(light music playing) >> Welcome back to VEEAMON 2022 in Las Vegas. We're at the Aria. This is theCUBE and we're covering two days of VEEAMON. We've done a number of VEEAMONs before, we did Miami, we did New Orleans, we did Chicago and we're, we're happy to be back live after two years of virtual VEEAMONs. I'm Dave Vellante. My co-host is David Nicholson. Eric Herzog is here. You think he's, Eric's been on theCUBE, I think more than any other guest, including Pat Gelsinger, who at one point was the number one guest. Eric Herzog, CMO of INFINIDAT great to see you again. >> Great, Dave, thank you. Love to be on theCUBE. And of course notice my Hawaiian shirt, except I now am supporting an INFINIDAT badge on it. (Dave laughs) Look at that. >> Is that part of the shirt or is that a clip-on? >> Ah, you know, one of those clip-ons but you know, it looks good. Looks good. >> Hey man, what are you doing at VEEAMON? I mean, you guys started this journey into data protection several years ago. I remember we were actually at one of their competitors' events when you first released it, but tell us what's going on with Veeam. >> So we do a ton of stuff with Veeam. We do custom integration. We got some integration on the snapshotting side, but we do everything and we have a purpose built backup appliance known as InfiniGuard. It works with Veeam. We also actually have some customers who use our regular primary storage device as a backup target. The InfiniGuard product will do the data reduction, the dedupe compression, et cetera. The standard product does not, it's just a standard high performance array. We will compress the data, but we have customers that do it either way. We have a couple customers that started with the InfiniBox and then transitioned to the InfiniGuard, realizing that why would you put it on regular storage? Why not go to something that's customized for it? So we do that. We do stuff in the field with them. We've been at all the VEEAMONs since the, since like, I think the second one was the first one we came to. We're doing the virtual one as well as the live one. So we've got a little booth inside, but we're also doing the virtual one today as well. So really strong work with Veeam, particularly at the field level with the sales guys and in the channel. >> So when INFINIDAT does something, you guys go hardcore, high end, fast recovery, you just, you know, reliable, that's kind of your brand. Do you see this movement into data protection as kind of an adjacency to your existing markets? Is it a land and expand strategy? Can you kind of explain the strategy there. >> Ah, so it's actually for us a little bit of a hybrid. So we have several accounts that started with InfiniBox and now have gone with the InfiniGuard. So they start with primary storage and go with secondary storage/modern data protection. But we also have, in fact, we just got a large PO from a Fortune 50, who was buying the InfiniGuard first and now is buying our InfiniBox. >> Both ways. Okay. >> All flash array. And, but they started with backup first and then moved to, so we've got them moving both directions. And of course, now that we have a full portfolio, our original product, the InfiniBox, which was a hybrid array, outperformed probably 80 to 85% of the all flash arrays, 'cause the way we use DRAM. And what's so known as our mural cash technology. So we could do very well, but there is about, you know, 15, 20% of the workloads we could not outperform the competition. So then we had an all flash array and purpose built backup. So we can do, you know, what I'll say is standard enterprise storage, high performance enterprise storage. And then of course, modern data protection with our partnerships such as what we do with Veeam and we've incorporated across the entire portfolio, intense cyber resilience technology. >> Why does the world, Eric, need another purpose built backup appliance? What do you guys bring that is filling a gap in the marketplace? >> Well, the first thing we brought was much higher performance. So when you look at the other purpose built backup appliances, it's been about our ability to have incredibly high performance. The second area has been CapEx and OpEx reduction. So for example, we have a cloud service provider who happens to be in South Africa. They had 14 purpose built backup appliances from someone else, seven in one data center and seven in another. Now they have two InfiniGuards, one in each data center handling all of their backup. You know, they're selling backup as a service. They happen to be using Veeam as well as one other backup company. So if you're the cloud provider from their perspective, they just dramatically reduce their CapEx and OpEx. And of course they've made it easier for them. So that's been a good story for us, that ability to consolidation, whether it be on primary storage or secondary storage. We have a very strong play with cloud providers, particularly those meeting them in small that have to compete with the hyperscalers right. They don't have the engineering of Amazon or Google, right? They can't compete with what the Azure guys have got, but because the way both the InfiniGuard and the InfiniBox work, they could dramatically consolidate workloads. We probably got 30 or 40 midsize and actually several members of the top 10 telcos use us. And when they do their clouds, both their internal cloud, but actually the clouds that are actually running the transmissions and the traffic, it actually runs on InfiniBox. One of them has close to 200 petabytes of InfiniBox and InfiniBox, all flash technology running one of the largest telcos on the planet in a cloud configuration. So all that's been very powerful for us in driving revenue. >> So phrases of the week have been air gap, logical air gap, immutable. Where does InfiniGuard fit into that universe? And what's the profile of the customer that's going to choose InfiniGuard as the target where they're immutable, Write Once Read Many, data is going to live. >> So we did, we announced our InfiniSafe technology first on the InfiniGuard, which actually earlier this year. So we have what I call the four legs of the stool of cyber resilience. One is immutable snapshots, but that's only part of it. Second is logical air gapping, and we can do both local and remote and we can provide and combine local with remote. So for example, what that air gap does is separate the management plane from the actual data plane. Okay. So in this case, the Veeam data backup sets. So the management cannot touch that immutable, can't change it, can't delete it. can't edit it. So management is separated once you start and say, I want to do an immutable snap of two petabytes of Veeam backup dataset. Then we just do that. And the air gap does it, but then you could take the local air gap because as you know, from inception to the end of an attack can be close to 300 days, which means there could be a fire. There could be a tornado, there could be a hurricane, there could be an earthquake. And in the primary data center, So you might as well have that air gap just as you would do- do a remote for disaster recovery and business continuity. Then we have the ability to create a fenced forensic environment to evaluate those backup data sets. And we can do that actually on the same device. That is the purpose built backup appliance. So when you look at the architectural, these are public from our competitors, including the guys that are in sort of Hopkinton/Austin, Texas. You can see that they show a minimum of two physical devices. And in many cases, a third, we can do that with one. So not only do we get the fence forensic environment, just like they do, but we do it with reduction, both CapEx and OpEx. Purpose built backup is very high performance. And then the last thing is our ability to recover. So some people talk about rapid recovery, I would say, they dunno what they're talking about. So when we launched the InfiniGuard with InfiniSafe, we did a live demo, 1.5 petabytes, a Veeam backup dataset. We recovered it in 12 minutes. So once you've identified and that's on the InfiniGuard. On the InfiniBox, once you've identified a good copy of data to do the recovery where you're free of malware ransomware, we can do the recovery in three to five seconds. >> Okay. >> So really, really quick. Actually want to double click on something because people talk about immutable copies, immutable snapshots in particular, what have the actual advances been? I mean, is this simply a setting that maybe we didn't set for retention at some time in the past, or if you had to engineer something net new into a system so to provide that logical air gap. >> So what's net new is the air gapping part. Immutable snapshots have been around, you know, before we were on screen, you talked about WORM, Write Once Read Many. Well, since I'm almost 70 years old, I actually know what that means. When you're 30 or 40 or 50, you probably don't even know what a WORM is. Okay. And the real use of immutable snapshots, it was to replace WORM which was an optical technology. And what was the primary usage? Regulatory and compliance, healthcare, finance and publicly traded companies that were worried about. The SEC or the EU or the Japanese finance ministry coming down on them because they're out of compliance and regulatory. That was the original use of immutable snap. Then people were, well, wait a second. Malware ransomware could attack me. And if I got something that's not changeable, that makes it tougher. So the real magic of immutability was now creating the air gap part. Immutability has been around, I'd say 25 years. I mean, WORMs sort of died back when I was at Mac store the first time. So that was 1990-ish is when WORMs sort of fell away. And there have been immutable snapshots from most of the major storage vendors, as well as a lot of the small vendors ever since they came out, it's kind of like a checkbox item because again, regulatory and compliance, you're going to sell to healthcare, finance, public trade. If you don't have the immutable snapshot, then they don't have their compliance and regulatory for SEC or tax purposes, right? With they ever end up in an audit, you got to produce data. And no one's using a WORM drive anymore to my knowledge. >> I remember the first storage conference I ever went to was in Monterey. It had me in the early 1980s, 84 maybe. And it was a optical disc drive conference. The Jim Porter of optical. >> Yep. (laughs) >> I forget what the guy's name was. And I remember somebody coming up to me, I think it was like Bob Payton rest his soul, super smart strategy guy said, this is never going to happen because of the cost and that's what it was. And now you've got that capability on flash, you know, hard disk, et cetera. >> Right. >> So the four pillars, immutability, the air gap, both local and remote, the fence forensics and the recovery speed. Right? >> Right. Pick up is one thing. Recovery is everything. Those are the four pillars, right? >> Those are the four things. >> And your contention is that those four things together differentiate you from the competition. You mentioned, you know, the big competition, but how unique is this in the marketplace, those capabilities and how difficult is it to replicate? >> So first of all, if someone really puts their engineering hat to it, it's not that hard to replicate. It takes a while. Particularly if you're doing an enterprise, for example, our solutions all have a hundred percent availability guarantee. That's hard to do. Most guys have seven nines. >> That's hard. >> We really will guarantee a hundred percent availability. We offer an SLA that's included when you buy. We don't charge extra for it. It's like if you want it, like you just get it. Second thing is really making sure on the recovery side is the hardest part, particularly on a purpose built backup appliance. So when you look at other people and you delve into their public material, press releases, white paper, support documentation. No one's talking about. Yeah, we can take a 1.5 petabyte Veeam backup data set and make it available in 12 minutes and 12 seconds, which was the exact time that we did on our live demo when we launched the product in February of 2022. No one's talking that. On primary storage, you're hearing some of the vendors such as my old employer that also who, also starts with an "I", talk about a recovery time of two to three hours once you have a known good copy. On primary storage, once we have a known good copy, we're talking three to five seconds for that copy to be available. So that's just sort of the power of the snapshot technology, how we manage our metadata and what we've done, which previous to cyber resiliency, we were known for our replication capability and our snapshot capability from an enterprise class data store. That's what people said. INFINIDAT really knows how to do the replication snapshot. I remember our founder was one of the technical founders of EMC for a product known as the Symmetric, which then became the DMAX, the VMAX and is now is the PowerMax. That was invented by the guy who founded INFINIDAT. So that team has the real chops at enterprise high-end storage to the global fortune 2000. And what are the key feature checkbox items they need that's in both the InfiniBox and also in the InfiniGuard. >> So the business case for cyber resiliency is changing. As Dave said, we've had a big dose last several months, you know, couple years actually, of the importance of cyber resiliency, given all the ransomware tax, et cetera. But it sounds like the business case is shifting really focused on avoiding that risk, avoiding that downtime time versus the cost. The cost is always important. I mean, you got a consolidation play here, right? >> Yeah, yeah. >> Dedupe, does dedupe come into play? >> So on the InfiniGuard we do both dedupe and compression. On the InfiniBox we only do compression. So we do have data reduction. It depends on which product you're using from a Veeam perspective. Most of that now is with the InfiniGuard. So you get the block level dedupe and you get compression. And if you can do both, depending on the data set, we do both. >> How does that affect recovery time? >> Yeah, good question. >> So it doesn't affect recovery times. >> Explain why. >> So first of all, when you're doing a backup data set, the final final recovery, you recovered the backup data set, whether it's Veeam or one of their competitors, you actually make it available to the backup administrator to do a full restore of a backup data set. Okay. So in that case, we get it ready and expose it to the Veeam admin or some other backup admin. And then they launch the Veeam software or the other software and do a restore. Okay. So it's really a two step process on the secondary storage model and actually three. First identifying a known good backup copy. Second then we recover, which is again 12, 13 minutes. And then the backup admin's got to do a, you know, a restore of the backup 'cause it's backup data set in the format of backup, which is different from every backup vendor. So we support that. We get it ready to go. And then whether it's a Veeam backup administrator and quite honestly, from our perspective, most of our customers in the global fortune 2000, 25% of the fortune 50 use INIFINIDAT products. 25% and we're a tiny company. So we must have some magic fairy dust that appeals to the biggest companies on the planet. But most of our customers in that area and actually say probably in the fortune 500 actually use two to three different backup packages. So we can support all those on a single InfiniGuard or multiples depending on how big their backup data sets. Our biggest InfiniGuard is 50 petabytes counting the data reduction technology. So we get that ready. On the InfiniBox, the recovery really is, you know, a couple of seconds and in that case, it's primary data in block format. So we just make that available. So on the InfiniBox, the recovery is once, well two. Identifying a known good copy, first step, then just doing recovery and it's available 'cause it's blocked data. >> And that recovery doesn't include movement of a whole bunch of data. It's essentially realignment of pointers to where the good data is. >> Right. >> Now in the InfiniBox as well as in InfiniGuard. >> No, it would be, So in the case of that, in the case of the InfiniGuard, it's a full recovery of a backup data set. >> Okay. >> So the backup software just launches and it sees, >> Okay. >> your backup one of Veeam and just starts doing a restore with the Veeam restoration technology. Okay? >> Okay. >> In the case of the block, as long as the physical InfiniBox, if that was the primary storage and then filter box is not damaged when you make it available, it's available right away to the apps. Now, if you had an issue with the app side or the physical server side, and now you're pointing new apps and you had to reload stuff on that side, you have to point it at that InfiniBox which has the data. And then you got to wait for the servers and the SAP or Oracle or Mongo, Cassandra to recognize, oh, this is my primary storage. So it depends on the physical configuration on the server side and the application perspective, how bad were the apps damaged? So let's take malware. Malware is even worse because you either destroying data or messing, playing with the app so that the app is now corrupted as well as the data is corrupted. So then it's going to take longer the block data's ready, the SAP workload. And if the SAP somehow was compromised, which is a malware thing, not a ransomware thing, they got to reload a good copy of SAP before it can see the data 'cause the malware attacked the application as well as the data. Ransomware doesn't do that. It just holds it for ransom and it encrypts. >> So this is exactly what we're talking about. When we talk about operational recovery and automation, Eric is addressing the reality that it doesn't just end at the line above some arbitrary storage box, you know, reaching up real recovery, reaches up into the application space and it's complicated. >> That's when you're actually recovered. >> Right. >> When the application- >> Well, think of it like a disaster. >> Okay. >> Yes, right. >> I'll knock on woods since I was born and still live in California. Dave too. Let's assume there's a massive earthquake in the bay area in LA. >> Let's not. >> Okay. Let's yes, but hypothetically and the data center's cat five. It doesn't matter what they're, they're all toast. Okay. Couple weeks later it's modern. You know, people figure out what to do and certain buildings don't fall down 'cause of the way earthquake standards are in California now. So there's data available. They move into temporary space. Okay. Data's sitting there in the Colorado data center and they could do a restore. Well, they can't do a restore. How many service did they need? Had they reloaded all of the application software to do a restoration. What happened to the people? If no one got injured, like in the 1989 earthquake in California, very few people got injured yet cost billions of dollars. But everyone was watching this San Francisco giants played in Oakland, >> I remember >> so no one was on the road. >> Al Michael's. >> Epic moment. >> Imagine it's in the middle of commute time in LA and San Francisco, hundreds of thousands of people. What if it's your data center team? Right? So there's a whole bunch around disaster recovery and business country that have nothing to do with the storage, the people, what your process. So I would argue that malware ransomware is a disaster and it's exactly the same thing. You know, you got the known good copy. You've got okay. You're sure that the SAP and Oracle, especially on the malware side, weren't compromised. On the ransomware side, you don't have to worry about that. And those things, you got to take a look at just as if it, I would argue malware and ransomware is a disaster and you need to have a process just like you would. If there was an earthquake, a fire or a flood in the data center, you need a similar process. That's slightly different, but the same thing, servers, people, software, the data itself. And when you have that all mapped out, that's how you do successful malware ransomeware recovery. It's a different type of disaster. >> It's absolutely a disaster. It comes down to business continuity and be able to transact business with as little disruption as possible. We heard today from the keynotes and then Jason Buffington came on about the preponderance of ransomware. Okay. We know that. But then the interesting stat was the percentage of customers that paid the ransom about a third weren't able to recover. And so 'cause you kind of had this feeling of all right, well, you know, see it on, you know, CNBC, should you pay the ransom or not? You know, pay the ransom. Okay. You'll get back. But no, it's not the case. You won't necessarily get back. So, you know, Veeam stated, Hey, our goal is to sort of eliminate that problem. Are you- You feel like you guys in a partnership can actually achieve that. >> Yes. >> So, and you have customers that have actually avoided, you know, been hit and were able to- >> We have people who won't publicly say they've been hit, but the way they talk about what they did, like in a meeting, they were hit and they were very thankful. >> (laughs) Yeah. >> And so that's been very good. I- >> So we got proof. >> Yes, we absolutely have proof. And quite honestly, with the recent legislation in the United States, malware and ransomware actually now is also regulatory and compliance. >> Yeah. >> Because the new law states mid-March that whether it's Herzog's bar and grill to bank of America or any large foreign company doing business in the US, you have to report to the United States federal government, any attack, same with the county school district with any local government, any agency, the federal government, as well as every company from the tiniest to the largest in the world that does, they're supposed to report it 'cause the government is trying to figure out how to fight it. Just the way if you don't report burglary, how they catch the burglars. >> Does your solution simplify testing in any way or reduce the risk of testing? >> Well, because the recovery is so rapid, we recommend that people do this on a regular basis. So for example, because the recovery is so quick, you can recover in 12 minutes while we do not practice, let's say once a month or once every couple weeks. And guess what? It also allows you to build a repository of known good copies. Remember when you get ransomeware, no one's going to come say, Hey, I'm Mr. Rans. I'm going to steal your stuff. It's all done surreptitiously. They're all James Bond on the sly who doesn't say "By the way, I'm James Bond". They are truly underneath the radar. And they're very slowly encrypting that data set. So guess what? Your primary data and your backup data that you don't want to be attacked can be attacked. So it's really about finding a known good copy. So if you're doing this on a regular basis, you can get an index of known good copies. >> Right. >> And then, you know, oh, I can go back to last Tuesday and you know that that's good. Otherwise you're literally testing Wednesday, Thursday, Friday, Saturday to try to find a known good copy, which delays the recovery process 'cause you really do have to test. They make sure it's good. >> If you increase that frequency, You're going to protect yourself. That's why I got to go. Thanks so much for coming on theCUBEs. Great to see you. >> Great. Thank you very much. I'll be wearing a different Hawaiian shirt next to. >> All right. That sounds good. >> All right, Eric Herzog, Eric Herzog on theCUBE, Dave Vallante for David Nicholson. We'll be right back at VEEAMON 2022. Right after this short break. (light music playing)

>> Narrator: Live from San Francisco. It's theCUBE, covering RSA Conference 2020, San Francisco. Brought to you by, SiliconANGLE Media. >> Welcome back everyone. CUBE coverage here in Moscone in San Francisco for RSA, 2020. I'm John Furrier host of theCUBE. We've got a great guest here talking about cybersecurity and the impact with AI and the role of data. It's always great to have Derek Manky on Chief Security Insights Global Threat Alliances with FortiGuard Lab, part of Fortinet, FortiGuard Labs is great. Great organization. Thanks for coming on. >> It's a pleasure always to be here-- >> So you guys do a great threat report that we always cover. So it covers all the bases and it really kind of illustrates state of the art of viruses, the protection, threats, et cetera. But you're part of FortiGuard Labs. >> Yeah, that's right. >> Part of Fortinet, which is a security company, public. What is FortiGuard Labs? What do you guys do, what's your mission? >> So FortiGuard Labs has existed since day one. You can think of us as the intelligence that's baked into the product, It's one thing to have a world-class product, but you need a world-class intelligence team backing that up. We're the ones fighting those fires against cybercrime on the backend, 24/7, 365 on a per second basis. We're processing threat intelligence. We've got over 10 million attacks or processing just per minute, over a hundred billion events, in any given day that we have to sift through. We have to find out what's relevant. We have to find gaps that we might be missing detection and protection. We got to push that out to a customer base of 450,000 customers through FortiGuard services and 5 million firewalls, 5 million plus firewalls we have now. So it's vitally important. You need intelligence to be able to detect and then protect and also to respond. Know the enemy, build a security solution around that and then also be able to act quickly about it if you are under active attack. So we're doing everything from creating security controls and protections. So up to, real time updates for customers, but we're also doing playbooks. So finding out who these attackers are, why are they coming up to you. For a CSO, why does that matter? So this is all part of FortiGuard Labs. >> How many people roughly involved ? Take us a little inside the curtain here. What's going on? Personnel size, scope. >> So we're over 235. So for a network security vendor, this was the largest global SOC, that exists. Again, this is behind the curtain like you said. These are the people that are, fighting those fires every day. But it's a large team and we have experts to cover the entire attack surface. So we're looking at not just a viruses, but we're looking at as zero-day weapons, exploits and attacks, everything from cyber crime to, cyber warfare, operational technology, all these sorts of things. And of course, to do that, we need to really heavily rely on good people, but also automation and artificial intelligence and machine learning. >> You guys are walking on a tight rope there. I can only imagine how complex and stressful it is, just imagining the velocity alone. But one of the trends that's coming up here, this year at RSA and is kind of been talking about in the industry is the who? Who is the attacker because, the shifts could shift and change. You got nation states are sitting out there, they're not going to have their hands dirty on this stuff. You've got a lot of dark web activity. You've got a lot of actors out there that go by different patterns. But you guys have an aperture and visibility into a lot of this stuff. >> Absolutely. >> So, you can almost say, that's that guy. That's the actor. That's a really big part. Talk about why that's important. >> This is critically important because in the past, let's say the first generation of, threat intelligence was very flat. It was to watch. So it was just talking about here's a bad IP, here's a bad URL, here's a bad file block hit. But nowadays, obviously the attackers are very clever. These are large organizations that are run a lot of people involved. There's real world damages happening and we're talking about, you look at OT attacks that are happening now. There's, in some cases, 30, $40 million from targeted ransom attacks that are happening. These people, A, have to be brought to justice. So we need to understand the who, but we also need to be able to predict what their next move is. This is very similar to, this is what you see online or CSI. The police trynna investigate and connect the dots like, plotting the strings and the yarn on the map. This is the same thing we're doing, but on a way more advanced level. And it's very important to be able to understand who these groups are, what tools they use, what are the weapons, cyber weapons, if you will, and what's their next move potentially going to be. So there's a lot of different reasons that's important. >> Derek, I was riffing with another guest earlier today about this notion of, government protection. You've got a military troops drop on our shores and my neighborhood, the Russians drop in my neighborhood. Guess what, the police will probably come in, and, or the army should take care of it. But if I got to run a business, I got to build my own militia. There's no