>> We're back at the ARIA Las Vegas. We're covering CrowdStrike's Fal.Con 22. First one since 2019. Dave Vellante and Dave Nicholson on theCUBE. Adam Meyers is here, he is the Senior Vice President of Intelligence at CrowdStrike. Adam, thanks for coming to theCUBE. >> Thanks for having me. >> Interesting times, isn't it? You're very welcome. Senior Vice President of Intelligence, tell us what your role is. >> So I run all of our intelligence offerings. All of our analysts, we have a couple hundred analysts that work at CrowdStrike tracking threat actors. There's 185 threat actors that we track today. We're constantly adding more of them and it requires us to really have that visibility and understand how they operate so that we can inform our other products: our XDR, our Cloud Workload Protections and really integrate all of this around the threat actor. >> So it's that threat hunting capability that CrowdStrike has. That's what you're sort of... >> Well, so think of it this way. When we launched the company 11 years ago yesterday, what we wanted to do was to tell customers, to tell people that, well, you don't have a malware problem, you have an adversary problem. There are humans that are out there conducting these attacks, and if you know who they are what they're up to, how they operate then you're better positioned to defend against them. And so that's really at the core, what CrowdStrike started with and all of our products are powered by intelligence. All of our services are our OverWatch and our Falcon complete, all powered by intelligence because we want to know who the threat actors are and what they're doing so we can stop them. >> So for instance like you can stop known malware. A lot of companies can stop known malware, but you also can stop unknown malware. And I infer that the intelligence is part of that equation, is that right? >> Absolutely. That that's the outcome. That's the output of the intelligence but I could also tell you who these threat actors are, where they're operating out of, show you pictures of some of them, that's the threat intel. We are tracking down to the individual persona in many cases, these various threats whether they be Chinese nation state, Russian threat actors, Iran, North Korea, we track as I said, quite a few of these threats. And over time, we develop a really robust deep knowledge about who they are and how they operate. >> Okay. And we're going to get into some of that, the big four and cyber. But before we do, I want to ask you about the eCrime index stats, the ECX you guys call it a little side joke for all your nerds out there. Maybe you could explain that Adam >> Assembly humor. >> Yeah right, right. So, but, what is that index? You guys, how often do you publish it? What are you learning from that? >> Yeah, so it was modeled off of the Dow Jones industrial average. So if you look at the Dow Jones it's a composite index that was started in the late 1800s. And they took a couple of different companies that were the industrial component of the economy back then, right. Textiles and railroads and coal and steel and things like that. And they use that to approximate the overall health of the economy. So if you take these different stocks together, swizzle 'em together, and figure out some sort of number you could say, look, it's up. The economy's doing good. It's down, not doing so good. So after World War II, everybody was exuberant and positive about the end of the war. The DGI goes up, the oil crisis in the seventies goes down, COVID hits goes up, sorry, goes down. And then everybody realizes that they can use Amazon still and they can still get the things they need goes back up with the eCrime index. We took that approach to say what is the health of the underground economy? When you read about any of these ransomware attacks or data extortion attacks there are criminal groups that are working together in order to get things spammed out or to buy credentials and things like that. And so what the eCrime index does is it takes 24 different observables, right? The price of a ransom, the number of ransom attacks, the fluctuation in cryptocurrency, how much stolen material is being sold for on the underground. And we're constantly computing this number to understand is the eCrime ecosystem healthy? Is it thriving or is it under pressure? And that lets us understand what's going on in the world and kind of contextualize it. Give an example, Microsoft on patch Tuesday releases 56 vulnerabilities. 11 of them are critical. Well guess what? After hack Tuesday. So after patch Tuesday is hack Wednesday. And so all of those 11 vulnerabilities are exploitable. And now you have threat actors that have a whole new array of weapons that they can deploy and bring to bear against their victims after that patch Tuesday. So that's hack Wednesday. Conversely we'll get something like the colonial pipeline. Colonial pipeline attack May of 21, I think it was, comes out and all of the various underground forums where these ransomware operators are doing their business. They freak out because they don't want law enforcement. President Biden is talking about them and he's putting pressure on them. They don't want this ransomware component of what they're doing to bring law enforcement, bring heat on them. So they deplatform them. They kick 'em off. And when they do that, the ransomware stops being as much of a factor at that point in time. And the eCrime index goes down. So we can look at holidays, and right around Thanksgiving, which is coming up pretty soon, it's going to go up because there's so much online commerce with cyber Monday and such, right? You're going to see this increase in online activity; eCrime actors want to take advantage of that. When Christmas comes, they take vacation too; they're going to spend time with their families, so it goes back down and it stays down till around the end of the Russian Orthodox