 50 billion market cap right now, so we need to double sales. But in reality, you mentioned that we're growing the turn by doing more and more cybersecurity functions, and taking away pieces. Still, we have a relatively small, even though we're the largest cybersecurity vendor in the world, we have a very low market share that shows you how fragmented the market is. I would also like to point out something that is less known. Part of what we do with AI, is really take the part of the cybersecurity industry, which are service oriented, and that's about 50% of the cybersecurity industry services, and turn it into products. I mean, not all of it. But a good portion of what's provided today by people, and tens of billions of dollars are spent on that, can be done with products. And being one of the very, very few vendors that do that, I think we have a huge opportunity at turning those tens of billions of dollars in human services to AI. >> It's always been a good business taking human labor and translating into R and D, vendor R and D. >> Especially- >> It never fails if you do it well. >> Especially in difficult times, difficult economical times like we are probably experiencing right now around the world. We, not we, but we the world. >> Right, right. Well, congratulations. Coming up on the 18th anniversary. Tremendous amount of success. >> Thank you. >> Great vision, clear vision, STEM expansion strategy, really well underway. We are definitely going to continue to keep our eyes. >> Big company, a hundred billion, that's market capital, so that's a big company. You said you didn't want to work for a big company unless you founded it, is that... >> Unless it acts like a small company. >> There's the caveat. We'll keep our eye on that. >> Thank you very much. >> It's such a pleasure having you on. >> Thank you. >> Same here, thank you. >> All right, for our guests and for Dave Vellante, I'm Lisa Martin. You're watching theCUBE, the leader in live emerging and enterprise tech coverage. (upbeat music)