support out there. The government's not going to support me. I'm hacked. Damage is done. You guys are in a way providing that critical lifeline that guard or shield, if you will, for customers. And they're going to want more of it. So I've got to ask you the hard question, which is, how are you guys going to constantly be on the front edge of all this? Because at the end of the day, you're in the protection business. Threats are coming at the speed of milliseconds and nanoseconds, in memory. You need memory, you need database. You've got to have real time. It's a tsunami of attack. You guys are the front lines of this. You're the heat shield. >> Yes, absolutely. >> How do you take it to the next level? >> Yeah, so collaboration, integration, having a broad integrated platform, that's our bread and butter. This is what we do. End-to-end security. The attack surface is growing. So we have to be able to, A, be able to cover all aspects of that attack surface and again, have intelligence. So we're doing sharing through partners. We have our core intelligence network. Like I said, we're relying heavily on machine learning models. We're able to find that needle in the haystack. Like, as I said earlier, we're getting over a hundred billion potential threat events a day. We have to dissect that. We have to break it down. We have to say, is this affecting endpoint? Is this effect affecting operational technology? What vertical, how do we process it? How do we verify that this is a real threat? And then most importantly, get that out in time and speed to our customers. So I started with automation years ago, but now really the way that we're doing this is through broad platform coverage. But also machine learning models for and-- >> I want to dig into machine learning because, I love that needle in the haystack analogy, because, if you take that to the next step, you got to stack a needles now. So you find the needle in the haystack. Now you got a bunch of needles, where do you find that? You need AI, you got to have some help. But you still got the human component. So talk about how you guys are advising customers on how you're using machine learning and get that AI up and running for customers and for yourselves. >> So we're technology people. I always look at this as the stack. The stack model, the bottom of the stack, you have automation. You have layer one, layer two. That's like the basic things for, feeds, threat feeds, how we can push out, automate, integrate that. Then you have the human. So the layer seven. This is where our human experts are coming in to actually advise our customers. We're creating a threat signals with FortiGuard Labs as an example. These are bulletins that's a quick two to three page read that a CSO can pick up and say, here's what FortiGuard Labs has discovered this week. Is this relevant to my network? Do I have these protections in place. There's also that automated, and so, I refer to this as a centaur model. It's half human half machine and, the machines are driving a lot of that, the day to day mundane tasks, if you will, but also finding, collecting the needles of needles. But then ultimately we have our humans that are processing that, analyzing it, creating the higher level strategic advice. We recently, we've launched a FortiAI, product as well. This has a concept of a virtual-- >> Hold on, back up a second. What's it called? >> FortiAI. >> So it's AI components. Is it a hardware box or-- >> This is a on-premise appliance built off of five plus years of learning that we've done in the cloud to be able to identify threats and malware, understand what that malware does to a detailed level. And, where we've seen this before, where is it potentially going? How do we protect against it? Something that typically you would need, four to five headcount in your security operations center to do, we're using this as an assist to us. So that's why it's a virtual analyst. It's really a bot, if you will, something that can actually-- >> So it's an enabling opportunity for the customers. So is this virtual assistant built into the box. What does that do, virtual analyst. >> So the virtual analyst is able to, sit on premises. So it's localized learning, collect threats to understand the nature of those threats, to be able to look at the needles of the needles, if you will, make sense of that and then automatically generate reports based off of that. So it's really an assist tool that a network admin or a security analyst was able to pick up and virtually save hours and hours of time of resources. >> So, if you look at the history of like our technology industry from a personalization standpoint, AI and data, whether you're a media business, personalization is ultimately the result of good data AI. So personalization for an analyst, would be how not to screw up their job. (laughs) One level. The other one is to be proactive on being more offensive. And then third collaboration with others. So, you starting to see that kind of picture form. What's your reaction to that? >> I think it's great. There's stepping stones that we have to go through. The collaboration is not always easy. I'm very familiar with this. I mean I was, with the Cyber Threat Alliance since day one, I head up and work with our Global Threat Alliances. There's always good intentions, there's problems that can be created and obviously you have things like PII now and data privacy and all these little hurdles they have to come over. But when it works right together, this is the way to do it. It's the same thing with, you talked about the data naturally when he started building up IT stacks, you have silos of data, but ultimately those silos need to be connected from different departments. They need to integrate a collaborate. It's the same thing that we're seeing from the security front now as well. >> You guys have proven the model of FortiGuard that the more you can see, the more visibility you can see and more access to the data in real time or anytime scale, the better the opportunity. So I got to take that to the next level. What you guys are doing, congratulations. But now the customer. How do I team up with, if I'm a customer with other customers because the bad guys are teaming up. So the teaming up is now a real dynamic that companies are deploying. How are you guys looking at that? How is FortiGuard helping that? Is it through services? Is it through the products like virtual assistant? Virtual FortiAI? >> So you can think of this. I always make it an analogy to the human immune system. Artificial neural networks are built off of neural nets. If I have a problem and an infection, say on one hand, the rest of the body should be aware of that. That's collaboration from node to node. Blood cells to blood cells, if you will. It's the same thing with employees. If a network admin sees a potential problem, they should be able to go and talk to the security admin, who can go in, log into an appliance and create a proper response to that. This is what we're doing in the security fabric to empower the customer. So the customer doesn't have to always do this and have the humans actively doing those cycles. I mean, this is the integration. The orchestration is the big piece of what we're doing. So security orchestration between devices, that's taking that gap out from the human to human, walking over with a piece of paper to another or whatever it is. That's one of the key points that we're doing within the actual security fabric. >> So that's why silos is problematic. Because you can't get that impact. >> And it also creates a lag time. We have a need for speed nowadays. Threats are moving incredibly fast. I think we've talked about this on previous episodes with swarm technology, offensive automation, the weaponization of artificial intelligence. So it becomes critically important to have that quick response and silos, really create barriers of course, and make it slower to respond. >> Okay Derek, so I got to ask you, it's kind of like, I don't want to say it sounds like sports, but it's, what's the state of the art in the attack vectors coming in. What are you guys seeing as some of the best of breed tax that people should really be paying attention to? They may, may not have fortified down. What are SOCs looking at and what are security pros focused on right now in terms of the state of the art. >> So the things that keep people up at night. We follow this in our Threat Landscape Report. Obviously we just released our key four one with FortiGuard Labs. We're still seeing the same culprits. This is the same story we talked about a lot of times. Things like, it used to be a EternalBlue and now BlueKeep, these vulnerabilities that are nothing new but still pose big problems. We're still seeing that exposed on a lot of networks. Targeted ransom attacks, as I was saying earlier. We've seen the shift or evolution from ransomware from day to day, like, pay us three or $400, we'll give you access to your data back to going after targeted accounts, high revenue business streams. So, low volume, high risk. That's the trend that we're starting to see as well. And this is what I talk about for trying to find that needle in the haystack. This is again, why it's important to have eyes on that. >> Well you guys are really advanced and you guys doing great work, so congratulations. I got to ask you to kind of like, the spectrum of IT. You've got a lot of people in the high end, financial services, healthcare, they're regulated, they got all kinds of challenges. But as IT and the enterprise starts to get woke to the fact that everyone's vulnerable. I've heard people say, well, I'm good. I got a small little to manage, I'm only a hundred million dollar business. All I do is manufacturing. I don't really have any IP. So what are they going to steal? So that's kind of a naive approach. The answer is, what? Your operations and ransomware, there's a zillion ways to get taken down. How do you respond to that. >> Yeah, absolutely. Going after the crown jewels, what hurts? So it might not be a patent or intellectual property. Again, the things that matter to these businesses, how they operate day to day. The obvious examples, what we just talked about with revenue streams and then there's other indirect problems too. Obviously, if that infrastructure of a legitimate organization is taken over and it's used as a botnet and an orchestrated denial-of-service attack to take down other organizations, that's going to have huge implications. >> And they won't even know it. >> Right, in terms of brand damage, has legal implications as well that happened. This is going even down to the basics with consumers, thinking that, they're not under attack, but at the end of the day, what matters to them is their identity. Identity theft. But this is on another level when it comes to things to-- >> There's all kinds of things to deal with. There's, so much more advanced on the attacker side. All right, so I got to ask you a final question. I'm a business. You're a pro. You guys are doing great work. What do I do, what's my strategy? How would you advise me? How do I get my act together? I'm working the mall every day. I'm trying my best. I'm peddling as fast as I can. I'm overloaded. What do I do? How do I go the next step? >> So look for security solutions that are the assist model like I said. There's never ever going to be a universal silver bullet to security. We all know this. But there are a lot of things that can help up to that 90%, 95% secure. So depending on the nature of the threats, having a first detection first, that's always the most important. See what's on your network. This is things where SIM technology, sandboxing technology has really come into play. Once you have those detections, how can you actually take action? So look for a integration. Really have a look at your security solutions to see if you have the integration piece. Orchestration and integration is next after detection. Finally from there having a proper channel, are there services you looked at for managed incident response as an example. Education and cyber hygiene are always key. These are free things that I push on everybody. I mean we release weekly threat intelligence briefs. We're doing our quarterly Threat Landscape Reports. We have something called threat signals. So it's FortiGuard response to breaking industry events. I think that's key-- >> Hygiene seems to come up over and over as the, that's the foundational bedrock of security. >> And then, as I said, ultimately, where we're heading with this is the AI solution model. And so that's something, again that I think-- >> One final question since it's just popped into my head. I wanted, and that last one. But I wanted to bring it up since you kind of were, we're getting at it. I know you guys are very sensitive to this one topic cause you live it every day. But the notion of time and time elapsed is a huge concern because you got to know, it's not if it's when. So the factor of time is a huge variable in all kinds of impact. Positive and negative. How do you talk about time and the notion of time elapsing. >> That's great question. So there's many ways to stage that. I'll try to simplify it. So number one, if we're talking about breaches, time is money. So the dwell time. The longer that a threat sits on a network and it's not cleaned up, the more damage is going to be done. And we think of the ransom attacks, denial-of-service, revenue streams being down. So that's the incident response problem. So time is very important to detect and respond. So that's one aspect of that. The other aspect of time is with machine learning as well. This is something that people don't always think about. They think that, artificial intelligence solutions can be popped up overnight and within a couple of weeks they're going to be accurate. It's not the case. Machines learn like humans too. It takes time to do that. It takes processing power. Anybody can get that nowadays, data, most people can get that. But time is critical to that. It's a fascinating conversation. There's many different avenues of time that we can talk about. Time to detect is also really important as well, again. >> Let's do it, let's do a whole segment on that, in our studio, I'll follow up on that. I think it's a huge topic, I hear about all the time. And since it's a little bit elusive, but it kind of focuses your energy on, wait, what's going on here? I'm not reacting. (laughs) Time's a huge issue. >> I refer to it as a latency. I mean, latency is a key issue in cybersecurity, just like it is in the stock exchange. >> I mean, one of the things I've been talking about with folks here, just kind of in fun conversation is, don't be playing defense all the time. If you have a good time latency, you going to actually be a little bit offensive. Why not take a little bit more offense. Why play defense the whole time. So again, you're starting to see this kind of mentality not being, just an IT, we've got to cover, okay, respond, no, hold on the ballgame. >> That comes back to the sports analogy again. >> Got to have a good offense. They must cross offense. Derek, thanks so much. Quick plug for you, FortiGuard, share with the folks what you guys are up to, what's new, what's the plug. >> So FortiGuard Labs, so we're continuing to expand. Obviously we're focused on, as I said, adding all of the customer protection first and foremost. But beyond that, we're doing great things in industry. So we're working actively with law enforcement, with Interpol, Cyber Threat Alliance, with The World Economic Forum and the Center for Cyber Security. There's a lot more of these collaboration, key stakeholders. You talked about the human to human before. We're really setting the pioneering of setting that world stage. I think that is, so, it's really exciting to me. It's a lot of good industry initiatives. I think it's impactful. We're going to see an impact. The whole goal is we're trying to slow the offense down, the offense being the cyber criminals. So there's more coming on that end. You're going to see a lot great, follow our blogs at fortinet.com and all-- >> Great stuff. >> great reports. >> I'm a huge believer in that the government can't protect us digitally. There's going to be protection, heat shields out there. You guys are doing a good job. It's only going to be more important than ever before. So, congratulations. >> Thank you. >> Thanks for coming I really appreciate. >> Never a dull day as we say. >> All right, it's theCUBE's coverage here in San Francisco for RSA 2020. I'm John Furrier, your host. Thanks for watching. (upbeat music)

>> Narrator: Live from San Francisco It's theCUBE. Covering RSA Conference 2020, San Francisco. Brought to you by Silicon Angled Media >> Hi everyone, welcome to theCUBE's coverage here at RSA Conference 2020. I'm John Furrier, host of theCUBE We're on the floor getting all the data, sharing it with you here, Cube coverage. Got the best new generation shift happening as cloud computing goes to the whole other level. Multi-cloud, hybrid cloud changing the game. You're seeing the companies transition from an on-premises to cloud architecture. This is forcing all the companies to change. So a new generation of security is here and we've got a great guest, so a hot start-up. Masha Sedova, co-founder of Elevate Security. Welcome to theCUBE, thanks for joining us. >> Thank you so much for having me, John. >> So the next generation in what will be a multi-generational security paradigm, is kind of happening right now with the beginning of, we're seeing the transition, Palo Alto Networks announced earnings yesterday down 13% after hours because of the shift to the cloud. Now I think they're going to do well, they're well positioned, but it highlights this next generation security. You guys are a hot start-up, Elevate Security. What is the sea change? What is going on with security? What is this next generation paradigm about? >> Yeah, so it's interesting that you talk about this as next generation. In some ways, I see this as a two-prong move between, yes, we're moving more into the cloud but we're also going back to our roots. We're figuring out how to do asset management right, we're figuring out how to do patching right, and for the first time, we're figuring how to do the human element right. And that's what where we come in. >> You know, the disruption of these new shifts, it also kind of hits like this, the old expression, 'same wine, new bottle', all this, but it's a data problem. Security has always been a data problem, and we've seen some learnings around data. Visualization, wrangling, there's a lot of best practices around there. You guys are trying to change the security paradigm by incorporating a data-centric view with changing the behavior of the humans and the machines and kind of making it easier to manage. Could you share what you guys are doing? What's the vision for Elevate? >> Yeah, so we believe and we've seen, from our experience being practitioners, you can't change what you can't measure. If you don't have visibility, you don't know where you're going. And that's probably been one of the biggest pain-point in the security awareness space traditionally. We just roll out training and hope it works. And it doesn't, which is why human error is a huge source of our breaches. But we keep rolling out the same one-size fits all approach without wanting to measure or, being able to. So, we've decided to turn the problem on its head and we use existing data sets that most organizations who have a baseline level of maturity already have in place. Your end point protections, your DLP solutions, your proxies, your email security gateways and using that to understand what your employees are doing on the network to see if user generated incidents are getting better over time or getting worse. And using that as the instrumentation and the level of visibility into understanding how you should be orchestrating your program in this space. >> You know, that's a great point. I was just having a conversation last night at one of the cocktail parties here around RSA and we were debating on, we talk about the kind of breaches, you mentioned breaches, well there's the pure breach where I'm going to attack and penetrate the well fortified network. But then there's just human error, an S3 bucket laying open or some configuration problem. I guess it's not really a breach, it's kind of an open door so the kind of notion of a breach is multifold. How do you see that, because again, human error, insider threats or human error, these are enabling the hackers. >> Yeah >> This is not new. >> Yeah. >> How bad is the problem? >> It depends on what report you read. The biggest number I've seen so far is something like 95% of breaches have human error. But I honestly, I couldn't tell you what the 5% that don't include it because if you go far enough back, it's because a patch wasn't applied and there is a human being involved there because there is vulnerability in code, that's probably a secure coding practice when you're a development organization. Maybe it's a process that wasn't followed or even created in the first place. There's a human being at the core of every one of these breaches and, it needs to be addressed as holistically as our technologies and our processes right now in the space. >> The evolution of human intelligence augmented by machines will certainly help. >> That's it, yeah. >> I mean, I've got to ask you, obviously you're well-funded. Costanova Ventures well known in the enterprise space, Greg Sands and the team there, really strong, but you guys entered the market, why? I mean you guys, you and your founder both at Salesforce.com. Salesforce gurus doing a lot of work there. Obviously you've seen the large scale, first wave of the cloud. >> Yeah >> Why do the start-up? What was the problem statement you guys were going after? >> So, my co-founder and I both came from the world of being practitioners and we saw how limited the space was and actually changing human behavior, I was given some animated PowerPoints, said use this to keep the Russians out of your network, which is a practical joke unless your job is on the line, so I took a huge step back and I said, there are other fields that have figured this out. Behavioral science being one of them, they use positive reinforcement, gamification, marketing and advertisements have figured out how to engage the human element, just look around the RSA floor, and there's so many learnings of how we make decisions as human beings that can be applied into changing people's behaviors in security. So that's what we did. >> And what was the behavior you're trying to change? >> Yeah, so the top one's always that our attackers are getting into organizations, so, reducing phishing click-throughs an obvious one, increasing reporting rates, reducing malware infection rates, improving sensitive data handling, all of which have ties back to, as I was mentioning earlier, security data sources. So, we get to map those and use that data to then drive behavior change that's rooted in concepts like social proof, how are you doing compared to your peers? We make dinner decisions on that and Amazon buying decisions on that, why not influence security like that? >> So building some intelligence into the system, is there a particular market you're targeting? I mean, here people like to talk in segments, is there a certain market that you guys are targeting? >> Yeah, so the amazing thing about this is, and probably no surprise, the human element is a ubiquitous problem. We are in over a dozen different industries and we've seen this approach work across all of those industries because human beings make the same mistakes, no matter what kind of company they're in. We really work well with larger enterprises. We work well with larger enterprises because they tend to have the data sets that really provides insights into human behavior. >> And what's the business model you guys envision happening with your service product? >> We sell to enterprises and security, the CISO and the package as a whole, gives them the tools to have the voice internally in their organization We sell to Fortune 1000 companies, >> So it's a SAAS service? >> Yeah, SAAS service, yeah. >> And so what's the technology secret sauce? (laughing) >> Um, that's a great question but really, our expertise is understanding what information people need at what time and under what circumstances, that best changes their behavior. So we really are content diagnostic, we are much more about the engine that understands what content needs to be presented to whom and why. So that everyone is getting only the information they need, they understand why they need it and they don't need anything extra-superfluous to their... >> Okay, so I was saying on theCUBE, my last event was at, CIO's can have good days and bad days. They have good days, CISOs really have good days, many will say bad days, >> Masha: Yeah, it's a hard job. >> So how do I know I need the Elevate Solution? What problem do I have, what's in it for me? What do I get out of it? When do I know when to engage with you guys? >> I take a look at how many user generated incidents your (mumbles) responding to, and I would imagine it is a large majority of them. We've seen, while we were working at Salesforce and across our current customers, close to a 40% reduction rate in user generated incidents, which clearly correlates to time spent on much more useful things than cleaning up mistakes. It's also one of the biggest ROI's you can get for the cheapest investment. By investing a little bit in your organization now, the impact you have in your culture and investing in the future decision, the future mistakes that never get made, are actually untold, the benefit of that is untold. >> So you're really kind of coming in as a holistic, kind of a security data plane if you will, aggregating the data points, making a visualization in human component. >> You've got it. >> Now, what's the human touchpoint? Is it a dashboard? Is it notifications? Personalization? How is the benefit rendered for the customer? >> So we give security teams and CSOs a dashboard that maps their organization's strengths and weaknesses. But for every employee, we give personalized, tailored feedback. Right now it shows up in an email that they get on an ongoing basis. We also have one that we tailor for executives, so the executive gets one for their department and we create an executive leaderboard that compares their performance to fellow peers and I'll tell you, execs love to win, so we've seen immense change from that move alone. >> Well, impressive pedigree on your entrepreneurial background, I see Salesforce has really kind of, I consider real first generation cloud before cloud actually happened, and there's a lot of learn, it was always an Apple case, now it's AWS, but it's it's own cloud as we all know, what are the learnings that you saw from Salesforce that you said hey, I'm going to connect those dots to the new opportunity? What's the real key there? >> So, I had two major aha's that I've been sharing with my work since. One, it's not what people know, but it's what they do that matters, and if you can sit with a moment and think about that, you realize it's not more training, because people might actually know the information, but they just choose not to do it. How many people smoke, and they still know it kills them? They think that it doesn't apply to them, same thing with security. I know what I need to do, I'm just not incentivized to do it, so there's a huge motivation factor that needs to be addressed. That's one thing that I don't see a lot of other players on the market doing and one thing we just really wanted to do as well. >> So it sounds like you guys are providing a vision around using sheet learning and AI and data synthesis wrangling and all that good stuff, to be an assistant, a personal assistant to security folks, because it sounds like you're trying to make their life easier, make better decisions. Sounds like you guys are trying to distract away all these signals, >> You're right. >> See what to pay attention to. >> And make it more relevant, yeah. Well think about what Fitbit did for your own personal fitness. It curates a personal relationship based on a whole bunch of data. How you're doing, goals you've set, and all of a sudden, a couple of miles walk leads to an immense lifestyle change. Same thing with security, yeah. >> That's interesting, I love the Fitbit analogy because if you think about the digital ecosystem of an enterprise, it used to be siloed, IT driven, now with digital, everything's connected so technically, you're instrumenting a lot of things for everything. >> Yeah. >> So the question's not so much instrumentation, it's what's happening when and contextually why. >> That's it, why, that's exactly it. Yeah, you totally got it. >> Okay. I got it. >> Yeah, I can see the light bulb. >> Okay, aha, ding ding. All right, so back to the customer pain point. You mentioned some data points around KPI's that they might or things that they might want to call you so it's incidents, what kind of incidents? When do I know I need to get you involved? Will you repeat those again? >> There's two places where it's a great time to involve. Now, because of the human element is, or think about this as an investment. If you do non-investor security culture, one way or another, you have security culture. It's either hurting you or it's helping you and by hurting you, people are choosing to forego investing security processes or secure cultures and you are just increasing your security debt. By stepping in to address that now, you are actually paying it forward. The second best time, is after you realize you should have done that. Post-breaches or post incidents, is a really great time to come in and look at your culture because people are willing to suspend their beliefs of what good behavior looks like, what's acceptable and when you look at an organization and their culture, it is most valuable after a time of crisis, public or otherwise, and that is a really great time to consider it. >> I think that human error is a huge thing, whether it's as trivial as leaving an S3 bucket open or whatever, I think it's going to get more acute with service meshes and cloud-native microservices. It's going to get much more dynamic and sometimes services can be stood up and torn down without any human knowledge, so there's a lot of blind spots potentially. This brings up the question of how does the collaboration piece, because one of the things about the security industry is, it's a community. Sharing data's important, having access to data, how do you think about that as the founder of a start-up that has a 20 mile steer to the future around data access, data diversity, blind spots, how do you look at that and how do you advise your clients to think about that? >> I've always been really pro data sharing. I think it's one of the things that has held us back as an industry, we're very siloed in this space, especially as it relates to human behavior. I have no idea, as a regular CISO of a company, if I am doing enough to protect my employees, is my phishing click (mumbles), are my malware download rates above normal, below or should I invest more, am I doing enough? How do I do compared to my peers and without sharing industry stats, we have no idea if we're investing enough or quite honestly, not enough in this space. And the second thing is, what are approaches that are most effective? So let's say I have a malware infection problem, which approach, is it this training? Is it a communication? Is it positive reinforcement, is it punishment? What is the most effective to leverage this type of output? What's the input output relation? And we're real excited to have shared data with Horizon Data Breach Report for the first time this year, to start giving back to the communities, specifically to help answer some of these questions. >> Well, I think you're onto something with this behavioral science intersection with human behavior and executive around security practices. I think it's going to be an awesome, thanks for sharing the insights, Miss Masha on theCUBE here. A quick plug for your company, (mumbles) you're funded, Series A funding, take us through the stats, you're hiring what kind of positions, give a plug to the company. >> So, Elevate Security, we're three years old. We have raised ten million to date. We're based in both Berkeley and Montreal and we're hiring sales reps on the west coast, a security product manager and any engineering talent really focused on building an awesome data warehouse infrastructure. So, please check out our website, www.elevatesecurity.com/careers for jobs. >> Two hot engineering markets, Berkeley I see poaching out of Cal, and also Montreal, >> Montreal, McGill and Monterey. >> You got that whole top belt of computer science up in Canada. >> Yeah. >> Well, congratulations. Thanks for coming on theCUBE, sharing your story. >> Thank you. >> Security kind of giving the next generation all kinds of new opportunities to make security better. Some CUBE coverage here in San Francisco, at the Moscone Center. I'm John Furrier, we'll be right back after this break. (upbeat music)

