(upbeat music) [Narrator] Live from Boston, Massachusetts, it's theCUBE, covering AWS re:Inforce 2019. Brought to you by Amazon Web Services and its ecosystem partners. >> Everyone, welcome back to the CUBE'S live coverage here in Boston for AWS re:Inforce, Amazon Web Service's inaugural event. I'm John Furrier, my co-host Dave Vellante, two days of wall to wall coverin'. Christian Beedgen is the CTO and co-founder of Sumo Logic. A couple we've covered on theCUBE many times as well as on our siliconANGLE.com. Great to see you thanks for coming out. >> Thanks for having me. >> Being the co-founder you've seen it, you guys are celebrating your tenth year. >> That's right. >> Congratulations. >> Thank you very much. >> theCUBE is now 10 years old this year too, >> Oh right on. >> So we're kind of in school together growing up. (laughing) >> Started right here. >> We're going to graduate together, right on. >> We'll go have a cocktail later maybe talk about some tech. I love talkin' tech. >> Yeah of course. >> Lets get into it. As the co-founder and CTO you've seen your journey. You guys have been doing great. You've seen the waves of big data. >> Yep. >> You've seen the evolution of cloud coming in. >> Yep. >> The infrastructures standing up more and more efficient, more effective. Game is changing, stakes are higher, what's your view of this industry right now? >> I think its on fire really, right? So, you know, on one level we have this, I think its fairly well known at this point that the data now today follows Moore's law right? So we have basically data grows you know, roughly two x year over year. That's exponential growth and that's pretty incredible, right? I think every business now knows or, you know, they either know or they act on it or they sort of know it at least, you know, subconsciously right? That they are essentially in a race to sort of optimize, their own business mostly based on data. >> In your opinion, Christian, what was the inflection point of the past few years? When did the data market really change for the highly accelerated we're seeing now because back in 2010 when you guys started when we started, we saw Hadoop just getting out of the blocks. >> Yep. >> People were standing up Hadoop clusters and being proud of it but then cloud came. Was there a point in time when you say, you know that was really the flash point where things started tipping over, or was cloud adoption or was it AI machines, was the machine learning? Where do you see that kick up on the growth of emphasis? >> So you know the Hadoop stuff basically came out of the ad optimization being you know businesses and that was like a small set of companies that really had to do that in order to basically compete with each other. And then we sort of got open source versions of that and then we'd got behind them after we'd do a small model and teaching people how to do that. I think in my mind I have sort of two things. One was you know, the whole of management space that I came out of and you know where I still am today coming out of, the security information of in management and you know a lot of management underneath. Semi-structure data, you know nasty data that doesn't fit into our relational data base. You know they are sort of-- and then lots and lots of that data as you put all the firewall data in there, we saw that back at dark side, where I spent a considerable amount of time. You know that becoming a problem that, like enterprise software that was kind of delivered, you know on a CD and then oh now go scale Oracle behind it, as in even data warehouses. That's kind of how I experience it. It just didn't really work very well, and we were kind of doing big data or trying to do big data. There were like various levels of success, right. We've already knowing about the term and then, you know, obviously, picked up on a new Windows type, so things and then, you know, but if you want to do big data or something like Hadoop, then you're suddenly running into having to run, you know, I don't know, a hundred instances. I'm already saying instances. A hundred boxes, 80 you know back then, or like maybe 500 boxes, and now you're running into all of the management, you know, challenges that distributed infrastructure brings. And in my mind, you know since you're like asking for an inflection point, I think Amazon EMR, you know, and my friends at Cloudera, they're not going to like me saying that because that's a long story but I think having something like Hadoop, put on an infrastructure as a service platform like Amazon and I think they did that fairly early on, right. I think it's still a great product. >> Cloud-scale's a lot faster, it emphasizes, it more, you can do more with it. >> Exactly. >> IoT comes around now you're connected, devices are coming in, natural place to just put that data lake as they now called it, and work with it. >> Exactly, exactly. So I think that's one inflection point and then the second one I think clearly was sort of the advancements especially around deep learning and so forth, right, where, you know, I think a lot of that, you know the deep mind stuff and so forth, where now along with the sort of exponential growth of data where there's also now much more sophisticated analysis that people want to run. I think that's another inflection point. >> Yeah, so 2010 you saw cloud and data coming together and obviously you guys saw the need to secure that. What are the challenges of securing these massively distributed systems? >> Oh, there's a number of challenges, but, you know, it starts with sort of this basic law that says that, you know, that, you know processing data creates more data. Right, and if you look what business systems do, they're basically, you know, just like really fancy pocket calculators at life scale, right, but it's all about processing data. That's