Whit Crump, AWS Marketplace | Palo Alto Networks Ignite22
>>The Cube presents Ignite 22, brought to you by Palo Alto Networks. >>Hey guys, welcome back to the Cube, the leader in live enterprise and emerging tech coverage. We are live in Las Vegas at MGM Grand Hotel, Lisa Martin with Dave Valante, covering our first time covering Palo Alto Ignite. 22 in person. Dave, we've had some great conversations so far. We've got two days of wall to wall coverage. We're gonna be talking with Palo Alto execs, leaders, customers, partners, and we're gonna be talking about the partner ecosystem >>Next. Wow. Super important. You know, it's funny you talk about for a minute, you didn't know where we were. I, I came to Vegas in May. I feel like I never left two weeks ago reinvent, which was I, I thought the most awesome reinvent ever. And it was really all about the ecosystem and the marketplace. So super excited to have that >>Conversation. Yeah, we've got Wet Whit Krump joining us, director of America's business development worldwide channels and customer programs at AWS marketplace. Wet, welcome to the Cube. Great to have >>You. Thanks for having me. Give >>Us a, you got a big title there. Give us a little bit of flavor of your scope of work at aws. >>Yeah, sure. So I, I've been with the marketplace team now almost eight years and originally founded our channel programs. And my scope has expanded to not just cover channels, but all things related to customers. So if you think about marketplace having sort of two sides, one being very focused on the isv, I tend to manage all things related to our in customer and our, our channel partners. >>What are some of the feedback that you're getting from customers and channel partners as the marketplace has has evolved so much? >>Yeah. You know, it's, it's, it's been interesting to watch over the course of the years, getting to see it start its infancy and grow up. One of the things that we hear often from customers and from our channel partners, and maybe not so directly, is it's not about finding the things they necessarily want to buy, although that's important, but it's the actual act of how they're able to purchase things and making that a much more streamlined process, especially in large enterprises where there's a lot of complexity. We wanna make that a lot simple, simpler for our customers. >>I mean, vendor management is such a hassle, right? But, so when I come into the marketplace, it's all there. I gotta console, it's integrated, I choose what I want. The billing is simplified. How has that capability evolved since the time that you've been at aws and where do you, where do you want to take it? >>Yeah, so when we, we first started Marketplace, it was really a pay as you go model customer come, they buy whatever, you know, whatever the, the whatever the solution was. And then it was, you know, charged by the hour and then the year. And one of the things that we discovered through customer and partner feedback was especially when they're dealing with large enterprise purchases, you know, they want to be able to instantiate those custom price and terms, you know, into that contract while enjoying the benefits of, of marketplace. And that's been, I think the biggest evolution started in 2017 with private offers, 2018 with consulting partner private offers. And then we've added things on over time to streamline procurement for, for >>Customers. So one of the hottest topics right now, everybody wants to talk about the macro and the headwinds and everything else, but when you talk to customers like, look, I gotta do more with less, less, that's the big theme. Yeah. And, and I wanna optimize my spend. Cloud allows me to do that because I can dial down, I can push storage to, to lower tiers. There's a lot of different things that I can do. Yeah. What are the techniques that people are using in the ecosystem Yeah. To bring in the partner cost optimization. Yeah. >>And so one of the key things that, that partners are, are, are doing for customers, they act as that trusted advisor. And, you know, when using marketplace either directly or through a partner, you know, customers are able to really save money through a licensing flexibility. They're also able to streamline their procurement. And then if there's an at-risk spin situation, they're able to, to manage that at-risk spend by combining marketplace and AWS spin into into one, you know, basically draws down their commitments to, to the company. >>And we talk about ask at-risk spend, you might talk about user or lose IT type of spend, right? Yeah. And so you, you increase the optionality in terms of where you can get value from your cloud spend. That's >>All right. Customers are thinking about their, their IT spend more strategically now more than ever. And so they're not just thinking about how do I buy infrastructure here and then software here, data services, they wanna combine this into one place. It's a lot less to keep up with a lot, a lot less overhead for them. But also just the simplification that you alluded to earlier around, you know, all the billing and vendor management is, and now in one, one streamlined, one streamlined process. Talk >>About that as a facilitator of organizations being able to reduce their risk profile. >>Yeah, so, you know, one of the things that, that came out earlier this year with Forrester was a to were total economic impact studies for both an ISV and for the end customer. But there was also a thought leadership study done where they surveyed over 700 customers worldwide to sort of get their thoughts on procurement and risk profile management. And, and one of the things that was really, you know, really surprising was is was that, you know, I guess it was like over 78% of of respondents DEF stated that they didn't feel like their, their companies had a really well-defined governance model and that over half of software and data purchases actually went outside of procurement. And so the companies aren't really able to, don't, they don't really have eyes on all of this spin and it's substantial >>And that's a, a huge risk for the organization. >>Yeah. Huge risk for the organization. And, and you know, half of the respondents stated outright that like they viewed marketplaces a way for them to reduce their risk profile because they, they were able to have a better governance model around that. >>So what's the business case can take us through that. How, how should a customer think about that? So, okay, I get that the procurement department likes it and the CFO probably likes it, but how, what, what's the dynamic around the business? So if I'm a, let's say I'm, I'm a bus, I'm a business person, I'm a, and running the process, I got my little, I get my procurement reach around. Yeah. What does the data suggest that what's in it from me, right? From a company wide standpoint, you know, what are the, maybe the Forester guys address this. So yeah, that overall business case I think is important. >>Yeah, I think, I think one of the big headlines for the end customer is because of license flexibility is that is is about a 10% cost savings in, in license cost. They're able to right size their purchases to buy the things they actually need. They're not gonna have these big overarching ELAs. There's gonna be a lot of other things in there that, that they don't, they don't really aren't gonna really directly use. You're talking about shelfware, you know, that sort of the classic term buy something, it never gets used, you know, also from just a, a getting things done perspective, big piece of feedback from customers is the contracting process takes a long time. It takes several months, especially for a large purchase. And a lot of those discussions are very repetitive. You know, you're talking about the same things over and over again. And we actually built a feature called standardized contract where we talked to a number of customers and ISVs distilled a contract down into a, a largely a set of terms that both sides already agreed to. And it cuts that, that contract time down by 90%. So if you're a legal team in a company, there's only so many of you and you have a lot of things to get done. If you can shave 90% off your time, that that's, that's now you can now work on a lot of other things for the, the corporation. Right. >>A lot of business impact there. You think faster time to value, faster time to market workforce optimization. >>Yeah. Yeah. I mean, it, it, you know, from an ISV standpoint, the measurement is they're, they're able to close deals about 40% faster, which is great for the isv. I mean obviously they love that. But if you're a customer, you're actually getting the innovative technologies you need 40% faster. So you can actually do the work you want to take it to your customers and drive the business. >>You guys recently launched, what is it, vendor Insights? Yeah. Talk a little bit about that, the value. What are some of the things that you're seeing with that? >>Yeah, so that goes into the, the onboarding value add of marketplaces. The number of things that go into, to cutting that time according to Forrester by 75%. But Vendor Insights was based on a key piece, offa impact from customers. So, you know, marketplace is used for, one of the reasons is discoverability by customers, Hey, what is the broader landscape? Look for example of security or storage partners, you know, trying to, trying to understand what is even available. And then the double click is, alright, well how does that company, or how does that vendor fit into my risk profile? You know, understanding what their compliance metrics are, things of that nature. And so historically they would have to, a customer would've to go to an ISV and say, all right, I want you to fill out this form, you know that my questionnaire. And so they would trade this back and forth as they have questions. Now with vendor insights, a customer can actually subscribe to this and they're able to actually see the risk profile of that vendor from the inside out, you know, from the inside of their SaaS application, what does it look like on a real time basis? And they can go back and look at that whenever they want. And you know, the, the, the feedback since the launch has been fantastic. And that, and I think that helps us double down on the already the, the onboarding benefits that we are providing customers. >>This, this, I wanna come back to this idea of cost optimization and, and try to tie it into predictability. You know, a lot of people, you know, complain, oh, I got surprised at the end of the month. So if I understand it wit by, by leveraging the marketplace and the breadth that you have in the marketplace, I can say, okay, look, I'm gonna spend X amount on tech. Yeah. And, and this approach allows me to say, all right, because right now procurement or historically procurement's been a bunch of stove pipes, I can't take from here and easily put it over there. Right. You're saying that this not only addresses the sort of cost optimization, does it also address the predictability challenge? >>Yeah, and I, I think another way to describe that is, is around cost controls. And you know, just from a reporting perspective, you know, we, we have what are called cost utilization reports or curve files. And we provide those to customers anytime they want and they can load those into Tableau, use whatever analysis tools that they want to be able to use. And so, and then you can actually tag usage in those reports. And what we're really talking about is helping customers adopt thin op practices. So, you know, develop directly for the cloud customers are able to understand, okay, who's using what, when and where. So everyone's informed that creates a really collaborative environment. It also holds people accountable for their spin. So that, you know, again, talking about shelfware, we bought things we're not gonna use or we're overusing people are using software that they probably don't really need to. And so that's, that adds to that predictable is everyone has great visibility into what's happening. And there's >>Another, I mean, of course saving money is, is, is in vogue right now because you know, the headwinds and the economics, et cetera. But there's also another side of the equation, which is, I mean, I see this a lot. You know, the CFO says financial people, why is our cloud bill so high? Well it's because we're actually driving all this revenue. And so, you know, you've seen it so many so often in companies, you know, the, the spreadsheet analysis says, oh, cut that. Well, what happens to revenue if you cut that? Right? Yeah. So with that visibility, the answer may be, well actually if we double down on that, yeah, we're actually gonna make more money cuz we actually have a margin on this and it's, it's got operating leverage. So if we double that, you know, we could, so that kind of cross organization communication to make better decisions, I think is another key factor. Yeah. >>Huge impact there. Talk ultimately about how the buyer's journey seems to have been really transformed >>The >>Correct. Right? So if you're, if you're a buyer, you know, initially to your point is, you know, I'm just looking for a point solution, right? And then you move on to the next one and the next one. And now, you know, working with our teams and using the platform, you know, and frankly customers are thinking more strategically about their IT spend holistically. The conversations that we're having with us is, it's not about how do I find the solution today, but here's my forward looking software spend, or I'm going through a migration, I wanna rationalize the software portfolio I have today as I'm gonna lift and shift it to aws. You know, what is going to make the trip? What are we gonna discard entirely because it's not really optimized for the cloud. Or there's that shelf wheel component, which is, hey, you know, maybe 15 to 25% of my portfolio, it's just not even getting utilized. And that, and that's a sunk cost to your point, which is, you know, that's, that's money I could be using on something that really impacts the bottom line in various areas of the business. Right. >>What would you say is the number one request you get or feedback you get from the end customers? And how is that different from what you hear from the channel partners? How aligned or Yeah. Are those >>Vectors? I would say from a customer perspective, one of the key things I hear about is around visibility of spin, right? And I was just talking about these reports and you know, using cost optimization tools, being able to use features like identity and access management, managing entitlements, private marketplaces. Basically them being able to have a stronger governance model in the cloud. For one thing, it's, it's, you know, keeping everybody on track like some of the points I was talking about earlier, but also cost, cost optimization around, you know, limiting vendor sprawl. Are we actually really using all the things that we need? And then from a channel partner perspective, you know, some of the things I talked about earlier about that 40% faster sales cycle, you know, that that TEI or the total economic impact study that was done by Forrester was, was built for the isv. >>But if you're a channel partner sitting between the customer and the isv, you kind of get to, you get a little bit of the best of both worlds, right? You're acting as that, you're acting as that that advisor. And so if you're a channel partner, the procurement streamlining is a huge benefit because the, you know, like you said, saving money is in vogue right now. You're trying to do more with less. So if you're thinking about 20, 27% faster win rates, 40% faster time to close, and you're the customer who's trying to impact the bottom line by, by innovating more, more quickly, those two pieces of feedback are really coming together and meeting in, in the middle >>Throughout 2021, or sorry, 2022, our survey partner, etr Enterprise Technology Research has asked their panel a question is what's your strategy for, you know, doing more with less? By far the number one response has been consolidating redundant vendors. Yes. And then optimizing cloud was, you know, second, but, but way, way lower than that. The number from last survey went from 34%. It's now up to 44% in the January survey, which is in the field, which they gave me a glimpse to last night. So you're seeing dramatic uptick Yeah. In that point. Yeah. And then you guys are helping, >>We, we definitely are. I mean, it, there's the reporting piece so they have a better visibility of what they're doing. And then you think about a, a feature like private marketplace and manage entitlements. So private marketplace enables a customer to create their own private marketplace as the name states where they can limit access to it for certain types of software to the actual in customer who needs to use that software. And so, you know, not everybody needs a license to software X, right? And so that helps with the sprawl comment to your point, that's, that's on the increase, right? Am I actually spending money on things that we need to use? >>But also on the consolidation front, you, we, we talked with nikesh an hour or so ago, he was mentioning on stage, if you, if you just think of this number of security tools or cybersecurity tools that an organization has on its network, 30 to 50. And we were talking about, well, how does Palo Alto Networks what's realistic in terms of consolidation? But it sounds like what you're doing in the marketplace is giving organizations the visibility, correct, for sure. Into what they're running, usage spend, et cetera, to help facilitate ultimately at some point facilitate a strategic consolidation. >>It's, that's exactly right. And if you, you think about cost optimization, our procurement features, you know, the, the practice that we're trying to help customers around, around finops, it's all about helping customers build a, a modern procurement practice and supply chain. And so that helps with, with that point exactly. The keynotes >>Point. Exactly. So last question for you. What, what's next? What can we expect? >>Oh, so what's next for me is, you know, I, I really want to, you know, my channel business for example, you know, I want to think about enabling new types of partners. So if we've worked really heavily with resellers, we worked very heavily with Palo Alto on the reseller community, how are we bringing in more services partners of various types? You know, the gsi, the distributors, cloud service providers, managed security service providers was in a keynote yesterday listening to Palo Alto talk about their five routes to market. And, you know, they had these bubbles. And so I was like, gosh, that's exactly how I'm thinking about the business is how am I expanding my own footprint to customers that have deeper, I mean, excuse me, to partners that have deeper levels of cloud knowledge, can be more of that advisor, help customers really understand how to maximize their business on aws. And, and you know, my job is to really help facilitate that, that innovative technology through those partners. >>So sounds like powerful force, that ecosystem. Exactly. Great alignment. AWS and Palo Alto, thank you so much for joining us with, we >>Appreciate, thanks for having >>With what's going on at aws, the partner network, the mp, and all that good stuff. That's really the value in it for customers, ISVs and channel partners. I like. We appreciate your insights. >>Thank you. Thanks for having me. Thank you. >>Our guests and Dave Valante. I'm Lisa Martin. You're watching the Cube Lee Leer in live enterprise and emerging tech coverage.
SUMMARY :
The Cube presents Ignite 22, brought to you by Palo Alto the partner ecosystem You know, it's funny you talk about for a minute, you didn't know where we were. Great to have Give Us a, you got a big title there. So if you think about marketplace having sort of two sides, One of the things that we hear often from customers and from since the time that you've been at aws and where do you, where do you want to take it? And then it was, you know, charged by the hour and then the year. but when you talk to customers like, look, I gotta do more with less, less, that's the big theme. partner, you know, customers are able to really save money through a licensing flexibility. And we talk about ask at-risk spend, you might talk about user or lose IT type of spend, right? But also just the simplification that you alluded to earlier around, Yeah, so, you know, one of the things that, that came out earlier this year with Forrester And, and you know, half of the respondents stated outright that like From a company wide standpoint, you know, what are the, maybe the Forester guys address this. You're talking about shelfware, you know, that sort of the classic term buy something, it never gets used, You think faster time to value, faster time to market workforce optimization. So you can actually do the work you want to take it to your customers and drive the business. What are some of the things that you're seeing with that? the inside out, you know, from the inside of their SaaS application, what does it look like on a real time basis? You know, a lot of people, you know, complain, oh, I got surprised at the end of the month. So, you know, develop directly for the cloud customers are able to understand, And so, you know, Huge impact there. And now, you know, working with our teams and using the platform, you know, And how is that different from what you hear from the channel partners? And I was just talking about these reports and you know, using cost optimization a huge benefit because the, you know, like you said, saving money is in vogue right now. And then you guys are helping, And so, you know, not everybody needs a license to software And we were talking about, well, how does Palo Alto Networks what's our procurement features, you know, the, the practice that we're trying to help customers around, So last question for you. Oh, so what's next for me is, you know, I, I really want thank you so much for joining us with, we That's really the value in it for customers, ISVs and channel partners. Thanks for having me. You're watching the Cube Lee Leer in
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
Lisa Martin | PERSON | 0.99+ |
Dave Valante | PERSON | 0.99+ |
AWS | ORGANIZATION | 0.99+ |
2017 | DATE | 0.99+ |
40% | QUANTITY | 0.99+ |
January | DATE | 0.99+ |
30 | QUANTITY | 0.99+ |
Vegas | LOCATION | 0.99+ |
15 | QUANTITY | 0.99+ |
90% | QUANTITY | 0.99+ |
2018 | DATE | 0.99+ |
75% | QUANTITY | 0.99+ |
Las Vegas | LOCATION | 0.99+ |
Dave | PERSON | 0.99+ |
34% | QUANTITY | 0.99+ |
Forrester | ORGANIZATION | 0.99+ |
two days | QUANTITY | 0.99+ |
2022 | DATE | 0.99+ |
yesterday | DATE | 0.99+ |
Palo Alto Networks | ORGANIZATION | 0.99+ |
May | DATE | 0.99+ |
2021 | DATE | 0.99+ |
Whit Crump | PERSON | 0.99+ |
first time | QUANTITY | 0.99+ |
over 700 customers | QUANTITY | 0.99+ |
Tableau | TITLE | 0.99+ |
both sides | QUANTITY | 0.98+ |
second | QUANTITY | 0.98+ |
today | DATE | 0.98+ |
over 78% | QUANTITY | 0.98+ |
Enterprise Technology Research | ORGANIZATION | 0.98+ |
two sides | QUANTITY | 0.98+ |
last night | DATE | 0.97+ |
Palo Alto | ORGANIZATION | 0.97+ |
two pieces | QUANTITY | 0.97+ |
50 | QUANTITY | 0.97+ |
nikesh | PERSON | 0.97+ |
25% | QUANTITY | 0.97+ |
DEF | ORGANIZATION | 0.96+ |
one | QUANTITY | 0.96+ |
an hour or so ago | DATE | 0.96+ |
One | QUANTITY | 0.95+ |
Palo Alto Networks | ORGANIZATION | 0.95+ |
earlier this year | DATE | 0.95+ |
both worlds | QUANTITY | 0.95+ |
one thing | QUANTITY | 0.94+ |
Wet Whit Krump | PERSON | 0.94+ |
two weeks ago | DATE | 0.94+ |
five routes | QUANTITY | 0.94+ |
aws | ORGANIZATION | 0.93+ |
Forester | ORGANIZATION | 0.93+ |
first | QUANTITY | 0.92+ |
one place | QUANTITY | 0.92+ |
10% | QUANTITY | 0.91+ |
both | QUANTITY | 0.91+ |
America | LOCATION | 0.89+ |
double click | QUANTITY | 0.87+ |
almost eight years | QUANTITY | 0.87+ |
half of the respondents | QUANTITY | 0.85+ |
MGM Grand Hotel | LOCATION | 0.84+ |
about 40% | QUANTITY | 0.83+ |
Ignite | COMMERCIAL_ITEM | 0.82+ |
AWS Marketplace | ORGANIZATION | 0.8+ |
up to 44% | QUANTITY | 0.8+ |
27% | QUANTITY | 0.78+ |
over half | QUANTITY | 0.77+ |
Alto | LOCATION | 0.76+ |
Cube | ORGANIZATION | 0.72+ |
Cube Lee Leer | PERSON | 0.69+ |
20 | QUANTITY | 0.69+ |
finops | ORGANIZATION | 0.68+ |
Wet | PERSON | 0.67+ |
Breaking Analysis: The Case for Buy the Dip on Coupa, Snowflake & Zscaler
from the cube studios in palo alto in boston bringing you data driven insights from the cube and etr this is breaking analysis with dave vellante by the dip has been been an effective strategy since the market bottomed in early march last year the approach has been especially successful in tech and even more so for those tech names that one were well positioned for the forced march to digital i sometimes call it i.e remote work online commerce data centric platforms and certain cyber security plays and two already had the cloud figured out the question on investors minds is where to go from here should you avoid some of the high flyers that are richly valued with eye-popping multiples or should you continue to buy the dip and if so which companies that capitalized on the trends from last year will see permanent shifts in spending patterns that make them a solid long-term play hello and welcome to this week's wikibon cube insights powered by etr in this breaking analysis we shine the spotlight on three companies that may be candidates for a buy the dip strategy and it's our pleasure to welcome in ivana delevco who's the chief investment officer and founder of spear alpha a new research-centric etf focused on industrial technology ivana is a long-time equity analyst with a background in both long and short investing ivana welcome to the program thanks so much for coming on thanks for having me david yeah it's really our pleasure i i want to start with your etf and give the folks a bit more background about you first you know we gotta let people know i'm not an investment pro i'm not an advisor i don't make stock recommendations i don't sell investments so you got to do your own research i have a lot of data so happy to share it but you got to understand your own risks you of course yvonne on the other hand you do offer investment services and so people before investing got to carefully review all the available available investment docs understand what you're getting into before you invest now with that out of the way ivana i have some stats up here on this slide your spear you're a newly launched female lead firm that does deep research into the supply chain we're going to talk about that you try to uncover as i understand it under-appreciated industrial tech firms and some really pretty cool areas that we list here but tell us a little bit more about your background and your etf so thanks for having me david my background is in industrial research and industrial technology investments i've spent the past 15 years covering this space and what we've seen over the past five years is technology changes that are really driving fundamental shifts in industrial manufacturing processes so whether this is 5g connectivity innovation in the software stack increasing compute speeds all of these are major technological advancements that are impacting uh traditional manufacturers so what we try to do is assess speak to these firms and assess who is at the leading and who is at the lagging end of this digital transformation and we're trying to assess what vendors they're using what processes they're implementing and that is how we generate most of our investment ideas okay great and and we show on the bottom of of this sort of intro slide if you will uh so one of the processes that you use and one of the things that that is notable a lot of people compare you uh to kathy woods are investments when you came out uh i think you use a different process i mean maybe there are some similarities in terms of disruption but at the bottom of this slide it shows a mckinsey sort of graphic that that i think informs people as to how you really dig into the supply chain from a research standpoint is that right absolutely so for us it's all about understanding the supply chain going deep in the supply chain and gather data points from primary sources that we can then translate into investment opportunities so if you look at this mckinsey graph uh you will see that there is a lot of opportunity to for these companies to transform themselves both on the front end which means better revenue better products and on their operation side which means lower cost whether it's through better operations or through better processes on the the back end so what we do is we will speak to a traditional manufacturing company and ask them okay well what do you use for better product development and they will give us the name of the firms and give us an assessment of what's the differences between the competitors why they like one versus the other so then we're gonna take the data and we will put it into our financial model and we'll understand the broader market for it um the addressable market the market share that the company has and will project the growth so for these higher growth stocks that that you cover the main alpha generation uh potential here is to understand what the amount of growth these companies will generate over the next 10 to 20 years so it's really all about projecting growth in the next three years in the next five years and where will growth ultimately settle in in the next 10 to 20 years love it we're gonna have a fun conversation because today we're going to get into your thesis for cooper snowflake and z scalar we're going to bring in some of our own data some of our data from etr and and why you think these companies may be candidates for long-term growth and and be buy the dip stock so to do that i hacked up this little comparison slide we're showing here i do this for context our audience knows i'm not a cfa or a valuation expert but we like to do simple comparisons just to give people context and a sense of relative size growth and valuation and so this chart attempts to do that so what i did is i took the most recent quarterly revenue for cooper snowflake and z scalar multiplied it by four to get a run rate we included servicenow in the table just for baseline reference because bill mcdermott as we've reported aspires to make service now the next great enterprise software company alongside with salesforce and oracle and some of the others and and all these companies that we list here that through the three here they aspire to do so in their own domain so we're displaying the market cap from friday morning september 10th we calculated a revenue run rate multiple and we show the quarterly revenue growth and what this data does is gives you a sense of the three companies they're well on their way to a billion dollars in revenue it underscores the relationship between revenue growth and valuation snowflake being the poster child for that dynamic savannah i know you do much more detailed financial analysis but let's talk about these companies in order maybe start with koopa they just crushed their quarter i mean they blew away consensus on the top line what else about the company do you like and why is it on your by the dip list so just to back up david on valuation these companies investors either directly or indirectly value on a dcf basis and what happened at the beginning of the year as interest rates started increasing people started freaking out and once you plug in 100 basis points higher interest rate in your dcf model you get significant price downside so that really drove a lot of the pullback at the beginning of the year right now where we stand today interest rates haven't really moved all that significantly off the bot of the bottom they're still around the same levels maybe a little bit higher but those are not the types of moves that are going to drive significant downside in this stock so as things have stabilized here a lot of these opportunities look pretty attractive on that basis so koopa specifically came out of our um if you go back to that uh the chart of like where the opportunities lie in um in across the manufacturing uh um enterprise koopa is really focused on business pen management so they're really trying to help companies reduce their cost uh and they're a leader in the space uh they're unique uh unique in that they're cloud-based so the feedback we've been hearing from from our companies that use it jetblue uses it train technologies uses it the feedback we've been hearing is that they love the ease of implementation so it's very easy to implement and it drives real savings um savings for these companies so we see in our dcf model we see multiple years of this 30 40 percent growth and that's really driving our price target yeah and we can i can confirm that i mean i mean just anecdotally you know you know we serve a lot of the technology community and many of our clients are saying hey okay you know when you go to do invoicing or whatever you work with procurement it's koopa you know this is some ariba that's kind of the legacy which is sap we'll talk about that a little later but let's talk about snowflake um you know snowflake we've been tracking them very closely we know the management there we've watched them through their last two companies now here and have been following that company early on since since really 2015. tell us why you like snowflake um and and maybe why you think it can continue its rapid growth thanks david so first of all i need to compliment you on your research on the company on the technology side so where we come in is more from understanding where our companies can use soft snowflake and where snowflake can add value so what we've been hearing from our companies is the challenge that they're facing is that everybody's moving to the cloud but it's not as simple as just send your data to the cloud and call aws and they're gonna generate more revenue for your solve your cost problem so what we've been hearing is that companies need to find tools that are easy to use where they can use their own domain expertise and just plug and play so um ansys is one of the companies we covered the dust simulation they've found snowflake to be an extremely useful tool in sales lead generation and within sales crm systems have been around for a while and they're they've really been implemented but analyzing sales numbers is something that is new to this company some some of our companies don't even know what their sales are even when they look back after the quarter is closed so tools like this help um companies do easy analytics and therefore drive revenue and cost savings growth so we see really big runway for for this company and i think the most misunderstood part about it is that people view it as a warehousing data warehousing play while this is all about compute and the company does a good job separating the two and what our their customers like or like the companies that we cover like about it is that it can lower their compute costs um and make it much easier much more easily manageable for them great and we're going to talk about more about each of these companies but let's talk about z-scaler a bit i mean z-scaler is a company we've been very excited about and identified them kind of early on they've definitely benefited from the move to cloud generally and specifically the remote work uh situation with the cyber threats etc but tell us why you like z-scaler so interestingly z-scaler um we like the broader security space um the broader cyber security space and interestingly our companies are not yet spending to the level that is commensurate with the increase in attack rate so we think this is a trend that is really going to accelerate as we go forward um my own board 20 of the time on the last board meeting was spent on cyber security what we're doing and this is a pretty simple operation that that we're running here so you can imagine for a large enterprise with thousands of people all around the world um needing to be on a single simple system z-scaler really fits well here very easy to implement several of our industrial companies use it siemens uses it ge uses it and they've had great great experience with it excellent i