(upbeat music) >> Hello, everyone. Welcome back to theCUBE's presentation of the AWS Startup Showcase. This is season two, episode four of the ongoing series covering the exciting startups from the AWS ecosystem. And talking about cybersecurity. I'm your host, John Furrier. Excited to have two great guests. Ed Casmer, founder and CEO of Cloud Storage Security, back CUBE alumni, and also James Johnson, AVP of Research and Development at iPipeline. Here to talk about cloud storage security antivirus on S3. James, thanks for joining us today. >> Thank you, John. >> Thank you. >> So the topic here is cloud security, storage security. Ed, we had a great CUBE conversation previously, earlier in the month. Companies are modernizing their apps and migrating the cloud. That's fact. Everyone kind of knows that. >> Yeah. >> Been there, done that. Clouds have the infrastructure, they got the OS, they got protection, but the end of the day, the companies are responsible and they're on the hook for their own security of their data. And this is becoming more permanent now that you have hybrid cloud, cloud operations, cloud native applications. This is the core focus right now in the next five years. This is what everyone's talking about. Architecture, how to build apps, workflows, team formation. Everything's being refactored around this. Can you talk about how organizations are adjusting and how they view their data security in light of how applications are being built and specifically around the goodness of say S3? >> Yep, absolutely. Thank you for that. So we've seen S3 grow 20,000% over the last 10 years. And that's primarily because companies like James with iPipeline are delivering solutions that are leveraging this object storage more and above the others. When we look at protection, we typically fall into a couple of categories. The first one is, we have folks that are worried about the access of the data. How are they dealing with it? And so they're looking at configuration aspects. But the big thing that we're seeing is that customers are blind to the fact that the data itself must also be protected and looked at. And so we find these customers who do come to the realization that it needs to happen, finding out, asking themselves, how do I solve for this? And so they need lightweight, cloud native built solutions to deliver that. >> So what's the blind spot? You mentioned there's a blind spot. They're kind of blind to that. What specifically are you seeing? >> Well so, when we get into these conversations, the first thing that we see with customers is I need to predict how I access it. This is everyone's conversation. Who are my users? How do they get into my data? How am I controlling that policy? Am I making sure there's no east-west traffic there, once I've blocked the north-south? But what we really find is that the data is the key packet of this whole process. It's what gets consumed by the downstream users. Whether that's an employee, a customer, a partner. And so it's really, the blind spot is the fact that we find most customers not looking at whether that data is safe to use. >> It's interesting. When you talk about that, I think about all the recent breaches and incidents. "Incidents," they call them. >> Yeah. >> They've really been around user configurations. S3 buckets not configured properly. >> Absolutely. >> And this brings up what you're saying, is that the users and the customers have to be responsible for the configurations, the encryption, the malware aspect of it. Don't just hope that AWS has the magic to do it. Is that kind of what you're getting at here? Is that the similar, am I correlating that properly? >> Absolutely. That's perfect. And we've seen it. We've had our own customers, luckily iPipeline's not one of them, that have actually infected their end users because they weren't looking at the data. >> And that's a huge issue. So James, let's get in, you're a customer partner. Talk about your relationship with these guys and what's it all about? >> Yeah, well, my pipeline is building a digital ecosystem for life insurance and wealth management industries to enable the sale of life insurance to under-insured and uninsured Americans, to make sure that they have the coverage that they need, should something happen. And our solutions have been around for many years. In a traditional data center type of an implementation. And we're in process now of migrating that to the cloud, moving it to AWS, in order to give our customers a better experience, a better resiliency, better reliability. And with that, we have to change the way that we approach file storage and how we approach scanning for vulnerabilities in those files that might come to us via feeds from third parties or that are uploaded directly by end users that come to us from a source that we don't control. So it was really necessary for us to identify a solution that both solved for these vulnerability scanning needs, as well as enabling us to leverage the capabilities that we get with other aspects of our move to the cloud and being able to automatically scale based on load, based on need, to ensure that we get the performance that our customers are looking for. >> So tell me about your journey to the cloud, migrating to the cloud and how you're using S3 specifically. What led you to determine the need for the cloud based AV solution? >> So when we looked to begin moving our applications to the cloud, one of the realizations that we had is that our approach to storing certain types of data was a bit archaic. We were storing binary files in a database, which is not the most efficient way to do things. And we were scanning them with the traditional antivirus engines that would've been scaled in traditional ways. So as our need grew, we would need to spin up additional instances of those engines to keep up with load. And we wanted a solution that was cloud native and would allow us to scan more dynamically without having to manage the underlying details of how many engines