what computing means, right. And then as you do that it actually turns out that you create more data, which is all the logs, all the telemetry, the metrics tracing all of this type of stuff. And so these data sets become their own kind of, you know, big data nightmares potentially, right, but at the same time, they're full of, you know, really useful information to maintain availability performance, you know, to secure your systems and so forth. And I think the main challenge that we are seeing today with systems like ours and what's out there in the market is, you know, actually being able to scale. And it becomes almost an aggressive thing, it's kind of funny. >> You know, I got to ask you about the digital transformation equation that's out there. People, process, technology. I think people generally would agree that, hey, cloud's great, love deep learning, I mean how could you not, you know, get intoxicated on large-scale resources that's almost free and AI around the corner. It's good stuff, I mean pretty cool, right? And then the reality sits in, like you can't just hand wave it in, You got to hire people, you got to have the tech to do it, and then the process. And you made a profound comment before we came on camera, process is a reflection of culture. This is a really a big deal in the digital transformation. So, there are people out there, people are getting trained, there's a course you can take, you can buy technology that's getting better every day. Process seems to be where everyone's getting caught up on it and there's new ways to break through it and it's just a reality. What's your thoughts on process as a reflection of culture and how people can handle that and what people should think about? >> That's a good question. So I think what I'm seeing is that when we, we see a lot of companies at various stages of their sort of journey into the cloud. We come from the Bay Area so we have a lot of born in the cloud guys like ourselves and there's sort of a new culture that's kind of baked in from the beginning, but that's interesting. The even more interesting bits, in my mind, are when we are looking at companies that have been around for a long time. They basically, they're starting to realize that cloud transformation is almost more about basically picking up a culture of agile DevOps and then DevSecOps or whatever you want to call it. Apparently somebody at the keynote today made a nasty comment about it. Personally I didn't see it but again the whole Shift Left paradigm, but it's essentially a culture where you actually remove the silos that have been in place between departments, keeping people from working closely together, throwing stuff over the wall we all know how well that works, trying to keep your fiefdoms. And I find that all the successful cloud transformations stories that we've seen are really a decor, you know, cultural transformation stories, along the sort of plus minus DevOps route. >> So you're talking about the big challenge being scale, so two things you just said, well one is bringing together the mindset of infrastructure's code, we were talking about security as code. The other is automation, right. >> Absolutely. >> So that seems to be big focus of security practitioners. >> Yep. >> My question is, what's a good day look like to a security practitioner? >> Oh, I think, that's another really good question. I think there's an obvious answer, but I think the obvious answer would be I'm still in business, right, and I haven't leaked millions of Social Security numbers. >> Nothing happened, good day! >> And so I think that is definitely a good day but I think the sort of slightly more, I think, interesting answer is that I think a good day is day where you as a security practitioner have a bunch of good interactions with the rest of the folks in the company that are part of building products, on the operational side, on the development side, giving good feedback maybe to a bunch of developers maybe on secure coding practices, plugging in additional Veolia monitoring or code monitoring or scanning tools into the bill pipeline and so forth. And then also actually getting a bunch of alerts from all your monitoring systems and being able to very quickly figure out whether those are true positives or false positives and when they are true positives, being able to quickly react on them. >> So you guys, obviously cloud focused, that's a huge area for you, but I'm interested in how you say you differentiate. It's an extremely competitive market. What's your big differentiator? When you win, why do you win? >> So, it goes back to somewhat of a fundamental kind of things that led us to start the company. It's a little philosophy heavy, I guess, but it actually plays its way out in every single customer conversation, and every displacement and every time we end up expanding in the customer. And it's fundamentally that our philosophy is that this needs to be delivered as a service. That, you know, our philosophy is that enterprise software is just not a thing anymore. And our philosophy has always been that. >> It's very true. >> It's a good philosophy. >> It some days feels like, man, Christian, you've been saying the same thing for the last 10 years and here we are. Our philosophy is that you need monitoring, you need troubleshooting tools, you need security tools. Those tools themselves should not become behemoths in their selves where you're going to sink endless amount of resources and money into scaling and building them out and then who's going to monitor those? It's kind of you have a huge installation of vendor X and then how does that get monitored because if you don't monitor it then that thing will blow up and then you're blind again. So we just felt that this idea, what was really appealing to us from our experience was the idea that build