>> Narrator: TheCUBE presents Kubecon and Cloudnativecon Europe, 2022. Brought to you by Red Hat, the cloud native computing foundation and its ecosystem partners. >> Welcome to Valencia, Spain in Kubecon, Cloudnativecon Europe, 2022. I'm Keith Townsend and we are in a beautiful locale. The city itself is not that big, 100,000, I mean, sorry, about 800,000 people. And we got out, got to see a little bit of the sites. It is an amazing city. I'm from the US, it's hard to put in context how a city of 800,000 people can be so beautiful. I'm here with Anish Dhar and Ganesh Datta, Co-founder and CTO of Cortex. Anish you're CEO of Cortex. We were having a conversation. One of the things that I asked my client is what is good. And you're claiming to answer the question about what is quality when it comes to measuring microservices? What is quality? >> Yeah, I think it really depends on the company and I think that's really the philosophy we have. When we built Cortex, is that we understood that different companies have different definitions of quality, but they need to be able to be represented in really objective ways. I think what ends up happening in most engineering organizations is that quality lives in people's heads. The engineers who write the services they're often the ones who understand all the intricacies with the service. What are the downstream dependencies, who's on call for this service? Where does the documentation live? All of these things I think impact the quality of the service. And as these engineers leave the company or they switch teams, they often take that tribal knowledge with them. And so I think quality really comes down to being able to objectively codify your best practices in some way and have that distributed to all engineers in the company. >> And to add to that, I think very concrete examples for an organization that's already modern like their idea of quality might be uptime incidents. For somebody that's like going through a modernization strategy, they're trying to get to the 21st century, they're trying to get to Kubernetes. For them, quality means where are we in that journey? Are you on our latest platforms? Are you running CI, are you doing continuous delivery? Like quality can mean a lot of things and so our perspective is how do we give you the tools to say as an organization, here's what quality means to us. >> So at first, my mind was going through when you said quality, Anish, you started out the conversation about having this kind of non-codified set of measurements, historical knowledge, et cetera. I was thinking observability, measuring how much time does it take to have a transaction. But Ganesh you're introducing this new thing. I'm working with this project where we're migrating a monolith application to a set of microservices. And you're telling me Cortex helps me measure the quality of what I'm doing in my project? >> Ganesh: Absolutely. >> How is that? >> Yeah, it's a great question. So I think when you think about observability, you think about uptime and latency and transactions and throughput and all this stuff. And I think that's very high level and I think that's one perspective of what quality is, but as you're going through this journey, you might say like the fact that we're tracking that stuff, the fact that you're using APM, you're using distributed tracing, that is one element of service quality. Maybe service quality means you're doing CICD, you're running vulnerability scans. You're using Docker. Like what that means to us can be very different. So observability is just one aspect of are you doing things the right way? Good to us means you're using SLOs. You are tracking those metrics. You're reporting that somewhere. And so that's like one component for our organization of what quality can mean. >> I'm kind of taken back by this because I've not seen someone kind of give the idea. And I think later on, this is the perfect segment to introduce theCUBE clock in which I'm going to give you a minute to kind of like give me the elevator pitch, but we're going to have the deep conversation right now. When you go in and you... What's the first process you do when you engage in a customer? Does a customer go and get this off of repository, install it, the open source version, and then what? I mean, what's the experience? >> Yeah, absolutely. So we have both a smart and on-prem version of Cortex. It's really straightforward. Basically we have a service discovery onboarding flow where customers can connect to different sets of source for their services. It could be Kubernetes, ECS, Git Repos, APM tools, and then we'll actually automatically map all of that service data with all of the integration data in the company. So we'll take that service and map it to its on call rotation to the JIRA tickets that have the service tag associated with it, to the data algo SLOs. And what that ends ends up producing is this service catalog that has all the information you need to understand your service. Almost like a single pane of glass to work with the service. And then once you have all of that data inside Cortex, then you can start writing scorecards, which grade the quality of those services across those different verticals Ganesh was talking about. Like whether it's a monolith, a microservice transition, whether it's production readiness or security standards, you can really start tracking that. And then engineers start understanding where the areas of risk with my service across reliability or security or operation maturity. I think it gives us in insane visibility into what's actually being built and the quality of that compared to your standards. >> So, okay, I have a standards for SLO that is usually something that is, it might not even be measured. So how do you help me understand that I'm lacking a measurable system for tracking SLO and what's the next step for helping me get that system? >> Yeah, I think our perspective is very much how do we help you create a culture where developers understand what's expected of them? So if SLOs are part of what we consider observability or reliability, then Cortex's perspective is, hey, we want to help your organization adopt SLOs. And so that service cataloging concept, the service catalog says, hey, here's my API integration. Then a scorecard, the organization goes in and says, we want every service owner to define their SLOs, we want you to define your thresholds. We want you to be tracking them, are you passing your SLOs? And so we're not being prescriptive about here's what we think your SLOs should be, ours is more around, hey, we're going to help you like if you care about SLOs, we're going to tell the service owners saying, hey, you need to have at least two SLOs for your service and you got to be tracking them. And the service catalog that data flows from a service catalog into those scorecards. And so we're helping them adopt that mindset of, hey, SLOs are important. It is a component of like a holistic service reliability excellence metric that we care about. >> So what happens when I already have systems for like SLO, how do I integrate that system with Cortex? >> That's one of the coolest things. So the service catalog can be pretty smart about it. So let's say you've sucked in your services from your GitHub. And so now your services are in Cortex. What we can do is we can actually discover from your APM tools, you can say like, hey, for this service, we have guessed that this is the corresponding APM in Datadog. And so from Datadog, here are your SLOs, here are your monitors. And so we can start mapping all the different parts of your world into the Cortex. And that's the power of the service catalog. The service catalog says, given a service, here's everything about that service. Here's the vulnerability scans. Here's the APM, the monitors, the SLOs, the JIRA ticket is like all that stuff comes into a single place. And then our scorecards product can go back out and say, hey, Datadog, tell me about this SLOs for the service. And so we're going to get that information live and then score your services against that. And so we're like integrating with all of your third party tools and integrations to create that single pan of glass. >> Yeah, and to add to that, I think one of the most interesting use cases with scorecards is, okay, which teams have actually adopted SLOs in the first place? I think a lot of companies struggle with how do we make sure engineers defined SLOs are passing them actually care about them. And scorecards can be used to one, which teams are actually meeting these guidelines? And then two, let's get those teams adopted on SLOs. Let's track that, you can do all of that in Cortex, which is I think a really interesting use case that we've seen. >> So let's talk about kind of my use case in the end to end process for integrating Cortex into migrations. So I have this monolithic application, I want to break it into microservices and then I want to ensure that I'm delivering if not, you know what, let's leave it a little bit more open ended. How do I know that I'm better at the end of I was in a monolith before, how do I measure that now that I'm in microservices and on cloud native, that I'm better? >> That's a good question. I think it comes down to, and we talk about this all the time for our customers that are going through that process. You can't define better if you don't define a baseline, like what does good mean to us? And so you need to start by saying, why are we moving to microservices? Is it because we want teams to move faster? Is it because we care about reliability up time? Like what is the core metric that we're tracking? And so you start by defining that as an organization. And that is kind of like a hand wavy thing. Why are we doing microservices? Once you have that, then you define this scorecard. And that's like our golden path. Once we're done doing this microservice migration, can we say like, yes, we have been successful and those metrics that we care about are being tracked. And so where Cortex fits in is from the very first step of creating a service, you can use Cortex to define templates. Like one click, you go in, it spins up a microservice for you that follows all your best practices. And so from there, ideally you're meeting 80% of your standards already. And then you can use scorecards to track historical progress. So you can say, are we meeting our golden path standards? Like if it's uptime, you can track uptime metrics and scorecards. If it's around velocity, you can track velocity metrics. Is it just around modernization? Are you doing CICD and vulnerability scans, like moving faster as a team? You can track that. And so you can start seeing like trends at a per team level, at a per department level, at a per product level saying, hey, we are seeing consistent progress in the metrics that we care about. And this microservice journey is helping us with that. So I think that's the kind of phased progress that we see with Cortex. >> So I'm going to give you kind of a hand wavy thing. We're told that cloud native helps me to do things faster with less defects so that I can do new opportunities. Let's stretch into kind of this non-tech, this new opportunities perspective. I want to be able to move my microservices. I want to be able to move my architecture to microservices, so I reduce call wait time on my customer service calls. So I can easily see how I can measure are we iterating faster? Are we putting out more updates quicker? That's pretty easy to measure. The number of defects, easy to measure. I can imagine a scorecard, but what about this wait time? I don't necessarily manage the call center system, but I get the data. How do I measure that the microservice migration was successful from a business process perspective? >> Yeah, that's a good question. I think it comes down to two things. One, the flexibility of scorecard means you can pipe in that data to Cortex. And what we recommend customers is track the outcome metrics and track the input metrics as well. And so what is the input metric to call wait time? Like maybe it's the fact that if something goes wrong, we have the run books to quickly roll back to an older version that we know is running. That way MTTR is faster. Or when something happens, we know the owner for that service and we can go back to them and say like, hey, we're going to ping you as an incident commander. Those are kind of the input metrics to, if we do these things, then we know our call wait time is going to drop because we're able to respond faster to incidents. And so you want to track those input metrics. And then you want to track the output metrics as well. And so if you have those metrics coming in from your Prometheus or your Datadogs or whatever, you can pipe that into Cortex and say, hey, we're going to look at both of these things holistically. So we want to see is there a correlation between those input metrics like are we doing things the right way, versus are we seeing the value that we want to come out of that? And so I think that's the value of Cortex is not so much around, hey, we're going to be prescriptive about it. It's here's this framework that will let you track all of that and say, are we doing things the right way and is it giving us the value that we want? And being able to report that update to engineer leadership and say, hey, maybe these services are not doing like we're not improving call wait time. Okay, why is that? Are these services behind on the actual input metrics that we care about? And so being able to see that I think is super valuable. >> Yeah, absolutely, I think just to touch on the reporting, I think that's one of the most value add things Cortex can provide. If you think about it, the service is atomic unit of your software. It represents everything that's being built and that bubbles up into teams, products, business units, and Cortex lets you represent that. So now I can, as a CTO, come in and say, hey, these product lines are they actually meeting our standards? Where are the areas of risk? Where should I be investing more resources? I think Cortex is almost like the best way to get the actual health of your engineering organization. >> All right Anish and Ganesh. We're going to go into the speed round here. >> Ganesh: It's time for the Q clock? >> Time for the Q clock. Start the Q clock. (upbeat music) Let's go on. >> Ganesh: Let's do it. >> Anish: Let's do it. >> Let's go on. You're you're 10 seconds in. >> Oh, we can start talking. Okay, well I would say, Anish was just touching on this. For a CTO, their question is how do I know if engineering quality is good? And they don't care about the microservice level. They care about as a business, is my engineering team actually producing. >> Keith: Follow the green, not the dream. (Ganesh laughs) >> And so the question is, well, how do we codify service quality? We don't want this to be a hand wavy thing that says like, oh, my team is good, my team is bad. We want to come in and define here's what service quality means. And we want that to be a number. You want that to be something that can- >> A goal without a timeline is just a dream. >> And CTO comes in and they say, here's what we care about. Here's how we're tracking it. Here are the teams that are doing well. We're going to reward the winners. We're going to move towards a world where every single team is doing service quality. And that's where Cortex can provide. We can give you that visibility that you never have before. >> For that five seconds. >> And hey, your SRE can't be the one handling all this. So let Cortex- >> Shoot the bad guy. >> Shot that, we're done. From Valencia Spain, I'm Keith Townsend. And you're watching theCube. The leader in high tech coverage. (soft music) (soft music) >> Narrator: TheCube presents Kubecon and Cloudnativecon Europe, 2022 brought to you by Red Hat, the cloud native computing foundation and its ecosystem partners. >> Welcome to Valencia, Spain in Kubecon, Cloudnativecon Europe, 2022. I'm Keith Townsend. And we are in a beautiful locale. The city itself is not that big 100,000, I mean, sorry, about 800,000 people. And we got out, got to see a little bit of the sites. It is an amazing city. I'm from the US, it's hard to put in context how a city of 800,000 people can be so beautiful. I'm here with Anish Dhar and Ganesh Datta, Co-founder and CTO of Cortex. Anish you're CEO of Cortex. We were having a conversation. One of the things that I asked my client is what is good. And you're claiming to answer the question about what is quality when it comes to measuring microservices? What is quality? >> Yeah, I think it really depends on the company. And I think that's really the philosophy we have when we build Cortex is that we understood that different companies have different definitions of quality, but they need to be able to be represented in really objective ways. I think what ends up happening in most engineering organizations is that quality lives in people's heads. Engineers who write the services, they're often the ones who understand all the intricacies with the service. What are the downstream I dependencies, who's on call for this service, where does the documentation live? All of these things, I think impact the quality of the service. And as these engineers leave the company or they switch teams, they often take that tribal knowledge with them. And so I think quality really comes down to being able to objectively like codify your best practices in some way, and have that distributed to all engineers in the company. >> And to add to that, I think like very concrete examples for an organization that's already modern their idea of quality might be uptime incidents. For somebody that's like going through a modernization strategy, they're trying to get to the 21st century. They're trying to get to Kubernetes. For them quality means like, where are we in that journey? Are you on our latest platforms? Are you running CI? Are you doing continuous delivery? Like quality can mean a lot of things. And so our perspective is how do we give you the tools to say as an organization here's what quality means to us. >> So at first my mind was going through when you said quality and as you started out the conversation about having this kind of non codified set of measurements, historical knowledge, et cetera. I was thinking observability measuring how much time does it take to have a transaction? But Ganesh you're introducing this new thing. I'm working with this project where we're migrating a monolith application to a set of microservices. And you're telling me Cortex helps me measure the quality of what I'm doing in my project? >> Ganesh: Absolutely. >> How is that? >> Yeah, it's a great question. So I think when you think about observability, you think about uptime and latency and transactions and throughput and all this stuff and I think that's very high level. And I think that's one perspective of what quality is. But as you're going through this journey, you might say like the fact that we're tracking that stuff, the fact that you're using APM, you're using distributed tracing, that is one element of service quality. Maybe service quality means you're doing CICD, you're running vulnerability scans. You're using Docker. Like what that means to us can be very different. So observability is just one aspect of, are you doing things the right way? Good to us means you're using SLOs. You are tracking those metrics. You're reporting that somewhere. And so that's like one component for our organization of what quality can mean. >> Wow, I'm kind of taken me back by this because I've not seen someone kind of give the idea. And I think later on, this is the perfect segment to introduce theCube clock in which I'm going to give you a minute to kind of like give me the elevator pitch, but we're going to have the deep conversation right now. When you go in and you... what's the first process you do when you engage in a customer? Does a customer go and get this off of repository, install it, the open source version and then what, I mean, what's the experience? >> Yeah, absolutely. So we have both a smart and on-prem version of Cortex. It's really straightforward. Basically we have a service discovery onboarding flow where customers can connect to different set of source for their services. It could be Kubernetes, ECS, Git Repos, APM tools, and then we'll actually automatically map all of that service data with all of the integration data in the company. So we'll take that service and map it to its on call rotation to the JIRA tickets that have the service tag associated with it, to the data algo SLOs. And what that ends up producing is this service catalog that has all the information you need to understand your service. Almost like a single pane of glass to work with the service. And then once you have all of that data inside Cortex, then you can start writing scorecards, which grade the quality of those services across those different verticals Ganesh was talking about. like whether it's a monolith, a microservice transition, whether it's production readiness or security standards, you can really start tracking that. And then engineers start understanding where are the areas of risk with my service across reliability or security or operation maturity. I think it gives us insane visibility into what's actually being built and the quality of that compared to your standards. >> So, okay, I have a standard for SLO. That is usually something that is, it might not even be measured. So how do you help me understand that I'm lacking a measurable system for tracking SLO and what's the next step for helping me get that system? >> Yeah, I think our perspective is very much how do we help you create a culture where developers understand what's expected of them? So if SLOs are part of what we consider observability and reliability, then Cortex's perspective is, hey, we want to help your organization adopt SLOs. And so that service cataloging concept, the service catalog says, hey, here's my APM integration. Then a scorecard, the organization goes in and says, we want every service owner to define their SLOs. We want to define your thresholds. We want you to be tracking them. Are you passing your SLOs? And so we're not being prescriptive about here's what we think your SLOs should be. Ours is more around, hey, we're going to help you like if you care about SLOs, we're going to tell the service owners saying, hey, you need to have at least two SLOs for your service and you've got to be tracking them. And the service catalog that data flows from the service catalog into those scorecards. And so we're helping them adopt that mindset of, hey, SLOs are important. It is a component of like a holistic service reliability excellence metric that we care about. >> So what happens when I already have systems for like SLO, how do I integrate that system with Cortex? >> That's one of the coolest things. So the service catalog can be pretty smart about it. So let's say you've sucked in your services from your GitHub. And so now your services are in Cortex. What we can do is we can actually discover from your APM tools, we can say like, hey, for this service we have guessed that this is the corresponding APM in Datadog. And so from Datadog, here are your SLOs, here are your monitors. And so we can start mapping all the different parts of your world into the Cortex. And that's the power of the service catalog. The service catalog says, given a service, here's everything about that service. Here's the vulnerability scans, here's the APM, the monitor, the SLOs, the JIRA ticket, like all that stuff comes into a single place. And then our scorecard product can go back out and say, hey, Datadog, tell me about this SLOs for the service. And so we're going to get that information live and then score your services against that. And so we're like integrating with all of your third party tools and integrations to create that single pan of glass. >> Yeah and to add to that, I think one of the most interesting use cases with scorecards is, okay, which teams have actually adopted SLOs in the first place? I think a lot of companies struggle with how do we make sure engineers defined SLOs are passing them actually care about them? And scorecards can be used to one, which teams are actually meeting these guidelines? And then two let's get those teams adopted on SLOs. Let's track that. You can do all of that in Cortex, which is, I think a really interesting use case that we've seen. >> So let's talk about kind of my use case in the end to end process for integrating Cortex into migrations. So I have this monolithic application, I want to break it into microservices and then I want to ensure that I'm delivering you know what, let's leave it a little bit more open ended. How do I know that I'm better at the end of I was in a monolith before, how do I measure that now that I'm in microservices and on cloud native, that I'm better? >> That's a good question. I think it comes down to, and we talk about this all the time for our customers that are going through that process. You can't define better if you don't define a baseline, like what does good mean to us? And so you need to start by saying, why are we moving to microservices? Is it because we want teams to move faster? Is it because we care about reliability up time? Like what is the core metric that we're tracking? And so you start by defining that as an organization. And that is kind of like a hand wavy thing. Why are we doing microservices? Once you have that, then you define the scorecard and that's like our golden path. Once we're done doing this microservice migration, can we say like, yes, we have been successful. And like those metrics that we care about are being tracked. And so where Cortex fits in is from the very first step of creating a service. You can use Cortex to define templates. Like one click, you go in, it spins up a microservice for you that follows all your best practices. And so from there, ideally you're meeting 80% of your standards already. And then you can use scorecards to track historical progress. So you can say, are we meeting our golden path standards? Like if it's uptime, you can track uptime metrics and scorecards. If it's around velocity, you can track velocity metrics. Is it just around modernization? Are you doing CICD and vulnerability scans, like moving faster as a team? You can track that. And so you can start seeing like trends at a per team level, at a per department level, at a per product level. Saying, hey, we are seeing consistent progress in the metrics that we care about. And this microservice journey is helping us with that. So I think that's the kind of phased progress that we see with Cortex. >> So I'm going to give you kind of a hand wavy thing. We're told that cloud native helps me to do things faster with less defects so that I can do new opportunities. Let's stretch into kind of this non-tech, this new opportunities perspective. I want to be able to move my microservices. I want to be able to move my architecture to microservices so I reduce call wait time on my customer service calls. So, I could easily see how I can measure are we iterating faster? Are we putting out more updates quicker? That's pretty easy to measure. The number of defects, easy to measure. I can imagine a scorecard. But what about this wait time? I don't necessarily manage the call center system, but I get the data. How do I measure that the microservice migration was successful from a business process perspective? >> Yeah, that's a good question. I think it comes down to two things. One, the flexibility of scorecard means you can pipe in that data to Cortex. And what we recommend customers is track the outcome metrics and track the input metrics as well. And so what is the input metric to call wait time? Like maybe it's the fact that if something goes wrong, we have the run book to quickly roll back to an older version that we know is running that way MTTR is faster. Or when something happens, we know the owner for that service and we can go back to them and say like, hey, we're going to ping you as an incident commander. Those are kind the input metrics to, if we do these things, then we know our call wait time is going to drop because we're able to respond faster to incidents. And so you want to track those input metrics and then you want to track the output metrics as well. And so if you have those metrics coming in from your Prometheus or your Datadogs or whatever, you can pipe that into Cortex and say, hey, we're going to look at both of these things holistically. So we want to see is there a correlation between those input metrics? Are we doing things the right way versus are we seeing the value that we want to come out of that? And so I think that's the value of Cortex is not so much around, hey, we're going to be prescriptive about it. It's here's this framework that will let you track all of that and say, are we doing things the right way and is it giving us the value that we want? And being able to report that update to engineer leadership and say, hey, maybe these services are not doing like we're not improving call wait time. Okay, why is that? Are these services behind on like the actual input metrics that we care about? And so being able to see that I think is super valuable. >> Yeah, absolutely. I think just to touch on the reporting, I think that's one of the most value add things Cortex can provide. If you think about it, the service is atomic unit of your software. It represents everything that's being built and that bubbles up into teams, products, business units, and Cortex lets you represent that. So now I can, as a CTO, come in and say, hey, these product lines are they actually meeting our standards? Where are the areas of risk? Where should I be investing more resources? I think Cortex is almost like the best way to get the actual health of your engineering organization. >> All right, Anish and Ganesh. We're going to go into the speed round here. >> Ganesh: It's time for the Q clock >> Time for the Q clock. Start the Q clock. (upbeat music) >> Let's go on. >> Ganesh: Let's do it. >> Anish: Let's do it. >> Let's go on, you're 10 seconds in. >> Oh, we can start talking. Okay, well I would say, Anish was just touching on this, for a CTO, their question is how do I know if engineering quality is good? And they don't care about the microservice level. They care about as a business, is my enduring team actually producing- >> Keith: Follow the green, not the dream. (Ganesh laughs) >> And so the question is, well, how do we codify service quality? We don't want this to be a hand wavy thing that says like, oh, my team is good, my team is bad. We want to come in and define here's what service quality means. And we want that to be a number. You want that to be something that you can- >> A goal without a timeline is just a dream. >> And a CTO comes in and they say, here's what we care about, here's how we're tracking it. Here are the teams that are doing well. We're going to reward the winners. We're going to move towards a world where every single team is doing service quality. And that's what Cortex can provide. We can give you that visibility that you never had before. >> For that five seconds. >> And hey, your SRE can't be the one handling all this. So let Cortex- >> Shoot the bad guy. >> Shot that, we're done. From Valencia Spain, I'm Keith Townsend. And you're watching theCube, the leader in high tech coverage. (soft music)