just want to take a quick look at how some of these names have performed over the last year and and what if anything this data tells us this is a chart comparing the past 12 months performance of of those four companies uh that we just talked about and we added in you know servicenow z scalar as you can see has outperformed the other despite your commentary on discounted cash flow snowflake is underperformed really precisely for the reasons that you mentioned not to mention the fact that it was pretty highly valued and you can see relative to the nas but it's creeping back lately after very strong earnings even though the stock dropped after it beat earnings because the street wants the cfo to say to guide even higher than maybe as mike scarpelli feels is prudent and you can see cooper has also underperformed relatively speaking i mean it absolutely destroyed consensus this week the stock went up but it's been off with the the weaker market this week i know you like to take a longer term view but but anything you would add here yeah so interestingly both z-scaler and koopa were in the camp of as we went into earnings expectations were already pretty high because few of their competitors reported very strong results so this scalar yesterday their revenue growth was was pretty strong the stock is down today uh and the reason is because people were kind of caught up a little bit in the noise of this quarter growth is 57 last quarter it was 60 like is this a deceleration we don't see it as that at all and the company brought up one point that i thought was extremely interesting which is as their deal sizes are getting larger it takes a little longer time for them to see the revenue come through so it takes a little bit of time to for you to see it into from billings into into revenue same thing with cooper very strong earnings report but i think expectations were already pretty high going into it uh given the service now and um and anna plan as well reported strong results so i think it's all about positioning so we love these setups where you can buy the deep in on this opportunity where like people get caught up in um short-term noise and and it creates good entry points excellent i i want to bring in some data from our partner etr and see if you have any comments ivana so what we're showing here is a two-dimensional chart we like to show this uh very frequently it's based on a survey of between a thousand and fifteen hundred chief information officers and technology buyers every quarter this is from their most recent july survey the vertical axis shows net score which is a measure of spending momentum i mean this it measures the net percentage of customers in the survey that are spending more on a particular product or platform in other words it essentially subtracts the percentage of customers spending less from those spending more which yields a net score it's more granular than that but basically that's what it does the horizontal axis is market share or pervasiveness in the data set it's not revenue market share like you get from idc it's it's a mention market share and now that red dotted line at the 40 percent mark on the vertical represents an elevated level in other words anything above 40 percent we consider notable and we've plotted our three by the dip companies and included some of their competitors for context and you can see we added salesforce servicenow and oracle and that orange ellipse because they're some of the bigger names in the software business so let's take these in alphabetical order ivana starting with koopa in the blue you can see we plotted them next to sap's ariba and you can see cooper has stronger spending momentum but not as much presence in the market so to me my influence is oh that's an opportunity for them to steal share more modern technology you know more facile and of course oracle has products in this space but the oracle dot includes all oracle products not just the procurement stuff but uh maybe your thoughts on this absolutely i love this chart i think that's your spot on this would be the same way i would interpret the chart where um increased spending momentum is is a sign of the company providing products that people like and we we expect to see cooper's share grow market share grow over time as well so let's come back to the chart and i want to i want to really point out the green ellipse this is the data zone if you will uh and we're like a broken record on this program with snowflake has performed unbelievably well in net score and spending momentum every quarter the dtr has captured enough end sample in its survey holding near or above 80 percent its net score consistently is has been up there and we've plotted data bricks in that zone it's been expected right that data bricks is going to do an ipo this year late last month company raised 1.6 billion in a private round so i guess that was either a strategy to delay the ipo or raise a bunch more cash and give late investors a low risk bite at the apple you know pre-ipo as we saw with snowflake last year what we didn't plot here are some of snowflake's biggest competitors ivana who also happen to be their partners most notably the big cloud players all who have their own database offerings aws microsoft and google now you've said snowflake is much more than a database company i wonder if you could add some color here yeah that's a very good point david uh basically the the driver of the thesis in snowflake is all about acceleration and spending and what we are seeing is the customers that are signed up on their platform today they're not even spending they're probably spending less than five percent of what they can ultimately spend on this product and the reason is because they don't yet know what the ultimate applications are for this right so you're gonna start with putting the data in a format you can use and you need to come up with use cases or how are you actually going to use this data so back to the example that i gave with answers the first use case that they found was trying to optimize leads there could be like 100 other use cases and they're coming up with with those on a daily basis so i would expect um this score to keep keep uh keep up pretty high or or go even higher as we as people figure out how they can use this product you know the buy-the-dip thesis on snowflake was great last quarter because the stock pulled back after they announced earnings and when we reported we said you know mike the the company see well cleveland research came out remember they got the dip on that and we looked at the data and we said mike scarpelli said that you know we're going to probably as a percentage of overall customers decelerate the net net new logos but we're going deeper into the customer base and that's exactly what's happening with with snowflake but okay let's bring up the slide again last but not least the z scaler we love z scalar we named z scaler in 2019 as an emerging four-star security company along with crowdstrike and octa and we said these three should be on your radar and as you see we've plotted z scalar with octa who with its it's its recent move into to converging identity and governance uh it gets kind of interesting uh we plotted them with palo alto as well another cyber security player that we've covered extensively we love octa in addition to z-scaler we great respect for palo alto and you'll note all of them are over that 40 percent line these are disruptors they're benefiting well not so much palo alto they're more legacy but the the other two are benefiting from that shift to work from home cloud security modern tech stack uh the acquisition that octa-made of of of auth0 and again z scalar cloud security getting rid of a lot of hardware uh really has a huge tailwind at its back if on a zscaler you know they've benefited from the huge my cloud migration trend what are your thoughts on the company so i actually love all three companies that are there right and the point is people are just going to spend more money whether you are on the cloud of the cloud the data centers need more security as well so i think there is a strong case to be made for all three with this scaler the upside is that it's just very easy to use very easy to implement and if you're somebody that is just setting up infrastructure on the cloud there is no reason for you to call any other competitor right with palo alto the case there is that if you have an established um security platfor if you're on their security platform the databa on the data center side uh they they did introduce through several acquisitions a pretty attractive cloud offering as well so they've been gaining share as well in the space and and the company does look pretty attractive on valiation basis so for us cyber security is really all about rising tide lifts all boats here right so you can have a pure play like this scaler uh that benefits from the cloud but even somebody like palo alto is pretty well positioned um to benefit yeah we think so too over a year ago we reported on the valuation divergence between palo alto and fortinet fortinet was doing a better job moving to the cloud and obviously serves more of a mid-market space palo alto had some go-to-market execution challenges we said at the time they're going to get through those and when we talk to chief information security officers palo alto is like the gold standard they're the thought leader they want to work with them but at the same time they also want to participate in some of these you know modern cloud stacks so i we agree there's plenty of room for all three um just to add a bit more color and drill into the spending data a little bit more this slide here takes that net score and shows the progression since january 2019 and you can see a snowflake just incredible in terms of its ability to maintain that elevated net score as we talked about and the table on the insert it shows you the number of responses and all three of these companies have been getting more mentions over time but snowflake and z scale are now both well over 100 n in the survey each quarter and the other notable piece here and this is really important you can see all three are coming out of the isolation economy with the spending uptick nice upticks shown in the most recent survey so that's again another positive but i want to close ivana with kind of making the bull and bear case and have you address really the risks to the buy the dip scenario so look there are a lot of reasons to like these companies we talked about them cooper they've got earnings momentum you know management on the call side had very strong end market demand this the stock you know has underperformed the nasdaq you know this year snowflake and zscaler they also have momentum snowflake get this enormous tam uh although they were punished for not putting a hard number on it which is ridiculous in my opinion i mean the thing is it's huge um the investors were just kind of you know wanting a little binky baby blanket but they all have modern tech in the cloud and really importantly this shows in the etr surveys you know the momentum that they have so very high retention is the other point i wanted to make the very very low churn of these companies however cooper's management despite the blowout quarter they gave kind of underwhelming guidance they've cited headwinds uh they've with the the the lamisoft uh migration to their cloud platform snowflake is kind of like price to perfection so maybe that's an advantage because every every little negative news is going to going to cause the company to dip but it's you know it's pretty high value because salutman and scarpelli everybody expects them to surpass what happened at servicenow which was a rocket ship and it could be all argued that all three are richly priced and overvalued so but ivana you're looking out as you said a couple of years three years maybe even five years how do you think about the potential downside risks in in your by the dip scenario you buy every dip you looking for bigger dips or what's your framework there so what we try to do is really look every quarter the company reports is there something that's driving fundamental change to the story or is it a one-off situation where people are just misunderstanding what the company is reporting so in the case we kind of addressed some of the earnings that that were reported but with koopa we think the man that management is guiding conservatively as they should so we're not very concerned about their ability to execute on on the guidance and and to exceed the guidance with snowflake price to perfection that's never a good idea to avoid a stock uh because it just shows that there is the company is doing a great job executing right so um we are looking for reports like the cleveland report where they would be like negative on the stock and that would be an entry point uh for us so broadly we apply by the deep philosophy but not not if something fundamentally changes in the story and none of these three are showing any signs of fundamental change okay we're going to leave it right there thanks to my guest today ivana tremendous having you would love to have you back great to see you thank you david and def you definitely want to check out sprx and the spear etf now remember i publish each week on wikibon.com and siliconangle.com these episodes they're all available as podcasts all you do is search breaking analysis podcasts you can always connect with me on twitter i'm at d vallante or email me at david.vellante at siliconangle.com love the comments on linkedin don't forget to check out etr.plus for all the survey action this is dave vellante for the cube insights powered by etr be well and we'll see you next time [Music] you
SUMMARY :
the company to dip but it's you know
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
mike scarpelli | PERSON | 0.99+ |
palo alto | ORGANIZATION | 0.99+ |
january 2019 | DATE | 0.99+ |
mike scarpelli | PERSON | 0.99+ |
david | PERSON | 0.99+ |
40 percent | QUANTITY | 0.99+ |
today | DATE | 0.99+ |
1.6 billion | QUANTITY | 0.99+ |
five years | QUANTITY | 0.99+ |
2019 | DATE | 0.99+ |
2015 | DATE | 0.99+ |
microsoft | ORGANIZATION | 0.99+ |
last year | DATE | 0.99+ |
three companies | QUANTITY | 0.99+ |
less than five percent | QUANTITY | 0.99+ |
yesterday | DATE | 0.99+ |
early march last year | DATE | 0.99+ |
each week | QUANTITY | 0.99+ |
last quarter | DATE | 0.99+ |
siliconangle.com | OTHER | 0.99+ |
this week | DATE | 0.99+ |
dave vellante | PERSON | 0.99+ |
boston | LOCATION | 0.99+ |
thousands of people | QUANTITY | 0.98+ |
four companies | QUANTITY | 0.98+ |
two | QUANTITY | 0.98+ |
this year | DATE | 0.98+ |
apple | ORGANIZATION | 0.98+ |
one point | QUANTITY | 0.98+ |
three years | QUANTITY | 0.98+ |
octa | ORGANIZATION | 0.98+ |
three | QUANTITY | 0.98+ |
crowdstrike | ORGANIZATION | 0.98+ |
60 | QUANTITY | 0.98+ |
aws | ORGANIZATION | 0.98+ |
koopa | ORGANIZATION | 0.98+ |
one | QUANTITY | 0.97+ |
fortinet | ORGANIZATION | 0.97+ |
100 other use cases | QUANTITY | 0.97+ |
both | QUANTITY | 0.97+ |
100 basis | QUANTITY | 0.97+ |
ivana | PERSON | 0.97+ |
first use case | QUANTITY | 0.97+ |
each | QUANTITY | 0.97+ |
cooper | PERSON | 0.97+ |
57 | QUANTITY | 0.96+ |
ORGANIZATION | 0.96+ | |
each quarter | QUANTITY | 0.96+ |
billion dollars | QUANTITY | 0.96+ |
mckinsey | ORGANIZATION | 0.94+ |
def | PERSON | 0.94+ |
friday morning september 10th | DATE | 0.93+ |
lamisoft | ORGANIZATION | 0.93+ |
four-star | QUANTITY | 0.93+ |
mike | PERSON | 0.91+ |
scarpelli | PERSON | 0.91+ |
oracle | ORGANIZATION | 0.91+ |
ansys | ORGANIZATION | 0.91+ |
z scalar | TITLE | 0.91+ |
late last month | DATE | 0.9+ |
ORGANIZATION | 0.9+ | |
30 40 percent | QUANTITY | 0.9+ |
d vallante | PERSON | 0.88+ |
Pham and Britton and Fleischer V1
>>covering the space and cybersecurity symposium 2020 hosted by Cal poly. Hold on. Welcome to this special presentation with Cal poly hosting the space and cybersecurity symposium, 2020 virtual, um, John for your host with the cube and Silicon angle here in our Palo Alto studios with our remote guests, we couldn't be there in person, but we're going to be here remotely. Got a great session and a panel for one hour topic preparing students for the jobs of today and tomorrow, but a great lineup. Bill Britain, Lieutenant Colonel from the us air force, retired vice president for information technology and CIO and the director of the California cyber security Institute for Cal poly bill. Thanks for joining us, dr. Amy Fisher, who's the Dean of the college of engineering at Cal poly and trunk fam professor and researcher at the U S air force Academy. Folks, thanks for joining me today. >>Our pleasure got a great, great panel. This is one of my favorite topics preparing students for the next generation, the jobs for today and tomorrow. We've got an hour. I'd love you guys to start with an opening statement, to kick things off a bill. We'll start with you. Well, I'm really pleased to be, to start on this. Um, as the director for the cybersecurity Institute and the CIO at Cal poly, it's really a fun, exciting job because as a Polytechnic technology, as such a forefront in what we're doing, and we've had a, a wonderful opportunity being 40 miles from Vandenberg air force base to really look at the nexus of space and cyber security. And if you add into that, uh, both commercial government and civil space and cybersecurity, this is an expanding wide open time for cyber and space. In that role that we have with the cyber security Institute, we partner with elements of the state and the university. >>And we try to really add value above our academic level, which is some of the highest in the nation and to really merge down and go a little lower and start younger. So we actually are running the week prior to this showing a cybersecurity competition for high schools or middle schools in the state of California, that competition this year is based on a scenario around hacking of a commercial satellite and the forensics of the payload that was hacked and the networks associated with it. This is going to be done using products like Wireshark autopsy and other tools that will give those high school students. What we hope is a huge desire to follow up and go into cyber and cyber space and space and follow that career path. And either come to Cal poly or some other institution that's going to let them really expand their horizons in cybersecurity and space for the future >>Of our nation. >>Bill, thanks for that intro, by the way, it's gonna give you props for an amazing team and job you guys are doing at Cal poly, that Dex hub and the efforts you guys are having with your challenge. Congratulations on that great work. Thank you >>Star team. It's absolutely amazing. You find that much talent in one location. And I think Amy is going to tell you she's got the same amount of talent in her staff. So it's, it's a great place to be. >>Amy flasher. You guys have a great organization down there, amazing curriculum, grazing people, great community, your opening statement. >>Hello everybody. It's really great to be a part of this panel on behalf of the Cal poly college of engineering here at Cal poly, we really take preparing students for the jobs of today and tomorrow completely seriously. And we claim that our students really graduate. So they're ready day one for their first real job, but that means that in getting them to that point, we have to help them get valuable and meaningful job experience before they graduate, but through our curriculum and through multiple internship or summer research opportunities. So we focus our curriculum on what we call a learn by doing philosophy. And this means that we have a combination of practical experience and learn by doing both in and out of the classroom. And we find that to be really critical for preparing students for the workforce here at Cal poly, we have more than 6,000 engineering students. >>We're one of the largest undergraduate engineering schools in the country. Um, and us news ranks us the eighth best undergraduate engineering program in the, in the country and the top ranked state school. We're really, really proud that we offer this impactful hands on engineering education that really exceeds that of virtually all private universities while reaching a wider audience of students. We offer 14 degree programs and really we're talking today about cyber and space. And I think most of those degree programs can really make an impact in the space and cybersecurity economy. And this includes not only things like Aero and cyber directly, but also electrical engineering, mechanical engineering, computer engineering, materials, engineering, even manufacturing, civil and biomedical engineering. As there's a lot of infrastructure needs that go into supporting launch capabilities. Our aerospace program graduates hundreds of aerospace engineers, and most of them are working right here in California. >>I'm with many of our corporate partners, including Northrop Grumman, Lockheed, Boeing, Raytheon space, X, Virgin, galactic JPL, and so many other places where we have Cal poly engineer's impacting the space economy. Our cybersecurity focus is found mainly in our computer science and software engineering programs. And it's really a rapidly growing interest among our students. Computer science is our most popular major and industry interest and partnerships are integrated into our curriculum. And we do that oftentimes through support from industry. So we have partnerships with Northrop Grumman for professorship and a cyber lab and from PG and E for critical infrastructure, cybersecurity lab, and professorship. And we think that industry partnerships like these are really critical to preparing students for the future as the field's evolving so quickly and making sure we adapt our facilities and our curriculum to stay in line with what we're seeing in industry is incredibly important. >>In our aerospace program, we have an educational partnership with the air force research labs. That's allowing us to install new high performance computing capabilities and a space environments lab. That's going to enhance our satellite design capabilities. And if we talk about satellite design, Cal poly is the founding home of the cube sat program, which pioneered small satellite capabilities. And we remain the worldwide leader in maintaining the cube set standard. And our student program has launched more cube sets than any other program. So here again, we have this learn by doing experience every year for dozens of aerospace, electrical, computer science, mechanical engineering students, and other student activities that we think are just as important include ethical hacking through our white hat club, Cal poly space systems, which does really, really big rocket launches and our support program for women in both of these fields like wish, which is women in software and hardware. >>Now, you know, really trying to bring in a wide variety of people into these fields is incredibly important and outreach and support to those demographics. Traditionally underrepresented in these fields is going to be really critical to future success. So by drawing on the lived experiences by people with different types of backgrounds, while we develop the type of culture and environment where all of us can get to the best solution. So in terms of bringing people into the field, we see that research shows, we need to reach kids when they're in late elementary and middle schools to really overcome that cultural bias that works against diversity in our fields. And you heard bill talking about the cyber cybersec, the California cybersecurity institutes a year late cyber challenge. There's a lot of other people who are working to bring in a wider variety of, uh, of people into the field, like girl Scouts, which has introduced dozens of new badges over the past few years, including a whole cybersecurity series of badges and a concert with Palo Alto networks. So we have our work cut out for us, but we know what we need to do. And if we're really committed to prep properly preparing the workforce for today and tomorrow, I think our future is going to be bright. I'm looking forward to our discussion today. >>Yeah, you got a flashy for great, great comment, opening statement and congratulations. You got the right formula down there, the right mindset, and you got a lot of talent and community as well. Thank thank you for that opening statement. Next step from Colorado Springs, trunk fam, who's a professor and researcher. The us air force Academy is doing a lot of research around the areas that are most important for the intersection of space and technology trunk. >>Good afternoon, first electric and Cal poli for the opportunity. And today I want to go briefly about cyber security in S application. Whenever we talk about cyber security, the impression is got yes, a new phew that is really highly complex involving a lot of technical area. But in reality, in my personal opinion, it is in be complex because involve many disciplines. The first thing we think about is computer engineering and computer networking, but it's also involving communication sociology, law practice. And this practice of cyber security goes in on the info computer expert, but it's also info everybody else who has a computing device that is connected to the internet. And this participation is obviously every body in today's environment. When we think about the internet, we know that is a good source of information, but come with the convenience of information that we can access. >>We are constantly faced in being from the internet. Some of them, we might be aware of some of them we might not be aware of. For example, when we search on the internet, a lot of time, our browser will be saved and gotten this site is not trusted. So we will be more careful. What about the sites that we trusted? We know getting those salad chicken sites, but they're not a hundred percent good at proof. What happened? It was all side, uh, attack by hacker. And then they will be a silent source that we might not be aware of. So in the reality, we need to be more practicing the, um, cyber security from our SIBO point of view and not from a technical point of view. When we talk about space application, we should know that all the hardware, a computer based tool by computer system and therefore the hardware and the software must go through some certification process so that they can be record that air with the flight. >>What the, when we know that in the certification process is focusing on the functionality of the hardware and software, but one aspect that is explicitly and implicitly required is the security of those components. And we know that those components have to be connected with the ground control station and be communication is through the air, through the layby or signal. So anybody who has access to those communication regular signal will be able to control the space system that we put up there. And we certainly do not want our system to be hijacked by a third party. >>I'm not going to aspect of cybersecurity is we try to design the space system in a very strong manner. So it's almost impossible to hack in, but what about some August week system that might be connected to so strong system? For example, the spare system will be connected to the ground control station and on the ground control station, we have the human controller in those people have cell phone. They are allowed to use cell phones for communication, but at the same time, they are connected to the internet, to the cell phone and their cell phone might be connected to the computer that control the flight software and hardware. So what I want to say is that we try to build strong system and we protected them, but there will be some weaker system that we could not intended, but exists to be connected to our strong system. And those are the points that hacker will be trying to attack. If we know how to control the access to those points, we will be having a much better system for the space system. And when we see the cybersecurity that is requiring the participation everywhere, it's important to Merck that there is a source of opportunity for students to engage the workforce. To concede the obviously student in engineering can focus their knowledge and expertise to provide technological solution, to protect the system that we view. But we also >>Have students in business who can focus to write a business plan to reach the market. We also have student in law who can focus policy governing the cyber security. And we also have student in education who can focus the expert. She should be saying how to teach cyber security practice and students can focus the effort to implement security measures and it implies job opportunity. >>Thank you trunk for those great comments, great technology opportunities, but interesting as well as the theme that we're seeing across the entire symposium and in the virtual hallways that we're hearing conversations and you pointed out some of them, dr. Fleischer did as well. And bill, you mentioned it. It's not one thing. It's not just technology, it's different skills. And, um, Amy, you mentioned that computer science is the hottest degree, but you have the hottest aerospace program in the world. I mean, so all of this is kind of balancing it's interdisciplinary. It's a structural change before we get into some of the, um, how they prepare the students. Can you guys talk about some of the structural changes that are modern now in preparing, um, in these opportunities because societal impact is a law potentially impact it's, it's how we educate there's no cross-discipline skillsets. It's not just get the degree, see out in the field bill, you want to start. >>Well, what's really fun about this job is, is that in the air force, uh, I worked in the space and missile business and what we saw was a heavy reliance on checklist format, security procedures, analog systems, and what we're seeing now in our world, both in the government and the commercial side, uh, is a move to a digital environment. And the digital environment is a very quick and adaptive environment. And it's going to require a digital understanding. Matter of fact, um, the, uh, under secretary of the air force for acquisition, uh, rev recently referenced the need to understand the digital environment and how that's affecting acquisition. So as, as both Amy, um, and trunk said, even business students are now in the >>Cybersecurity business. And, and so, again, what we're seeing is, is the change. Now, another phenomenon that we're seeing in the space world is there's just so much data. Uh, one of the ways that we addressed that in the past was to look at high performance computing. It was a lot stricter control over how that worked, but now what we're seeing these adaptation of cloud cloud technologies in space support, space, data, command, and control. Uh, and so what we see is a modern space engineer who asked to understand digital, has to understand cloud and has to understand the context of all those with a cyber environment. That's really changing the forefront of what is a space engineer, what is a digital engineer and what does a future engineer, both commercial or government? So I think the opportunity for all of these things is really good, particularly for a Polytechnic air force Academy and others that are focusing on a more, uh, widened experiential level of cloud and engineering and other capabilities. >>And I'll tell you the part that as the CIO, I have to remind everybody, all this stuff works for the it stuff. So you've got to understand how your it infrastructures are tied and working together. Um, as we noted earlier, one of the things is, is that these are all relays from point the point, and that architecture is part of your cybersecurity architecture. So again, every component has now become a cyber aware cyber knowledgeable, and in what we'd like to call as a cyber cognizant citizen, where they have to understand the context, patients chip software, that the Fleischer talk about your perspective, because you mentioned some of the things that computer science. Remember when I'm in the eighties, when I got my computer science degree, they call the software engineers, and then you became software developers. And then, so again, engineering is the theme. If you're engineering a system, there's now software involved, um, and there's also business engineering business models. So talk about some of your comments was, you mentioned, computer science is hot. You got the aerospace, you've got these multidisciplines you got definitely diversity as well. It brings more perspectives in as well. Your thoughts on these structural interdisciplinary things. >>I think this is, this is really key to making sure that students are prepared to work in the workforce is looking at the, the blurring between fields no longer are you just a computer scientist, no longer are you just an aerospace engineer? You really have to have an expertise where you can work with people across disciplines. All of these, all of these fields are just working with each other in ways we haven't seen before. And bill brought up data, you know, data science is something that's cross cutting across all of our fields. So we want engineers that have the disciplinary expertise so that they can go deep into these fields, but we want them to be able to communicate with each and to be able to communicate across disciplines and to be able to work in teams that are across disciplines. You can no longer just work with other computer scientists or just work with other aerospace engineers. >>There's no part of engineering that is siloed anymore. So that's how we're changing. You have to be able to work across those, those disciplines. And as you, as Tron pointed out, you know, ethics has to come into this. So you can no longer try to fully separate what we would traditionally have called the, the liberal arts and say, well, that's over there in general education. No ethics is an important part of what we're doing and how we integrate that into our curriculum. So it was communication. So is working on public policy and seeing where all of these different aspects tied together to make the impact that we want to have in the world. So it, you no longer can work solo in these fields. >>Great point. And bill also mentioned the cloud. One thing about the cloud that showed us as horizontal scalability has created a lot of value and certainly data is now horizontal Trung. You mentioned some of the things about cryptography for the kids out there. I mean, you can look at the pathway for career. You can do a lot of tech and, but you don't have to go deep. Sometimes you can go, you can go as deep as you want, but there's so much more there. Um, what technology do you see, how it's going to help students in your opinion? >>Well, I'm a professor in computer science, so I'd like to talk out a little bit about computer programming. Now we, uh, working in complex project. So most of the time we design a system from scratch. We view it from different components and the components that we have either we get it from or some time we get it from the internet in the open source environment, it's fun to get the source code and then work to our own application. So now when we are looking at a Logie, when we talk about encryption, for example, we can easily get the source code from the internet. And the question is, is safe to use those source code. And my, my, my question is maybe not. So I always encourage my students to learn how to write source score distribution, where that I learned a long time ago before I allow them to use the open source environment. And one of the things that they have to be careful, especially with encryption is be quote that might be hidden in the, in the source, get the download here, some of the source. >>So open source, it's a wonderful place to be, but it's also that we have to be aware of >>Great point before we get into some of the common one quick thing for each of you like to get your comments on, you know, the there's been a big movement on growth mindset, which has been a great, I'm a big believer in having a growth mindset and learning and all that good stuff. But now that when you talk about some of these things that we're mentioning about systems, there's, there's an, there's