>> Announcer: Live from Boston, Massachusetts. It's theCUBE, covering IFS World Conference 2019. Brought to you by IFS. >> We're back at IFS World 2019 from the Hynes Convention Center in Boston. I'm Dave Volonte, with my co-host, Paul Gillen. You're watching theCUBE, the leader in live tech coverage. We go out to the events, we extract the signal from the noise, get the best guest, Christian Peterson is here. He's the chief product officer at IFS. Christian, great to see you. >> All right, thank you very much. Happy to be here. >> Your first IFS World Conference, so ... >> It is mine ... >> Mine too, so ... >> Yeah, I'm happy to be here. It's just like getting an injection of customer input and feedback in a very short amount of time So, that's uh, that's awesome. I really love it. >> Yeah, these events are great to connect with customers its one to many conversations. But, give us a sense of your background and why you were attracted to IFS. Why did you join? >> Well from a background perspective, I've always been in the effects of business and technology and uh, you know my passion has always been what we can actually do with technology for businesses to innovate, to differentiate, to do new things to automate things. Really, really a strong believer in the promise of software. Because that's what software is all about. Um, so, um, I have a past with Starbucks, I've started ELP companies, I've been with Microsoft. Uh, for fifteen, sixteen years. Um, have been with SAP for a number of years. So I joined, I joined IFS last year, um, really because of the transformation and the uh, the journey I just was on and the passion that IFS has always had for the customers. And the outcomes we've created for customers. It's just a perfect environment to, to uh to realize the dream of providing value to customers, outcomes for customers, and leveraging technology in the process. >> Yeah, so see you're a challenger, hashtag for the challenger. A hashtag is started. >> Really, really I mean you were at the giant uh, SAP and going to a smaller, not much smaller, but a smaller company, What were they doing that you thought that excited you so much? >> Well the exciting thing again is the focus on the customer and the close proximity to customers in everything I.. >> Wouldn't SAP, sorry to interrupt, wouldn't SAP be the same thing though? >> Let me just, let me put it this way, I went to IFS because I (intelligible) really, really brilliantly. So, is that a, is that a nice way of saying it. (laughter) >> (laughing) Okay. >> So were here for your keynote today you sort of laid out a roadmap, a little vision uh, talked a little bit about digital transformation. But, I wanted to talk about, the, you made a big big emphasis on your API platform. Open API's, embracing that, uh its been somewhat a criticism of you guys in the past. And so, maybe it's a response to that or a response to customers, but why the platform, why, to explain it, its importance and how it fits into your roadmap going forward. >> Well the API enablement is important for many different perspectives. First of all, we use API's ourselves. To create user experiences and drive a lot of the innovation where they are merging technology and so forth. That's one aspect of it. So just for our own, our own level of innovation and the pace at which we can innovate with, going forward on the API platform, is, is, is is dramatic. The second area is really again back to the digital transformation that customers are really driving out there um, a lot of that involves, um, really most companies becoming software companies themselves. So now we have a lot of our customers that actually have developers, they're writing software they're driving new offerings to their customers. And to get value out of these offerings for their customers They really need to get access to a a lot of the capabilites that lives inside of the IFS models. They need to get access to data, to get access to processes because, on of the keys in digital transformation regardless in what shape or form it comes is, you need data, you need massive amounts of data. And you need data from within your firewall you need data from third party, and you need structure data all structure data. And participating in that world is absolutely essential that you have that open API philosophy where you expose yourself and your own data and API's. But, also so we can turn the other way and we can consume data and API's from others so we can create similar scenarios. So it's really about being apart of the ecosystem of, uh, of technologies and solutions that customers rely on. And that's why we joined also, the open API foundation. >> You also demonstrated this morning, uh Orena, your new customer experience platform. Talk about what that is and why it's important. >> Well, so it's, it's important of course again because we, um, um, we have this generational shift in people that are coming into the workforce that expect and want to work differently. And, um, if you think about how people actually work, to do and get things done today, or think about ourselves. Now, we're no spring chickens anymore, right, we've been around... >> Speak for yourself. >> We've seen DOS, we've seen DOS systems. >> Yeah my hand went up in the 3.1 question. >> When the three point, did you put the mouse on the screen as well? (laughing) I've literally seen that. So we've been through that, but the people we are getting into the workforce now they have a different mentality. They are not thinking about what they do. Like, we are thinking about, "how does the system work?" "Where do I click? Where do I go next?" The intuition that people now apply to the system when they start working with them, the systems just have to reflect that intuition. It has to be intuitive, it has to be immersive as well. And the immersive part is really based on what the users see, what they do. The contextual information, the contextual intelligence they get in the context of what they do should want them to do more. Because they can, so they get dragged in and the new type of users, they just have that natural intuition, because that's how you browse the web. You go to one place on the web, go to the next thing, You get inspired by this, you go there. And there's no reason why the systems that you get your work done, why they shouldn't be the exact same thing. Orena is a huge step in that direction, together with our mobile enablement on multiple form factors and devices. >> So you, you mentioned you know saw everybody's becoming a software company, every company is becoming, you've been in the software business for awhile you work for a software company now. You're talking about Orena, you're talking about API integration, I showed you our software. My point is, software is hard. (laughs) There's a talent war for employees, we talked about that off camera. Um, so, as you see these companies digitally transforming, becoming software companies, Mark Endrese's, "software is eating the world", Mark Beneoff, "Everybody is becoming a software company", How are they doing? And what role can you play, IFS, in terms of helping them become a software company. Because it's, it's so damn difficult. >> Yeah, I think that the role of being a software company I think the absolute differentiation they want to create through software and differentiate the offerings or other things that they really want to do, We can't really help them there, because they're differentiated. Like if you're differentiated, you can't find something standard and use for that. But we can enable it and um, as we're looking at it, a lot of the emerging technologies that we can enable them with to achieve it, that's a number of things we can do. And, we are introducing a notion of an application, of application services here, where we really, enable these emerging technologies in the context of what we do. So, while you hear about technologies or augmented realities, mixed realities, artificial intelligence and robotics and IOT and artificial intelligence, all the stuff that you have, we take that and put into context of the focus industries that we focus on and the solution categories that we focus on. So EAP, enterprise asset management, service management. And in that way our customers can focus on what they actually need to do with it, versus focus on the, on the technologies. >> And the API platform allows those customers to, whatever the build to integrate to their ERP system if in fact... >> That's correct, that's correct. And as I mentioned, we also use API's not only on the front end of what we provide and expose all we have, but we also consume on the back end. So the way we actually consume the application services and drag them in and embed them is through API, these application services. >> I understand you're working on an entirely new architecture that you will be debuting in the spring of 2020. How is that going to change the game? >> We don't really think about it as a new architecture. We think about it as a natural evolution that includes some of these things. Uh, so for instance, the introducing, uh the introduction of the application services layer that I mentioned, is more a new layer in our architecture that we introduced. So we don't think about it as a new architecture, we're just evolving what we have. And because of that evolution, that is something that our entire product portfolio will benefit from. Um, and, I already mentioned today how we are aligning the product portfolio from an experience perspective. We are bringing the arena experience through our FSM product to our um, PSO product, to our customer engagement product and so forth. So we are aligning that front end experience on the same design patterns, so forth, because you know, a good experience is a good user experience. >> You talk about Orena bot and this, this gentleman here, who's given us this talk, just through out a gardner status. That, that by, I don't know, by whatever year 2023, uh, more money will be spent on bots than mobile integration. Which is, you know, quite a prediction. Your thoughts. >> Well, I, you know, there's, there's always all kinds of interesting predictions. I think actually, um, I actually think, um, there, amount of money may go down but I think the number of bots will go up dramatically. And, I think we will actually get to a situation where, bots will be creating bots. (laughs) Right? So, That's when you get, when we talk about intelligent and autonomous systems, I really believe it. Because there is no reason why we should not begin to see autonomy in software. >> Dave: Right. >> Um, we see it, uh, I use the example this morning, that we put our lives in the hands of technology everyday, when you go in your car and you use adaptor to cruise to control, you're trusting technology. Like, when you are driving your Tesla. I mean there was an example in San Francisco, uh, I think, uh, in December last year, where the police had been following a driver for 17 miles. And the car wouldn't stop because it was driving itself, and the driver was sleeping. So, they had to, they had to, you know, call up Tesla and say like how can we manipulate this technology so the car actually stops, so the police gradually got the car to stop. And, uh, you know, finally the guy woke up and uh, he'd probably had one too many. But he claimed he wasn't driving, so they shouldn't charge him, but, they did. (laughter) >> Of course, yes. Well bots are getting better, but I still, I still often know when I'm talking to a bot, but it's getting better, wouldn't you say? >> Christian: Yeah, it's getting reallly good. >> Paul: I know, last year I was completely fooled by a fundraising bot. But, I got a phone call from a bot that I spoke to for ninety seconds before realizing it was a bot. (laughter) So it's, its getting pretty good. As you look at, at the technology that excites you, about what you're bringing with your product, you talked a lot this morning about different kinds of technology and how you want to be a leader. What technologies excite you the most about the markets you are serving? >> I tell you what excites me the most is to work through the different levels of, of, uh, digital transformation that I talked about. I'm excited about the reflection between businesses and technology. I'm excited about the reflections between people and experiences, and I'm excited about the reflections between automation and efficiency. We have a lot of technology at our hands, That can help us achieve these different things. But, at the end of the day, it's the outcomes that matter. The technologies are exciting and you know, I can get super geeky about a lot of different technologies. But if it doesn't relate to any, any, not technical vision of product, but any business vision you have on what you actually want to do with it as a business, then I think it becomes dangerous. But, of course we have our geek sessions, where we geek out on all these different things. But, we try to separate that from when we actually, uh, you know, designing and building things directly into the product. But we need the geek sessions to get inspired. And understand what is available, so we can put it in the context of what our customers need today and also what they'll be needing in the future. >> Since you have some decent observation space and digital transformation, I want to ask a question. Uh, uh, our partner ETR, they have a data platform. And I was down in New York last week just talking to them and, one of the theories is, is so spending is starting to slow down a little bit overall on the macro. One of the theories is that digital transformation in the last two years, there's been a lot of experimentation. So a lot of try and, you know, everything. And now they're going into the production with, with what they, what they feel will delivery business value. And two things are happening is their premise. One is, they're narrowing down the focus on new technologies and make, making bets for all the disruptive technologies. The other is, a lot of the legacy stuff, they are pulling out. Saying, "okay, we're moving on." Um, are you seeing that, are you seeing this sort of... That, the bell weathers anyway going heavy now into production with digital transformation. What are you seeing? >> I think its a progression. >> Dave: Uh huh. >> I think it's scenario based. I don't see, I don't see companies making like, an all out bet from one day to another. >> Dave: Just mixed. >> It's mixed and I think you need to take a cautious approach because, you know, you don't, you... When you're in the technology world, you don't always get it right in the first go, we certainly don't get it right, the first time all the time, right? So, often times its important to get something out there. Learn from it, innovate, fail fast sometimes. Um, the worst thing you can do is not acknowledge when you have mad a mistake, And I think that is a risk that some companies also, bear with digital transformation is... If you need to adjust what you, what you thought was the right thing to do, make the adjustment as quickly as possible. >> Dave: You talked in your keynote about tailoring solutions and I want to understand your philosophy. How dogmatic are you, uh, uh, about, uh, not making customizations versus allowing your customers to make those, those tailored? And, and how do you manage that from a, you know cloud and SaaS delivery, evergreen, I think you call it stand point? >> Christian: We, we, absolutely believe that customers should have solutions that match exactly what they need and so forth. We also heard from stage today that, a good philosophy, I really subscribe to that philosophy, that if you're doing things that, you know, is not really differentiating you as a company or something just use a standard process. Why do something custom if it doesn't mean anything. Then you can adjust your processes to that. But if you have things that really differentiate you as a company, you obviously want to have the technology that supports that. And since that is differentiated, you're not likely to have a standard package file. So in that process, what we need to enable is, we need to enable these scenarios where you can extend, uh, we call it extend on the inside, extend on the outside, but you can achieve what you want but, do it in a way where, you do it in a declarative way. Not by creating or modifying code. So instead we want to make sure that our, the code that we have, that is part of the standard product, can actually interpret declarative code. And that means when we have upgrades and all that stuff, we upgrade the core but the declarative code that the customer has that is, specific to them, remains there and stays there. >> Dave: And that's why the API platform is critical. >> Paul: Right. >> You said no product will be announced or shipped without API enablement, period the end. >> That's correct, We can not because, we can not create a use of front end to anything that doesn't, that isn't API enabled. So, it's very simple. >> Paul: That's a modern architecture. I am curious about you said that one of the reasons that you're at IFS is because it's so customer focused. What is it that this company does differently from companies you've worked at in the past, that exemplifies that customer focus? >> Christian: I think it goes deep um, not only into the culture but also how we actually have people in, all the way in to the individual development teams. Um, I've been in other software companies and the development teams you have developers, you have QA's, you have, you know...testers, you have, you know... Programming just to write the specifications, so forth. We actually have industry solution specialists embedded into the development teams. So, we are, we are, probably our own, you know, worst critic um, and of course then working hand and hand with customers in their processes is essential. But again, if we don't provide the out...if we don't provide the value and the output from what we create for our customers, then it's worth nothing. And that's really the philosophy. If we do not provide value, technology means nothing. >> Dave: So the intersection of domain expertise and software development. Uh Chris, the last question is sort of, what do you hope to get out of this event? Things that you hope to, to take away, or learn or convey to your customers? >> Well I always, I always, look to get feedback. I'm a sucker for feedback and input and learning. Uh, so first of all, I can't wait to walk the expo floor here and really see what all our partners are bringing to the table of innovation. Because they're doing amazing things, so I always enjoy spending a few hours on the, on the expo floor. In the process, get to meet a lot of people, uh and then during the sessions if we can or I'll always end any presentation with an email address. Any, anybody, any customer, any partner will always be able to email me, uh directly, and I, you know... Sometimes a little hard to keep up, but I will respond to every single request. >> Dave: Feedback is a gift. Christian, thanks so much for coming on theCUBE, it was great to see ya. >> Thank you. >> Alright, thank you very much. >> Alright, thank you for watching everybody. Keep it right there, we'll be back with our next guest. We're at IFS World, Boston. You're watching theCUBE. (upbeat music)

>> live from San Francisco, celebrating 10 years of high tech coverage. It's the Cube covering Veum World 2019. Brought to you by VM Wear and its ecosystem partners. >> Welcome back, everyone. Live Cube coverage here in San Francisco, California Mosconi North were in the lobby for VM World 2019. I'm John for a day. Volante are 10 years covering VM World's been exciting, Dave, and we've watched all the changes and our next guest is going to illuminate all the benefits at the top of the stack, as I call the end user experience. Shaker Ire, Who's the V S v. P. And general manager End User Computing within VM, where what that means is, he takes care of all the stuff that we're virtualization creates those efficiencies. I think what Palmer's just called end user computing still, but they still have that name back then, if I remember correctly, >> yeah, you >> know the name is stuck because it's ah, it's sort of income, passes all the technologies and uses use right as digital interface is. So that's why it's and use the computing. It's any digital interface that anybody at work uses. Now, the interesting thing is people don't work in an office anymore, and the interface is no longer just a laptop. >> Well, I want to get into some stupid questions around the work environment cause whether you working at a cafe or at home is all kinds of security issues. Also, user experiences. Collaboration software. But let's first get the news out of the way. Digital work, Space news What's the What's going on? The show? What you guys announcing? Yeah, so >> before we get to >> the news that we met me, frame it up a little bit right? Because when you think about organizations today, especially with the changing demographics, where they're going in terms of new devices, the mobility phenomenon, right, the transformation they're going through in terms of just their own cloud and APS and so on, right it. Every every one of those things effects employees, right. And at the end of the day, you know what organizations want is for the employees to have a great experience all the way, as we call it from higher to retire. Not to do that, you know you need a platform because I can just give you a pretty apt running in the laptop and say, Great, that's That's the end of the employees experience, right? It's fundamentally transforming the own whole environment. That's why it's still retains its term and use the computing. And to do that, you have to hit at least three facets, right? One is, of course, How do you deliver a great experience for the employees where they can get any app, any device, anywhere, any form? Anyway, that's one aspect of it. The second aspect of it is from a nightie standpoint. I've gotta manage all this complexity, right, and it's only growing. It's not shrinking with all the head virginity, so there's a management angle of it, and then the tone angle of it is, you know, security. As you pointed out, right security so important. In fact, what you users want is they don't want any security driven compromises. What is an example of security, even compromise, that I have to go through three passwords because he simply don't trust me? Heck, figure it out. Is what the user's Saito I t especially the millennials. Right. So s So you gotta address that. So the platform that we have workspace one actually addresses all three So we have innovations today and news in all three areas, right? So it's an example. Employ experiences, something we've been driving with enterprises and corporations for at least two years. Now we've upped the ante. We have now introducing a virtual assistant that employees can use either through voice or text to essentially ask questions. Hey, what's how do I get into WiFi? What's my employee directory? Um, you know who I go to first? You know this and that, right? As employed onboard the organization. Those examples of virtual assistant can do it. So we released the virtual assistant. That's a big piece of news in the employ experience. Sadie. Another big piece of news is we are introducing a tech preview of what we call digital employees experience management, which means I t now has a user expedient score that they can look at and say, Hey, is David getting a great expedience? No, it's poor, and I can die right in. I can find out the root cause I can fix the issue, and I could do that automatically. >> KP eyes can come out of that right? Absolutely serviceability. >> Absolutely. And I think you know, I've talked to many Cee Io's and we you know, we drive works based one and they for awhile sort of told me, Hey, this is all good. But >> I don't know how I'm doing all my >> doing with respect to, you know, your best best customer. Um, I ahead and behind and far behind. So this really helps them. >> Here. Let me ask the questions. That's a good point I want because this gets down to the heart of the issue. What is the top requests that you're getting from your customers or top two or three features? That pattern that continued comes back from your customer base when it comes to end user computing. These the experience, >> it spends all three things, right? So the first thing is, they're saying, Listen, I want to be able to deliver a great employee experience some, you know, help me do that. Helping measure and make sure I know what journey, Eman That's one right. Second is I've got to set virginity. I've got this complexity of God. You know, I always phones. I've got android tablets. I've got a you know, Dell laptop. I've got a Mac book. I've got you know a rugged device. I've got some work space I ot devices like printers and ex sector X factor. I've got this head virginity. Just