do I need to have running for a particular load at a particular time and being able to scan dynamically. And also being able to move that out of the application layer, being able to scan those files behind the scenes. So scanning in, when the file's been saved in S3, it allows us to scan and release the file once it's been deemed safe rather than blocking the user while they wait for that scan to take place. >> Awesome. Well, thanks for sharing that. I got to ask Ed, and James, same question next. It's, how does all this factor in to audits and self compliance? Because when you start getting into this level of sophistication, I'm sure it probably impacts reporting workflows. Can you guys share the impact on that piece of it? The reporting? >> Yeah. I'll start with a comment and James will have more applicable things to say. But we're seeing two things. One is, you don't want to be the vendor whose name is in the news for infecting your customer base. So that's number one. So you have to put something like this in place and figure that out. The second part is, we do hear that under SOC 2, under PCI, different aspects of it, there are scanning requirements on your data. Traditionally, we've looked at that as endpoint data and the data that you see in your on-prem world. It doesn't translate as directly to cloud data, but it's certainly applicable. And if you want to achieve SOC 2 or you want to achieve some of these other pieces, you have to be scanning your data as well. >> Furrier: James, what's your take? As practitioner, you're living it. >> Yeah, that's exactly right. There are a number of audits that we go through where this is a question that comes up both from a SOC perspective, as well as our individual customers who reach out and they want to know where we stand from a security perspective and a compliance perspective. And very often this is a question of how are you ensuring that data that is uploaded into the application is safe and doesn't contain any vulnerabilities. >> James, if you don't mind me asking, I have to kind of inquire because I can imagine that you have users on your system but also you have third parties, relationships. How does that impact this? What's the connection? >> That's a good question. We receive data from a number of different locations from our customers directly, from their users and from partners that we have as well as partners that our customers have. And as we ingest that data, from an implementation perspective, the way we've approached this, there's a minimal impact there in each one of those integrations. Because everything comes into the S3 bucket and is scanned before it is available for consumption or distribution. But this allows us to ensure that no matter where that data is coming from, that we are able to verify that it is safe before we allow it into our systems or allow it to continue on to another third party whether that's our customer or somebody else. >> Yeah, I don't mean to get in the weeds there, but it's one of those things where, this is what people are experiencing right now. Ed, we talked about this before. It's not just siloed data anymore. It's interactive data. It's third party data from multiple sources. This is a scanning requirement. >> Agreed. I find it interesting too. I think James brings it up. We've had it in previous conversations that not all data's created equal. Data that comes from third parties that you're not in control of, you feel like you have to scan. And other data you may generate internally. You don't have to be as compelled to scan that although it's a good idea, but you can, as long as you can sift through and determine which data is which and process it appropriately, then you're in good shape. >> Well, James, you're living the cloud security, storage security situation here. I got to ask you, if you zoom out and not get in the weeds and look at the board room or the management conversation. Tell me about how you guys view the data security problem. I mean, obviously it's important. So can you give us a level of how important it is for iPipeline and with your customers and where does this S3 piece fit in? I mean, when you guys look at this holistically, for data security, what's the view, what's the conversation like? >> Yeah. Well, data security is critical. As Ed mentioned a few minutes ago, you don't want to be the company that's in the news because some data was exposed. That's something that nobody has the appetite for. And so data security is first and foremost in everything that we do. And that's really where this solution came into play, in making sure that we had not only a solution but we had a solution that was the right fit for the technology that we're using. There are a number of options. Some of them have been around for a while. But this was focused on S3, which we were using to store these documents that are coming from many different sources. And we have to take all the precautions we can to ensure that something that is malicious doesn't make its way into our ecosystem or into our customers' ecosystems through us. >> What's the primary use case that you see the value here with these guys? What's the aha moment that you had? >> With the cloud storage security specifically, it goes beyond the security aspects of being able to scan for vulnerable files, which is, there are a number of options and they're one of those. But for us, the key was being able to scale dynamically without committing to a particular load whether that's under committing or overcommitting. As we move our applications from a traditional data center type of installation to AWS, we anticipated a lot of growth over time and being able to scale up very dynamically, literally moving a slider within the admin console, was key to us to be able to meet our customer's needs without overspending, by building up something that was dramatically larger than we needed in our initial rollout. >> Not a bad testimonial there, Ed. >> I mean, I agree. >> This really highlights the