>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Welcome back everyone. We're so glad that you're still with us. It's the Cube Live at the MGM Grand. This is our second day of coverage of Palo Alto Networks Ignite. This is takeaways from Ignite 22. Lisa Martin here with two really smart guys, Dave Valante. Dave, we're joined by one of our cube alumni, a friend, a friend of the, we say friend of the Cube. >>Yeah, otc. A friend of the Cube >>Karala joined us. Guys, it's great to have you here. It's been an exciting show. A lot of cybersecurity is one of my favorite topics to talk about. But I'd love to get some of the big takeaways from both of you. Dave, we'll start with you. >>A breathing room from two weeks ago. Yeah, that was, that was really pleasant. You know, I mean, I know was, yes, you sat in the analyst program, interested in what your takeaways were from there. But, you know, coming into this, we wrote a piece, Palo Alto's Gold Standard, what they need to do to, to keep that, that status. And we hear it a lot about consolidation. That's their big theme now, which is timely, right? Cause people wanna save money, they wanna do more with less. But I'm really interested in hearing zeus's thoughts on how that's playing in the market. How customers, how easy is it to just say, oh, hey, I'm gonna consolidate. I wanna get into that a little bit with you, how well the strategy's working. We're gonna get into some of the m and a activity and really bring your perspectives to the table. Well, >>It's, it's not easy. I mean, people have been calling for the consolidation of security for decades, and it's, it's, they're the first company that's actually made it happen. Right? And, and I think this is what we're seeing here is the culmination of this long term strategy, this company trying to build more of a platform. And they, you know, they, they came out as a firewall vendor. And I think it's safe to say they're more than firewall today. That's only about two thirds of their revenue now. So down from 80% a few years ago. And when I think of what Palo Alto has become, they're really a data company. Now, if you look at, you know, unit 42 in Cortex, the, the, the Cortex Data Lake, they've done an excellent job of taking telemetry from their products and from the acquisitions they have, right? And bringing that together into one big data lake. >>And then they're able to use that to, to do faster threat notification, forensics, things like that. And so I think the old model of security of create signatures for known threats, it's safe to say it never really worked and it wasn't ever gonna work. You had too many day zero exploits and things. The only way to fight security today is with a AI and ML based analytics. And they have, they're the gold standard. I think the one thing about your post that I would add the gold standard from a data standpoint, and that's given them this competitive advantage to go out and become a platform for a security. Which, like I said, the people have tried to do that for years. And the first one that's actually done it, well, >>We've heard this from some of the startups, like Lacework will say, oh, we treat security as a data problem. Of course there's a startup, Palo Alto's got, you know, whatever, 10, 15 years of, of, of history. But one of the things I wanted to explore with you coming into this was the notion of can you be best of breed and develop a suite? And we, we've been hearing a consistent answer to that question, which is, and, and do you need to, and the answer is, well, best of breed in security requires that full spectrum, that full view. So here's my question to you. So, okay, let's take Esty win relatively new for these guys, right? Yeah. Okay. And >>And one of the few products are not top two, top three in, right? Exactly. >>Yeah. So that's why I want to take that. Yeah. Because in bakeoffs, they're gonna lose on a head-to-head best of breed. And so the customer's gonna say, Hey, you know, I love your, your consolidation play, your esty win's. Just, okay, how about a little discount on that? And you know, these guys are premium priced. Yes. So, you know, are they in essentially through their pricing strategies, sort of creating that stuff, fighting that, is that friction for them where they've got, you know, the customer says, all right, well forget it, we're gonna go stove pipe with the SD WAN will consolidate some of the stuff. Are you seeing that? >>Yeah, I, I, I still think the sales model is that way. And I think that's something they need to work on changing. If they get into a situation where they have to get down into a feature battle of my SD WAN versus your SD wan, my firewall versus your firewall, frankly they've already lost, you know, because their value prop is the suite and, and is the platform. And I was talking to the CISO here that told me, he realizes now that you don't need best of breed everywhere to have best in class threat protection. In fact, best of breed everywhere leads to suboptimal threat protection. Cuz you have all these data data sets that are in silos, right? And so from a data scientist standpoint, right, there's the good data leads to good insights. Well, partial data leads to fragmented insights and that's, that's what the best, best of breed approach gives you. And so I was talking with Palo about this, can they have this vision of being best of breed and platform? I don't really think you can maintain best of breed everywhere across this portfolio this big, but you don't need to. >>That was my second point of my >>Question. That's the point. >>Yeah. And so, cuz cuz because you know, we've talked about this, that that sweets always win in the long run, >>Sweets >>Win. Yeah. But here's the thing, I, I wonder to your your point about, you know, the customer, you know, understanding that that that, that this resonates with them. I, my guess is a lot of customers, you know, at that mid-level and the fat middle are like still sort of wed, you know, hugging that, that tool. So there's, there's work to be done here, but I think they, they, they got it right Because if they devolve, to your point, if they devolve down to that speeds and feeds, eh, what's the point of that? Where's their valuable? >>You do not wanna get into a knife fight. And I, and I, and I think for them the, a big challenge now is convincing customers that the suite, the suite approach does work. And they have to be able to do that in actual customer examples. And so, you know, I I interviewed a bunch of customers here and the ones that have bought into XDR and xor and even are looking at their sim have told me that the, the, so think of soc operations, the old way heavily manually oriented, right? You have multiple panes of glass and you know, and then you've got, so there's a lot of people work before you bring the tools in, right? If done correctly with AI and ml, the machines would do all the heavy lifting and then you'd bring people in at the end to clean up the little bits that were missed, right? >>And so you, you moved to, from something that was very people heavy to something that's machine heavy and machines can work a lot faster than people. And the, and so the ones that I've talked that have, that have done that have said, look, our engineers have moved on to a lot different things. They're doing penetration testing, they're, you know, helping us with, with strategy and they're not fighting that, that daily fight of looking through log files. And the only proof point you need, Dave, is look at every big breach that we've had over the last five years. There's some SIM vendor up there that says, we caught it. Yeah. >>Yeah. We we had the data. >>Yeah. But, but, but the security team missed it. Well they missed it because you're, nobody can look at that much data manually. And so the, I I think their approach of relying heavily on machines to fight the fight is actually the right way. >>Is that a differentiator for them versus, we were talking before we went live that you and I first hit our very first segment back in 2017 at Fort Net. Is that, where do the two stand in your >>Yeah, it's funny cuz if you talk to the two vendors, they don't really see each other in a lot of accounts because Fort Net's more small market mid-market. It's the same strategy to some degree where Fort Net relies heavily on in-house development and Palo Alto relies heavily on acquisition. Yeah. And so I think from a consistently feature set, you know, Fort Net has an advantage there because it, it's all run off their, their their silicon. Where, where Palo's able to innovate very quickly. The, it it requires a lot of work right? To, to bring the front end and back ends together. But they're serving different markets. So >>Do you see that as a differentiator? The integration strategy that Palo Alto has as a differentiator? We talk to so many companies who have an a strong m and a strategy and, and execution arm. But the challenge is always integrating the technology so that the customer to, you know, ultimately it's the customer. >>I actually think they're, they're underrated as a, an acquirer. In fact, Dave wrote a post to a prior on Silicon Angle prior to Accelerate and he, he on, you put it on Twitter and you asked people to rank 'em as an acquirer and they were in the middle of the pack, >>Right? It was, it was. So it was Oracle, VMware, emc, ibm, Cisco, ServiceNow, and Palo Alto. Yeah. Or Oracle got very high marks. It was like 8.5 out of, you know, 10. Yeah. VMware I think was 6.5. Nice. Era was high emc, big range. IBM five to seven. Cisco was three to eight. Yeah. Yeah, right. ServiceNow was a seven. And then, yeah, Palo Alto was like a five. And I, which I think it was unfair. >>Well, and I think it depends on how you look at it. And I, so I think a lot of the acquisitions Palo Altos made, they've done a good job of integrating their backend data and they've almost ignored the front end. And so when you buy some of the products, it's a little clunky today. You know, if you work with Prisma Cloud, it could be a little bit cleaner. And even with, you know, the SD wan that took 'em a long time to bring CloudGenix in and stuff. But I think the approach is right. I don't, I don't necessarily believe you should integrate the front end until you've integrated the back end. >>That's >>The hard part, right? Because UL ultimately what you're gonna get, you're gonna get two panes of glass and one pane of glass and it might look pretty all mush together, but ultimately you're not solving the bigger problem, right. Of, of being able to create that big data like the, the fight security. And so I think, you know, the approach they've taken is the right one. I think from a user standpoint, maybe it doesn't show up as neatly because you don't see the frontend integration, but the way they're doing it is the right way to do it. And I'm glad they're doing it that way versus caving to the pressures of what, you know, the industry might want >>Showed up in the performance of the company. I mean, this company was basically gonna double revenues to 7 billion from 2020 to >>2023. Three. Think about that at that, that >>Make a, that's unbelievable, right? I mean, and then and they wanna double again. Yeah. You know, so, well >>What did, what did Nikesh was quoted as saying they wanna be the first cyber company that's a hundred billion dollars. He didn't give a timeline market cap. >>Right. >>Market cap, right. Do what I wanna get both of your opinions on what you saw and heard and felt this week. What do you think the likelihood is? And and do you have any projections on how, you know, how many years it's gonna take for them to get there? >>Well, >>Well I think so if they're gonna get that big, right? And, and we were talking about this pre-show, any company that's becoming a big company does it through ecosystem >>Bingo. >>Right? And that when you look around the show floor, it's not that impressive. And if that, if there's an area they need to focus on, it's building that ecosystem. And it's not with other security vendors, it's with application vendors and it's with the cloud companies and stuff. And they've got some relationships there, but they need to do more. I actually challenge 'em on that. One of the analyst sessions. They said, look, we've got 800 cortex partners. Well where are they? Right? Why isn't there a cortex stand here with a bunch of the small companies here? So I do think that that is an area they need to focus on. If they are gonna get to that, that market caps number, they will do so do so through ecosystem. Because every company that's achieved that has done it through ecosystem. >>A hundred percent agree. And you know, if you look at CrowdStrike's ecosystem, it's pretty similar. Yeah. You know, it doesn't really, you know, make much, much, not much different from this, but I went back and just looked at some, you know, peak valuations during the pandemic and shortly thereafter CrowdStrike was 70 billion. You know, that's what their roughly their peak Palo Alto was 56, fortune was 59 for the actually diverged. Right. And now Palo Alto has taken the, the top mantle, you know, today it's market cap's 52. So it's held 93% of its peak value. Everybody else is tanking. Even Okta was 45 billion. It's been crushed as you well know. But, so Palo Alto wasn't always, you know, the number one in terms of market cap. But I guess my point is, look, if CrowdStrike could got to 70 billion during Yeah. During the frenzy, I think it's gonna take, to answer your question, I think it's gonna be five years. Okay. Before they get back there. I think this market's gonna be tough for a while from a valuation standpoint. I think generally tech is gonna kind of go up and down and sideways for a good year and a half, maybe even two years could be even longer. And then I think there's gonna be some next wave of productivity innovation that that hits. And then you're gonna, you're almost always gonna exceed the previous highs. It's gonna take a while. Yeah, >>Yeah, yeah. But I think their ability to disrupt the SIM market actually is something I, I believe they're gonna do. I've been calling for the death of the sim for a long time and I know some people at Palo Alto are very cautious about saying that cuz the Splunks and the, you know, they're, they're their partners. But I, I think the, you know, it's what I said before, the, the tools are catching them, but they're, it's not in a way that's useful for the IT pro and, but I, I don't think the SIM vendors have that ecosystem of insight across network cloud endpoint. Right. Which is what you need in order to make a sim useful. >>CISO at an ETR roundtable said, if, if it weren't for my regulators, I would chuck my sim. >>Yes. >>But that's the only reason that, that this person was keeping it. So, >>Yeah. And I think the, the fact that most of those companies have moved to a perpetual MO or a a recurring revenue model actually helps unseat them. Typically when you pour a bunch of money into something, you remember the old computer associate days, nobody ever took it out cuz the sunk dollars you spent to do it. But now that you're paying an annual recurring fee, it's actually makes it easier to take out. So >>Yeah, it's it's an ebb and flow, right? Yeah. Because the maintenance costs were, you know, relatively low. Maybe it was 20% of the total. And then, you know, once every five years you had to do a refresh and you were still locked into the sort of maintenance and, and so yeah, I think you're right. The switching costs with sas, you know, in theory anyway, should be less >>Yeah. As long as you can migrate the data over. And I think they've got a pretty good handle on that. So, >>Yeah. So guys, I wanna get your perspective as a whole bunch of announcements here. We've only been here for a couple days, not a big conference as, as you can see from behind us. What Zs in your opinion was Palo Alto's main message and and what do you think about it main message at this event? And then same question for you. >>Yeah, I, I think their message largely wrapped around disruption, right? And, and they, in The's keynote already talked about that, right? And where they disrupted the firewall market by creating a NextGen firewall. In fact, if you look at all the new services they added to their firewall, you, you could almost say it's a NextGen NextGen firewall. But, but I do think the, the work they've done in the area of cloud and cortex actually I think is, is pretty impressive. And I think that's the, the SOC is ripe for disruption because it's for, for the most part, most socks still, you know, run off legacy playbooks. They run off legacy, you know, forensic models and things and they don't work. It's why we have so many breaches today. The, the dirty little secret that nobody ever wants to talk about is the bad guys are using machine learning, right? And so if you're using a signature based model, all they're do is tweak their model a little bit and it becomes, it bypasses them. So I, I think the only way to fight the the bad guys today is with you gotta fight fire with fire. And I think that's, that's the path they've, they've headed >>Down and the bad guys are hiding in plain sight, you know? >>Yeah, yeah. Well it's, it's not hard to do now with a lot of those legacy tools. So >>I think, I think for me, you know, the stat that we threw out earlier, I think yesterday at our keynote analysis was, you know, the ETR data shows that are, that are that last survey around 35% of the respondents said we are actively consolidating, sorry, 44%, sorry, 35 says we're actively consolidating vendors, redundant vendors today. That number's up to 44%. Yeah. It's by far the number one cost optimization technique. That's what these guys are pitching. And I think it's gonna resonate with people and, and I think to your point, they're integrating at the backend, their beeps are technical, right? I mean, they can deal with that complexity. Yeah. And so they don't need eye candy. Eventually they, they, they want to have that cuz it'll allow 'em to have deeper market penetration and make people more productive. But you know, that consolidation message came through loud and clear. >>Yeah. The big change in this industry too is all the new startups are all cloud native, right? They're all built on Amazon or Google or whatever. Yeah. And when your cloud native and you buy a cloud native integration is fast. It's not like having to integrate this big monolithic software stack anymore. Right. So I I think their pace of integration will only accelerate from here because everything's now cloud native. >>If a customer comes to you or when a customer comes to you and says, Zs help us with this cyber transformation we have, our board isn't necessarily with our executives in terms of execution of a security strategy. How do you advise them where Palo Alto is concerned? >>Yeah. You know, a lot, a lot of this is just fighting legacy mindset. And I've, I was talking with some CISOs here from state and local governments and things and they're, you know, they can't get more budget. They're fighting the tide. But what they did find is through the use of automation technology, they're able to bring their people costs way down. Right. And then be able to use that budget to invest in a lot of new projects. And so with that, you, you have to start with your biggest pain points, apply automation where you can, and then be able to use that budget to reinvest back in your security strategy. And it's good for the IT pros too, the security pros, my advice to, to it pros is if you're doing things today that aren't resume building, stop doing them. Right? Find a way to automate the money your job. And so if you're patching systems and you're looking through log files, there's no reason machines can't do that. And you go do something a lot more interesting. >>So true. It's like storage guys 10 years ago, provisioning loans. Yes. It's like, stop doing that. Yeah. You're gonna be outta a job. And so who, last question I have is, is who do you see as the big competitors, the horses on the track question, right? So obviously Cisco kind of service has led for a while and you know, big portfolio company, CrowdStrike coming at it from end point. You know who, who, who do you see as the real players going for that? You know, right now the market's three to 4%. The leader has three, three 4% of the market. You know who they're all going for? 10, 15, maybe 20% of the market. Who, who are the likely candidates? Yeah, >>I don't know if CrowdStrike really has the breadth of portfolio to compete long term though. I I think they've had a nice run, but I, we might start to see the follow 'em. I think Microsoft is gonna be for middle. They've laid down the gauntlet, right? They are a security vendor, right? We, we were at Reinvent and a AWS is the platform for security vendors. Yes. Middle, somewhere in the middle. But Microsoft make no mistake, they're in security. They've got some good products. I think a lot of 'em are kind of good enough and they, they tie it to the licensing and I'm not sure that works in security, but they've certainly got the ear of a lot of it pros. >>It might work in smb. >>Yeah. Yeah. It, it might. And, and I do like Zscaler. I, I know these guys poo poo the proxy model, but they've, they've done about as much with proxies as you can. And I, I think it's, it's a battle of, I love the, the, the near, you know, proxies are dead and Jay's model, you know, Jay over at c skater throw 'em back at 'em. So I, it's good to see that kind of fight going on between the two. >>Oh, it's great. Well, and, and again, ZScaler's coming at it from their cloud security angle. CrowdStrike's coming at it from endpoint. I, I do think CrowdStrike has an opportunity to build out the portfolio through m and a and maybe ecosystem. And then obviously, you know, Palo Alto's getting it done. How about Cisco? >>Yeah. Cisco's interesting. And I, I think if Cisco can make the network matter in security and it should, right? We're talking about how a lot of you need a lot of forensics to fight security today. Well, they're gonna see things long before anybody else because they have all that network data. If they can tie network security, I, I mean they could really have that business take off. But we've been saying that about Cisco for 20 years. >>But big install based though. Yeah. It's hard for a company, any company to just say, okay, hey Cisco customer sweep the floor and come with us. That's, that's >>A tough thing. They have a lot of good peace parts, right? And like duo's a good product and umbrella's a good product. They've, they've not done a good job. >>They're the opposite of these guys. >>They've not done a good job of the backend integration that, that's where Cisco needs to, to focus. And I do think g G two Patel there fixed the WebEx group and I think he's now, in fact when you talk to him, he's doing very little on WebEx that that group's running itself and he's more focused in security. So I, I think we could see a resurgence there. But you know, they have a, from a revenue perspective, it's a little misleading cuz they have this big legacy base that's in decline while they're moving to cloud and stuff. So, but they, but they, there's a lot of work there're trying to, to tie to network. >>Right. Lots of fuel for conversation. We're gonna have to carry this on, on Silicon angle.com guys. Yes. And Wikibon, lets do see us. Thank you so much for joining Dave and me giving us your insights as to this event. Where are you gonna be next? Are you gonna be on vacation? >>There's nothing more fun than mean on the cube, so, right. What's outside of that though? Yeah, you know, Christmas coming up, I gotta go see family and do the obligatory, although for me that's a lot of travel, so I guess >>More planes. Yeah. >>Hopefully not in Vegas. >>Not in Vegas. >>Awesome. Nothing against Vegas. Yeah, no, >>We love it. We >>Love it. Although I will say my year started off with ces. Yeah. And it's finishing up with Palo Alto here. The bookends. Yeah, exactly. In Vegas bookends. >>Well thanks so much for joining us. Thank you Dave. Always a pleasure to host a show with you and hear your insights. Reading your breaking analysis always kicks off my prep for show and it's always great to see, but predictions come true. So thank you for being my co-host bet. All right. For Dave Valante Enz as Carla, I'm Lisa Martin. You've been watching The Cube, the leader in live, emerging and enterprise tech coverage. Thanks for watching.