Christmas, which you can probably extrapolate why that is. And then it goes back up. So as it's fluctuating, it gives us the ability to really just start tracking what that economy looks like. >> Realtime indicator of that crypto. >> I mean, you talked about, talked about hack Wednesday, and before that you mentioned, you know, the big four, and I think you said 185 threat actors that you're tracking, is 180, is number 185 on that list? Somebody living in their basement in their mom's basement or are the resources necessary to get on that list? Such that it's like, no, no, no, no. this is very, very organized, large groups of people. Hollywood would have you believe that it's guy with a laptop, hack Wednesday, (Dave Nicholson mimics keyboard clacking noises) and everything done. >> Right. >> Are there individuals who are doing things like that or are these typically very well organized? >> That's a great question. And I think it's an important one to ask and it's both it tends to be more, the bigger groups. There are some one-off ones where it's one or two people. Sometimes they get big. Sometimes they get small. One of the big challenges. Have you heard of ransomware as a service? >> Of course. Oh my God. Any knucklehead can be a ransomwarist. >> Exactly. So we don't track those knuckleheads as much unless they get onto our radar somehow, they're conducting a lot of operations against our customers or something like that. But what we do track is that ransomware as a service platform because the affiliates, the people that are using it they come, they go and, you know, it could be they're only there for a period of time. Sometimes they move between different ransomware services, right? They'll use the one that's most useful for them that that week or that month, they're getting the best rate because it's rev sharing. They get a percentage that platform gets percentage of the ransom. So, you know, they negotiate a better deal. They might move to a different ransomware platform. So that's really hard to track. And it's also, you know, I think more important for us to understand the platform and the technology that is being used than the individual that's doing it. >> Yeah. Makes sense. Alright, let's talk about the big four. China, Iran, North Korea, and Russia. Tell us about, you know, how you monitor these folks. Are there different signatures for each? Can you actually tell, you know based on the hack who's behind it? >> So yeah, it starts off, you know motivation is a huge factor. China conducts espionage, they do it for diplomatic purposes. They do it for military and political purposes. And they do it for economic espionage. All of these things map to known policies that they put out, the Five Year Plan, the Made in China 2025, the Belt and Road Initiative, it's all part of their efforts to become a regional and ultimately a global hegemon. >> They're not stealing nickels and dimes. >> No they're stealing intellectual property. They're stealing trade secrets. They're stealing negotiation points. When there's, you know a high speed rail or something like that. And they use a set of tools and they have a set of behaviors and they have a set of infrastructure and a set of targets that as we look at all of these things together we can derive who they are by motivation and the longer we observe them, the more data we get, the more we can get that attribution. I could tell you that there's X number of Chinese threat groups that we track under Panda, right? And they're associated with the Ministry of State Security. There's a whole other set. That's too associated with the People's Liberation Army Strategic Support Force. So, I mean, these are big operations. They're intelligence agencies that are operating out of China. Iran has a different set of targets. They have a different set of motives. They go after North American and Israeli businesses right now that's kind of their main operation. And they're doing something called hack and lock and leak. With a lock and leak, what they're doing is they're deploying ransomware. They don't care about getting a ransom payment. They're just doing it to disrupt the target. And then they're leaking information that they steal during that operation that brings embarrassment. It brings compliance, regulatory, legal impact for that particular entity. So it's disruptive >> The chaos creators that's.. >> Well, you know I think they're trying to create a they're trying to really impact the legitimacy of some of these targets and the trust that their customers and their partners and people have in them. And that is psychological warfare in a certain way. And it, you know is really part of their broader initiative. Look at some of the other things that they've done they've hacked into like the missile defense system in Israel, and they've turned on the sirens, right? Those are all things that they're doing for a specific purpose, and that's not China, right? Like as you start to look at this stuff, you can start to really understand what they're up to. Russia very much been busy targeting NATO and NATO countries and Ukraine. Obviously the conflict that started in February has been a huge focus for these threat actors. And then as we look at North Korea, totally different. They're doing, there was a major crypto attack today. They're going after these crypto platforms, they're going after DeFi platforms. They're going after all of this stuff that most people don't even understand and they're stealing the crypto currency and they're using it for revenue generation. These nuclear weapons don't pay for themselves, their research and development don't pay for themselves. And so they're using that cyber operation to either steal money or steal intelligence. >> They need the cash. Yeah. >> Yeah. And they also do economic targeting because Kim Jong Un had said back in 2016 that they need to improve the lives of North Koreans. They have