>>Okay, welcome back to the cubes coverage of Del tech world. I'm john for your host of the cube we're here for virtual coverage were not yet face to face as we start to come out of covert, we're still doing the remote but we got the cube virtual. We're here with Dennis Hoffman, senior Vice President, General Manager for the telecom Systems business group within Dell Technologies dead. It's great to see you. Thanks for coming in CUba alumni. Thanks for coming on. >>My pleasure, john great to see you and look forward to the days when we can stop doing this virtually. >>Well, you guys have been certainly pumping out a lot of content and right now telco cloud telco disruption is big. We heard Michael Dell last event and even when we were in person in real life, we he was really laying down the five G leadership now with hybrid cloud, um, standardized, pretty much I mean, consensus is no, no debate really. It's hybrid multi cloud on the horizon. That's still just a subsystem of basically distributed computing A. K. A hybrid cloud makes the edge a huge part of the story this year. And the innovations all around telecom, Edge in five G have been around and they're changing really fast. What's how are these Edge in five G technologies impacting the market today? >>Yeah, it's uh is fascinating times, I'll tell you they are providing really the ultimate carrots, you know, the catalyst for um innovation in the market and really driving the world's network operators To uh want to take advantage of all the opportunity that the edge presents and that 5G enables. And it's, you know, at the end of the day, it's really forcing folks to think hard about if they have the right network architectures to enable that to capture that opportunity to have the right kind of capabilities. And so we're seeing an awful lot of interest in network desegregation, network modernization, various forms of adopting the technology is you and I are familiar with from years of what's going on in data center evolution are really starting to hit the telco network now at a really, really interesting time >>while we're on the landscape. Do you want to get your opinion on something? I've been hearing a lot, certainly in interviewing other folks here at Dell tech world and in the industry about how the edge and the data compute equation and the connectivity has changed how they're going to lay out essentially their factory, their plants, their operations and certainly covid pushing everyone at home has changed the game on how data is being computed on and how apps are being built. This is a huge five G opportunity certainly when you start to get into the business impact, autonomous vehicles, I've been doing stories about autonomous boats and everything we could have an autonomous cube soon. So, you know, everything is autonomous which drives to this whole edge piece, What's your take on that? >>Yeah, you know, it's, it's funny for years we've been talking about on prem and off prem, like there's two problems there turns out there's a third Prem, right? There is the other premises and that is not the private data center and not the public cloud. And when you stop and think about it, it it makes sense because at the end of the day, wherever we can get data, we can create digital advantage and it's always been cheaper and more effective and faster to move compute to data than to move data to compute. So technology is like 5G are beginning to make it possible to run very interesting applications in very different places and capture what is predicted to be some 3/4 of the data created over the next decade is going to get created somewhere other than a private data center or a public cloud. And that's the edge, you know, in telcos, look at that third premises as their opportunity to get another bite of the apple on services. Four G was kind of a story of the over the top. Players really took the profit pool and made a lot of money from the over to the netflix is to the itunes and so on and so forth. But when you come back to Five G and think of it kind of as the Enterprise G, it's a chance now for the world's network operators to really get a chunk of that profit pool that comes from the emergence of this third premises called the edge >>Enterprise G. I love that, I'm gonna steal that from you. It's a great, great uh >>somebody else >>uh Yeah, the new trend, but it's a business, it's a business opportunity again, totally cool. And consumers to um okay, so you got your out on the road a lot. I know that we've talked in the past on the cube. There's a lot of discussions in the industry, as well as customers that you're having. What are you hearing? What are the some of the pain points are, see Covid has unveiled unveiled new use cases, people had had adapted to it. There's adaptations that are out there that are new and then things that might not happen again. What are you hearing from customers? >>Yeah, I would say in summary, we're hearing a mix of optimism and uncertainty, optimism around all the stuff we just talked about and that you mentioned, you know, it's it's a blank from anywhere. World right work from anywhere, learn from anywhere. Medicine from anywhere. And you know, if the pandemic has taught us anything, it's about the absolute necessity of communications technology to the world we live in today. The uncertainty comes from this question of, okay, so I know that there's