>> From San Francisco, it's theCUBE, covering Day2IQ, brought to you by Day2IQ. >> Hey, welcome back, everybody. Jeff Frick here with theCUBE. We're in downtown San Francisco at the Day2IQ headquarters. They used to be called Mesosphere. They rebranded the company. They've got a much bigger focus than just Mesos and supporting Mesos. So we're here to get the story, really talk about enterprise's journey to cloud native, and we're excited to have our first guest. He's Brian Kenyon, the chief strategy officer. Brian, great to see you. >> Thanks for having me. >> Absolutely. So DayQI, Day2IQ. >> Correct. >> I'm going to get it eventually, by the end of the day. Interesting name. What does Day2IQ mean? Why did you guys rebrand the company that? >> Yeah, absolutely. So we were formerly known as Mesosphere, and the technology that we founded the company on was an open source package called Mesos, so the name naturally had a very close tie with Mesos and Mesosphere. So as we looked to rebrand the company and really enter the market with some of the changes we've seen in the evolution of cloud native, we focused on where customers were having trouble, where they were focused on operations, how they were going to take these concepts and these great ideas that were pervasive in the concept of cloud native and make them institutionalized and operationalized inside their companies. And what we found was, you know, day zero is when you played around and tested things, and day one is when you got it installed and stood up, but day two is when you really focused on the operations. How do I make this enterprise-ready? How do I make this fit my business? All of that happened on day two and after. So we saw that as a pretty natural way to focus our energy and focus our market penetration on day two. >> Right. And you also expanded beyond just kind of the Mesos ecosystem into some other areas, in containers, in Kubernetes, also data. So you guys are taking a little broader approach than maybe the company had at the original launch. >> Yeah, absolutely. And you've heard from one of our founders already and you spoke to our head of engineering. So I'm the newest of those, right? I joined in February, so I'm just, you know, almost 10 months in. So when I joined, I spent a lot of time meeting with our customers, talking to partners, talking to other folks and vendors in the space, and what we saw was there was a massive shift happening from where cloud native started maybe three, four, five years ago to where it is today, and one of the biggest changes has been around the emergence of Kubernetes, which has turned into a de facto standard for containers in cloud native. And so as we've evolved and moved into this D2IQ name, as we've started focusing on meeting our customer, we've obviously taken on a bigger stance inside the Kubernetes community and the Kubernetes product lines. >> Right. So what did you see? I mean, you're a long-time security executive. You've been in strategy and security for years and years and years. What did you see in this opportunity with a small start-up to get you to leave kind of the safe, comfortable, pretty standard corporate job into jumping back into this-- >> Nobody's ever said security's safe, so that's awesome. >> Well, safe certainly in terms of job security. (mumbles) my goodness, a big shill out there these days. >> It is, it is. >> But what did you see? >> I saw the future, is really what I saw. When you really took a step back and you looked at where compute was going and how organizations were starting to adopt new application methodologies, new application architectures, it was very clear that cloud had taken on a big portion of that and the concept of cloud native and open source technologies was becoming more and more prominent. And so as we looked at this, not only did we see a unique opportunity with the cloud native space, but if you fast forward a couple years, customers are going to be coming back around and starting to have conversations around security. How do I secure this? What, how do my CISOs and my operational folks in security understand this and how do they really start to apply the same controls and visibility to it? So it was a unique opportunity to get in and focus on where the future of our industry's going. >> Right. So it's an interesting thing with open source, and open source specifically in the enterprise. I think my favorite open source quote is, yeah, it's free like a puppy. You know, it's not free. You need support and you need training and you need a lot of help. So when you guys work with enterprises and they're incorporating more and more open source into their technology stack, what are some of the challenges that you guys are coming in to help them to actually get beyond a simple free download and the latest cool version to actually running in production, heavy duty loads, really important workloads. >> Absolutely. Yeah, one of the biggest shortfalls we see is obviously expertise, right? So there's a massive amount of innovation and capability that can be, can really be captured through open source software. The challenge is, it's all community-based. So folks contribute code, they sign it in, it's available for everybody to use, but how long is that code updated for? How long is it maintained? How do new features get added? What you see is you see a huge spike in interest and enthusiasm, and then just like every other hype cycle, you get to a trough of disillusionment where people move on to the next thing and the next thing in the open source community. And so organizations who want to leverage that innovation, want to focus their operations around open source, either for cost savings or time to market, find themselves a couple years later looking at code that's been abandoned, projects that aren't maintained anymore. We saw this in security with things like OpenSSL, right? One of the largest SSL libraries used across the entire security landscape. There were two people in the world maintaining that code. And so when a massive security vulnerability hit, organizations were scrambling. We want to stop that now for organizations that want to use open source. We, Day2IQ, want to bring our innovation, our expertise, to bring that open source to the customers and make sure that it's enterprise-ready, it's enterprise-supported, and it's enterprise-scalable. >> Right. So you guys have basically three market offerings, if I understand right. You've got a solution set where you're taking the core software and building solutions around it. You've got services, professional services, to get it in, get it up, and probably supported, so I have a 1-800 somebody to call, please, which, you couldn't call those two people in that case. >> Exactly. >> And then training, is that right? So those are how you're basically enterprise-hardening an open source kernel to get to a great solution for the customer. >> Yeah, what I'd also add in there is services. So whether it's advisory services, implementation services, or just kind of more traditional, our focus is really about meeting the customer where they need us. If you look at cloud and cloud native today, almost every customer across the globe is at a different evolution or a different maturity in that journey, and so some are at the very beginning where they're learning. Others are more towards the end where they're focused on operations and how do I streamline this, how do I hire the right folks. So we've taken a product, services, support, and training strategy that