help me manage this complexity in a sort of a unified, seamless, uniform way. Right? And third is help me secure my enterprise. So there's a whole model emerging called zero Trust. Where in the old world, what you do is you just build a huge wall around the enterprise, right? A pedometer, and say I'm inside the wall. I need to be domain joined on that inside the fire world. Therefore, I'm good. I mean, you got to throw that out of the window anymore. >> Doesn't exist in your model, because if a millennial or workaround working at home, that means every single i p device on my network potentially a compromise point. >> Correct. So you have You have to start with that device never ought to be trusted. And every network is hostile, right? If you start out for that reminds, then you build trust over time, right? And how do you build trust? You first say you leverage user identity, You say Okay, Davis who he is, right? And so that becomes an identity. You say this device is trusted or partially trusted. So one of the things we're announcing its part of innovations today is what we call workspace to risk analytic, which means we're able to provide a risk or write for the device. And we can say, Hey, this device is a risk on a score of 1 to 10 of eight, which means I can mostly trust it. Maybe you don't trust the sensitive apse. So therefore, a block access to the most sensitive apse, right? So use a combination of different things. They use things like NSX micro segmentation to your point about how we build on the Via Mary Stack. The carbon black acquisition is phenomenal because it gives us that intelligence. So collectively, we're able to sort of implement the zero trust model. Right. So >> those are the >> three main topics, right? Is employed expedience, unified management and zero trust security are really, really >> important. I want to ask you about your tenure, gm, where coincided with the air watch expedition. And prior to that event theme, we're struggled in this space. Ana Citrix dominated your pre Gerald. You know, your former company kind of fumbling around in air watch now. Air watch, if I recall correctly from wrong was not like the number one player. Just like people are saying carbon blacks, not the number one player. Absolutely. And then you get into the VM where flywheel effect or Sanjay Putin came in and it was great leader. But I wonder if you could sort of describe the ascendancy of the end user computing business at at VM wear. And I'm curious you mentioned carbon black and you kind of replicate that with our end point cloud security, peace. There's obviously a security use case. You clearly just described it, but take us back to >> great, great, great question. So actually, I joined right when literally, maybe a month before the air watch acquisition. Right then. So a Sandy and I and the rest of the team sort of worked this. We said, Hey, listen, a watch is a phenomenal sort of mobile management and security player. We had a very good product and horizon VD I, but it was a little bit isolated, and there were others, like, say, tricks that are sort of motor head in that space. So what? The first thing we did is we have three assets. Actually, the third I said what we had a Fed rated identity asset that we had purchase, but not leverage. So we said he know what the identity really has to get coupled with. You know, the death star pulled the mobile world, so we actually took these three piece parts and started integrating it as he started integrating it. We said, You know, this actually forms a very interesting work space, and we said It's a digital work space to be sort of coined that term and started to really tight together. The experience is a user would have, whether they were in a mobile device, a physical desktop or a virtual desktop right and made that seamless. So that's when the work's based one app was born and this was probably around the 2015 time frame. So we started releasing it, and then we started to stitching together basically all the back and integrations, right, So out >> of >> this out of that was born a workspace. And so, in 2016 with the momentum of the workspace, desktop business came back because now it had it been on. We've done a lot of work on the desktop businesses. Well, we made it very competitive with Citrix. We bought volumes. We integrated that we made it actually the best media solution. The markets, with a tremendous traction by itself in the horizon space and then integrating it works with people, said You know what, I need to get that workspace. And why am I dealing with Citrix this horizon solution within workspace in a more than salts my problem. In fact, it's better in certain areas. So that sort of got momentum going around that we really built that workspace momentum. And that was, I would say, till about 2016 or so. And then we saw these three things coming up. One is Hey, employees, experience matters. We really started pouring effort into the employees experience from, you know, day one day two and beyond. And then recently, including this show, we added divided sort of Day zero and then the off boarding pieces. Well, so employees experience became sort of the lightning rod for why somebody would adopt this workspace one platform which were built by then, right, and then we added on this ability to do modern management, especially on Windows and Mac, which was really starting to take off last year completely. Darden rounded out that portfolio and handsome capability, and then we added Now zero trust model, which is which is now sort of bolstered by the acquisition of carbon black. So you can see this a set off cascading talk, full moves. But we did it in a way where, you know, it was really truly integrated. So when as we come out with carbon black now, one of the most interesting things is right when carbon black comes into the fold, we've already done the integration. We're actually going to show it on my keynote right after this, right? We're actually showing the integration between workspace one intelligence and carbon backs You There you have it. You already have an asset that's completely integrated. >> So the risk or is interesting to me as well, so as endpoint security, because much, much more importantly, no fishing is you know, the big way that people get give up credentials. Does >> any of >> this seep into machines and I ot and edge? >> Yeah, and fabulous question. >> Wonder if you could come. >> Absolutely. I think listen, be if you think about risk oars and if >> you think about >> risks at large and devices they've been largely and Windows devices and not to and blame it on Windows, I think they might accept in a fabulous job of sort of progressing windows. But by far it's the most used operating system in the enterprise, right? But Mobile is getting used there. There, you know, it's starting to make a huge starting take a large part of the real estate of the enterprise. So I think we have a unique opportunity now through the data we collect on mobile devices with workspace one using the underlying air watch technology coupled with some of the, um, you know, data that, you know, data analytics tools we have in the carbon black cloud and the way they do sort of threat analysis and, uh, and determine potential attack vectors. We have an opportunity to leverage that intelligence. And that day, the lake and that technology, coupled with the data, we have to really now build a broader sort of threat surface understanding across multiple devices, and eventually that goes into a I ot. Right. So we're actually going to be working with some of the other technologies we have in Wimmer called Paul's Right. Pulse is very interesting because they have the ability to speak multiple device protocols that nobody does. Okay, so we're gonna take advantage of them potentially to sort of be able to start to poke into devices that are attached to the office, but not quite attached to the office. In the sense they're not mainstream devices you and I would use. But indirectly, you may use it, right? So be able to sort of get a much broader view off a visibility of devices. Second is how to manage them through a combination of workspace, one impulse and third, to get the data so that we can feed it into this federated cloud of workspace one intelligence and carbon black to understand the risk. And that way you have this three prom thing, right? I >> wanna ask you a personal question. Pat gal singer was very prolific this week again. Props of in social Media, Mojo doing a selfie on stage with Craig. Job ate up. Yeah, um, doing a little morning thing, telling people how he prepares for his keynote. Yeah. So how do you prepare for your keynote. Do you like, give it for a M and hit the gym and get a job coming up right after this interview? >> I do. I I I'm not fat. That's incredibly disciplined, I think. I think it's been waking up at 4 a.m. for a long time, so I'm not that much of an early bird. But I prepare because, you know, I've been involved in the construction of the keynote. So for me, it's, um, be started work on this, probably about three months ago, because the story came together. It's very natural to me. Just like you asked me the question. You know, tell me about the evolution. It's just a very natural thing because, like telling you >> on relevant story, not just beady eye. Yeah, it's so much more now. >> It's so much more And, you know, and I've lived through this and I participated in most of the decision making, so, you know, when my head of product marketing company said, Hey, what should we do with the keynote? I said, You know, I have the storyline in mind, right? And sit on the same three or four pillars I'm talking to you about, right? How do we tell the story to the audience about what is the platform? Why should they sort of bet on it? How did they sort of deploy it, show them some real world examples and then basically sprinkling all the innovations? That sounds exciting. So? So because of that story lines always being in my head. So it's not that hard. It's just sometimes you just need to sort of a CZ. You're unstable. >> You're preparing Saul, you're part of Yeah, I was handing it to you. Nobody related it. So >> for me, I think it's just sometimes just rehearsing some of the key parts. And then, of course, the visual cues. And they >> want to slam home the big point. They go. You know, I've been looking at your career. You have to check your technologies, but also, you're pretty much been a product leader. Yeah, and your career definite. So I gotta ask you around from the big movements in the innocent. Like your perspective as a participant. This was a product leaders Well, executive in there and done that. Amazon introduced their first conference around cloud security called reinforces. Here we get Cube coverage there. It was interesting because it wasn't like a typical security conference like black hat. Definitely on our say wasn't so much I t is really about cloud security. And so Dave and I were speculating like, this is the first cloud security show. I mean, dedicated to kind of cloud security didn't say cloud security, but essentially, cloud security. >> What is >> your take on the cloud security? Because a >> little bit >> of a different view, little bit architectural change. If you gotta have the on premises, you're gonna have the cloud if things any working together, some things you're doing and security quite frankly, around isolation to, you know, working in in any environment. You're that year in the middle of it all. >> Yeah. >> What is cloud >> security and why I have a conference isn't relevant with your thoughts. >> That's a >> great question. I think you know, you see many of these trends, I think, you know, listen, many of these conferences, they provoke their thought provoking, so it forces you to think right? So when I think about cloud security now, traditionally when you think about cloud security, you would think about technologies like Cass be light cloud access service broker. You would think about encryption to means much more than I do >> all the usual stuff in the back. If he's there, other people are there. But no. >> Yeah, I mean more than my coffee. I think you know you. It's sort of you think of the the the NL unlocked to cloud securities Data center security where you think of the sort of Amazon cloud living in Amazon Data Center. And, you know, how can we protect the, you know, the data and the egress access into those cloud and in the same technology sort of apply, but to your point that you sort of just touched upon its That cloud is not living in isolation. First of all, that Amazon Cloud is connected to a whole bunch of, you know, applications that are still sitting in the data center. Right. So they were not there. Potentially not moving the Oracle database today isn't there moving some workloads to the cloud, right? That's what most most companies are. Hey, guess what? There's all these end points of the connecting the connecting both the data center in the cloud. You're not gonna proxy to the cloud to get to the data center. So there's gateways. So do me. Cloud security can't be an isolated, you know, sort of technology that companies have to sort of think about now is there Is there opportunity to leverage the cloud to manage security better and get visibility in the security environment to do security? Analytics? Absolutely. So I think to me, that's where it's going. Because security, I think, has been proven, is no longer. You know, the one sing single thing. It's just you have to do multiple things. Every time I go talk to CSO's, they tell me they got this technology. I said, Hey, wait a minute. You you have 20. Did you cut down any yet? We've got down a few, but you know, they're just nervous about cutting down too much. Because of that one piece of software >> insurance policy. They're insecure. >> They cut to the added four, >> another tool. Bullshit. I think I think the architecture will get simpler because it's way too complex, but the same time I think you have to. There's no sustenance, cloud security and network security or endpoint security, and >> maybe there's a whole new group emerging within VM where that you could add to your repertoire en Pointe computing group your end user computing. Why don't have endpoint computing? That's >> what you're holding >> is you know is all about what do we need to do for the user? Both as I t and the end user? Okay. And now he now folks like hr and so on, the securities has to be built into it, right? So much like that. I think when you go build our data centers are the public cloud and build this hybrid clouds, security is to be built into that as >> well. We'll shake our thanks for coming on and sharing your insights. A super important area. We're gonna be covering this. This is cloud to point of this end user computing. This is where the edge of the network is. That's where the people are. They are part of the edge. A thin part of the edge of a big part of the edge. You're gonna be in the middle of it will be following the attraction. Thanks for coming on. You So much for having me having played Cuba, Cuba live here in San Francisco on chopper develop the state tune from or we have two sets. Three days of wall to wall coverage, worldly in day one. Stay with us. We gotta have Michael Dell. Pat Nelson. Come on Tomorrow and a lot more guests coming onto. They stay with us. We'll be right back.

live from San Francisco it's the cube covering Google cloud next 19 taught to you by Google cloud and its ecosystem partners hello everyone welcome back to the cubes live coverage here in San Francisco the Moscone Center for the Google clouds conference is called Google next 2019 I'm Chevrolet my costume in omim de Ville ante is also here doing interviews our next guest is probably Bob who's the VP of product and design for server lists at Google probably great to see you thanks for coming on thank you for having me so you'd be a you're the VP of Product you got the keys to the kingdom on the roadmap you're seeing all the announcements obviously server lists cloud run was announced cloud code was mentioned on stage that's going to come out tomorrow so code build run this is DevOps this is actually happening yeah you know what super exciting is that we've we're finally solving the problem for customers and taking a customer centric view of this I'll start off with a little bit of the journey we took to get here right as we were talking to customers they kept coming back to three things that they wanted from us the first thing they wanted was agility they understand that you know cloud could give them great cost savings but they also wanted to be able to move faster and innovate right the second bit they wanted was having the flexibility to be hybrid and multi-cloud super important especially to our largest customers and then the third piece was they've really struggled with his journey to cloud and they wanted our partnership to make it a much more seamless and non-deceptive journey so as we talk to them about these three things right we came back to the drawing board and said hey what are the products that we can build to make their journey to be more cloud native and more agile much more seamless and future-proofed that much better right so we came back to the drawing board and came up with three products that you talked about this now the first was we looked at developers and their journeys and we said look they're building in traditional ideas like IntelliJ or vs code optimized for local development right and they're not writing a lick of Yama they're right for kubernetes and we said okay how can we take those environments and help those development teams build cloud native apps really really easily so really just turbocharging their cloud native development so bill cloud code which extends their local ids and lets them deploy to remote clusters so they can get full debugging full deployment building its integrated in the cloud build and they get the full kubernetes a development environment right in place so cloud build was released earlier you got enhancements of that so news the hard news here is enhancements to cloud build cloud code as new announce here yeah cloud run announced today that's right so this is the new this is the new hard news that's right so bottom line what does it mean for a developer so like I didn't enterprise so I'm a cio I'm a site C so I'm gonna be putting all my eggs in the cloud basket I've still gonna run the on Prem day is gonna be critical to my strategy it's this early day set up time or are you guys thinking it's more about the setup or more the life cycle of CI CD pipelining all the way to application deployment a great question John so I think where we are in this journey is that enterprises have started off with something that's the most basic cloud ready workloads that have been lifted and shifted we now see the next wave of workloads this is the 80% of workloads that are still on premise we see them start to get cloud ready and cloud native and the way that their enterprises are gonna do that is by building on top of the standards we've created like kubernetes and sto and key native and what cloud cold and build and run and of course Anthes that we talked off this morning as well these are great managed solutions from Google fully managed solutions from Google that let you get cloud native fast all right Polly wonder if you can help us you know spin through I see a disconnect in the market so you know Google showed great leadership in the container space and of course kubernetes we came out of Google and when I look at like cloud run okay it's helping to connect that and Kay native to kubernetes in service when I talk to a lot of the developers and service it's not the infrastructure moving up the stack it's they didn't want to even think about it it's right built in the cloud that's right I focus on the application I don't even think about that so I've got this big gap as to you know on premises forget it I don't never want to touch it or think about it and you know the one of the reasons you know there's the term server list would put it to the side but now if I need one is this environment I don't want to think about it and we know hybrid is a reality but there's this big disconnect as to what kind of developer are you or you a DevOps person that came from an infrastructure background or are you just building apps today yeah yeah yeah we're definitely seeing that from our customers right so one thing that we hear all the time is developers don't want to just not think about infrastructure they actually want the managed service and the platform they're building on to think about the infrastructure and optimize it for them so it's not this program will infrastructure it it's cloud run programming the infrastructure for you so you don't have to do it and I think increasingly you're gonna see products like cloud run and anthos and cloud code let developers focus just on code because that's what they want to do right I don't ever seen a developer say I really want to write a Yama file or I want to set up more configuration parameters right so I think we're gonna get to the place where you have developers being able to focus on cold and all of the rest of this being taken care of by platforms like code and run and anthos automation becomes key I mean Jennifer Lynn's demo I thought was very game-changing because she made the comment developers can focus on their code and agility not access permissions and all the configuration management that goes on under the you guys gonna provide that in an automatic programmable way we're gonna believe he is and she kind of teased out service missions so service missions kind of point in the future which is app developers are gonna still need to be aware of maybe not aware of what cloud run how to manage those sirs as they come stand up and get pulled down dynamically yeah how do you view that because this has become a gonna become complex is that gonna be automated is that where cloud run comes in you expand on this whole impact of service meshes because that's the next level that's right that's right so if you think about key native it's built on kubernetes and it forms the kind of triad with sto as well right and what a product like cloud run does is it lets you not have to think about that because at the end of the day we don't want developers to have to think about K native what cloud run is it takes care of the K native portability and compatibility for you and all you do is focus on the code itself right so ultimately we want developers to focus on their applications but I will say this right we do care about another important constituent which is all of those folks who've already got an apps built out there can those workloads be serviced as well and that's part of the problem we're trying to solve it that's an operational thing all right so let's take a step back here so server list actually fanfare has been great we're seeing a lot of traction people are enamored by it because functions as a service has been very compelling whether it's retail managing you know that spiked loads and becomes we see some some use cases where it's like you know really an amazing thing where is it limiting what is the next level growth for server list where do you see you mention workloads and we see people deploying functions and being happy with it are there limitations with serverless how does it go to the next level can you take a minute to describe the current state of server lists and what's coming around the corner now so great question the first thing I'll say is that there's a ton of developers who come up to us every day and tell us cloud functions is awesome right and they really like functions as a service they like the event-driven approach to it they like the service full approach but several is provides love the programming model that's great but there's an another large contingent of developers who tell us look this is super constraining for what I want to do I don't get to choose the libraries I want you're forcing me into a particular programming model can you give me more flexibility and what they see every day is the flexibility that containers provide especially on kubernetes right and what we've tried to do with cloud run is try to bridge those worlds where you get all of the flexibility that you want right that you get with containers but then combine it with what what you really want with the operational model which is service right so you pay only for what you use and of course you get the agility of service as well now one thing that we've noticed heard some great stories about this is a customer of ours Veolia which is one of the early adopters of cloud run and they've been partnering with us we thank them for it they are running a complex workload you talked about retail what Veolia does is they're large French multinational they do energy water and environmental services these are things that need to be highly reliable very complex and these are workloads that have existed for ages right and what viola is doing is using cloud run to run that complex workload but in a service in a service full way running in a service fashion all right take a minute explain what's a complex workload for your definition what is a simple workload because guys again we love functions Stu and I always talk about how great it is but what's that what's the D mark line when when does something become complex by your standards where you guys are addressing they could think describe the characteristics of a complex workload so the first thing is does the workload require flexibility right meaning are their custom workloads sometimes even legacies C++ or C applications do they need to pull that functionality in as well right do they need to pull random artifacts from across the enterprise to combine it and sometimes these are things that have been built over 20 years ago they're really critical mission critical pieces of software that need to be able to trigger and run right and can we actually take that flexibility but also combine in with a highly reliable environment right so were close like New Orleans there is no downtime right they need to be up 24 by 7 for 365 days of the year right so that flexibility plus that level of reliability is what we look at when we look at complexes so you're getting into complex systems where you got some code may be written in a mainframe COBOL in C++ we mentioned that was my jamm what kind of old dating myself but that was state-of-the-art back in the 90s so I'm running an agile job maybe of standing up cloud native but I need a use software and data from a system that's where is that where the container piece comes that ku burning it on either kubernetes but cloud run also supports docker so let's say you're running it in a docker container all you need is a docker container image and we can host that workload on program yeah Polly help us understand where where Google kind of what what's the same one what's different compared to the other service offerings out there just what I've heard feedback the last year or two is you know the great thing about server list is it's really easy to get started I've talked to marketing people that have no coding background that you know can get off and running it but doing complex mission-critical stuff yeah like we understand you know there is no magic wand NIT no silver bullet to make it easy but you know what do you see as Google's role in in this broader marketplace and you know where does open-source fit into that too yeah yeah so first I'll start off by saying there's a whole host of functions that are running on cloud functions which are relatively lightweight simple targeted event-driven functions those work great where we see us really making a difference for our customers is in two ways the first is get these more complex workloads that are currently running in a container whether it's a docker container our and or on gke for that matter and bring the agility of service to those workloads so it's the first thing it's something that we think is very unique because combining containers with serverless the second bit really is the open approach we've taken right built on top of K native key native as you know has a number of partners so one of the cool demos that you'll see during during Google Cloud next is you'll see a workload being shifted from cloud run on gke to the IBM cloud IBM is one of our partners 4k native without a single line of code and that flexibility is something that I think customers really decided talk about the business pen and some of the benefits at the business level in a developer level at the operations level can you hit those three points yeah of serverless silikal server less on those three sectors what's the benefits yep so we talked about the benefits for developers for developers it's simply about agility focus on your own code don't worry about Gamal don't worry about ki native you don't have to worry about any of that we'll take care of it for you the second benefit that I'll talk about is again this is just a benefit for the CIO which