this big opportunity and I know that I need to modernize my network architecture and kind of change the way I operate to capture it all. But the architecture is I run on today, make that really hard. And the architecture is that that the modern data center is built on, We know they work. But how do I get them in a way that allows me to build a resilient, high performance agile communications network. Um, you know, today we uh we face a world in which we see, we have a world in which solutions are delivered very fairly monolithically in the network uh for network operators but going forward, the power to potentially decompose all of that is wonderful provided it can be recomposed in a way they can consume. And I think that's where the uncertainty lies. There's a lot of testing and trialing of pieces of applications of underlying hardware, infrastructure, servers, accelerators, um certainly different types of virtualization and container ization technologies. But in the end these networks need to run it many many many nines um and they need to be extremely robust and pulling together a lot of different components from the open ecosystem is a daunting challenge for most of the network operators. >>You know, I hear you saying about the opportunity recognition and the re factoring how we called re composing this opportunity here and again. I like this enterprise G angle because what it means is that it's not the consumer the only it's it's everything. It's a complete consumer ization of I. T. So it's a whole another edge landscape. Prem third, the third premise is the edge. All good. I've always so set on the cube and certainly Dave and I have David and I have riffed on this is that you know, everything is now cloud operations and the data center is a big edge and then you've got other pieces that are just edges. A distributed system kind of sounds like a computer in the cloud. So this is kind of operating model. So I have to ask the question which is in telco, if it's gonna be distributed like that and it's going to be operated at scale, how is Dell responding to capture the mind share and customers using Dell in this new telco disruption? Because it's kind of you got to keep the lights on and you gotta also get them in a position to take advantage of the new opportunity. How are you responding? >>Yeah, Well, we're trying to we're literally trying to fill that gap, you know, the talking to the world's uh modern or say the world's telecom network operations leaders. We've uh we've had a lot of conversations with folks about what they need to do and what's holding them back from really in many ways taking advantage of the digital transformation that that's kind of rippling through the economy. And as they kind of laid that out to us, we decided that it was an enormous opportunity for Dell that this this uh you know, this new network will be fundamentally built on computer technology uh and it will be open industry standard computer technology. And on top of that we will use virtualization. And if this begins to sound like the way data centers are being built, because that's exactly what's happening. But more than that, I think there's a need for an at scale substantial provider that the world's biggest carriers can bet on and feel they can trust as a strategic partner to not only pull the ecosystem together, validated, certified, curated a little bit uh, and deliver it as an outcome, but then stand behind it running and importantly, do all of that in a way that doesn't constrain the continuous innovation. That's really the hallmark of some of these modern architecture. So for us, we see, you know, an opportunity that is literally perfectly built for a company like dealt and that's why we decided to invest in it. That's why you hear Michael talking about it a lot. Uh it's um, you know, it's it's really super well aligned with our strategy, we think it's actually key to winning the edge. Uh and and it's also really well aligned with our purpose, you know what this company exists to accelerate human progress through technology. And this little slice of it is all about accelerating communications and the transformation of modern networks to do exactly that right, To help close the digital divide, to bring fair and equitable medicine and learning to all, um and to allow us all to work from wherever we're working. So it's uh it's something that we're excited about on multiple levels and we think the company is really built for the distributed computing environment that a modern telco network represents. >>Yeah, what's interesting is that the value that you guys can enable at the edge, his real impact, It's not just data center and compute and have applications. Remember the old days I got my crm in my E. R. P and I got my apps on my systems and it's all good now. Business is completely software enables, it's the entire business and the business is software naval, which means that you have to have that edge. So I totally love of the positioning and strategy. I have to ask you if you don't mind, where is the residents with customers when you look at the telco enablement there that you're enabling them to do what's resonating the most, what's jumping out from the telescopes in terms of what Dell's doing for them And the customers, you mentioned tele medicine, which by the way, is an amazing impact to the world. Just one example. But where's the