a new trend around a systems mindset, because if everything's now a system distributed systems, now you have space in cyber security, you have to understand the consequences of changes. And you mentioned some of that Trung in changes in the source code. Could you guys share your quick opinions on the, the idea of systems thinking, is that a mindset that people should be looking at? Because it used to be just one thing, Oh, you're a systems guy or galley. There you go. You're done. Now. It seems to be in social media and data. Everything seems to be systems. What's your take dr. Fleischer, we'll start with you. >>Uh, I'd say it's a, it's another way of looking at, um, not being just so deep in your discipline. You have to understand what the impact of the decisions that you're making have on a much broader, uh, system. And so I think it's important for all of our students to get some exposure to that systems level thinking and looking at the greater impact of the decision that they're making. Now, the issue is where do you set the systems boundary, right? And you can set the systems boundary very close in and concentrate on an aspect of a design, or you can continually move that system boundary out and see, where do you hit the intersections of engineering and science along with ethics and public policy and the greater society. And I think that's where some of the interesting work is going to be. And I think at least exposing students and letting them know that they're going to have to make some of these considerations as they move throughout their career is going to be vital as we move into the future. Bill. What's your thoughts? >>Um, I absolutely agree with Amy and I think there's a context here that reverse engineering, um, and forensics analysis and forensics engineering are becoming more critical than ever, uh, the ability to look at what you have designed in a system and then tear it apart and look at it for gaps and holes and problem sets, or when you're given some software that's already been pre developed, checking it to make sure it is, is really going to do what it says it's going to do. That forensics ability becomes more and more a skillset that also you need the verbal skills to explain what it is you're doing and what you found. So the communication side, the systems analysis, >>The forensics analysis side, >>These are all things that are part of that system >>Approach that I think you could spend hours on. And we still haven't really done great job on it. So it's a, it's. One of my fortes is the really the whole analysis side of forensics and it reverse engineering >>Try and real quick systems thinking. >>Well, I'd like to share with you my experience. When I worked in the space patient program at NASA, we had two different approaches. One is a down approach where we design it from the system general point of view, where we put components to complex system. But at the same time, we have the bottom up approach where we have Ken Chile who spent time and effort the individual component. And they have to be expert in those Chinese component. That might be general component the gallery. And in the space station program, we bring together the welcome up engineer, who designed everything in detail in the system manager who manage the system design from the top down. And we meet in the middle and took the idea with compromise a lot of differences. Then we can leave a display station that we are operating to be okay, >>Great insight. And that's the whole teamwork collaboration that, that was mentioning. Thanks so much for that insight. I wanted to get that out there because I know myself as a, as a parent, I'm always trying to think about what's best for my kids in their friends, as they grow up into the workforce. I know educators and leaders in industry would love to know some of the best practices around some of the structural changes. So thanks for that insight, but this topics about students and helping them prepare. Uh, so we heard, you know, be, be multiple discipline, broaden your horizons, think like systems top down, bottom up, work together as a team and follow the data. So I got to ask you guys, there's a huge amount of job openings in cybersecurity. It's well documented and certainly at the intersection of space and cyber, it's only gonna get bigger, right? You're going to see more and more demand for new types of jobs. How do we get high school and college students interested in security as a career at the flagship? We'll start with you in this one. >>I would say really one of the best ways to get students interested in the career is to show them the impact that it's going to have. There's definitely always going to be students who are going to want to do the technology for the technology sake, but that will limit you to a narrow set of students. And by showing that the greater impact that these types of careers are going to have on the types of problems that you're going to be able to solve and the impact you're going to be able to have on the world, around you, that's the word that we really need to get out. And a wide variety of students really respond to these messages. So I think it's really kind of reaching out at the, uh, the elementary, the middle school level, and really kind of getting this idea that you can make a big difference, a big positive difference in the field with some of these careers is going to be really critical. >>Real question, follow up. What do you think is the best entry point? You mentioned middle squad in here, elementary school. This comes, there's a lot of discussions around pipelining and we're going to get into women in tech and under-represented matters later, but you know, is it too early or what's the, what's your feeling on this? >>My feeling is the earlier we can normalize it the better the, uh, if you can normalize an interest in, in computers and technology and building an elementary school, that's absolutely critical. But the dropoff point that we're seeing is between what I would call like late elementary and early middle school. Um, and just kind of as an anecdote, I, for years ran an outreach program for girl Scouts in grades four and five and grade six, seven, and eight. And we had a hundred slots in each program. And every year the program would sell out for girls in grades four and five, and every year we'd have spots remaining in grades six, seven, and eight. And that's literally where the drop-off is occurring between that late elementary and that middle school range. So that's the area that we need to target to make sure we keep those young women involved and interested as we move forward. >>Bill, how are we going to get these kids interested in security? You mentioned a few programs you got. Yeah. I mean, who wants to, who wouldn't want to be a white hat hacker? I mean, yeah, that sounds exciting. Yeah. Great questions. Let's start with some basic principles though. Is let me ask you a question, John, a name for me, one white hat, good person hacker. The name who works in the space industry and is an exemplar for students to look up to, um, you, um, Oh man. I'm hearing really. I can't, I can't, I can't, I can't imagine because the answer we normally get is the cricket sound. So we don't have individuals we've identified in those areas for them to look up to. I was going to be snarky and say, most white hackers won't even use their real name, but, um, there's a, there's an aura around their anonymity here. >>So, so again, the real question is, is how do we get them engaged and keep them engaged? And that's what Amy was pointing out too. Exactly the engagement and sticking with it. So one of the things that we're trying to do through our competition on the state level and other elements is providing connections. We call them ambassadors. These are people in the business who can contact the students that are in the game or in that, uh, challenge environment and let them interact and let them talk about what they do and what they're doing in life would give them a challenging game format. Um, a lot of computer based training, um, capture the flag stuff is great, but if you can make it hands on, if you can make it a learn by doing experiment, if you can make it am personally involved and see the benefit as a result of doing that challenge and then talk to the people who do that on a daily basis, that's how you get them involved. >>The second part is as part of what we're doing is, is we're involving partnership companies in the development of the teams. So this year's competition that we're running has 82 teams from across the state of California, uh, of those 82 teams at six students team, middle school, high school, and many of those have company partners. And these are practitioners in cybersecurity who are working with those students to participate. It's it's that adult connectivity, it's that visualization. Um, so at the competition this year, um, we have the founder of Def con red flag is a participant to talk to the students. We have Vince surf as who is of course, very well known for something called the internet to participate. It's really getting the students to understand who's in this. Who can I look up to and how do I stay engaged with them? >>There's definitely a celebrity aspect of it. I will agree. I mean, the influencer aspect here with knowledge is key. Can you talk about, um, these ambassadors and, and, and how far along are you on that program? First of all, the challenge stuff is anything gamification wise. We've seen that with hackathons is just really works well. Grades, bonding, people who create together kinda get sticky and get very high community aspect to it. Talking about this ambassador thing. What does that industry is that academic >>Absolutely partners that we've identified? Um, some of which, and I won't hit all of them. So I'm sure I'll short changes, but, uh, Palo Alto, Cisco, um, Splunk, um, many of the companies in California and what we've done is identified, uh, schools, uh, to participate in the challenge that may not have a strong STEM program or have any cyber program. And the idea of the company is they look for their employees who are in those school districts to partner with the schools to help provide outreach. It could be as simple as a couple hours a week, or it's a team support captain or it's providing computers and other devices to use. Uh, and so again, it's really about a constant connectivity and, uh, trying to help where some schools may not have the staff or support units in an area to really provide them what they need for connectivity. What that does gives us an opportunity to not just focus on it once a year, but throughout the year. So for the competition, all the teams that are participating have been receiving, um, training and educational opportunities in the game of education side, since they signed up to participate. So there's a website, there's learning materials, there's materials provided by certain vendor companies like Wireshark and others. So it's a continuum of opportunity for the, >>You know, I've seen just the re randomly, just going to random thought, you know, robotics clubs are moving den closer into that middle school area, in fact Fleischer. And certainly in high schools, it's almost like a varsity sport. E-sports is another one. My son just combined made the JV at the college Dean, you know, it's big and it's up and serious. Right. And, um, it's fun. This is the aspect of fun. It's hands on. This is part of the culture down there you learn by doing, is there like a group? Is it like, um, is it like a club? I mean, how do you guys organize these bottoms up organically interest topics? >>So, so here in the college of engineering, uh, when we talk about learning by doing, we have learned by doing both in the classroom and out of the classroom. And if we look at the, these types of, out of the classroom activities, we have over 80 clubs working on all different aspects of many of these are bottom up. The students have decided what they want to work on and have organized themselves around that. And then they get the leadership opportunities. The more experienced students train in the less experienced students. And it continues to build from year after year after year with them even doing aspects of strategic planning from year to year for some of these competitions. So, yeah, it's an absolutely great experience. And we don't define for them how their learned by doing experiences should be, we want them to define it. And I think the really cool thing about that is they have the ownership and they have the interest and they can come up with new clubs year after year to see which direction they want to take it. And, you know, we will help support those clubs as old clubs fade out and new clubs come in >>Trunk real quick. Before we go on the next, uh, talk track, what, what do you recommend for, um, middle school, high school or even elementary? Um, a little bit of coding Minecraft. I mean, what, how do you get them hooked on the fun and the dopamine of, uh, technology and cybersecurity? What's your, what's your take on that? >>On, on this aspect, I like to share with you my experience as a junior high and high school student in Texas, the university of Texas in Austin organized a competition for every high school in Texas. If we phew from poetry to mathematics, to science, computer engineering, but it's not about with university of Texas. The university of Texas is on the serving SSN for the final competition that we divide the competition to be strict and then regional, and then spit at each level, we have local university and colleges volunteering to host it competition and make it fun. >>Also students with private enterprises to raise funding for scholarship. So students who see the competition they get exposed to so they can see different option. They also get a scholarship when they attend university in college. So I've seen the combination in competition aspect would be a good thing to be >>Got the engagement, the aspiration scholarship, you know, and you mentioned a volunteer. I think one of the things I'll observe is you guys are kind of hitting this as community. I mean, the story of Steve jobs and was, was building the Mac, they call it bill Hewlett up in Palo Alto. It was in the phone book and they scoured some parts from them. That's community. This is kind of what you're getting at. So this is kind of the formula we're seeing. So the next question I really want to get into is the women in technology, STEM, underrepresented minorities, how do we get them on cybersecurity career path? Is there a best practices there, bill, we'll start with you? >>Well, I think it's really interesting. First thing I want to add is if I could have just a clarification, what's really cool that the competition that we have and we're running, it's run by student from Cal poly. Uh, so, you know, Amy referenced the clubs and other activities. So many of the, uh, organizers and developers of the competition that we're running are the students, but not just from engineering. So we actually have theater and liberal arts majors and technology for liberal arts majors who are part of the competition. And we use their areas of expertise, set design, and other things, uh, visualization of virtualization. Those are all part of how we then teach and educate cyber in our game effication and other areas. So they're all involved in their learning as well. So we have our students teaching other students. So we're really excited about that. And I think that's part of what leads to a mentoring aspect of what we're providing, where our students are mentoring the other students. And I think it's also something that's really important in the game. Um, the first year we held the game, we had several all girl teams and it was really interesting because a, they, they didn't really know if they could compete. I mean, this is their, their reference point. We don't know if they did better than anybody. I mean, they, they knocked the ball out >>Of the park. The second part then is building that confidence level that they can going back and telling their cohorts that, Hey, it's not this thing you can't do. It's something real that you can compete and win. And so again, it's building that comradery, that spirit, that knowledge that they can succeed. And I think that goes a long way and an Amy's programs and the reach out and the reach out that Cal poly does to schools to develop. Uh, I think that's what it really is going to take. It. It is going to take that village approach to really increase diversity and inclusivity for the community. >>That's the flusher. I'd love to get your thoughts. You mentioned, um, your, your outreach program and the dropoff, some of those data, uh, you're deeply involved in this. You're passionate about it. What's your thoughts on this career path opportunity for STEM? >>Yeah, I think STEM is an incredible career path opportunity for so many people. There's so many interesting problems that we can solve, particularly in cyber and in space systems. And I think we have to meet the kids where they are and kind of show them, you know, what the exciting part is about it, right. But, you know, bill was, was alluding to this. And when he was talking about, you know, trying to name somebody that you can can point to. And I think having those visible people where you can see yourself in that is, is absolutely critical and those mentors and that mentorship program. So we use a lot of our students going out into California, middle schools and elementary schools. And you want to see somebody that's like you, somebody that came from your background and was able to do this. So a lot of times we have students from our national society of black engineers or a society of Hispanic professional engineers or our society of women engineers. >>We have over a thousand members, a thousand student members in our society of women engineers who were doing these outreach programs. But like I also said, it's hitting them at the lower levels too. And girl Scouts is actually distinguishing themselves as one of the leading STEM advocates in the country. And like I said, they developed all these cybersecurity badges, starting in kindergarten. There's a cybersecurity badge for kindergarten and first graders. And it goes all the way up through late high school, the same thing with space systems. And they did the space systems in partnership with NASA. They did the cybersecurity and partnership with Palo Alto networks. And what you do is you want to build these, these skills that the girls are developing. And like bill said, work in and girl led teams where they can do it. And if they're doing it from kindergarten on, it just becomes normal. And they never think, well, this is not for me. And they see the older girls who are doing it and they see a very clear path leading them into these careers. >>Yeah. It's interesting. You used the word normalization earlier. That's exactly what it is. It's life, you get life skills and a new kind of badge. Why wouldn't learn how to be a white, white hat hacker, or have fun or learn new skills just in, in the, in the grind of your fun day. Super exciting. Okay. Trung your thoughts on this. I mean, you have a diverse diversity. It brings perspective to the table in cybersecurity because you have to think like the other, the adversary, you got to be the white headed hippie, a white hat, unless you know how black hat thinks. So there's a lot of needs here for more, more, more points of view. How are we going to get people trained on this from under represented minorities and women? What's your thoughts? >>Well, as a member of, I took a professional society of directed pool in the electronic engineer. You have the, uh, we participate in the engineering week. We'll be ploy our members to local junior high school and high school to talk about our project, to promote the discovery of engineering. But at the same time, we also participate in the science fair that we scaled up flex. As the squad organizing our engineer will be mentoring students, number one, to help them with the part check, but number two, to help us identify talents so that we can recruit them further into the field of STEM. One of the participation that week was the competition of the, what they call future CV. We're still going, we'll be doing a CT on a computer simulation. And in recent year we promote ops smart CV where CT will be connected the individual houses to be added in through the internet. >>And we want to bring awareness of cybersecurity into competition. So we deploy engineer to supervise the people, the students who participate in the competition, we bring awareness, not in the technical be challenged level, but in what we've called the compound level. So speargun will be able to know what is, why to provide cyber security for the smart city that they are building. And at the same time, we were able to identify talent, especially talent in the minority and in the room. And so that we can recruit them more actively. And we also raise money for scholarship. We believe that scholarship is the best way to get students to continue education in Epic college level. So with scholarship, it's very easy to recruit them, to give you and then push them to go further into the cyber security Eylea. >>Yeah. I mean, you know, I see a lot of the parents like, Oh, my kid's going to go join the soccer team, >>Private lessons, and maybe look at a scholarship >>Someday. Well, they only do have scholarships anyway. I mean, this is if they spent that time doing other things, it's just, again, this is a new lifestyle, like the girl Scouts. And this is where I want to get into this whole silo breaking down because Amy, you brought this up and bill, you were talking about as well, you've got multiple stakeholders here with this event. You got, you know, public, you got private and you've got educators. It's the intersection of all of them. It's again, that those, if those silos break down the confluence of those three stakeholders have to work together. So let's, let's talk about that. Educators. You guys are educating young minds, you're interfacing with private institutions and now the public. What about educators? What can they do to make cyber better? Cause there's no real manual. I mean, it's not like this court is a body of work of how to educate cybersecurity is maybe it's more recent, it's cutting edge, best practices, but still it's an, it's an evolving playbook. What's your thoughts for educators, bill? We'll start with you. >>Well, I don't really, I'm going to turn it off. >>I would say, I would say as, as educators, it's really important for us to stay on top of how the field is evolving, right? So what we want to do is we want to promote these tight connections between educators and our faculty and, um, applied research in industry and with industry partnerships. And I think that's how we're going to make sure that we're educating students in the best way. And you're talking about that inner, that confluence of the three different areas. And I think you have to keep those communication lines open to make sure that the information on where the field is going and what we need to concentrate on is flowing down into our educational process. And that, that works in both ways that, you know, we can talk as educators and we can be telling industry what we're working on and what are types of skills our students have and working with them to get the opportunities for our students to work in industry and develop those skills along the way as well. >>And I think it's just all part of this is really looking at, at what's going to be happening and how do we get people talking to each other and the same thing with looking at public policy and bringing that into our education and into these real hands on experiences. And that's how you really cement this type of knowledge with students, not by not by talking to them and not by showing them, but letting them do it. It's this learn by doing and building the resiliency that it takes when you learn by doing. And sometimes you learn by failing, but you just up and you keep going. >>And these are important skills that you develop along the way >>You mentioned, um, um, sharing too. That's the key collaborating and sharing knowledge. It's an open, open world and everyone's collaborating feel private public partnerships. I mean, there's a real private companies. You mentioned Palo Alto networks and others. There's a real intersection there there's, they're motivated. They could, the scholarship opportunities, trunk points to that. What is the public private educator view there? How do companies get involved? What's the benefit for them? >>Well, that's what a lot of the universities are doing is to bring in as part of either their cyber centers or institutes, people who are really focused on developing and furthering those public private partnerships. That's really what my role is in all these things is to take us to a different level in those areas, uh, not to take away from the academic side, but to add additional opportunities for both sides. Remember in a public private partnership, all entities have to have some gain in the process. Now, what I think is really interesting is the timing on particularly this subject space and cyber security. This has been an absolute banner year for space. The Stanhope of space force, the launch of commercial partnership, leaving commercial platforms, delivering astronauts to the space station, recovering them and bringing back the ability of a commercial satellite platform to be launched a commercial platforms that not only launch, but return back to where they're launched from. >>These are things that are stirring the hearts of the American citizens, the kids, again, they're getting interested, they're seeing this and getting enthused. So we have to seize upon that and we have to find a way to connect that public private partnerships is the answer for that. It's not one segment that can handle it all. It's all of them combined together. If you look at space, space is going to be about commercial. It's going to be about civil moving from one side of the earth, to the other via space. And it's about government. And what's really cool for us. All those things are in our backyard. Yeah. That's where that public private comes together. The government's involved, the private sector is involved. The educators are involved and we're all looking at the same things and trying to figure out like this forum, what works best to go to the future. >>You know, if people are bored and they want to look for an exciting challenge, he couldn't have laid it out any clearer. It's the most exciting discipline. It hits everything. I mean, we just talk about space. GPS is everything we do is well tested. Do with satellites. >>I have to tell you a story on that, right? We have a very unique GPS story right in our backyard. So our sheriff is the son of the father of GPS for the air force. So you can't get better than that when it comes to being connected to all those platforms. So we, we really want to say, you know, this is so exciting for all of us because >>It gives everybody a job for a long time. >>You know, the kids that don't think tick toxic, exciting, wait til they see what's going on here with you guys, this program, trunk final word on this from the public side, you're at the air force. You're doing research. Are you guys opening it up? Are you integrating into the private and educational sectors? How do you see that formula playing out? And what's the best practice for students and preparing them? >>I think it's the same in athlete university CP in the engineering program will require our students to be final project before graduation. And in this kind of project, we send them out to work in the private industry. The private company got sponsor. Then they get the benefit of having an intern working for them and they get the benefit of reviewing the students as the prospective employee in the future. So it's good for the student to gain practical experience working in this program. Some, some kind of, we call that a core program, some kind, we call that a capstone program and the company will accept the students on a trial PRCS, giving them some assignment and then pay them a little bit of money. So it's good for the student to earn some extra money, to have some experience that they can put on their resume when they apply for the final of the job. >>So the collaboration between university and private sector is really important. We, when I joined a faculty, normally they already exist that connection. It came from. Normally it came from the Dean of engineering who would whine and dine with companies. We work relationship and sign up women, but it's approach to do a good performance so that we can be credibility to continue the relationship with those company and the students that we selected to send to those company. We have to make sure that they will represent the university. Well, they will go a good job and they will make a good impression. >>Thank you very much for great insight, trunk, bill, Amy, amazing topic. I'd like to end this session with each of you to make a statement on the importance of cybersecurity to space. We'll go Trung bill and Amy Truong, the importance of cybersecurity space statement. >>We know that it's affecting components that we are using and we are connecting to. And normally we use them for personal purpose. But when we connect to the important system that the government public company put into space, so it's really important to practice cyber security and a lot of time, it's very easy to know concept. We have to be careful, but in reality, we tend to forget to partnership the way we forget how to ride safely. And with driving a car, we have a program called defensive driving that requires every two or three years to get. We can get discount. >>We are providing the cyber security practice, not to tell people about the technology, but to remind them not practicing cybersecurity. And it's a requirement for every one of us, bill, the importance of cyber security to space. It's not just about young people. It's about all of us as we grow and we change as I referenced it, you know, we're changing from an analog world to a digital world. Those of us who have been in the business and have hair that looks like mine. We need to be just as cognizant about cybersecurity practice as the young people, we need to understand how it affects our lives and particularly in space, because we're going to be talking about people, moving people to space, moving payloads, data, transfer all of those things. And so there's a whole workforce that needs to be retrained or upskilled in cyber that's out there. So the opportunity is ever expensive for all of us, Amy, the importance of cybersecurity space, >>Uh, and the, the emphasis of cybersecurity is space. Just simply, can't be over emphasized. There are so many aspects that are going to have to be considered as systems get ever more complex. And as we pointed out, we're putting people's lives at stake here. This is incredibly, incredibly complicated and incredibly impactful, and actually really exciting the opportunities that are here for students and the workforce of the future to really make an enormous impact on the world around us. And I hope we're able to get that message out to students, to children >>Today. But these are my really interesting fields that you need to consider. >>Thank you very much. I'm John foray with the cube and the importance of cybersecurity and space is the future of the world's all going to happen in and around space with technology, people and society. Thank you to Cal poly. And thank you for watching the Cypress of computer security and space symposium 2020.
SUMMARY :
Bill Britain, Lieutenant Colonel from the us air force, In that role that we have with the cyber security Institute, we partner with elements of the state And either come to Cal poly or some other institution that's going to let them Cal poly, that Dex hub and the efforts you guys are having with your challenge. And I think Amy is going to tell You guys have a great organization down there, amazing curriculum, grazing people, And this means that we have a combination of practical experience and learn by doing both in the country and the top ranked state school. So we have partnerships with Northrop Grumman And we remain the worldwide leader in maintaining the cube So in terms of bringing people into the field, that are most important for the intersection of space and technology trunk. the internet, we know that is a good source of information, So in the reality, we need to be more practicing the, able to control the space system that we put up there. and on the ground control station, we have the human controller And we also have student in education who can focus the expert. It's not just get the degree, see out in the field And the digital environment is a very quick and adaptive environment. Uh, one of the ways that we addressed that in the past was to look patients chip software, that the Fleischer talk about your perspective, because you mentioned some of the things that computer science. expertise so that they can go deep into these fields, but we want them to be able to communicate with each and to make the impact that we want to have in the world. And bill also mentioned the cloud. And the question is, is safe to use Great point before we get into some of the common one quick thing for each of you like to get your comments on, you know, Now, the issue is where do you set the systems boundary, right? So the communication side, the systems analysis, One of my fortes is the really the whole analysis side of forensics But at the same time, we have the bottom up approach So I got to ask you guys, And by showing that the greater impact in tech and under-represented matters later, but you know, is it too early or what's the, what's your feeling on this? So that's the area that we need to target to make sure we keep those young women I can't, I can't, I can't, I can't imagine because the answer that challenge and then talk to the people who do that on a daily basis, that's how you get It's really getting the students to understand who's in this. I mean, the influencer aspect here with knowledge is key. And the idea of the company is they You know, I've seen just the re randomly, just going to random thought, you know, robotics clubs are moving den closer So, so here in the college of engineering, uh, when we talk about learning by doing, Before we go on the next, uh, talk track, what, what do you recommend for, On, on this aspect, I like to share with you my experience as So I've seen the combination Got the engagement, the aspiration scholarship, you know, and you mentioned a volunteer. And we use their areas of expertise, set design, and other things, uh, It's something real that you can compete and win. That's the flusher. And I think we have to meet the kids where they are and kind of show them, And it goes all the way up through late high school, the same thing with space systems. I mean, you have a diverse diversity. But at the same time, we also participate in the science And at the same time, we were able to identify talent, especially talent It's the intersection of all of them. And I think you have to keep those communication lines open to make sure that the information And sometimes you learn by failing, but you just up and What is the public private educator view there? The Stanhope of space force, the launch of commercial partnership, So we have to seize upon that and we have to find a way to connect that public private partnerships It's the most exciting discipline. I have to tell you a story on that, right? You know, the kids that don't think tick toxic, exciting, wait til they see what's going on here with you guys, So it's good for the student to earn a good performance so that we can be credibility to continue the on the importance of cybersecurity to space. the way we forget how to ride safely. we grow and we change as I referenced it, you know, we're changing from an analog world to a digital And as we pointed out, we're putting people's lives at stake here. But these are my really interesting fields that you need to consider. is the future of the world's all going to happen in and around space with technology, people and society.