this national economic development strategy. And that means that they need, you know, I think only 30% of North Korea has access to reliable power. So having access to clean energy sources and renewable energy sources, that's important to keep the people happy and stop them from rising up against the regime. So that's the type of economic espionage that they're conducting. >> Well, those are the big four. If there were big five or six, I would presume US and some Western European countries would be on there. Do you track, I mean, where United States obviously has you know, people that are capable of this we're out doing our thing, and- >> So I think- >> That defense or offense, where do we sit in this matrix? >> Well, I think the big five would probably include eCrime. We also track India, Pakistan. We track actors out of Columbia, out of Turkey, out of Syria. So there's a whole, you know this problem is getting worse over time. It's proliferating. And I think COVID was also, you know a driver there because so many of these countries couldn't move human assets around because everything was getting locked down. As machine learning and artificial intelligence and all of this makes its way into the cameras at border and transfer points, it's hard to get a human asset through there. And so cyber is a very attractive, cheap and deniable form of espionage and gives them operational capabilities, not, you know and to your question about US and other kind of five I friendly type countries we have not seen them targeting our customers. So we focus on the threats that target our customers. >> Right. >> And so, you know, if we were to find them at a customer environment sure. But you know, when you look at some of the public reporting that's out there, the malware that's associated with them is focused on, you know, real bad people, and it's, it's physically like crypted to their hard drive. So unless you have sensor on, you know, an Iranian or some other laptop that might be target or something like that. >> Well, like Stuxnet did. >> Yeah. >> Right so. >> You won't see it. Right. See, so yeah. >> Well Symantec saw it but way back when right? Back in the day. >> Well, I mean, if you want to go down that route I think it actually came from a company in the region that was doing the IR and they were working with Symantec. >> Oh, okay. So, okay. So it was a local >> Yeah. I think Crisis, I think was the company that first identified it. And then they worked with Symantec. >> It Was, they found it, I guess, a logic controller. I forget what it was. >> It was a long time ago, so I might not have that completely right. >> But it was a seminal moment in the industry. >> Oh. And it was a seminal moment for Iran because you know, that I think caused them to get into cyber operations. Right. When they realized that something like that could happen that bolstered, you know there was a lot of underground hacking forums in Iran. And, you know, after Stuxnet, we started seeing that those hackers were dropping their hacker names and they were starting businesses. They were starting to try to go after government contracts. And they were starting to build training offensive programs, things like that because, you know they realized that this is an opportunity there. >> Yeah. We were talking earlier about this with Shawn and, you know, in the nuclear war, you know the Cold War days, you had the mutually assured destruction. It's not as black and white in the cyber world. Right. Cause as, as Robert Gates told me, you know a few years ago, we have a lot more to lose. So we have to be somewhat, as the United States, careful as to how much of an offensive posture we take. >> Well here's a secret. So I have a background on political science. So mutually assured destruction, I think is a deterrent strategy where you have two kind of two, two entities that like they will destroy each other if they so they're disinclined to go down that route. >> Right. >> With cyber I really don't like that mutually assured destruction >> That doesn't fit right. >> I think it's deterrents by denial. Right? So raising the cost, if they were to conduct a cyber operation, raising that cost that they don't want to do it, they don't want to incur the impact of that. Right. And think about this in terms of a lot of people are asking about would China invade Taiwan. And so as you look at the cost that that would have on the Chinese military, the POA, the POA Navy et cetera, you know, that's that deterrents by denial, trying to, trying to make the costs so high that they don't want to do it. And I think that's a better fit for cyber to try to figure out how can we raise the cost to the adversary if they operate against our customers against our enterprises and that they'll go someplace else and do something else. >> Well, that's a retaliatory strike, isn't it? I mean, is that what you're saying? >> No, definitely not. >> It's more of reducing their return on investment essentially. >> Yeah. >> And incenting them- disincening them to do X and sending them off somewhere else. >> Right. And threat actors, whether they be criminals or nation states, you know, Bruce Lee had this great quote that was "be like water", right? Like take the path of least resistance, like water will. Threat actors do that too. So, I mean, unless you're super high value target that they absolutely have to get into by any means necessary, then if you become too hard of a target, they're going to move on to somebody that's a little easier. >> Makes sense. Awesome. Really appreciate your, I could, we'd love to have you back. >> Anytime. >> Go deeper. Adam Myers. We're here at Fal.Con 22, Dave Vellante, Dave Nicholson. We'll be right back right after this short break. (bouncy music plays)