residence? >>Yeah. You know, first we we are what we are. Right. So it's, I think with a lot of conversations, it begins with, um, the telecommunications network needs server technology, but it needs very specific kinds of server technology built in very specific ways. Um, the, you know, the needs of compute at the base of a cell tower on a hill in Montana in the middle of winter are different than we've been building for data centers for years. So I think the first thing that resonates it, I need it, I need a very specific kind of open compute, uh, infrastructure hardware foundation that is industry standard. And, and we turn to somebody like Delta do do exactly that. But what we've learned is there's so much more than that because really we need to begin to deliver outcomes on top of that foundation. Uh, First outcome, we need to deliver his modern operations and maintenance of a distributed network. Zero touch provisioning, zero touch upgrading. How can we impact the total cost of maintenance and ownership in a meaningful way, um, for a network that is in fact constructed out of a fabric of server. On top of that there's the actual network core network services, Edge, the radio access network. And how do we successively open up each section of the network, driving computing storage all the way to the edge? Because for many organizations in the world, many enterprises, their edge will actually be on the telco premises. Right. The telco edge will be their edge. Some of the bigger companies certainly can build their own. But as you get in the world of medium and small business, the person they buy their circuits from and their communications from. If they have the ability to deliver them private slices of networks and virtual compute and storage, that's going to be how they get after it. So you know for us that next piece that resonates is the ability to pull together solutions like we've been doing for years with the ex rail hyper converged the stuff we did with the C. E. Back in the day and then last >>I'm just saying that you know you're bringing up things that kind of sound. It's super complex physical plant and equipment. You're talking about real hard and purpose built devices in the past very operational technology oriented stuff and then that has to have I. T. Agility right? And then have scalability behind it and complete you know integration this is not obvious and easy. It's hard. >>Yeah. No I mean software doesn't run on software right? Software runs on hardware and so as much as a lot of the power and the interest comes from what the application can do underlying it all is a capability to distribute, compute and storage to where the application or the software wants to run or runs best. That's what's really cool about five G is its ability to do the stuff you mentioned earlier on, you know, the, the G Wiz stuff, drones and autonomous and a AR and VR and all the things that ultra reliable, low latency communication would make possible on a grand scale that really bring the machines into the picture, not just humans on the edge. It's the stuff, right? That that's on the edge and we've been talking about it for a long time, but none of it's gonna matter if we don't put this infrastructure foundation in place. Then we got to lay an open marketplace of containerized network functions. Virtualized network functions on top of that all to enable our network operators to deliver interesting services to end users. It's >>super exciting. I got to say that it's a super exciting because you know, it's coming it's like the energies there, it's like the, you know, the storm's coming of disruption in the innovation because you think about what containers and cloud native kubernetes the cloud native technologies can do for legacy because its shelf life and more headroom, right? So you can you can win these telcos can actually not only pivot but line extension into new capabilities. So they tend to be very strong technically is an operator, operator networks, the hard tech stuff, physical stuff and software but not known for it. I mean but now there's a huge opportunity that's gonna come around the corner. I'm bullish on Iot and edge where you have the O. T. And I. T. Coming together. It's really compelling And it's going to be radically different I think in the next 5 to 10 years what's your take on that in terms of outlook? >>Couldn't agree more. Yeah I mean it's you know it's for those of us are in the industry always the knowledge of what's coming or the belief in what's coming. The hype precedes the actual development. But you know just as I don't know 15 20 years ago the idea that you can completely disrupt the taxi industry with an app and a four G smartphone service was in nobody's mind except maybe a couple of people. You >>know it >>makes you wonder what is the what is the uber equivalent of a business service that will be fundamentally enabled by the architecture we just described that we're not thinking about right now and that's why every time we move from a centralized computing model to a decentralized computing models that decentralized computing models dramatically larger than a centralized, >>way >>bigger than mainframe. Edge, way bigger than client server, which is already way bigger than cloud, Public. Cloud. And so I think it's, you know, there's a, there's a lot of promise, a lot of excitement. Still a long way to