allows us to meet our customers where they are in their cloud native journey and assures us that we can provide the right level of expertise regardless of where they are. >> Right. What's been the biggest, of all the challenges that you see when people are getting started, what's some of the biggest challenges that you just see over and over and over again that you know you're going to get walking in the door? >> Over and over, you see training is just a constant, across the entire industry. No matter where a customer is in their evolution or their journey, they're constantly having to train, whether they're hiring and then training folks on the new way of developing or they're taking developers who have been building code and building applications in virtual machines or old monoliths for years that they want to train to this new paradigm. Training is a huge constant. The other piece is people are looking to rationalize their infrastructure. So services, we are in a very services-led industry right now where we can come in and help customers get stock of where are we today and where do we want to go long-term, and then put them on a plan, put them on a program or a path where they can achieve those outcomes, but do it in a way that's not disruptive or adds (mumbles). >> Right, 'cause the complexity just continues to increase. It's funny, you know, both Amazon introduced a piece of Amazon Cloud you can stick in your data center, and Google introduced a piece of Google Cloud that you can stick in your data center, and Microsoft recently introduced a piece of Azure that you can stick in your data center. So kind of this, you know, kind of real aggressive embracing of hybrid and this real embracing of complex setups where you can partition your workload based on where you think that workload should run today is really gaining hold. So the complexity is only going up, not going down. >> It is, you're absolutely right. And I will tell you, what you just brought up is a great example of why the complexity's going up. On-prem is a massively different, materially different environment than the clouds. The clouds are built on a margin, right? They're built on, if I take the same server and do this over and over again, I get repeatability, I get consistency, I get a very finite platform. If you look at how on-prem is, the traditional data center, you buy some servers from Dell, some servers from HP, storage from EMC, storage from HP. You've got all different types of hardware and software in there. So fixing that on-prem cloud is hard, and the clouds are struggling with this because the concept of taking their very clean, vanilla infrastructure and bringing that to the traditional on-premise is failing. That's where we shine. That's where we've built. That's where Mesosphere got their initial start was taking the cloud concept and bring it to the traditional data center. So we're helping clouds extend now by being that on-prem piece that speaks seamlessly with the clouds that our customers choose to use. >> Right. So I think, too, initially, the cloud was seen as a way to save money, and I've seen that evolve over time. It's really much more about speed and agility in your development cycles and getting new products to market. Do customers grok that? Are they still kind of wrestling with the cost savings and this is kind of an alternative way to buy compute and networking and capacity, or are they really moving fast because of the speed and the competitive threats? >> So I think it's interesting, and it varies, but I will tell you just from my lens, I'll say that a lot of customers are confused. They went to the cloud initially because they believe they wanted to be out of the data center game. It was easier for Amazon or Microsoft or Google to manage the data center than it was for their own IT teams. And so they shifted infrastructure up there, and then what they saw was the promises of hyperscaling, the promises of this elasticity. Your application grows as more users show up. They never realized that because those applications were built under a different premise, under a different architecture, and don't leverage the cloud native capabilities. So you're seeing a shift of people who've moved infrastructure or applications to the cloud to get out of the data center are now saying, okay, I'm kind of locked in, but where do I get my operational efficiency? Where do I get my hyperscaling? How do I get that? And now you're staring to see that shift from just using the clouds as infrastructure to more moving towards microservices, containers, and some of the things that Day2IQ helps with. >> Right, right. It's pretty funny, too, right? 'Cause the apps used to have to be built for the infrastructure on which you were going to deploy them. >> That's right. >> That's now flipped upside down, right? Now the app, the infrastructure needs to support the app. The app comes first, the infrastructure second. >> That's right. >> So having an architecture, you got to have the new architecture. As you said, you just can't simply flip the functionality of an old architecture into a new paradigm. >> And then expect you're going to get the same outcomes. >> Right, right. >> Yeah, very true. >> All right, so before I let you go, I want to get your perspective specifically on security, 'cause again, you were in the security space for a long time. Security's a hot space. Everyone says security has to be baked in everywhere. It can't be the castle and moat anymore. So with your security hat on as you kind of see these migrations and you see these new deployments and you see this move to cloud native, what do you think about from security? Are people baking it in enough? Are they thinking about it in the right way? Is it just such a fundamental shift that they need to think about security and really baking it in from the bottom to the top? >> They absolutely do. And I'll tell you what the scariest thing is, if I go through my CISO networks and talk to folks who are on that side of the fence, they're not even educated to this cloud native space yet. They don't really understand how it's happening and how it's evolving and what that means. So there's a huge education that needs to happen in security, but these things need to be bolted on from the beginning. I'll give you an example. Some of the value that comes from operating cloud native is that your ability to push code and push changes is very agile and quick. So it's encouraged in a cloud native type of architecture that a company can make 100 to 200, 300 code changes a day. >> Right. >> Right? When I grew up, you'd make those monthly, quarterly, right? 'Cause you had a whole bunch of testing. And how they push code multiple times a day. If you don't have your security team in lockstep with those developers and operations staff, how quickly can you get out of compliance? How quickly can you erode your security posture? These are all questions that have to be answered, and we're just at the very earliest stages of getting that. >> Right, and we didn't even talk about IoT and edge devices. >> Absolutely. >> Which opens up a whole different kind of threat surface. >> Absolutely. >> Yeah. >> Absolutely. >> All right, Brian, well, thanks for taking a few minutes. Good luck on the journey and hope things go super for you here. >> Thanks for having me. >> All right, he's Brian, I'm Jeff. You're watching theCUBE. We're at Day2 headquarters, Day2IQ headquarters in downtown San Francisco. Thanks for watching. We'll see you next time. (techno music)