the code but also run the code with ultimately get the customer back to actually using the tool rather than worrying about how the tool works underneath and having to worry about how to make it works. And we're all nerds and I love it and I wish I could understand all the stuff that happens in AWS underneath and every once in a while I meet some of these guys and it's very cool but that's where they deliver differentiation. And for us we can basically focus on delivering value to the customer. >> I think the cloud model, I think, shows everyone that you can deliver stuff as service, you have horizontal integration points that you need to keep aware of, certainly the data, you need horizontally scalability and freedom of access to the data and that brings up the goodness. I think that's a great philosophy, we subscribe certainly with you on that. You had mentioned earlier about alerts and one of the conversations that we're hearing around workforce and people is how many extra people are being deployed properly cause if everything's a service, then you can, if automation kicks in, and things are at service, you can eliminate things. So, one of the trends that we're hearing is the move from threat detection to alerts. >> Okay. >> Threat detections you can automate that and you can share data so the shared stuff kicks in. So that's a new kind of trend we're seeing alerts, quality alerts, having your people work on those kinds of problems, what to pay attention to on the monitoring side, becomes super important. Two years ago you couldn't walk down the street without threat detection, threat detection, threat detection. Although important, these mechanisms for that now. So what's your thoughts on the ongoing evolution from threat detection to alerts? >> I think it's about dehumaning the end. And all the machines are just sitting there, creating signals and we can have the discussion about AI and you know generally AI and all these sorts of things, I don't really believe that that's going to happen anytime soon. But I do like algorithmic approaches, I like the power of data analytics. Sometimes it's simple analytics that give good signals, sometimes it's complicated and very sort of sophisticated analytics, but in the end, none of these things can really capture any sort of objective truth and so it ends up in somebody's queue and then they got to burn through it. And that is fundamentally, again, a human problem in the best sense because I think that's we as humans, we have processing capabilities that have not been matched. >> And also humans want to hoard the data too. They're, "Aw I want to protect." And if you share the data, more transparency, better algorithms, better visibility, better alerts. >> Exactly. I do think, to a point, I think in the security space now, of course there's still a lot of hype around just add AiN you're going to be better but the reality is that this can only go so far. And it ends up in somebody's queue and analyst workflow, how do you treat ash incidents and so forth. How much time do you spend trying to figure out whether it's a true positive or a false positive, that all matters because no detection system will be perfect at only alerting you on true positives. >> I heard a comment the other night in the bar area, someone was commenting around security analytics and they said, "Yeah, if you don't really know what you're looking for, and you rely too heavily on these metrics, you end up with Chernobyl." Which, the Netflix series that's out about how they just following data >> AC-5 >> So they're you can just, if you're looking at the data too hard, not zooming out and taking a humanistic approach, why are you measuring something, why are you monitoring something, what is a quality signal? >> Look, I think it's fundamentally, this is all just tools. I'm a strong believer in, I don't know whether, I'm sort of a strong believer in the humans run the show. And I think that's what makes us human, right, I think outsourcing everything to an algorithm, especially when algorithms are making decisions about humans, that's like a wider topic, it gets very tricky and it usually backfires pretty quickly. >> So the security marketing narrative for decades has been fear. You're in trouble, you're in trouble, you got to be sure. Amazon put forth today in the keynote that the state of cloud security, the state of the union, is actually quite good and the focus should be on how to implement new tooling and we're actually really doing a great job. Do you buy that? >> To some degree. I do think that they're paying a lot of attention. I do like stuff that they've done from the beginning like security groups being deny all and all of those things. And they have a bunch of really smart guys over there that really care and worry about this type of stuff. I think they've also learned over the years in their own move towards selling from this side that's selling to a bunch of hipsters and then it started becoming a real enterprise play that all of these things are important, including having really good outage fail data and cloud trail and these types of things. The part that I like and we've argued this from the very beginning with our prospects when they basically kept saying you're putting the data in the cloud and how can I trust that? And we walk them through carefully in how we had designed our own security processes and a lot of what that was about automation and basically leveraging the APIs that we had. So basically at its core AWS has turned the data center into an API. And an API is something that I can automate and I can do a good job or I can do a bad job at that, that depends on the individual and so forth, but it's fundamentally a very powerful abstraction that allows one guy to do the work of potentially hundreds of people running around checking network