go though. A lot of the stuff we're talking about still is not actually rolled out into the network. Um and that's kind of the opportunity for somebody like them. >>Yeah. And decentralized and open winds. It's funny you mentioned high, we were talking David was just talking with Michael Dell and Pat Gelsinger in 2013. We're talking hybrid cloud, that's 78 years ago. Okay, so good stuff. Let's get into the news real quick. Um Deltek World, you've got some news coming. Uh Let's dig into it. Please share some of the outlook of the news. You're gonna be you're you're announcing here? >>Yeah, thanks. Sure, john, I mean, we're gonna be announcing two things relative to the telecom portfolio. Uh and they're both reference architectures with VM ware. One is the second edition of the telco cloud platform for five G. Um, so that's a Delvian where reference architecture, that is exactly what we just talked about. It's this open software defined on industry standard hardware platform, um for running 5G applications. And then the other one is the first version of the telco cloud platform for the radio access network, TCP ran as we would call it. Um and as we start to push this technology from the core out towards the edge of the telecom network. So to really interesting developments in in deep partnership with VM ware and stuff, we've been working on for a while stuff, we are in fact working on with customers and delivering today and we'll be making formal announcements about those at the D T W show. >>Awesome. Dennis, thanks for coming on the Cuban, sharing the update and thanks for the industry insight. Uh, I love the telco shift that's going on. It's an extension of existing, I think cloud native saves the day here with telco and allows the completely different landscape to evolve. So you guys were on top of it. Thanks for sharing S VP and general manager, the telecom systems business with Dell Dennis. Hoffman. Thanks for coming on. >>Thanks john Okay >>cube coverage here. Del Tech world. I'm john for a year. Thanks for watching. Yeah.

>>welcome to our session on security titled Securing Your Cloud. Everywhere With Me is Brian Langston, senior solutions engineer from Miranda's, who leads security initiatives from Renta's most security conscious customers. Our topic today is security, and we're setting the bar high by talking in some depth about the requirements of the most highly regulated industries. So, Brian four Regulated industries What do you perceive as the benefits of evolution from classic infra za service to container orchestration? >>Yeah, the adoption of container orchestration has given rise to five key benefits. The first is accountability. Think about the evolution of Dev ops and the security focused version of that team. Deb. SEC ops. These two competencies have emerged to provide, among other things, accountability for the processes they oversee. The outputs that they enable. The second benefit is audit ability. Logging has always been around, but the pervasiveness of logging data within container or container environments allows for the definition of audit trails in new and interesting ways. The third area is transparency organizations that have well developed container orchestration pipelines are much more likely to have a higher degree of transparency in their processes. This helps development teams move faster. It helped operations teams operations teams identify and resolve issues easier and help simplify the observation and certification of security operations by security organizations. Next is quality. Several decades ago, Toyota revolutionized the manufacturing industry when they implemented the philosophy of continuous improvement. Included within that philosophy was this dependency and trust in the process as the process was improved so that the quality of the output Similarly, the refinement of the process of container orchestration yields ah, higher quality output. The four things have mentioned ultimately points to a natural outcome, which is speed when you don't have to spend so much time wondering who does what or who did what. When you have the clear visibility to your processes and because you can continuously improve the quality of your work, you aren't wasting time in a process that produces defects or spending time and wasteful rework phases. You can move much faster than we've seen this to be the case with our customers. >>So what is it specifically about? Container orchestration that gives these benefits, I guess. I guess I'm really asking why are these benefits emerging now around these technologies? What's enabling them, >>right? So I think it boils down to four things related to the orchestration pipelines that are also critical components. Two successful security programs for our customers and related industry. The first one is policy. One of the core concepts and container orchestration is this idea of declaring what you want to happen or declaring the way you want things done? One place where declarations air made our policies. So as long as we can define what we want to happen, it's much easier to do complementary activities like enforcement, which is our second enabler. Um, tools that allow you to define a policy typically have a way to enforce that policy. Where this isn't the case, you need to have a way of enforcing and validating the policies objectives. Miranda's tools allow custom policies