live from the mandalay bay convention center in las vegas it's the cues covering vmworld 2016 rock you buy vmware and its ecosystem sponsors and welcome back here on the cube to continue our coverage to vmworld from mandalay bay along with peter burrows i'm john woloson it's a pleasure to welcome two fellows are know all about being on the cube one of them very recently Kim Barth is back with a CEO and co-founder of catalyzing software came good to see you oh it's great to see you and Eric Herzog I mean the Hawaiian shirt we know is is your signature moment it was finally a vice president probably marketing and management at IBM but you're an original cubist you said that I think the first year that the cube happened I was on with Dave eons ago must have been either 2010 or 2011 the first cube ever we got to make you like an emeritus member of the Alumni Association something and let it be careful when we say say cubist let's be very clear about it right now I've got to mix words here yeah kubera all right so if you would let's take a look at talk about your relationship Kenta logic at IBM I know you have a long-standing partnership you might call that that's evolving and getting a little bit stronger and Ken if you would maybe paint that picture a little bit oh look I mean these guys are just fantastic to work with we've been working with IBM for a couple of years now we're excited because we're going to continue to move the relationship forward and we've got some exciting new announcements about supporting even more of their storage coming out later this year what we're really excited about is the way that they've jumped in and they have a complete line of flash products and as you know from our conversation the other day flash is just taking the market absolutely by storm particular around the primary applications so what we've done at IBM is dramatic extend our portfolio this year we've been a market leader for years in all flash and we see flashes ubiquity cross all primary data sets so whether that be the high-performance databases VMware environments are virtualized environments cloud configurations big data linux doesn't matter what the workload is and we have all sorts of price points all sorted from performance yo flash does have different performance characteristics depending on how you configure it now you use it substantially now of course any flash configuration abstention faster than a traditional storage array or any hybrid array 10x to as much as a hundred x in real-world application spaces so we've expanded it down from our high end into very cost effective energy products as low as nineteen thousand dollars street price not lit not right there at the point of attack end-user raid five configuration for nineteen thousand we have big data analytics all flash configurations we have mainframe in the upper end of the Linux community of what's left of the UNIX world that's still out there that few Solaris and AIX business we have a lot of products of that space again all going flash and it doesn't matter what the workload is virtualized workloads database workloads virtual server workloads virtual desktop workloads cloud workloads new world databases Splunk spark Bongo Hadoop Cassandra all of those types of workloads now can be all flash and we have the right workloads with the right solution at the rice price point and you pick the right price point right solution you need for the right workload an application and when it seems to me that you talk about performance obviously key factor their speed you know off the charts but cost is the one that once that's been solved as you said is that the big nighter is that's what's going to like the what you're seeing is flash is essentially at the same price as disk was so there's a number of storage efficiency technologies on the primary side which is a we do cattle onic edges efficiency technologies on the copy side because so much copies of data are made not only for disaster protection but for test and dev snapshotting that's n used for backup so they track all that to get efficiency on the secondary side of the equation we do things like real time compression you block level d do we have all kinds of technologies dying to cut the cost of flash and so when you factor that in flash is way less expensive actually then disc and when you look at how it impacts your data center so for example if you were running certain workloads we have a real world public reference to run their work blood which is database work look took 80 servers because the storage was so slow so you over provision your servers because of what's called storage latency that customer just swapped out the storage for flash and went from 80 physical servers to 10 to the exact same workload so the impact of flash is not just performance oriented it's actually very cost oriented not just what does it cost per gigabyte for the storage but if you can take out 70 servers you just cut not only the capex on his server farm right all the operational expenditures around it and then what cat logic does people make copies of the primary data sets and they make everything efficient on the copy cider if you will the secondary side of storage and so they complement each other what we do on primary what they do on secondary so let's talk about that a little bit so if you think about it there no productivity is a function of the amount of work that you can do divided by the amount of cost or resources consumed to form that word so flash has significant benefits as you just said that cause side but when we start talking about a lot more copies that can be made available to developers or decision-makers in a lot of different forms now we're accelerating the speed by which that digital assets get created and we're improving productivity not just through efficiency and the cost but accelerating the value that I t's able to deliver through the business that's exactly right you're hitting the nail on the head because as Eric over here said it saves capex and opex with just slash but if you had a copy data management