is hey we're gonna give you the flexibility and the openness so you can have portability of your workloads across whatever and why are you environment you want whether it's on tram or in a cloud whether it's Google or another cloud that's the second benefit the third bit is all of the operational benefits of service one of the things you'll see us do and continue to commit to do is we'll bill you to the hundredth of a millisecond right and so you'll continue to get that with all of the resiliency you expect of Google infrastructure security also pretty much baked in as well security is big then there's a fully managed offering from Google and so you'll get security compliance policies all Big Data of course we watched the keynote and we watch every word from Koreans giving Diane green a little tip of the hat which was nice signal a lot of class a great respect for that but jennifer lynn said something i want to get your reaction to she was kind of talking about her thing doing a great demo he changing and when she said this would allow you to negotiate better contracts okay that might have been a slip of the tongue your reaction that that implied to me I took that and say whoa that means leverage shifts to the customer your thoughts and that kind of maybe a slip of the tongue but if you're saying that I couldn't have options and choice yes Janice pardon this is what customers want and at Google what we're focused on is giving customers what they want and one of the things that customers are worried about today is lock-in and especially in the server this area because the current offerings are so proprietary customers are worried about it because they want server lists for all the benefits offers that we talked about here but they do want that flexibility and that's what we negotiate actually we know Oracle is very strict on their cloud this is going to give customers the choice is the saying that's whoa you want a license renewal yeah that's what you're getting out here so Polly you talked about choice and flexibility you know kubernetes gives some of that concern with serverless is if I look at a sure if I look at AWS if I look at Kay native you know those three aren't the same I talked there there's a small start-up called trigger mesh that's getting Kay native to work with AWS lambda but do you see a future is there you know I've talked to the CMC F I've looked at some of the various pieces that you know serverless isn't just something that I'm baked into a cloud yeah look I think we've seen extraordinary momentum around Kay native it's very similar to what we had seen when in the early days of kubernetes this huge amount of ecosystem interest and so we'll see continued innovation where you'll see work load portability come to service and I'm confident in that because of all of the momentum we were seeing around Canada so we're committed at Google to K native and its success so you'll see us continue to innovate yeah talk about open source open source becomes a very strategic part you can Shin kubernetes which you guys were the that have the DNA the founding fathers of kubernetes now teams on the team went to vmware someone have Microsoft some stay within Google containers certainly we see what you guys have done when four against four J but open source still this fear of open source I mean I don't mean it in a way that it's going to be inhibited and primitive but support making sure s LA's work latency microservice is going to be involved you mentioned k- yeah so as open source accelerates the time then value for the code that also triggers this op side of the serviceability and reliability and support what's your thoughts on that how are you guys how do you see the industry supporting that that critical piece of the puzzle yeah could not be more critical right for customers to be able to adopt this because the number one thing that we need to do for customers is give them a managed offering that lets them not have to worry about security lets them not have to worry about compliance lets them not have to worry about policies or identity etc right bake all of that into the managed service and then the second operational bit is which is as important this goes to what Thomas talked about at the very end of his keynote which is the open source announcement is we want to make it simple for customers to adopt it will be supported by Google and the partner you'll get unified billing unified support and one person to call when you have a problem yeah Polly we're at an interesting point in open source today because they're they want to get your opinion as a product person and your relationship with open source because you know there's a certain cloud out there it's they're gonna give you open source as a managed service but you have some of the companies that are making like open source databases changing their policies to try to fight against just being you know taken over by somehow the big players how does Google react to that yeah for us the approach is all about partnership because we think together we can better serve customers needs and best serve them and so our approach has always been about partnership so whether it's kubernetes or key native or the larger manage store manager open source offerings that we talked about earlier in the keynote we want to bring all of these together so we can serve customers so you're gonna see us continue to like support the open source equals because we believe that innovation is absolutely critical to helping our customers really start innovated in be agile final question I know we're tight on time I want to get this in because you know I see a lot of positive I've come out of the show there's been some critical analysis around you've got to build up salespeople and all the field stuff which is you guys are well aware of but one of the things that was kind of teased out in the open source announcement was the role of Google having their own ecosystem Asli the C & C has been a big tailwind for Google you guys been a big part of that ecosystem as a cloud commercial provider and with these kinds of server list you're going to have an ecosystem starting to develop kind of a thousand flowers blooming pun intended so how do you see that in your area because this is going to be super important partnering ecosystem support yeah which is you know developer traction distribution of software integration opportunities that's why in monetization all kind of come together your thoughts huge hugely critical for us and that's something that we've been focused on we have a rich ecosystem of partners for service we're gonna continue to build it out across all of the different pieces you need one of the things we didn't talk much about was our entire operational stack monitoring logging all of those pieces right we need to bring all of those together along with all of our partners we have a big partnership with the likes of data dog right number of others so we're gonna continue to partner with the entire ecosystem so we can go solve the problems that they have are you guys gonna show them the white space where they can play is gonna be part of the strategy yeah so it's gonna be across the board you'll see us continue to support the key native ecosystem tremendously and like lean into that and we're already excited to see all the different offerings that are exist on key native same thing with kubernetes we're gonna continue to like press hard we've got on the operational side we've got an offering called open census it's got lots of traction again just open monitoring of applications so we're gonna continue to do that across the board yeah probably great to have you on vice president of product and design got the keys to the kingdom right here he's the who's running the show for the server list really the key part of how kubernetes really intersects old and new to create the next generation applications thanks for joining us and sharing the insight I'm Jeff forest do many men here live coverage Google next more coverage after this short break

>> Live from San Francisco, it's theCUBE, covering RSA Conference 2019. Brought to you by Forescout. >> Hey, welcome back everybody, Jeff Frick here with theCUBE. We're at RSA Conference in North America. The brand new reopened Moscone Center. They finally finished the remodel, which we're excited about, in the Forescout booth, and excited to have a returning Cube alum, I think we had him on last year at RSA, Dr. Chase Cunningham, principle analyst security and risk for Forester. >> Hey. >> Chase, great to see you again. >> Thanks for having me. >> So what's happened in the last year, since we last saw you? I'm sure you've been keeping busy, and running down lots of ... >> Yeah well, >> Crazy risk. >> It's been really pushing the sort of strategy set around zero trust. I mean if you look around the show floor, you can't go 75 feet without seeing somebody that's got zero trust on a booth, or hear it from somebody, so it's been really pushing that narrative and trying to get people to understand what we're talking about with it. >> And it's really important because it's a very different way of thinking about the world. >> Yeah. >> And you guys have been talking about it for a while. >> For a decade, basically. >> Right. >> Yeah. >> And then we've got all these new complexity that's thrown in that weren't there a decade ago. You've got IOT, you got OT, and then you've got hybrid cloud, right? 'cause everyone, well there's public cloud, but most big enterprises have some in the public cloud, some on their data center. So you've got these crazy hybrid environments; so how are you kind of adjusting the zero trust game, based on some of these new complexities? So really we flip the script a little bit and said, "Okay, if we were to try and fix this from the start, "where would we start?" And we'd obviously start around taking care of the the largest swath and sort of compromise area, which would probably start with users, followed closely by devices, because if we can take care of those two pieces, we can actually gain some ground and work our way going forward. If you've heard a lot of the stuff around micro-segmentation, our sort of approach to micro-segmentation means micro-segment everything. We mean users, accounts, devices, IOT, OT, wired, unwired, whatever it is, if you can apply control to it, and you can segment it away to gain ground, segment it. >> So how do you deal with the micro-segmentation? Because ultimately you could segment down to one, and then you haven't really accomplished much, right? >> Right, a network of one is no good, yeah. >> Exactly; so when you think about micro-segmentation architectures, how are you creating buckets? What are your logical buckets that you're putting things in? >> So really it should be based on the function that you're trying to allow to occur. If you look at the way we architected networks for the last 20-something years it's been around sort of use writ-large. What we're talking about micro-segmentation is, if I'm micro-segmenting devices, those devices should live in a micro-segment where devices do device stuff, and you can keep control of that, and you can see what's coming and leaving. Users should be segmented that way, networks, all of it should be built around function, rather than inter-operability. Inter-operability is a result of good micro-segmentation, not the other way around. >> Right, and that's interesting you say that, we're obviously, we're in the Forescout Booth, >> Yeah. >> and a big piece of what they're talking about is, identifying these devices, but then basically restricting their behavior to what they should be doing. So really following along in your zero trust philosophy. >> Well I said it last year, I'll say the same thing again, a key piece of this whole thing is knowing what's supposed to be occurring and being able to control it, and then respond to it. It's not really that we've changed the evolution of this whole thing, we've just looked at it a little more pragmatically, and applying fixes where you can actually start gaining ground. >> Right, and applying the fixes at all different points in the spectrum, as opposed to just trying to create that big giant wall and a moat. >> Well yeah, moving away from the perimeter model, like the perimeter model has categorically failed. Everyone around here seems to understand that that's a reality; and we're not saying you shouldn't have your defenses up, but your defenses should be much more granular and much more focused on the realities of what enables the business. >> Right, so I'm just curious to get your perspective, you've been doing this for a while, as you walk around the show floor here, and see so many vendors, and so many products, and so many solutions, and so many bright shiny objects; how do you make sense of it? How do you help you customers make sense of it? Because it's not a simple space, and I always just think of the poor CSO's, sitting there like "How am I supposed to absorb, "even just the inbound information "about knowing what's going on," much less get to the point of doing evaluation and making purchase decision and making implementation decision. >> So one of the things that we've been really pushing forward with is using virtualization solutions to build architectures, not PowerPoints, not drawing stuff on a whiteboard, like actually using virtualization to build virtual architectures, and test and design there. It's actually very similar to the way that we write applications, you iterate; you don't write an app and release it, and think you got it right and you're done, you write pieces of code, build the app, you iterate, you move on, because of virtualization, we can do the same thing with security tooling and with networks. So one of our major initiatives is pushing that capability set to our customers to say, "This is how you get there, and you design, "and then you build, and then you deploy," rather than, "Deploy it and hope you got it right." >> And know that it's not going to be right the first time you buy it, right? You just got to write a check and the problem goes away. >> And it's much better if you screw something up virtually to just nuke it and start over, than if you try and do it with a bunch of hardware that you can't actually rip and replace. >> That's interesting, right? 'Cause the digital twin concept has been around in the OT space for a long time. We talk to GE all the time and digital twin in terms of modeling behavior, and a turbine engine is something they've been talking about forever. At a healthcare conference they're talking about digital twinning people, which I thought was pretty interesting. >> Kind of creepy, but yeah >> Kind of creepy, but then you think, "Okay, so I can, "I can test medications, I can do these things," and to your point, if I screw it up, I'm screwing up the twin, I'm not necessarily screwing up the real thing. And you talked about in your last blog post, starting to create some of these environments and architectures to help people do some of this exploration. >> Yeah we launched our first one here at RSA on Tuesday night, we actually put out our own Forester branded virtual reference architecture; and the good thing is is the way that we're approaching it, we can actually have our clients build their own semblance of this, because something everybody forgets is, this is one of the few places where there are snowflakes, right? Everyone has their own individual build, so being able to have yours that you build, maybe different from mine, even though we both line with a strategic concept like zero trust. >> Right. >> So, we're building a library of those. >> So is the go to market on that that you've got an innovations space, and people do it within there? Or are you giving them the tools to build it on PRIM, how's the execution of it? >> So really it's about, we've published a lot of research that says, "This is the way to do it;" now we've got this platform and the capability to say, "This is where you can do it;" and then allowing them to go in there and follow that research to actually design and build it and see that it's actually do-able. >> Right, right; so as you're looking forward, 2019, I can't believe the calendar's flipped already to March. Crazy ... What are your top priorities? What're you working on as you go forward this calendar year? >> It's mostly about ground truth sort of use cases on this adoption of zero trust across the industry; and really getting people to understand that this is something that can be done. So we have write-ups going on customers that have deployed zero trust solutions; and sort of how they did it, why they did it, where they got benefit from, where they're going with it, because we remind people all the time that this a journey. This is not something I wake up in the morning, build a zero trust network, and walk away. This is multi-year in some cases. >> Well it's going multi-year forever right? Because the threats keep changing; and the thing I find really fascinating is that the value of what they're attacking is changing dramatically, right? It used to be maybe I just wanted to do some, crazy little hacks, or change a grade, maybe steal some money from your bank account; but now with some of the political stuff, and the state-sponsored stuff, there's a lot more complex and softer nuance information they the want to get for much softer nuanced objectives, so you're going to have to continue to reevaluate what needs to be locked in tighter and what needs to be less locked up, because you can't lock it all up to the same degree. >> Right, and it's really something that we remind our customers a lot on, that security is being done by the majority of organizations not because they actually want to do security, it's because security makes the customers have more faith and trust in you, they buy more stuff, your revenue goes up, and everyone benefits. >> Right. >> You know, some of these large organizations, they don't have SOC's and do security operations 'cause they want to be a security company, they're a company that has to do security to get more customers. >> Right, have they figured that out yet? The trust thing is such a big deal, and the Big Tech backlash that we're seeing that's going on. >> I had thought that they would have figure it out, but it comes up all the time, and you have to really wrap people's head around that you're not doing security because you think security is cool, or you need to do it, it's to get more customers to grow the business. This is a business enabler, not a tangential business thing. >> Right, it's such a high percentage of the interaction between a company and it's customers, or a company and it's suppliers, is electronic now anyway, whether it's via web browser or an API call, It's such an important piece 'cause that is the way people interact with companies now. They're not going to the bank branch too often. >> With the growth of GDPR and privacy and things like that, companies are being mandated by their clients, by their customers to be able to say, "How do you secure me?" And the business had better be able to answer that. >> Right right, but hopefully they're not, to your point, I thought you were going to say they're doing it for the compliance, but it's a lot more than just compliance, you shouldn't be doing it just for the compliance. >> Yeah, I mean I stand on the compliance is kind of a failed approach. If you chase compliance you will just be compliant. If you actually do security with a strategy in place you will achieve compliance; and that's the difference most people have to wrap their head around, but compliance is something you do, not something you strive to be. >> Love it, well Chase thanks for stopping by and sharing your insight and a lot of good work. Love keeping track of it, keeping an eye on the blog. >> Great, thanks for having me. >> All right, he's Chase, I'm Jeff, you're watching theCUBE, we're at the RSA conference in the Forescout Booth, thanks for watching, we'll see you next time. (low techno music)

(funky music) >> Live from San Francisco, it's theCube, covering RSA Conference 2019 brought to you by Forescout. >> Hey welcome back everybody Jeff Frick here with theCUBE. We're at the RSA Conference at downtown San Francisco Moscone Center, they finally finished the remodel. We're excited to be in the Forescout booth, we've never been in the Forescout booth before, psyched that they invited us in. But we've got an old time CUBE alumni and a special company in my heart, was my very first CUBE event ever was Splunk.conf 2012. >> I did not know that Jeff. >> Yeah so we're live. We have Doug Merritt on he's a CEO of Splunk. Doug great to see you. >> Thanks Jeff, good to see you again also. >> Yeah so we've been doing Splunk.conf since 2012. >> The early days. The Cosmo Hotel and it was pouring rain that week. >> That was the third year. >> Probably the third year? >> Second year, yeah long time ago, it's grown. >> 2012 wasn't that big but this is a crazy show. You've been coming here for a while. Security is such an important part of the Splunk value proposition, just general impressions of RSA as you've been here for a couple of days. >> Yeah, it's amazing to see how the show has grown over the years, security's gone from this, kind of backwater thing that a few weird people did in the corner, that only understood the cyber landscape, to something that boards care about now. And that, obviously has helped with this show, I don't know what the attendee numbers are like, but tens of thousands of people. >> Oh yeah. >> You can't walk down a hallway without bumping into 10 brand new companies that were launched in the past year, and the security space and make the biggest challenge people that I have, and I think that other people have is, how do you tell different, where's the wheat from the chaff? What is really important in security and how do you tell different companies and different trends apart, so you can actually focus on what matters? >> Right, I just feel for the seed-sows, right, I mean, you guys have a big ecosystem at .conf, but those are all kind of complimentary things around the core Splunk solution. This is, you've got co-opetition, competition, how does somebody navigate so many options? 'Cause at the end of the day you don't have unlimited resources, you don't have unlimited people to try to figure all these pieces of the puzzle out. >> Yeah, and the CSOs have got a really tough job, the average CSO has got well over a hundred different vendors you're dealing with, and with Splunk what we're very focused on, and where I think we add value is that we become, if done right, we become the abstraction layer that creates a brain and nervous system that allows all those different products, and all of them have got unique capabilities. When you think about the complexity of all the networking, all the compute, all the storage, all the end point landscapes that's only getting worse for the cloud, because now there's more services with more varieties across more cloud vendors. How do you get visibility on that? >> Right, right. >> And you need products at those different junctures, 'cause protect and prevent and defend is still an important function for CSOs, but when we know that you can't prevent everything. >> Right. >> And things will go wrong, how do you know that, that is actually occurring? And what the splunk value prop is, we are the, we don't have as much of a point of view on any one product, we aggregate data from all the products, which is why so many people are partners, and then help companies with both raw investigations, given that if something goes wrong with our schema less data structure, but then also with effective monitoring and analytics that's correlating data across those tens, hundreds or thousands of different technologies. So you can get a better feel for what are the patterns that make sense to pay attention to. >> I think you just gave me like 10 questions to ask just in that answer, you covered it all. 'Cause the other thing, you know, there's also IoT now and OT and all these connected devices so, you know the end points, the surface area, the throughput is only going up by orders of magnitude. >> Without a doubt. >> It's crazy. >> I saw some stats the other day that, globally at this point there's, I may get these off by one digit, but lets say there's 80,000 servers that are the backbone of the entire internet. There's already over 11 billion connected devices, going back to that IoT theme. So the ramifications at the edge and what that means are so profound and companies like Forescout, as a key partner of Splunk's, help make sure that you're aware of; what are all the different elements that are ever hitting my network in a way. And what do they look like and what, what should I be doing, as different things pop on and pop off and, again, we're trying to be the interpretation and brain layer for that, so that they are more and more intelligent to the actions they're taking, given their depth of domain, their deep knowledge of what a camera should look like, or what a windows PC should look like or what a firewall should look like given the configurations that are important to that company. >> Before we turned on the cameras you made an interesting comment. We used to talk about schema on read versus schema on write, that was the big, kind of big data theme, and you guys are sitting on a huge data flow, but you had a really kind of different take, because you never really know, even with schema on read it seems you know what the schema is but in today's changing environment you're not really sure what it is you're going to be looking for next right? And that can evolve and change over time, so you guys have kind of modified that approach a little bit. >> Yeah, I think we are this year you'll see us really reemphasizing that core of Splunk. That the reason you'd have an investigative lake, and I don't think most people know what a schema is period, much less read or write so my new terminology is hey you need a very thorough investigative lake. Going back to the discussion we were having, with so much surface area, so many network devices, so many servers, so many end points, what tool do you have that's reading in data from all of those, and they all are going to have crazy formats. The logs around those are not manageable. To say you can manage logs and centralize. Centralized logs I get, manage those words don't work together. >> Right. Logs are chaotic by nature, you're not going to manage them, you're not going to force every developer and every device to adhere to a certain data structure so it can neatly fit into your structured database. >> Right. >> It is too chaotic, but more importantly, even if you could you're going to miss a point, which is, once you structure data, you're limited with the types of questions you can ask, which means you had to visualize what the questions would be in the first place. In this chaotic environment you don't know what the questions going to be. The dynamics are changing way to quickly, so the investigative lake is truly, our index is not schematized in any way, so you can ask a million questions once versus a schematized data store where it is; I ask one question >> A million times. a million times. And that's super efficient for that, but, the uniqueness of Splunk is, the investigative lake is the fabric of what we do, and where I think our customers, almost have forgotten about Splunk is, read all that data in. I know we've got a volume based licensing model that we're working on customers, were working to solve that for you, that's not the, I'm not trying to get data in so that we can charge more, I'm trying to get data in so that everybody has got the capacity to investigate, 'cause we cannot fail in answering what, why, when, where, how, and stuff'll go wrong, if you can't answer that, man you're in big trouble. And then on top of that let's make sure you've got right monitoring capability, the right predictive analytics capability; and now with tools like Phantom, and we bought a company called victorOps, which is a beautiful collaboration tool, let's make sure you've got the right automation and action frameworks so that you can actually leverage peoples skills across the investigative, monitoring and analytical data stores that at Splunk we help with all four of those. >> Right, right, again, you touch on a lot of good stuff. We could go for hours but we don't have you all day. But I want to follow up on a couple of things, because one of the things that we hear over and over and over is the time to even know that you've been breached. The time to know that you have a problem, and again, by having all that data there you can now start adjusting your questions based on that way you now know. But I think what's even more kind of intriguing to me is, as nation states have become more active, as we've seen the politicalization of a lot of things, you know, what is valuable today is a much varied, much more varied answer than just tapping into a bank account or trying to steal credit card numbers. So it really