to be written and also enforce those policies. The third enabler is the idea of a baseline. Having a well documented set of policies and processes allows you to establish a baseline. Um, it allows you to know what's normal. Having a baseline allows you to measure against it as a way of evaluating whether or not you're achieving your objectives with container orchestration. The fourth enabler of benefits is continuous assessment, which is about measuring constantly back to what I said a few minutes ago. With the toilet away measuring constantly helps you see whether your processes and your target and state are being delivered as your output deviates from that baseline, your adjustments can be made more quickly. So these four concepts, I think, could really make or break your compliance status. >>It's a really way interesting way of thinking about compliance. I had thought previously back compliance, mostly as a as a matter of legally declaring and then trying to do something. But at this point, we have methods beyond legal boilerplate for asserting what we wanna happen, as you say, and and this is actually opening up new ways to detect, deviation and and enforce failure to comply. That's really exciting. Um, so you've you've touched on the benefits of container orchestration here, and you've provided some thoughts on what the drivers on enablers are. So what does Miranda's fit in all this? How does how are we helping enable these benefits, >>right? Well, our goal and more antis is ultimately to make the world's most compliant distribution. We we understand what our customers need, and we have developed our product around those needs, and I could describe a few key security aspects about our product. Um, so Miranda's promotes this idea of building and enabling a secure software supply chain. The simplified version of that that pertains directly to our product follows a build ship run model. So at the build stage is doctor trusted registry. This is where images are stored following numerous security best practices. Image scanning is an optional but highly recommended feature to enable within D T R. Image tags can be regularly pruned so that you have the most current validated images available to your developers. And the second or middle stage is the ship stage, where Miranda's enforces policies that also follow industry best practices, as well as custom image promotion policies that our customers can write and align to their own internal security requirements. The third and final stages to run stage. And at this stage, we're talking about the engine itself. Docker Engine Enterprise is the Onley container, run time with 51 40 dash to cryptography and has many other security features built in communications across the cluster across the container platform are all secure by default. So this build ship stage model is one way of how our products help support this idea of a secure supply chain. There are other aspects of the security supply chain that arm or customer specific that I won't go into. But that's kind of how we could help our product. The second big area eso I just touched on the secure supply chain. The second big area is in a Stig certification. Um, a stick is basically an implementation or configuration guide, but it's published by the U. S government for products used by the US government. It's not exclusive to them, but for customers that value security highly, especially in a regulated industry, will understand the significance and value that the Stig certification brings. So in achieving the certification, we've demonstrated compliance or alignment with a very rigid set of guidelines. Our fifth validation, the cryptography and the Stig certification our third party at two stations that our product is secure, whether you're using our product as a government customer, whether you're a customer in a regulated industry or something else, >>I did not understand what the Stig really Waas. It's helpful because this is not something that I think people in the industry by and large talk about. I suspect because these things are hard to get and time consuming to get s so they don't tend to bubble up to the top of marketing speak the way glitzy new features do that may or may not >>be secure. >>The, uh so then moving on, how has container orchestration changed? How your customers approach compliance assessment and reporting. >>Yeah, This has been an interesting experience and observation as we've worked with some of our customers in these areas. Eso I'll call out three areas. One is the integration of assessment tooling into the overall development process. The second is assessment frequency and then the third is how results are being reported, which includes what data is needed to go into the reporting. There are very likely others that could be addressed. But those are three things that I have noticed personally and working with customers. >>What do you mean exactly? By integration of assessment tooling. >>Yeah. So our customers all generally have some form of a development pipeline and process eso with various third party and open source tools that can be inserted at various phases of the pipeline to do things like status static source would analysis or host scanning or image scanning and other activities. What's not very well established in some cases is how everything fits within the overall pipeline framework. Eso fit too