product particularly one like ours that has it's really a combination a copy data management we have a workflow engine and we have full access to rest api's that the customer can begin to tailor it to their environment and solve a lot of pain points like around test dev database copies snap copies things like that you know they did some studies IDC actually did some studies earlier this year we're at any given time a customer would have 50 copies of different data floating around the neighborhood 50 snaps and the reason this is a complex issue is because you have many different storage types taking many different stamps you have applications snaps and so if you think about it this all starts by organizing the snaps putting them in a searchable database if you will then offering a workflow engine where you can automate the process even make it self service right and at the end of the day what can happen is they can move delete so they really kind of you have control over your environment but what they can do is they can begin to really save huge money so with flash you're going to have good kept at x + op X but if you put our ECX product in which is what a lot of our customers call copy data management on steroids you can see geometric savings of that op X and capex but you're also accelerate development time absolutely official with all about efficiencies you all those things are absolutely improved absolutely right and then if you start having like we have arrested a series of rest api's you can begin to really tailor it to that customers environment so if you're doing again I go back to the test dev example and test dev we can tie that directly into things like puppets chef bluemix right these are all development tools that make it totally efficient for the software developer right that's just one use case will we go ahead no so Eric as I new introduces more of these products arguments in the storage business for a long time forever yeah ain't that about me and respects IBM created the whole concept of storage administration whatever was 30 years ago now but as IBM does this is storage increasingly being elevated as customers see their data volumes going up and the need to track where this data is who's using it the number of copies in place how is that impacting the way IBM thinks about the concept of an overall system well we look at it from the application space it's all about the applications workloads and use cases and customers want to optimize the business value of that data so as it's growing exponentially you'd be able to access that data quickly and most importantly it needs to be always there so everyone talks about speech BCC speed for flash it's not just about speed of flash your Flash ray needs to be reliable available and serviceable just like our driver ray had to be and so you're looking at different characteristics and performance different characteristics and price different characteristics in the rats capability the reliability available in serviceability and you tie that to what you need for your workloads we've had the highest in oracle database in a company let's say that company is all oracle so you need something like our flash systems a 9000 or flash system 900 but if you've got the oracle database that tracks their asset management which would mean things like chairs tables and whiteboards that's not high performance that could go on our store wise 50 30 f which is way more cost effective and it's incredibly fast compared to our driver e but not as fast as our flash systems so it's very important a that you have the performance but be if you don't have the reliability doesn't matter how fast you are if the thing fails then your cloud goes down your virtual environment goes down your VMware doesn't work you can't access that Oracle or there sa p or that Hadoop and so it's really about how to optimize those workloads those applications and those use cases and storage is the rock-solid foundation underneath that allows you to do that absolutely and when you're going into world that's all about cloud which means real-time access and self service and the self-service suspect by the way it means that you don't always have a store gentlemen accessing it so if the thing fails and the guy's a VMware admin or a developer in Oracle or in any other environment he doesn't know what to do so you can't have the storage fee land in cognitive workloads and big data analytics workloads where you're running petabytes and petabytes and petabytes of information as fast as you possibly can you're trying to make business decisions or rail times you need the speed so what if it's super fast and then it fails so to put it on a black trading you know database for black trading for example or some of financial applications if it's really fast and then it fails that didn't help it hurts you so it's all about how to manage those workloads applications use cases natural for performance which everyone knows flash is but all that reliability available in the serviceability and then they manage a cat logic on the back side all the copies that people create which is it which is critical to make sure that those get managed appropriately and you don't have you really need 50 copies but you don't want 150 it is completely and efficient on the storage side and then developer doesn't know what to use so you just made it worse for yourself so you just introduce raise an interesting point related to data governance so I know that obviously cata logic has some ideas about how data governance is likely evolved partly in response to the need to manage multiple San apples understand where they are talk to us a little bit about how data governance which is fundamentally about how a business brings policy roles responsibilities to assets as data becomes more of an asset house governance changing oh I think governance is huge because dated you know data is exploding and