applications using S3 more in the file workflow for the application in real time. This is where you start to see the rise of ransomware other issues. And scale matters. Can you share your thoughts and reaction to what James just said? >> Yeah. I think it's critical. As the popularity of S3 has increased, so has the fact that it's an attack vector now. And people are going after it whether that's to plant bad malicious files, whether it's to replace code segments that are downloaded and used in other applications, it is a very critical piece. And when you look at scale and you look at the cloud native capability, there are lots of ways to solve it. You can dig a hole with a spoon, but a shovel works a lot better. And in this case, we take a simple example like James. They did a weekend migration, so they've got new data coming in all the time, but we did a massive migration 5,000 files a minute being ingested. And like he said, with a couple of clicks, scale up, process that over sustained period of time and then scale back down. So I've said it before, I said it on the previous one. We don't want to get in the way of someone's workflow. We want to help them secure their data and do it in a timely fashion that they can continue with their proper processing and their normal customer responses. >> Frictionless has to be key. I know you're in the marketplace with your antivirus for S3 on the AWS. People can just download it. So people are interested, go check it out. James, I got to ask you and maybe Ed can chime in over the top, but it seems so obvious. Data. Secure the data. Why is it so hard? Why isn't this so obvious? What's the problem? Why is it so difficult? Why are there so many different solutions? It just seems so obvious. You know, you got ransomware, you got injection of different malicious payloads. There's a ton of things going on around the data. Why is, this so obvious? Why isn't it solved? >> Well, I think there have been solutions available for a long time. But the challenge, the difficulty that I see, is that it is a moving target. As bad actors learn new vulnerabilities, new approaches and as new technology becomes available, that opens additional attack vectors. >> Yeah. >> That's the challenge, is keeping up on the changing world including keeping up on the new ways that people are finding to exploit vulnerabilities. >> And you got sensitive data at iPipeline. You do a lot of insurance, wealth management, all kinds of sensitive data, super valuable. This brings me up, reminds me of the Sony hack Ed, years ago. Companies are responsible for their own militia. I mean, cybersecurity is no government help for sure. I mean, companies are on the hook. As we mentioned earlier at the top of this interview, this really is highlighted that IT departments have to evolve to large scale cloud, cloud native applications, automation, AI machine learning all built in, to keep up at the scale. But also from a defense standpoint. I mean, James you're out there, you're in the front lines, you got to defend yourself basically, and you got to engineer it. >> A hundred percent. And just to go on top of what James was saying is, I think there, one of the big factors and we've seen this. There's skill shortages out there. There's also just a pure lack of understanding. When we look at Amazon S3 or object storage in general, it's not an executable file system. So people sort of assume that, oh, I'm safe. It's not executable. So I'm not worried about it traversing my storage network. And they also probably have the assumption that the cloud providers, Amazon is taking care of this for them. And so it's this aha moment. Like you mentioned earlier, that you start to think, oh it's not about where the data is sitting per se. It's about scanning it as close to the storage spot. So when it gets to the end user, it's safe and secure. And you can't rely on the end user's environment and system to be in place and up to date to handle it. So it's that really, that lack of understanding that drives some of these folks into this. But for a while, we'll walk into customers and they'll say the same thing you said, John. Why haven't I been doing this for so long? And it's because they didn't understand that it was such a risk. That's where that blind spot comes in. >> James, it's just a final note on your environment. What's your goals for the next year? How's things going over there on your side? How you look at the security posture? What's on your agenda for the next year? How are you guys looking at the next level? >> Yeah. Well, our goal as it relates to this is to continue to move our existing applications over to AWS to run natively there. Which includes moving more data into S3 and leveraging the cloud storage security solution to scan that and ensure that there are no vulnerabilities that are getting in. >> And the ingestion, is there like a bottlenecks log jams? How do you guys see that scaling up? I mean, what's the strategy there? Just add more S3? >> Well, S3 itself scales automatically for us and the cloud storage solution gives us leverage to pull to do that. As Ed mentioned, we ingested a large amount of data during our initial migration which created a bottleneck for us. As we were preparing to move our users over, we were able to make an adjustment in the admin console and spin up additional processes entirely behind the scenes and broke the log jam. So I don't see any immediate concerns there, being able to handle the load. >> The term cloud native and hyperscale native, cloud native, one cloud's hybrid. All these things are native. We have antivirus native coming soon. And I mean, this is what we're basically doing is making it native into the workflows. Security native. And soon there's going to be security clouds out there. We're starting to see the rise of these new solutions. Can you guys share any thoughts or vision around how you see the industry evolving and what's needed? What's working and what's needed? Ed, we'll start with you. What's your