>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Welcome back everyone. We're so glad that you're still with us. It's the Cube Live at the MGM Grand. This is our second day of coverage of Palo Alto Networks Ignite. This is takeaways from Ignite 22. Lisa Martin here with two really smart guys, Dave Valante. Dave, we're joined by one of our cube alumni, a friend, a friend of the, we say friend of the Cube. >>Yeah, F otc. A friend of the Cube >>Karala joins us. Guys, it's great to have you here. It's been an exciting show. A lot of cybersecurity is one of my favorite topics to talk about. But I'd love to get some of the big takeaways from both of you. Dave, we'll start with >>You. A breathing room from two weeks ago. Yeah, that was, that was really pleasant. You know, I mean, I know was, yes, you sat in the analyst program, interested in what your takeaways were from there. But, you know, coming into this, we wrote a piece, Palo Alto's Gold Standard, what they need to do to, to keep that, that status. And we hear it a lot about consolidation. That's their big theme now, which is timely, right? Cause people wanna save money, they wanna do more with less. But I'm really interested in hearing zeus's thoughts on how that's playing in the market. How customers, how easy is it to just say, oh, hey, I'm gonna consolidate. I wanna get into that a little bit with you, how well the strategy's working. We're gonna get into some of the m and a activity and really bring your perspectives to the table. Well, >>It's, it's not easy. I mean, people have been calling for the consolidation of security for decades, and it's, it's, they're the first company that's actually made it happen. Right? And, and I think this is what we're seeing here is the culmination of this long-term strategy, this company trying to build more of a platform. And they, you know, they, they came out as a firewall vendor. And I think it's safe to say they're more than firewall today. That's only about two thirds of their revenue now. So down from 80% a few years ago. And when I think of what Palo Alto has become, they're really a data company. Now, if you look at, you know, unit 42 in Cortex, the, the, the Cortex Data Lake, they've done an excellent job of taking telemetry from their products and from the acquisitions they have, right? And bringing that together into one big data lake. >>And then they're able to use that to, to do faster threat notification, forensics, things like that. And so I think the old model of security of create signatures for known threats, it's safe to say it never really worked and it wasn't ever gonna work. You had too many days, zero exploits and things. The only way to fight security today is with a AI and ML based analytics. And they have, they're the gold standard. I think the one thing about your post that I would add, they're the gold standard from a data standpoint. And that's given them this competitive advantage to go out and become a platform for security. Which, like I said, the people have tried to do that for years. And the first one that's actually done it, well, >>We've heard this from some of the startups, like Lacework will say, oh, we treat security as a data problem. Of course there's a startup, Palo Alto's got, you know, whatever, 10, 15 years of, of, of history. But one of the things I wanted to explore with you coming into this was the notion of can you be best of breed and develop a suite? And we, we've been hearing a consistent answer to that question, which is, and, and do you need to, and the answer is, well, best of breed in security requires that full spectrum, that full view. So here's my question to you. So, okay, let's take Estee win relatively new for these guys, right? Yeah. Okay. And >>And one of the few products are not top two, top three in, right? >>Exactly. Yeah. So that's why I want to take that. Yeah. Because in bakeoffs, they're gonna lose on a head-to-head best of breed. And so the customer's gonna say, Hey, you know, I love your, your consolidation play, your esty win's. Just, okay, how about a little discount on that? And you know, these guys are premium priced. Yes. So, you know, are they in essentially through their pricing strategies, sort of creating that stuff, fighting that, is that friction for them where they've got, you know, the customer says, all right, well forget it, we're gonna go stove pipe with the SD WAN will consolidate some of the stuff. Are you seeing that? >>Yeah, I, I, I still think the sales model is that way. And I think that's something they need to work on changing. If they get into a situation where they have to get down into a feature battle of my SD WAN versus your SD wan, my firewall versus your firewall, frankly they've already lost, you know, because their value prop is the suite and, and is the platform. And I was talking with the CISO here that told me, he realizes now that you don't need best of breed everywhere to have best in class threat protection. In fact, best of breed everywhere leads to suboptimal threat protection. Cuz you have all these data data sets that are in silos, right? And so from a data scientist standpoint, right, there's the good data leads to good insights. Well, partial data leads to fragmented insights and that's, that's what the best, best of breed approach gives you. And so I was talking with Palo about this, can they have this vision of being best of breed and platform? I don't really think you can maintain best of breed everywhere across this portfolio this big, but you don't need to. >>That was my second point of my question. That's the point I'm saying. Yeah. And so, cuz cuz because you know, we've talked about this, that that sweets always win in the long run, >>Sweets win. >>Yeah. But here's the thing, I, I wonder to your your point about, you know, the customer, you know, understanding that that that, that this resonates with them. I, my guess is a lot of customers, you know, at that mid-level and the fat middle are like still sort of wed, you know, hugging that, that tool. So there's, there's work to be done here, but I think they, they, they got it right Because if they devolve, to your point, if they devolve down to that speeds and feeds, eh, what's the point of that? Where's their >>Valuable? You do not wanna get into a knife fight. And I, and I, and I think for them the, a big challenge now is convincing customers that the suite, the suite approach does work. And they have to be able to do that in actual customer examples. And so, you know, I I interviewed a bunch of customers here and the ones that have bought into XDR and xor and even are looking at their sim have told me that the, the, so think of soc operations, the old way heavily manually oriented, right? You have multiple panes of glass and you know, and then you've got, so there's a lot of people work before you bring the tools in, right? If done correctly with AI and ml, the machines would do all the heavy lifting and then you'd bring people in at the end to clean up the little bits that were missed, right? >>And so you, you moved to, from something that was very people heavy to something that's machine heavy and machines can work a lot faster than people. And the, and so the ones that I've talked that have, that have done that have said, look, our engineers have moved on to a lot different things. They're doing penetration testing, they're, you know, helping us with, with strategy and they're not fighting that, that daily fight of looking through log files. And the only proof point you need, Dave, is look at every big breach that we've had over the last five years. There's some SIM vendor up there that says, we caught it. Yeah. >>Yeah. We we had the data. >>Yeah. But, but, but the security team missed it. Well they missed it because you're, nobody can look at that much data manually. And so the, I I think their approach of relying heavily on machines to fight the fight is actually the right way. >>Is that a differentiator for them versus, we were talking before we went live that you and I first hit our very first segment back in 2017 at Fort Net. Is that, where do the two stand in your >>Yeah, it's funny cuz if you talk to the two vendors, they don't really see each other in a lot of accounts because Fort Net's more small market mid-market. It's the same strategy to some degree where Fort Net relies heavily on in-house development in Palo Alto relies heavily on acquisition. Yeah. And so I think from a consistently feature set, you know, Fort Net has an advantage there because it, it's all run off their, their their silicon. Where, where Palo's able to innovate very quickly. The, it it requires a lot of work right? To, to bring the front end and back ends together. But they're serving different markets. So >>Do you see that as a differentiator? The integration strategy that Palo Alto has as a differentiator? We talk to so many companies who have an a strong m and a strategy and, and execution arm. But the challenge is always integrating the technology so that the customer to, you know, ultimately it's the customer. >>I actually think they're, they're underrated as a, an acquirer. In fact, Dave wrote a post to a prior on Silicon Angle prior to Accelerate and he, he on, you put it on Twitter and you asked people to rank 'em as an acquirer and they were in the middle of the pack, >>Right? It was, it was. So it was Oracle, VMware, emc, ibm, Cisco, ServiceNow, and Palo Alto. Yeah. Or Oracle got very high marks. It was like 8.5 out of, you know, 10. Yeah. VMware I think was 6.5. Naira was high emc, big range. IBM five to seven. Cisco was three to eight. Yeah. Yeah, right. ServiceNow was a seven. And then, yeah, Palo Alto was like a five. And I, which I think it was unfair. Well, >>And I think it depends on how you look at it. And I, so I think a lot of the acquisitions Palo Alto's made, they've done a good job of integrating the backend data and they've almost ignored the front end. And so when you buy some of the products, it's a little clunky today. You know, if you work with Prisma Cloud, it could be a little bit cleaner. And even with, you know, the SD wan that took 'em a long time to bring CloudGenix in and stuff. But I think the approach is right. I don't, I don't necessarily believe you should integrate the front end until you've integrated the back end. >>That's >>The hard part, right? Because UL ultimately what you're gonna get, you're gonna get two panes of glass and one pane of glass and it might look pretty and all mush together, but ultimately you're not solving the bigger problem, right. Of, of being able to create that big data lake to, to fight security. And so I think, you know, the approach they've taken is the right one. I think from a user standpoint, maybe it doesn't show up as neatly because you don't see the frontend integration, but the way they're doing it is the right way to do it. And I'm glad they're doing it that way versus caving to the pressures of what, you know, the industry might want or >>Showed up in the performance of the company. I mean, this company was basically gonna double revenues to 7 billion from 2020 to >>2023. Think about that at that. That makes, >>I mean that's unbelievable, right? I mean, and then and they wanna double again. Yeah. You know, so, well >>What did, what did Nikesh was quoted as saying they wanna be the first cyber company that's a hundred billion dollars. He didn't give a timeline market >>Cap. Right. >>Market cap, right. Do what I wanna get both of your opinions on what you saw and heard and felt this week. What do you think the likelihood is? And and do you have any projections on how, you know, how many years it's gonna take for them to get there? >>Well, >>Well I think so if they're gonna get that big, right? And, and we were talking about this pre-show, any company that's becoming a big company does it through ecosystem >>Bingo >>Go, right? And that when you look around the show floor, it's not that impressive. No. And if that, if there's an area they need to focus on, it's building that ecosystem. And it's not with other security vendors, it's with application vendors and it's with the cloud companies and stuff. And they've got some relationships there, but they need to do more. I actually challenge 'em on that. One of the analyst sessions. They said, look, we've got 800 cortex partners. Well where are they? Right? Why isn't there a cortex stand here with a bunch of the small companies here? So I do think that that is an area they need to focus on. If they are gonna get to that, that market caps number, they will do so do so through ecosystem. Because every company that's achieved that has done it through ecosystem. >>A hundred percent agree. And you know, if you look at CrowdStrike's ecosystem, it's, I mean, pretty similar. Yeah. You know, it doesn't really, you know, make much, much, not much different from this, but I went back and just looked at some, you know, peak valuations during the pandemic and shortly thereafter CrowdStrike was 70 billion. You know, that's what their roughly their peak Palo Alto was 56, fortune was 59 for the actually diverged. Right. And now Palo Alto has taken the, the top mantle, you know, today it's market cap's 52. So it's held 93% of its peak value. Everybody else is tanking. Even Okta was 45 billion. It's been crushed as you well know. But, so Palo Alto wasn't always, you know, the number one in terms of market cap. But I guess my point is, look, if CrowdStrike could got to 70 billion during Yeah. During the frenzy, I think it's gonna take, to answer your question, I think it's gonna be five years. Okay. Before they get back there. I think this market's gonna be tough for a while from a valuation standpoint. I think generally tech is gonna kind of go up and down and sideways for a good year and a half, maybe even two years could be even longer. And then I think there's gonna be some next wave of productivity innovation that that hits. And then you're gonna, you're almost always gonna exceed the previous highs. It's gonna take a while. Yeah. >>Yeah, yeah. But I think their ability to disrupt the SIM market actually is something that I, I believe they're gonna do. I've been calling for the death of the sim for a long time and I know some people of Palo Alto are very cautious about saying that cuz the Splunks and the, you know, they're, they're their partners. But I, I think the, you know, it's what I said before, the, the tools are catching them, but they're, it's not in a way that's useful for the IT pro and, but I, I don't think the SIM vendors have that ecosystem of insight across network cloud endpoint. Right. Which is what you need in order to make a sim useful. >>CISO at an ETR round table said, if, if it weren't for my regulators, I would chuck my sim. >>Yes. >>But that's the only reason that, that this person was keeping it. No. >>Yeah. And I think the, the fact that most of those companies have moved to a perpetual MO or a a recurring revenue model actually helps unseat them. Typically when you pour a bunch of money into something, you remember the old computer associate says nobody ever took it out cuz the sunk dollars you spent to do it. But now that you're paying an annual recurring fee, it's actually makes it easier to take out. So >>Yeah, it's just an ebb and flow, right? Yeah. Because the maintenance costs were, you know, relatively low. Maybe it was 20% of the total. And then, you know, once every five years you had to do a refresh and you were still locked into the sort of maintenance and, and so yeah, I think you're right. The switching costs with sas, you know, in theory anyway, should be less >>Yeah. As long as you can migrate the data over. And I think they've got a pretty good handle on that. So, >>Yeah. So guys, I wanna get your perspective as a whole bunch of announcements here. We've only been here for a couple days, not a big conference as, as you can see from behind us. What Zs in your opinion was Palo Alto's main message and and what do you think about it main message at this event? And then same question for you. >>Yeah, I, I think their message largely wrapped around disruption, right? And, and they, and The's keynote already talked about that, right? And where they disrupted the firewall market by creating a NextGen firewall. In fact, if you look at all the new services they added to their firewall, you, you could almost say it's a NextGen NextGen firewall. But, but I do think the, the work they've done in the area of cloud and cortex actually I think is, is pretty impressive. And I think that's the, the SOC is ripe for disruption because it's for, for the most part, most socks still, you know, run off legacy playbooks. They run off legacy, you know, forensic models and things and they don't work. It's why we have so many breaches today. The, the dirty little secret that nobody ever wants to talk about is the bad guys are using machine learning, right? And so if you're using a signature based model, all they gotta do is tweak their model a little bit and it becomes, it bypasses them. So I, I think the only way to fight the the bad guys today is with you're gonna fight fire with fire. And I think that's, that's the path they've, they've headed >>Down. Yeah. The bad guys are hiding in plain sight, you know? Yeah, >>Yeah. Well it's, it's not hard to do now with a lot of those legacy tools. So >>I think, I think for me, you know, the stat that we threw out earlier, I think yesterday at our keynote analysis was, you know, the ETR data shows that are, that are that last survey around 35% of the respondents said we are actively consolidating, sorry, 44%, sorry, 35 says who are actively consolidating vendors, redundant vendors today that number's up to 44%. Yeah. It's by far the number one cost optimization technique. That's what these guys are pitching. And I think it's gonna resonate with people and, and I think to your point, they're integrating at the backend, their beeps are technical, right? I mean, they can deal with that complexity. Yeah. And so they don't need eye candy. Eventually they, they, they want to have that cuz it'll allow 'em to have deeper market penetration and make people more productive. But you know, that consolidation message came through loud and clear. >>Yeah. The big change in this industry too is all the new startups are all cloud native, right? They're all built on Amazon or Google or whatever. Yeah. And when your cloud native and you buy a cloud native integration is fast. It's not like having to integrate this big monolithic software stack anymore. Right. So I, I think their pace of integration will only accelerate from here because everything's now cloud native. >>If a customer comes to you or when a customer comes to you and says, Zs help us with this cyber transformation we have, our board isn't necessarily aligned with our executives in terms of execution of a security strategy. How do you advise them where Palo Alto is concerned? >>Yeah. You know, a lot, a lot of this is just fighting legacy mindset. And I've, I was talking with some CISOs here from state and local governments and things and they're, you know, they can't get more budget. They're fighting the tide. But what they did find is through the use of automation technology, they're able to bring their people costs way down. Right. And then be able to use that budget to invest in a lot of new projects. And so with that, you, you have to start with your biggest pain points, apply automation where you can, and then be able to use that budget to reinvest back in your security strategy. And it's good for the IT pros too, the security pros, my advice to the IT pros is, is if you're doing things today that aren't resume building, stop doing them. Right. Find a way to automate the money your job. And so if you're patching systems and you're looking through log files, there's no reason machines can't do that. And you go do something a lot more interesting. >>So true. It's like storage guys 10 years ago, provisioning loans. Yes. It's like, stop doing that. Yeah. You're gonna be outta a job. So who, last question I have is, is who do you see as the big competitors, the horses on the track question, right? So obviously Cisco kind of service has led for a while and you know, big portfolio company, CrowdStrike coming at it from end point. You know who, who, who do you see as the real players going for that? You know, right now the market's three to 4%. The leader has three, three 4% of the market. You know who they're all going for? 10, 15, maybe 20% of the market. Who, who are the likely candidates? Yeah, >>I don't know if CrowdStrike really has the breadth of portfolio to compete long term though. I I think they've had a nice run, but I, we might start to see the follow 'em. I think Microsoft is gonna be for middle. They've laid down the gauntlet, right? They are a security vendor, right? We, we were at Reinvent and a AWS is the platform for security vendors. Yes. Middle, somewhere in the middle. But Microsoft make no mistake, they're in security. They've got some good products. I think a lot of 'em are kind of good enough and they, they tie it to the licensing and I'm not sure that works in security, but they've certainly got the ear of a lot of it pros. >>It might work in smb. >>Yeah, yeah. It, it might. And, and I do like Zscaler. I, I know these guys poo poo the proxy model, but they've, they've done about as much with prox as you can. And I, I think it's, it's a battle of, I love the, the, the near, you know, proxies are dead and Jay's model, you know, Jay over at csca, throw 'em back at 'em. So I, it's good to see that kind of fight going on between the >>Two. Oh, it's great. Well, and, and again, ZScaler's coming at it from their cloud security angle. CrowdStrike's coming at it from endpoint. I, I do think CrowdStrike has an opportunity to build out the portfolio through m and a and maybe ecosystem. And then obviously, you know, Palo Alto's getting it done. How about Cisco? >>Yeah, Cisco's interesting. And I I think if Cisco can make the network matter in security and it should, right? We're talking about how a lot of you need a lot of forensics to fight security today. Well, they're gonna see things long before anybody else because they have all that network data. If they can tie network security, I, I mean they could really have that business take off. But we've been saying that about Cisco for 20 years. >>But big install based though. Yeah. It's hard for a company, any company to say, okay, hey Cisco customer sweep the floor and come with us. That's, that's >>A tough thing. They have a lot of good peace parts, right? And like duo's a good product and umbrella's a good product. They've, they've not done a good job. >>They're the opposite of these guys. >>They've not done a good job of the backend integration and that, that's where Cisco needs to, to focus. And I do think g G two Patel there fixed the WebEx group and I think he's now, in fact when you talk to him, he's doing very little on WebEx that that group's running itself and he's more focused in security. So I, I think we could see a resurgence there. But you know, they have a, from a revenue perspective, it's a little misleading cuz they have this big legacy base that's in decline while they're moving to cloud and stuff. So, but they, but they, there's a lot of Rick there trying to, to tie to network. >>Lots of fuel for conversation. We're gonna have to carry this on, on Silicon angle.com guys. Yes. And Wi KeePon. Lets do see us. Thank you so much for joining Dave and me giving us your insights as to this event. Where are gonna be next? Are you gonna be on >>Vacation? There's nothing more fun than mean on the cube. So what's outside of that though? Yeah, you know, Christmas coming up, I gotta go see family and be the obligatory, although for me that's a lot of travel, so I guess >>More planes. Yeah. >>Hopefully not in Vegas. >>Not in Vegas. >>Awesome. Nothing against Vegas. Yeah, no, >>We love it. We love >>It. Although I will say my year started off with ces. Yeah. And it's finishing up with Palo Alto here. The bookends. Yeah, exactly. In Vegas bookends. >>Well thanks so much for joining us. Thank you Dave. Always a pleasure to host a show with you and hear your insights. Reading your breaking analysis always kicks off my prep for show. And it, it's always great to see, but predictions come true. So thank you for being my co-host bet. All right. For Dave Valante Enz as Carla, I'm Lisa Martin. You've been watching The Cube, the leader in live, emerging and enterprise tech coverage. Thanks for watching.

>> Narrator: theCUBE presents Ignite 22. Brought to you by Palo Alto Networks. >> Hey, welcome back to Las Vegas. Lisa Martin here with Dave Vellante. This is day two of theCUBE's coverage of Palo Alto Ignite 2022. Dave we're just talking about how many times we're in Vegas. And we were here two weeks ago with our guest who's back in Alumni. And it's a blur, right? >> It's true, I lost count. Luckily I'm not flying red eye tonight. So that's good. >> I'm impressed. >> Excited about that. >> Yeah >> I'm actually going to enjoy the, nightlife here for a period of time. And, you know, we were at re-Invent. >> Yeah. >> And what a difference. This is nice and relaxed. You have time. You're not getting bumped in the hallway. >> Right. >> A lot of time for learning. So it's been great show. >> It's been great. And one of the things that we've been talking about is the supply chain. Securing the modern software supply chain is really complicated. We've got an Alumni back with us, to talk about what Palo Alto is doing in that respect. Ankur Shah joins us. The SVP and GM of Cloud Security at Palo Alto Networks. Welcome back. >> Yeah, happy to be back. Good to see you again. Dave and Lisa. >> It's been two long weeks. >> Ankur: I know. It's been two weeks, yeah >> Dave: It's kind of crazy. I mean, ReInvent really was a blur. And it's like you had everything coming at you. And there was obviously a big chunk of security, but you. It was just so much to absorb. >> Yeah. >> Right? >> Yeah, and I couldn't get into any of the sessions versus at Ignite. I mean, you could, you could learn a lot. To your point Dave. And 70,000 people versus 3000 in change. Big difference. >> Dave: Yeah. >> Lisa: Huge difference. >> Yeah. >> Lisa: Huge difference. So we touched on the Cider acquisition. >> Ankur: Yeah. >> Which was announced the intent to acquire last month. Let's dig into a little bit more of that, and then some of the great things that had been announced. >> Ankur: Yeah. >> In the last couple of days. >> Oh, absolutely. So, this is something that we have been marinating for last nine months. Thinking about how best to secure supply chain. And this is software supply chain. The modern application software is fairly complex. You know, back in the days when I was a developer, it was a simple three tier application. Ship the code once a year, et cetera. But now with microservices, new architectures, Kubernetes Public Cloud, we talked about this. It's getting super complicated, and the customers are really worried about securing their entire supply chain. Which is nothing but the software pipeline. And so we started looking at a whole bunch of companies and Cider really stood out. I mean, they had, they were the innovators in this space. Very early days, we've seen supply chain attack. But there hasn't been a really good and strong solution in that space. And Cider just delivered that incredible team. Great technology, super excited about what that integration will look like. in the coming quarters. >> What do we need to know about them? I mean, I'll be honest with you, I wasn't familiar with Cider until I saw you guys made the announcement of the intent to acquire them. What, what should we know about them? Why Cider? What was it that attracted you to them? >> Ankur: Yeah, so, you know, we have a history of technology acquisitions as you know, over the last four years, just in the public cloud. We acquire over half a a dozen companies, small and large. And typically we are always looking for companies who have the next gen technology available. Technology that is more in tune with how application software is going to look like in future. So we're not always going after companies that are making you know, tens of hundreds of millions of dollars in a year and all. We're looking for the right tech. The future. And that's what we found in Cider. Like they have a really strong application security background. And AppSec just broadly speaking, supply chain is part of it. But application security, just broadly speaking, is right for disruption. You've got a lot of vendors, who have been around for like last two decades. Old school stuff, lots and lots of false positives. So we've been bolstering, beefing up our portfolio in the application security space. And Cider really fits right nicely into it. Because it can like I said, secure a lot of technology and tooling, that software developers use as part of their software supply chain. So, great founding team, great technology. It was a perfect fit. >> Talk about integration. We spoke with Nikesh yesterday, with Nir, with a whole bunch of folks. Lee this morning. BJ yesterday as well. And one of the things that seems to stick out at me. With all the shows that we do, is the focus that Palo Alto has on ensuring that it's making the right acquisitions. But that it's the integration, is really seems to be like leading part of the strategy. That seems to be a little bit of a differentiator to me. >> Yeah, it absolutely is. There are two ways to integrate a technology into an existing platform. And Prisma Cloud is a platform as you know. Code-to-cloud, CNAPP platform as we call it. One is just kind of slotted in, put the whole thing in a box. And that's basically making one plus one equal to two. We're looking for high leverage in integrations, whereby once that integration comes along. It makes the rest of the platform even better and superior. It makes that technology look even better. So that's why there's a lot of focus on ensuring that we're delivering the right type of integration, that delivers instant customer value. And that makes the overall platform even superior. So customers don't feel like hey, like there's just one more add-on, on top of the other thing. >> Lisa: Right, not a bolt on. >> So that's why there's a lot of focus on that. Getting the strategy nailed. Because the founding teams generally have a preconceived notion about how the world looks like. Then they understand how Prisma cloud and Palo Alto Networks think about it. And then, we sort of merge the two ideas, and build something that's incredible. So I am, we're spending a lot of time in integration. That honeymoon phase of like, let's high five acquisitions done, that's over. Now it's the grinding work of actually getting this right. And you know, getting hundreds and thousands of customers. >> Well I like how you don't have the private equity mentality. It's not about EBITDA and cashflow. We'll take care of that. >> Ankur: Yeah. >> You know, it's about getting that integration. Getting that flywheel effect, inside the platform. You know, we said one plus one equals, maybe even more than two. Can you explain Prisma Cloud Secrets Security? What is that all about? What do we need to know about that? >> Ankur: Absolutely. So, the developers, you know generally store some stuff in the code repo for their automation work to build application. And that thing, the API keys or as Secrets are stored in code repo. It shouldn't be. Or even if they are, they should be encrypted, or locked down and things of that nature. But, you know, the need for speed trumps everything else. Developers want to go fast. And sometimes they're like, okay well. I guess my application needs this particular, you know API access token or secret. I'm just going to stick it in the code. Now the challenge with that is that, if somebody gets hold of your code repo. Now not only is your code repo, which has all your sensitive data. Your code is the life and blood of a technology company. That's in trouble. But also those secrets and API access keys can be used to log into your cloud accounts. And there you may have sensitive customer data. Everything that you have as a technology company stored in that public cloud accounts. So that's the worry. It's usually the initial access for the kill chain. Because that's where the attacks start. Let me get the secret, let me get the API access key. And let me see what I can do in public cloud. So we are now giving customers the visibility into where the secrets are stored. More importantly, it just right there on developer's face. In the code repo as they're checking in the code. They say why, hey, there's a secret here. Are you sure you want to, you want to keep it like this, no? Okay, well then you can either encrypt it, or just get rid of it. So we're making, we're bringing security where the developers are in their code repo, et cetera. >> So I can see a lot of developers saying, yeah, go ahead, encrypt it. So I don't have to do anything else, you know, extra. It's almost, the analogy is a very small you know, version of this. Its like, use a password manager. You store all your passwords in your contacts on your phone, right? I mean, somebody gets a hold of your contacts, you're screwed. >> Ankur: That's exactly right. >> And so, but I could still see a lot of developers say, check in the box. Say, yeah just encrypt it, leave it there. But you're saying best practice is to not to do that, right? >> Yeah, usually you're not supposed to, you know, store all your secrets, et cetera in code repo to begin with. But if you do, you know, you use a key wall like technology to really encrypt it and store it in a secret manner, yeah. >> Dave: There's an old saying, bad user behavior trump's great security every time. >> Ankur: Every time. >> But this is an example where, we know you're going to have bad behavior. So we're going to protect the bad behavior. >> Yeah, and actually, sorry Lisa, just to that point. The bad user behavior trumps good security. The classic example, this happened three weeks ago. Three, four weeks ago, where Dropbox, one of the file sharing companies there. 120 plus code repos were exposed. And the way their attack started, was a simple social engineering attack. Bad user behavior. There was an email, hey, like your passwords are updated for your, you know, this code plugin. Can you enter the password? And boom, now you have access to the code repo. And now if you have secrets inside of it, now, you know all bets are off. >> Are there hard-coded secrets versus like, I mean, like I think like, like you were saying, Dave. Like usernames and passwords and tokens, versus like soft coded secrets. >> Ankur: It's, I think it, this is more so two forms of it, you know. The most primary one is what we call the API access keys. And this keys are used to access cloud accounts, workloads and things of that nature. But there are actually secret secrets. Could be database login passwords, et cetera. The application is using it to spin up databases. Now, you know, you have access to the data stores. Any other application, there's a login password, all of that stuff. So it's less about the user password, but more the application and databases and things of that nature. >> Dave: So again, and, again, everybody should be using password managers. But when you use a password manager, it's going to give you a long list of passwords, that are either been compromised or are weak. And you just go uh, okay. So can you help? How do you help customers identify what the high risk? You know, API, you know, access are versus those ones that they may not have to worry about. >> Ankur: Yeah, look. You know, secrets aside. Risk prioritization is one of the biggest topics that our customers have across the board, in cloud security. All the security vendors are really, really good at one thing, generating alerts. Everybody does it. They generate an alert. You know, your ring camera, if you've got one. I mean this pop up every day, like every minute rather. Well like can you prioritize it for me? What should I really look at it? So that's a number one thing. What Prisma Cloud does is, you know, contextualize it. What the real risk is? They can tell you like, hey, here's the kill chain. If this thing, you know, goes to public internet. These are the potential exposures that you have. So we provide a prioritized risk of critical alerts that customers have to take care of before they can start taking care of more hygiene type of stuff, right? So that's how we do it. Like we leverage a lot of technology. We apply a lot of context. We tell you like, hey, this code repo is not protected by multifactor authentication. And then there's a secret inside. Are you sure, you know, you don't want to fix it? So that's what we do. But it's a great question. Top of mind for all our customers. And that's how we think about it across the board. Versus generating just alerts all the time. >> Dave: Is the strategy, Because we all know phishing is the sort of most, you know obvious way to. It's the top way in which people get hacked. >> Ankur: Yeah. >> Is your strategy essentially to say. Okay we know that's going to happen, so we're going to try to protect it at the back end. How much of the, maybe it's an industry question. more so than just a Palo Alto specifically, How much emphasis is do you think the industry is taking or should be taking on stopping that, you know that those phishing attacks? Because if that's the number one problem you know, maybe that's where we should be starting. >> Yeah, it's a great question. It's typically the initial vector, for a lot of attacks to your point. But there is one thing that technology and AI cannot solve. Which is the user behavior, to your point. Like we can't get into the heads of the user. I mean, you can train them, you can do everything. You can't prevent somebody from clicking a button. Of course there's technology out there for email security that does that. But your point is, right, it's going to happen. Now what do you do? How do you protect your applications, your crown jewel? You know, whether it's in the cloud or it's in the code repo. So a lot of what we are trying to do in code security, or cloud security, or in general at Palo Alto Networks. is to protect those crown jewel. Because we can't prevent somebody from doing something. User behavior is hard to change. >> Dave: So it's almost like, okay, you left your front door open. Somebody's going to walk in, but oh, they walk into a vault. And they don't know where to go. And there's nowhere they can- >> Ankur: Yeah. >> You know, nothing they can take. They can't get to the silverware or the jewelry. >> I think that's it, yeah. >> What are some of the things, like as we look at, we're wrapping up calendar year '22 heading into '23. That customers can look to Palo Alto Networks to help them achieve? One of the things that we talked about with Nikesh and Niri yesterday, is consolidation. Like, and you guys just did a recent, survey. >> Ankur: Yeah. >> About the state of Cyber, and organizations on average have 366 apps in their environment. 31 security tools, 30 to 50 security tools. >> Ankur: Yeah. >> Consolidation is really key there. What are some of the things that you are excited about to deliver to customers where consolidation is concerned? >> Ankur: Yeah. >> Where software supply chain security is concerned in the next year? >> Yeah, absolutely. Look, there are over 3000 security vendors. And this can be, I mean you talked about average customer having 300. I was talking to a CSO, this was last year for one of the largest financial institution I go, "How many security tools do you have?" He got 120. I said, why? He goes, we have a no vendor left behind policy. >> Wow. >> It's crazy. >> Dave: What? >> Obviously he was joking, but it's crazy, right? Like that's how the CSO's are. >> Dave: I mean, he was kidding. >> Yeah. >> Dave: But recognized that. Wow. >> Yeah, and, this is the state the security industry is in. And our mission has been, and Lee and Nikesh and Niri talked about it. Is just platforms, will platforms take moonshots, things long term. And especially the, macro headwinds that we're seeing. We're hearing more and more from the customers that, look we're not going to buy point product. Then we got to buy another product that stitches it all together. We need platforms, whether it's for zero trust, Prisma SaaS, whether it's cloud. Prisma cloud or for your sock transformation. You know XIM and Cortex line of products. So I think you're going to see more and more of that in 2023. I'm confident in that. >> We heard from Lee today, the world record's 400. >> Yes. >> Yeah. >> That's crazy. >> He's going for it. He's got a ways to go. 120 He's got to... >> Maybe he wasn't, that guy wasn't kidding about his no vendor left behind policy. (laughing) Do you have Ankur, a favorite customer story that really articulates the value of what Palo Alto delivers and continues to. You know, 'cause one of the things that Nikesh said in his keynote was that you know, security's a data problem. Well every company these days, in every industry has to be a data company. But really what they need to be able to be is a secured data company. >> Ankur: Yeah. >> How are you guys enabling that? >> Oh, absolutely. Look, many customer examples come to mind, but speaking of data. You know, one of, some of our largest customers who are protecting their PCI workers where they have sensitive data. They're using for example, Prisma Cloud, to ensure that malicious attacks don't happen. And those workloads are used for credit card processing. They're processing tens of thousands of credit card transactions a second. And make sure that nobody gets hold of that. And that's why they have to make sure that nobody is. No attacker is trying to get hold of the sensitive data, to your point, So we have customers across financial services, media and entertainment technology company. Where we are helping them go as fast as possible in public cloud. Go through digital transformation, by securing their applications. >> Dave: What's the T-shirt say? I see code. >> Oh yeah. >> Dave: Secure from Code to Cloud. >> Lisa: Shift Happens. >> Shift Happens, Secrets from Code to Cloud. >> I love that. I was looking at that, going back to that, what's next in cyber survey? >> Ankur: Yeah. >> It said 74% of respondents, and I believe there was 1300 CIO's, CXO's that were surveyed globally. Where they said security is slowing down DevOps. Can customers look to Palo Alto Networks to help them? >> Ankur: Be enablers? >> Yes. >> Yeah, hundred percent. Look, the conversation over the last few years have changed now. Security used to say like, oh, I don't know about these people who are building applications. The DevOps is like security slowing down. I think there's an opportunity for companies like Palo Alto Networks, to build the bridge between the two. And the way we do it is make the securities easy, simple and not super intrusive. Where developers have to do a natural thing. And one part of it, and I talked about it earlier, is bring security where the developers are. In their code repo, in their IDE. Make it super simple. Don't make them do unnatural things. And it just, this is no different from changing the behavior of our kids. Right? Like you make them do unnatural things, they're not going to do it. But if it is part of their regular, you know, day-to-day operating procedures. I think they're going to be more open to change. Yeah. So I think it's possible. And Palo Alto has a huge responsibility to bridge the divide between the apps team, or the DevOps and the security organization. >> Lisa: Lots of great stuff to come. We thank you so much for coming back, two weeks. Only being on two weeks ago. We appreciate your insights, learning more information. It's great to see you at Palo Alto Ignite. And we'll have to have you back on. 'Cause we know that there's so much more to follow with respect to what you're doing. And shifting left, shift happens. >> Awesome. Lisa, Dave, thank you so much. It's been a pleasure. >> Lisa: Thank you so much. For Ankur Shah and Dave Vellante. I'm Lisa Martin. You're watching theCUBE. The leader in live and emerging tech coverage.