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
Amy | PERSON | 0.99+ |
Boeing | ORGANIZATION | 0.99+ |
NASA | ORGANIZATION | 0.99+ |
Northrop Grumman | ORGANIZATION | 0.99+ |
Lockheed | ORGANIZATION | 0.99+ |
Cisco | ORGANIZATION | 0.99+ |
Texas | LOCATION | 0.99+ |
California | LOCATION | 0.99+ |
Virgin | ORGANIZATION | 0.99+ |
Cal poly | ORGANIZATION | 0.99+ |
Amy Truong | PERSON | 0.99+ |
Palo Alto | LOCATION | 0.99+ |
first | QUANTITY | 0.99+ |
82 teams | QUANTITY | 0.99+ |
U S air force Academy | ORGANIZATION | 0.99+ |
Ken Chile | PERSON | 0.99+ |
Bill Britain | PERSON | 0.99+ |
six students | QUANTITY | 0.99+ |
California cyber security Institute | ORGANIZATION | 0.99+ |
John | PERSON | 0.99+ |
X | ORGANIZATION | 0.99+ |
hundreds | QUANTITY | 0.99+ |
Minecraft | TITLE | 0.99+ |
one hour | QUANTITY | 0.99+ |
Steve | PERSON | 0.99+ |
tomorrow | DATE | 0.99+ |
40 miles | QUANTITY | 0.99+ |
One | QUANTITY | 0.99+ |
Colorado Springs | LOCATION | 0.99+ |
today | DATE | 0.99+ |
second part | QUANTITY | 0.99+ |
Splunk | ORGANIZATION | 0.99+ |
more than 6,000 engineering students | QUANTITY | 0.99+ |
14 degree programs | QUANTITY | 0.99+ |
each program | QUANTITY | 0.99+ |
Fleischer | PERSON | 0.99+ |
both sides | QUANTITY | 0.99+ |
dozens | QUANTITY | 0.99+ |
Merck | ORGANIZATION | 0.99+ |
both | QUANTITY | 0.99+ |
Austin | LOCATION | 0.99+ |
one | QUANTITY | 0.98+ |
Vince surf | PERSON | 0.98+ |
each | QUANTITY | 0.98+ |
Bill | PERSON | 0.98+ |
over 80 clubs | QUANTITY | 0.98+ |
each level | QUANTITY | 0.98+ |
August | DATE | 0.98+ |
earth | LOCATION | 0.98+ |
three years | QUANTITY | 0.98+ |
John foray | PERSON | 0.98+ |
Polytechnic air force Academy | ORGANIZATION | 0.97+ |
dr. | PERSON | 0.97+ |
Amy flasher | PERSON | 0.97+ |
Today | DATE | 0.97+ |
one aspect | QUANTITY | 0.96+ |
Scott Ward, AWS | Splunk .conf19
>>live from Las Vegas. It's the Cube covering Splunk dot com. 19. Brought to you by spunk. >>Okay, welcome back. Everyone's two cubes. Live coverage in Las Vegas. Force plunks dot com This is their annual conference. A 10 year anniversaries. Cubes coverage. For seven years I've been covering this company from Start up the I P O to Grove to now go on to the next level as a leader and security. Our next guest is Scott Ward, principal solutions architect for AWS. Amazon Web service is obsolete, reinvents coming up. I'm sure you're super busy, Scott, but you're here at Splunk dot com there big partner of AWS? Yeah, >>Yeah, definitely. I mean flux. Ah, great partner that we've had a strong relationship was flown for quite a long time. Both sides of the house eight of us and slugger are leaning in thio help add value to our mutual customers, say, even building on that spokesman, a >>longtime customer. And so you guys are really focused on cloud security had your inaugural reinforce event in Boston this year, of which we broadcasted live videos on YouTube, youtube dot com says silken angle interested. But this was really kind of, Ah, watershed moment because it wasn't your classic security show. He was a cloud security. >>Yeah, it was definitely. It was very much focused on just kind of focusing in, and in some ways it actually allowed People who don't normally get to come to a native of this event or focus on security really got deeper into security. Security of us is our top priority, and we want to make sure that our customers really understanding and being able to execute on that and be able to feel confident in what they're doing on running on AWS >>and spunk has become a very successful on. Some people call him the one in the number 1/3 party vendor in security for workload. APS. Elsie Long files it What single FX for Tracing Micro Service's around the corner. A lot of good things there. But as the cloud equation starts to come in, where the operation's need to have security and on premises edge clouds, roll of Amazon and your partner's air super important, you talk about that relationship and how that's evolving. >>Yeah, I don't think you talk about our partners. It's definitely very important, you know, we have, you know, it says lots of different service is on its platform that we allow customers to use. But those partners come in and help fill out the gaps where customers need somebody to be able to provide Maura or Extra, especially look at security so that that shared responsibility model we have, where the top half is the customers responsibility and a lot of flexibility and what they could do. And that means that they can bring in the partners they want, help them to be able to accomplish the things that they wanted to >>tell. What the security hub. Amazon's best security, huh? What's that about? >>Sure, Security Hub is a service that we actually launched out. Reinforce it. Generally available. Then it's focused on really giving customers visibility into high severity security alerts and their compliance status while they're running across. All the eight of US accounts allows them thio, aggregate, prioritize and sort all of this data coming from from multiple data sources, and we talk about those multiple data source. It really is a couple of different areas. Amazon Guard duty and was on inspector names on Macy. Also third party products. If customers using third party security products that can feed into security up to kind of give them that visibility. And then it's also running continuous compliance checks against the customers. AWS account's gonna let them know where they stand when it comes to compliance, where they need to go and correct things with a counter, the resource level. So really, you know, labeling customers to kind of get a lot more visibility and what's going on with US >>environment. We've been covering this and reporting on the story, but Amazon on cloud providers of general Amazon Azure, Google Cloud Platform customers relying more and more on you guys for security. But you have a relationship with slung, say 1/3 party. How did they fit in that a Splunk fit into that security hub model? How's that going? Is just clarified that relationship six. Plunk and Security >>Yes. So when you talk about Splunk in security, if there's actually a couple different angles there, one is Splunk enterprise product. It is a consumer of all the data that is in a customer security have environment so you can feed all that data into the enterprise product. Be able to kind of go ask the questions and take all the data that security provided, as well as all the other data that's unspoken, really be able to get some deep insights and what's going on in your environment. And then on top of that is the Splunk Phantom integration, which I'm really, really excited about. Because spunk is with Fantomas, Long customers actually take action on their security data, so customers have often told us like it's great you're making all this data available to me on I can see it, But what do I actually do with it? What? How am I gonna do something with it? So way advocate a lot for customers to be able to automate what they're doing when it comes to their security findings and get the humans out of the way as much as possible so they can really be adding a lot of value. So security feeds us to phantom and Phantom can run play books that will do as much or as little on that security. Finding data to kind of integrate that finding into the customers operational work flows and collect the right information are hopefully ultimately remediated that security findings so that customers can get some sleep and they can focus on other things that are more important. >>Talk about fancy for a minute, just to kind of change. Usually you mentioned that, obviously, I thought Oliver interview and reinforce. And here recently, he's one of the team's bunked with company. What is wise, faith and so >>popular? I think Phantom is popular because a couple things one. It is allowing customers, too, to resolve, intermediate and address an issue with what works for them and work full that works for them. It's not making them thio clearly fall into a particular box. They can add or remove pieces. The fact that it's it's very python based. It's usually in the security community so that they can probably find Resource is that can actually orchestrate build these playbooks and then then, once the bill playbooks that could reuse those pieces to address other issues or things that are coming up. So I get A allows them to really kind of scale, be able to kind of be able to accomplish these things when it comes to automation and addressing with security alerts as they continue to grow, you know, >>it makes things go faster, frees up people's time for productivity. >>I totally feel that that's That's one of the main reasons that people are looking at this. >>So someone's using Splunk for its own sake. I'm a Splunk customer. Okay, Security hub. Why should I use both? What's sure just clarify that peace >>is a couple of reasons where I would say that somebody would want to use both. One is security. Obvious is the continuous compliance check. So today, security have offers checks based on the Center for Internet Security. Eight of US bench work. So we are continuously running those cheques. There's about 43 rules that we are running. Each of those checks against your AWS accounts or resource is in those accounts until you where you are not in compliance. Get overall score. You could dig into what, what, where you needed to do further there. Security. Look at it's a central integration spot to get stuff into Splunk as well, so you can have guard duty, Macy inspector and third party stuff coming into security help and then you that one stop shop to get all that data into spunk, enterprise or phantom, and then The third thing is the fact that security it gives you that security view across multiple eight of US accounts. You can designate a master account, invite all your other organization accounts to share those findings, and your security team could go into security up and have one view of your overall security landscape. Be able to look at one single piece of glass, but across all of your organizations like those, those are some key value points. I would say that in addition to spunk in a customer might use security. >>Well, Scott's been great insight on thanks for clarifying the Splunk 80 relationship. Let's pretend I'm a customer for a minute. I'm like, Hey, Scott, you're switching Architect. Thanks for the free consulting with you Live on Cube. So I'm a Splunk customer. Log files. I see they got some tracing stuff going cloud native going to the cloud. We're employing Amazon. I'm a buyer customer Splunk And they got a lot of new stuff and seems awesome. Sore identified. 6.0 is out. How do I What do I do? How do I architect my swan give me more headroom? Grow my swung capabilities with same time. Take advantage. All the radios. Goodness. Would you lay that out? >>I would say I would say, You know, I like your spunk. You kind of You know what? You bought spunk for a particular reason. It's there to answer questions. Is there take data and is lying to kind of move forward? I would definitely architectures long to be able to consume as much data as possible. He did. We have lots of different integrations. Consume that. You shouldn't move away from that. So I would definitely use that. I would use security hub for kind of getting that centralization spot for everything related to your eight of us environments that can then be your central spot into a Splunk. You have people that it's really not necessary for them to be in the Splunk. They don't know Splunk security. It might be a good spot for them to actually do some investigations and learn things as well so that they could do their job. And then you really kind of used with deep technology and quarry capability is slowing to kind of do those deeper dives really understanding what's going on in your environment, something you know as a buyer. I think you could use both. And I think there's a there's room for you to kind of take advantage of both and get the best of both worlds. >>It's really exciting with security going on. It's kind of crazy the same time because you have clouds scale. You guys have been led. The market there continue to be leaders in Cloud Cloud scale, Dev ops. Everything else on the roll volume of data is increased so much. You guys just had your inaugural conference reinforced, and I want to get your thoughts on. This is a solution. Architect of someone in the field difference between traditional security chasing the bad guys defending intrusion, detection. All that good stuff. Cloud security because you have all the security shows out. There are s a black hat. Def Con Cloud Security introduces a new element around howto architect solutions. What should people know about the impact of clouds security as they start thinking ballistically around their enterprise, >>right? I think the important thing I think is you know, the things you mentioned. The vulnerability scanning the intrusion detection is all still important in the cloud. I think the key thing that the cloud offers is the fact that you have the ability to now automate and integrate your security teams more tightly with the things that you're doing and you can. Actually, we always talk about the move fast and stay secure. Customers choose eight of us for self service, the elasticity of the price, and you can take advantage of those unless your security can actually keep up with you. So the fact that everything is based on an FBI you could define infrastructure is code. You can actually enforce standards now where they be before you write a line of code in your dad's office Pipeline were actually being able to detect and react to those things all through code and in a consistent way really allows you to be able to look in your security in a different way and take the kind of philosophy and minds that you've always had around security but actually able to do something with it and be able to maybe do the things you've always wanted to do. But I've never had a chance to do so. I think I think security can actually keep up with you and actually help you different. You're different to your business. Even more than maybe it didn't. >>New capabilities are available now with new options. Exactly. Great stuff. Conversations here at dot com for in Vegas Splunk conference. I'll see they're using You guys have reinvent coming up people be their first week of December. You got a music festival to intersect, which is gonna be fun, But I'm not 10 that. Yeah, don't fall over and die from all these. What are you talking about here? What are the key conversations you're having here? Sure. Here at swan dot com, on your booth to customers. What is it? What's the mean? Sure, >>I think the main talking point is and I'm actually presenting it in the breakout theater this afternoon. We're talking about that taking action portion of like, Data's insecurity or data's in eight of us. How do you do something with what are we enable? And how does a partner like Splunk come in? And what is that? Taking action actually looked like to allow you to be able to do things that scale and be able to leverage on take advantage of your precious resource is and use them in the best way possible something. But that's a lot of the conversation that we're having and things that were focused. >>And what do you hope to walk away packs tonight? It's gonna be for people leaving that session. >>I think I think people should should walk away and understand that it is within their reach to be able to actually be able to to kind of have this nirvana of being able to sit to react to security events and not have to have a human engaged in every single thing. It is a crawl, walk, run type approach you're gonna need to figure out. How do I know when I see this one of the things I want to do? How do I automate that? Validate that that's actually true and then implement it and then go back and do the next thing that really like customers to walk away to know that that is possible on that, with a little bit of investment, they can make it happen and that at a certain point it will really have benefits. >>Well, eight of us have been following you guys for eight years of Cuba's will be our ninth year, I think for reinvent been fun to watch Amazon growing. I'm sure they'll be. Thousands of new announcements every year is always away with volume of new stuff. Give a plug for a second on the Amazon partner. Never was your part of your arm and scope of relationships with third party partners how important it is. And what are some of the cool things going on? Sure. So I >>mean the elves on Partner Network we're focused on partnering with, You know, it's really that cell with motion where we're going out and AWS is selling the partners selling. We work with technology providers and solution systems integrators, and we're really focused on just working with them to make sure that the best solution possible is being created four customers so that they could take advantage of the partner solution and the eight of us cloud, and that they're getting some sort of a unique value that they're going to get by using the cloud and that partner solution together to help them be security or or any other sort of area that they feel more confident. That could be more successful in the crowd through a combination of both of us and >>there's a whole team. It's not like a few guys organization, hole or committed. Thio Amazon partners. >>Yes, yes, yes. I mean, you know, I'm one of many solution architects on the part of team way have partner managers. We have market. We have the whole gamut of people that are working globally with our partners to help them really kind of have a great success. And in a great story to tell about >>people throw on foot out there. Amazon doesn't work with partners. Not true. >>We have tens of thousands of partners, and that's my job. I'm working with partners on a daily basis. I would events like this. Someone phone calls I'm providing guidance is very much a core thing that we're focusing on. >>Harder Network has got marketplace. Amazons are really putting. Their resource is behind with mission of helping customs with partners. >>Yes, definitely. And and we do that a lot of our ways way have partners and go through tears way have confidence sees that we actually allow partners to get into, so customers can really go find who's who's the best or who should I be looking at first when I have this particular problem to solve their we've got a security confidence. He may have confidence season really working to help our customers understand. Who are these partners and how can they help that with >>We've been following Terry. Wisest career is an amazing job. No, he's handed the reins over to new new management is gonna chill for awhile. Congratulations on all your success with Amazon and appreciate it. Thanks for Thanks for having me, Scott War Pretty Solutions for AWS Amazon Webster's here inside the Cube at Splunk dot com 10th year of their conference, Our seventh year covering with Cuba, John Kerry will be back with more after this short break.
SUMMARY :
19. Brought to you by spunk. This is their annual conference. Both sides of the house eight of us and slugger are leaning in thio And so you guys are really focused on cloud security able to execute on that and be able to feel confident in what they're doing on running on AWS FX for Tracing Micro Service's around the corner. Yeah, I don't think you talk about our partners. What the security hub. labeling customers to kind of get a lot more visibility and what's going on with US But you have a relationship with slung, say 1/3 party. It is a consumer of all the data that is in a customer security have environment so you can feed And here recently, he's one of the team's bunked with as they continue to grow, you know, What's sure just clarify that peace is the fact that security it gives you that security view across multiple eight of US accounts. Thanks for the free consulting with you Live on Cube. getting that centralization spot for everything related to your eight of us environments It's kind of crazy the same time because you have clouds scale. So the fact that everything is based on an FBI you What are the key conversations you're having here? that scale and be able to leverage on take advantage of your precious resource is and use them in the best And what do you hope to walk away packs tonight? customers to walk away to know that that is possible on that, with a little bit of investment, they can make it happen and that Well, eight of us have been following you guys for eight years of Cuba's will be our ninth year, the eight of us cloud, and that they're getting some sort of a unique value that they're going to get by using the cloud and that It's not like a few guys organization, hole or committed. I mean, you know, I'm one of many solution architects on the part of team way have partner managers. Amazon doesn't work with partners. I would events like this. mission of helping customs with partners. that with No, he's handed the reins over to new new
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
Scott | PERSON | 0.99+ |
Terry | PERSON | 0.99+ |
Amazon | ORGANIZATION | 0.99+ |
AWS | ORGANIZATION | 0.99+ |
Boston | LOCATION | 0.99+ |
Las Vegas | LOCATION | 0.99+ |
John Kerry | PERSON | 0.99+ |
Scott Ward | PERSON | 0.99+ |
Splunk | ORGANIZATION | 0.99+ |
eight years | QUANTITY | 0.99+ |
eight | QUANTITY | 0.99+ |
Amazons | ORGANIZATION | 0.99+ |
Eight | QUANTITY | 0.99+ |
ninth year | QUANTITY | 0.99+ |
both | QUANTITY | 0.99+ |
seventh year | QUANTITY | 0.99+ |
two cubes | QUANTITY | 0.99+ |
seven years | QUANTITY | 0.99+ |
Each | QUANTITY | 0.99+ |
Both sides | QUANTITY | 0.99+ |
One | QUANTITY | 0.99+ |
four customers | QUANTITY | 0.99+ |
one | QUANTITY | 0.99+ |
Splunk dot com | ORGANIZATION | 0.98+ |
YouTube | ORGANIZATION | 0.98+ |
10 year | QUANTITY | 0.98+ |
today | DATE | 0.98+ |
FBI | ORGANIZATION | 0.98+ |
10th year | QUANTITY | 0.98+ |
Macy | ORGANIZATION | 0.98+ |
both worlds | QUANTITY | 0.98+ |
youtube dot com | ORGANIZATION | 0.98+ |
dot com | ORGANIZATION | 0.98+ |
Center for Internet Security | ORGANIZATION | 0.97+ |
US | LOCATION | 0.97+ |
Thousands of new announcements | QUANTITY | 0.97+ |
Oliver | PERSON | 0.97+ |
python | TITLE | 0.97+ |
10 | QUANTITY | 0.97+ |
third thing | QUANTITY | 0.97+ |
Fantomas | ORGANIZATION | 0.95+ |
Grove | LOCATION | 0.95+ |
about 43 rules | QUANTITY | 0.95+ |
APS | ORGANIZATION | 0.95+ |
this year | DATE | 0.95+ |
tonight | DATE | 0.94+ |
first | QUANTITY | 0.94+ |
this afternoon | DATE | 0.94+ |
ORGANIZATION | 0.94+ | |
swan dot com | ORGANIZATION | 0.94+ |
one view | QUANTITY | 0.93+ |
Scott War | PERSON | 0.92+ |
single | QUANTITY | 0.89+ |
Amazon Web | ORGANIZATION | 0.89+ |
eight of us environments | QUANTITY | 0.87+ |
Dave Martin, Open Systems | CUBEConversations, August 2019
(upbeat music) >> Announcer: From our studios, in the heart of Silicon Valley, Palo Alto, California, this is a CUBE Conversation. >> Hello, everyone. Welcome to this CUBE Conversation here in Palo Alto, California. I'm John Furrier, host of theCUBE. We're here with David Martin who's the senior director, project management threat response at Open Systems. Dave, thanks for coming in. >> Thanks, John, very much for having me. >> So we were talking before we came on camera. We've both been around the industry for a while, seen a lot of different waves of innovation. Security is the top one. We're seeing it being a really important, not just part of IT, and we want to get into a deep dive on the complexities or on the security architecture versus cloud architecture. And it's just not another IT, so I want to dig deep with you. Before we start, talk about your product. You're the senior director product management. You get the keys to the kingdom. You're working on the positioning, the next generation. Take a minute to just to talk about the product. >> Sure, happy to share the product. Starting point is Open Systems in general. We're a global provider of secure SD-WAN, and essentially we deliver that as a service. So we deliver the connectivity and all of the security that you need to make sure you can conduct business reliably and safely. I'm personally responsible for some of our managed services, managed continuous monitoring services, and essentially what we're doing is looking for advanced threats that have bypassed whatever a company's existing security controls are in an effort to identify those and then ultimately contain them. >> We were at the Amazon Web Services first cloud security conference, Re:Inforce, and it was interesting 'cause it wasn't like your traditional industry event like RSA, Black Hat or DEF CON. It was really more of a cloud security, so it was really more of the folks thinking about the impact of cloud and what that means. So cloud certainly is relevant. It's expanding capabilities with application. The on-premises piece really is the hybrid. And obviously, every company pretty much has multiple clouds, that's multi-cloud. But hybrid really is the top conversation. It's been really kind of on the table since 2013 timeframe, but now more than ever it's actually part of the operational thinking around architecting next generation infrastructure systems. >> Yes. >> How does security fit into those two things? Because you've got to have the on-premise operational model. You've got to have the cloud operational model. They've got to be seamless through working together. How does security fit within cloud and hybrid from you guys' perspective? >> That's a great question, and certainly introducing the cloud into the equation adds complexity to the overall issue. And as you've highlighted, companies are now operating in a hybrid mode. They have assets on-premise. They have assets in the cloud, and security teams, certainly over the course of time, as this business transformation has happened, had to rethink how are we going to approach and secure these assets correctly. And it is non-trivial, and the key is that you want to get telemetry from all your potential attack surfaces. And you want to be thoughtful about how you're pulling in this data. This is a mistake that we unfortunately see a lot of customers making which is in a rush to provide visibility, they just aggregate and accept all log data from all different sources without much thought into what is the security-relevant data there, and what are my default rule sets going to be? How am I going to use this data in a threat-detection kind of a capacity? And these are kind of the typical pitfalls that a lot of companies make, but to kind of bring it back to your point-- >> Hold on, I just want to get that one point. They take in too much data, or they're just ingesting way too much? Is that the issue? >> It's not necessarily the volume. It's more about the quality of what they're getting, and a lot of the vendors, there's a product many interviewers will see, SSIM, essentially is a log collector, and security teams use this piece of software to try and identify threats. And of course for compliance and other reasons, a common thing to do is just throw data at the SSIM so you could start collecting it. And that makes sense if you're just trying to store data, but when you're trying to actually figure out has someone infiltrated my network, that really a nightmare because you're sort of inundated. And you've heard terms like the work fatigue and so on, and this is what happens. And so we have a practice that we're essentially when you bring in and ingest a log source, do some upfront work about that log source and how are you going to use the data. What are the relevant fields that you're going to parse out and index on? And have a purpose for doing that versus just sort of throwing it out there. >> Yeah, I mean data quality and data cleaning and going into a pile of data versus a front-end kind of vetting process, being intelligent about it. >> That's right, that's right. Yeah, and it's a tough thing, right, because all the vendors in that space, they want you to use the tool. Enterprises have made this investment. But we find that a lot of companies aren't getting the value out of some of their security tools because it's sort of a broader design. What is the architecture of the detection we're going to use to cover our potential attack surfaces? >> Yeah, that comes up a lot in our data science conversations, and you hear correlation versus causation. A lot of data science naturally love correlation. They love the data. They get knee-deep in the data. But then they can correlate, but they might not be understanding actually what's going on. This is highlighted with threat response because the acute nature of what a threat means to the business is not just knowing how to have the right ad serve up or some sort of retail sales proposition. Threat detection and threat response is super critical to the business because if you miss it, there's some consequences and you eventually go out of business. So that's really kind of a key focus. How do you guys do that? How do you work with customers? Because that's the core issue, how do I get the best data, the fastest way in? How do I identify the threats first and fast? >> Yeah, I think you're on an incredibly important point which is as an industry, we have to ask ourselves why do damaging breaches continue to happen despite best efforts, right? There's very knowledge, talented people. There's a lot of money being spent. There's over $100 billion per year as an industry spent on security and security-related software, and yet these damaging breaches continue to occur. And I think a big challenge, a big reason for this is that as an industry we've pursued a technology-driven security model. And for years, we've sort of had the idea that if we purchased the latest anti-virus or the latest IDS or web proxy or now we're starting to shift into ML and AI and sort of more higher-level things that we'll be protected. That was sort of the idea and the promise. And I think that in general, people are realizing that that is a failed model, and that really, the best way to minimize risk is to combine those types of technology with continuous monitoring. And obviously we're in that business. We monitor people's networks. But there are many companies that do that, and security's a very complex system that doesn't have a feedback loop without continuous monitoring. And just like in life, any complex system should have a feedback loop to have it operating properly. >> Well, let's talk about that complex system. So I want to spend the next couple minutes with you talking about the security architecture versus cloud architecture. We cover a lot of experts talking about cloud architecture. Here's how you architect for cloud. Here's how you architect for hybrid and so on. And it's super important. You've got the data layer. You've got to understand how data moves, when to move compute versus data, all kinds of things that are factoring in. Essentially, it's like an operating system kind of design. So it's distributed computing, and everyone kind of knows that that's in the business. But when you add in security as now the key driver, security architecture might supersede cloud architecture and/or distributed architecture. So I got to ask you, if security is a complex system and not just an IT purchase, what is the customer's ideal configuration? How do they either replatform or course correct what they're currently doing? What's your thoughts on that? >> Sure. >> Well, do you agree that it's a complex system? It's not just another IT procurement. >> Absolutely, I think it's a great way to say that, and that really is the way that sort of forward-thinking companies think about minimizing risk is they look at it for exactly as kind of you characterized it. And I think the key is to essentially look at your individual technology. Today they're in silos, largely, and you need continuous monitoring to kind of pool all of that data that you're getting together and then use that to adjust policy. And you need to do that continually over time. I like to say security's a journey, not a destination, right? You're sort of never done if you're doing it well because threat actors evolve their techniques and the detection needs to evolve, too, right along with that. And so getting into that practices is good practice to do to minimize your risk >> And CISOs are now being established, either working directly peering with the CIO or for the CIO or vice versa. They're becoming more prominent, so the role of security, I'll say agree, it's always on. It's never off 'cause it's never going to stop. But the question is how do you implement that because if I have continuous monitoring, which I see as clearly valuable, do I have one firm for that? Can I have multiple firms for that? And then of the tools, if I'm the CISO, I'm probably trying to downshift into only a handful, not dozens of companies. >> No, you're absolutely right. >> Shrinkage, better monitoring, it's the trend. What's your response? >> Yeah, no, you're absolutely right. I think there's been studies that have shown the average large enterprise has about 32 security vendors that they have to deal with. And so certainly from a CISO perspective, a lot of the ones that I speak to are in the mode where they're trying to consolidate and simplify that landscape 'cause it just makes things a lot easier. But I think in terms of the cloud and that whole piece, I'll give you one practical example. All these cloud vendors have APIs, administrative APIs, and certainly you can monitor who's accessing the cloud. But you can also deduce things from these APIs. You can look for signs that the infrastructure may have been compromised, instances stopping and starting, certificates that have been uploaded. So even though you may not have complete visibility, and by the way, it's getting better. All three major infrastructure as service providers are starting to provide access to packet data which is helpful in this context. But even just looking at it from the outside, the administrative layer, there are things, abnormal behaviors with the way that infrastructure's working that you can use to indicate