vision? >> So I think the notion of being able to look at and view the management plane and control that has been where we're at right now. That's what everyone seems to be doing and going after. I think there are niche plays coming up. Storage is one of them, but we're going to get to a point where storage is just a blanket term for where you put your stuff. I mean, it kind of already is that. But in AWS, it's going to be less about S3. Less about work docs, less about EVS. It's going to be just storage and you're going to need a solution that can span all of that to go along with where we're already at the management plane. We're going to keep growing the data plane. >> James, what's your vision for what's needed in the industry? What's the gaps, what's working, and where do you see things going? >> Yeah, well, I think on the security front specifically, Ed's probably a little bit better equipped to speak to them than I am since that his primary focus. But I see the need for just expanded solutions that are cloud native that fit and fit nicely with the Amazon technologies. Whether that comes from Amazon or other partners like Cloud Storage Security to fill those gaps. We are focused on the financial services and insurance industries. That's our niche. And we look to other partners like Ed to help be the experts in these areas. And so that's really what I'm looking for, is the experts that we can partner with that are going to help fill those gaps as they come up and as they change in the future. >> Well, James, I really appreciate you coming on, sharing your story and I'll give you the final word. Put a quick, spend a minute to talk about the company. I know Cloud Storage Security is an AWS partner with the security software competency and is one of I think 16 partners listed in the competency and the data category. So take a minute to explain what's going on with the company, where people can find more information, how they buy and consume the products. >> Okay. >> Put the plug in. >> Yeah, thank you for that. So we are a fast growing startup. We've been in business for two and a half years now. We have achieved our security competency as John indicated. We're one of 16 data protection security competent ISV vendors globally. And our goal is to expand and grow a platform that spans all storage types that you're going to be dealing with and answer basic questions. What do I have and where is it? Is it safe to use? And am I in proper control of it? Am I being alerted appropriate? So we're building this storage security platform, very laser focused on the storage aspect of it. And if people want to find out more information, you're more than welcome to go and try the software out on Amazon marketplace. That's basically where we do most of our transacting. So find it there. Start of free trial. Reach out to us directly from our website. We are happy to help you in any way that you need it. Whether that's storage assessments, figuring out what data is important to you and how to protect it. >> All right, Ed. Thank you so much. Ed Casmer, founder and CEO of Cloud Storage Security. And of course James Johnson, AVP of Research and Development, iPipeline customer. Gentlemen, thank you for sharing your story and featuring the company and the value proposition, certainly needed. This is season two, episode four. Thanks for joining us. Appreciate it. >> Casmer: Thanks John. >> Okay. I'm John Furrier. That is a wrap for this segment of the cybersecurity season two, episode four. The ongoing series covering the exciting startups from Amazon's ecosystem. Thanks for watching. (upbeat music)

(upbeat intro music) >> Hello, everyone. Welcome back to theCube's presentation of the AWS Startup Showcase. This is season two, episode four, of the ongoing series covering the exciting startups from the a AWS ecosystem. Talk about cybersecurity. I'm your host, John Furrier. Here, excited to have two great guests. Ed Casmer, Founder & CEO of Cloud Storage Security. Back, Cube alumni. And also James Johnson, AVP of Research & Development, iPipeline here. Here to talk about Cloud Storage Security, antivirus on S3. Gents, thanks for joining us today. >> Thank you, John. >> Thank you. >> So, the topic here is cloud security, storage security. Ed, we had a great Cube conversation previously, earlier in the month. You know, companies are modernizing their apps and migrating to the cloud. That's fact. Everyone kind of knows that. Been there, done that. You know, clouds have the infrastructure, they got the OS, they got protection. But, the end of the day, the companies are responsible and they're on the hook for their own security of their data. And this is becoming more preeminent now that you have hybrid cloud, cloud operations, cloud-native applications. This is the core focus right now. In the next five years. This is what everyone's talking about. Architecture, how to build apps, workflows, team formation. Everything's being refactored around this. Can you talk about how organizations are adjusting, and how they view their data security in light of how applications are being built and specifically, around the goodness of say, S3? >> Yep, absolutely. Thank you for that. So, we've seen S3 grow 20,000% over the last 10 years. And that's primarily because companies like James with iPipeline, are delivering solutions that are leveraging this object storage more and above the others. When we look at protection, we typically fall into a couple of categories. The first one is, we have folks that are worried about the access of the data. How are they dealing with it? So, they're looking at configuration aspects. But, the big thing that we're seeing is that customers are blind to the fact that the data itself must also be protected and looked at. And, so, we find these customers who do come to the realization that it needs to happen. Finding out like how asking themselves, "How do I solve for this?" And, so, they need lightweight, cloud-native built solutions to deliver