>>The cube presents Ignite 22, brought to you by Palo Alto Networks. >>Good morning. Live from the MGM Grand. It's the cube at Palo Alto Networks Ignite 2022. Lisa Martin here with Dave Valante, day two, Dave of our coverage, or last live day of the year, which I can't believe, lots of good news coming out from Palo Alto Networks. We're gonna sit down with its Chief product officer next and dissect all of that. >>Yeah. You know, oftentimes in, in events like this, day two is product day. And look, it's all about products and sales. Yeah, I mean those, that's the, the, the golden rule. Get the product right, get the sales right, and everything else will take care of itself. So let's talk product. >>Yeah, let's talk product. Lee Claridge joins us, the Chief Product Officer at Palo Alto Networks. Welcome Lee. Great to have >>You. Thank you so much. >>So we didn't get to see your keynote yesterday, but we heard one of the things, you know, we've been talking about the threat landscape, the challenges. We had Unit 42, Wendy on yesterday. We had Nash on and near talking about the massive challenges in the threat landscape. But we understand, despite that you are optimistic. I am. Talk about your optimism given the massive challenges that every organization is facing today. >>Look, cybersecurity's hard and often in cybersecurity in the industry, a lot of people get sort of really focused on what the threat actors are doing, why they're successful. We investigate breaches and we think of it, it just starts to feel somewhat overwhelming for a lot of folks. And I just happen to think a little bit differently. I, I look at it and I think it's actually a solvable problem. >>Talk about cyber resilience. How does Palo Alto Networks define that and how does it help customers achieve that? Cuz that's the, that's the holy grail these days. >>Yes. Look, the, the way I think about cyber resilience is basically in two pieces. One, it's all about how do we prevent the threat actors from actually being successful in the first place. Second, we also have to be prepared for what happens if they happen to find a way to get through, and how do we make sure that that happens? The blast radius is, is as narrowly contained as possible. And so the, the way that we approach this is, you know, I, I kind of think in terms of like threes three core principles. Number one, we have to have amazing technology and we have to constantly be, keep keeping up with and ideally ahead of what attackers are doing. It's a big part of my job as the chief product officer, right? Second is we, you know, one of the, the big transformations that's happened is the advent of, of AI and the opportunity, as long as we can do it, a great job of collecting great data, we can drive AI and machine learning models that can start to be used for our advantage as defenders, and then further use that to drive automation. >>So we take the human out of the response as much as possible. What that allows us to do is actually to start using AI and automation to disrupt attackers as it's happening. The third piece then becomes natively integrating these capabilities into a platform. And when we do that, what allows us to do is to make sure that we are consistently delivering cybersecurity everywhere that it needs to happen. That we don't have gaps. Yeah. So great tech AI and automation deliver natively integrated through platforms. This is how we achieve cyber resilience. >>So I like the positivity. In fact, Steven Schmidt, who's now the CSO of, of Amazon, you know, Steven, and it was the CSO at AWS at the time, the first reinforced, he stood up on stage and said, listen, this narrative that's all gloom and doom is not the right approach. We actually are doing a good job and we have the capability. So I was like, yeah, you know, okay. I'm, I'm down with that. Now when I, my question is around the, the portfolio. I, I was looking at, you know, some of your alternatives and options and the website. I mean, you got network security, cloud security, you got sassy, you got capp, you got endpoint, pretty much everything. You got cider security, which you just recently acquired for, you know, this whole shift left stuff, you know, nothing in there on identity yet. That's good. You partner for that, but, so could you describe sort of how you think about the portfolio from a product standpoint? How you continue to evolve it and what's the direction? Yes. >>So the, the, the cybersecurity industry has long had this, I'm gonna call it a major flaw. And the major flaw of the cybersecurity industry has been that every time there is a problem to be solved, there's another 10 or 20 startups that get funded to solve that problem. And so pretty soon what you have is you're, if you're a customer of this is you have 50, a hundred, the, the record is over 400 different cybersecurity products that as a customer you're trying to operationalize. >>It's not a good record to have. >>No, it's not a good record. No. This is, this is the opposite of Yes. Not a good personal best. So the, so the reason I start there in answering your question is the, the way that, so that's one end of the extreme, the other end of the extreme view to say, is there such a thing as a single platform that does everything? No, there's not. That would be nice. That was, that sounds nice. But the reality is that cybersecurity has to be much broader than any one single thing can do. And so the, the way that we approach this is, is three fundamental areas that, that we, Palo Alto Networks are going to be the best at. One is network security within network security. This includes hardware, NextGen, firewalls, software NextGen, firewalls, sassy, all the different security services that tie into that. All of that makes up our network security platforms. >>So everything to do with network security is integrated in that one place. Second is around cloud security. The shift to the cloud is happening is very real. That's where Prisma Cloud takes center stage. C a P is the industry acronym. If if five letters thrown together can be called an acronym. The, so cloud native application protection platform, right? So this is where we bring all of the different cloud security capabilities integrated together, delivered through one platform. And then security, security operations is the third for us. This is Cortex. And this is where we bring together endpoint security, edr, ndr, attack, surface management automation, all of this. And what we had, what we announced earlier this year is x Im, which is a Cortex product for actually integrating all of that together into one SOC transformation platform. So those are the three platforms, and that's how we deliver much, much, much greater levels of native integration of capabilities, but in a logical way where we're not trying to overdo it. >>And cider will fit into two or three >>Into Prisma cloud into the second cloud to two. Yeah. As part of the shift left strategy of how we secure makes sense applications in the cloud >>When you're in customer conversations. You mentioned the record of 400 different product. That's crazy. Nash was saying yesterday between 30 and 50 and we talked with him and near about what's realistic in terms of getting organizations to, to be able to consolidate. I'd love to understand what does cybersecurity transformation look like for the average organization that's running 30 to 50 point >>Solutions? Yeah, look, 30 to 50 is probably, maybe normal. A hundred is not unusual. Obviously 400 is the extreme example. But all of those are, those numbers are too big right now. I think, I think realistic is high. Single digits, low double digits is probably somewhat realistic for most organizations, the most complex organizations that might go a bit above that if we're really doing a good job. That's, that's what I think. Now second, I do really want to point out on, on the product guy. So, so maybe this is just my way of thinking, consolidation is an outcome of having more tightly and natively integrated capabilities. Got you. And the reason I flip that around is if I just went to you and say, Hey, would you like to consolidate? That just means maybe fewer vendors that that helps the procurement person. Yes. You know, have to negotiate with fewer companies. Yeah. Integration is actually a technology statement. It's delivering better outcomes because we've designed multiple capabilities to work together natively ourselves as the developers so that the customer doesn't have to figure out how to do it. It just happens that by, by doing that, the customer gets all this wonderful technical benefit. And then there's this outcome sitting there called, you've just consolidated your complexity. How >>Specialized is the customer? I think a data pipelines, and I think I have a data engineer, have a data scientists, a data analyst, but hyper specialized roles. If, if, let's say I have, you know, 30 or 40, and one of 'em is an SD wan, you know, security product. Yeah. I'm best of breed an SD wan. Okay, great. Palo Alto comes in as you, you pointed out, I'm gonna help you with your procurement side. Are there hyper specialized individuals that are aligned to that? And how that's kind of part A and B, how, assuming that's the case, how does that integration, you know, carry through to the business case? So >>Obviously there are specializations, this is the, and, and cybersecurity is really important. And so there, this is why there had, there's this tendency in the past to head toward, well I have this problem, so who's the best at solving this one problem? And if you only had one problem to solve, you would go find the specialist. The, the, the, the challenge becomes, well, what do you have a hundred problems to solve? I is the right answer, a hundred specialized solutions for your a hundred problems. And what what I think is missing in this approach is, is understanding that almost every problem that needs to be solved is interconnected with other problems to be solved. It's that interconnectedness of the problems where all of a sudden, so, so you mentioned SD wan. Okay, great. I have Estee wan, I need it. Well what are you connecting SD WAN to? >>Well, ideally our view is you would connect SD WAN and branch to the cloud. Well, would you run in the cloud? Well, in our case, we can take our SD wan, connect it to Prisma access, which is our cloud security solution, and we can natively integrate those two things together such that when you use 'em together, way easier. Right? All of a sudden we took what seemed like two separate problems. We said, no, actually these problems are related and we can deliver a solution where those, those things are actually brought together. And that's just one simple example, but you could, you could extend that across a lot of these other areas. And so that's the difference. And that's how the, the, the mindset shift that is happening. And, and I I was gonna say needs to happen, but it's starting to happen. I'm talking to customers where they're telling me this as opposed to me telling them. >>So when you walk around the floor here, there's a visual, it's called a day in the life of a fuel member. And basically what it has, it's got like, I dunno, six or seven different roles or personas, you know, one is management, one is a network engineer, one's a coder, and it gives you an X and an O. And it says, okay, put the X on things that you spend your time doing, put the o on things that you wanna spend your time doing a across all different sort of activities that a SecOps pro would do. There's Xs and O's in every one of 'em. You know, to your point, there's so much overlap going on. This was really difficult to discern, you know, any kind of consistent pattern because it, it, it, unlike the hyper specialization and data pipelines that I just described, it, it's, it's not, it, it, there's way more overlap between those, those specialization roles. >>And there's a, there's a second challenge that, that I've observed and that we are, we've, we've been trying to solve this and now I'd say we've become, started to become a lot more purposeful in, in, in trying to solve this, which is, I believe cybersecurity, in order for cyber security vendors to become partners, we actually have to start to become more opinionated. We actually have to start, guys >>Are pretty opinionated. >>Well, yes, but, but the industry large. So yes, we're opinionated. We build these products, but that have, that have our, I'll call our opinions built into it, and then we, we sell the, the product and then, and then what happens? Customer says, great, thank you for the product. I'm going to deploy it however I want to, which is fine. Obviously it's their choice at the end of the day, but we actually should start to exert an opinion to say, well, here's what we would recommend, here's why we would recommend that. Here's how we envisioned it providing the most value to you. And actually starting to build that into the products themselves so that they start to guide the customer toward these outcomes as opposed to just saying, here's a product, good luck. >>What's, what's the customer lifecycle, not lifecycle, but really kind of that, that collaboration, like it's one thing to, to have products that you're saying that have opinions to be able to inform customers how to deploy, how to use, but where is their feedback in this cycle of product development? >>Oh, look, my, this, this is, this is my life. I'm, this is, this is why I'm here. This is like, you know, all day long I'm meeting with customers and, and I share what we're doing. But, but it's, it's a, it's a 50 50, I'm half the time I'm listening as well to understand what they're trying to do, what they're trying to accomplish, and how, what they need us to do better in order to help them solve the problem. So the, the, and, and so my entire organization is oriented around not just telling customers, here's what we did, but listening and understanding and bringing that feedback in and constantly making the products better. That's, that's the, the main way in which we do this. Now there's a second way, which is we also allow our products to be customized. You know, I can say, here's our best practices, we see it, but then allowing our customer to, to customize that and tailor it to their environment, because there are going to be uniquenesses for different customers in parti, we need more complex environments. Explain >>Why fire firewalls won't go away >>From your perspective. Oh, Nikesh actually did a great job of explaining this yesterday, and although he gave me credit for it, so this is like a, a circular kind of reference here. But if you think about the firewalls slightly more abstract, and you basically say a NextGen firewalls job is to inspect every connection in order to make sure the connection should be allowed. And then if it is allowed to make sure that it's secure, >>Which that is the definition of an NextGen firewall, by the way, exactly what I just said. Now what you noticed is, I didn't describe it as a hardware device, right? It can be delivered in hardware because there are environments where you need super high throughput, low latency, guess what? Hardware is the best way of delivering that functionality. There's other use cases cloud where you can't, you, you can't ship hardware to a cloud provider and say, can you install this hardware in front of my cloud? No, no, no. You deployed in a software. So you take that same functionality, you instantly in a software, then you have other use cases, branch offices, remote workforce, et cetera, where you say, actually, I just want it delivered from the cloud. This is what sassy is. So when I, when I look at and say, the firewall's not going away, what, what, what I see is the functionality needed is not only not going away, it's actually expanding. But how we deliver it is going to be across these three form factors. And then the customer's going to decide how they need to intermix these form factors for their environment. >>We put forth this notion of super cloud a while about a year ago. And the idea being you're gonna leverage the hyperscale infrastructure and you're gonna build a, a, you're gonna solve a common problem across clouds and even on-prem, super cloud above the cloud. Not Superman, but super as in Latin. But it turned into this sort of, you know, superlative, which is fun. But the, my, my question to you is, is, is, is Palo Alto essentially building a common cross-cloud on-prem, presumably out to the edge consistent experience that we would call a super cloud? >>Yeah, I don't know that we've ever used the term surfer cloud to describe it. Oh, you don't have to, but yeah. But yes, based on how you describe it, absolutely. And it has three main benefits that I describe to customers all the time. The first is the end user experience. So imagine your employee, and you might work from the office, you might work from home, you might work while from, from traveling and hotels and conferences. And, and by the way, in one day you might actually work from all of those places. So, so the first part is the end user experience becomes way better when it doesn't matter where they're working from. They always get the same experience, huge benefit from productivity perspective, no second benefit security operations. You think about the, the people who are actually administering these policies and analyzing the security events. >>Imagine how much better it is for them when it's all common and consistent across everywhere that has to happen. Cloud, on-prem branch, remote workforce, et cetera. So there's a operational benefit that is super valuable. Third, security benefit. Imagine if in this, this platform-based approach, if we come out with some new amazing innovation that is able to detect and block, you know, new types of attacks, guess what, we can deliver that across hardware, software, and sassi uniformly and keep it all up to date. So from a security perspective, way better than trying to figure out, okay, there's some new technology, you know, does my hardware provider have that technology or not? Does my soft provider? So it's bringing that in to one place. >>From a developer perspective, is there a, a, a PAs layer, forgive me super PAs, that a allows the developers to have a common experience across irrespective of physical location with the explicit purpose of serving the objective of your platform. >>So normally when I think of the context of developers, I'm thinking of the context of, of the people who are building the applications that are being deployed. And those applications may be deployed in a data center, increasing the data centers, depending private clouds might be deployed into, into public cloud. It might even be hybrid in nature. And so if you think about what the developer wants, the developer actually wants to not have to think about security, quite frankly. Yeah. They want to think about how do I develop the functionality I need as quickly as possible with the highest quality >>Possible, but they are being forced to think about it more and more. Well, but anyway, I didn't mean to >>Interrupt you. No, it's a, it is a good, it's a, it's, it's a great point. The >>Well we're trying to do is we're trying to enable our security capabilities to work in a way that actually enables what the developer wants that actually allows them to develop faster that actually allows them to focus on the things they want to focus. And, and the way we do that is by actually surfacing the security information that they need to know in the tools that they use as opposed to trying to bring them to our tools. So you think about this, so our customer is a security customer. Yet in the application development lifecycle, the developer is often the user. So we, we we're selling, we're so providing a solution to security and then we're enabling them to surface it in the developer tools. And by, by doing this, we actually make life easier for the developers such that they're not actually thinking about security so much as they're just saying, oh, I pulled down the wrong open source package, it's outdated, it has vulnerabilities. I was notified the second I did it, and I was told which one I should pull down. So I pulled down the right one. Now, if you're a developer, do you think that's security getting your way? Not at all. No. If you're a developer, you're thinking, thank god, thank you, thank, thank you. Yeah. You told me at a point where it was easy as opposed to waiting a week or two and then telling me where it's gonna be really hard to fix it. Yeah. Nothing >>More than, so maybe be talking to Terraform or some other hash corp, you know, environment. I got it. Okay. >>Absolutely. >>We're 30 seconds. We're almost out of time. Sure. But I'd love to get your snapshot. Here we are at the end of calendar 2022. What are you, we know you're optimistic in this threat landscape, which we're gonna see obviously more dynamics next year. What kind of nuggets can you drop about what we might hear and see in 23? >>You're gonna see across everything. We do a lot more focus on the use of AI and machine learning to drive automated outcomes for our customers. And you're gonna see us across everything we do. And that's going to be the big transformation. It'll be a multi-year transformation, but you're gonna see significant progress in the next 12 months. All >>Right, well >>What will be the sign of that progress? If I had to make a prediction, which >>I'm better security with less effort. >>Okay, great. I feel like that's, we can measure that. I >>Feel, I feel like that's a mic drop moment. Lee, it's been great having you on the program. Thank you for walking us through such great detail. What's going on in the organization, what you're doing for customers, where you're meeting, how you're meeting the developers, where they are. We'll have to have you back. There's just, just too much to unpack. Thank you both so much. Actually, our pleasure for Lee Cler and Dave Valante. I'm Lisa Martin. You're watching The Cube Live from Palo Alto Networks Ignite 22, the Cube, the leader in live, emerging and enterprise tech coverage.