that yeah, there might be an issue here. And then you'll want to go and use other data to figure that out, for sure. >> You got to really dig into it, and so again, on the technology side, you guys had success with a product. You guys are not a new company. You've been around for decades. Great reviews on the product side, so congratulations. >> David: Thank you. >> What makes the product so successful? What are some of the notable highlights? Can you share the most successful pieces of the products? Why are people liking it so much? >> Sure, sure, well, I mean all of the reasons why people look to outsource things, certainly we provide the value, less cost, more responsive. But I think what's unique about what we do is our delivery model. There's a very popular DevOps sort of model in fashion these days where essentially you have developers and QA people testing together and there's various definitions. But from a network operations perspective, the people that run our network and our SOC are the developers. They're the ones writing and optimizing our platform. And so when there are issues, customers talk to knowledge people about that. It's not a traditional call center model. And then the other thing from a threat detection perspective is we're working on a model where we have essentially security analysts responsible for some number of customers. And they get to know that environment really well. And that really informs the quality of the threat detection because the better you know the environment that you're monitoring, the better the accuracy of the threat detection's going to be. And as an outsource provider, a lot of companies don't do this. It's an expensive thing to do, but it does result in a better product. So that's one thing to focus on. >> Awesome, I want to ask you, Dave, about AI. I'm a huge fan of AI, love it because unlike IOT, which I love that too 'cause it's a exciting area, my kids aren't talking about IOT at the dinner table, but AI, the young people are getting energized and really it's attracting a lot of people to the computer industry, which I think is awesome. But also, AI is not really as big as people think it is. Certainly, it's going to be important. AI's machine learning with some bells and whistles. But most people say, "I'll just throw AI at the problem." AI is not that yet advanced, I mean, what AI really, truly can become. So I want to get your thoughts around that classic, knee-jerk response that a customer might get fed from a supplier. "Hey, we have AI Ops, so we're an AI-driven company." What the hell does that even mean? I mean, why is it important, and where does it really matter? Where are people using technology that is going to be a road map for AI? Is it machine learning? How do you guys see that customer equation? What's the snake oil pitch from others? What's real, what's not? >> Sure, yeah, I often tell customers that I wouldn't want to be in their shoes 'cause it's very confusing. All the vendors throw around the terms ML and AI with the promise that's it's going to cure all problems. And it's really difficult to tell the value that you're going to get from those technologies. And so I'll share with you my perspective on that which is that certainly there's a legitimate technology there, but I think we are in this kind of hype cycle where there's an overpromise of what it can deliver. And in a security context, I think techniques like machine learning and AI can be used to reduce noise and amplify signal. And I think the mistake a lot of people make is let's take the human out of the equation here. And I have to tell you that the human is fantastic in the little gray areas that threat actors love to exploit. Looking and saying this doesn't look quite right to me because I know this environment and this is not usually here. And you'd get that by working with the data, but in order to position yourself for success on that, you have to use sort of this technology you're highlighting to take care of the commodity kind of things that would otherwise create it. >> So augment, do the non-differentiated stuff. It's like heavy lifting that you want to assist the human. >> You want to assist the human in the process. That's exactly right. >> That's not replacement of the human. >> That's right, and I think a lot of companies go wrong thinking that AI can replace this wholly. And maybe there's some very specific applications where that's true, but in general where you're managing very large, diverse environments, you need to use these type of technologies, to again, reduce noise and amplify the signal for the human part of it. >> One of the things we've been riffing on theCUBE, certainly we can talk about it on another topic on another time is that this whole movement of using machine learning and the AI infrastructure that's developing really fast which is really exciting is that's going to create a whole new creative class within IT and security where the creativity of the human becomes the intellectual property for the opportunity. >> Dave: Absolutely. >> Do you see that? >> I do, I think that's fair. I mean, I think we're kind of early on in the development cycle of these types of technologies, and they show a lot of promise. And it's the classic don't overindex on it. And again, even in the security context, you have a lot of SSIM vendors now, essentially adding analytics modules and AI. And, again, these can be helpful, but don't count on them to solve all the problems. They need to be rationalized and purposeful. >> Well, certainly security is really growing from a discipline within an enterprise to a much more holistic feel, the aperture, whether it's management, the technology experts and practitioners, it's expanding rapidly. >> David: Yeah. >> David, thanks so much for coming on theCUBE. Dave Martin, senior director product management threat response at Open Systems, breaking down their opportunity in security and talking about some of the trends here on theCUBE, CUBE Conversation. I'm John Furrier, thanks for watching. (upbeat music)
SUMMARY :
in the heart of Silicon Valley, Palo Alto, California, Welcome to this CUBE Conversation You get the keys to the kingdom. that you need to make sure you can But hybrid really is the top conversation. and hybrid from you guys' perspective? And it is non-trivial, and the key is that you want Is that the issue? and a lot of the vendors, there's a product and going into a pile of data versus a front-end What is the architecture of the detection because the acute nature of what a threat means and that really, the best way to minimize risk and everyone kind of knows that that's in the business. Well, do you agree that it's a complex system? and the detection needs to evolve, But the question is how do you implement that Shrinkage, better monitoring, it's the trend. a lot of the ones that I speak to are in the mode and so again, on the technology side, And that really informs the quality of the threat detection that is going to be a road map for AI? And I have to tell you that the human is fantastic So augment, do the non-differentiated stuff. You want to assist the human in the process. and amplify the signal for the human part of it. One of the things we've been riffing on theCUBE, And again, even in the security context, the technology experts and practitioners, and talking about some of the trends
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
David Martin | PERSON | 0.99+ |
Dave Martin | PERSON | 0.99+ |
John | PERSON | 0.99+ |
David | PERSON | 0.99+ |
John Furrier | PERSON | 0.99+ |
Dave | PERSON | 0.99+ |
Silicon Valley | LOCATION | 0.99+ |
August 2019 | DATE | 0.99+ |
Palo Alto, California | LOCATION | 0.99+ |
Amazon Web Services | ORGANIZATION | 0.99+ |
2013 | DATE | 0.98+ |
one point | QUANTITY | 0.98+ |
Today | DATE | 0.98+ |
two things | QUANTITY | 0.98+ |
Open Systems | ORGANIZATION | 0.98+ |
Re:Inforce | EVENT | 0.98+ |
one firm | QUANTITY | 0.97+ |
both | QUANTITY | 0.97+ |
first | QUANTITY | 0.96+ |
DEF CON. | EVENT | 0.94+ |
IOT | TITLE | 0.93+ |
over $100 billion per year | QUANTITY | 0.92+ |
three | QUANTITY | 0.91+ |
dozens of companies | QUANTITY | 0.91+ |
one thing | QUANTITY | 0.89+ |
about 32 security vendors | QUANTITY | 0.89+ |
One | QUANTITY | 0.89+ |
decades | QUANTITY | 0.83+ |
RSA | EVENT | 0.8+ |
CUBE Conversation | EVENT | 0.8+ |
one practical example | QUANTITY | 0.79+ |
years | QUANTITY | 0.7+ |
CUBE | ORGANIZATION | 0.61+ |
Black Hat | EVENT | 0.61+ |
theCUBE | ORGANIZATION | 0.61+ |
Conversation | EVENT | 0.48+ |
couple minutes | DATE | 0.42+ |
Tony Giandomenico, Fortinet's FortiGuard Labs | CUBEConversation, August 2019
>> from our studios in the heart of Silicon Valley, Palo Alto, California It is a cute conversation. >> Well, the Special Cube conversation. We are here in Palo Alto, California, Cube studios here. Tony, Gino, Domenico, Who's the senior security strategist and research at for Net and four to guard labs live from Las Vegas. Where Black Hat and then Def Con security activities happening, Tony, also known as Tony G. Tony G. Welcome to this cube conversation. >> Hey, Thanks, John. Thanks for having me. >> So a lot of action happening in Vegas. We just live there all the time with events. You're there on the ground. You guys have seen all the action there. You guys are just published. Your quarterly threat report got a copy of it right here with the threat index on it. Talk about the quarterly global threats report. Because the backdrop that we're living in today, also a year at the conference and the cutting edge is security is impacting businesses that at such a level, we must have shell shock from all the breaches and threats they're going on. Every day you hear another story, another story, another hack, more breaches. It said all time high. >> Yeah, you know, I think a lot of people start to get numb to the whole thing. You know, it's almost like they're kind of throwing your hands up and say, Oh, well, I just kind of give up. I don't know what else to do, but I mean, obviously, there are a lot of different things that you can do to be able to make sure that you secure your cybersecurity program so at least you minimize the risk of these particular routes is happening. But with that said with the Threat Landscape report, what we typically dio is we start out with his overall threat index, and we started this last year. If we fast forward to where we are in this actual cue to report, it's been one year now, and the bad news is that the threats are continuing to increase their getting more sophisticated. The evasion techniques are getting more advanced, and we've seen an uptick of about 4% and threat volume over the year before. Now the silver lining is I think we expected the threat volume to be much higher. So I think you know, though it is continuing to increase. I think the good news is it's probably not increasing as fast as we thought it was going to. >> Well, you know, it's always You have to know what you have to look for. Blood. People talk about what you can't see, and there's a lot of a blind spot that's become a data problem. I just want to let people know that. Confined the report, go to Ford Nets, ah website. There's a block there for the details, all the threat index. But the notable point is is only up 4% from the position year of a year that the attempts are more sophisticated. Guys gotta ask you, Is there stuff that we're not seeing in there? Is there blind spots? What's the net net of the current situation? Because observe ability is a hot topic and cloud computing, which essentially monitoring two point. Oh, but you gotta be able to see everything. Are we seeing everything? What's what's out there? >> Well, I mean, I think us as Ford, a guard on Darcy, have cyber threat in challenges. I think we're seeing a good amount, but when you talk about visibility, if you go back down into the organizations. I think that's where there's There's definitely a gap there because a lot of the conversations that I have with organizations is they don't necessarily have all the visibility they need from cloud all the way down to the end point. So there are some times that you're not gonna be able to catch certain things now. With that said, if we go back to the report at the end of the day, the adversaries have some challenges to be able to break into an organization. And, of course, the obvious one is they have to be able to circumvent our security controls. And I think as a security community, we've gotten a lot better of being able to identify when the threat is coming into an organization. Now, on the flip side, Oh, if you refer back to the minor Attack knowledge base, you'll see a specific tactic category called defense evasions. There's about 60 plus techniques, evasion techniques the adversary has at their disposal, at least that we know may there may be others, but so they do have a lot of opportunity, a lot of different techniques to be able to leverage with that, said There's one technique. It's, ah, disabling security tools that we started seeing a bit of an increase in this last cue to threat landscape report. So a lot of different types of threats and mile where have the capability to be ableto one look at the different processes that may be running on a work station, identifying which one of those processes happen to be security tools and then disabling them whether they're no, maybe they might just be able to turn the no, the actual service off. Or maybe there's something in the registry that they can tweak. That'll disable the actual security control. Um, maybe they'll actually suppress the alerts whatever. They conduce you to make sure that that security control doesn't prevent them from doing that malicious activity. Now, with that said, on the flip side, you know, from an organization for perspective, you want to make sure that you're able to identify when someone's turning on and turning off those security control to any type of alert that might be coming out of that control also. And this is a big one because a lot of organizations and this certainly do this minimize who has the ability to turn those particular security controls on and off. In the worst cases, you don't wanna have all of your employees uh, the you don't want to give them the ability to be able to turn those controls on and off. You're never gonna be ableto baseline. You're never gonna be able to identify a, you know, anomalous activity in the environment, and you're basically gonna lose your visibility. >> I mean, this increase in male wearing exploit activity you guys were pointing out clearly challenge the other thing that the report kind of She's out. I want to get your opinion on this. Is that the The upping? The ante on the evasion tactics has been very big trend. The adversaries are out there. They're upping the ante. You guys, we're upping the guarantees. This game you continue this flight will continues. Talk about this. This feature of upping the ante on evasion tactics. >> Yes. So that's what I was that I was kind of ah, referring to before with all the different types of evasion techniques. But what I will say is most of the all the threats these days all have some type of evasion capabilities. A great example of this is every quarter. If you didn't know. We look at different types of actors and different types of threats, and we find one that's interesting for us to dig into and where create was called an actual playbook, where we want to be able to dissect that particular threat or those threat actor methodologies and be able to determine what other tactics and corresponding techniques, which sometimes of course, includes evasion techniques. Now, the one that we focused on for this quarter was called His Ego's Was Ego, says a specific threat that is an information stealer. So it's gathering information, really based on the mission goals off, whatever that particular campaign is, and it's been around for a while. I'm going all the way back to 2011. Now you might be asking yourself, Why did we actually choose this? Well, there's a couple different reasons. One happens to be the fact that we've seen an uptick in this activity. Usually when we see that it's something we want to dive into a little bit more. Number two. Though this is a tactic of the of the adversary, what they'll do is they'll have their threat there for a little while, and then local doorman. They'll stop using that particular malware. That's no specific sort of threat. They'll let the dust settle that things die down. Organizations will let their guard down a little bit on that specific threat. Security organizations Ah, vendors might actually do the same. Let that digital dust kind of settle, and then they'll come back. Bigger, faster, stronger. And that's exactly what Z ghosted is. Ah, we looked at a specific campaign in this new mall where the new and improved Mauer, where is they're adding in other capabilities for not just being able to siphon information from your machine, but they're also now can capture video from your webcam. Also, the evasion techniques since Iran that particular subject, what they're also able to do is they're looking at their application logs. Your system logs your security logs, the leading them making a lot more difficult from a forensic perspective. Bill, go back and figure out what happened, what that actual malware was doing on the machine. Another interesting one is Ah, there. We're looking at a specific J peg file, so they're looking for that hash. And if the hash was there the axle? Um, our wouldn't run. We didn't know what that was. So we researched a little bit more on What we found out was that J Peg file happened to be a desktop sort of picture for one of the sandboxes. So it knew if that particular J pick was present, it wasn't going to run because it knew it was being analyzed in a sandbox. So that was a second interesting thing. The 3rd 1 that really leaned us towards digging into this is a lot of the actual security community attribute this particular threat back to cyber criminals that are located in China. The specific campaign we were focused on was on a government agency, also in China, So that was kind of interesting. So you're continuing to see these. These mile wears of maybe sort of go dormant for a little bit, but they always seem to come back bigger, faster, stronger. >> And that's by design. This is that long, whole long view that these adversaries we're taking in there as he organized this economy's behind what they're doing. They're targeting this, not just hit and run. It's get in, have a campaign. This long game is very much active. Howto enterprises. Get on, get on top of this. I mean, is it Ah, is it Ah, people process Issue is it's, um, tech from four to guard labs or what? What's what's for the Nets view on this? Because, I mean, I can see that happening all the time. It has >> happened. Yeah, it's It's really it's a combination of everything on this combination. You kind of hit like some of it, its people, its processes and technology. Of course, we have a people shortage of skilled resource is, but that's a key part of it. You always need to have those skills. Resource is also making sure you have the right process. Is how you actually monitoring things. I know. Ah, you know, a lot of folks may not actually be monitoring all the things that they need to be monitoring from, Ah, what is really happening out there on the internet today? So making sure you have clear visibility into your environment and you can understand and maybe getting point in time what your situational awareness is. You you, for my technology perspective, you start to see and this is kind of a trend. We're starting the leverage artificial intelligence, automation. The threats are coming, and it's such a high volume. Once they hit the the environment, instead of taking hours for your incident response to be about, at least you know not necessarily mitigate, but isolate or contain the breach. It takes a while. So if you start to leverage some artificial intelligence and automatic response with the security controls are working together. That's a big that's a big part of it. >> Awesome. Thanks for coming. This is a huge problem. Think no one can let their guard down these days? Certainly with service, they're expanding. We're gonna get to that talk track in the second. I want to get quickly. Get your thoughts on ransom, where this continues to be, a drum that keeps on beating. From a tax standpoint, it's almost as if when when the attackers need money, they just get the same ransomware target again. You know, they get, they pay in. Bitcoin. This is This has been kind of a really lucrative but persistent problem with Ransomware. This what? Where what's going on with Ransomware? What's this state of the report and what's the state of the industry right now in solving that? >> Yeah. You know, we looked into this a little bit in last quarter and actually a few quarters, and this is a continuous sort of trend ransom, where typically is where you know, it's on the cyber crime ecosystem, and a lot of times the actual threat itself is being delivered through some type of ah, phishing email where you need a user to be able to click a langur clicking attachment is usually kind of a pray and spray thing. But what we're seeing is more of ah, no sort of ah, you know, more of a targeted approach. What they'll do is to look for do some reconnaissance on organizations that may not have the security posture that they really need. Tohave, it's not as mature, and they know that they might be able to get that particular ransomware payload in there undetected. So they do a little reconnaissance there, And some of the trend here that we're actually seeing is there looking at externally RTP sessions. There's a lot of RTP sessions, the remote desktop protocol sessions that organizations have externally so they can enter into their environment. But these RTP sessions are basically not a secure as they need to be either week username and passwords or they are vulnerable and haven't actually been passed. They're taking advantage of those they're entering and there and then once they have that initial access into the network, they spread their payload all throughout the environment and hold all those the those devices hostage for a specific ransom. Now, if you don't have the, you know, particular backup strategy to be able to get that ransom we're out of there and get your your information back on those machines again. Sometimes you actually may be forced to pay that ransom. Not that I'm recommending that you sort of do so, but you see, or organizations are decided to go ahead and pay that ransom. And the more they do that, the more the adversary is gonna say, Hey, I'm coming back, and I know I'm gonna be able to get more and more. >> Yeah, because they don't usually fix the problem or they come back in and it's like a bank. Open bank blank check for them. They come in and keep on hitting >> Yeah >> same target over and over again. We've seen that at hospitals. We've seen it kind of the the more anemic I t department where they don't have the full guard capabilities there. >> Yeah, and I would have gone was really becoming a big issue, you know? And I'll, uh, ask you a question here, John. I mean, what what does Microsoft s A N D. H s have in common for this last quarter? >> Um, Robin Hood? >> Yeah. That attacks a good guess. Way have in common is the fact that each one of them urged the public to patch a new vulnerability that was just released on the RTP sessions called Blue Keep. And the reason why they was so hyped about this, making sure that people get out there and patch because it was were mobile. You didn't really need tohave a user click a link or click and attachment. You know, basically, when you would actually exploit that vulnerability, it could spread like wildfire. And that's what were mobile is a great example of that is with wannacry. A couple years ago, it spread so quickly, so everybody was really focused on making sure that vulnerability actually gets patched. Adding onto that we did a little bit of research on our own and ransom Internet scans, and there's about 800,000 different devices that are vulnerable to that particular ah, new vulnerability that was announced. And, you know, I still think a lot of people haven't actually patched all of that, and that's a real big concern, especially because of the trend that we just talked about Ransomware payload. The threat actors are looking at are Rdp as the initial access into the environment. >> So on blue Keep. That's the one you were talking about, right? So what is the status of that? You said There's a lot of vulnerable is out. There are people patching it, is it Is it being moving down, the down the path in terms of our people on it? What's your take on that? What's the assessment? >> Yeah, so I think some people are starting to patch, but shoot, you know, the scans that we do, there's still a lot of unpacked systems out there, and I would also say we're not seeing what's inside the network. There may be other RTP sessions in the environment inside of an organization's environment, which really means Now, if Ransomware happens to get in there that has that capability than to be able to spread like the of some RTP vulnerability that's gonna be even a lot more difficult to be able to stop that once it's inside a network. I mean, some of the recommendations, obviously, for this one is you want to be able to patch your RTP sessions, you know, for one. Also, if you want to be able to enable network authentication, that's really gonna help us. Well, now I would also say, You know, maybe you want a hard in your user name and passwords, but if you can't do some of this stuff, at least put some mitigating controls in place. Maybe you can isolate some of those particular systems, limit the amount of AH access organizations have or their employees have to that, or maybe even just totally isolated. If it's possible, internal network segmentation is a big part of making sure you can. You're able to mitigate some of these put potential risks, or at least minimize the damage that they may cause. >> Tony G. I want to get your thoughts on your opinion and analysis expert opinion on um, the attack surface area with digital and then ultimately, what companies can do for Let's let's start with the surface area. What's your analysis there? Ah, lot of companies are recognizing. I'll see with Coyote and other digital devices. The surface area is just everywhere, right? So I got on the perimeter days. That's kind of well known. It's out there. What's the current digital surface area threats look like? What's your opinion? >> Sure, Yeah, it's Ah, now it's funny. These days, I say no, Jenna tell you everything that seems to be made as an I P address on it, which means it's actually able to access the Internet. And if they can access the Internet, the bad guys can probably reach out and touch it. And that's really the crux of the problem of these days. So anything that is being created is out on the Internet. And, yeah, like, we all know there's really not a really rigid security process to make sure that that particular device as secure is that secure as it actually needs to be Now. We talked earlier on about You know, I ot as relates to maybe home routers and how you need to be ableto hard in that because you were seeing a lot of io teapot nets that air taking over those home routers and creating these super large I ot botnets on the other side of it. You know, we've seen ah lot of skate of systems now that traditionally were in air gapped environments. Now they're being brought into the traditional network. They're being connected there. So there's an issue there, but one of the ones we haven't actually talked a lot about and we see you're starting to see the adversaries focus on these little bit more as devices in smart homes and smart buildings in this queue to threat landscape report. There was a vulnerability in one of these you motion business management systems. And, you know, we looked at all the different exploits out there, and the adversaries were actually looking at targeting that specific exploit on that. That's smart management building service device. We had about 1% of all of our exploit, uh, hits on that device. Now that might not seem like a lot, but in the grand scheme of things, when we're collecting billions and billions of events, it's a fairly substantial amount. What, now that we're Lee starts a kind of bring a whole another thought process into as a security professional as someone responds double for securing my cyber assets? What if I include in my cyber assets now widen include all the business management systems that my employees, Aaron, for my overall business. Now that that actually might be connected to my internal network, where all of my other cyber assets are. Maybe it actually should be. Maybe should be part of your vulnerability mentioned audibly patch management process. But what about all the devices in your smart home? Now? You know, all these different things are available, and you know what the trend is, John, right? I mean, the actual trend is to work from home. So you have a lot of your remote workers have, ah, great access into the environment. Now there's a great conduit for the obvious areas to be ableto break into some of those smart home devices and maybe that figure out from there there on the employees machine. And that kind of gets him into, you know, the other environment. So I would say, Start looking at maybe you don't wanna have those home devices as part of, ah, what you're responsible for protecting, but you definitely want to make sure your remote users have a hardened access into the environment. They're separated from all of those other smart, smart home devices and educate your employees on that and the user awareness training programs. Talk to them about what's happening out there, how the adversaries air starting to compromise, or at least focus on some of them smart devices in their home environment. >> These entry points are you point out, are just so pervasive. You have work at home totally right. That's a great trend that a lot of companies going to. And this is virtual first common, a world. We build this new new generation of workers. They wanna work anywhere. So no, you gotta think about all that. Those devices that your son or your daughter brought home your husband. Your wife installed a new light bulb with an I peed connection to it fully threaded processor. >> I know it. Gosh, this kind of concern me, it's safer. And what's hot these days is the webcam, right? Let's say you have an animal and you happen to go away. You always want to know what your animals doing, right? So you have these Webcams here. I bet you someone might be placing a webcam that might be near where they actually sit down and work on their computer. Someone compromises that webcam you may be. They can see some of the year's name and password that you're using a log in. Maybe they can see some information that might be sensitive on your computer. You know, it's the The options are endless here. >> Tony G. I want to get your thoughts on how companies protect themselves, because this is the real threat. A ni O t. Doesn't help either. Industrial I ot to just Internet of things, whether it's humans working at home, too, you know, sensors and light bulbs inside other factory floors or whatever means everywhere. Now the surface area is anything with a knife he address in power and connectivity. How do companies protect themselves? What's the playbook? What's coming out of Red hat? What's coming out of Fort Annette? What are you advising? What's the playbook? >> Yeah, you know I am. You know, when I get asked this question a lot, I really I sound like a broken record. Sometimes I try to find so many different ways to spin it. You know, maybe I could actually kind of say it like this, and it's always means the same thing. Work on the fundamentals and John you mentioned earlier from the very beginning. Visibility, visibility, visibility. If you can't understand all the assets that you're protecting within your environment, it's game over. From the beginning, I don't care what other whiz bang product you bring into the environment. If you're not aware of what you're actually protecting, there's just no way that you're gonna be able to understand what threats are happening out your network at a higher level. It's all about situational awareness. I want to make sure if I'm if I'm a C so I want my security operations team to have situational awareness at any given moment, all over the environment, right? So that's one thing. No grabbing that overall sort of visibility. And then once you can understand where all your assets are, what type of information's on those assets, you get a good idea of what your vulnerabilities are. You start monitoring that stuff. You can also start understanding some of different types of jabs. I know it's challenging because you've got everything in the cloud all the way down to the other end point. All these mobile devices. It's not easy, but I think if you focus on that a little bit more, it's gonna go a longer way. And I also mentioned we as humans. When something happens into the environment, we can only act so fast. And I kind of alluded to this earlier on in this interview where we need to make sure that we're leveraging automation, artificial in intelligence to help us be able to determine when threats happened. You know, it's actually be in the environment being able to determine some anomalous activity and taking action. It may not be able to re mediate, but at least it can take some initial action. The security controls can talk to each other, isolate the particular threat and let you fight to the attack, give you more time to figure out what's going on. If you can reduce the amount of time it takes you to identify the threat and isolate it, the better chances that you're gonna have to be able to minimize the overall impact of that particular Reno. >> Tony, just you jogging up a lot of memories from interviews I've had in the past. I've interviewed the four star generals, had an essay, had a cyber command. You get >> a lot of >> military kind of thinkers behind the security practice because there is a keeping eyes on the enemy on the target on the adversary kind of dialogue going on. They all talk about automation and augmenting the human piece of it, which is making sure that you have as much realty. I'm information as possible so you can keep your eyes on the targets and understand, to your point contextual awareness. This seems to be the biggest problem that Caesar's heir focused on. How to eliminate the tasks that take the eyes off the targets and keep the situational winners on on point. Your thoughts on that? >> Yeah, I have to. You know what, son I used to be? Oh, and I still do. And now I do a lot of presentations about situational awareness and being ableto build your you know, your security operations center to get that visibility. And, you know, I always start off with the question of you know, when your C so walks in and says, Hey, I saw something in the news about a specific threat. How are we able to deal with that? 95% of the responses are Well, I have to kind of go back and kind of like, you don't have to actually come dig in and, you know, see, and it takes them a while for the audio. >> So there's a classic. So let me get back to your boss. What? Patch patch? That, um Tony. Chief, Thank you so much for the insight. Great Congressional. The Holy Report. Keep up the good work. Um, quick, Quick story on black hat. What's the vibe in Vegas? Def con is right around the corner after it. Um, you seeing the security industry become much more broader? See, as the industry service area becomes from technical to business impact, you starting to see that the industry change Amazon Web service has had an event cloud security called reinforce. You starting to see a much broader scope to the industry? What's the big news coming out of black at? >> Yeah, you know, it's it's a lot of the same thing that actually kind of changes. There's just so many different vendors that are coming in with different types of security solutions, and that's awesome. That is really good with that, said, though, you know, we talked about the security shortage that we don't have a lot of security professionals with the right skill sets. What ends up happening is you know, these folks that may not have that particular skill, you know, needed. They're being placed in these higher level of security positions, and they're coming to these events and they're overwhelmed because they're all they'll have a saw slight. It's all over a similar message, but slightly different. So how did they determine which one is actually better than the others? So it's, um, I would say from that side, it gets to be a little bit kind of challenging, but at the same time, No, I mean, we continued to advance. I mean, from the, uh, no, from the actual technical controls, solutions perspective, you know, You know, we talked about it. They're going, we're getting better with automation, doing the things that the humans used to do, automating that a little bit more, letting technology do some of that mundane, everyday kind of grind activities that we would as humans would do it, take us a little bit longer. Push that off. Let the actual technology controls deal with that so that you can focus like you had mentioned before on those higher level you know, issues and also the overall sort of strategy on either howto actually not allow the officer to come in or haven't determined once they're in and how quickly will be able to get them out. >> You know, we talked. We have a panel of seashells that we talk to, and we were running a you know, surveys through them through the Cube insights Most see says, we talk Thio after they won't want to talk off the record. I don't want anyone know they work for. They all talked him. They say, Look, I'm bombarded with more and more security solutions. I'm actually trying to reduce the number of suppliers and increase the number of partners, and this is nuanced point. But to your what you're getting at is a tsunami of new things, new threats, new solutions that could be either features or platforms or tools, whatever. But most si SOS wanna build an engineering team. They wanna have full stack developers on site. They wanna have compliance team's investigative teams, situational awareness teams. And they want a partner with with suppliers where they went partners, not just suppliers. So reduce the number suppliers, increase the partners. What's your take on that year? A big partner. A lot of the biggest companies you >> get in that state spring. Yeah. I mean, that's that's actually really our whole strategy. Overall strategy for Ford. Annette is, and that's why we came up with this security fabric. We know that skills are really not as not as prevalent as that they actually need to be. And of course, you know there's not endless amounts of money as well, right? And you want to be able to get these particular security controls to talk to each other, and this is why we built this security fabric. We want to make sure that the controls that we're actually gonna build him, and we have quite a few different types of, you know, security controls that work together to give you the visibility that you're really looking for, and then years Ah, you know, trusted partner that you can actually kind of come to And we can work with you on one identifying the different types of ways the adversaries air moving into the environment and ensuring that we have security controls in place to be able to thwart the threat. Actor playbook. Making sure that we have a defensive playbook that aligns with those actual ttp is in the offensive playbook, and we can actually either detect or ultimately protect against that malicious activity. >> Tony G. Thanks for sharing your insights here on the cube conversation. We'll have to come back to you on some of these follow on conversations. Love to get your thoughts on Observe ability. Visibility on. Get into this. What kind of platforms are needed to go this next generation with cloud security and surface area being so massive? So thanks for spending the time. Appreciate it. >> Thanks a lot, Right. We only have >> a great time in Vegas. This is Cube conversation. I'm John for here in Palo Alto. Tony G with Fortinet in Las Vegas. Thanks for watching
SUMMARY :
from our studios in the heart of Silicon Valley, Palo Alto, Well, the Special Cube conversation. You guys have seen all the action there. So I think you know, though it is continuing to increase. Well, you know, it's always You have to know what you have to look for. In the worst cases, you don't wanna have all of your employees I mean, this increase in male wearing exploit activity you guys were pointing out clearly challenge the the one that we focused on for this quarter was called His Ego's Was Ego, Because, I mean, I can see that happening all the time. you know, a lot of folks may not actually be monitoring all the things that they need to be monitoring from, We're gonna get to that talk track in the second. is more of ah, no sort of ah, you know, more of a targeted approach. They come in and keep on hitting We've seen it kind of the the And I'll, uh, ask you a question here, John. Way have in common is the fact that each one of them What's the assessment? Yeah, so I think some people are starting to patch, but shoot, you know, the scans that we So I got on the perimeter days. I ot as relates to maybe home routers and how you need to be ableto hard in that because These entry points are you point out, are just so pervasive. You know, it's the The options Now the surface area is anything with a knife he address in power and connectivity. isolate the particular threat and let you fight to the attack, give you more time Tony, just you jogging up a lot of memories from interviews I've had in the past. I'm information as possible so you can keep your eyes on I always start off with the question of you know, when your C so walks in and says, area becomes from technical to business impact, you starting to see that the industry change Amazon not allow the officer to come in or haven't determined once they're in and how quickly will A lot of the biggest companies you of come to And we can work with you on one identifying the different We'll have to come back to you on some of Thanks a lot, Right. Tony G with Fortinet
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
Tony | PERSON | 0.99+ |
Gino | PERSON | 0.99+ |
John | PERSON | 0.99+ |
China | LOCATION | 0.99+ |
Palo Alto | LOCATION | 0.99+ |
Domenico | PERSON | 0.99+ |
Las Vegas | LOCATION | 0.99+ |
Vegas | LOCATION | 0.99+ |
Microsoft | ORGANIZATION | 0.99+ |
Ford | ORGANIZATION | 0.99+ |
Tony G. | PERSON | 0.99+ |
Aaron | PERSON | 0.99+ |
August 2019 | DATE | 0.99+ |
2011 | DATE | 0.99+ |
Silicon Valley | LOCATION | 0.99+ |
Tony G | PERSON | 0.99+ |
Tony Giandomenico | PERSON | 0.99+ |
95% | QUANTITY | 0.99+ |
Jenna | PERSON | 0.99+ |
last quarter | DATE | 0.99+ |
Caesar | PERSON | 0.99+ |
one technique | QUANTITY | 0.99+ |
Fortinet | ORGANIZATION | 0.99+ |
last year | DATE | 0.99+ |
four star | QUANTITY | 0.99+ |
about 800,000 different devices | QUANTITY | 0.98+ |
FortiGuard Labs | ORGANIZATION | 0.98+ |
about 60 plus techniques | QUANTITY | 0.98+ |
about 1% | QUANTITY | 0.97+ |
today | DATE | 0.97+ |
Robin Hood | PERSON | 0.97+ |
two point | QUANTITY | 0.97+ |
each one | QUANTITY | 0.96+ |
Palo Alto, California | LOCATION | 0.96+ |
3rd 1 | QUANTITY | 0.96+ |
about 4% | QUANTITY | 0.96+ |
one year | QUANTITY | 0.96+ |
four | QUANTITY | 0.96+ |
Thio | PERSON | 0.96+ |
Palo Alto, California | LOCATION | 0.96+ |
One | QUANTITY | 0.95+ |
Annette | PERSON | 0.95+ |
Amazon Web | ORGANIZATION | 0.95+ |
second | QUANTITY | 0.94+ |
Lee | PERSON | 0.94+ |
Coyote | ORGANIZATION | 0.94+ |
Threat Landscape | TITLE | 0.94+ |
one | QUANTITY | 0.94+ |
a year | QUANTITY | 0.93+ |
billions and | QUANTITY | 0.93+ |
billions of events | QUANTITY | 0.93+ |
Iran | LOCATION | 0.91+ |
one thing | QUANTITY | 0.91+ |
Ford Nets | ORGANIZATION | 0.89+ |
Def Con | ORGANIZATION | 0.88+ |
Black Hat | ORGANIZATION | 0.88+ |
double | QUANTITY | 0.86+ |
Number two | QUANTITY | 0.84+ |
second interesting thing | QUANTITY | 0.83+ |
first common | QUANTITY | 0.83+ |
4% | QUANTITY | 0.82+ |
Darcy | ORGANIZATION | 0.78+ |
J | ORGANIZATION | 0.77+ |
A couple years ago | DATE | 0.76+ |
Blue Keep | TITLE | 0.76+ |
couple | QUANTITY | 0.75+ |
Cube | ORGANIZATION | 0.73+ |
wildfire | TITLE | 0.69+ |
J pick | ORGANIZATION | 0.59+ |
companies | QUANTITY | 0.54+ |
Peg | TITLE | 0.54+ |
CUBEConversation | EVENT | 0.52+ |
Ego's Was Ego | OTHER | 0.46+ |
Jesse Rothstein, ExtraHop | AWS re:Inforce 2019
>> live from Boston, Massachusetts. It's the Cube covering A W s reinforce 2019 brought to you by Amazon Web service is and its ecosystem partners come >> back, Everyone live Coverage of AWS reinforced their first conference, The Cube here in Boston. Messages some jumper. MacOS David Lattin escapes Jesse rusting >> CT on co >> founder of Extra Cube alumni. Great to see you again. VM World Reinvent >> Now the new conference reinforce not a team. A >> summit reinforced a branded event around Cloud security. This is in your wheelhouse. >> Thank you for having me. Yeah, it's a spectacular event. Unbelievable turnout. I think there's 8000 people here. Maybe more. I know that's what they were expecting for an event that was conceived of, or at least announced barely six months ago. The turnout's just >> wait. Many conversation in the past on the Cube and others cloud security now having its own conference. It's not like a like a security conference like Black at Def Con, which is like a broader security. This is really focused on cloud security and the nuances involved for on premises and cloud as it's evolving. It's certainly a lot more change coming on this kind of spins into your direction you would talking this year in the front end. >> It absolutely does. First, it speaks to market demand. Clearly, there was demand for a cloud security focused conference, and that's why this exists. Every survey that I've seen lists security extremely high on the list of anxieties or even causes for delay for shifting workloads to the cloud. So Amazon takes security extremely seriously. >> And then my own personal >> view is that cloud security has been somewhat nascent and immature. And we're seeing, you know, hopefully kind of Ah, somewhere rapid, a >> lot of motivation in that market. Certainly a lot of motivated people want to see it go faster and there spitting in building that out. So I gotta ask >> you before you get off the show, I actually say something if I may. I mean, it's been a long time coming. Yeah, this to your point, Jesse. There was a real need for it, and I think Amazon deserves a lot of credit for that. But at the same time, I think Amazon. There's a little criticism there. I mean, I think that the message that reinvent that's always been we got the best security. We got the most features as I come on in, and the whole theme here of the shared responsibility model, which I'd love to get into, I think was somewhat misunderstood by some of those high high level messaging. So I didn't want to put that out there as a topic that we might touch on. Great. Let's talk about it. Okay, so I do think it was misunderstood. The shared responsibility model. I think the messaging was Hey, the cloud is more secure than your existing data centers. Come on in. And I think a lot of people naively entered waters and then realized, Oh, wait a minute. There's a lot that we still have toe secure. We can't just set it and forget it. I mean, you agree with that? >> I I think that's a controversial topic. I do agree with it. I think it continues to be misunderstood. Shared responsibility model in some ways is Amazon saying We're going the security infrastructure and we're going to give you the tools. But organizations air still expected to follow best practices, certainly, and implement their own, hopefully best in class security operations. >> It's highly nuanced. You can say sharing data see increases visibility into into threats and also of making quality alerts. But I think it's a little bit biased, Dave for Amazon to satiate responsibility because they're essentially want to share in the security posture because they're saying we'll do this. You do that as inherently shared. So why wouldn't they say that? >> Well, I guess we're gonna say way want to own everything? Well, I guess my weight So this show is that I really like their focus on that. I think they shone a light on it and for the goodness of the the industry in the community they have. But it is a bit >> nuanced, and they've said some controversial, perhaps even trajectory statements. In the keynote yesterday, I was I was amused to hear that security is everybody everyone's job, which is something I wholeheartedly believe in. But at the same time, you know, David said that he didn't believe Stephen Step Rather said that he didn't believe in depth set cops, and that seemed a little bit of odds because I but I think they're probably really Steven Schmidt. Steven >> so eight of us. But at the same time, there was a narrative around. Security is code. So, yes, there were some contradictions in messaging, so this smaller remains small ones. They were nuanced but remains some confusion. And that's why people look to the ecosystem to help acorns. And this goes back to >> my earlier point. I I believe that cloud security is really quite nascent. When we look at the way we look at the landscape of vendors, we see a number of vendors that really are kind of on Prem security solutions. They're trying to shoehorn into the cloud way, see a lot of essentially vulnerability scanning and static image scanning. But wait, don't see, in my opinion, that much really best in class security so solutions. And I think until relatively recently it was very hard to enable some of them. And that's why I'd love to talk about the VPC traffic marrying announcement, because I think that was actually the most impactful announcement >> that I want to get to it. So So this is ah, a new on the way. By the way, the other feedback up ahead on the Cube is the sessions here have been so good because you can dig deeper than what you can get it re invent given tries. This is a good example. Explained that the that story because this has been one of the most important stories, the traffic mirroring >> well, unlike >> reinvent. I think this show is Is Maura about education than it is about announcements? No, Amazon announced. A few new service is going into G ET, but these were service is, for the most part, that we already knew you were coming here like God Watchtower in security hub. But the BBC traffic mirroring was really the announcement of this show. And, gosh, it's been a long time in coming 11 closely held belief I've had for a long time is that in the fullness of time, there's really nothing of value that that you can do on Prem that you wouldn't eventually be able to do in the cloud. And it's just been a head scratcher for me. WIFE. For so many years, we've been unable to get any sort of view, mirror or tap of the traffic for diagnostic or analytic purpose is something you could do on prim so easily, with a span porter and network tap and in the cloud we've been having to do kind of back flips and workarounds and software taps and things like that. But with this announcement, it's finally here. It's native >> explain VPC Chapman. What is it for? The folks watching might not know it. Why it's wife. What is it and why is it important? >> So BBC traffic marrying is a network tap that is built into E. C. To networking. What it means is that you can configure a V p c traffic mirror four individual E C two instances actually down to the e n I. Level. You can configure filters and you can send that to a target for analysis purposes. And this analysis could be for diagnostics. But I think much more important is for security. Extra hop is is really began as a network analytics platform way do network detection and response. So this type of this ability to analyze the traffic in real time to run predictive models against it to detect in real time suspicious behaviors and potential threats, I think is absolutely game changing for someone security posture. >> And you guys have been on the doorstep of this day in day out. So this is like a great benefit to you guys. As a company, I can see that. I see That's a great thing for you guys. What's the impact of the customers? Because what is the good news that comes out of the traffic nearing for them? What's the impact of their environment? >> Well, it's all about >> friction. First, I wantto clarify that we've been running in a WS for over six years, six or seven years, so we've had that solution. But it's required some friction in the deployment process because our customers had to install some sort of software tap, which was usually an agent, that was analyzing that there was really gathering the packets in some sort of promiscuous mood and then sending them to us in a tunnel. Where is now? This is This is built into the service into the infrastructure. There's no performance penalty at all. You can configure it. You have I am rolls and policies to secure it. All of the friction goes away. I think, for the kind of the first time in in cloud history, you can now get extremely high quality network security analytics with practically the flip of a switch. >> So It's not another thing do manage. It's like you say, inherit to the network. John and I have heard this this week at this event from practitioners that they want to see less just incremental security products and Maur step function and what they mean by that is way want products that actually take action or give us a script that we can implement, or or actually fix the problem for us. Will this announcement on others that you guys were involved in take that next step more proactive security that these guys so a couple of thoughts >> on that first, the answer is yes, it can, and you're absolutely right. Remediation is extremely important, especially for attacks that they're fast and destructive. When you think about kind of the when you think about attack patterns, their attacks are low and slow. Their attacks their advanced in persistent but the taxes, air fast and destructive movie the speed that is really beyond the ability for humans to respond. And for those sorts of attacks, I think you absolutely need some sort of automated remediation. The most common solutions are some form of blocking the traffic, quarantining the traffic or maybe locking the accounts, and you're kind of blocking. Quarantining and locking are my top three, and then various forms of auditing and forensics go along the way. Amazon actually has a very good tool box for that already. And there are security orchestration, products that can help. And for products like extra hop, the ability to feed a detection into an action is actually a trivial form of integration that we offer out of the box. So the answer is yes. >> But let me go >> back to kind of the incrementalist approach as well that you mentioned. I kind of think about the space and really, really broad strokes and organizations for the last 10 years or so have really highly invested in prevention and protection. So a lot of this is your perimeter defense and in point protection, and the technologies have gotten better. Firewalls have turned into next generation firewalls and antivirus agents have turned into next generation anti virus or in point detection and response. But I strongly believe that network security has and in some ways just kind of lagged behind, and it's really ripe for innovation. And that's why that's what we've really spent the last decade >> building. And that's why you're excited about the traffic BPC traffic nearing because it allows for parallel analytics and so more real time, >> more real >> time. But the network has great properties that nothing else has. When you think about network security with the network itself is close to ground Truth as you can get, it's very hard to tamper with, and it's impossible to turn off those air great properties for cyber security. And you can't say that about something like that. Logs, which are from time to time disabled and scrubbed on. You certainly can't say that about en Pointe agents, which are often worked around and in some cases even used as a better for attack. >> I'm gonna ask you Okay, on that point, I get that. So the next question would come to my mind is okay with the surface here. With coyote expanding and with cloud, you have a sprawling surface area. So the surface area is growing just by default by natural evolution, connecting to the cloud people of back hauling their data into the cloud. All this is good stuff. >> Absolutely. Call it the attack surface, and it is absolutely glowing perhaps in an exponential >> about that dynamic, one sprawling attack air. Because that's just the environment now. And what's the best practice to kind of figure out security posture? Great, great >> question. People talk a lot about the dissolution of the perimeter, and I think I think that's a bit of the debate. And regardless of your views on that, we can all believe that the perimeter is changing and that workloads are moving around and that users are becoming more mobile. But I think an extremely important point is that every enterprise just about is hybrid. So we actually need protection for a hybrid attack surface. And that's an area where I believe extra hop offers a great solution because we have a solution that runs on premises in physical data centers are on campuses, which, no matter how much work, would you move to the cloud. You still have some sort of user on some sort of laptop or some sort of work station in some sort of campus environment, way workin in private cloud environments that are virtualized. And then, of course, we work in public cloud environments, and another announcement that we just made it this show, which I also think is game changing, is our revealed ex cloud offering. So this is an SAS. This is a sass based, network detection and response solution, which means that I talked about removing friction by marrying the traffic. But in this case, all >> you have to >> do is mirror the traffic, pointed to our sass, and we'll do all of the management mean that So is that in the streets for you that is in the marketplace. We launched it yesterday, >> So it's great integration point for you guys. Get it, get on board more customers. >> And I think I think solutions like ours are absolutely best practices and required to secure this hybrid attacks in the >> marketplace. What was that experience like, you know, Amazon >> was actually great to work with. I don't mean to say that with disbelief. You work with you work with such a large company. You kind of have certain expectations, and they exceeded all of my expectations in terms of their responsiveness. They worked with us extremely closely to get into the marketplace. They made recommendations with partners who could help accelerate our efforts. But >> in addition to the >> marketplace, we actually worked with them closely on the VPC traffic marrying feature. There was something we began talking with them about a SW far back, as I think last December, even before reinvent, they were extremely responsive to our feedback. They move very, very quickly. They've actually just >> been a delight to work. There's a question about you talking about the nana mutability of logs, and they go off line sometimes. And yet the same time there's been tens of $1,000,000,000 of value creation from that industry. Are there things that our magic there or things that you can learn from the analytics of analyzing logs that you could bring over to sort of what you're positioning is a more modern and cloud like approach? Or is there some kind of barrier to entry doing that? Can you shed some light on Jesse? That's >> a great question, and this is where I'll say it's a genius of the end situation, not a tyranny of the or so I'm not telling people. Don't collect your logs or analyze them. Of course you should do that, you know that's the best practice. But chances are that that space, you know, the log analysis and the, you know, the SIM market has become so mature. Chances are you're already doing that. And I'm not gonna tell organizations that they shouldn't have some sort of point protection. Of course you should. But what I am saying is that the network itself is a very fundamental data source that has all of those properties that are really good for cyber security and the ability that analyze what's going on in your environment in real time. Understand which users air involved? Which resource is air accessed? And are these behavioral patterns of suspicious and do they represent potential threats? I think that's very powerful. I have a I have a whole threat research team that we've built that just runs attacks, simulations and they run attack tools so that we can take behavioral profiles and understand what these look like in the environment. We build predictive models around how we expect you re sources and users and end points to behave. And when they deviate from those models, that's how we know something suspicious is going on. So this is definitely a a genius of the end situation. John >> reminds me of your you like you're very fond of saying, Hey, what got you here is not likely to move you forward. And that's kind of the takeaway for practitioners is >> yeah. I mean, you gotta build on your success. I mean, having economies of scale is about not having Disick onyx of scale, meaning you always constantly reinventing your product, not building on the success. And then you're gonna have more success if you can't trajectory if you it's just basic competitive strategy product strategy. But the thing that's interesting here is is that as you get more successful and you continue to raise the bar, which is an Amazon term, they work with you better. So if you're raising the bar and you did your own network security probably like OK, now we get parallel traffic mirroring so that >> that's true. But I think we've also heard the Amazon is I think they caught maniacally customer focused, right? And so I think that this traffic marrying capability really is due to customer demand. In fact, when you when you were if you were at the Kino when they made the announcement, that was the announcement where I feel like every phone in the in the whole auditorium went up. That's the announcement where I think there's a lot of excitement and for security practitioners in particular, and SEC ops teams I think this. I think this really reduces some anxiety they have, because cloud workloads really tend to be quite opaque. You have logs, you have audit logs, but it's very difficult to know what actually going on there and who is actually accessing that environment. And, even more important, where is my data going? This is where we can have all sorts of everything from a supply chain attack to a data exfiltration on. It's extremely important to to be able to have that visibility into these clouds >> way agree. We've been saying on the cue many, many years now that the network is the last bottleneck, really, where that script gets flipped upside down where Workloads air dictating Dev ops. Now the network piece is here, so I think this is going to create a lot of innovation. That's our belief. Love to follow up Mawr in Palo Alto. When we get back on this hybrid cloud, I think that's a huge opportunity. I think there's a create a blind spot for companies because that's where the the attackers will go, because they'll know that the hybrids rolling out and that'll be a vulnerability area >> one that's, you know, it's an arms race. Network security is not new. It's been around for decades. But the attack the attackers in the attacks have become more sophisticated, and as a result, you know the defenders need to raise their game as well. This is why, on the one hand, there's there's so much hype and I think machine learning in some ways is oversold. But in other ways, it is a great tool in our arsenal. You know, the machine learning the predictive models, the behavioral models, they really do work. And it really is the next evolution for defensive >> capabilities. Thanks for coming on. Great insight. >> One last question. The beer. Extra guys have been here way did in the past. It's been a while since >> we've done that, but it comes from early days when when I founded the company, people would ask you in the name extra hoppy. Oh, are you guys an online brewery? And we were joking. We said no, that that was extra hops way embraced it and We actually worked with a local brewer that has since been acquired by a major beverage brands. I >> don't know that. I just heard way built our own >> label, and it was the ex Rob Wired P. A. It was it was extremely well received. Every time we visit a customer they'd ask us to bring here. >> That's pretty. You gotta go back to proven formula. Thanks for the insights. Let's follow up when we get back in Palo Alto in our studio on his high breathing's a compelling conversation network Security Network analytics innovation areas where all the action's happening here in Boston, 80 best reinforced. Keep coverage. We'll be right back.
SUMMARY :
A W s reinforce 2019 brought to you by Amazon Web service is back, Everyone live Coverage of AWS reinforced their first conference, The Cube here in Boston. Great to see you again. Now the new conference reinforce not a team. This is in your wheelhouse. I think there's 8000 people here. This is really focused on cloud security and the nuances involved for on premises and cloud as Every survey that I've seen lists security extremely high on the list And we're seeing, you know, hopefully kind of Ah, lot of motivation in that market. I mean, you agree with that? I think it continues to be misunderstood. But I think it's a little bit biased, in the community they have. But at the same time, But at the same time, there was a narrative around. And I think until relatively recently it was very hard to enable some of them. By the way, the other feedback up ahead on the Cube is the sessions here have been so good because you can dig deeper But the BBC traffic mirroring was really the announcement of this What is it and why is it important? What it means is that you can configure a V p c traffic mirror four So this is like a great benefit to you guys. But it's required some friction in the deployment process Will this announcement on others that you guys were involved in take that next And for products like extra hop, the ability to feed a detection back to kind of the incrementalist approach as well that you mentioned. And that's why you're excited about the traffic BPC traffic nearing because it allows for parallel analytics And you can't say that about something like that. So the next question would come to my mind is okay Call it the attack surface, and it is absolutely glowing perhaps in an exponential Because that's just the environment now. But I think an extremely important point is that every enterprise just the management mean that So is that in the streets for you that is in the marketplace. So it's great integration point for you guys. What was that experience like, you know, Amazon I don't mean to say that with disbelief. There was something we began talking there or things that you can learn from the analytics of analyzing logs that you could bring that are really good for cyber security and the ability that analyze what's going on in your And that's kind of the takeaway for practitioners is But the thing that's interesting here is is that as you get more successful and you continue And so I think that this traffic marrying capability really Now the network piece is here, so I think this is going to create a lot of innovation. And it really is the next evolution for Thanks for coming on. It's been a while since we've done that, but it comes from early days when when I founded the company, people would ask you in the name extra I just heard way built our own Every time we visit a customer they'd ask us to bring here. Thanks for the insights.