that. >> So, what's the blind spot? You mentioned there's a blind spot. They're kind of blind to that. What specifically are you seeing? >> Well, so when we get into these conversations, the first thing that we see with customers is, "I need to predict how I access it." This is everyone's conversation. "Who are my users? How do they get into my data? How am I controlling that policy? Am I making sure there's no east-west traffic there, once I've blocked the north-south?" But, what we really find is that the data is the key packet of this whole process. It's what gets consumed by the downstream users. Whether that's an employee, a customer, a partner. And, so, it's really the blind spot is the fact that we find most customers not looking at whether that data is safe to use. >> It's interesting. You know, when you talk about that, I think about like all the recent breaches and incidents. "Incidents" they call them. >> Yeah. >> They're really been around user configurations. S3 buckets not configured properly. And this brings up what you're saying, is that the users and the customers have to be responsible for the configurations, the encryption, the malware aspect of it. Don't just hope that AWS has the magic to do it. Is that kind of what you're getting at here? Is that the similar? Am I correlating that properly? >> Absolutely. That's perfect. And, and we've seen it. We've had our own customers, luckily, iPipeline's not one of them, that have actually infected their end users, because they weren't looking at the data. >> Yeah. And that's a huge issue. So, James, let's get in, you're a customer-partner. Talk about your relationship with these guys and what's it all about? >> Yeah. Well, iPipeline is building a digital ecosystem for life insurance and wealth management industries to enable the sale of life insurance to underinsured and uninsured Americans, to make sure that they have the coverage that they need should something happen. And, our solutions have been around for many years in a traditional data center type of an implementation. And, we're in process now of migrating that to the cloud, moving it to AWS. In order to give our customers a better experience, better resiliency, better reliability. And, with that, we have to change the way that we approach file storage and how we approach scanning for vulnerabilities in those files that might come to us via feeds from third parties, or that are uploaded directly by end users that come to us from a source that we don't control. So, it was really necessary for us to identify a solution that both solved for these vulnerability scanning needs, as well as enabling us to leverage the capabilities that we get with other aspects of our move to the cloud. Being able to automatically scale based on load, based on need. To ensure that we get the performance that our customers are looking for. >> So, tell me about your journey to the cloud, migrating to the cloud, and how you're using S3. Specifically, what led you to determine the need for the cloud-based AV solution? >> Yeah. So, when we looked to begin moving our applications to the cloud, one of the realizations that we had is that our approach to storing certain types of data, was a bit archaic. We were storing binary files in a database, which is not the most efficient way to do things. And, we were scanning them with the traditional antivirus engines, that would've been scaled in traditional ways. So, as our need grew, we would need to spin up additional instances of those engines to keep up with load. And we wanted a solution that was cloud-native, and would allow us to scan more dynamically without having to manage the underlying details of how many engines do I need to have running for a particular load at a particular time, and being able to scan dynamically and also being able to move that out of the application layer, being able to scan those files behind the scenes. So, scanning in, when the file's been saved in S3. It allows us to scan and release the file once it's been deemed safe, rather than blocking the user while they wait for that scan to take place. >> Awesome. Well, thanks for sharing that. I got to ask Ed and James, same question. And next is, how does all this factor into audits and self-compliance? Because, when you start getting into this level of sophistication, I'm sure it probably impacts reporting, workflows. Can you guys share the impact on that piece of it? The reporting. >> Yeah, I'll start with a comment, and James will have more applicable things to say. But, we're seeing two things. One, is you don't want to be the vendor whose name is in the news for infecting your customer base. So, that's number one. so you have to put something like this in place and figure that out. The second part is, we do hear that under SOC 2, under PCI, different aspects of it, there are scanning requirements on your data. Traditionally, we've looked at that as endpoint data and the data that you see in your on-prem world. It doesn't translate as directly to cloud data, but, it's certainly applicable. And if you want to achieve SOC 2 or you want to achieve some of these other pieces, you have to be scanning your data as well. >> James, what's your take? As practitioner, you're living it. >> Yeah. That's exactly right. There are a number of audits that we go through, where this is a question that comes up both from a SOC perspective, as well as our individual customers, who reach out, and they want to know where we stand from a security perspective and a compliance perspective. And, very often, this is a question of "How are you ensuring that the data that is uploaded into the application is safe and doesn't contain any vulnerabilities?" >> James, if you don't mind me asking. I have to kind of inquire, because I can imagine that you have users on your system, but also you have third parties, relationships. How does that impact this? What's the connection? >> That's a good question. We receive data from a number of different locations. From our