(upbeat music) >> Announcer: TheCUBE presents Ignite '22 brought to you by Palo Alto Networks. >> Welcome back to Las Vegas guys and girls. Lisa Martin here with Dave Vellante. This is day one of the cube's two day coverage of Palo Alto Networks Ignite at the MGM Grand. Dave, we've been having some great conversations today, we have a great two day lineup execs from Palo Alto, it's partner network, customers, et cetera. Going to be talking about infrastructure as code. We talk about that a lot, how Palo is partnering with its partner ecosystem to really help customers deliver security across the organization. >> We do a predictions post every year. Hopefully you can hear me. So we do this predictions post every year. I've done it for a number of years, and I want to say it was either 2018 or 2019, we predicted that HashiCorp was one of these companies to watch. And then last August, on August 9th, we had supercloud event in Palo Alto. We had David McJannet in, who is the CEO of HashiCorp. And we really see Hashi as a key player in terms of affecting multicloud consistency. Sometimes we call it supercloud, you building on top of the hyperscale cloud. So super excited to have HashiCorp on. >> Really an important conversation. We've got an alumni back with us. Asvin Ramesh is here the senior director of Alliances at HashiCorp. Welcome back. >> Yeah, thank you. Good to be back. >> Great to have you. Talk to us a little bit about what's going on at HashiCorp, your relationship with Palo Alto Networks, and what's in it for customers. >> Yeah, no, no, great question. So, Palo Alto has been a fantastic partner of ours for many years now. We started way back in 2018, 2019 focusing on the basics, putting integrations in place that customers can be using together. And so it's been a great journey. Both are very synergistic. Palo Alto is focused on multicloud, so are we, we focus on cloud infrastructure automation, and ensuring that customers are able to bring in agility, reliability, security, and be able to deliver to their business. And then Palo Alto brings in great security components to that multicloud story. So it's a great story altogether. >> Some of the challenges that organizations have been facing. Palo Alto just released a survey, I think this morning if I can find it here what's next in cyber organizations facing massive headwinds ransomware becoming a household word, business email compromise being a challenge. But also in the last couple of years the massive shift to multi-club or organizations are living an operating need to do so securely. It's no longer nice to have anymore. It's absolutely table stakes for survival, and being able to thrive and grow for any business. >> Yeah, no, I think it's almost a sort of rethinking of how you would build your infrastructure up. So the more times you do it right the better you are built to scale. That's been one of the bedrocks of how we've been working with Palo Alto, which is rethinking how should IT be building their infrastructure in a multicloud world. And I think the market timing is right for both of us in terms of the progress that we've been able to make. >> So, I mean Terraform has really become sort of a key ingredient to the cloud operating model, especially across clouds. Kind of describe how partners, and customers are are implementing that cross-cloud capability. What's that journey look like? What's the level of maturity today? >> Yeah, great question, Dave. So we sort of see customers in three buckets. The first bucket is when customers are in the initial phases of their cloud journey. So they have disparate teams in their business units try out clouds themselves. Typically there is some event that occurs either some sort of a security scare or a a cloud cost event that triggers a rethinking of how they should be thinking about this in a scalable way. So that leads to where the cloud operating model which is a framework that HashiCorp has. And we use that successfully with customers to talk them through how they should be thinking about their process, about how they should be standardizing how people operate, and then the products they should be including, but then you come to that stage, and you start to think about a centralized platform team that is putting in golden workflows, that is putting in as a service mindset for their business units thinking through policies at a corporate level. And then that is a second stage. And then, but this is also in some customers more around public clouds. But then the third stage that we see is when they start embracing their private cloud or the on-prem data center, and have the same principles address across both public clouds, and the on-prem data center, and then Terraform scale for any infrastructure. So, once you start to put these practices in place not just from a technology standpoint, but from a process, and product standpoint, you're easily able to scale with that central platform organization. >> So, it's all about that consistency across your estate irrespective of whether it's on-prem in AWS, Azure, Google, the Edge, maybe. I mean, that's starting, right? >> Asvin: Yes. >> And so when you talk about the... Break it down a little bit process and product, where do you and Palo Alto sort of partner and add value? What's that experience like? >> Yeah, so, I think as I mentioned earlier the bedrock is having ways in which customers are able to use our products together, right? And then being able to evangelize the usage of that product. So one example I'll give you is with Prisma Cloud, and Terraform Cloud to your point about Terraform earlier. So customers can be using Prisma Cloud with Terraform Cloud in a way that you can get security context telemetry during an infrastructure run, and then use policies that you have in Prisma Cloud to be able to get or run or to implement or run or make sure essentially it is adhering to your security policy or any other audits that you want to create or any other cost that you want to be able to control. >> Where are your customer conversations these days? We know that security is a board level conversation. Interestingly, in that same survey that Palo Alto released this morning that I mentioned they found that there's a big lack of alignment between the board and the C-suite staff, the executive suite in terms of security. Where are your conversations, and how are you maybe facilitating that alignment that needs to be there? Because security it's not a nice to have. >> Yeah, I think in our experience, the alignment is there. I think especially with the macro environment it's more about where where do you allocate those resources. I think those are conversations that we're just starting to see happen, but I think it's the natural progression of how the environment is moving, and maybe another quarter or two, I think we'll see greater alignment there. >> So, and I saw some data that said I guess it was a study you guys did 90% of customer say multicloud is working for them. That surprised me 'cause you hear all this negativity around multicloud, I've been kind of negative about multicloud to be honest. Like that's a symptom of MNA, and a or multi-vendor. But how do you interpret that? When they say multicloud is working? How so? >> Yeah, I think the maturity of customers are varied as I mentioned through the stages, right? So, there are customers who even in the initial phases of their journey where they have different business units using different clouds, and from a C standpoint that might still look like multicloud, right? Though the way we think about it is you should be really in stage two, and stage three to real leverage the real power of multicloud. But I think it's that initial hump that you need to go through, and being able to get oriented towards it, have the right set of skillsets, the thought process, the product, the process in place. And once you have that then you'll start reaping the benefits over a period of time, especially when some other environments events happen, and you're able to easily adjust to that because you're leveraging this multicloud environment, and you have a clear policy of where you'll use which cloud. >> So I interpreted that data as, okay, multicloud is working from the standpoint of we are multicloud, okay? So, and our business is working, but when I talk to customers, they want more to your point, they want that consistent experience. And so it's been by, to use somebody else's term, by default. Chuck Whitten I think came up with that term versus by design. And now I think they have an objective of, okay, let's make multicloud work even better. Maybe I can say that. And so what does that experience look like? That means a common experience all the way through my stack, my infrastructure stack, which is that's going to be interesting to see how that goes down 'cause you got three separate clouds, and are doing their own APIs. But certainly from a security standpoint, the PaaS layer, even as I go up the stack, how do you see that outcome, and say the next two to five years? >> Yeah, so, we go back to our customers, and they're very successful ones who've used the cloud operating model. And for us the cloud operating model for us includes four layers. So on the infrastructure layer, we have Terraform and Packer, on the security layer we have Vault and Boundary, on the networking layer we have Consul, and then on applications we have Nomad and Waypoint. But then you really look at, from a people process, and product standpoint, for people it's how do you standardize the workflows that they're able to use, right? So if you have a central platform team in place that is looking at common use cases that multiple business units are using. and then creates a golden workflow, for example, right? For these various business units to be able to use or creates what we call a system of record for cloud adoption it helps multiple business units then latch onto this work that this central platform team is doing. And they need to have a product mindset, right? So not like a project that you just start and end with. You have this continuous improvement mindset within that platform team. And they build these processes, they build these golden workflows, they build these policies in place, and then they offer that as a service to the business units to be able to use. So that increases the adoption of multicloud. And also more importantly, you can then allow that multicloud usage to be governed in the way that aligns with your overall corporate objectives. And obviously in self-interest, you'd use Terraform or Vault because you can then use it across multiple clouds. >> Well, let's say I buy into that. Okay, great. So I want that common experience 'cause so when you talk about infrastructure, take us through an example. So when I hear infrastructure, I say, okay if I'm using an S3 bucket over here an Azure blob over there, they got different APIs, they got different primitives. I want you to abstract that away. Is that what you do? >> Yeah, so I think we've seen different use cases being used across different clouds too. So I don't think it's sort of as simple as, hey, should I use this or that? It is ensuring that the common tool that you use to be able to leverage safer provisioning, right? Is Terraform. So the central team is then trained in not only just usage of Terraform open source, but their Terraform cloud, which is our managed service, and Terraform enterprise which is the self-managed, but on-prem product, it's them being qualified to be able to build these consistent workflows using whatever tool that they have or whatever skew that they have from Terraform. And then applying business logic on top of that to your point about, hey, we'd like to use AWS for these kind of workloads. We'd like to use GCP, for example, on data or use Microsoft Azure for some other type of- >> Collaboration >> Right? But the common tooling, right? Remains around the usage of Terraform, and they've trained their teams there's a standard workflow, there's standard process around it. >> Asvin, I was looking at that survey the HashiCorp state of cloud strategy survey, and it talked about skill shortages as being the number one barrier to multicloud. We talk about the cyber skills gap all the time. It's huge. It's obviously a huge issue. I saw some numbers just the other day that there's 26 million developers but there's less than 3 million cybersecurity professionals. How does HashiCorp and Palo Alto Networks, how do you help customers address that skills gap so that they that they can leverage multicloud as a driver of the business? >> Yeah, another great question. So I think I'd say in two or three different ways. One is be able to provide greater documentation for our customers to be able to self use the product so that with the existing people, for example, you build out a known example, right? You're trying to achieve this goal here is how you use our products together. And so they'll be able to self-service, right? So that's one. Second is obviously both of us have great services partners, so we are always working with these services partners to get their teams trained and scaled up around these skill gaps. And I think I'd say the third which is where we see a lot of adoption is around usage of the managed services that we have. If you take Palo Alto's example in this Palo Alto will speak better to it, but they have SOC services, right? That you can consume. So, they're performing that service for you. Similarly, on our side we have a HashiCorp Cloud Platform, HCP, where you can consume Vault as a service, you can consume Consul as a service. Terraform cloud is a managed service, so you don't need as many people to be able to run that service. And we abstract all the complexity associated with that by ourselves, right? So I'd say these are the three ways that we address it. >> So Zero Trust across big buzzword. We heard this in this morning keynotes, AWS is always saying, well, we'll talk about it too, but, okay, customers are starting to talk about Zero Trust. You talk to CISOs, they're like, yes, we're adopting this mentality of unless you're trusted, we don't trust you. So, okay, cool. So you think about the cloud you've got the shared responsibility model, and then you've got the application developers are being asked to do more, secure the code. You got the CISO now has to deal with not only the shared responsibility model, but shared responsibility models across clouds, and got to bring his or her security ethos to the app dev team, and then you got to audit kind of making sure they're like the last line of defense. So my question is when you think about code security and Zero Trust in that new environment the problem with a lot of the clouds is they don't make the CISOs life any easier. So I got to believe that your objective with Palo Alto is to actually make the organization's lives easier. So, how do you deal with all that complexity in specifically in a Zero Trust multicloud environment? >> Yeah, so I'll give you a specific example. So, on code to cloud security which is one of Palo Alto's sort of key focus area is that Prisma Cloud and Terraform Cloud example that I gave, right? Where you'd be able to use what we call run tasks essentially, web hook integrations to be able to get a run or provide some telemetry back to Prisma Cloud for customers to be able to make a decision. On the Zero Trust side, we partner both on the Prisma Cloud side, and the Cortex XSOAR side around our products of Vault and and Consul. So what Vault does is it allows you to control secrets, it allows you to store secrets. So a Prisma Cloud or a Cortex customer can be using secrets from Vault familiarly for that particular transaction or workflow itself, right? Rather than, and so it's based on identity, and not on the basis of just the secret sort of lying around. Same thing with console helps you with discovery, and management of services. So, Cortex and you can automate, a lot of this work can get automated using the product that I talked about from Zero Trust. I think the key thing for Zero Trust in our view is it is a end destination, right? So it'll take certain time, depends on the enterprise, depends on where things are. It's a question of specifically focusing on value that Palo Alto and HashiCorp's products bring to solve specific use cases within that Zero Trust bucket, and solve one problem at a time rather than try to say that, hey, only Palo Alto, and only HashiCorp or whatever will solve everything in Zero Trust, right? Because that is not going to be- >> And to your point, it's never going to end, right? I mean you're talk about Cortex bringing a lot of automation. You guys bring a lot of automation now Palo Alto just bought Cider Security. Now we're getting into supply chain. I mean it going to hit it at the edge and IoT, the people don't want another IoT stove pipe. >> Lisa: No. >> Right? They want that to be part of the whole picture. So, you're never done. >> Yeah, no, but it is this continuous journey, right? And again, different companies are different parts of that journey, and then you go and rinse and repeat, you maybe acquire another company, and then they have a different maturity, so you get them on board on this. And so we see this as a multi-generational shift as Dave like to call it. And we're happy to be in the middle of it with Palo Alto Networks. >> It's definitely a multi-generational shift. Asvin, it's been great having you back on theCUBE. Thank you for giving us the update on what Hashi and Palo Alto are doing, the value in it for customers, the cloud operating model. And we should mention that HashiCorp yesterday just won a Technology Partner of the Year award. Congratulations. Yes. >> We're very, very thrilled with the recognition from Palo Alto Networks for the Technology Partner of the Year. >> Congrats. >> Thank you Keep up the great partnership. Thank you so much. We appreciate your insights. >> Thank you so much. >> For our guest, and for Dave Vellante, I'm Lisa Martin, live in Las Vegas. You watching theCUBE, the leader in live enterprise and emerging tech coverage. (upbeat music)

>> Narrator: "TheCUBE" presents Ignite 22. Brought to you by Palo Alto Networks. >> Hey everyone. Welcome back to "TheCUBE's" live coverage of Palo Alto Network's Ignite 22 from the MGM Grand in beautiful Las Vegas. I am Lisa Martin here with Dave Vellante. Dave, we just had a great conversa- First of all, we got to hear the keynote, most of it. We also just had a great conversation with the CEO and chairman of Palo Alto Networks, Nikesh Arora. You know, this is a company that was founded back in 2005, he's been there four years, a lot has happened. A lot of growth, a lot of momentum in his tenure. You were saying in your breaking analysis, that they are on track to nearly double revenues from FY 20 to 23. Lots of momentum in this cloud security company. >> Yeah, I'd never met him before. I mean, I've been following a little bit. It's interesting, he came in as, sort of, a security outsider. You know, he joked today that he, the host, I forget the guy's name on the stage, what was his name? Hassan. Hassan, he said "He's the only guy in the room that knows less about security than I do." Because, normally, this is an industry that's steeped in deep expertise. He came in and I think is given a good compliment to the hardcore techies at Palo Alto Network. The company, it's really interesting. The company started out building their own data centers, they called it. Now they look back and call it cloud, but it was their own data centers, kind of like Salesforce did, it's kind of like ServiceNow. Because at the time, you really couldn't do it in the public cloud. The public cloud was a little too unknown. And so they needed that type of control. But Palo Alto's been amazing story since 2020, we wrote about this during the pandemic. So what they did, is they began to pivot to the the true cloud native public cloud, which is kind of immature still. They don't tell you that, but it's kind of still a little bit immature, but it's working. And when they were pivoting, it was around the same time, at Fortinet, who's a competitor there's like, I call 'em a poor man's Palo Alto, and Fortinet probably hates that, but it's kind of true. It's like a value play on a comprehensive platform, and you know Fortinet a little bit. And so, but what was happening is Fortinet was executing on its cloud strategy better than Palo Alto. And there was a real divergence in the valuations of these stocks. And we said at the time, we felt like Palo Alto, being the gold standard, would get through it. And they did. And what's happened is interesting, I wrote about this two weeks ago. If you go back to the pandemic, peak of the pandemic, or just before the peak, kind of in that tech bubble, if you will. Splunk's down 44% from that peak, Okta's down, sorry, not down 44%. 44% of the peak. Okta's 22% of their peak. CrowdStrike, 41%, Zscaler, 36%, Fortinet, 71%. Not so bad. Palo Altos maintained 93% of its peak value, right? So it's a combination of two things. One is, they didn't run up as much during the pandemic, and they're executing through their cloud strategy. And that's provided a sort of softer landing. And I think it's going to be interesting to see where they go from here. And you heard Nikesh, we're going to double, and then double again. So that's 7 billion, 14 billion, heading to 30 billion. >> Lisa: Yeah, yeah. He also talked about one of the things that he's done in his tenure here, as really a workforce transformation. And we talk all the time, it's not just technology and processes, it's people. They've also seemed to have done a pretty good job from a cultural transformation perspective, which is benefiting their customers. And they're also growing- The ecosystem, we talked a little bit about the ecosystem with Nikesh. We've got Google Cloud on, we've got AWS on the program today alone, talking about the partnerships. The ecosystem is expanding, as well. >> Have you ever met Nir Zuk? >> I have not, not yet. >> He's the founder and CTO. I haven't, we've never been on "theCUBE." He was supposed to come on one day down in New York City. Stu and I were going to interview him, and he cut out of the conference early, so we didn't interview him. But he's a very opinionated dude. And you're going to see, he's basically going to come on, and I mean, I hope he is as opinionated on "TheCUBE," but he'll talk about how the industry has screwed it up. And Nikesh sort of talked about that, it's a shiny new toy strategy. Oh, there's another one, here's another one. It's the best in that category. Okay, let's get, and that's how we've gotten to this point. I always use that Optive graphic, which shows the taxonomy, and shows hundreds and hundreds of suppliers in the industry. And again, it's true. Customers have 20, 30, sometimes 40 different tool sets. And so now it's going to be interesting to see. So I guess my point is, it starts at the top. The founder, he's an outspoken, smart, tough Israeli, who's like, "We're going to take this on." We're not afraid to be ambitious. And so, so to your point about people and the culture, it starts there. >> Absolutely. You know, one of the things that you've written about in your breaking analysis over the weekend, Nikesh talked about it, they want to be the consolidator. You see this as they're building out the security supercloud. Talk to me about that. What do you think? What is a security supercloud in your opinion? >> Yeah, so let me start with the consolidator. So Palo Alto obviously is executing on that strategy. CrowdStrike as well, wants to be a consolidator. I would say Zscaler wants to be a consolidator. I would say that Microsoft wants to be a consolidator, so does Cisco. So they're all coming at it from different angles. Cisco coming at it from network security, which is Palo Alto's wheelhouse, with their next gen firewalls, network security. What Palo Alto did was interesting, was they started out with kind of a hardware based firewall, but they didn't try to shove everything into it. They put the other function in there, their cloud. Zscaler. Zscaler is the one running around saying you don't need firewalls anymore. Just run everything through our cloud, our security cloud. I would think that as Zscaler expands its TAM, it's going to start to acquire, and do similar types of things. We'll see how that integrates. CrowdStrike is clearly executing on a similar portfolio strategy, but they're coming at it from endpoint, okay? They have to partner for network security. Cisco is this big and legacy, but they've done a really good job of acquiring and using services to hide some of that complexity. Microsoft is, you know, they probably hate me saying this, but it's the just good enough strategy. And that may have hurt CrowdStrike last quarter, because the SMB was a soft, we'll see. But to specifically answer your question, the opportunity, we think, is to build the security supercloud. What does that mean? That means to have a common security platform across all clouds. So irrespective of whether you're running an Amazon, whether you're running an on-prem, Google, or Azure, the security policies, and the edicts, and the way you secure your enterprise, look the same. There's a PaaS layer, super PaaS layer for developers, so that that the developers can secure their code in a common framework across cloud. So that essentially, Nikesh sort of balked at it, said, "No, no, no, we're not, we're not really building a super cloud." But essentially they kind of are headed in that direction, I think. Although, what I don't know, like CrowdStrike and Microsoft are big competitors. He mentioned AWS and Google. We run on AWS, Google, and in their own data centers. That sounds like they don't currently run a Microsoft. 'Cause Microsoft is much more competitive with the security ecosystem. They got Identity, so they compete with Okta. They got Endpoint, so they compete with CrowdStrike, and Palo Alto. So Microsoft's at war with everybody. So can you build a super cloud on top of the clouds, the hyperscalers, and not do Microsoft? I would say no. >> Right. >> But there's nothing stopping Palo Alto from running in the Microsoft cloud. I don't know if that's a strategy, we should ask them. >> Yeah. They've done a great job in our last few minutes, of really expanding their TAM in the last few years, particularly under Nikesh's leadership. What are some of the things that you heard this morning that you think, really they've done a great job of expanding that TAM. He talked a little bit about, I didn't write the number down, but he talked a little bit about the market opportunity there. What do you see them doing as being best of breed for organizations that have 30 to 50 tools and need to consolidate that? >> Well the market opportunity's enormous. >> Lisa: It is. >> I mean, we're talking about, well north of a hundred billion dollars, I mean 150, 180, depending on whose numerator you use. Gartner, IDC. Dave's, whatever, it's big. Okay, and they've got... Okay, they're headed towards 7 billion out of 180 billion, whatever, again, number you use. So they started with network security, they put most of the network function in the cloud. They moved to Endpoint, Sassy for the edge. They've done acquisitions, the Cortex acquisition, to really bring automated threat intelligence. They just bought Cider Security, which is sort of the shift left, code security, developer, assistance, if you will. That whole shift left, protect right. And so I think a lot of opportunities to continue to acquire best of breed. I liked what Nikesh said. Keep the founders on board, sell them on the mission. Let them help with that integration and putting forth the cultural aspects. And then, sort of, integrate in. So big opportunities, do they get into Endpoint and compete with Okta? I think Okta's probably the one sort of outlier. They want to be the consolidator of identity, right? And they'll probably partner with Okta, just like Okta partners with CrowdStrike. So I think that's part of the challenge of being the consolidator. You're probably not going to be the consolidator for everything, but maybe someday you'll see some kind of mega merger of these companies. CrowdStrike and Okta, or Palo Alto and Okta, or to take on Microsoft, which would be kind of cool to watch. >> That would be. We have a great lineup, Dave. Today and tomorrow, full days, two full days of cube coverage. You mentioned Nir Zuk, we already had the CEO on, founder and CTO. We've got the chief product officer coming on next. We've got chief transformation officer of customers, partners. We're going to have great conversations, and really understand how this organization is helping customers ultimately achieve their SecOps transformation, their digital transformation. And really moved the needle forward to becoming secure data companies. So I'm looking forward to the next two days. >> Yeah, and Wendy Whitmore is coming on. She heads Unit 42, which is, from what I could tell, it's pretty much the competitor to Mandiant, which Google just bought. We had Kevin Mandia on at September at the CrowdStrike event. So that's interesting. That's who I was poking Nikesh a little bit on industry collaboration. You're tight with Google, and then he had an interesting answer. He said "Hey, you start sharing data, you don't know where it's going to go." I think Snowflake could help with that problem, actually. >> Interesting. >> Yeah, little Snowflake and some of the announcements ar Reinvent with the data clean rooms. Data sharing, you know, trusted data. That's one of the other things we didn't talk about, is the real tension in between security and regulation. So the regulators in public policy saying you can't move the data out of the country. And you have to prove to me that you have a chain of custody. That when you say you deleted something, you have to show me that you not only deleted the file, then the data, but also the metadata. That's a really hard problem. So to my point, something that Palo Alto might be able to solve. >> It might be. It'll be an interesting conversation with Unit 42. And like we said, we have a great lineup of guests today and tomorrow with you, so stick around. Lisa Martin and Dave Vellante are covering Palo Alto Networks Ignite 22 for you. We look forward to seeing you in our next segment. Stick around. (light music)