particularly you start moving you have numbers of copies like Eric was saying how do you track that how do you know where it is how do you you know if you're in a compliance based business you could be in a lot of trouble so you've got to make sure you can audit and know where it goes and again one of the ways to do that is to keep it under control and not have so many copies floating around in his example you might make 10 to 15 copies of that database why do that if you only need one right that's one of our big advantages that we have versus some of our competitors we do what's called in place copy data management which means we we simply leverage Eric's great storage out there so a lot of our competitors will actually put a copy of that they'll make a copy on Eric storage move it to their storage and then you've kind of exacerbated the problem a little bit right what's like hoarding right exactly right but I and I mean kind of the Peters pointing some what you're saying is is that because we can we do right and so we make all these copies and it's exactly not need you know fifth down but but because I can and it's cheaper and storage is going down like cleaning out that closet we all have that closet at the house that we just keep putting stuff in and one of these days we think we're going to clean it out and the thing just grows and grows and they have to buy another house to get another closet so again how does this all this curb that behavior and that allow me to monitor through some governance policy when somebody is going over the line and we bring it back of the line and and we get a little more regular restrictive act again because of our workflow engine that we have in the product you can set thresholds you can automate the process so is example when a you know when a DBA or somebody gets a copy of the database you can put a time limit on when it's going to wipe it out they're going to stay in sync across the board so again you're not replicating this thing time and time again they're getting timely data when they need it and then it can automatically be removed but if I mean time one of the biggest problems within an IT organization is making available making data available to the disparate groups that need it solutely administrative costs of I need data well we'll get around to giving you that second to sorry in September right being able to do this much faster and utilize flaps technologies to facilitate that process has an impact on cost has an impact on the benefits which increases productivity has an impact of governance but also is an impact on the healthy friendly relations between IT and the business yes well what's happening is you're undergoing a revolution in the data center cloud obviously it's started with virtualization now it's extending to the cloud now you have a line of business that's more involved in IT than it's ever been before so the last thing you want is to worry about your storage or you just want it to be the foundation okay I'm from Silicon Valley we have earthquakes buildings really fall down on earthquakes if they have a bad foundation if you have a rock-solid foundation your cloud your cognitive your database workloads will always be fine you want to make sure that as you're doing that you're doing a cost effectively so both high performance that you need but high performance has a whole bunch of different price points at high performance because the entire world's got high performance other thing from an IT perspective and a business on a perspective flash storage is actually the evolution the revolutions the rest of the data center right I'm old enough where when I took my first computer class of University of California not a punch card then it all went tape anyone's seen a 1985 Schwarzenegger spy movie it's all tape then you see a 1995 Schwarzenegger spy movie and it's all hard drive arrays now it's all flash arrays so it's just an evolution from a storage perspective and it coincides with a revolution in the data center of cloud cognitive big data analytics real-time evaluation of data sets and so flash is coming at the fur and perfect time as you have this revolutionary confluence in the data center in the cloud and the web application workload yusuke space the fact that flash is only at evolution is actually great because you don't have to worry about it it's just an evolution of storage and allows you to take advantage of the revolution in your gayness enter your application or workload space that's the way the flash brings is is it's not a revolution it helps the revolution it does because as Eric was saying it you want to modernize your data center is what you're out to do and if you splash is a good step towards that and then if you had a copy data management tool like our product ECX on top of it it gives you the flexibility to move to the cloud move move it move data up to the cloud and back right it allows you to start offering self-service to your people so it doesn't take you know weeks or days to get that copy of the data they can start doing it themselves so it's a step in the right direction as he said from an evolution to the revolution of the data center yeah I'll bet out there somewhere right now there are a couple Millennials watching say did you already said about punch cards what a punch good oh no that's all it's all about date at the right place at the right time for the right people and you guys are a great example of getting that job done and thanks for being with us and sharing your story and we wish you continued success that's right I'd like to say one thing with you it is finished real quick if anybody out there has SVC or if they have in the flash from IBM please come see us we've got a great product that will greatly increase the capex it's cattle ajik software or can bart thank you gentlemen for being with us here on the cube we continue our coverage from vmworld after this thank you