supports, kind of this notion that you're saying, which you don't have a clue what the question is that you're going to need to ask tomorrow. So how do you make sure you're in a position, when you find out what the question is, that you can ask it? >> And that's the design architecture I like about splunk as a company is that our orientation is, if you're dealing with a world of chaos, allow that chaos to exist and then find the needles in the haystack, the meaning from that chaos, and then when you find the meaning, now you know that a monitor is worthwhile, because you've validated root cause and it exists. And when your monitor is kicked a few times, and you know it's legit, build a predictive routine, because you now know it's worth trying to predict, because you've seen this thing trip a number of times, which inverts the way that most people, that all of us were taught. Which is start with the end in mind, because garbage in equals garbage out, so be really thoughtful in what you want and then you can structure everything, it's like well, that's not the way the world works. What if the question we asked 15 years ago was, what if you couldn't start with the end in mind, what would you have to do? Well you'd have to have a schema less storage vehicle and a language that allows you to ask any question you want and get structure on the question, but then you still need a structure. So you're going to structure them one way or the other, how do you make sure you've got high quality structure, and in our dynamic landscape that's always going to change. >> Right, well the good news is 2020 next year so we'll all know everything right? >> Yeah, exactly. >> We'll have the hindsight. So the last thing before I let you go is really to talk about automation, and just the quantity and volume and throughput of these systems. Again, one, escalating, just 'cause it's always escalating, but two, now adding this whole connected devices and IoT, and this whole world of operational technology devices, you just, you can't buy your way out of it, you can't hire your way out of it, you have to have an increasing level of automation. So how are you kind of seeing that future evolve over the next couple of years? >> I've been meeting with a lot of customers obviously this week, and one of them said, the interesting part about where we are now is, you can't unsee what you've seen. And where we were five years ago, as most people in security and IT; which are natively digitized, they still didn't know how to wrap there arms around the data. So they just didn't see it, they were like the ostrich. Now with tools like Splunk they can actually see the data, but now, what do I do with it? When I've got a billion potential events per day, how do I deal with that? And even if I could find enough manpower, the skills are going to be changing at such a constant basis, so I think this security, orchestration, automation, response; SOAR, area and we were fortunate enough to form a great relationship with phantom a couple of years ago and add them to the Splunk fold, exactly a year ago, as, I think, the best of the SOAR vendors, but it's a brand new category. Because companies have not yet had that unseeing moment of, holy cow, what do I do, how do I even deal with this amount of information? And adding in automation, intelligent automation, dynamic automation, with the right orchestration layer is an absolute imperative for these shops going forward, and when I look at a combination of phantom and their competitors there's still less then a thousand companies in a sea of a million plus corporate entities, globally, that have licensed these products. So we're at the very beginning of this portion of the wave. But there's no way that companies will be able to be successful without beginning to understand what that means, and wrapping their minds around how to use it. What we're so excited about with Splunk, is traversing investigate, monitor, analyze and automate up and down continuously, we think is the key to getting the best value from this really, really diverse and chaotic landscape and then having phantom as part of the fold helps a lot, because you can get signal on, did I do the right automation? Did It actually achieve the goal that my brain told me to do, or not? And if not, what do I adjust in the brain? Do I go after different data, do I structure the data a different way? But that up and down the chain of check and balance, am I doing the right stuff is something that-- >> And do it continuously. >> It's got to be continuous. >> It's got to be continuous. So we're sitting in the Forescout booth, so talk about how Forescout plays. I mean you guys have been sitting on those (mumbles), really fundamental core date, they're really kind of been opening up a whole different set of data, so how is that kind of working out? >> Yeah, so I'm really thankful for the relationship, mostly because they're a great company and I love their CEO, but mostly, if you go customer back, it's a very important relationship. Which is the proliferation of devices, developments continues to grow, and most companies aren't even aware of the number of devices that exist in their sphere, much less how they should look, and then what vulnerabilities might exist because of changes in those devices. So the information flow of, here's what's in the eco-sphere of a customer into Splunk is really helpful, and then the correlation that Splunk drives, so that Forescout gets even more intelligent on what corrective actions to what type of actions period do I take across this sea of devices is a really important and beneficial relationship for our customers. >> Excellent, so I'll give you the last word, little plug for Splunk.conf coming up in October. >> Yeah, I'm really excited about conf, excited to have you guys there again. We've been on a really intense innovation march for the past few years. This last conf we introduced 20 products at conf, which was a record. We're trying to keep the same pace for conf 2019 and I hope that everyone gets a chance to come, because we're going to both be, moving forward those products that we talked about, but, I think really surprising people, with some of the directions that were taking, the investigate, monitor, analyze and act capabilities both as a platform and for security IT and our other key buy-in centers. >> Alright, well we'll see you there Doug, thanks for stopping by. >> Thank you, Jeff. >> Great seeing you. >> He's Doug, I'm Jeff, you're watching theCUBE, we're in the Forescout booth at RSA Conference 2019, thanks for watching we'll see ya next time. >> Thank you. (electronic music)

(upbeat music) >> Live from San Francisco it's theCUBE, covering RSA Conference 2019. Brought to you by Forescout. >> Hey welcome back everybody Jeff Frick here with theCUBE, we're at the RSA Conference in Moscone in San Francisco, they finally got the conversion done it looks beautiful, it's keeping the atmospheric river out (laughs) it didn't do that last week, but that's a different story for another day. We're excited to have our very next guest he's Joe Cardamone, he's the Senior Information & Security Analyst and North America Privacy Officer for Haworth. Joe great to meet you. >> Thank you, thanks for having me. >> So for the people that don't know Haworth, give us kind of the quick overview on Haworth. >> Well Haworth is a global leader in commercial office interiors. They create seating, desks, dynamic work spaces, raise floors and movable walls. >> Okay, so really outfitting beyond the shell when people move into a space. >> That's correct. >> So what are your security, that sounds like, like mobile walls and desks and the like, what are some of the security issues that you have to deal with? >> Well obviously intellectual property is a big concern, protection of our, we call our employees members. So the protection of our employee member data is important to us, customer data, supplier data, so protection of those key data elements and our assets is a priority in my role. >> Okay, so we're in a Forescout booth, you're using their solution, you come in and Mike tells us you're connected to the network, it crawls out and tells us all the devices. How did that go? How well did it work for you guys? >> It was a fantastic experience for us to be honest with you. From the point that we deployed the ISO onto a virtual instance, about seven hours later we had gotten 97% visibility on our network. And not just data, actionable data which was really important in our use case, >> Yeah keep going, So, well I was just going to say how many surprises did you get after those hours when you got to report back? >> Oh we had quite a number. We were anticipating about 8,000 IPs we landed at about 13,000, so there was quite a bit more end points that we discovered, after implementing the product. One of the bigger pieces that we found was that our showrooms out in global sectors like Asia and Europe, had a bunch of APs that were stood up, you know some sales people thought that they wanted to plug them into a network jack and stand up their own wireless networks, we had found them and we were able to squash them pretty quickly, and that was within 24 hours of implementing the product. >> So you're expecting 8,000 you got 13,000 more than a 50% increase over what you thought? >> Quick math, correct, yes. >> I'm no quick and dirty math guy. I'm not a data scientist. >> I'm not either. >> Okay, so and then how many things did you have that were custom that needed to be added to the library? >> I'm going to say about 10 or 15 units, we have some that we produce. Haworth creates a unit called the Workwear unit which is a screen presentation casting device, and what that device does, it sits on our production network and in order for us to be able to demo that device we had to punch holes in our firewall. Very manual process, those devices move around very often and it was really hard for our IT teams to keep up with. How those devices move, how dynamic they are and you know code revisions, we're living showrooms so nothing stays in one spot at one time. The Forescout was able to very easily identify them using a couple of pieces of information that it gathered, and by using the Palo Alto Networks plugin, we were able to then dynamically punch holes through our firewall to our guest network for just those IPs, in just those services, and just those ports to enable our guests coming in who are looking to purchase the product to actually test drive it, and really have a good use with the product before purchasing it. >> So the guests that you're talking about are your customers, right? >> Our customers, correct yes. >> And when you say they wanted to test drive it, were they, do you let them go test drive it at their local office? Or are you let them drive their own content on it back at your like, executive briefing center? >> How does that mean, cause you're talking about punching a holes, right so that doesn't just happen without some thought. >> No it doesn't, exactly, and the thought was we can't sell a product if we can't demo it, and you come into Haworth, you're my guest. I want you to see the power of my product. I want you to use your laptop, your content on my screens and my space. How can we do that while protecting my digital network? And that's what the Forescout enables us to be able to do as part of our microsegmentation strategy with the Forescout. >> And then you said that that was tied to sub-functionality in a Palo Alto Networks device. >> That's correct. Like I mentioned earlier, the ability to have actionable data was one of our key points in purchasing employing the Forescout unit. We're experiencing a lot of growth, and the way we're treating our growth is, we're treating these companies like they are BYOD. We want, we're buying their brand, we're buying their ability to sell their product. They know their product, they have passion about their product. >> So these are new product lines within your guys total offering? >> Correct, yes. >> Okay. >> And what we wanted to do when we started to integrate the IT side of the world, we wanted to be able to keep them operating on their own. So, we're using the Forescout to be able to look into their network, and looking at a couple of key variables on their machines, say, do you meet this criteria? If you do then we're going to allow you to egress through our Palo Alto firewall using the Palo Alto Networks module on the Forescout, to be able to egress into our environment. If you don't meet that criteria, then you're just not getting in period. So we're able to provide a measure of control, trust but verify to the other networks that we have before their devices come into ours. >> So you're doing that you're adding all these, all these devices, you talk a lot about stuff that's actionable. What did you have before, or did you have anything before? What types of stuff that is actionable, how do you define actionable and I wonder if you could give a couple of examples. >> Sure that's actually really easy. When I say actionable data, I'm able to look at let's just say your laptop sitting here, with the Forescout, I can gather any multitude of data off of it, patch levels, OS levels, software installed, processes running, what switch port you're on, what wireless AP you're on, and off of all that information, I can make any number of decisions. I could move you to another VLAN, I could move you to another security group, I can tag your machine, I can send a trap to my SIM, and be able to record whatever data I need to record. In our use case, using the data that we're gathering from the affiliate networks and from the work wears we're able to then take action to say, yes this device meets our criteria, we can now send that data up into the Palo Alto and then tie it to a rule that exists to allow or disallow traffic. You know, with the fact that it's a single pane of glass, the fact that I can have my help desk go in and make decisions based on data that they're getting, based on actionable data, based on other pieces of data that are getting fed in through my environment, like indicators of compromise. I can enable my level one staff to be able to make level three decisions without giving them keys to the kingdom. Which I think is a big value with the Forescout. >> That's pretty impressive, cause that really helps you leverage your resources in a major major way. >> Correct, I'm a team of three. >> You're a team of three. >> Yes. >> (laughs) So more specifically I guess generally you know, talk about the role of automation because I don't know how many transactions are going through your system and how many pings are coming in but you said 13,000 devices just on the initial, on the initial ping, so how are you leveraging automation? What what's kind of the future do you see in terms of AI, machine learning and all these things we hear about because you can't hire you're way out of the problem, you've only got three people. >> Correct, correct right now we have limited staff but our skill set's fantastic. I'm blessed to have a team of really fantastic engineers that I work with. That being said, how the Forescout's helped us is being able to take some of the load off of them by automating tasks and some of that might be we have a machine that is not patched. We can identify that machine, put it into a group. Our servers are actually being patched by the Forescout right now, we're using that as a way to identify vulnerabilities, missing patches and then stage them into groups using the policies within the Forescout to be able to push down patches and you mentioned earlier one of the products that we had they gave us this visibility. We didn't really have anything. We had Forescout a number of years ago but we had some administration changes and we revamped our entire tool set. We came back and repurchased and re put in the Forescout in 2015, and that's where we've really been able to develop our current use cases and the strength behind the Forescout implementation that we have now. >> Right. And I'm just curious before we close are you, are you putting more IP connectivity on all of your kind of core SKUs? Are you seeing a potential benefit to put an IP address on a, on a wall, on a cube, on a desk, on all that stuff? How do you kind of see that evolving? >> I honestly see IoT being, you know, it's evolving very quickly obviously. We've got, we have IP addresses on our window blinds, you know. >> On your window blinds. >> Yeah, on our window blinds, so that they can control the amount of sunlight coming and we're LEED certified building. So we have all of these different IoT devices that control sunlight, control climate control in the building and obviously our production facilities have a lot of IoT devices as well and the Forescout helps us to be able to segment them into the correct VLANs, apply virtual firewalls, apply different changes to their own network. It gives us a lot of visibility and gives us a lot of control because of the granularity that it just natively collects. >> Right right. Well Joe, it's such a cool story you know. IP on shades that's my, that's my lesson of the day. (laughs) That it just shows that there's just so many opportunities to leverage this new technology in a very special way, but the complexity grows even faster right? >> It certainly does. >> Alright well thanks for taking a few minutes and I really enjoyed it. >> Awesome. >> Alright he's Joe, I'm Jeff, you're watching theCUBE. We're in the Forescout booth at RSA North America in Moscone Center thanks for watching we'll see you next time. (upbeat music)

(upbeat music) >> Live from San Francisco. It's theCUBE covering RSA Conference 2019, brought to you by Forescout. >> Hey welcome back everybody. Jeff Frick here with theCUBE. We're at RSA North America at the newly opened and finally finished Moscone Center. We're here in the Forescout booth, excited to be here. And we've got our next guest who's been coming to this show for a long, long time. He's Dan Burns, the CEO of Optiv. Dan, great to see you. >> Great to see you too, Jeff. Appreciate you having me on the show. >> So you said this is your 23rd RSA. >> Yeah, somewhere right around there. It's got to be and I don't think I've missed any in between. I've missed some Black Hats in there now and again but RSA is just one of those that that I feel like you got to go to. >> Right, right, so obviously the landscape has changed dramatically so we won't go all the way back 23 years. But in the last couple of years as things have really accelerated with the internet and IoT and OT and all these connected devices, autonomous cars. From a threat perspective and from where you sit in the captain's seat, what are you seeing? What are your, kind of your impressions? How are you helping people navigate this? >> Yeah I appreciate that question, Jeff. So it has changed dramatically. There's no doubt about it. So I got into security in 1996. And that was a long time ago so it's really in the infancy of security. And back in '96 when I remember really studying what security was, and by the way back then it was called information security. Now it's cyber security. But it was really straightforward and simple. There were probably two or three threats and vulnerabilities out there right? Some of the early on one so that's one part of the equation. The second part there were probably two or three regulations and standards out there. No more than that. And then when you went over to kind of the third part of the triad and you talk about vendors and technology there were maybe five or six right? You have McAfee, you have Check Point and you had some of the early, early stage companies that were really addressing kind of simplistic things, right? >> Right. >> Firewalling, URL filtering and things like that. And now you fast-forward to today and it's night and day, so much different. So today when we talk about threats and vulnerabilities there are hundreds of millions, if not billions, of threats and vulnerabilities. Number one, big problem. Number two, regulations standards. There's hundreds of them globally. And number three when you look at our great technology partners here and I think there's probably about 3,500 technology partners here on the floor today. Night and day >> Right. >> Nigh and day from '96 to 2019. And that's created a lot of issues, right? A lot of issues which I'm happy to talk about. >> Yeah, complexity and but you've been a great quote of one of the other things I saw doing the research for this interview. You talked about rationalization >> Yeah. >> and how does a CSO rationalize the world in which you just described because they can't hire their way out of it. They can't buy their way out of it. And at some point you're going to have to make trade-off decisions 'cause you can't use all the company's resources just for security. At the same time, you don't want to be in the cover of the Wall Street Journal tomorrow because you have a big breach that you just discovered. >> Yeah >> How do you help >> it's a balancing act >> How do you help them figure this, navigate these choppy waters? >> Yeah so we think Optiv is in a prime space to do that and place to do that. No doubt about it. So let's talk about the complexity that's out there. Now you look at the landscape. You look at the 25, 35 hundred different technology companies out there today. And when we talk to a typical client and we ask a question. How many vendors, how many OEMs do you have to deal with on an annual basis and the response, of course, depending on the size of the organization but let's just take your average small, mid-sized, enterprise client, the response is somewhere between 75 and 90 partners. And then of course we've got shot on our face. >> Just on the security side? >> Just on the security >> That's not counting all their CRM and all their >> That's not IT, that's not anything. That is just to solve >> 75? >> and build their own security programs. And the next response we get from them is we can't do it, we just can't do it. We spend about 90% of our time acting as if I'm the CSO right now, 90 plus percent of our time working with all of these wonderful, great technologies and partners just to establish those relationships and make sure we're going the right things by them and then by us. And so given this complexity in the marketplace, everything that's going on, it's just a prime scenario for what we call ourselves is a global cyber security solutions integrator, right? Being able to, for a lack of a better term, be the gatekeeper for our clients and help them navigate this complexity that's out there in the space. And so the value that we bring, I talk about it in terms of an equation, right? We're all mathematical in nature, typically people in cyber and so when I think about cyber, I think about equations. And the first equation I think abut is a very simplistic one. It's people, it's process and technology. And you need equal focus on all three of those parts of the equation to truly balance things in a matter where you're building a very effective security program. And historically CSOs have really leaned towards the technology side of that equation. >> Right. And now what we're seeing is a balance like we've got to worry about people, right? We've got to find people with that intelligence and knowledge and know-how and wherewithal, right? And we've got to find companies that have that process expertise, the processes, a means to an end. How do I get to a certain outcome? And so what we bring is the people process and technology. All sides of the equation with the ability in masses to help clients plan, build and run their entire security program or parts of it. >> So how, how is it changed with a couple things like cloud computing. >> Yeah. >> So now I'm sure the bad guys use the cloud just like the good guys use the cloud. So the type of scale and resources that they can bring to bear are significantly higher. Just the pure quantity of and variability using AI and machine learning and as we saw in the election really kind of simple Facebook targeting methods that most marketers use, that work at REI to get you to buy a sleeping bag if you looked at tents on your last way in. So how is the role of AI and machine learning now going to impact this balance? And then of course the other thing is all we see is so many open security jobs. You just can't hire enough people. They're just not there. So that's a whole kind of different level of pressure on the CSO. >> Yeah definitely no doubt about it. And there are few companies that can truly build that have enough budget to address cyber on their own. And those today are typically the large financial right? They're typically given massive budgets. >> Right. >> They have massive teams and they're able to minimize the partnerships and really handle a lot of their own stuff internally and go out for special things. But you look at the typical company, small, mid, even some of the large enterprise companies. No, they can't find the resources. They can't get the budget. They can't address everything. And to your point around digital transformation and what's going on in the world there. And that's probably what continues to support 3,500 technology companies out here. >> Right. >> Right? It's the continuous change >> Right. >> That we see in the industry every single day and of course cloud is one of the most recent transformations and obviously a real one which opens up other threat factors and other scenarios that create new vulnerabilities, and new threats and so that the problem just keeps getting bigger exponentially >> So you come in for another 20 years? Is that what you're saying? (laughing) >> How you're, come for another 20 years. I think though eventually, Jeff, I can remember I kind of poke fun at this a little bit. I can remember I think it was Palo Alto, there was a first company that said, hey we're a platform company. And I think that started happening whatever, it was roughly seven years ago. We're a platform company. And I can remember so many people kind of pooh-poohing that. Right, you're not a, nobody's a platform company. Fair enough, fair enough back then. But I'm going to say, fast-forward to today and that's what it's going to happen, have to happen in this industry, Jeff. >> Right, right. >> Eventually we will have to have some large platform companies that can address multiple things within a client's environment, right? And then there will always be the need to to fill gaps with some of the other great new emerging technologies out there so maybe we won't have 3,500 vendors in ten years. Maybe it's 2,000 so there will be consolidation. There will be the platform play >> Right. >> that happens. >> But then you have the addition of public cloud, right? So now a lot of, a lot of infrastructures, they've got some stuff in public cloud. They still have some stuff on their data center, right? So this is kind of hybrid world. Then you add the IoT thing and the OT connectivity back to the IT which is relatively new. So now if you've got this whole other threat factors that you never had to deal with before at all. It's the machines down on the factory floor. You had been pumping out widgets for a long time that are suddenly connected the infrastructure. So the environment that you're trying to apply security to is really evolving at a crazy pace. >> That is, it's a great industry to be in. (Jeff laughs) Every day I wake up, pitch myself I think all our guys do. >> Right. >> What's amazing, I don't see that slowing down, right? So I think that's why some of that balance continues to be there in the future. One of the things that we're seeing in our industry is companies really trying to take this inside-out approach as opposed to this outside-in approach. And I'll tell you the difference. The outside-in approach is it's all of this chaos, right? It's all the chaos that's behind us and we see it right here. It's everybody telling you what you need >> Right. >> and you build it, you building a security program around what's being fed to you externally as opposed to really taking a step back looking at your organization understanding what your company's initiatives and priorities are, right? And your own company's vision, mission and strategy. And I tell people all the time, I don't care if they're part of our company or any company, first thing you should do is understand the vision and the mission and the strategy of the organization you work for. And so that's part of the inside-out approach. Understanding what your company is trying to accomplish and is a security practitioner really wrapping your arms in your mind around that and supporting those initiatives and aligning your security initiatives to the business initiatives >> Right. >> And then doing it through a risk management type of program and feeding that risk management dashboard and information directly to the board >> Right. >> So. >> So I'm curious how the how you approach the kind of the changes now we have state-sponsored attackers. And how, what they're trying to get and why they're trying to get it has maybe