>> From "theCube" Studios in Palo Alto in Boston bringing you data-driven insights from "theCube" and ETR. This is "Breaking Analysis" with Dave Vellante. >> As an independent pure play company, Palo Alto Networks has earned its status as the leader in security. You can measure this in a variety of ways. Revenue, market cap, execution, ethos, and most importantly, conversations with customers generally. In CISO specifically, who consistently affirm this position. The company's on track to double its revenues in fiscal year 23 relative to fiscal year 2020. Despite macro headwinds, which are likely to carry through next year, Palo Alto owes its position to a clarity of vision and strong execution on a TAM expansion strategy through acquisitions and integration into its cloud and SaaS offerings. Hello and welcome to this week's "Wikibon Cube Insights" powered by ETR and this breaking analysis and ahead of Palo Alto Ignite the company's user conference, we bring you the next chapter on top of the last week's cybersecurity update. We're going to dig into the ETR data on Palo Alto Networks as we promised and provide a glimpse of what we're going to look for at "Ignite" and posit what Palo Alto needs to do to stay on top of the hill. Now, the challenges for cybersecurity professionals. Dead simple to understand. Solving it, not so much. This is a taxonomic eye test, if you will, from Optiv. It's one of our favorite artifacts to make the point the cybersecurity landscape is a mosaic of stovepipes. Security professionals have to work with dozens of tools many legacy combined with shiny new toys to try and keep up with the relentless pace of innovation catalyzed by the incredibly capable well-funded and motivated adversaries. Cybersecurity is an anomalous market in that the leaders have low single digit market shares. Think about that. Cisco at one point held 60% market share in the networking business and it's still deep into the 40s. Oracle captures around 30% of database market revenue. EMC and storage at its peak had more than 30% of that market. Even Dell's PC market shares, you know, in the mid 20s or even over that from a revenue standpoint. So cybersecurity from a market share standpoint is even more fragmented perhaps than the software industry. Okay, you get the point. So despite its position as the number one player Palo Alto might have maybe three maybe 4% of the total market, depending on what you use as your denominator, but just a tiny slice. So how is it that we can sit here and declare Palo Alto as the undisputed leader? Well, we probably wouldn't go that far. They probably have quite a bit of competition. But this CISO from a recent ETR round table discussion with our friend Eric Bradley, summed up Palo Alto's allure. We thought pretty well. The question was why Palo Alto Networks? Here's the answer. Because of its completeness as a platform, its ability to integrate with its own products or they acquire, integrate then rebrand them as their own. We've looked at other vendors we just didn't think they were as mature and we already had implemented some of the Palo Alto tools like the firewalls and stuff and we thought why not go holistically with the vendor a single throat to choke, if you will, if stuff goes wrong. And I think that was probably the primary driver and familiarity with the tools and the resources that they provided. Now here's another stat from ETR's Eric Bradley. He gave us a glimpse of the January survey that's in the field now. The percent of IT buyers stating that they plan to consolidate redundant vendors, it went from 34% in the October survey and now stands at 44%. So we fo we feel this bodes well for consolidators like Palo Alto networks. And the same is true from Microsoft's kind of good enough approach. It should also be true for CrowdStrike although last quarter we saw softness reported on in their SMB market, whereas interestingly MongoDB actually saw consistent strength from its SMB and its self-serve. So that's something that we're watching very closely. Now, Palo Alto Networks has held up better than most of its peers in the stock market. So let's take a look at that real quick. This chart gives you a sense of how well. It's a one year comparison of Palo Alto with the bug ETF. That's the cyber basket that we like to compare often CrowdStrike, Zscaler, and Okta. Now remember Palo Alto, they didn't run up as much as CrowdStrike, ZS and Okta during the pandemic but you can see it's now down unquote only 9% for the year. Whereas the cyber basket ETF is off 27% roughly in line with the NASDAQ. We're not showing that CrowdStrike down 44%, Zscaler down 61% and Okta off a whopping 72% in the past 12 months. Now as we've indicated, Palo Alto is making a strong case for consolidating point tools and we think it will have a much harder time getting customers to switch off of big platforms like Cisco who's another leader in network security. But based on the fragmentation in the market there's plenty of room to grow in our view. We asked breaking analysis contributor Chip Simington for his take on the technicals of the stock and he said that despite Palo Alto's leadership position it doesn't seem to make much difference these days. It's all about interest rates. And even though this name has performed better than its peers, it looks like the stock wants to keep testing its 52 week lows, but he thinks Palo Alto got oversold during the last big selloff. And the fact that the company's free cash flow is so strong probably keeps it at the one 50 level or above maybe bouncing around there for a while. If it breaks through that under to the downside it's ne next test is at that low of around one 40 level. So thanks for that, Chip. Now having get that out of the way as we said on the previous chart Palo Alto has strong opinions, it's founder and CTO, Nir Zuk, is extremely clear on that point of view. So let's take a look at how Palo Alto got to where it is today and how we think you should think about his future. The company was founded around 18 years ago as a network security company focused on what they called NextGen firewalls. Now, what Palo Alto did was different. They didn't try to stuff a bunch of functionality inside of a hardware box. Rather they layered network security functions on top of its firewalls and delivered value as a service through software running at the time in its own cloud. So pretty obvious today, but forward thinking for the time and now they've moved to a more true cloud native platform and much more activity in the public cloud. In February, 2020, right before the pandemic we reported on the divergence in market values between Palo Alto and Fort Net and we cited some challenges that Palo Alto was happening having transitioning to a cloud native model. And at the time we said we were confident that Palo Alto would make it through the knot hole. And you could see from the previous chart that it has. So the company's architectural approach was to do the heavy lifting in the cloud. And this eliminates the need for customers to deploy sensors on prem or proxies on prem or sandboxes on prem sandboxes, you know for instance are vulnerable to overwhelming attacks. Think about it, if you're a sandbox is on prem you're not going to be updating that every day. No way. You're probably not going to updated even every week or every month. And if the capacity of your sandbox is let's say 20,000 files an hour you know a hacker's just going to turn up the volume, it'll overwhelm you. They'll send a hundred thousand emails attachments into your sandbox and they'll choke you out and then they'll have the run of the house while you're trying to recover. Now the cloud doesn't completely prevent that but what it does, it definitely increases the hacker's cost. So they're going to probably hit some easier targets and that's kind of the objective of security firms. You know, increase the denominator on the ROI. All right, the next thing that Palo Alto did is start acquiring aggressively, I think we counted 17 or 18 acquisitions to expand the TAM beyond network security into endpoint CASB, PaaS security, IaaS security, container security, serverless security, incident response, SD WAN, CICD pipeline security, attack service management, supply chain security. Just recently with the acquisition of Cider Security and Palo Alto by all accounts takes the time to integrate into its cloud and SaaS platform called Prisma. Unlike many acquisitive companies in the past EMC was a really good example where you ended up with a kind of a Franken portfolio. Now all this leads us to believe that Palo Alto wants to be the consolidator and is in a good position to do so. But beyond that, as multi-cloud becomes more prevalent and more of a strategy customers tell us they want a consistent experience across clouds. And is going to be the same by the way with IoT. So of the next wave here. Customers don't want another stove pipe. So we think Palo Alto is in a good position to build what we call the security super cloud that layer above the clouds that brings a common experience for devs and operational teams. So of course the obvious question is this, can Palo Alto networks continue on this path of acquire and integrate and still maintain best of breed status? Can it? Will it? Does it even have to? As Holger Mueller of Constellation Research and I talk about all the time integrated suites seem to always beat best of breed in the long run. We'll come back to that. Now, this next graphic that we're going to show you underscores this question about portfolio. Here's a picture and I don't expect you to digest it all but it's a screen grab of Palo Alto's product and solutions portfolios, network cloud, network security rather, cloud security, Sassy, CNAP, endpoint unit 42 which is their threat intelligence platform and every imaginable security service and solution for customers. Well, maybe not every, I'm sure there's more to come like supply chain with the recent Cider acquisition and maybe more IoT beyond ZingBox and earlier acquisition but we're sure there will be more in the future both organic and inorganic. Okay, let's bring in more of the ETR survey data. For those of you who don't know ETR, they are the number one enterprise data platform surveying thousands of end customers every quarter with additional drill down surveys and customer round tables just an awesome SaaS enabled platform. And here's a view that shows net score or spending momentum on the vertical axis in provision or presence within the ETR data set on the horizontal axis. You see that red dotted line at 40%. Anything at or over that indicates a highly elevated net score. And as you can see Palo Alto is right on that line just under. And I'll give you another glimpse it looks like Palo Alto despite the macro may even just edge up a bit in the next survey based on the glimpse that Eric gave us. Now those colored bars in the bottom right corner they show the breakdown of Palo Alto's net score and underscore the methodology that ETR uses. The lime green is new customer adoptions, that's 7%. The forest green at 38% represents the percent of customers that are spending 6% or more on Palo Alto solutions. The gray is at that 40 or 8% that's flat spending plus or minus 5%. The pinkish at 5% is spending is down on Palo Alto network products by 6% or worse. And the bright red at only 2% is churn or defections. Very low single digit numbers for Palo Alto, that's a real positive. What you do is you subtract the red from the green and you get a net score of 38% which is very good for a company of Palo Alto size. And we'll note this is based on just under 400 responses in the ETR survey that are Palo Alto customers out of around 1300 in the total survey. It's a really good representation of Palo Alto. And you can see the other leading companies like CrowdStrike, Okta, Zscaler, Forte, Cisco they loom large with similar aspirations. Well maybe not so much Okta. They don't necessarily rule want to rule the world. They want to rule identity and of course the ever ubiquitous Microsoft in the upper right. Now drilling deeper into the ETR data, let's look at how Palo Alto has progressed over the last three surveys in terms of market presence in the survey. This view of the data shows provision in the data going back to October, 2021, that's the gray bars. The blue is July 22 and the yellow is the latest survey from October, 2022. Remember, the January survey is currently in the field. Now the leftmost set of data there show size a company. The middle set of data shows the industry for a select number of industries in the right most shows, geographic region. Notice anything, yes, Palo Alto up across the board relative to both this past summer and last fall. So that's pretty impressive. Palo Alto network CEO, Nikesh Aurora, stressed on the last earnings call that the company is seeing somewhat elongated deal approvals and sometimes splitting up size of deals. He's stressed that certain industries like energy, government and financial services continue to spend. But we would expect even a pullback there as companies get more conservative. But the point is that Nikesh talked about how they're hiring more sales pros to work the pipeline because they understand that they have to work harder to pull deals forward 'cause they got to get more approvals and they got to increase the volume that's coming through the pipeline to account for the possibility that certain companies are going to split up the deals, you know, large deals they want to split into to smaller bite size chunks. So they're really going hard after they go to market expansion to account for that. All right, so we're going to wrap by sharing what we expect and what we're going to probe for at Palo Alto Ignite next week, Lisa Martin and I will be hosting "theCube" and here's what we'll be looking for. First, it's a four day event at the MGM with the meat of the program on days two and three. That's day two was the big keynote. That's when we'll start our broadcasting, we're going for two days. Now our understanding is we've never done Palo Alto Ignite before but our understanding it's a pretty technically oriented crowd that's going to be eager to hear what CTO and founder Nir Zuk has to say. And as well CEO Nikesh Aurora and as in addition to longtime friend of "theCube" and current president, BJ Jenkins, he's going to be speaking. Wendy Whitmore runs Unit 42 and is going to be several other high profile Palo Alto execs, as well, Thomas Kurian from Google is a featured speaker. Lee Claridge, who is Palo Alto's, chief product officer we think is going to be giving the audience heavy doses of Prisma Cloud and Cortex enhancements. Now, Cortex, you might remember, came from an acquisition and does threat detection and attack surface management. And we're going to hear a lot about we think about security automation. So we'll be listening for how Cortex has been integrated and what kind of uptake that it's getting. We've done some, you know, modeling in from the ETR. Guys have done some modeling of cortex, you know looks like it's got a lot of upside and through the Palo Alto go to market machine, you know could really pick up momentum. That's something that we'll be probing for. Now, one of the other things that we'll be watching is pricing. We want to talk to customers about their spend optimization, their spending patterns, their vendor consolidation strategies. Look, Palo Alto is a premium offering. It charges for value. It's expensive. So we also want to understand what kind of switching costs are customers willing to absorb and how onerous they are and what's the business case look like? How are they thinking about that business case. We also want to understand and really probe on how will Palo Alto maintain best of breed as it continues to acquire and integrate to expand its TAM and appeal as that one-stop shop. You know, can it do that as we talked about before. And will it do that? There's also an interesting tension going on sort of changing subjects here in security. There's a guy named Edward Hellekey who's been in "theCube" before. He hasn't been in "theCube" in a while but he's a security pro who has educated us on the nuances of protecting data privacy, public policy, how it varies by region and how complicated it is relative to security. Because securities you technically you have to show a chain of custody that proves unequivocally, for example that data has been deleted or scrubbed or that metadata does. It doesn't include any residual private data that violates the laws, the local laws. And the tension is this, you need good data and lots of it to have good security, really the more the better. But government policy is often at odds in a major blocker to sharing data and it's getting more so. So we want to understand this tension and how companies like Palo Alto are dealing with it. Our customers testing public policy in courts we think not quite yet, our government's making exceptions and policies like GDPR that favor security over data privacy. What are the trade-offs there? And finally, one theme of this breaking analysis is what does Palo Alto have to do to stay on top? And we would sum it up with three words. Ecosystem, ecosystem, ecosystem. And we said this at CrowdStrike Falcon in September that the one concern we had was the pace of ecosystem development for CrowdStrike. Is collaboration possible with competitors? Is being adopted aggressively? Is Palo Alto being adopted aggressively by global system integrators? What's the uptake there? What about developers? Look, the hallmark of a cloud company which Palo Alto is a cloud security company is a thriving ecosystem that has entries into and exits from its platform. So we'll be looking at what that ecosystem looks like how vibrant and inclusive it is where the public clouds fit and whether Palo Alto Networks can really become the security super cloud. Okay, that's a wrap stop by next week. If you're in Vegas, say hello to "theCube" team. We have an unbelievable lineup on the program. Now if you're not there, check out our coverage on theCube.net. I want to thank Eric Bradley for sharing a glimpse on short notice of the upcoming survey from ETR and his thoughts. And as always, thanks to Chip Symington for his sharp comments. Want to thank Alex Morrison, who's on production and manages the podcast Ken Schiffman as well in our Boston studio, Kristen Martin and Cheryl Knight they help get the word out on social and of course in our newsletters, Rob Hoof, is our editor in chief over at Silicon Angle who does some awesome editing, thank you to all. Remember all these episodes they're available as podcasts. Wherever you listen, all you got to do is search "Breaking Analysis" podcasts. I publish each week on wikibon.com and silicon angle.com where you can email me at david.valante@siliconangle.com or dm me at D Valante or comment on our LinkedIn post. And please do check out etr.ai. They've got the best survey data in the enterprise tech business. This is Dave Valante for "theCube" Insights powered by ETR. Thanks for watching. We'll see you next week on "Ignite" or next time on "Breaking Analysis". (upbeat music)

>>Machine intelligence is everywhere. AI is being embedded into our everyday lives, through applications, process automation, social media, ad tech, and it's permeating virtually every industry and touching everyone. Now, a major issue with machine learning and deep learning is trust in the outcome. That is the black box problem. What is that? Well, the black box issue arises when we can see the input and the output of the data, but we don't know what happens in the middle. Take a simple example of a picture of a cat or a hotdog for you. Silicon valley fans, the machine analyzes the picture and determines it's a cat, but we really don't know exactly how the machine determined that. Why is it a problem? Well, if it's a cat on social media, maybe it isn't so onerous, but what if it's a medical diagnosis facilitated by a machine? And what if that diagnosis is wrong? >>Or what if the machine is using deep learning to qualify an individual for a home loan and that person applying for the loan gets rejected. Was that decision based on bias? If the technology to produce that result is opaque. Well, you get the point. There are serious implications of not understanding how decisions are made with AI. So we're going to dig into the issue and the topic of how to make AI explainable and operationalize AI. And with me are two guests today, Shea speaky, who's the co-founder and COO of cognitive scale and long time friend of the cube and newly minted CEO of cognitive scale. Bob pitchy, Yano, gents. Welcome to the cube, Bob. Good to see you again. Welcome back on. >>Thanks for having us >>Say, let me start with you. Why did you start the company? I think you started the company in 2013. Give us a little history and the why behind cognitive scale. >>Sure. David. So, um, look, I spent some time, um, you know, through multiple startups, but I ended up at IBM, which is where I met Bob. And one of the things that we did was the commercialization of IBM Watson initially. And that led to, uh, uh, thinking about how do you operationalize this because of the, a lot of people thinking about data science and machine learning in isolation, building models, you know, trying to come up with better ways to deliver some kind of a prediction, but if you truly want to operationalize it, you need to think about scale that enterprises need. So, you know, we were in the early days, enamored by ways, I'm still in landed by ways. The application that takes me from point a to point B and our view is look as you go from point a to point B, but if you happen to be, um, let's say a patient or a financial services customer, imagine if you could have a raise like application giving you all the insights that you needed telling you at the right moment, you know, what was needed, the right explanation so that it could guide you through the journey. >>So that was really the sort of the thesis behind cognitive scale is how do you apply AI, uh, to solve problems like that in regulated industries like health care management services, but do it in a way that it's done at scale where you can get, bring the output of the data scientists, application developers, and then those insights that can be powered into those end applications like CRM systems, mobile applications, web applications, applications that consumers like us, whether it be in a healthcare setting or a financial services setting can get the benefit of those insights, but have the appropriate sort of evidence and transparency behind it. So that was the, that was the thesis for. >>Got it. Thank you for that. Now, Bob, I got to ask you, I knew you couldn't stay in the sidelines, my friend. So, uh, so what was it that you saw in the marketplace that Lord you back in to, to take on the CEO role? >>Yeah, so David is an exciting space and, uh, you're right. I couldn't stay on the sideline stuff. So look, I always felt that, uh, enterprise AI had a promise to keep. Um, and I don't think that many enterprises would say, you know, with their experience that yeah, we're getting the value that we wanted out of it. We're getting the scale that we wanted out of it. Um, and we're really satisfied with what it's delivered to us so far. So I felt there was a gap in keeping that promise and I saw cognitive scale as an important company and being able to fill that gap. And the reason that that gap exists is that, you know, enterprise AI, unlike AI, that relates to one particular conversational service or one particular small narrow domain application is really a team sport. You know, it involves all sorts of roles, um, and all sorts of aspects of a working enterprise. >>That's already scaled with systems of engagement, um, and, and systems of record. And we show up in the, with the ability to actually help put all of that together. It's a brown field, so to speak, not a Greenfield, um, and where Shea and Matt and Minosh and the team really focused was on what are the important last mile problems, uh, that an enterprise needs to address that aren't necessarily addressed with any one tool that might serve some members of that team? Because there are a lot of great tools out there in the space of AI or machine learning or deep learning, but they don't necessarily help come together to, to deliver the outcomes that an enterprise wants. So what are those important aspects? And then also, where do we apply AI inside of our platform and our capabilities to kind of take that operationalization to the next level, uh, with, you know, very specific insights and to take that journey and make it highly personalized while also making it more transparent and explainable. >>So what's the ICP, the ideal customer profile, is it, is it highly regulated industries? Is it, is it developers? Uh, maybe you could parse that a little bit. >>Yeah. So we do focus in healthcare and in financial services. And part of the reason for that is the problem is very difficult for them. You know, you're, you're working in a space where, you know, you have rules and regulations about when and how you need to engage with that client. So the bar for trust is very, very high and everything that we do is around trusted AI, which means, you know, thinking about using the data platforms and the model platforms in a way to create marketplaces, where being able to utilize that data is something that's provisioned in permission before we go out and do that assembly so that the target customer really is somebody who's driving digital transformation in those regulated industries. It might be a chief digital officer. It might be a chief client officer, customer officer, somebody who's really trying to understand. I have a very fragmented view of my member or of my patient or my client. And I want to be able to utilize AI to help that client get better outcomes or to make sure that they're not lost in the system by understanding and more holistically understanding them in a more personalized way, but while always maintaining, you know, that that chain of trust >>Got it. So can we get into the product like a little bit more about what the product is and maybe share, you can give us a census to kind of where you started and the evolution of the portfolio >>Look where we started there is, um, the application of AI, right? So look, the product and the platform was all being developed, but our biggest sort of view from the start had been, how do you get into the trenches and apply this to solve problems? And as well, pointed out, one of the areas we picked was healthcare because it is a tough industry. There's a lot of data, but there's a lot of regulation. And it's truly where you need the notion of being able to explain your decision at a really granular level, because those decisions have some serious consequences. So, you know, he started building a platform out and, um, a core product is called cortex. It's the, it's a software platform on top of this. These applications are built, but to our engagements over the last six, seven years, working with customers in healthcare, in financial services, some of the largest banks, the largest healthcare organizations, we have developed a software product to essentially help you scale enterprise AI, but it starts with how do you build these systems? >>Building the systems requires us to provide tooling that can help developers take models, data that exists within the enterprise, bring it together, rapidly, assemble this, orchestrate these different components, stand up. These systems, deploy these systems again in a very complex environment that includes, you know, on-prem systems as well as on the cloud, and then be able to done on APIs that can plug into an application. So we had to essentially think of this entire problem end to end, and that's poor cortex does, but extremely important part of cortex that didn't start off. Initially. We certainly had all the, you know, the, the makings of a trusted AI would be founded the industry wasn't quite ready over time. We've developed capabilities around explainability being able to detect bias. So not only are you building these end to end systems, assembling them and deploying them, you have as a first-class citizen built into this product, the notion of being able to understand bias, being able to detect whether there's the appropriate level of explainability to make a decision and all of that's embedded within the cortex platform. So that's what the platform does. And it's now in its sixth generation as we >>Speak. Yeah. So Dave, if you think about the platform, it really has three primary components. One is this, uh, uh, application development or assembly platform that fits between existing AI tools and models and data and systems of engagement. And that allows for those AI developers to rapidly visualize and orchestrate those aspects. And in that regard were tremendous partners with people like IBM, Microsoft H2O people that provide aspects that are helping develop the data platform, the data fabric, things like the, uh, data science tools to be able to then feed this platform. And then on the front end, really helping transform those systems of engagement into things that are more personalized with better recommendations in a more targeted space with explainable decisions. So that's one element that's called cortex fabric. There's another component called cortex certify. And that capability is largely around the model intelligence model introspection. >>It works, uh, across things that are of cost model driven, but other things that are based on deterministic algorithms, as well as rule-based algorithms to provide that explainability of decisions that are made upstream before they get to the black box model, because organizations are discovering that many times the data has, you know, aspects of dimensions to it and, and, and biases to it before it gets to the model. So they want to understand that entire chain of, of, uh, of decisioning before it gets there. And then there's the notion of some pew, preacher rated applications and blueprints to rapidly deliver outcomes in some key repeating areas like customer experience or like lead generation. Um, those elements where almost every customer we engage with, who is thinking about digital transformation wants to start by providing better client experience. They want to reduce costs. They want to have operational savings while driving up things like NPS and improving the outcomes for the people they're serving. So we have those sets of applications that we built over time that imagine that being that first use application, that starter set, that also trains the customer on how to you utilize this operational platform. And then they're off to the races building out those next use cases. So what we see as one typical insertion place play that returns value, and then they're scaling rapidly. Now I want to cover some secret sauce inside of the platform. >>Yeah. So before you do, I think, I just want to clarify, so the cortex fabric, cause that's really where I wanted to go next, but the cortex fabric, it seems like that's the way in which you're helping people operationalize inject use familiar tooling. It sounds like, am I correct? That the cortex certify is where you're kind of peeling the onion of that complicated, whether it's deep learning or neural networks, which is that's where the black box exists. Maybe you could tell us, you know, is that where the secret sauce lives, if not, where is it? And if >>It actually is in all places right though. So there's some really important, uh, introductions of capabilities, because like I mentioned, many times these, uh, regulated industries have been developed and highly fragmented pillars. Just think about the insurance companies between property casualty and personal lines. Um, many times they have grown through acquisition. So they have these systems of record that are, that are really delivering the operational aspects of the company's products, but the customers are sometimes lost in the scenes. And so they've built master data management capabilities and data warehouse capabilities to try to serve that. But they find that when they then go to apply AI across some of those curated data environments, it's still not sufficient. So we developed an element of being able to rapidly assemble what we call a profile of one. It's a very, very intimate profile around declared data sources, uh, that relate to a key business entity. >>In most cases, it's a person, it's a member, it's a patient, it's a client, but it can be a product for some of our clients. It's real estate. Uh, it's a listing. Um, you know, it can be someone who's enjoying a theme park. It can be someone who's a shopper in a grocery store. Um, it can be a region. So it's any key business entity. And one of the places where we applied our AI knowledge is by being able to extract key information out of these declared systems and then start to make longitudinal observations about those systems and to learn about them. And then line those up with prediction engines that both we supply as well as third parties and the customers themselves supply them. So in this theme of operationalization, they're constantly coming up with new innovations or a new model that they might want to interject into that engagement application. Our platform with this profile of one allows them to align that model directly into that profile, get the benefits of what we've already done, but then also continue to enhance, differentiate and provide even greater, uh, greater value to that client. IBM is providing aspects of those models that we can plug in. And many of our clients are that's really >>Well. That's interesting. So that profile of one is kind of the instantiation of that secret sauce, but you mentioned like master data management data warehouse, and, you know, as well as I do Bob we've we've we've decades of failures trying to get a 360 degree view for example of the customer. Uh, it's just, just not real time. It's not as current as we would want it to be. The quality is not necessarily there. It's a very asynchronous process. Things have changed the processing power. You and I have talked about this a lot. We have much more data now. So it's that, that, that profile one. So, but also you mentioned curated apps, customer experience, and lead gen. You mentioned those two, uh, and you've also talked about digital transformation. So it sounds like you're supporting, and maybe this is not necessarily the case, but I'm curious as to what's going on here, maybe supporting more revenue generation in the early phases than say privacy or compliance, or is it actually, do you have use cases for both? >>It's all, it's all of it. Um, and, and shake and, you know, really talk passionately about some of the things we've helped clients do, like for instance, uh, J money. Why don't you talk about the, the hospital, um, uh, uh, you know, discharge processes. >>Absolutely. So, so, you know, just to make this a bit more real, they, you know, when you talk about a profile on one, it's about understanding of patient, as I said earlier, but it's trying to bring this notion of not just the things that you know about the patient you call that declared information. You can find the system in, you can find this information in traditional EMR systems, right? But imagine bringing in, uh, observed information, things that you observed an interaction with the patient, uh, and then bring in inferences that you can then start drawing on top of that. So to bring this to a live example, imagine at the point of care, knowing when all the conditions are right for the patient to be discharged after surgery. And oftentimes as you know, those, if all the different evidence of the different elements that don't come together, you can make some really serious mistakes in terms of patient discharge, bad things can happen. >>Patient could be readmitted or even worse. That could be a serious outcome. Now, how do you bring that information at the point of care for the person making a decision, but not just looking at the information, you know, but also understanding not just the clinical information, but the social, the socioeconomic information, and then making sure that that decision has the appropriate evidence behind it. So then when you do make that decision, you have the appropriate