customers directly, from their users, and from partners that we have, as well as partners that our customers have. And, as we ingest that data, from an implementation perspective, the way we've approached this, there's minimal impact there in each one of those integrations, because everything comes into the S3 bucket and is scanned before it is available for consumption or distribution. But, this allows us to ensure that no matter where that data is coming from, that we are able to verify that it is safe before we allow it into our systems or allow it to continue on to another third party, whether that's our customer or somebody else. >> Yeah. I don't mean to get in the weeds there, but it's one of those things where, you know, this is what people are experiencing right now. You know, Ed, we talked about this before. It's not just siloed data anymore. It's interactive data. It's third party data from multiple sources. This is a scanning requirement. >> Agreed. I find it interesting, too. I think James brings it up. We've had it in previous conversations, that not all data's created equal. Data that comes from third parties that you're not in control of, you feel like you have to scan and other data you may generate internally. You don't, have to be as compelled to scan that, although it's a good idea. But it's, you can kind of, as long as you can sift through and determine which data is which, and process it appropriately, then you're in good shape. >> Well, James. You're living the cloud security storage security situation, here. I got to ask you if you zoom out, not get in the weeds, and look at kind of the boardroom or the management conversation. Tell me about how you guys view the data security problem. I mean, obviously it's important, right? So, can you give us a level of, you know, how important it is for iPipeline and with your customers and where does this S3 piece fit in? I mean, when you guys look at this holistically, for data security, what's the view? What's the conversation like? >> Yeah. Well, data security is critical. As Ed mentioned a few minutes ago, you don't want to be the company that's in the news because some data was exposed. That's something that nobody has the appetite for. And, so, data security is, first and foremost, in everything that we do. And that's really where this solution came into play and making sure that we had not only a solution, but, we had a solution that was the right fit for the technology that we're using. There are a number of options. Some of them have been around for a while. But this is focused on S3, which we were using to store these documents that are coming from many different sources. And, you know, we have to take all the precautions we can to ensure that something that is malicious doesn't make its way into our ecosystem or into our customers' ecosystems through us. >> What's the primary use case that you see the value here with these guys? What's the "aha" moment that you had? >> With the Cloud Storage Security, specifically, it was really, it goes beyond the security aspects of being able to scan for vulnerable files, which is there are a number of options and, and they're one of those. But for us, the key was being able to scale dynamically without committing to a particular load, whether that's under committing or over committing. As we move our applications from a traditional data center type of installation to AWS, we anticipated a lot of growth over time. And being able to scale up very dynamically, you know, literally moving a slider within the admin console was key to us, to be able to meet our customer's needs without overspending. By building up something that was, dramatically larger than we needed in our initial rollout. >> Not a bad testimonial there, Ed. I mean. >> I agree. >> This is really highlights the applications using S3 more in the file workflow for the application in real time. This is where you start to see the rise of ransomware, other issues and scale matters. Can you share your thoughts and reaction to what James just said? >> Yeah, I think it's critical. I mean, as the popularity of S3 has increased, so has the fact that it's an attack vector now, and people are going after it. Whether that's to plant bad, malicious files, whether it's to replace code segments that are downloaded and used in other applications, it is a very critical piece. And when you look at scale, and you look at the cloud-native capability, there are lots of ways to solve it. You can dig a hole with a spoon, but a shovel works a lot better. And, in this case, you know, we take a simple example like James. They did a weekend migration, so, they've got new data coming in all the time. But, we did a massive migration. 5,000 files a minute being ingested. And, like he said, with a couple of clicks, scale up, process that over a sustained period of time, and then scale back down. So, you know, I've said it before. I said it on the previous one. We don't want to get in the way of someone's workflow. We want to help them secure their data and do it in a timely fashion, that they can continue with their proper processing and their normal customer responses. >> Yeah. Friction always has to be key. I know you're in the marketplace with your antivirus, for S3 on AWS. People can just download it. So, people are interested, go check it out. James, I got to ask you, and maybe Ed can chime in over the top, but, it seems so obvious. Data. Secure the data. Why is it so hard? Why isn't this so obvious? What's the problem? Why is it so difficult? Why are there so many different solutions? It just seems so obvious. You know, you got ransomware, you got injection of different malicious payloads. There's a ton of things going around around the data. Why is this? This is so obvious. Why isn't it solved? >> Well, I think there have been solutions available for a long time. That the challenge, the difficulty that I see is, that it is a moving target. As bad actors learn new vulnerabilities, new approaches. And as