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
David | PERSON | 0.99+ |
Jesse Rothstein | PERSON | 0.99+ |
Amazon | ORGANIZATION | 0.99+ |
Steven Schmidt | PERSON | 0.99+ |
John | PERSON | 0.99+ |
Boston | LOCATION | 0.99+ |
Palo Alto | LOCATION | 0.99+ |
Steven | PERSON | 0.99+ |
David Lattin | PERSON | 0.99+ |
yesterday | DATE | 0.99+ |
BBC | ORGANIZATION | 0.99+ |
AWS | ORGANIZATION | 0.99+ |
Dave | PERSON | 0.99+ |
Jesse | PERSON | 0.99+ |
First | QUANTITY | 0.99+ |
Boston, Massachusetts | LOCATION | 0.99+ |
8000 people | QUANTITY | 0.99+ |
seven years | QUANTITY | 0.99+ |
last December | DATE | 0.99+ |
Stephen Step Rather | PERSON | 0.99+ |
first time | QUANTITY | 0.99+ |
over six years | QUANTITY | 0.99+ |
tens | QUANTITY | 0.99+ |
six | QUANTITY | 0.99+ |
One last question | QUANTITY | 0.99+ |
Extra Cube | ORGANIZATION | 0.98+ |
one | QUANTITY | 0.98+ |
six months ago | DATE | 0.98+ |
WS | ORGANIZATION | 0.98+ |
80 | QUANTITY | 0.98+ |
11 | QUANTITY | 0.98+ |
first | QUANTITY | 0.97+ |
this year | DATE | 0.97+ |
first conference | QUANTITY | 0.97+ |
Is Maura | TITLE | 0.97+ |
this week | DATE | 0.96+ |
Amazon Web | ORGANIZATION | 0.95+ |
VPC | PERSON | 0.95+ |
Kino | ORGANIZATION | 0.94+ |
2019 | DATE | 0.92+ |
two instances | QUANTITY | 0.92+ |
Cube | COMMERCIAL_ITEM | 0.92+ |
Disick | ORGANIZATION | 0.91+ |
decades | QUANTITY | 0.9+ |
Cube | ORGANIZATION | 0.89+ |
$1,000,000,000 | QUANTITY | 0.88+ |
Chapman | PERSON | 0.87+ |
VM World Reinvent | EVENT | 0.86+ |
eight | QUANTITY | 0.85+ |
top three | QUANTITY | 0.83+ |
Watchtower | TITLE | 0.83+ |
ExtraHop | ORGANIZATION | 0.81+ |
Wired P. | ORGANIZATION | 0.79+ |
last decade | DATE | 0.77+ |
G ET | ORGANIZATION | 0.75+ |
Rob | PERSON | 0.73+ |
God | PERSON | 0.66+ |
Con | EVENT | 0.64+ |
A W s | EVENT | 0.63+ |
last 10 years | DATE | 0.57+ |
years | QUANTITY | 0.56+ |
Mawr | PERSON | 0.56+ |
Prem | ORGANIZATION | 0.53+ |
SEC | ORGANIZATION | 0.53+ |
Def | ORGANIZATION | 0.52+ |
MacOS | TITLE | 0.48+ |
onyx | COMMERCIAL_ITEM | 0.42+ |
Black | ORGANIZATION | 0.37+ |
Anthony "Tony G" Giandomenico, Fortinet & FortiGuard Labs | CUBEConversation, August 2018
(Intense orchestral music) >> Hi, I'm Peter Burris and once again welcome to a CUBEComnversation from our beautiful studios here in Palo Alto, California. For the last few quarters I've been lucky enough to speak with Tony Giandomenico, who's the Senior Security Strategist and Researcher at Fortinet, specifically in the FortiGuard labs, about some of the recent trends that they've been encountering and some of the significant, groundbreaking, industry-wide research we do on security threats, and trends in vulnerabilities. And once again, Tony's here on theCUBE to talk about the second quarter report, Tony, welcome back to theCUBE. >> Hey, Peter, it's great to be here man, you know, sorry I actually couldn't be right there with you though, I'm actually in Las Vegas for the Black Hat DEF CON Conference this time so, I'm havin' a lot of fun here, but definitely missin' you back in the studio. >> Well, we'll getcha next time, but, it's good to have you down there because, (chuckles) we need your help. So, Tony, let's start with the obvious, second quarter report, this is the Fortinet threat landscape report. What were some of the key findings? >> Yeah, so there's a lot of them, but I think some of the key ones were, one, you know, cryptojacking is actually moving into the IOT and media device space. Also, we did an interesting report, that we'll talk about a little bit later within the actual threat report itself, was really around the amount of vulnerabilities that are actually actively being exploited over that actual Q2 period. And then lastly, we did start to see the bad guys using agile development methodologies to quickly get updates into their malware code. >> So let's take each of those in tern, because they're all three crucially important topics, starting with crypto, starting with cryptojacking, and the relationship between IOT. The world is awash in IOT, it's an especially important domain, it's going to have an enormous number of opportunities for businesses, and it's going to have an enormous impact in people's lives. So as these devices roll out, they get more connected through TCP/IP and related types of protocols, they become a threat, what's happening? >> Yeah, what we're seeing now is, I think the bad guys continue to experiment with this whole cryptojacking thing, and if you're not really, for the audience who may not be familiar with cryptojacking, it's really the ability, it's malware, that helps the bad guys mine for cryptocurrencies, and we're seeing that cryptojacking malware move into those IOT devices now, as well as those media devices, and, you know, you might be saying well, are you really getting a lot of resources out of those IOT devices? Well, not necessarily, but, like you mentioned Peter, there's a lot of them out there, right, so the strength is in the number, so I think if they can get a lot of IOTs compromised into an actual botnet, really the strength's in the numbers, and I think you can start to see a lot more of those CPU resources being leverages across an entire botnet. Now adding onto that, we did see some cryptojacking affecting some of those media devices as well, we have a lot of honeypots out there. Examples would be say, different types of smart TVs, a lot of these software frameworks they have kind of plugins that you can download, and at the end of the day these media devices are basically browsers. And what some folks will do is they'll kind of jailbreak the stuff, and they'll go out there and maybe, for example, they want to be able to download the latest movie, they want to be able to stream that live, it may be a bootleg movie; however, when they go out there an download that stuff, often malware actually comes along for the ride, and we're seeing cryptojacking being downloaded onto those media devices as well. >> So, the act of trying to skirt some of the limits that are placed on some of these devices, gives often one of the bad guys an opportunity to piggyback on top of that file that's coming down, so, don't break the law, period, and copyright does have a law, because when you do, you're likely going to be encountering other people who are going to break the law, and that could be a problem. >> Absolutely, absolutely. And then I think also, for folks who are actually starting to do that, it really starts to-- we talk a lot about how segmentation, segmenting your network and your corporate environment, things in that nature but, those same methodologies now have to apply at your home, right? Because at your home office, your home network, you're actually starting to build a fairly significant network, so, kind of separating lot of that stuff from your work environment, because everybody these days seems to be working remotely from time to time, so, the last thing you want is to create a conduit for you to actually get malware on your machine, that maybe you go and use for work resources, you don't want that malware then to end up in your environment. >> So, cryptojacking, exploiting IOT devices to dramatically expand the amount of processing power that could be applied to doing bad things. That leads to the second question: there's this kind of notion, it's true about data, but I presume it's also true about bad guys and the things that they're doing, that there's these millions and billions of files out there, that are all bad, but your research has discovered that yeah, there are a lot, but there are a few that are especially responsible for the bad things that are being done, what did you find out about the actual scope of vulnerabilities from a lot of these different options? >> Yeah, so what's interesting is, I mean we always play this, and I think all the vendors talk about this cyber hygiene, you got to patch, got to patch, got to patch, well that's easier said than done, and what organizations end up doing is actually trying to prioritize what vulnerabilities they really should be patching first, 'cause they can't patch everything. So we did some natural research where we took about 108 thousand plus vulnerabilities that are actually publicly known, and we wanted to see which ones are actually actively being exploited over an actual quarter, in this case it was Q2 of this year, and we found out, only 5.7% of those vulnerabilities were actively being exploited, so this is great information, I think for the IT security professional, leverage these types of reports to see which particular vulnerabilities are actively being exploited. Because the bad guys are going to look at the ones that are most effective, and they're going to continue to use those, so, prioritize your patching really based on these types of reports. >> Yeah, but let's be clear about this Tony, right, that 108 thousand, looking at 108 thousand potential vulnerabilities, 5.7% is still six thousand possible sources of vulnerability. (Tony laughs) >> So, prioritize those, but that's not something that people are going to do in a manual way, on their own, is it? >> No, no, no, not at all, so there's a lot of, I mean there's a lot of stuff that goes into the automation of those vulnerabilities and things of that nature, and there's different types of methodologies that they can use, but at the end of the day, if you look at these type of reports, and you can read some of the top 10 or top 20 exploits out there, you can determine, hey, I should probably start patching those first, and even, what we see, we see also this trend now of once the malware's in there, it starts to spread laterally, often times in worm like spreading capabilities, will look for other vulnerabilities to exploit, and move their malware into those systems laterally in the environment, so, just even taking that information and saying oh, okay so once the malware's in there it's going to start leveraging X, Y, Z, vulnerability, let me make sure that those are actually patched first. >> You know Tony the idea of cryptojacking IOT devices and utilizing some new approaches, new methods, new processes to take advantage of that capacity, the idea of a lateral movement of 5.7% of the potential vulnerabilities suggests that even the bag guys are starting to accrete a lot of new experience, new devices, new ways of doing things, finding what they've already learned about some of these vulnerabilities and extending them to different domains. Sounds like the bad guys themselves are starting to develop a fairly high degree of sophistication in the use of advanced application development methodologies, 'cause at the end of the day, they're building apps too aren't they? >> Yeah, absolutely, it's funny, I always use this analogy of from a good guy side, for us to have a good strong security program, of course we need technology controls, but we need the expertise, right, so we need the people, and we also need the processes, right, so very good, streamline sort of processes. Same thing on the bad guy side, and this is what we're starting to see is a lot more agile development methodologies that the bad guys--(clears throat) are actually using. Prior to, well I think it still happens, but, earlier on, for the bad guys to be able to circumvent a lot of these security defenses, they were leveraging polymorphous, modifying those kind of malwares fairly quickly to evade our defenses. Now, that still happens, and it's very effective still, but I think the industry as a whole is getting better. So the bad guys, I think are starting to use better, more streamlined processes to update their malicious software, their malicious code, to then, always try to stay one step ahead of the actual good guys. >> You know it's interesting, we did a, what we call a crowd chat yesterday, which is an opportunity to bring our communities together and have a conversation about a crucial issue, and this particular one was about AI and the adoption of AI, and we asked the community: What domains are likely to see significant investment and attention? And a domain that was identified as number one was crypto, and a lot of us kind of stepped back and said well why is that and we kind of concluded that one of the primary reasons is is that the bad guys are as advanced, and have an economic incentive to continue to drive the state of the art in bad application development, and that includes the use of AI, and other types of technologies. So, as you think about prices for getting access to these highly powerful systems, including cryptojacking going down, the availability of services that allow us to exploit these technologies, the expansive use of data, the availability of data everywhere, suggests that we're in a pretty significant arms race, for how we utilize these new technologies. What's on the horizon, do you think, over the course of the next few quarters? And what kinds of things do you anticipate that we're going to be talking about, what headlines will we be reading about over the course of the next few quarters as this war game continues? >> Well I think a lot of it is, and I think you touched upon it, AI, right, so using machine learning in the industry, in cyber we are really excited about this type of technology it's still immature, we still have a long way to go, but it's definitely helping at being able to quickly identify these types of malicious threats. But, on the flip side, the bad guys are doing the same thing, they're leveraging that same artificial intelligence, the machine learning, to be able to modify their malware. So I think we'll continue to see more and more malware that might be AI sort of focused, or AI sort of driven. But at the same time, we've been taking about this a little bit, this swarm type of technology where you have these larger, botnet infrastructures, and instead of the actual mission of a malware being very binary, and if it's in the system, it's either yes or no, it does or it doesn't, and that's it. But I think we'll start to see a little bit more on what's the mission? And whatever that mission is, using artificial intelligence then to be able to determine, well what do I need to do to be able to complete that place, or complete that mission, I think we'll see more of that type of stuff. So with that though, on the good guy side, for the defenses, we need to continue to make sure that our technology controls are talking with each other, and that they're making some automated decisions for us. 'Cause I'd rather get a security professional working in a saw, I want an alert saying: hey, we've detected a breach, and I've actually quarantined this particular threat at these particular endpoints, or we've contained it in this area. Rather than: hey, you got an alert, you got to figure out what to do. Minimize the actual impact of the breach, let me fight the attack a little longer, give me some more time. >> False positives are not necessarily a bad thing when the risk is very high. Alright-- >> Yeah, absolutely. >> Tony Giandomenico, Senior Security Strategist and Researcher at Fortinet, the FortiGuard labs, enjoy Black Hat, talk to you again. >> Thanks Peter, it's always good seein' ya! >> And once again this is Peter Burris, CUBEConversation from our Palo Alto studios, 'til next time. (intense orchestral music)
SUMMARY :
and some of the significant, groundbreaking, Hey, Peter, it's great to be here man, you know, it's good to have you down there because, (chuckles) the amount of vulnerabilities that are actually and the relationship between IOT. and at the end of the day gives often one of the bad guys an opportunity to the last thing you want is to create a conduit and the things that they're doing, Because the bad guys are going to look at the ones Yeah, but let's be clear about this Tony, okay so once the malware's in there it's going to start even the bag guys are starting to accrete So the bad guys, I think are starting to use better, and the adoption of AI, and we asked the community: and instead of the actual mission of a malware False positives are not necessarily a bad thing and Researcher at Fortinet, the FortiGuard labs, And once again this is Peter Burris,
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
Tony Giandomenico | PERSON | 0.99+ |
Tony | PERSON | 0.99+ |
Peter Burris | PERSON | 0.99+ |
Peter | PERSON | 0.99+ |
5.7% | QUANTITY | 0.99+ |
Fortinet | ORGANIZATION | 0.99+ |
August 2018 | DATE | 0.99+ |
second question | QUANTITY | 0.99+ |
Las Vegas | LOCATION | 0.99+ |
FortiGuard | ORGANIZATION | 0.99+ |
Palo Alto | LOCATION | 0.99+ |
108 thousand | QUANTITY | 0.99+ |
Palo Alto, California | LOCATION | 0.99+ |
FortiGuard Labs | ORGANIZATION | 0.99+ |
one | QUANTITY | 0.99+ |
yesterday | DATE | 0.98+ |
six thousand possible sources | QUANTITY | 0.98+ |
top 10 | QUANTITY | 0.97+ |
108 thousand potential vulnerabilities | QUANTITY | 0.96+ |
each | QUANTITY | 0.96+ |
Black Hat DEF CON Conference | EVENT | 0.95+ |
Anthony "Tony G" | PERSON | 0.94+ |
about 108 thousand plus vulnerabilities | QUANTITY | 0.94+ |
one step | QUANTITY | 0.93+ |
top 20 exploits | QUANTITY | 0.92+ |
Q2 | DATE | 0.86+ |
millions and | QUANTITY | 0.86+ |
first | QUANTITY | 0.84+ |
billions of files | QUANTITY | 0.83+ |
CUBEConversation | EVENT | 0.82+ |
Giandomenico | ORGANIZATION | 0.81+ |
Q2 of | DATE | 0.75+ |
three crucially important topics | QUANTITY | 0.74+ |
few quarters | DATE | 0.72+ |
this year | DATE | 0.71+ |
agile | TITLE | 0.7+ |
Black Hat | TITLE | 0.62+ |
second quarter | QUANTITY | 0.61+ |
quarters | DATE | 0.6+ |
Fortinet | TITLE | 0.49+ |
next | DATE | 0.49+ |
Peter Smails, ImanisData | DataWorks Summit 2018
>> Live from San Jose in the heart of Silicon Valley, it's the Cube. Covering Dataworks Summit 2018 brought to you by Hortonworks. (upbeat music) >> Welcome back to The Cube's live coverage of Dataworks here in San Jose, California. I'm your host Rebecca Knight along with my co-host James Kobielus. We're joined by Peter Smails. He is the vice president of marketing at Imanis Data. Thanks so much for coming on The Cube. >> Thanks for having me, glad to be here. >> So you've been in the data storage solution industry for a long time, but you're new to Imanis, what made you jump? What was it about Imanis? >> Yep, so very easy to answer that. It's a hot market. So essentially what Imanis all about is we're an enterprise data management company. So the reason I jumped here is because if I put it in market context, if I take a small step back, I put it in market context, here's what happening. You've got your traditional application world, right? On prem typically already a mas based applications, that's the old world. New world is everybody's moving to the microservices based applications for IOT, for customer 360, for customer analysis, whatever you want. They're building these new modern applications. They're building those applications not in traditional RDMS, they're building them on microservices based architectures built on top of FEDOOP, or built on sequel databases. Those applications, as they go mainstream, and they go into production environments, they require data management. They require backup. They require backup and recovery. They require disaster recovery. They require archiving, etc. They require the whole plethora of data management capabilities. Nobody's touching that market. It's a blue ocean. So, that's why I'm here. >> Imanis as you were saying is one of the greatest little company no one's ever heard of. You've been around five years. (laughter) >> No, the company is not new. So, the thing that's exciting as a marketeer, what's exciting is that we're not sort of out there just pitching our wears untested technology. We have blue chip, we're getting into customers that people would die to get into. Big, blue chip companies because we're addressing a problem that's materialist. They roll out these new applications, they've got to have data management solutions for them. The company's been around five years. And I've only been on about a month, but what that's resulted is that over the last five years what they've had the opportunity, it's an enterprise product. And you don't build an enterprise product overnight. So they've had the last five years to really gestate the platform, gestate the technology, prove it in real world scenarios. And now, the opportunity for us as as a company is we're doubling down from a marketing standpoint. We're doubling down from the sales infrastructure standpoint. So the timing's right to essentially put this thing on the map, make sure everybody does know exactly what we do. Because we're solving a real world problem. >> Your backup and restore but much more. When you lay out the broad set of enterprise data and management capabilities, the mana state currently supports in your product portfolio on where you're going, on how you're going in terms of evolving in what you offer. >> Yeah, that's great. I love that question. So, think of us as the platform itself is this highly scalable distributed architecture. Okay, so we scale on multiple, and I'll come directly to your question. We scale on a number of different ways. One is we're infinitely scalable just in terms of computational power. So we're built for big data by definition. Number two is we're very, we scale very well from a storage efficiency standpoint. So we can store very large volumes of storage, which is a requirement. We also scale very much for the use case standpoint. So we support use cases throughout the life cycle. The one that gets all sort of the attention is obviously backup recovery. Because you have to protect your data. But if I look at it from a life cycle standpoint, our number use case is Test Def. So a lot of these organizations building these new apps now they want to spin up subsets of their data, cause they're supporting things like CICD. Okay, so they want to be able to do rapid testing and such. >> Develop Dev Opps and stuff like that. >> Yeah, Dev Opps and so worth. So, they need Test Def. So we help them automate the process and orchestrate the process of Test Def. Supporting things like sampling. I may have a one petabyte dataset, I'm not going to do Test Def against that. I want to do 10 percent of that and spin that up, and I want to do some masking of personal, PII data. So we can do masking and sampling against that Sport Test Def. We do backup and recovery. We do disaster recovery. So some customers, particularly in the big data space, they may for now say, well, I have replica so for some of this data it's not permanent data, it's transient data, but I do care about DR. So, DR is a key use case. We also do archiving. So if you just think of data through the life cycle, we support all of those. The piece in terms of where we're going is that what's truly unique, in addition to everything I just mentioned, is that we're the only data management platform that's machine learning based. Okay, so machine learning gets a lot of attention, and all that type of stuff, but we're actually delivering machine learning and abled capabilities today, so. >> And we discussed this before this interview. There's a bit of an anomaly detection. How exactly are you using machine learning? What value does it provide to a enterprise data administrator? They have ML inside your tool. >> Inside our platform, Great question. Very specifically, the product we're delivering today essentially there's a capability in the product called threat sets. Okay, so the number one use cases I mentioned is backup and recovery. So within backup and recovery, threat sense, what it will do with no user intervention whatsoever, what it will do is it will analyze your backups, as they go forward. And what it will do is it will learn what a normal pattern looks like across like 50 different metrics. The details of which I couldn't give you right now. But essentially, a whole bunch of different metrics that we look at to establish this is what a normal baseline looks like for you or for you, kind of thing. Great, that's number one. Number two is then we look and constantly analyze is anything occurring that is knocking things outside of that? Creating an anomaly, does something fall outside of that, and when it does, we're notifying the administrators. You might want to look at this, something could've happened. So the value very specifically is around ransomware typically one of the ways you're going to detect ransomware is you will see an anomaly in your backup set, because your data set will change materially. So we will be able to tell you, >> Cause somebody's holding for ransom is what you're saying. >> Correct, so something's going to happen in your data pattern. >> You've lost data that should be there, or whatever it might be. >> Correct, it could be that you lost data. Your change rate went way up, or something. >> Yeah, gotcha. >> There's any number of things that could trigger it. And then we let the administrator know, it happened here. So today we don't then turn around and just automatically solve that. But your point about where we're going. We've already broken the ice on delivering machine learning and abled data management. >> That might indicate you want to check point your backups to like a few days before this was detected. So the least you have, you know what data is most likely missing, so yeah, I understand. >> Bingo, that's exactly right now where we're going with that. As you could imagine, having a machine learning power data management platform at our core, how many different ways we can go with that. When do I backup? What data do I backup? How do I create the optimal RTO and IRPO? From a storage management standpoint, when do I put what data wear? There's all kinds of the whole library science of data management. The future of data management is machine learning based. There's too much data. There's too much complexity for humans to just be able to, you need to bring machine learning into the equation to help you harness the power of your data. We've broken the ice, we've got a long way to go. But we've got the platform to start with. And we've already introduced the first use case around this. And you can imagine all the places we can take this going forward. >> Very exciting. >> So you were the company that's using machine learning right now. What in your opinion will separate the winners from the losers? >> In terms of vendors, or in terms of the customers? >> Well, in terms of both. >> Yeah, let me answer that two ways. So, let me answer it sort of the inward/outward versus how we are unique. We are very unique, and since we're infinitely scalable, We are a single pane of glass for all of your distributed systems. We are very unique in terms of our multi-staged data reduction. And we're the only vendor that's doing, from a technology differentiation standpoint, we're the only vendor that's doing machine learning based stuff. >> Multi-stage data reduction, I want to break that down. What does that actually mean in practice? >> Sure, so we get the question frequently. Is that compression or duplication or is there something else in there? >> There's a couple different things actually. So why does that matter? So a lot of customers will ask a question, well by definition, no sequel or redo based environments, it's all based on replica, so how to back things up. First of all, replication isn't backup. So that's lesson number one. Point in time backup is very different than replication. Replication replicates bad data just as quickly as it replicates good. When you back up these very large data sets, you have to be incredibly efficient in how you do that. What we do with multi-stage data reduction is one, we will do de duplication, we'll do variable length, de duplication, we will do compression, we will do erasure coding, but the other thing that we'll also do in there, is what we call a global de plication pool. So when we're de duping your data, we're actually de duping it against a very large data set. So there's value in, this is where size matters. So the larger the data set, your data's all secured. But the larger the size of the data that I'm actually storing, the higher percentage I could get of de duplication. Because I've got a higher pool to reduce against. So the net result is we're incredibly efficient when you're talking about petabyte scale data management. We're incredibly efficient to the tune of 10 X easily 10 X over traditional de duplication, and multi X over technologies that are more current, if you will. So back to your question about, we are confident that we have a very strong head start. Our opportunity now is we got to drive why we're here. Cause we got to drive awareness. We got to make sure everybody knows who we are and how we're unique and how we're different. And you guys are great. Love being on The Cube. From a customer standpoint, the customers are going to win, and this is sort of a cliche, but it's true, the customer's the best harness of their data. They're the ones that are going to win. They're going to be more competitive, they're going to be able to find ways to be differentiated. And the only way they're going to do that is they're make the appropriate investments in their data infrastructure, in their data lakes, in their data management tool, so that they can harness all that data. >> Where do you see the future of your Hortonworks partnership going? So Hortonworks is, so we support a broad ecosystem. So, Hortonworks is just as important as any of our other data source partners. So, we are where we see that enfolding, is they're going to, we play an important part in, we feel our value, let me put it that way. We feel our value in helping Hortonworks, is as more and more organizations go mainstream with these applications. These are not corner cases anymore. This is not sort of in the lab. This is like the real deal. This is mainstream enterprises running business critical applications. The value we bring is you're not going to rely on those platforms without an enterprise data management solution that delivers what we deliver. So our value there is we can go to market, too. There's all kinds of ways we can go to market together. But net and that our value there is that we provide a very important enterprise data management capability that's important for customers that are deploying in these business critical environments. >> Great. >> Very good, as more of the data gets persisted out at the edge devices and the Internet of things, and so forth, what are the challenges in terms of protecting that data, backup and restore, de duplication, and so forth, and to what extent is your company's Imanis data maybe addressing those kinds of more distributed data management requirements going forward? Do you see that on the rise? Are you hearing that from customers? They want to do more of that? More of an edge cloud environment? Or is that way too far in the future? >> I don't think it's way too far in the future, but I do think there's an inside out. So my position on that is that it's not that there isn't edge work going on. What I would contend is that the big problem right now from an enterprise mainstreaming standpoint, is more getting the house is order, just your core house in order, from you move from sort of a traditional four wall data center to a hybrid cloud environment. Maybe not quite as edge. Combination of how do I leverage on prem and the cloud, so to speak. And how do I get the core data lake and the case of Hortonworks, how do I get that big data lake sorted out? You're touching on, I think, a longer discussion, which is where is the analysis going on? Where is the data going to persist? You know, where do you do some of that computational work? So you get all this information out at the edge. Does all that information end up going into the data lake? So, do you move the storage to where the lake is? Do you start pushing some of the lake functionale out to the edge where you have to then start doing some of the, so it's a much more complicated discussion. >> I know we had this discussion over lunch. This may be outside your wheelhouse, but let me just ask it anyway. We've seen more at Wikibon, I cover AI and distributed training and distributed inference and things so the edges are capturing the data and for more and more, there's a trend to where they're performing local training of their models, their embedded models, from the data they capture. But quite often, edge devices don't have a ton of storage and they're not going to retain that long. But some of that data will need to be archived. Will need to be persisted in a way and managed as a core resource, so we see that kind of requirement maybe not now, but in a few years time distributed training in persistence of that data, protection of that data, becoming a mainstream enterprise requirement. Where AI and machine learning, the whole pipeline is a concern. That's like I said, that's probably outside you guys wheelhouse. That's probably outside the realm for your customers But that kind of thing is coming out, as the likes of Hortonworks and IBM and everybody else, is starting to look at it and implement it, containerization of analytics and data management out to all these micro devices. >> Yes, and I think you're right there. And to your point about the, we're kind of going where the data is, if you will in volumes, kind of thing. And it's going that direction. And frankly, where we see that happening is, that's where the cloud plays a big role as well, because there's edge, but how do you get to the edge? You can get to the edge through the cloud. So, again, we run on AWS. We run on GCP, we run on Asher. So, to be clear, in terms of the data we can rotect, we got a broad portfolio, broad ecosystem of adute based big data, data sources that we support as well as no sequel. If they're running on AWS or GCP or Asher, we support ADLS, we support Asher's data lake stuff, HD Inside, we support a whole bunch of different things both from a cloud standpoint as on prem. Which is where we're seeing some of that edge work happening. >> Great, well Peter thank you so much for coming on The Cube. It's always a pleasure to have you on. >> Yes, thanks for having me and I look forward to being back sometime soon. >> We'll have you. >> Thank you both. >> When the time is right. >> Indeed, we will have more from The Cube's live coverage of Dataworks just after this. (upbeat music)
SUMMARY :
of Silicon Valley, it's the Cube. He is the vice president of So the reason I jumped here is because is one of the greatest little company So the timing's right to essentially evolving in what you offer. and I'll come directly to your question. and orchestrate the process of Test Def. And we discussed this So the value very specifically ransom is what you're saying. to happen in your data pattern. You've lost data that should be there, be that you lost data. So today we don't then turn around So the least you have, you know the power of your data. So you were the company the inward/outward What does that actually mean in practice? Sure, so we get the They're the ones that are going to win. This is not sort of in the lab. Where is the data going to persist? from the data they capture. of the data we can rotect, It's always a pleasure to have you on. and I look forward to Indeed, we will have more
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
James Kobielus | PERSON | 0.99+ |
Rebecca Knight | PERSON | 0.99+ |
Peter Smails | PERSON | 0.99+ |
Hortonworks | ORGANIZATION | 0.99+ |
IBM | ORGANIZATION | 0.99+ |
Peter | PERSON | 0.99+ |
Imanis | ORGANIZATION | 0.99+ |
10 percent | QUANTITY | 0.99+ |
Silicon Valley | LOCATION | 0.99+ |
San Jose | LOCATION | 0.99+ |
today | DATE | 0.99+ |
San Jose, California | LOCATION | 0.99+ |
50 different metrics | QUANTITY | 0.99+ |
both | QUANTITY | 0.99+ |
AWS | ORGANIZATION | 0.99+ |
two ways | QUANTITY | 0.99+ |
one | QUANTITY | 0.99+ |
Test Def | TITLE | 0.98+ |
about a month | QUANTITY | 0.98+ |
Asher | ORGANIZATION | 0.98+ |
Imanis Data | ORGANIZATION | 0.97+ |
Wikibon | ORGANIZATION | 0.97+ |
around five years | QUANTITY | 0.96+ |
10 X | QUANTITY | 0.95+ |
One | QUANTITY | 0.94+ |
Dataworks Summit 2018 | EVENT | 0.94+ |
Dev Opps | TITLE | 0.94+ |
DataWorks Summit 2018 | EVENT | 0.94+ |
one petabyte | QUANTITY | 0.93+ |
The Cube | ORGANIZATION | 0.93+ |
First | QUANTITY | 0.92+ |
Imanis | PERSON | 0.91+ |
ImanisData | ORGANIZATION | 0.89+ |
single pane | QUANTITY | 0.87+ |
Number two | QUANTITY | 0.86+ |
FEDOOP | TITLE | 0.84+ |
first use case | QUANTITY | 0.81+ |
last five years | DATE | 0.76+ |
GCP | TITLE | 0.65+ |
number one | QUANTITY | 0.62+ |
couple | QUANTITY | 0.6+ |
Dataworks | ORGANIZATION | 0.59+ |
CICD | TITLE | 0.55+ |
HD Inside | ORGANIZATION | 0.55+ |
days | DATE | 0.55+ |
ADLS | ORGANIZATION | 0.5+ |
Test | TITLE | 0.47+ |
IOT | TITLE | 0.34+ |
Cube | ORGANIZATION | 0.27+ |
Paul Makowski
(digital music) >> Welcome, everyone. Donald Klein here with CUBE Conversations, coming to you from our studios at theCUBE, here in Palo Alto, California. And today I'm fortunate enough to be joined by Paul Makowski, CTO of PolySwarm. PolySwarm is a fascinating company that plays in the security space, but is also part of this emerging block chain and token economy. Welcome, Paul. >> Thank you, thank you for having me. >> Great, so why don't we just start and give everybody an understanding of what PolySwarm does and how you guys do it? >> Sure, so PolySwarm is a new effort (audio fading in and out) to try to fix the economics around how threat (missing audio) >> Donald: Okay. >> So, we see a lot of shortcomings with (audio fading in and out) I think it's more of a economic concern rather than (missing audio) (laughs) Rather than a concern regarding (missing audio) >> Donald: Okay. >> So, what PolySwarm is (missing audio) and change how (missing audio) >> Okay. >> So, it is a blockchain project (missing audio) will govern tomorrow's threat-intelligence base and perhaps, ideally, generate better incentives (missing audio) >> Okay, so, generally if I'm understanding right, you're playing in this threat-intelligence area, which is commonly know as bug-bounties. Correct, yeah? But you guys have kind of taken this in a new direction. Why don't you just explain to me kind of where this threat-intelligence distributed economy has been and where where you see it going in the future. >> Sure, so bug bounties are, we had spoke earlier about HackerOne, for example. Bug bounties are an effort to identify vulnerabilities, and open vulnerability reports to arbitrary people across the internet. And incentivize people to secure products on behalf of the product owner. >> So, I can be an independent developer, and I find a vulnerability in something, and I submit it to one of these platforms, and then I get paid or rewarded for this. >> Yeah, and so the likes of HackerOne is a player in the space that conducts these bug bounties on behalf of other enterprises. >> Donald: Got it. >> Large enterprises such as Google and Microsoft and Apple, even, run their own bug bounties directly. >> Donald: Interesting. >> But, there's also these centralized middle men, the likes of HackerOne. Now, PolySwarm is a little bit different. We've discussed perhaps distributing the bug bounty space, but what we're focusing on right now at PolySwarm 1.0 is really just determining whether or not files, URLs, network graphics are either malicious or benign. >> Donald: Interesting. >> There's this boolean determination to start with, and then we're going to expand from there to metadata concerning, perhaps, the malware family of an identified malicious file. And then from there we'd also like to get into the bug bounty space. >> Okay. >> So, by PolySwarm being a fully decentralized market, us, as Swarm Technologies, will not be the middle man. We will not be in the middle of these transactions. We think that is going to make everything a bit more efficient for all the players on the market. And will best offer precision reward to be both accurate and timely in threat-intelligence. >> Interesting, okay, alright so I want to talk to you just a little bit more, because not everybody out there may be fully familiar with how a kind of decentralized app works. Talk to us a little bit about how blockchain fits in, how smart contracts fit in, and maybe just a little about, like, if I were to work on the PolySwarm platform, would I set up my own smart contract? Would somebody set it up for me? How would that work? >> Great question. So, in general, we see smart contracts as a new way to literally program a market. And I think this concept is applicable to a lot of different spaces. My background and the PolySwarm team background is in information (missing audio). >> Donald: Okay. >> So, we're applying smart contracts and market design specifically to a problem area that we are experts in. >> Okay, and what kind of smart contracts are these? What platform are you running on? >> We're running on Ethereum. We had previously discussed possibly expanding to Bezos, although there are perhaps some reasons not to do that anymore right now. But yeah, on Ethereum, we've been publishing our proof of concept code for our smart contracts right now which is available on github.com/polyswarm. More directly to your question concerning developing applications that plug into our platform or plug in to any platform, we've also released a opensource framework called Perigord. Which is a framework for developing Ethereum distributed applications using Go, which is a language developed by Google. So, I hope that answers a little bit, but >> So, you're really pioneering this whole world of moving to a decentralized, distributed app framework. >> Yeah, so, we're not the first people in this space, but we are expanding the ease of development to the Go language space, away from strictly programming in JavaScript. A lot distributed applications today are programmed in JavaScript. And there's pros and cons to each language, but we're hoping to get the Go language engaged a little more. >> So, let's go back now around to the people that are going to be participating in this marketplace, right. You were talking about unlocking the economic potential that's latent out there. Talk a little bit more about that. >> Exactly, so we had a spoken a little bit ago about HackerOne, and one of the things that I think is really cool about HackerOne is the fact that it's offered globally. What makes that really cool is that HackerOne gets a lot of great submissions from people in locales that may not indigenously offer sufficient jobs for the amount of talent that the local economies are producing. So, that's a sort of latent talent. HackerOne is particularly popular in India, China, Eastern European countries, we'd like to also direct that talent toward solving the threatened intelligence problem, namely accurately and timely identifying threats in files or graphic files. So, we'd like to-- We are operating in a eight and a half billion dollar per year space, the antivirus space, and we'd like to unlock this latent talent to broaden what threats are detected and how effectively enterprises defend themselves through a crowdsourced contributed manner that will cover more of the threats. >> Interesting, and so why don't you just talk a little about URLs and why those are important. We've seen a lot of hacks in the news recently, people going to sign up for a token sale and then being rerouted to the wrong place, et cetera. So, talk about malicious URLs. I think that might be an interest for people. >> Sure, everyone is trying to determine what URLs are malicious. Google has built into Chrome their safe browsing program that's also present in Firefox, Microsoft in some equivalent. Everyone's trying to determine and prevent people from being phished. You mentioned there were a few ICOs in this space that unfortunately had their websites hacked and their Ethereum contribution address changed, the hackers made off with some money. What PolySwarm does at a base level is it creates a market for security experts, again, around the world, to effectively put their money where their mouth is and say I think to the tune of 10 Nectar, for example, Nectar is the name of the PolySwarm note, that this URL or this file is malicious or benign. And those funds are escrowed directly into the smart contracts that constitute PolySwarm. And at a later time, the security experts who are right, receive the escrowed rewards from the security experts who were wrong. So, it's this feedback loop. >> It sounds like participants are kind of betting on both sides of whether something's malicious or not? >> Yeah, in effect. Legally, I definitely wouldn't say betting. (laughs) But it's >> Donald: Fair enough. >> The correct answer is there, right? The way that PolySwarm works is and enterprise has a suspect file or URL and decides to swarm it and what they do on the backend for that is they can either directly post this file or URL to the network, the network being the Ethereum blockchain. Everyone that's watching it and is cognizant of PolySwarm will be aware that there's a suspect file that perhaps I want to decide whether or not it's malicious as a security expert. Again, around the world, security experts will make that decision. If this is a particular file that I think I have insight into, as a security expert, then I might put up a certain amount of Nectar because I believe it is one way or the other. The reason why I say it's more of a-- The correct answer is in the file, right? It is in fact either malicious or benign. But what PolySwarm's economic reward is both timeliness and accuracy in determining that mal intent, whether or not that file is (missing audio). >> Interesting. And so the use of the smart contract is pretty novel here, right? Because the smart contracts then execute and distribute the bounties directly to the participants based on answer, is that right? >> That's correct. And that's the real key part. That eliminates the middle man in this space. A lot of the talk around blockchain in general is about restlessness, about not having middle men. In PolySwarm the core smart contract, again which are on github.com/polyswarm, they are able to actually hold escrowed upon. Though we're not in the middle and those escrowed funds are release to people who effectively get it right through the cost of people who got it wrong. So, we think >> And this is all automated through the system? >> This is all automated through the system. If I could take a step back real quick here, some of the shortcomings we're trying to address in today's market are if you imagine a Venn diagram, there's a rectangle that has all of the different threats in this space and you have large circles that cover portions of the Venn diagram and those large circles are today's large antivirus companies. Those circles overlap substantially. And the reason for that is pretty straight forward. Did you hear about perhaps WannaCry? It was a ransomware-- >> Absolutely, absolutely. >> If you're an antivirus company and you're not cognizant, you're not detecting WannaCry, then it's real easy to write you off. But the difficulty there is on the backend what that incentivizes is a lot of security companies doing duplicated work trying to detect the same threat. So there's a little bit of a clumpiness, there's a little bit of overlap, in what they detect and further it's very difficult although we've been speaking with people at those companies. They're always interested in the latest threat and uniquely detecting things, but it's sometimes very difficult to make Dell's argument that hey I detect this esoteric family of power >> Donald: Malicious URL, or et cetera. >> Exactly and by the way you're also going to get hit with it. That's a very difficult argument. >> So, you're sort of addressing the under served areas, then, within security. >> Precisely, so the way that PolySwarm will look in that Venn diagram, is instead of large, mostly overlapping ovals, we'll have thousands of micro-engines written by security experts that each find their specialty. And that together this crowdsourced intelligence will cover more. >> Interesting, very good, very good, okay. So, just last question here. Talk around a little bit of the background. How did PolySwarm come together? I know you talked about Narf Industries, et cetera. Why don't you just give us a little of the background here? 'Cause it's impressive. >> Sure, so again my background, and the entire PolySwarm technical team's background, is information security. We also run and work for a computer security consultancy called Narf Industries. Our more public work has been for DARPA, as of late. There was a large competition that DARPA ran called the "Cyber Grand Challenge" that was the-- they were trying to create the autonomous equivalent of a human capture the flag competition, which is a hacking competition. Anyway, we helped develop the challenges for that program and otherwise helped in that phase. So that's a public-facing project. >> And you won part of that competition, is that correct? >> Yeah, so we weren't competing in DARPA's Cyber Grand Challenge, but in the human capture the flags, we have won those. All the members of the core PolySwarm, and also Narf Industries, technical team have won DEF CON's capture the flag competition at least once. And some of us have helped run that competition. That's considered the world series of hacking (laughs). So, that's our background, and we're also all we've all previously worked directly for the U.S. government, so we're very much embedded in the cutting edge of cyber security. And, finally, the last thing I'll say, is Narf was recently awarded a contract with the Department of Homeland Security for investigating how to build confidentiality controls into a blockchain environment. The Department of Homeland Security was concerned about identity management. They wanted to apply a blockchain phase. But part of that, is obviously, you want to protect people's private information. So, how do you do that phase that, by default, is purely public. >> Got it, okay look we're going to have to end there, but let me just say, we would be remiss without mentioning the fact that your ICO's starting. When's that going to happen? >> So, we have an ICO that's going to go live February 6. Right now, we're just trying to generate buzz, talking to great people like yourself. After that lead up to the ICO, we'd like to encourage people to check out our website at polyswarm.io, we have a Telegram group that's growing everyday. And, again, a large part of what we would be funded by this ICO to accomplish is building the community around using PolySwarm. Fortunately, again, this is our space. So, we know a lot of people in this space, but we're always happy to be meeting people, so we'd love for all your viewers to join the conversation and engage with us. Our DMs on Twitter are open, et cetera. >> Okay, we hope they do. Probably just want to make one final point is that you guys are actually publishing all your code on GitHub ahead of the ICO, right? That kind of makes you unique in a very difficult space. >> It, unfortunately, does make us unique. I wish more projects did do that. But, yes, we are publishing our code in advance of the token sale. PolySwarm, if you're familiar with the conversation between securities and utility tokens, PolySwarm is very much a utility token. People will grade Nectar, which is the name of our Token, for threat intelligence. And part of that is we want to have a usable ecosystem on day one when people buy tokens. We want to make sure that you're not investing in some future thing. Obviously we're going to improve on it, but it will be usable from day one (missing audio). >> Alright, fantastic, so thank you, Paul. I appreciate you coming in. Alright, well thanks, everyone. Thank you for watching. This is Donald Klein with CUBE Conversations coming to you from Palo Alto, California. Thank you for watching. (digital music)
SUMMARY :
that plays in the security space, But you guys have kind of taken this in a new direction. on behalf of the product owner. and I submit it to one of these platforms, Yeah, and so the likes of HackerOne and Apple, even, run their own bug bounties directly. the likes of HackerOne. metadata concerning, perhaps, the malware family a bit more efficient for all the players on the market. Interesting, okay, alright so I want to talk to you My background and the PolySwarm team background specifically to a problem area that we are experts in. So, I hope that answers a little bit, but of moving to a decentralized, distributed app framework. And there's pros and cons to each language, So, let's go back now around to the people about HackerOne, and one of the things that I think and then being rerouted to the wrong place, et cetera. Nectar is the name of the PolySwarm note, Yeah, in effect. The correct answer is in the file, right? the bounties directly to the participants And that's the real key part. that cover portions of the Venn diagram then it's real easy to write you off. Exactly and by the way you're also the under served areas, then, within security. Precisely, so the way that PolySwarm will look Talk around a little bit of the background. and the entire PolySwarm technical team's background, but in the human capture the flags, mentioning the fact that your ICO's starting. is building the community around using PolySwarm. is that you guys are actually publishing of the token sale. coming to you from Palo Alto, California.