sort of, uh, you know, the guidance behind it for audit reasons, but also for ensuring that you don't have a bad outcome. So that's the example Bob's talking about, where we have a flight this in real settings, in, in healthcare, but also in financial services and other industries where you can make these decisions based on the machine, telling you with a lot of detail behind it, whether this is the right decision to be made, we call this explainability and the evidence that's needed. >>You know, that's interesting. I, I, I'm imagining a use case in my mind where after a patient leaves, so often there's just a complete disconnect with the patient, unless that patient has problems and goes back, but that patient might have some problems, but they forget it's too much of a pain in the neck to go back, but, but the system can now track this and we could get much more accurate information and that could help in future diagnoses and, and also decision-making for a patient in terms of, of outcomes and probability of success. Um, question, what do you actually sell? So it's a middleware product. It's a, how do I license it? >>It's a, it's a, uh, it's a software platform. So we sell software, um, and it is deployed in the customer's cloud environment of choice. Uh, of course we support complete hybrid cloud capabilities. Um, we support native cloud deployments on top of Microsoft and Amazon and Google. And we support IBM's hybrid cloud initiative with red hat OpenShift as well, which also puts us in a position to both support those public cloud environments, as well as the customer's private cloud environments. So constructed with Kubernetes in that environment, um, which helps the customer also re you know, realize the value of that operational appar operationalization, because they can modify those applications and then redeploy them directly into their cloud environment and start to see those as struck to see those spaces. Now, I want to cover a couple of the other components of the secret sauce, if I could date to make sure that you've got a couple other elements where some real breakthroughs are occurring, uh, in these spaces. >>Um, so Dave, you and I, you know, we're passionate about the semiconductor industry, uh, and you know, we know what is, you know, happening with regard to innovation and broadening the people who are now siliconized their intellectual property and a lot of that's happening because those companies who have been able to figure out how to manufacture or how to design those semiconductors are operationalizing those platforms with our customers. So you have people like apple who are able to really break out of the scene and do things by utilizing utilities and macros their own knowledge about how things need to work. And it's just, it's very similar to what we're talking about doing here for enterprise AI, they're operationalizing that construction, but none of those companies would actually start creating the actual devices until they go through simulation and design. Correct. Well, when you think about most enterprises and how they develop software, they just immediately start to develop the code and they're going through AB testing, but they're all writing code. >>They're developing those assets. They're creating many, many models. You know, some organizations say 90% of the models they create. They never use some say 50, and they think that's good. But when you think about that in terms of, you know, the capital that's being deployed, both on the resources, as well as the infrastructure, that's potentially a lot of waste as well. So one of the breakthroughs is, uh, the creation of what we call synthetic data and simulations inside of our, of our operational platform. So cortex fabric allows someone to actually say, look, this is my data pattern. And because it's sensitive data, it might be, you know, PII. Um, we can help them by saying, okay, what is the pattern of that data? And then we can create synthetic data off of that pattern for someone to experiment with how a model might function or how that might work in the application context. >>And then to run that through a set of simulations, if they want to bring a new model into an application and say, what will the outcomes of this model be before I deployed into production, we allow them to drive simulations across millions or billions of interactions to understand what is that model going to be effective. Was it going to make a difference for that individual or for this application or for the cost savings goal and outcomes that I'm trying to drive? So just think about what that means in terms of that digital transformation officers, having the great idea, being in the C-suite and saying, I want to do this with my business. Oftentimes they have to turn around to the CIO or the chief data officer and say, when can you get me that data? And we all know the answer to that question. They go like this, like the, yeah, I've got a couple other things on the plate and I'll get to that as soon as I can. >>Now we're able to liberate that. Now we're able to say, look, you know, what's the concept that you're trying to develop. Let's create the synthetic data off of that environment. We have a Corpus of data that we have collected through various client directions that many times gets that bootstrapped and then drive that through simulation. So we're able to drive from imagination of what could be the outcome to really getting high confidence that this initiative is going to have a meaningful value for the enterprise. And then that stimulates the right kind of following and the right kind of endorsement, uh, throughout really driving that change to the enterprise and that aspect of the simulations, the ability to plan out what that looks like and develop those synthetic aspects is another important element that the secret sauce inside of cortex fabric, >>Back to the semiconductor innovation, I can do that very cheaply. I think, I think I I'm thinking AWS cloud, I could experiment using graviton or maybe do a little bit of training with some, you know, new processors and, and then containerize it, bring it back to my on-premise state and apply it. Uh, and so, uh, just a as you say, a much more agile environment, um, yeah, >>Speed efficiency, um, and the ability to validate the hypothesis that, that started the process. >>Guys, think about the Tam, the total available market. Can we have that discussion? How big is that? >>I mean, if you think about the spend across, uh, the healthcare space and financial services, we're talking about hundreds of billions, uh, in that, in terms of what the enterprise AI opportunity, as in just those spaces. And remember financial services is a broad spectrum. So one of the things that we're actually starting to roll out today in fact, is a SAS service that we developed. That's based on top of our offerings called trust star trust star.ai, and trust star is a set of personalized insights that get delivered directly to the loan officer inside of, uh, an institution who's trying to, uh, really match, uh, lending to someone who wants to buy a property. Um, and when you think about many of those organizations, they have very, very high demand. They've got a lot of information, they've got a lot of regulation they need to adhere to. >>But many times they're very analytically challenged in terms of the tools they have to be able to serve those needs. So what's happening with new listings, what's happening with my competitors, what's happening. As people move from high tax states, where they want to potentially leave into new, more attractive toxin and opportunity-based environments where they're not known to those lending institutions that maybe, you know, they're, they're trying to be married up with. So we've developed a set of insights that are, is, this is a subscription service trust r.ai, um, which goes directly to the loan officer. And then we use our platform behind the scenes to use things like the home disclosure act, data, MLS data, other data that is typically Isagenix to those sources and providing very customized insights to help that buyer journey. And of course, along the way, we can identify things like are some of the decisions more difficult to explain, are there potential biases that might be involved in that environment as people are applying for mortgages, and we can really drive growth through inclusion for those lending institutions, because they might just not understand that potential client well enough, that we can identify the kind of things that they can do to know them better. >>And the benefit is really to hold there, right? And shale, I'll let you jump in, but to me, it's twofold. There. One is, you know, you want to have accurate decisions. You want to have low risk decisions. And if you want to be able to explain that to an individual that may get rejected, here's why, um, and, and it wasn't because of bias. It was because of XYZ and you need to work on these things, but go ahead shape. >>Now, this is going to add that point here, Dave, which is a double-faced point on the dam. One of the things that, and the reason why, you know, industries like healthcare, financial services spending billions, it's not because they look at AI in isolation, they actually looking at the existing processes. So, you know, established disciplines like CRM or supply chain procurement, whether it is contact center and so on. And the examples that we gave you earlier, it's about infusing AI into those existing applications, existing systems. And that's, what's creating the left because what's been missing so far is the silos of data and you traditional traditional transaction systems, but this notion of intelligence that can be infused into the systems and that's, what's creating this massive market opportunity for us. >>Yeah. And I think, um, I think a lot of people just misunderstood in the, or in the early, early days of the AI, you know, new AI when we came out of the AI winter, if you will, people thought, okay, the incumbents are in big trouble now because they are not, they're not AI developers, but really what you guys are showing is it's not about building your own AI. It's about applying AI and having the tools to do so. The incumbents actually have a huge advantage because they've got the systems in place. They can, if they, if they're smart, they can infuse AI and then extract value out of that for their customers. >>And that's why, you know, companies like, uh, like IBM are an investor in a great partner in this space. Anthem is an investor, uh, you know, of the company, but also, you know, someone who can utilize the capabilities, Microsoft, uh, Intel, um, you know, we've been, we've been, uh, you know, really blessed with a great backing Norwest venture partners, um, obviously is, uh, an investor in us as well. So, you know, we've seen the ability to really help those organizations think about, um, you know, where that future lies. But one of the things that is also, you know, one of the gaps in the promises when a C-suite executive like a digital transformation officer, chief digital chief customer officer, they're having their idea, they want to be accountable to that idea. They're having that idea in the boardroom. And they're saying, look, I think I can improve my customer satisfaction and, uh, by 20 points and decrease the cost of my call center by 20 or 30 or 50 points. >>Um, but they need to be able to measure that. So one of the other things that, uh, we've done a cognitive scale is help them understand the progress that they're making across those business goals. Um, now when you think about this people like Andrew Nang, or just really talking about this aspect of goal oriented AI, don't start with the problem, start with what your business goal is, start with, what outcome you're trying to drive, and then think about how AI helps you along that goal. We're delivering this now in our product, our version six product. So while some people are saying, yeah, this is really the right way to potentially do it. We have those capabilities in the product. And what we do is we identify this notion of the campaign, an AI campaign. So when the case that I just gave you where the chief digital officer is saying, I want to drive customer satisfaction up. >>I want to have more explainable decisions, and I want to drive cost down. Maybe I want to drive, call avoidance. Um, you know, and I want to be able to reduce a handling time, um, to drive those costs down, that is a campaign. And then underneath that campaign, there's all sorts of missions that support that campaign. Some of them are very long running. Some of them are very ephemeral. Some of them are cyclical, and we have this notion of the campaign and then admission planner that supports the goals of that campaign, showing that a leader, how they're doing against that goal by measuring the outcomes of every interaction against that mission and all the missions against the campaign. So, you know, we think accountability is an important part of that process as well. And we've never engaged an executive that says, I want to do this, but I don't want to be accountable to the result, but they're having a hard time identifying I'm spending this money. >>How do I ensure that I'm getting the return? And so we've put our, you know, our secret sauce into that space as well. And that includes, you know, the information around the trustworthiness of those, uh, capabilities. Um, and I should mention as well, you know, when we think about that aspect of the responsible AI capabilities, it's really important. The partnerships that we're driving across that space, no one company is going to have the perfect model intelligence tool to be able to address an enterprise's needs. It's much like cybersecurity, right? People thought initially, well, I'll do it myself. I'll just turn up my firewall. You know, I'll make my applications, you know, uh, you know, roll access much more granular. I'll turn down the permissions on the database and I'll be safe from cybersecurity. And then they realized, no, that's not how it was going to work. >>And by the way, the threats already inside and there's, long-term persistent code running, and you have to be able to scan it, have intelligence around it. And there are different capabilities that are specialized for different components of that problem. The same is going to be turnaround responsible and trustworthy AI. So we're partnered with people like IBM, people like Microsoft and others to really understand how we take the best of what it is that they're doing partner with the best, uh, that they're doing and make those outcomes better for clients. And then there's also leaders like the responsible AI Institute, which is a non-profit independent organization who were thinking about a new rating systems for, um, the space of responsible and trusted AI, thinking about things like certifications for professionals that really drive that notion of education, which is an important component of addressing the problem. And we're providing the integration of our tools directly with those assessments and those certifications. So if someone gets started with our platform, they're already using an ecosystem that includes independent thinkers from across the entire industry, um, including public sector, as well as the private sector, to be able to be on the cutting edge of what it's going to take to really step up to the challenge in that space. >>Yeah. You guys got a lot going on. I mean, you're eight years in now and you've got now an executive to really drive the next scale. You mentioned Bob, some of your investors, uh, Anthem, IBM Norwest, uh, I it's Crunchbase, right? It says you've raised 40 million. Is that the right number? Where are you in fundraising? What can you tell? >>Um, they're a little behind where we are, but, uh, you know, we're staged B and, uh, you know, we're looking forward to now really driving that growth. We're past that startup phase, and now we're into the growth phase. Um, and we're seeing, you know, the focus that we've applied in the industries, um, really starting to pay off, you know, initially it would be a couple of months as a customer was starting to understand what to be able to do with our capabilities to address their challenges. Now we're seeing that happen in weeks. So now is the right time to be able to drive that scalability. So we'll be, you know, looking in the market of how we assemble that, uh, you know, necessary capability to grow. Um, Shay and I have worked, uh, in the past year of, uh, with the board support of building out our go to market around that space. >>Um, and in the first hundred days, it's all about alignment because when you're going to go through that growth phase growth phase, you really have to make sure that things were pointed in the right direction and pointed together in the right direction, simplifying what it is that we're doing for the market. So people could really understand, you know, how unique we are in this space, um, and what they can expect out of an engagement with us. Um, and then, you know, really driving that aspect of designing to go to market. Um, and then scaling that. >>Yeah, I think I, it sounds like you've got, you got, if you're, if you're in down to days or weeks in terms of the ROI, it sounds like you've got product market fit nailed. Now it's about sort of the next phase is you really driving your go to market and the science behind how your dimension and your, your sales productivity, and you can now codify what you've learned in that first phase. I like the approach. A lot of, a lot of times you see companies, of course, this comes out of the west coast, east coast guy, but you see the double, double, triple, triple grow, grow, grow, grow, grow, and then, and then churn becomes that silent killer of the S the software company. I think you guys, it sounds you've, you've taken a much, much more adult-like approach, and now you're ready to really drive that scale. I think it's the new formula really for success for hitting escape velocity. Guys, we got to go, but thanks so much. Uh, uh, Bob, I'll give you the last word, w w w what you mentioned some of your a hundred day priorities. Maybe you can summarize that and what should we be looking for as Martin? >>I mean, I, I think, I think the, you know, the, our measures of success are our clients measure success and the same for our partners. So we're not doing this alone, we're doing it with system integrator partners, and we're doing it with a great technology partners in the market as well. So this is a part about keeping that promise for enterprise AI. And one of the things that I'll say just in the last couple of minutes is, you know, this is not just a company with a great vision and great engineers to develop out this great portfolio, but it's a company with great values, great commitments to its employees and the marketplace and the communities we serve. So I was attracted to the culture of this company, as well as I was, uh, to the, uh, innovation and what they mean to the, to the space of a, >>And I said, I said, I'll give you last word. Actually, I got a question for Shea you Austin based, is that correct? >>But we have a global presence, obviously I'm operating out of Austin, other parts of the U S but, uh, offices in, in, uh, in the UK, as well as in India, >>You're not moving to tax-free Texas. Like everybody else. >>I've got to, I've got an important home, uh, and life in Connecticut cell. I'll be traveling back and forth between Connecticut and Austin, but keeping my home there. >>Thanks for coming on and best of luck, we want to follow your progress and really appreciate your time today. Good luck. >>Thank you, Dave. All right. >>Thank you for watching this cube conversation. This is Dave Volante. We'll see you next time.

>>from San Francisco. It's the queue covering our essay conference. 2020. San Francisco Brought to you by Silicon Angle Media's >>Welcome Back Around Here at the Cube. Coverage for our conference. Mosconi, South Floor. Bring you all the action day one of three days of cube coverage where the security game is changing, the big players are making big announcements. The market's changing from on premise to cloud. Then hybrid Multi cloud was seeing that wave coming. A great guest here. Barr, our VP of product strategy and co founder of the Mystery, was acquired by Palo Alto Networks. Worries employed now, Rishi. Thanks for coming on. Thank you. Absolutely happy to be here. So, first of all, great journey for your company. Closed a year ago. Half a 1,000,000,000. Roughly give or take 60. Congratulations. Thank you. Big accomplishments. You guys were taken out right in the growth phase. Now at Palo Alto Networks, which we've been following, you know, very careful. You got a new CMO over there, Jean English? No, we're very well. We're very bullish on Palo Alto. Even though that the on premise transitions happening cloud. You guys are well positioned. How's things going things are going fantastic. We're investing a lot in the next Gen security business across the board, as mentioned Prisma Cloud is big business. And then on the other side, which is what I'm part of the cortex family focused on the Security operations center and the efficiencies That's fantastic and, ah, lot off product innovations, investment and the customer pull from an operations perspective. So very excited. You guys had a big announcement on Monday, and then yesterday was the earnings, which really kind of points to the trend that we're seeing, which is the wave to the cloud, which you're well positioned for this transition going on. I want to get to the news first. Then we get into some of the macro industry questions you guys announced the X ore, which is redefining orchestration. Yes. What is this about? What's this news about? Tell us. >> So this news is about Mr was acquired about a year ago as well. This is taking that Mr Platform and expanding it on, expanding it to include a very core piece, which is Intel management. If you look at a traditional saw, what has happened is soccer teams have had the same dead and over the last few years acquired a sword platform such as a mystery security orchestration, automation and response platform. But the Edge Intel team has always been still separate the threat Intel feeds that came in with separate. With this, we are expanding the power of automation and applying doc to the threat intelligence as well. That is, thread intelligence, current state of the art right now. So the current state of the art of threat intelligence is are the larger organizations typically subscribe to a lot of faith, feeds open source feeds and aggregate them. But the challenge is to aggregate them the sit in a repository and nobody knows what to do with them. So the operationalization of those feeds is completely missing. >> So basically, that is going to have data pile. Corpus is sitting there. No one touches it, and then everyone has to. It's a heavy lift. It's a heavy lift, and nobody knows. Cisco sees the value coming out of it. How do you proactively hunt using those? How do you put them to protecting proactively to explain cortex X, or what is it? And what's the value? So the cortex X or as a platform. There are four core pieces, three off which for the core tenants of the misto since the big one is automation and orchestration. So today we roughly integrate with close to 400 different products security and I t products. Why are the FBI on let customers build these work flows come out of the box with close to 80 or 90 different workloads. The idea of these workloads is being able to connect to one product for the data go to another taken action there Automation, orchestration builds a visual book second s case management and this is very critical, right? I mean, if you look at the process side of security, we have never focused as an industry and the process and the human side of security. So how do you make sure every security alert on the process the case management escalation sl A's are all managed. So that's a second piece off cortex. Third collaboration. One of the core tenants of Mr Waas. We heard from customers that analysts do not talk to each other effectively on when they do. Nobody captures that knowledge. So the misto has an inbuilt boardroom which now Cortex X or has the collaboration war room on that is now available to be able to chat among analysts. But not only that charged with the board take actions. The fourth piece, which is the new expanded platform, is the personal management to be able to now use the power of orchestration, automation collaboration, all for threat intelligence feeds as well. Not only the alerts >> so and so you're adding in the threat. Intelligence feeds, yes. So is that visualize ai on the machine Learning on that? How is that being process in real time? How does that on demand work for that fills. So the biggest piece is applying the automation and intelligence to automatically score that on being able to customize the scoring the customer's needs. Customized confidence score perfect. And once you have the high fidelity indicators automatically go block them as an example. If you get a very high fidelity IOC from FBI that this particular domain is the militias domain, you would want to block that in. Your firewall is executed immediately, and that is not happening today. That is the core, and that's because of the constraint is I don't know the data the way we don't know the data and it's manual. Some human needs to review it. Some human needs to go just not being surfaced, just not. So let's get back into some of the human piece. I love the collaboration piece. One of things that I hear all the time in my cube interviews across all the hundreds of events we go to is the human component you mentioned. Yes, people have burnt out. I mean, like the security guys. I mean, the joke was CIOs have good days once in a while, CSOs don't have any good days, and it's kind of a job board pejorative to that. But that's the reality. Is that it works? Yes. We actually okay, if you have another job. Talking of jokes, we have this. Which is what do you call and overwork security analyst. A security analyst, because every one of them >>is over word. >>So this is a huge thing. So, like the ai and some of the predictive analytics trend Is tourist personalization towards the analyst Exactly. This is a trend that we're seeing. What's your view on this? What? You're absolutely We're seeing that trend which is How do you make sure analyst gets to see the data they're supposed to see at the right time? Right. So there's one aspect is what do you bring up to the analyst? What is relevant and you bring it up at the right time to be able to use it. Respond with that. So that comes in one from an ML perspective and machine learning. And our cortex. XDR suite of products actually does a fantastic job of bringing very rich data to the analyst at the right time. And then the second is, can we help analyst respond to it? Can we take the repetitive work away from them with a playbook approach? And that's what the cortex platform brings to that. I love to riff on some future scenarios kind of. I won't say sci fi, but I got to roll a little bit of a future to me. I think security has to get to like a multi player gaming environment because imagine like a first person shooter game, you know where or a collaborative game where it's fun. Because once you start that collaboration, yes, then you're gonna have some are oi around. I saw that already. Don't waste your time or you get to know people. So sharing has been a big part? Yes. How soon do you think we're gonna get to an environment where I won't say like gaming? But that notion of a headset on I got some data. I know you are your reputation. I think your armor, you're you're certifications. Metaphorically putting. I think way have a lot of these aspects and I think it's a very critical point. You mentioned right one of the things which we call the virtual war room and like sex or I was pointing out the fact that you can have analysts sit in front of a collaboration war room not only charge for the appears but charged with a boat to go take care of. This is equivalent to remember that matrix movie plugging and says, you know how to fly this helicopter data and now I do. That's exactly what it is. I think we need to point move to a point where, no matter what the security tool is what your endpoint is, you should not have to learn every endpoint every time the normalization off, running those commands via the collaboration War Room should be dead. I would say we're starting to see in some of the customers are topics or they're using the collaboration war room to run those commands intractably, I would say, though, there's a big challenge. Security vendors do not do a good job normalizing that data, and that is where we're trying to reach you. First of all, you get the award for bringing up a matrix quote in The Cube interview. So props to that. So you have blue teams. Red teams picked the pill. I mean, people are people picking their teams. You know what's what's going on. How do you see the whole Red Team Blue team thing happening? I think that's a really good stuff happening. In my opinion, John, what's going on is right now so far, if you see if I go back three years our adversaries were are committing. Then we started to see this trend off red teaming automation with beach automation and bunch of companies starting to >>do that >>with Cortex X or on similar products, we're starting to now automate the blue team side of things, which is how do you automatically respond how do you protect yourself? How do you put the response framework back there? I think the next day and I'm starting to see is these things coming together into a unified platform where the blue team and the team are part of the same umbrella. They're sharing the data. They're sharing the information on the threat Intel chair. So I see we are a very, very good part. Of course, the adversities. I'm not gonna sit idle like you said about the Dev ops mindset. Heavens, notion of knowledge coming your way and having sharing packages all baked out for you. She doesn't do the heavy lifting. That's really the problem. The data is a problem. So much demand so much off it. And you don't know what is good and what is not. Great. Great conversation again. The Matrix reference about your journey. You've been an entrepreneur and sold. You had a great exit again. Politics is world class blue chip company in the industry public going through a transition. What's it like from an entrepreneur now to the big company? What's the opportunity is amazing. I think journey has been very quick. One. We saw some crazy growth with the misto on. Even after the acquisition, it's been incredibly fast pace. It's very interesting lot of one of the doctors like, Hey, you must be no resting is like, No, the journey is amazing. I think he s Polito Networks fundamentally believe that. We need to know where it really, really fast to keep the adversaries out on. But that's been the journey. Um, and we have accelerated, in fact, some of our product plans that we hard as a start up on delivering much faster. So the journey has been incredible, and we have been seeing that growth Will they picked you guys write up? There's no vesting interesting going on when you guys were on the uphill on the upslope growth and certainly relevance for Palo Alto. So clearly, you know, you haven't fun. People vested arrest when they checked out, You guys look like you're doing good. So I got to ask you the question that when you started, what was the original mission? Where is it now? I mean this Is there any deviation? What's been the kind? Of course you know, this is very, very relevant questions. It's very interesting. Right after the acquisition, we went and looked at a pitch deck, which we presented overseas in mid 2015. Believe it or not, the mission has not changed, not changing iron. It had the same competent off. How do you make the life off a security person? A security analyst? Easy. It's all the same mission by automating more by applying AI and learning to help them further by letting them collaborate. All the aspects off case management process, collaboration, automation. It's not changed. That's actually very powerful, because if you're on the same mission, of course you're adding more and more capabilities. But we're still on the same path on going on that. So every company's got their own little nuanced. Moore's Law for Intel. What made you guys successful was that the culture of Dev ops? It sounds like you guys had a certain either it was cut in grain. I think I would say, by the way, making things easy. But you got to do it. You got to stay the course. What was that? I think that's a fundamental cultural feature. Yeah, there's one thing really stand by, and I actually tweeted about a few weeks ago, this which is every idea, is as good as good as its execution. So there's two things between really focus on which is customer focused on. We were really, really portable about customer needs to get the product needs to use the product, customer focus and execution. As we heard the customers loud and clear, every small better. And that's what we also did. You guys have this agile mindset as well, absolutely agile mindset and the development that comes with the customer focus because way kind of these micro payments customer wants this like, why do they want this? What is the end goal? Attributed learner. Move on to make a decision making line was on Web services Way debate argue align! Go Then go. And then once you said we see great success story again Startup right out of the gate 2015. Acquire a couple years later, conventions you and your team and looking forward to seeing your next Palo Alto Networks event. Or thanks for coming on. Great insight here on the cube coverage. I'm John Furrier here on the ground floor of our S e commerce on Mosconi getting all the signal extracting it from the noise here on the Cube. Thanks for watching. >>Yeah, yeah,