many customers, ends up having a conversation with us about what commands need should be run with what permissions? Where in the environment should things run? How does code get there that does this scanning? Where does the day to go? Once the out once the scan is done and how will I consume it? Thies Real things where we can help our customers understand? Um, you know what? Integration? What? Integration of assessment. Tooling really means. >>It is fascinating to hear this on, baby. We can come back to it at the end. But what I'm picking out of this Ah, this the way you speak about this and this conversation is this kind of re emergence of these Japanese innovations in product productivity in in factory floor productivity. Um, like, just in time delivery and the, you know, the Toyota Miracle and, uh, and that kind of stuff. Fundamentally, it's someone Yesterday, Anders Wahlgren from cloud bees, of course. The C I. C D expert told me, um, that one of the things he likes to tell his, uh consult ease and customers is to put a GoPro on the head of your code and figure out where it's going and how it's spending its time, which is very reminiscent of these 19 fifties time and motion studies, isn't it that that that people, you know pioneered accelerating the factory floor in the industrial America of the mid century? The idea that we should be coming back around to this and doing it at light speed with code now is quite fascinating. >>Yeah, it's funny how many of those same principles are really transferrable from 50 60 70 years ago to today. Yeah, quite fascinating. >>So getting back to what you were just talking about integrating, assessment, tooling, it sounds like that's very challenging. And you mentioned assessment frequency and and reporting. What is it about those areas that that's required? Adaptation >>Eso eso assessment frequency? Um, you know, in legacy environments, if we think about what those look like not too long ago, uh, compliance assessment used to be relatively infrequent activity in the form of some kind of an audit, whether it be a friendly peer review or intercompany audit. Formal third party assessments, whatever. In many cases, these were big, lengthy reviews full of interview questions, Um, it's requests for information, periods of data collection and then the actual review itself. One of the big drawbacks to this lengthy engagement is an infrequent engagement is that vulnerabilities would sometimes go unnoticed or unmitigated until these reviews at it. But in this era of container orchestration, with the decomposition of everything in the software supply chain and with clearer visibility of the various inputs to the build life cycle, our customers can now focus on what tooling and processes can be assembled together in the form of a pipeline that allows constant inspection of a continuous flow of code from start to finish. And they're asking how our product can integrate into their pipeline into their Q A frameworks to help simplify this continuous assessment framework. Eso that's that kind of addresses the frequency, uh, challenge now regarding reporting, our customers have had to reevaluate how results are being reported and the data that's needed in the reporting. The root of this change is in the fact that security has multiple stakeholder groups and I'll just focus on two of them. One is development, and their primary focus, if you think about it, is really about finding and fixing defects. That's all they're focused on, really, is there is there pushing code? The other group, though, is the Security Project Management Office, or PMO. This group is interested in what security controls are at risk due to those defects. So the data that you need for these two stakeholder groups is very different. But because it's also related, it requires a different approach to how the data is expressed, formatted and ultimately integrated with sometimes different data sources to be able to appease both use cases. >>Mhm. So how does Miranda's help improve the rate of compliance assessment? Aziz? Well, as this question of the need for differential data presentation, >>right, So we've developed on exposed a P I S that helped report the compliance status of our product as it's implemented in our customers on environment. So through these AP eyes, we express the data and industry standard formats using plastic out Oscar is a relatively new project out of the mist organization. It's really all about standardizing a set of standards instead of formats that expresses control information. So in this way our customers can get machine and human readable information related to compliance, and that data can then be massaged into other tools or downstream processes that our customers might have. And what I mean by downstream processes is if you're a development team and you have the inspection tools, the process is to gather findings defects related to your code. A downstream process might be the ticketing system with the era that might log a formal defect or that finding. But it all starts with having a common, standard way of expressing thes scan output. And the findings such that both development teams and and the security PMO groups can both benefit from the data. So essentially we've been following this philosophy of transparency, insecurity. What we mean by that is security isn't or should not be a black box of information on