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
Donald Klein | PERSON | 0.99+ |
Microsoft | ORGANIZATION | 0.99+ |
Apple | ORGANIZATION | 0.99+ |
Paul Makowski | PERSON | 0.99+ |
Paul | PERSON | 0.99+ |
ORGANIZATION | 0.99+ | |
February 6 | DATE | 0.99+ |
Narf Industries | ORGANIZATION | 0.99+ |
PolySwarm | ORGANIZATION | 0.99+ |
Donald | PERSON | 0.99+ |
India | LOCATION | 0.99+ |
Narf | ORGANIZATION | 0.99+ |
Department of Homeland Security | ORGANIZATION | 0.99+ |
Palo Alto, California | LOCATION | 0.99+ |
JavaScript | TITLE | 0.99+ |
Chrome | TITLE | 0.99+ |
Dell | ORGANIZATION | 0.99+ |
both sides | QUANTITY | 0.99+ |
China | LOCATION | 0.99+ |
Swarm Technologies | ORGANIZATION | 0.99+ |
each language | QUANTITY | 0.99+ |
today | DATE | 0.98+ |
one | QUANTITY | 0.98+ |
github.com/polyswarm | OTHER | 0.98+ |
Firefox | TITLE | 0.98+ |
HackerOne | ORGANIZATION | 0.97+ |
each | QUANTITY | 0.97+ |
tomorrow | DATE | 0.96+ |
Perigord | TITLE | 0.96+ |
one final point | QUANTITY | 0.96+ |
one way | QUANTITY | 0.96+ |
PolySwarm 1.0 | TITLE | 0.95+ |
both | QUANTITY | 0.95+ |
ORGANIZATION | 0.94+ | |
first people | QUANTITY | 0.94+ |
DARPA | ORGANIZATION | 0.93+ |
Go | TITLE | 0.93+ |
day one | QUANTITY | 0.93+ |
U.S. government | ORGANIZATION | 0.91+ |
eight and a half billion dollar per | QUANTITY | 0.9+ |
Eastern European | LOCATION | 0.83+ |
GitHub | ORGANIZATION | 0.82+ |
polyswarm.io | OTHER | 0.82+ |
10 | QUANTITY | 0.82+ |
thousands of micro-engines | QUANTITY | 0.81+ |
Telegram | ORGANIZATION | 0.78+ |
Cyber Grand Challenge | EVENT | 0.77+ |
theCUBE | ORGANIZATION | 0.77+ |
Charles Beeler, Rally Ventures | Node Summit 2017
>> Hey welcome back everybody. Jeff Frick here at theCUBE. We're at Node Summit 2017 in Downtown San Francisco. 800 people hanging out at the Mission Bay Conference Center talking about development and really monumental growth curve. One of the earlier presenters have one project last year. I think 15 this year, 22 in development and another 75 toy projects. The development curve is really steep. IBM's here, Microsoft, Google, all the big players so there is a lot of enterprise momentum as well and we're happy to have our next guest. Who's really started this show and one of the main sponsors of the show He's Charles Beeler. He's a general partner at Rally Ventures. Charles great to see you. >> Good to be back. Good to see you. >> Yeah, absolutely. Just kind of general impression. You've been doing this for a number of years I think when we talked earlier. Ryan Dawles interview from I don't even know what year it is I'd have to look. >> 2012, January 2012. >> 2012. It's still one of our most popular interviews of all the thousands we've done on the theCUBE, and now I kind of get it. >> Right place, right time but it was initially a lot. In 2011, we were talking about nodes. Seemed like a really interesting project. No one was really using it in a meaningful way. Bryan Cantrell from Joint. I know you all have talked before, walked me through the Hello World example on our board in my office, and we decided let's go for it. Let's see if we can get a bunch of enterprises to come and start talking about what they're doing. So January 2012, there were almost none who were actually doing it, but they were talking about why it made sense. And you fast forward to 2017, so Home Away was the company that actually had no apps. Now 15, 22 in development like you were mentioning and right now on stage you got Twitter talking about Twitter light. The breath and it's not just internet companies when you look at Capital One. You look at some of the other big banks and true enterprise companies who are using this. It's been fun to watch and for us. We do enterprise investing so it fits well but selfishly this community is just a fun group of people to be around. So as much as this helps for our rally and things. We've always been in awe of what the folks around the node community have meant to try to do, and it did start with Ryan and kind of went from there. It's fun to be back and see it again for the fifth annual installment. >> It's interesting some of the conversations on stage were also too about community development and community maturation and people doing bad behavior and they're technically strong. We've seen some of these kind of growing pains in some other open source communities. The one that jumps out is Open Stack as we've watched that one kind of grow and morph over time. So these are good. There's bad problems and good problems. These are good growing pain problems. >> And that's an interesting one because you read the latest press about the venture industry and the issues are there, and people talk more generally about the tech industry. And it is a problem. It's a challenge and it starts with encouraging a broad diverse group of people who would be interested in this business. >> Jeff: Right, right. >> And getting into it and so the node community to me is always been and I think almost any other out source community could benefit at looking at not just how they've done it, but who the people are and what they've driven. For us, one of the things we've always tried to do is bring a diverse set of speakers to come and get engaged. And it's really hard to go and find enough people who have the time and willingness to come up on stage and it's so rewarding when you start to really expose the breath of who's out there engaged and doing great stuff. Last year, we had Stacy Kirk, who she runs a company down in L.A. Her entire team pretty much is based in Jamaica brought the whole team out. >> Jeff: Really? >> It was so much fun to have whole new group people. The community just didn't know, get to know it and be in awe of what they're building. I thought the electron conversation. They were talking about community, that was Jacob from GitHub. It's an early community though. They're trying to figure it out. On the Open Stack side, it's very corporate driven. It's harder to have those conversations. In the node community, it's still more community driven and as a result they're able to have more of the conversation around how do we build a very inclusive group of people who can frankly do a more effective job of changing development. >> Jeff: Right, well kudos to you. I mean you open up the conference in your opening remarks talking about the code of conduct and it's kind of like good news bad news. Like really we have to talk about what should basically be. It's common sense but you have to do it and that's part of the program. It was Woman Attack Wednesday today so we've got a boat load of cards going out today with a lot of the women and it's been proven time and time again. That the diversity of opinions tackling any problem is going to lead to a better solution and hopefully this is not new news to anybody either. >> No and we have a few scholarship folks from Women who code over here. We've done that with them for the last few years but there are so many organizations that anyone who actually wants to spend a little time figuring out how can I be apart of the, I don't know if I'd call it solution but help with a challenge that we have to face. It's Women who code. It's Girls who code. It's Black girls code and it's not just women. There's a broad diverse set of people we need to engage. >> Jeff: Right, right. >> We have a group here, Operation Code who's working with Veterans who would like to find a career, and are starting to become developers and we have three or four sponsored folks from Operation Code too. And again, it's just rewarding to watch people who are some of the key folks who helped really make node happen. Walking up to some stranger who's sort of staring around. Hasn't met anybody. Introduce himself say, "Hey, what are you interested in "and how can I help?" And it's one of the things that frankly brings us back to do this year after year. It's rewarding. >> Well it's kind of interesting piece of what node is. Again we keep hearing time and time again. It's an easy language. Use the same language for the front end or the back end. >> Yep. >> Use a bunch of pre-configured model. I think Monica from Intel, she said that a lot of the codes they see is 2% is your code and everything you're leveraging from other people. And we see in all these tech conferences that the way to have innovation is to label more people to contribute. That have the tools and the data and that's really kind of part of what this whole ethos is here. >> And making it. Just generally the ethos around making it easier to develop and deploy. And so when we first started, Google was nowhere to be found and Microsoft was actually already here. IBM wasn't here yet and now you look at those folks. The number of submissions we saw for talk proposals. The depth of engagement within those organizations. Obviously Google's got their go and a bunch of it but node is a key part of what they're doing. Node and I think for both IBM and also for Google is the most deployed language or the most deployed stack in terms of what they're seeing on their Cloud, Which is why they're here. And they're seeing just continued growth, so yeah it drives that view of how can we make software easier to work with, easier to put together, create and deploy and it's fun to watch. Erstwhile competitors sitting comparing notes and ideas and someone said to me. One of the Google folks, Miles Boran had said. Mostly I love coming to this because the hallway chatter here is just always so fascinating. So you go hear these great talks and you walk out and the speakers are there. You get to talk to them and really learn from them. >> I want to shift gears a little. I always great to get a venture capitalist on it. Everybody wants to hear your thoughts and you see a lot of stuff come across your desk. As you just look at the constant crashing of waves of innovation that we keep going through here and I know that's apart of why you live here and why I do too. And Cloud clearly is probably past the peak of the wave but we're just coming into IoT and internet of things and 5G which is going to be start to hit in the near future. As you look at it from an enterprise perspective. What's getting you excited? What are some of the things that maybe people aren't thinking about that are less obvious and really the adoption of enterprises of these cutting edge technologies. Of getting involved in open source is really phenomenal thing of environment for start ups. >> Yeah and what you're seeing as the companies, the original enterprises that were interested in nodes. You decided to start deploying. The next question is alright this worked, what else can we be doing? And this is where you're seeing the advent of first Cloud but now how people are thinking about deployment. There's a lot of conversation here this week about ServerList. >> Jeff: Right, right. We were talking about containers. Micro services and next thing you know people are saying oh okay what else can we be doing to push the boundaries around this? So from our perspective, what we think about when we think about when we think of enterprise and infrastructure and Dev Ops et cetera is it is an ever changing thing. So Cloud as we know it today is sort, it's done but it's not close to being finished when you think about how people are making car-wny apps and deploying them. How that keeps changing, questions they keep asking but also now to your point when you look at 5G. When you look at IoT, the deployment methodology. They're going to have to change. The development languages are going to change and that will once again result in further change across the entire infrastructure. How am I going to go to place so I would say that we have not stopped seeing innovative stuff in any of those categories. You asked about where do we see kind of future things that we like. Like NEVC, if I don't say AI and ML and what are the other ones I'm suppose to say? Virtual reality, augmented reality, drones obviously are huge. >> It's anti drones. Drone detection. >> We look at those as enabling technology. We're more interested from a rally perspective and applied use of those technologies so there's some folks from GrowBio here today. And I'm sure you know Grail, right they raise a billion dollars. The first question I asked the VP who is here. I said, did you cure cancer yet? 'Cause it's been like a year and a half. They haven't yet, sorry. But what's real interesting is when you talk to them about what are they doing. So first they're using node but the approach they're taking to try to make their software get smarter and smarter and smarter by the stuff they see how they're changing. It's just fundamentally different than things people were thinking about a few years ago. So for us, the applied piece is we want to see companies like a Grail come in and say, here's what we're doing. Here's why and here's how we're going to leverage all of these enabling technologies to go accomplish something that no one has ever been able to do before. >> Jeff: Right, right. And that's what gets us excited. The idea of artificial intelligence. It's cool, it's great. I love talking about it. Walk me through how you're going to go do something compelling with that. Block chain is an area that we're spending, have been but continue to spend a lot of time looking right now not so much from a currency perspective. Just very compelling technology and the breath of our capability there is incredible. We've met in the last week. I met four entrepreneurs. There are three of them who are here talking about just really novel ways to take advantage of a technology that is still just kind of early stages, from our perspective of getting to a point where people can really deploy within large enterprise. And then I'd say the final piece for us and it's not a new space. But kind of sitting over all of this is security. And as these things change constantly. The security needs are going to change right. The foot print in terms of what the attack surface looks like. It gets bigger and bigger. It gets more complex and the unfortunate reality of simplifying the development process is you also sometimes sort of move out the security thought process from a developer perspective. From a deployment perspective, you assume I've heard companies say well we don't need to worry about security because we keep our stuff on Amazon. As a security investor, I love hearing that. As a user of some of those solutions it's scares me to death and so we see this constant evolution there. And what's interesting you have, today I think we have five security companies who are sponsoring this conference. The first few years, no one even wanted to talk about security. And now you have five different companies who are here really talking about why it matters if you're building out apps and deploying in the Cloud. What you should be thinking about from a security perspective. >> Security is so interesting because to me, it's kind of like insurance. How much is enough? And ultimate you can just shut everything down and close it off but that's not the solution. So where's the happy medium and the other thing that we hear over and over is it's got to be baked in all the layers of the cake. It can't just be the castle and moat methodology anymore. >> Charles: Absolutely. >> How much do you have? Where do you put it in? But where do you stop? 'cause ultimately it's like a insurance. You can just keep buying more and more. >> And recognize the irony of sitting here in San Francisco while Black Hat's taking place. We should both be out there talking about it too. (laughing) >> Well no 'cause you can't go there with your phone, your laptop. No, you're just suppose to bring your car anymore. >> This is the first year in four years that my son won't be at DEF CON. He just turned seven so he set the record at four, five and six as the youngest DEF CON attendee. A little bitter we're not going this year and shout out because he was first place in the kid's capture the flag last year. >> Jeff: Oh very good. >> Until he decided to leave and go play video games. So the way we think about the question you just asked on security, and this is actually, I give a lot of credit to Art Covella. He's one of our venture partners. He was the CEO at our safe for a number of years. Ran it post DMC acquisition as well is it's not so much of a okay, I've got this issue. It could be pay it ransom or whatever it is. People come in and say we solve that. You might solve the problem today but you don't solve the problem for the future typically. The question is what is it that you do in my environment that covers a few things. One, how does it reduce the time and energy my team needs to spend on solving these issues so that I can use them? Because the people problem in security is huge. >> Right. >> And if you can reduce the amount of time people are doing automated. What could be automated task, manual task and instead get them focused on hired or bit sub, you get to cover more. So how does it reduce the stress level for my team? What do I get to take out? I don't have unlimited budget. That could be buying point solutions. What is it that you will allow me to replace so that the net cost to me to add your solution is actually neutral or negative, so that I can simplify my environment. Again going back to making these work for the people, and then what is it that you do beyond claiming that you're going to solve a problem I have today. Walk me through how this fits into the future. They're not a lot of the thousands of-- >> Jeff: Those are not easy questions. >> They're not easy questions and so when you ask that and apply that to every company who's at Black Hat today. Every company at RSA, there's not very many of that companies who can really answer that in a concise way. And you talk to seesos, those are the questions they're starting to ask. Great, I love what you're doing. It's not a question of whether I have you in my budget this year or next. What do I get to do in my environment differently that makes my life easier or my organization's life easier, and ultimately nets it out at a lower cost? It's a theme we invest in. About 25% of our investments have been in the securities space and I feel like so far every one of those deals fits in some way in that category. We'll see how they play out but so far so good. >> Well very good so before we let you go. Just a shout out, I think we've talked before. You sold out sponsorship so people that want to get involved in node 2018. They better step up pretty soon. >> 2018 will happen. It's the earliest we've ever confirmed and announced next year's conference. It usually takes me five months before >> Jeff: To recover. >> I'm willing to think about it again. It will happen. It will probably happen within the same one week timeframe, two week timeframe. I actually, someone put a ticket tier up for next year or if you buy tickets during the conference the next two days. You can buy a ticket $395 for today. They're a $1000 bucks. It's a good deal if people want to go but the nice thing is we've never had a team that out reaches the sponsors. It's always been inbound interest. People who want to be involved and it's made the entire thing just a lot of fun to be apart of. We'll do it next year and it will be really fascinating to see how much additional growth we see between now and then. Because based on some of the enterprises we're seeing here. I mean true Fortune 500, nothing to do with technology from a revenue perspective. They just used it internally. You're seeing some really cool development taking place and we're going to get some of that on stage next year. >> Good, well congrats on a great event. >> Thanks. And thanks for being here. It's always fun to have you guys. >> He's Charles Beeler. I'm Jeff Frick. You're watching theCUBE, Node Summit 2017. Thanks for watching. (uptempo techno music)
SUMMARY :
and one of the main sponsors of the show Good to see you. it is I'd have to look. of all the thousands we've done on the theCUBE, and right now on stage you got Twitter talking It's interesting some of the conversations and people talk more generally about the tech industry. and so the node community to me is always been and be in awe of what they're building. and hopefully this is not new news to anybody either. No and we have a few scholarship folks And again, it's just rewarding to watch people who Well it's kind of interesting piece of what node is. she said that a lot of the codes they see is 2% is your code and someone said to me. and I know that's apart of why you live here Yeah and what you're seeing as the companies, but it's not close to being finished It's anti drones. and smarter by the stuff they see how they're changing. and the breath of our capability there is incredible. and the other thing that we hear over and over But where do you stop? And recognize the irony of sitting here in San Francisco Well no 'cause you can't go there with your phone, This is the first year in four years and this is actually, I give a lot of credit to Art Covella. so that the net cost to me to add your solution They're not easy questions and so when you ask Well very good so before we let you go. It's the earliest we've ever confirmed and announced just a lot of fun to be apart of. It's always fun to have you guys. He's Charles Beeler.
SENTIMENT ANALYSIS :
ENTITIES
Entity | Category | Confidence |
---|---|---|
Charles Beeler | PERSON | 0.99+ |
Stacy Kirk | PERSON | 0.99+ |
Microsoft | ORGANIZATION | 0.99+ |
ORGANIZATION | 0.99+ | |
Charles | PERSON | 0.99+ |
Jeff Frick | PERSON | 0.99+ |
Jeff | PERSON | 0.99+ |
Monica | PERSON | 0.99+ |
$1000 | QUANTITY | 0.99+ |
January 2012 | DATE | 0.99+ |
Jamaica | LOCATION | 0.99+ |
Bryan Cantrell | PERSON | 0.99+ |
2011 | DATE | 0.99+ |
three | QUANTITY | 0.99+ |
IBM | ORGANIZATION | 0.99+ |
San Francisco | LOCATION | 0.99+ |
seven | QUANTITY | 0.99+ |
2012 | DATE | 0.99+ |
Amazon | ORGANIZATION | 0.99+ |
Ryan Dawles | PERSON | 0.99+ |
$395 | QUANTITY | 0.99+ |
Last year | DATE | 0.99+ |
Miles Boran | PERSON | 0.99+ |
next year | DATE | 0.99+ |
GrowBio | ORGANIZATION | 0.99+ |
first question | QUANTITY | 0.99+ |
four years | QUANTITY | 0.99+ |
last year | DATE | 0.99+ |
today | DATE | 0.99+ |
2017 | DATE | 0.99+ |
L.A. | LOCATION | 0.99+ |
Home Away | ORGANIZATION | 0.99+ |
800 people | QUANTITY | 0.99+ |
RSA | ORGANIZATION | 0.99+ |
six | QUANTITY | 0.99+ |
2018 | DATE | 0.99+ |
one week | QUANTITY | 0.99+ |
2% | QUANTITY | 0.99+ |
five | QUANTITY | 0.99+ |
Intel | ORGANIZATION | 0.99+ |
75 toy projects | QUANTITY | 0.99+ |
one | QUANTITY | 0.99+ |
Mission Bay Conference Center | LOCATION | 0.99+ |
Jacob | PERSON | 0.99+ |
Capital One | ORGANIZATION | 0.99+ |
last week | DATE | 0.99+ |
this week | DATE | 0.99+ |
Rally Ventures | ORGANIZATION | 0.99+ |
first year | QUANTITY | 0.98+ |
DMC | ORGANIZATION | 0.98+ |
first place | QUANTITY | 0.98+ |
first | QUANTITY | 0.98+ |
Ryan | PERSON | 0.98+ |
both | QUANTITY | 0.98+ |
GitHub | ORGANIZATION | 0.98+ |
thousands | QUANTITY | 0.98+ |
five security companies | QUANTITY | 0.98+ |
five different companies | QUANTITY | 0.98+ |
Wednesday | DATE | 0.98+ |
a year and a half | QUANTITY | 0.98+ |
Node Summit 2017 | EVENT | 0.98+ |
DEF CON. | EVENT | 0.98+ |
One | QUANTITY | 0.97+ |
four | QUANTITY | 0.97+ |
four entrepreneurs | QUANTITY | 0.97+ |