new technology becomes available, that opens additional attack vectors. That's the challenge. Is keeping up on the changing world. Including keeping up on the new ways that people are finding to exploit vulnerabilities. >> Yeah. And you got sensitive data at iPipeline. You do a lot of insurance, wealth management, all kinds of sensitive data, super valuable. You know, just brings me up, reminds me of the Sony hack, Ed, years ago. You know, companies are responsible for their own militia. I mean, cybersecurity, there's no government help for sure. I mean, companies are on the hook, as we mentioned earlier at the top of this interview. This really is highlighted that, IT departments and are, have to evolve to large scale cloud, you know, cloud-native applications, automation, AI machine learning all built in, to keep up at the scale. But, also, from a defense standpoint, I mean, James, you're out there, you're in the front lines. You got to defend yourself, basically, and you got to engineer it. >> A hundred percent. And just to go on top of what James was saying is, I think they're one of the big factors, and we've seen this. There's skill shortages out there. There's also just a pure lack of understanding. When we look at Amazon S3 or object storage in general, it's not an executable file system. So, people sort of assume that, "Oh, I'm safe. It's not executable. So, I'm not worried about it traversing my storage network." And they also probably have the assumption that the cloud providers, Amazon, is taking care of this for 'em. And, so, it's this "aha" moment, like you mentioned earlier. That you start to think, "Oh, it's not about where the data is sitting, per se, it's about scanning it as close to the storage spot. So, when it gets to the end user, it's safe and secure. And you can't rely on the end users' environment and system to be in place and up to date to handle it. So, it's that really, that lack of understanding that drives some of these folks into this, but for a while, we'll walk into customers and they'll say the same thing you said, John. "Why haven't I been doing this for so long?" And, it's because they didn't understand that it was such a risk. That's where that blind spot comes in. >> James, it's just a final note on your environment. What's your goals for the next year? How's things going over there in your side? How do you look at the security posture? What's on your agenda for the next year? How do you guys looking at the next level? >> Yeah, well, our goal as it relates to this is, to continue to move our existing applications over to AWS, to run natively there, which includes moving more data into S3 and leveraging the cloud storage security solution to scan that and ensure that it's, that there are no vulnerabilities that are getting in. >> And the ingestion? Is there like a bottlenecks, log jams? How do you guys see that scaling up? I mean, what's the strategy there? More, just add more S3? >> Well, S3 itself scales automatically for us and, the Cloud Storage Solution gives us levers to pull to do that. As Ed mentioned, we ingested a large amount of data during our initial migration, which created a bottleneck for us, as we were preparing to move our users over. We were able to, you know, make an adjustment in the admin console and spin up additional processes entirely behind the scenes and broke the log jam. So, I don't see any immediate concerns there. Being able to handle the load. >> You know, the term cloud-native and, you know, hyperscale-native, cloud-native, OneCloud, it's hybrid. All these things are native. We have anti-virus native coming soon. And I mean, this is what we're. You're basically doing is making it native into the workflows. Security native, and soon there's going to be security clouds out there. We're starting to see the rise of these new solutions. Can you guys share any thoughts or vision around how you see the industry evolving and what's needed, what's working and what's needed? Ed, we'll start with you. What's your vision? >> So, I think the notion of being able to look at and view the management plane and control that, has been where we're at right now. that's what everyone seems to be doing and going after. I think there are niche plays coming up, storage is one of them. But, we're going to get to a point where storage is just a blanket term for where you put your stuff. I mean, it kind of already is that, but, in AWS, it's going to be less about S3, less about work docs, less about EVS. It's going to be just storage and you're going to need a solution that can span all of that, to go along with where we're already at at the management plane. We're going to keep growing the data plane. >> James, what's your vision for what's needed in the industry? What's the gaps? What's working? And where do you see things going? >> Yeah, well, I think on the security front, specifically, Ed's probably a little bit better equipped to speak to them than I am. Since that's his primary focus. But I see the need for just expanded solutions that are cloud-native, that fit and fit nicely with the Amazon technologies, Whether that comes from Amazon or other partners like Cloud Storage Security, to fill those gaps. We're focused on, you know, the financial services and insurance industries. That's our niche. And we look to other partners, like Ed, to help be the experts in these areas. And so that's really what I'm looking for is, you know, the experts that we can partner with that are going to help fill those gaps as they come up and as they change in the future. >> Well, James, I really appreciate you coming on sharing your story. Ed, I'll give you the final word. Put a quick, spend a minute to talk about the company. I know Cloud Storage Security is an AWS partner, with the Security Software Competency. And is one of, I think, 16 partners listed in the competency and data category. So, take a minute to explain, you know, what's going on with the company, where people can find more information, how they buy