connections. For me as a customer, that I can build a secure system on top of AWS. >> So they've turned the data center into an API, which is a very powerful metaphor, but they've turned it into a lot of APIs. How does that affect the complexity and the impact on security? >> Yeah, I know they are, look the reality is complex and I feel like their approach has been very carefully build from the bottom up, Lego by Lego, and then put other Legos on top of that. And I can very much appreciate that approach. I don't believe in one button security. I think it's just basically, everybody in the space knows that that's not a reality. >> Well we've asked Andy Jassy about this, John, and he said we want the fine grained access to primitives because when the market moves, we can move with it. If we don't have that, we put in all these abstraction layers that has implications on performance and, down the line, our agility. >> Power to the people, man, I think ultimately so many guys at Amazon, they're all very reasonable but you know they shouldn't make all the decisions. And everybody's use case is fundamentally a little bit different. And at the same time they're adding additional things because they realize that there's a lot of complexity even just looking at IM in these types of things is like, wow, okay, there's a lot of footguns built into this. The reality is that the entire industry is a giant footgun, on some level, so I like the fact that they ended up doing stuff like cloud trail and then pull all the cloud trail and repeat C logs that say flow logs into something like guard duty, for example, which they then try to do some correlation on there and they're trying to automate some of the detection as far as they can see it, as well. So I overall think they have a good approach to that. I think it's bottoms up. I think that works. I'm a builder type so for me that works. >> So Christian, final question, what're you looking at, CTO in the industry right now, what are some of the things you're looking at in the industry that's getting you excited and you guys are integrating into the vision? >> Well, it's really two things. I think one of the things we are seeing is as far as just general how people deploy software. We had containers and then nobody knew what to do with containers and it was orchestration and we now have Kubernetes basically having won all of the orchestration awards and I think that's going to be an industry standard that everybody has to deal with for the next couple of years. A lot of enterprise folks, is what I'm seeing, are now starting to kind of land on Kubernetes as part of sort of their cloud transformation, even if it's just pooling all the monoliths and then refactoring them afterwards. So I think that there's a lot of stuff going on there that Kubernetes adds its own layer of complexity. And there's opportunity for us there as a monitoring vendor. I'm extremely, I am probably more excited, almost irrationally excited about all the serverless stuff. I think I am a big proponent of not having to do undifferentiated heavy lifting. It feels to me that the sort of serverless track will get people to build better applications even faster in time to market everything that counts. And then on the security side I think that's an evergreen thing. You call it fear and then of course I've always said it's basically insurance. On some level, that's why the security market continues to be essentially evergreen and our customers are using us for their own security monitoring. We are building a lot of additional functionality there and I think that's going to continue to be a big and ongoing discussion because the underlying primitives, now you have Kubernetes, how do you secure that, how do you even build security in the serverless phase and whatever comes next after that. >> And I think also that point, I think you're seeing new brands are emerging as suppliers because they have that architectural, horizontal, the view. They're thinking holistically around the tech stacks and thinking about the role of data and just IoT is just a mind-blowing conversation around, where are you going to pour, where are you going to store that data? >> Yeah. >> Okay, so again, all this is kind of moving into a whole 'nother generational shift and you're either on the wrong side of the street or the right side of the street. This is like really binary at this point. >> And it's accelerating, right? Folks probably had one or two transformations in the last 30 years and now they're running through a transformation every three years, it's like getting whiplash, right? >> Buckle up. Christian, thanks for coming on theCUBE. Great insights. >> Thanks again for having me. >> Great insights here on theCUBE. Bringing you all the action Boston for AWS re:Inforce, Amazon Web Service's inaugural event around security's key developers, the new security pros and engineers out there. CUBE coverage continues after this short break. (upbeat music)

>> From San Francisco, it's theCUBE, covering Sumo Logic Illuminate 2018. Now, here's Jeff Frick. Hey welcome back everybody, Jeff Frick here with theCUBE. We are wrapping up a full day of coverage here at Sumo Logic Illuminate at the Hyatt, San Francisco airport, it's been a great day. 600 people here and we're excited to wrap our day with the co-founder of Sumo Logic, Christian Beeden, co-founder and- >> CTO. >> CTO, very good. Christian, love to get your perspective on this event. I think this is the second year you've had the event, it's grown a lot since last year. Kind of your perspective as you walk around and look at all these people that are completely engaged in something you started years ago. >> Yeah I know, it's humiliating in many ways and humbling I guess, is the word that I'm looking for. We are building software and that's always how I've looked at it.