changed and the value equation on your assets, that clearly some assets are super valuable and for some information and some things that are kind of classical but now we're seeing different motivations, political motivations, other types of motivations. So they're probably attacking different repositories of data that you maybe didn't think carry that type of value. Are you seeing >> Yeah. >> kind of a change in that both in the way the attacks are executed and what they're trying to get and the value they're trying to extract then just kind of a classic commercial ransomware or I'm just going to grab some money out of your account. >> Yeah I think, I think you are right. And it kind of goes back to the earlier part of the conversation, the number of devices that the attackers can attack are almost infinite right? >> Right. And especially with the edge right? With IoT it's created this thing we call the edge. Devices on street lights. Devices on meters. Devices here, devices there. >> Right, right. >> So the number of devices they can go for is ever increasing, right? which continues to support the need >> Right. and the cause that we all are a part of. And in the ways they're going to do that is going to change as well. There's no question about it. Yeah, so we've seen different ways of doing it. Yes there's no question about it. Back to the state-sponsored it's kind of stuff the way I look at cyber and probably one of my biggest personal concerns is I think about us, people and family right? We all have family is that cyber and ultimately cyber warfare has created this levity, or equalness in terms of countries, right? Where a country like the U.S. or Russia or somebody with massive resources around physical weapons are now no longer necessarily as powerful as they were. So brevity it's just created this field, leveling playing field. So countries like North Korea, countries like Afghanistan and others have a new opportunity to create a pretty bad situation. >> Right, right. And we haven't seen cyber warfare quote and unquote yet. We would call it something a little because they haven't really used it as a mass weapon of destruction but the threat of that being there >> Right. is creating a more of a even playing field. >> Right. >> And that's one of my biggest concerns like what's the next step there. >> Right, and the other thing is really the financial implications. If you don't do it right, it's beyond being embarrassed on the Wall Street Journal. But right GDPR regulations went into place last year. It's now the California data privacy law that's coming into place. >> Yeah. >> People are calling it kind of the GDPR of California. And that may take more of a national footprint as time moves on. It's weird on one hand we're kind of desensitized 'cause there's so many data breaches right? You can't keep track. We don't actually flip past that page on the wall. >> I can't keep track. But on the other hand there is this kind of this renewed, kind of consumer protection of my data that's now being codified into law with significant penalties. So I wonder how that plays into your kind of risk portfolio strategy of deciding how much to invest. How much you need to put into this effort because if you get in trouble, it's expensive. >> Yeah it is. So can be and it will be and it will get even more expensive. And we're still waiting for the lawmakers to levy some pretty heavy fines. We've seen a few but I think there's going to be more and I think you do have to pay more attention to regulations and compliance. But I think it is a balancing act. Back to our inside-out approach that I was talking about. A lot of companies when PCI came out, as you know, Jeff, a lot of companies were guiding their security program by PCI specifically >> Right. >> and only, and that's a very outside-in approach, right? That's not really accounting for the assets that you were talking about earlier. Not all of them. >> Right. >> Some of them. And so I think that's a great point, right? As a CSO, the first thing you've got to understand is what are your assets? What are you trying to protect? >> Right. And our friends here at Forescout do a great job of giving you the visualization of your network, understanding what your assets are. And then I think the next step is placing a dollar value on that. And not many people do that, right. They're, oh here's my assets. >> You're paying >> This one's kind of important >> This one's kind of important. But to get buy-in from the rest of your organization, you need to force the conversation with your counterparts, with your CFO, with your CMO, with anyone who's a partial owner of those assets >> Right. and make them put a dollar amount on. How much do you think that the data on the server is worth? How much do you think the data on this server, how much do you think, and inventory that is part of the asset inventory. And then I think you've got a much better argument as it relates to getting budget and getting buy-in. >> Right. >> Getting buy-in. And I see it a lot where CSOs tend to be, most tend to be a little bit introverted right? >> Right. >> They'd rather hang out there on the second floor and be there with their team. Take a look at the latest threats. Take a look at what's going on, with their (coughs) logs and their data and trying to solve really critical problems. But my recommendations to CSOs is man, build tight relationships across the entire organization and get out there, be out there, be visible. Get buy-in. Do lunch and learns on why cyber is so critical and how our employees can help us on this journey. >> Right, right. Dan you trip into a whole other category that we'll have to leave for next time which is, what is the value of that data 'cause I think that's changed quite a bit over the last little while. But thanks for taking a few minutes >> Absolutely, Jeff. and hopefully have a good 23rd RSA. >> Thank you very much. >> All right. >> I appreciate it. >> He's Dan, I'm Jeff. You're watching theCUBE. We're at RSA in North America at Moscone at the Forescout booth. Thanks for watching. See you next time. (upbeat music)

>> From the Regency Center in San Francisco, it's theCUBE, covering Serverlessconf, San Francisco, 2018. Brought to you by SiliconANGLE Media. >> Hi, I'm Stu Miniman, and you're watching theCUBE here at Serverlessconf, 2018 in San Francisco. Happy to welcome to the program Michael Garski, who's the director of platform engineering at Fender. Thanks so much for joining me. >> Thanks, Stu. Thanks for having me on. >> All right, so, luckily, I don't need to introduce Fender because I think most of our audience will be familiar with, you know, Fender, guitars, music, all that stuff, but we're going to talk a little bit about the tech side. >> Okay. >> Even though, let me ask, there's a question I usually ask. Most companies, you know, going through the digital transformation, lots of changes there. How does digital impact Fender? >> Digitally, Fender started a digital division in late 2015 and it was a focus on all-new digital products to complement our well-known physical products. Since then we've launched Fender Mod Shop, where a user can order a customized guitar online, have it delivered in a month. We have a single sign-on solution across all of our web and mobile applications, a guitar tuner, we have connected amplifiers, with companion apps to control amplifiers remotely. And our flagship product is Fender Play, which is an instructional app which allows the user to learn to play guitar, ukulele, and coming soon, bass. >> Love it. I'm guessing that has something to do with what you're involved with on the cloud and Serverless side to enable those technologies on the mobile side. >> Exactly. We've fully embraced AWS Lambda to support all of the services for the web and mobile applications. >> Okay, so A Cloud Guru's a training company and we've talked to them extensively as to why Serverless was a good fit for them, and enabled them to do it, but bring us through what led to your adoption of AWS Lambda, give us a little bit about what kind of technologies you were using before, and how you got to this solution. >> Well, we started out building services and go, just standard EC2 based microservices, and then we started tinkering a bit with Lambda. We had to adjust the product catalog from SAP. They could deliver a file, drop it into an S3 bucket, so it was simple enough to create a function that can process that file and ingest it into elastic search. From there, we used custom authorizers with API Gateway mapping templates to save custom tunings for users, and then as we started building for Tone and Play, Tone especially is a very limited audience. It's whoever buys the amplifiers. So we're not talking millions of people, it's going to be hundreds of thousands. So, it was a very good use case to go ahead and do that. Same thing with Play, we're starting a new business that's a great model for us, that we can just pay per usage. >> All right, so, yeah it sounds like you were using cloud and the usage model fit for what Serverless was built for, correct? >> Exactly, yes. >> All right, how much is management aware of, you know, kind of the underlying technology? Is your group, kind of just allowed free reign to kind of deal with this? Or are there anything you need to go to the CFO, and be like, well, you know our billings going to change a little bit compared to what you might have known in the past? >> It's, we pretty much have free reign. And our biggest AWS expense is actually what we pay for, in AWS Glacier for storage for the raw footage, of all the 4K footage from, instructional video shoots, and Lambda on top of that is simply a rounding error. >> Yeah, excellent. And the mobile apps that you've built, are there trials on there? Is everybody up to sign-up to be able to use it? Is it a freemium model or is it a paid model? >> The Tuner is a completely free application. There is an in-app purchase for cord and scale libraries, and some pro features of the tuner. Custom tunings are free. The Play application comes with a 30-day free trial, so user can sign up either on the web, or via the Google or Apple app stores on their mobile device. >> Okay, so, with that kind of model, I would think that Lambda would be nice. There's, you know, you said your expenses aren't that high using this kind of service. >> No, not at all, like I, in the month of June, we spent, I think it was like $132 for 68 million Lambda invocations. And to kind of put that in perspective a bit, it's what we pay for some EC2 services, EC2 instances that support our legacy authentication service, but we're also moving that over to Cognito now so we can get rid of all the EC2 instances. >> Okay, when you started using this technology, how'd you first learn about it? How'd you get up to speed on it? Tell us a little bit about kind of, training adoption. >> It was a lot of experimentation. So, we have it set up where we use one account for our QA and production environments and another account for our development environment. All the engineers on the team have free-reign to do whatever they want to in the development environment. They can spin up whatever they need to. So we just started playing around with things and experimenting. Like, let's hook up Lambda function to API Gateway, oh, this is going to work really well! And just kind of proceeded down that path. >> All right, great, and any learnings, anything that you tried playing with and said, like wow, this just isn't going to be a fit for what I need? Tell us, you know, what worked, what didn't? >> I would say about the only thing we found that really doesn't fit within Lambda and Serverless would be really very low latency applications. You're doing an auto complete for a search system. You want that snappy. It's, humans observe, I think it's about 100 milliseconds things seemed instantaneous, and that's going to be very challenging to get from API Gateway Lambda to get that consistently. >> Okay, great. And you're speaking here at the conference, how'd that end up happening, what are you looking to share with your peers? >> How it happened was I submitted a talk for a conference and then Drew from A Cloud Guru approached me and asked me to submit I had to tell him I already did, so they went ahead and approved it. And, I'm sharing what we've done and built at Fender Digital, and sort of what we found as far as tools for monitoring, performance optimization, as well as some things to really be cautious of when you're dealing with Lambda, especially with regards to concurrency controls. >> 'Kay, great and, how have you found the show so far? You were at the keynote, got about 500 people here. >> Yeah, it's really interesting. I'd really like the focus all on Serverless. You see, go to a lot of conferences, there might be one or two talks that kind of focus on that. It's nice to have something completely focused in that space. >> All right, and, you know, from a maturity standpoint, are there things that you're looking for in the roadmap from Amazon? They've been baking Serverless kind of into all of their services, so do you expect to stay on Lambda, or are there other services that kind of, you know FAZ or Serverless built into it that you might be using? >> We expect to stay on Lambda for the near term. I don't, we don't have any plans or looking at anything else like Azure or Google Cloud functions, our intention is to stay with AWS. They have a lot of other services, their new machine learning services, we use DynamoDB quite extensively, and so we're probably going to stick with them. >> Yeah, but inside Amazon, they've been expanding their Serverless portfolio as it was. >> Oh, yeah. >> And I remember, I was at the show when Lambda was announced, and then, you know it's Aurora with Serverless underneath and all those, so do you expect to adopt some of those other services that have AWS Serverless kind of baked into it as opposed to just using, kind of a Lambda tool. >> Absolutely, especially with, you just mentioned the Aurora Serverless model. That's one that we're taking a look at and evaluating as we've got some data in DynamoDB, but as requirements have shifted in the business over time it's really, it's becoming very difficult to model in DynamoDB, so we're going to kind of take a look at that, and possibly move to Aurora Serverless. >> I'm curious, how does Fender, does Fender think of the data involved? Is that something that, you mentioned AI, some of these, is that something that you'll be able to take the data and leverage that potentially even make new business revenue streams out of that in the future? >> We're doing some of that already by just watching user, analyzing user behavior so we can improve our products internally. And we're looking at adding more features to where we can really understand what people are doing, and then make our products better. >> All right. Michael, want to give you the final word. For your peers out there that might be saying hey, I've heard of Serverless, I'm kind of thinking at it, what advice would you give them? >> Just dive in, get started, don't hesitate. It's, it doesn't cost you anything, really to experiment with it. That model works very, very nice. >> Yeah, and it's one of the things that's great. It used to be you would take a lot of period of time and some big investment to be able to try a technology out or maybe you would get some demo, but Serverless is pretty easy to get started on. >> Exactly. Especially if you're using a framework like say, Serverless framework, or maybe using AWS. Excuse me, AWS's Serverless application model, it really helps as far as setting up all the resources that your function needs as well. >> All right well, Michael really appreciate you riffing with us on your deployments with Serverless and hope your peers will definitely check it out. All right, lots more coverage here from The Serverless Conference here in San Fransisco. I'm Stu Miniman, and thanks for watching theCUBE. (electronic music)

>> Coming back when we were a DOS spreadsheet company. I did a short stint at Microsoft and then joined Frank Quattrone when he spun out of Morgan Stanley to create what would become the number three tech investment (upbeat music) >> Host: Live from mid-town Manhattan, it's theCUBE covering the BigData New York City 2017. Brought to you by SiliconANGLE Media and its ecosystem sponsors. (upbeat electronic music) >> Welcome back, everyone. We're here, live, on day two of our three days of coverage of BigData NYC. This is our event that we put on every year. It's our fifth year doing BigData NYC in conjunction with Hadoop World which evolved into Strata Conference, which evolved into Strata Hadoop, now called Strata Data. Probably next year will be called Strata AI, but we're still theCUBE, we'll always be theCUBE and this our BigData NYC, our eighth year covering the BigData world since Hadoop World. And then as Hortonworks came on we started covering Hortonworks' data summit. >> Arun: DataWorks Summit. >> DataWorks Summit. Arun Murthy, my next guest, Co-Founder and Chief Product Officer of Hortonworks. Great to see you, looking good. >> Likewise, thank you. Thanks for having me. >> Boy, what a journey. Hadoop, years ago, >> 12 years now. >> I still remember, you guys came out of Yahoo, you guys put Hortonworks together and then since, gone public, first to go public, then Cloudera just went public. So, the Hadoop World is pretty much out there, everyone knows where it's at, it's got to nice use case, but the whole world's moved around it. You guys have been, really the first of the Hadoop players, before ever Cloudera, on this notion of data in flight, or, I call, real-time data but I think, you guys call it data-in-motion. Batch, we all know what Batch does, a lot of things to do with Batch, you can optimize it, it's not going anywhere, it's going to grow. Real-time data-in-motion's a huge deal. Give us the update. >> Absolutely, you know, we've obviously been in this space, personally, I've been in this for about 12 years now. So, we've had a lot of time to think about it. >> Host: Since you were 12? >> Yeah. (laughs) Almost. Probably look like it. So, back in 2014 and '15 when we, sort of, went public and we're started looking around, the thesis always was, yes, Hadoop is important, we're going to love you to manage lots and lots of data, but a lot of the stuff we've done since the beginning, starting with YARN and so on, was really enable the use cases beyond the whole traditional transactions and analytics. And Drop, our CO calls it, his vision's always been we've got to get into a pre-transactional world, if you will, rather than the post-transactional analytics and BIN and so on. So that's where it started. And increasingly, the obvious next step was to say, look enterprises want to be able to get insights from data, but they also want, increasingly, they want to get insights and they want to deal with it in real-time. You know while you're in you shopping cart. They want to make sure you don't abandon your shopping cart. If you were sitting at at retailer and you're on an island and you're about to walk away from a dress, you want to be able to do something about it. So, this notion of real-time is really important because it helps the enterprise connect with the customer at the point of action, if you will, and provide value right away rather than having to try to do this post-transaction. So, it's been a really important journey. We went and bought this company called Onyara, which is a bunch of geeks like us who started off with the government, built this batching NiFi thing, huge community. Its just, like, taking off at this point. It's been a fantastic thing to join hands and join the team and keep pushing in the whole streaming data style. >> There's a real, I don't mean to tangent but I do since you brought up community I wanted to bring this up. It's been the theme here this week. It's more and more obvious that the community role is becoming central, beyond open-source. We all know open-source, standing on the shoulders before us, you know. And Linux Foundation showing code numbers hitting up from $64 million to billions in the next five, ten years, exponential growth of new code coming in. So open-source certainly blew me. But now community is translating to things you start to see blockchain, very community based. That's a whole new currency market that's changing the financial landscape, ICOs and what-not, that's just one data point. Businesses, marketing communities, you're starting to see data as a fundamental thing around communities. And certainly it's going to change the vendor landscape. So you guys compare to, Cloudera and others have always been community driven. >> Yeah our philosophy has been simple. You know, more eyes and more hands are better than fewer. And it's been one of the cornerstones of our founding thesis, if you will. And you saw how that's gone on over course of six years we've been around. Super-excited to have someone like IBM join hands, it happened at DataWorks Summit in San Jose. That announcement, again, is a reflection of the fact that we've been very, very community driven and very, very ecosystem driven. >> Communities are fundamentally built on trust and partnering. >> Arun: Exactly >> Coding is pretty obvious, you code with your friends. You code with people who are good, they become your friends. There's an honor system among you. You're starting to see that in the corporate deals. So explain the dynamic there and some of the successes that you guys have had on the product side where one plus one equals more than two. One plus one equals five or three. >> You know IBM has been a great example. They've decided to focus on their strengths which is around Watson and machine learning and for us to focus on our strengths around data management, infrastructure, cloud and so on. So this combination of DSX, which is their data science work experience, along with Hortonworks is really powerful. We are seeing that over and over again. Just yesterday we announced the whole Dataplane thing, we were super excited about it. And now to get IBM to say, we'll get in our technologies and our IP, big data, whether it's big Quality or big Insights or big SEQUEL, and the word has been phenomenal. >> Well the Dataplane announcement, finally people who know me know that I hate the term data lake. I always said it's always been a data ocean. So I get redemption because now the data lakes, now it's admitting it's a horrible name but just saying stitching together the data lakes, Which is essentially a data ocean. Data lakes are out there and you can form these data lakes, or data sets, batch, whatever, but connecting them and integrating them is a huge issue, especially with security. >> And a lot of it is, it's also just pragmatism. We start off with this notion of data lake and say, hey, you got too many silos inside the enterprise in one data center, you want to put them together. But then increasingly, as Hadoop has become more and more mainstream, I can't remember the last time I had to explain what Hadoop is to somebody. As it has become mainstream, couple things have happened. One is, we talked about streaming data. We see all the time, especially with HTF. We have customers streaming data from autonomous cars. You have customers streaming from security cameras. You can put a small minify agent in a security camera or smart phone and can stream it all the way back. Then you get into physics. You're up against the laws of physics. If you have a security camera in Japan, why would you want to move it all the way to California and process it. You'd rather do it right there, right? So with this notion of a regional data center becomes really important. >> And that talks to the Edge as well. >> Exactly, right. So you want to have something in Japan that collects all of the security cameras in Tokyo, and you do analysis and push what you want back here, right. So that's physics. The other thing we are increasingly seeing is with data sovereignty rules especially things like GDPR, there's now regulation reasons where data has to naturally stay in different regions. Customer data from Germany cannot move to France or visa versa, right. >> Data governance is a huge issue and this is the problem I have with data governance. I am really looking for a solution so if you can illuminate this it would be great. So there is going to be an Equifax out there again. >> Arun: Oh, for sure. >> And the problem is, is that going to force some regulation change? So what we see is, certainly on the mugi bond side, I see it personally is that, you can almost see that something else will happen that'll force some policy regulation or governance. You don't want to screw up your data. You also don't want to rewrite your applications or rewrite you machine learning algorithms. So there's a lot of waste potential by not structuring the data properly. Can you comment on what's the preferred path? >> Absolutely, and that's why we've been working on things like Dataplane for almost a couple of years now. We is to say, you have to have data and policies which make sense, given a context. And the context is going to change by application, by usage, by compliance, by law. So, now to manage 20, 30, 50 a 100 data lakes, would it be better, not saying lakes, data ponds, >> [Host} Any Data. >> Any data >> Any data pool, stream, river, ocean, whatever. (laughs) >> Jacuzzis. Data jacuzzis, right. So what you want to do is want a holistic fabric, I like the term, you know Forrester uses, they call it the fabric. >> Host: Data fabric. >> Data fabric, right? You want a fabric over these so you can actually control and maintain governance and security centrally, but apply it with context. Last not least, is you want to do this whether it's on frame or on the cloud, or multi-cloud. So we've been working with a bank. They were probably based in Germany but for GDPR they had to stand up something in France now. They had French customers, but for a bunch of new reasons, regulation reasons, they had to sign up something in France. So they bring their own data center, then they had only the cloud provider, right, who I won't name. And they were great, things are working well. Now they want to expand the similar offering to customers in Asia. It turns out their favorite cloud vendor was not available in Asia or they were not available in time frame which made sense for the offering. So they had to go with cloud vendor two. So now although each of the vendors will do their job in terms of giving you all the security and governance and so on, the fact that you are to manage it three ways, one for OnFrame, one for cloud vendor A and B, was really hard, too hard for them. So this notion of a fabric across these things, which is Dataplane. And that, by the way, is based by all the open source technologies we love like Atlas and Ranger. By the way, that is also what IBM is betting on and what the entire ecosystem, but it seems like a no-brainer at this point. That was the kind of reason why we foresaw the need for something like a Dataplane and obviously couldn't be more excited to have something like that in the market today as a net new service that people can use. >> You get the catalogs, security controls, data integration. >> Arun: Exactly. >> Then you get the cloud, whatever, pick your cloud scenario, you can do that. Killer architecture, I liked it a lot. I guess the question I have for you personally is what's driving the product decisions at Hortonworks? And the second part of that question is, how does that change your ecosystem engagement? Because you guys have been very friendly in a partnering sense and also very good with the ecosystem. How are you guys deciding the product strategies? Does it bubble up from the community? Is there an ivory tower, let's go take that hill? >> It's both, because what typically happens is obviously we've been in the community now for a long time. Working publicly now with well over 1,000 customers not only puts a lot of responsibility on our shoulders but it's also very nice because it gives us a vantage point which is unique. That's number one. The second one we see is being in the community, also we see the fact that people are starting to solve the problems. So it's another elementary for us. So you have one as the enterprise side, we see what the enterprises are facing which is kind of where Dataplane came in, but we also saw in the community where people are starting to ask us about hey, can you do multi-cluster Atlas? Or multi-cluster Ranger? Put two and two together and say there is a real need. >> So you get some consensus. >> You get some consensus, and you also see that on the enterprise side. Last not least is when went to friends like IBM and say hey we're doing this. This is where we can position this, right. So we can actually bring in IGSC, you can bring big Quality and bring all these type, >> [Host} So things had clicked with IBM? >> Exactly. >> Rob Thomas was thinking the same thing. Bring in the power system and the horsepower. >> Exactly, yep. We announced something, for example, we have been working with the power guys and NVIDIA, for deep learning, right. That sort of stuff is what clicks if you're in the community long enough, if you have the vantage point of the enterprise long enough, it feels like the two of them click. And that's frankly, my job. >> Great, and you've got obviously the landscape. The waves are coming in. So I've got to ask you, the big waves are coming in and you're seeing people starting to get hip with the couple of key things that they got to get their hands on. They need to have the big surfboards, metaphorically speaking. They got to have some good products, big emphasis on real value. Don't give me any hype, don't give me a head fake. You know, I buy, okay, AI Wash, and people can see right through that. Alright, that's clear. But AI's great. We all cheer for AI but the reality is, everyone knows that's pretty much b.s. except for core machine learning is on the front edge of innovation. So that's cool, but value. [Laughs] Hey I've got the integrate and operationalize my data so that's the big wave that's coming. Comment on the community piece because enterprises now are realizing as open source becomes the dominant source of value for them, they are now really going to the next level. It used to be like the emerging enterprises that knew open source. The guys will volunteer and they may not go deeper in the community. But now more people in the enterprises are in open source communities, they are recruiting from open source communities, and that's impacting their business. What's your advice for someone who's been in the community of open source? Lessons you've learned, what is the best practice, from your standpoint on philosophy, how to build into the community, how to build a community model. >> Yeah, I mean, the end of the day, my best advice is to say look, the community is defined by the people who contribute. So, you get advice if you contribute. Which means, if that's the fundamental truth. Which means you have to get your legal policies and so on to a point that you can actually start to let your employees contribute. That kicks off a flywheel, where you can actually go then recruit the best talent, because the best talent wants to stand out. Github is a resume now. It is not a word doc. If you don't allow them to build that resume they're not going to come by and it's just a fundamental truth. >> It's self governing, it's reality. >> It's reality, exactly. Right and we see that over and over again. It's taken time but it as with things, the flywheel has changed enough. >> A whole new generation's coming online. If you look at the young kids coming in now, it is an amazing environment. You've got TensorFlow, all this cool stuff happening. It's just amazing. >> You, know 20 years ago that wouldn't happen because the Googles of the world won't open source it. Now increasingly, >> The secret's out, open source works. >> Yeah, (laughs) shh. >> Tell everybody. You know they know already but, This is changing some of the how H.R. works and how people collaborate, >> And the policies around it. The legal policies around contribution so, >> Arun, great to see you. Congratulations. It's been fun to watch the Hortonworks journey. I want to appreciate you and Rob Bearden for supporting theCUBE here in BigData NYC. If is wasn't for Hortonworks and Rob Bearden and your support, theCUBE would not be part of the Strata Data, which we are not allowed to broadcast into, for the record. O'Reilly Media does not allow TheCube or our analysts inside their venue. They've excluded us and that's a bummer for them. They're a closed organization. But I want to thank Hortonworks and you guys for supporting us. >> Arun: Likewise. >> We really appreciate it. >> Arun: Thanks for having me back. >> Thanks and shout out to Rob Bearden. Good luck and CPO, it's a fun job, you know, not the pressure. I got a lot of pressure. A whole lot. >> Arun: Alright, thanks. >> More Cube coverage after this short break. (upbeat electronic music)