>> Live from Orlando, Florida It's the Cube covering Enterprise Connect twenty nineteen. Brought to you by five nine. >> Hello from Orlando, Florida At least Martin was soon met a man, and the Cube was here for day. Teo of Enterprise Connect twenty nineteen. We're excited to welcome to the Cube for the first time. John Hernandez, the CEO of Intelligent John. It's great to have you on the program >> for having me, >> So give our viewers a little bit of an overview. I love the name sell agent as a market average. Fantastic. I get the contacts. Tell us a little bit about intelligent. You guys have been around for a long time. What is it that you do and your relation to enterprise communication? >> Absolutely so at the heart of it. The company started as a CR M company, and then in two thousand five, when sales force was just dominated, the C R M space, the company decided to pivot to marketing. And so the data has been the core of the platform since the beginning of the company that allows us to have so much intelligence of not only what we're marketing to the individuals, because at the end of the day. It's a marketing cloud. Application is we also have all the transactions, every hotel that's been booked, every grocery that's been purchased in the database. So we have so much insight on that consumer weaken, then serve up important ai ai capabilities like, What's the right offer? What's the right time? What's the right day and what's the right channel? My daughters on Instagram. I'ma text guy. You're an email guy that makes it all come to a life of trying to drive products and services to consumers. >> Yeah, I love that. Because you're right. It's a different people. You need to communicate different ways. You know, we've been talking at this show with contact center people. It's like Omni Channel well, voices still super important in the contact center. You know, you have any general trends you can share without, says Oh, you know what's the best way that you know what's working? What, totally failing a za >> middle aged contact center guy myself. I've been in call centre since ninety five and development of um so no, the space. Really well, So some people have been asking, what's a marketing cloud company doing it. Enterprise connect right? The reality is marketing, sales and service are starting to converge in all companies, right? The marketing department can't be in a silo anymore of driving offers to consumers without the inside sales people or the service people knowing what's going on. So we're here working with folks like Five Nines Joint customers success where we're driving campaigns and offers to consumers. And when they come to the Web sage or they call the call center or they send an email to the company. Five nines is catching that that that stuff coming in. But now we give them context. I'LL give an example. Bill dot com is a joint customer of five nines and ourselves. Five nines Does the call center we do. So they do the service and sales departments. We do the marketing, so we're pushing out offers that air personalized ifit's a contractor. They get a different few. If it's a consumer doing a bathroom remodel, they get a different view. And so it's all personalized him Now when they come to build dot com, five nines catches it and guess what? We can apply a eye on top of it to help the humans because we look at it and say, Hey, is it a contractor looking at a bathtub? That's probably a bathroom remodel. Let's get that to our highest and sales person. Like if it's a consumer looking for a faucet replacement, just satisfy that on e commerce, right? So break beautiful handshake between five nines and us, >> and that relevance is absolutely essential, as we are all consumers every day, so easy to buy things from wherever we are, right. But we also want to make sure that what we're getting because retargeting is so popular, were getting ads all the time, and it has to be relevant. So one of the things about relevance that kind of piqued my interest that you said, is a is a scene that stew and I heard yesterday, and that is that the contact center and marketing are often not communicating, and you think of how is the contact center? How did they have the content to be able to deliver it to your daughter on instagram you through text to through phone what you're seeing from a trends perspective about marketing and really as an enabler of the contact Center >> Yeah, yeah, you know, sales and service has always been closely connected, but marketing's always been off on the side, And why we're seeing a growing trend is this whole convergence of consumer experience. All CX experience, right? Everybody's talking about it, but the reality is tough to do. And so what we see happening is the CMO, or the marketing department is typically leading the charge on the strategy. But it's the sales service and departments that are buying the tech, so making sure those things are coming together to drive that relevancy is so important. Other example between us here is a is a company called Cool Blue Cool Blue is an online electronics reseller to consumers, and they saw a massive problem with returns. So we looked at the data with him, said, You know, the source of the prompt seems to be that consumer doesn't know to what to do with that product. You just sold them. So we put into an email campaign in a text campaign, an embedded video that allows them to just when that product arrives to the home they get an email with. That video dropped thirty percent on reduction of of returns Massive r a y for that customer. Well, now you got a call center agents sitting idle, right, waiting to take calls. But they're not coming now for returns. So I guess what they did. We worked again with the call center guys on the inside sales team. Put a campaign on the web site identifying things that you would be interested in and created up sells the biggest one. That was a success. Mobile plans. So we have the ability to say, Put in your phone number and your name, and we guarantee we'LL call you in thirty seconds. Put it into their outbound dialer and five nines. Boom. They called twenty eight percent conversion of >> mobile plans. Yeah, love that. When you talk about, you know, how do we reduce the load on the workload? But they know. What do I do with the work force? Do I have to retrain them? Do I have to move them? One of the big themes that the show here is like OK, aye, aye is coming, you know. Okay, Cloud is here, but a I is coming. Doesn't mean that we're getting rid of people, but it might change some of those environment. Believe there's some aye aye in your platform. Tell us a little bit about how that fits into. >> Absolutely, It's called cell agent Cortex, and it does four things extremely well. So instead of going wide and broad like a Watson type thing where you have a lot of serves, its tune it it is purpose built out of the box to do for keep things. What's the right offer to present what's the right time, day and channel of choice so that you're getting that relevance in there Now when the customer calls the calls that are sends an email or our calls the sales department, making sure that that offer comes up on the agent desktop so they know. Hey, this is what John was just offered, and that's what he's calling about. Don't talk about anything else. Close the deal right? That's the beauty of it. And to the consumer, it's relevant in the timing that matters that's so critical. >> Time is real time communications is key, and we expect that as consumers are more and more and more in power, we have everything and we're demanding, but I want to be able to transact this or find out information on whatever channel that I want, and I want the conversation to be continued. I don't want to have to start over from scratch, >> Isn't that the worst >> is you and I were talking yesterday about one of my recent calls, and it was like ground hog day. Um, and the first thing I think I'm gonna go to Twitter and escalate or miniature. So I want to get your opinion. And I love when you talk about customers with actual business outcomes and metrics that you guys, and especially with your partnership with five nine are delivering. Talk to us about the importance of bringing in customers in terms of development of technology, the A and the partnership with five. Where are those customers at your decision making table? >> Absolutely. So we get the wisdom of the crowds right when we're trying to know where the market's going, what's what's the next digital channel that we haven't even thought of yet? Right? And it comes from the marketers and inside sales, VPs and the service folks. And so we have a board of advisers of clients. We also have partners like five nines. We have marketing agencies, and all of that wisdom comes in to help us in our road map. So we have a backlog of things we want to do. They help us prior ties to make sure we're staying on top of the market trends. And the CX topic of the integration here is one of those things that emerged from our customer. So John, one of >> things we've been poking at is I want to learn from the crowd, but I'm worried about that. I don't want my competitors getting advantage based on, you know, I did something a little better. How do you manage that dynamic of you know? There's privacy. There's competitive advantages >> in most cases, usually rings true all the time. First of all, they're everybody's under India, but you know, that's only as good as the signature on it in some cases. But you make sure and have different organizations that are in different verticals, so there isn't really a lot of commonality, so you get differences of opinion, which is a good thing. But then you're not getting a telecom provider telling a retail shop that's not going to have a summer thanks so that you don't get that overlap. But typically the customers we see are very open and forthcoming because they want to advance their platform to be reflective of their customer base. >> And they have to to stay competitive. Italy One of the themes that came up today a little bit in the keynote panel was talking about internal adoption of tools that's obviously essential for a company to be able to be successful in tow. Have a stellar contact center. What are some of the as you have been around with cell agent for a long time? Teligent has for a long time. What are some of the trends that you're seeing in terms of customers embracing? We have to move quickly. Way have tio figure out what digital transformation means to us, because we've got to make sure that our internal teams who are gonna have the data to make the right decision on the offer's understand and embrace this technology. >> Yes, totally. And so you think about the call center right inside. Sensors, voices, the foundation technology, and it's never going away. I don't care what anybody says, but it doesn't mean you can ignore the email in the chat and all the other things. Same in the marketing world, Email has been the foundation of marketing for a long time, but the digital channels are exploding. And again, my daughters on Instagram, she she's not reading email, so you've got to be relevant in that moment. So internally, we have a diverse workforce that come from the call centre world from the Martek world, different generations. So that way we have the different wisdom of how to use our own tools. Our own platform communicates with all our partners and our customers to make sure we're keeping them up to date with newsletters and >> information. Judge on one of things have been really interesting to watch the maturation last few years is the changing role the CMO, yeah, and especially how digital is impacting them. So I've talked to some C M O's that are like Well, you know, I'm choosing which APS all my field using and how they're involved. The role between the CMO and the CEO goes through back and forth there. You know, a couple of years ago, one of the big analyst from like all the CEOs out of a job, you know, lines of business. They're going to run everything. Well, I think CEOs, they're still gonna have a job for a while, but I'd love to get your viewpoint on CMO digital engagement with tea. And it >> s so what we're seeing more and more of a trend now is the C. M. O. And the marketing department is kind of starting the CX strategy, right? They look at the whole customer life cycle and how we're going to take that on. But they're quickly realizing they can't pull it off without sales service and it. And in most cases, the buy is actually coming from it for the tech stack, the business consulting going to the market tears. And you've got to create that ecosystem of making sure that everybody has relevance in the by decision and all of their objectives, or being met against their key metrics. >> Yeah, Thie. Other thing. Just the role of data. I mean, we've been to Chief Data's officer events, you know? How does how does this play in kind of broader data initiatives inside a customer's >> dolly? It is all about relevance at the time and moment of need, right? You only have that one moment, and what we see is consumers. But your consumer had on. If you have a great experience with your bank and then you go to you, go to your insurance company, have a battle. You're expecting that same experience. Otherwise you're going to defect and go somewhere else. That happens everywhere all the time. So the date is critical to understand how things were going. So we have an integration where in the call center, we can get the NPS score. The Net promoter score. So was it an angry customer where they upset? Did they not like it and return something that's a low score? Takes them out of the marketing campaigns. The worst thing you could do is try and sell him something when they're angry. In the past, you had to hunt for that data to try and manually pull him out. Now it's a fully automated the aye aye, on top of that, and the integration with it's so simple you can pull him out, and when the MPs score goes back up, put him back in. But don't sell him something. Sentiment Knowledge article engaged with them before you try Start selling them again, right? >> Because Turness so easy to do as you mentioned where we have so many choices for whatever. But of course, don't market to me if I'm not happy about this in the NPS score is low. So imagine Net negative Turn and P s. You talked about some of the key metrics that talk about changing role of this GMO marketing is now such a science. Talk to us about how intelligent and five men can help really dramatically reduce that turn and really drive out the dialogue customer lifetime value. >> It all comes down to the data at our disposal and using it in the appropriate time. Right? So, for instance, if we're marketing something to them like a grocery chain marketing people, delivery services, things like that all the things in the grocery store, if they call the call center instead of doing e commerce to try and buy, they need to know what this customer normally buys. So in the databases, every transaction they've ever made in that grocery store put it up on the screen for the agents of the agent can help him through that, or if they had a wrong delivery to the wrong address. Give them the right address at their disposal, don't have them search for things, bring it to their forefront of making sure it happens. And even more important, is a real time engagement. So keeping on that read that retail grocery store as you're walking through the aisles there. It's very easy to see where you're in. The girls start through mobile triangulation through sensors in the store and make real time offers high margin product. Sell that product to that consumer. Send them a coupon in a text or in mountain mobile app. Push. Those types of things are very simple tools that between their technology, five nines and us, we create that CX experience, which is phenomenal. >> Awesome, John. Well, phenomenal job joining Stuart be on the Cube. We thank you so much for your time and talking to us about intelligent in what you're doing this five minute how you're really enabling that phenomenal cx >> Beautiful. I love it. Thanks for the invite >> or Suman a man. I'm Lisa Martin. You're watching the cue

(upbeat music) >> Live from San Francisco, it's theCUBE covering RSA Conference 2019. Brought to you by Forescout. >> Hey, welcome back everybody. Jeff Frick here with theCUBE. We're at the RSA North American conference in Moscone. They finally finished the remodel. We're excited to be here. We're in the Forescout Booth and our next guest is here. He's Scott Stevens, the SVP Global Systems Engineering for Palo Alto Networks. How're you doing? >> I'm doing well. How you doing? >> Good, so first impressions of the show. I mean, it always amazes me when we come to RSA. We go to a lot of shows but just the size and the scale and the buzz and the activity here is second to none. >> It's incredibly crowded. I've been trying to walk the halls here, is a bit of a mess, so yes. (both laughing) >> Well plus nobody can find their way through the new Moscone. Small detail. >> Well they're connected different now so it's pretty confusing. >> Right, all right, let's jump into it. As I look over your shoulder I see zero trust, I see zero trust. Everybody's about zero trust. We had Chason from Forescout last year. He was talking about zero trust. >> Yep. You guys are talking about zero trust. What is exactly is zero trust? And how should people be thinking about zero trust? >> Yeah it's kind of, it's become buzzword bingo along the way, hasn't it? >> Right, right, it has. >> Yeah, so yeah we've been working with Forescout here for about six years now looking at zero trust architectures. The way, I think the fundamental way you look at zero trust is it's an architectural approach to how do you secure your network focused on what's most important and so you focus on the data that's most, that's key to your business, and you build your security framework from the data out. And so there's all kinds of buzzword bingo we can play about what zero trust means, but what it allows us to do is to create the right segmentation strategy starting in the data center of the cloud and moving back towards those accessing the data and how do you segment and control that traffic 'cause fundamentally what we're dealing with in security is two basic problems that we have to there's many problems but two big problems we have to deal with. >> Right, right. First is credential based attacks and so do we have somebody with stolen credential in the network stealing our data? Or do we have an insider who has credentials but they're malicious, they're actually stealing content from the company. The second big problem is software based attacks. Malware, exploits, scripts right? And so how do we segment the network where we can enforce user behavior and we can watch for malicious software so we can prevent both of those occurrences through one architectural framework and I think zero trust gives us that template building block absent of the buzzword, on how we build out those networks 'cause everybody's enterprise network is a little bit different. >> Right, so it really goes back to kind of roles and access and those types of things 'cause the first one you describe a credential one if it's somebody in there they have every right to be there but they're doing behavior that's not necessarily what you expect them to do, what you want them to do is atypical, right? >> Right. >> So it's a kind of identity and rights management or is this a different approach or the most sophisticated approach? How's it been different before? >> No that's a great question. And we have to build those things together. So on the Palo Alto Networks side what we do is we do enforcement. Layer 7 enforcement based on identity. So based on who the user is and what their rights are we are able to control what they're allowed access to or what they're not allowed access to and of course if you've got a malicious insider. Or somebody that's logged in with stolen credentials we can prevent them from doing what they're not allowed to do. And working here with Forescout, we've done a lot of really good integration with them on that identity mapping constructs. So how do they help us understand all the identities and all the devices in the network so we can then map that to that user posture and control at Layer 7 what they're allowed to do or not allowed to do. >> Right, and then on the micro-segmentation, it's always a, how far you segment? You can segment to one that doesn't really do you much good right? (Scott laughing) It's just one. So what are some of the things people should think about in their segmentation strategy? >> Well again I think you need to start with what's most important and so if I take a cloud or a data center, clouds and data centers as a starting point or generally all the same. (Jeff laughing) Well and how we segment is actually the same. And so we have this, sometimes we think that clouds are more difficult to secure than data centers, they are the same basically we've got north-south traffic, or east-west traffic, how do we, how do we inspect them how do we, how do we segment that? But if you start with what's most important and work your way. If you tell somebody that you need to micro-segment their network they're going to be done in 14 years, alright? So how do we focus on what's the most important, critical data to their business? And if we stratify their datasets and their applications that access that data and then move down, we may have 50% of the applications in their cloud or data center that we don't micro-segment at all because they're not critical to the business. They're useful to the employees, but if something goes wrong there, no big deal. >> Right. No impact to the business. >> Right. And so micro-segmentation isn't just a conversation of where we have to do things, but it's a conversation contextually in terms of what's relevant, where it is important to do that. >> Right. And then where do we, where do you do a much less robust job. >> Right. You always have to have inspection and visibility but there are parts of your network where you're going to be somewhat passive about it. But there're parts of your network you're going to be very aggressive, multi-factor authentication, tight user identity mapping, all of the different aspects. How do we watch for malware? How do we watch for exploits? >> Curious on doing that segmentation on the value of the dataset 'cause there's some obvious ones that jumps to the top of the list but I'm just curious if customers get into a situation where they really haven't thought about it once you get ten steps down the list from the top ones or if you do a force priority? >> Yep. >> And then the other thing I just think is really interesting the time we live today is that a lot of the hackers are not necessarily motivated by personal information or trying to suck a little bit of money out of your bank account, but other types of data that they want to use for other types of actions like we saw in the election and some of these other >> Right. >> kind of, I want to say softer, kind of softer uses of softer data for different types of activity than the traditional ransomware or malware. And how does that map back to, oh I didn't necessarily think that was an important piece of data but that's a shifting landscape in that part of organization . >> Certainly, yeah you need to take a look at what's most important. You can stratify into a couple tiers so you're going to have the top ten applications and datasets that are critical to the business. And we know if something happens there we have to publicly announce. Okay there, that you're going to do a really nice segmentation strategy and implement a full zero trust where we're controlling user access, doing full malware inspection, everything there. You're going to have a second tier of data which kind of gets into your soft target conversation where maybe we're a little less robust with some of the user segmentation and the application controls but we're as aggressively robust on the malware and software based threats. And frankly being able to inspect and control, find malware, find commander control, find exploits in, going in or out of those parts of the network, that is very simple to do and zero trust helps us to find where are those locations on the data center cloud side but also throughout the enterprise and where should we have those sensors that are enforcing that behavior. >> Right, just traffic is exploding right? Everything's connected. Billions of billions of devices, et cetera, et cetera. We don't need to go through the numbers It's big. So clearly automation is more and more important as we go forward. Lot of buzz about machine learning artificial intelligence applying it. Both the bad guys have it and the good guys have it. A lot of interesting kind of subtopics in terms of training models and how do you train models and the other right type of data. But as you kind of sit where you're sitting and net, net is just a lot more traffic going through the network >> Yep. >> whether it's good, bad, or otherwise. How do you guys kind of look at automation? How are you kind of looking forward for using artificial intelligence and some of these newer techniques to help just basically get through, get through the mass if you will? >> So I think there's two ways to think about artificial intelligence, machine learning, big data analytics, All those, >> All those good ones. >> Now we run another buzzword bingo right? >> Right, right (laughs) >> But the first is if we're looking at how are we dealing with malware and finding undone malware in blocking it, we've been doing that for years. And so the platform we have uses big data analytics and machine learning in the cloud to process and find all of the unknown malware, make it known and be able to block it. So we find 20 to 30 thousand brand new pieces of malware every day and within five minutes of finding them, >> finding 30,000 >> every day. So analyzing millions and millions of files every day to figure out which ones are malicious. And once we know within five minutes, we're updating the security posture for all of our connected security devices globally. So whether it's endpoint software or it's our inline next gen firewalls, we're updating all of our, all of our signatures so that the unknown is now known and the known can be blocked. And so that's whether we're watching the block the malware coming in, or the command-and-control it's using via DNS and URL to communicate and start whatever it's going to do, and you mentioned crypto lockers and all kinds of things that can happen. And so that's one vector of using ML, AI and ML, to prevent the ability for these attacks to succeed. Now the other side of it I think you're alluding to a little bit more is how do we then take some of the knowledge and the lessons we've learned for what we've been doing now for many years in discovering malware and apply that same AI and ML locally to that customer so that they can detect very creative attacks. Very evasive attacks. Or that insider threat, that employee who's behaving inappropriately but quietly. And so we've announced over the last week what we call the Cortex XDR set of offerings that involves allowing the customer to build an aggregated data lake which uses the zero trust framework which tells us how to segment, also put sensors and all the places of the network both network sensors and endpoint as we look at how do you secure the endpoint as well as how do you secure the network links, and using those together we're able to stitch those logs together in the data lake. That machine learning can now be applied to on a customer by customer basis, to find maybe somebody was able to evade 'cause they're very creative, or that insider threat again, who isn't breaking security rules but they're being evasive? We can now find them through machine learning. >> Right. >> And the cool thing about zero trust is the prevention architecture that we needed for zero trust becomes the sensor architecture for this machine learning engine. You get dual purpose use out of the architecture of zero trust to solve both the inline prevention and their response architecture that you need. >> Right. >> It's a long answer, I know. >> It's a crazy space, I mean, it's just fast. I mean the numbers in the mass of just throughput in this area is just fascinating. >> Yes. >> And so we're here in the Forescout booth and they've got a unique take on all the objects and everything is connected to the networks. We've heard from people earlier today is 50, 60, 70% more things connected than they ever even, than they ever even thought. Most of them not malicious but just people plug it in at various remote offices and that and that. >> Yeah, well IoT, the next buzzword bingo >> Right, right, right, there you go. We'll hit them all. (both laughing) what are we missing? So how are you guys working with Forescout, how do the two solutions work together to get a one plus one makes three? >> Yeah, as we were talking a little bit before getting that concept of what are all these connected devices. What is the device itself and who are the users attached to those devices? Forescout has that insight. So we don't do, I always look at that is identity assertion. Device aware identity assertion so how do we define what they are and who they are. What we do then is in working with Forescout we take that knowledge that they have and that turns into identity and device enforcement. And that's how we enforce those postures so that I know employee A isn't allowed to the intellectual property datasets. Employee B is. Well in the old world of security you just have a rule for how do you get to that. In what we do now with layers with user based and application controls, I can, on a user by user basis determine what they're allowed to do, and not allowed to do. Forescout gives us that insight so that we are able to enforce. They handle making sure they know exactly who it is so we enforce it properly. >> Right, and for the devices, right? 'cause you basically assigned almost like an identity and a role to a device. >> Exactly, and then you don't end up with this weird spaghetti network topology where okay, we have to put all of our IoT devices on these 14 VLANs and we're going to extend them all across our enterprise not, all that goes away. >> All kinds of natural acts. >> Right. All right, so Scott, I'll give you the last word before you sign off. As we look forward to 2019, and I can't believe it's March already, (Scott laughing) Scary. What's some of your priorities? What are you working on? What's the rest of the year look like for you? >> I think, you're back to buzzword bingo, we're spending a lot of time right now looking at how do we help our customers with that generating that data lake so they can help figure out what's happening within their infrastructure. And as you pivot from the security posture which of course is where we're always going to pay attention and you help them think about operationalizing that. And how do we help the Sec Ops, or the SOC, figure out what's going on in their network. The data they're dealing with is massive. And so they're looking at haystacks and haystacks and haystacks. >> Right. >> And part of the goal of what we're trying to do is help them burn down those haystacks and hand them needles 'cause in the end all they care about is the needles. The hay is getting in the way. And so there's a lot of work that we're doing around machine learning, around optimizing workloads and automation so that we can reduce that complexity. We've been doing it for the last 10 years for network security. How do we take the complexity of all the things we used to do separate and simplify them and automate so we've automated the feedback loops for network security, for the next gen firewall. We've simplified what you can do on the endpoint for traps and how we protect that. We've done with the integration with Forescout we're simplifying how you map that identity back and forth. And I think for the rest of the year it's really about simplifying operations and helping quickly determine when something is wrong in the network so you can fix it fast. >> Right. >> Before you're dealing with an exfiltration problem. >> Not 150 days or whatever the >> Way too long. >> crazy average stat is. >> |How about four hours. What if we try for four hours? >> Yeah that's better. more better, more better. (laughing) All right, Scott, thanks for sharing the insight. >> Thanks for your time. >> Let's go burn some haystacks. He's Scott, I'm Jeff. You're watching theCUBE. We're at RSA 2019 in San Francisco. Thanks for watching. We'll be right back. (upbeat music)