Lee, accessible and consumable by security professionals. Assessment is happening proactively in our product, and it's happening automatically. We're bringing security out of obscurity by exposing the aspects of our product that ultimately have a bearing on your compliance status and then making that information available to you in very user friendly ways. >>It's fascinating. Uh uh. I have been excited about Oscar's since, uh, since first hearing about it, Um, it seems extraordinarily important to have what is, in effect, a ah query capability. Um, that that let's that that lets different people for different reasons formalize and ask questions of a system that is constantly in flux, very, very powerful. So regarding security, what do you see is the basic requirements for container infrastructure and tools for use in production by the industries that you are working with, >>right? So obviously, you know, the tools and infrastructure is going to vary widely across customers. But Thio generalize it. I would refer back to the concept I mentioned earlier of a secure software supply chain. There are several guiding principles behind us that are worth mentioning. The first is toe have a strategy for ensuring code quality. What this means is being able to do static source code analysis, static source code analysis tools are largely language specific, so there may be a few different tools that you'll need to have to be able to manage that, um, second point is to have a framework for doing regular testing or even slightly more formal security assessments. There are plenty of tools that can help get a company started doing this. Some of these tools are scanning engines like open ESCAP that's also a product of n'est open. ESCAP can use CS benchmarks as inputs, and these tools do a very good job of summarizing and visualizing output, um, along the same family or idea of CS benchmarks. There's many, many benchmarks that are published. And if you look at your own container environment, um, there are very likely to be many benchmarks that can form the core platform, the building blocks of your container environment. There's benchmarks for being too, for kubernetes, for Dr and and it's always growing. In fact, Mirante is, uh, editing the benchmark for container D, so that will be a formal CSCE benchmark coming up very shortly. Um, next item would be defining security policies that line with your organization's requirements. There are a lot of things that come out of box that comes standard that comes default in various products, including ours, but we also give you through our product. The ability to write your own policies that align with your own organization's requirements, uh, minimizing your tax surface. It's another key area. What that means is only deploying what's necessary. Pretty common sense. But sometimes it's overlooked. What this means is really enabling required ports and services and nothing more. Um, and it's related to this concept of least privilege, which is the next thing I would suggest focusing on these privileges related to minimizing your tax service. It's, uh, it's about only allowing permissions to those people or groups that excuse me that are absolutely necessary. Um, within the container environment, you'll likely have heard this deny all approach. This denial approach is recommended here, which means deny everything first and then explicitly allow only what you need. Eso. That's a very common, uh uh, common thing that sometimes overlooked in some of our customer environments. Andi, finally, the idea of defense and death, which is about minimizing your plast radius by implementing multiple layers of defense that also are in line with your own risk management strategy. Eso following these basic principles, adapting them to your own use cases and requirements, uh, in our experience with our customers, they could go a long way and having a secure software supply chain. >>Thank you very much, Brian. That was pretty eye opening. Um, and I had the privilege of listening to it from the perspective of someone who has been working behind the scenes on the launch pad 2020 event. So I'd like to use that privilege to recommend that our listeners, if you're interested in this stuff certainly if you work within one of these regulated industries in a development role, um, that you may want to check out, which will be easy for you to do today, since everything is available once it's been presented. Matt Bentley's live presentation on secure Supply Chain, where he demonstrates one possible example of a secure supply chain that permits image. Signing him, Scanning on content Trust. Um, you may want to check out the session that I conducted with Andres Falcon at Cloud Bees who talks about thes um, these industrial efficiency factory floor time and motion models for for assessing where software is in order to understand what policies can and should be applied to it. Um, and you will probably want to frequent the tutorial sessions in that track, uh, to see about how Dr Enterprise Container Cloud implements many of these concentric security policies. Um, in order to provide, you know, as you say, defense in depth. There's a lot going on in there, and, uh, and it's ah, fascinating Thio to see it all expressed. Brian. Thanks again. This has been really, really educational. >>My pleasure. Thank you. >>Have a good afternoon. >>Thank you too. Bye.