>> Hey, welcome back everybody. Jeff Frick with theCUBE. We're at Node Summit 2017, downtown San Francisco Mission Bay Conference Center, 800 people, a lot of developers, pretty much all developers talking about what's going on with Node, the Node community and some tangental things that are involved in Node, as well. We're excited to have our next guest on, he's Stephen Fluin, he's a developer advocate for Google, Stephen, welcome. >> Thank you so much for having me. >> Absolutely. First off, just kind of impressions of the show. You said you were here last year, the community's obviously very active, growing, I don't know that they're going to be able to come back to this space for very much longer. >> I know. >> What do you think? >> Probably not, I love how the community's continuing to grow and evolve, right? This technology is moving faster than almost any technology I've seen before. I call it a communatorial explosion of complexity because there's always new tools coming out, new ways of thinking and that's really rich and a great way to have a lot of innovation happening. >> Right, there was a great, one of the early ones this morning, the speaker said they had one Node app a year ago, and now they have 15 in production, 22 almost ready and 75 other internal projects, in one year! >> Yeah, it's definitely crazy. >> So why, I mean there's lots of things as to why Node's successful, but from your perspective, why is it growing so fast? >> I think it's fast because it's the first time that we've had a real extended eco-system where a lot of developers are coming together, bringing their own perspectives, and it's a very collaborative environment. Everyone's trying to help each other. >> So you just got off stage, you had your own session >> I did. >> But Angular on the Server. >> Yes. >> Even for the folks that missed it, kind of what was the main theme of your talk? >> Sure, sure, so I'm on the Angular Team, which is a client-side framework for building applications. We've really been focused a lot on really great web experiences for the client. How do we run code as close as possible to the browser so that you get these very rich, engaging applications. >> Right. >> But one of the things that we've been focused on and has been one of our design goals since the beginning is how do we write JavaScript and TypeScript in a way that you can run it on the client or the server? And so just last week we announced new support has landed in our CLI that makes this process easier so that you can run your applications on the server and then bootstrap a client-side application on top of that. >> Why is that important? >> It's important for a few different reasons. You want to run applications sometimes on the server, first, because there's a lot of computers that are processing the web and browsing the web across the internet >> Right. >> so there's search engines, there's things like Facebook and Twitter, which are scraping websites looking for metadata, looking for thumnbnails and other sorts of content, but then also there's a human aspect where by rendering things on the server, you can actually have an increased perception of your load times, so things look like they're loading faster while you can still then, on top of that, deliver very rich, engaging client side experience with animations and transitions and all those sorts of things. >> That's interesting. Before we got started you had talked about thinking of the world in terms of the user experience, at the end of the line versus thinking of it from the server. I thought you were going down kind of the server optimization, power, when you say think about the server, those types of things but you're talking about a whole different set of reasons to think about the server >> Yeah, absolutely. >> and the way that that connects to the rest of the web. >> Yes, because there's a lot of consumers of content that we don't necessarily think about when we're building applications >> Right, right. >> we normally think about the human side of things but having an application, whether it's a single application or whatever, that is also well optimized for servers can be very helpful. >> Yeah, that's pretty >> Servers as the consumers. >> servers as the consumers which I guess makes sense, right? Because the Google's Indexes and all the other ones are crawling servers >> Absolutely. >> they're not scraping web pages, hopefully, I assume, I assume we're past that stage. Alright, good, so what else is going on, in terms of the Angular community, that you're working on next? >> Sure, sure. I think we're really just focused on continuing to make things easier, smaller and faster to use, so those are kind of the three focus points we've got as we continue to invest and evolve in the platforms. So, how do we make it easier for new developers to come into the kind of Angular platform and take advantage of all we have to offer? How do we make smaller bundles so that the experience is faster for users? >> Right, right. >> And then how do we make all these things understandable and digestable for developers? >> It's like the bionic men never went away, right? It's still better, stronger, faster. >> Exactly. >> Alright, Steve, thanks for taking a few minutes out of your day and sharing your story with us. >> Thanks so much for having me. >> Absolutely, Stephen Fluin, from Google. I'm Jeff Frick, you're watching theCUBE. Thanks for watching, we'll catch you next time. Take care.

>> Welcome back everybody, Jeff Frick here with theCUBE. We're at Node Summit 2017 in downtown San Francisco Mission Bay Conference Center, we've been coming here for years. The vibe is growing and exciting and some really interesting use cases in earlier sessions about how fast a Node adoption is happening in some of these enterprises and we're excited to have Michael Dawson. He's a software developer, but more importantly, he's a Node.js community lead for IBM. Michael welcome. >> Alright, thank you. It's great to be here. Nice to be able to talk to you and talk about Node.js and what's going on in the community. >> Just to get your impressions in terms of a temporal perspective, of how this has changed and evolved over time. A lot of talk about the community. I think the facility here only holds like 800 people. I think it's full to the capacity. You know, how has it been growing and kind of what's your perspective from a little bit of a higher point of view. >> It's really great, you know I was at Node Summit three years ago, and other conferences, and it's great to see that over the years how we get more and more people involved. Different constituencies, you know, more people who are deploying Node.js. And even just, you know, day-to-day we see a larger and larger number of collaborators who are getting involved in contributing to make the success of Node really grow and the functionality and all that great stuff. >> Jeff: Right. So what's your function inside of IBM as being kind of a Node advocate for the community I assume outside the walls of IBM, but then also inside the walls of IBM? >> So, I really have sort of the pleasure to be able to work out in the community. That's the large part of my job. But I also work very closely with our internal teams with a focus on Node.js, supporting it for our bundling products. IBM has about 50-60 products that bundle Node.js. We also support it through our platforms like Bluemix, and so I work with the team who supports those. You know if you're running Bluemix in Node it's the code that we've contributed and built. And our development approach is very much do that out in the community, so if a particular product needs some sort of feature we'll go out and work in the community to do that and then pull that back in to use it. So you see we have about 10 collaborators. I'm one of them and the great thing is that I get to be involved in a lot of the working group efforts like the N-API, the build work groups, the LTS work groups. And, you know, so my role is really to sort of bridge the community work that we do there to our internal needs and consumers as well. >> Right, so how is the uptake in the IBM world of this technology within all the different stats that you guys have? >> I work in the run time technologies team and we were called the Java Technology Center for a number of years, we're now called the Run Time Technology Center because we see it's a polyglot world with Node.js being one of the three key run times you know, it's Node.js, Java and Swift. [Jeff] - Right. >> And, we see that because we see our costumers as well as our products, you know, really embracing Node and using it in all sorts of places. They've mentioned earlier that Bluemix ARPAs is a very heavy user of Node.js in terms of the implementation of the UIs and the backend services, as well as Node.js is the biggest run time in terms of deployments in that environment as well. >> So it's interesting, we had Monica on earlier from Intel. I think you're going to be on a panel with her later today about benchmarking. >> Yeah. >> And she talked about that there's some unique challenges in trying to figure out how to benchmark these types of applications against kind of the benchmark standards of old. I wondered if you could share some of your thoughts on this challenge, and for the folks that aren't going to be here watching the panel, what are some of the topics that you want to make sure that get exposed in that panel. >> So, you know, I've been working with the benchmarking work group. I actually kicked it off a number of years back. The approach that we're following is we want to document the key use cases for Node, as well as the key attributes of the run time, like you know, like starting up fast, being small, the things that have made it successful. [Jeff] - Right. >> As well as the key use cases like a web front end, backend services for mobile, and then fill in that matrix with important benchmarks. I mean that's where one of the challenges comes in; other languages have a more mature and established set of benchmarks that different vendors and different people can use. >> Right. >> Whereas the work in the working group is to try and either find benchmarks and encourage people to write those benchmarks, and pull together a more comprehensive suite that we can use because performance is important to people, and as a community, we really want to make sure that we encourage a rapid pace of change, but be able to have a good handle on what's going on on the other side. >> Jeff: Right. >> And, having the benchmarks in place should be an enabler, in that if we can easily and quickly find out what a change impact has, a positive or negative, that'll help us move things forward as opposed to if you're uncertain it's a lot harder to make the decision as to which way you should go. >> It's funny on benchmarking, right, because on one hand, people can just poo-poo benchmarks because I'm writing my benchmark so that it beats your product and my benchmark, and you can write a benchmark the other way. But I think what you've just touched on is really important; it's really for optimization of what you're doing for improving your own performance over time. That's really the key to the benchmarks. >> Yeah, absolutely, the focus of the work in the benchmarking work group has been on a framework for like regression testing, and letting us make the right decision, not competition. >> Jeff: Right. >> I think that some of the pieces that we develop will perhaps factor into that, but the core focus is to get a good established set, and other individual companies can then maybe use it for other purposes as well. >> Jeff: Right. So Michael before I let you go I just wanted to get your perspective. You work for a big company. >> Michael: Yep. >> I don't think it's this as much anymore; there used to be a lot of opened source conferences people like oh we don't want the big people coming in, they're going to take it over. And to get your perspective of being kind of that liaison between kind of this really organic open source community with Node and big Blue back behind you, and how you kind of navigate that and in your experience of the acceptance of IBM into this community as well as your ability to bring some of that open source essos back into IBM. >> Right. You know, I found that it's been really great. I love this community, they've been very welcoming. I've had no issues at all, you know, getting involved. I think IBM is respected in the way that we've contributed. We're trying to contribute in a very constructive and collaborative way, you know, nothing that we do, do we really do on our own. If you look at the N-API, we're working with other individuals. People from different companies or just individual contributors to come to a consensus on what it should be, and to basically move things forward. So yeah, in terms of a big company coming in, you do hear some concerns, but I haven't seen any on the ground impediments or problems. You know, it's been very welcoming and it's been a great experience. >> Alright, very good. Alright, well, before I let you go, kind of final thoughts on this event where we are. >> It's a great event, I always enjoy being able to come and meet people. A lot of time you work on Git Hub you know somebody's handle, but there's nothing like making that personal connection to be able to like put the face to the name, and I think it affects your ongoing sort of interactions when you're not face-to-face. >> Jeff: Absolutely. >> So it's a really important thing to do, and that's why I like to come to a lot of these events. >> Alright, well Michael Dawson, we'll let you get back to meeting some more developers. Thanks for taking a few minutes out of your day. >> Thank you very much, bye. >> Absolutely, he's Michael Dawson from IBM. I'm Jeff Frick, you're watching theCUBE. Thanks for watching, we'll catch you next time.

>> Hey welcome back everybody Jeff Frick here with theCUBE. We're at Node Summit 2015 in Downtown San Francisco Mission Bay Conference Center. About 800 people talking about nodes, Node JS. The crazy growth in this application development platform and we're excited to have our next guest to talk about security. Which I don't think we've talked about yet. He's Guy Podjarny, I'm sorry. >> Podjarny Correct. >> Welcome, he's a CEO of Snyk, not spelled like Snyk. (laughing) You'll see it on the lower third. >> It's amazing how often we that question. How do you pronounce Snyk? >> Well I know, obviously people that have never had this start up and tried to go through a URL search. >> Indeed. >> Just don't know what's it's all about. >> It's sort of Google dominance. It's short for so now you know. So now you know. >> Oh, so now you know. Okay perfect, super. First off welcome, great to see you. >> Thank you. Thanks for having me. >> You said this is your second year at the conference. Just kind of share your general impressions of what's going on here. >> Sure, well I think Node Summit is an awesome conference. I think this year's event is bigger, better organized. I don't know if it's bigger people wise but definitely feels that way. It sort of feels more structured. It's nice to see in the audience as well. Just an increased amount of larger organizations that are around and talking about their challenges and a little bit a lot earlier in the conference but a little bit of more experienced conversations. So conversations about hey, we've used node and we've encountered these issues versus we're about to use it. We're thinking of using it so definitely can see the enterprise adoption kind of growing up. That's my primary impression so far. >> Yeah and it's it in 'cause you're a start up but Microsoft is here, Google's here, Intel is here, IBM is here so a lot of the big players. Who've demonstrated in other open source communities that they have completely embraced open source as a method and way to get actually more than the software is getting closer to development community. >> Yeah, agreed and I think another adjacent trend that's happening is ServerList and ServerList has grown ridiculously, by massive amounts in these last while. And Node JS is sort of the de facto default language for ServerList. LAM just started with it and AWS and many of the other platforms only support it. I think that contribution also brings the giants a little bit more in here. The Cloud giants but also I think again just sort of boost the Node JS. As though the Node JS echo system needed a boost. They get another amplifier. Just raise enterprise awareness and general usage. >> Okay, so what's the Snyk all about? Gives us, some people aren't familiar with the company. >> Cool, so Snyk deals with open source security and specifically in Node JS, the world of MPMs. MPM is amazing and it allows us to build on the shoulders of giants and all the others in the community. But there are some inherent security risks with just pulling code off the internet and running it in your application. >> Jeff: Right, right. >> What we do at Snyk is we help you find known security flaws, known vulnerabilities in MPM packages, and do that in a natural fashion as part of your continuous development process, and then fix those efficiently and monitor for them over time. That's basically. >> That's your focus is really keeping track of all these other packages that people are using to their development. Precisely and we're helping you just use open source code and stay secure. The word node is our flag ship and it's where we started and build and now we support a bunch of other systems as well. >> It's interesting, Monica from Intel said that in some of their work they found that some of these applications. The actual developers only contributing 2% of the code 'cause they're pulling in all this other stuff. >> Precisely, I have this example I use in a bunch of my talks that shows ServerList example that has 19 lines of codes. Copies some file from URL and puts it on S3. That's 19 lines of codes which is awesome. Uses two packages which in turn use 19 packages which bring in 190,000 lines of code. >> Wow. >> That's a massive-- >> So what is that step function again? Start from the beginning. >> 19 to 190,000. >> It starts at two? >> 19 lines of code use two MPM packages. They use 19 packages because every package uses other packages as well, and combined those 19 packages bring in 190,000 lines of code. >> Wow, that's amazing. That's an extreme example but you see that pattern. You see this again and again that the majority of your code in your applications especially node is not first party it's third party code. >> Jeff: Right. >> And that means most of your security risks. Most of your vulnerabilities, they come from there so there is a lot of challenges around managing dependencies. I know it's called dependency help for a reason but specifically security is still not sufficiently taken care of. It's still overlooked and we need to make sure that it's not just addressed by security people. But it's addressed a part of the development process by developers. >> How do you keep up? Both with the number as the proliferation grows as well as the revisions and versions inside of any particular package? You kind of chasing a multi headed beast there. >> It's definitely tough. First of all the short answer is automation. Any scale solution has to start with automation. I've got a security research team in Israel that has a vulnerability pipeline that feeds in from activity in the open source world. Some developer opens an issue and gets helps that say SQL injection in some package and that disappears into the ether. So we try to surface those, get it to our security analysts, determine if it's a real vulnerability curated in our database, and then just build that database with your own research but a lot of it is around tapping into community. And then subsequently when you consume this if you want to be able to apply security correctly as you develop your applications Node JS or otherwise. It has to come to you. The security tool has to be a seamless integration with how you currently work. If you impose another step, another two steps, another three steps on the developers. They're just not going to use it. That's a lot of our emphasis is scale on the consumption and the tracking of the database and simplicity and ease of use on the developer on the user side. >> And do you help with just like flagging. Flagging is a problem or is there an alternative. I mean I would imagine with all these interdependencies, you find one rotten apple kind of have a huge impact. It's a huge scale of impact right. >> Absolutely so we do really what our moniker is that we don't find vulnerabilities, we fix them and our goal is to fix vulnerabilities. So we actually, first of all in the flow we have single click, open a fixed PR. We figure out what changes we need to do. What upgrades you need to make the vulnerability go away. Literally click a button to fix it. Put on one bat for everything and then what we also do. We build patches, sort of a little known fact is in the world of operation systems RedHat and Canonical. They build a lot of fixes or they back port a lot open source fixes, and they put them into their repository. You can just say on updates or upgrade and just get those fixes. You don't even know which vulnerabilities you're fixing. You're just getting the fixes so we build patches for our MPM packages as well to allow you to patch vulnerabilities you can not upgrade away. A lot of it is around fix. Make fix easy. >> Right and then the other part as you said is baking security in the development all the way through which we hear over and over and over. >> Build it in and bolt it in. >> The cast in method doesn't work anymore. You've got to have it throughout the application so you said you're speaking on a panel tomorrow. And I wondered if you can just highlight some of the topics for tomorrow for the folks that aren't going to be here and see the panel. When you look at ServerList security. Say that three times fast. What are some of the real special challenges that people need to be thinking about? >> Sure, so you know I actually have two talks tomorrow. One is a panel on Node JS security as a whole and that's sort of a broader panel. We have a few other colleagues in there and we talk about the evolution of Node JS security that includes the platform itself which is increasingly well handled by the foundation. Definitely some improvements there over the years and some of it is around best practices like the ones that was just discussed which is understanding known pitfalls and Node JS sort of security mistakes that you might do as well as handling the MPM echo system. The other talk that I have later in the day is around ServerList security. ServerList security is interesting because a lot of the promise of ServerList is function as a service is that a lot of the concerns. A lot of the earlier or lower levels get abstracted away from you. You don't need to manage servers. You don't need to manage operation systems and with those auto security concerns go away. Which in turns focuses the attackers and should focus you on the application. As attackers are not just going to give up because they can't hack the operating system that the pros are managing. They would look at the next low hanging fruit and that would be the application. Platform as a service and function as a service really increase the importance of dealing with application security as a whole. So my talk is a lot about that but also deals with other security concerns that you might of course any new methodology introduces its own concerns so talk a little bit about how to address those. ServerList like Node JS is an opportunity to build security into the culture and into our methodologies from the early day so trying to help us get that right. >> Alright, as you look forward, the next 12 months. I won't say more than 12 months, 6 months, 9 months, 12 months. What are some of your priorities at Snyk? What are you working on if we get together a year from now, what will we be talking about? I think, so two primary ones. One is continuing the emphasis on fix. Making fixing trivial in the Node JS environments as well as others. I think we've done well there but there is more work to be done. It needs to be as seamless as possible. The other aspect is indeed in this sort of past and fast world and platform and function as a service. Where increasingly there is this awareness as we work with different platforms to the blind spot that they have to open source libraries. They fix your NGX vulnerabilities but not your express vulnerabilities. I sometimes refer to MPM packages or open source packages as sprinkles of infrastructure that are just scattered through your application. And today, all of these Cloud platforms are blind to it so I expect us at Snyk to be helping past and fast users dealing with that security concerns efficiently. >> Alright, well I look forwards to the conversation. >> Thanks. >> Thanks for stopping by. >> Thank you. >> He's Guy Podjarny. He is from Snyk. The CEO of Snyk. I'm Jeff Frick, you're watching theCUBE. (uptempo techno music)