and consume the products. >> Okay. >> Put the plug in. >> Yeah, thank you for that. So, we are a fast growing startup. We we've been in business for two and a half years, now. We have achieved our Security Competency. As John indicated, we're one of 16 data protection, Security Competent ISV vendors, globally. And, our goal is to expand and grow a platform that spans all storage types that you're going to be dealing with. And answer basic questions. "What do I have and where is it? Is it safe to use?" And, "Am I in proper control of it? Am I being alerted appropriately?" You know, so we're building this storage security platform, very laser-focused on the storage aspect of it. And, if people want to find out more information, you're more than welcome to go and try the software out on Amazon Marketplace. That's basically where we do most of our transacting. So, find it there, start a free trial, reach out to us directly from our website. We are happy to help you in any way that you need it, whether that's storage assessments, figuring out what data is important to you, and how to protect it. >> All right, Ed, thank you so much. Ed Casmer. Founder & CEO of Cloud Storage Security and of course James Johnson, AVP Research & Development, iPipeline customer. Gentlemen, thank you for sharing your story and featuring the company and the value proposition. It's certainly needed. This is season two, episode four. Thanks for joining us. Appreciate it. >> Thanks, John. >> Okay. I'm John Furrier. That is a wrap for this segment of the cybersecurity, season two, episode four. The ongoing series covering the exciting startups from Amazon's ecosystem. Thanks for watching. (gentle outro music)

>> Voiceover: Live, from Las Vegas it's theCUBE Covering AWS re:Invent 2019. Brought to you by Amazon Web Services and Intel, along with its ecosystem partners. >> We're back at AWS re:Invent, this is theCUBE, the leader in live tech coverage. I'm Dave Vellante with my co-host, Justin Warren. This is day one of AWS re:Invent. Rob Lee is here, he's the Vice President and Chief Architect at Pure Storage. And he's joined by Rob Walters, who is the Vice President, General Manager of Storage as a Service at Pure. Robs, welcome to theCUBE. >> Thanks for having us back. >> Yep, thank you. >> Dave: You're welcome. Rob, we'll start with, Rob Lee we'll start with you. So re:Invent, this is the eighth re:Invent, I think the seventh for theCUBE, what's happened at the show, any key takeaways? >> Yeah, absolutely it's great to be back. We were here last year obviously big launch of cloud data services, so it's great to be back a year in. And just kind of reflect back on how the year's gone for uptick at cloud data services, our native US. And it's been a banner year. So we saw over the last year CloudSnap go GA Cloud Block Store go GA and you know just really good customer uptake, adoption and kind of interest out of the gate. So it's kind of great to be back. Great to kind of share what we've down over the last year as well as just get some feedback and more interest from future customers and prospects as well. >> So Rob W, with your background in the cloud what's you take on this notion of storage as a service? How do you guys think about that and how do you look at that? >> Sure, well this is an ever more increasingly important way to consume storage. I mean we're seeing customers who've been you know got used to the model, the economic model, the as a service model in the cloud, now looking to get those benefits on-prem and in the hybrid cloud too. Which if you know, you look at our portfolio we have both there, as part of the Pure as a service. >> Right okay, and then so Pure Accelerate you guys announced Cloud Block Store. >> Yeah, that's when we took it GA. Right so we've been working with customers in a protracted beta process over the last year to really refine the fit and use cases for tier one block workloads and so we took that GA in Accelerate. >> So this is an interesting, you're a partner obviously with Amazon I would think many parts of Amazon love Cloud Block Store 'cause you're using EC2, you're front-ending S3 like you're helping Amazon sell services and you're delivering a higher level of availability and performance in certain workloads, relative to EVS. So there's probably certain guys at Amazon that aren't so friendly with you. So that's an interesting dynamic, but talk about the positioning of Cloud Block Store. Any sort of updates on uptake? What are customers excited about? What can you share? >> Yeah, no absolutely You know I'd say primarily we're most pleased with the variety of workloads and use cases that customers are bringing us into. I think when we started out on this journey we saw tremendous promise for the technology to really improve the AWS Echo system and customer experience for people that wanted to consume block storage in the cloud. What we learned as we started working with customers is that because of the way we've architected the product brought a lot of the same capabilities we deliver on our flash arrays today into AWS, it's allowed customers to take us into all the same types of workloads that they put flash arrays into. So that's their tier one mission critical environments, their VMware workloads, their Oracle workloads, their SAP workloads. They're also looking at us from everything from to do lift and shift, test and dev in the cloud, as well as DR right, and that again I think speaks to a couple things. It speaks to the durability, the higher level of service that we're able to deliver in AWS, but also the compatibility with which we're able to deliver the same sets of features and have it operate in exactly the same way on-prem and in the cloud. 'Cause look, if you're going to DR the last time, the last point in time you want to discover that there's a caveat, hey this feature doesn't quite work the way you expect is when you have a DR failover. And so the fact that we set out with this mission in mind to create that exact level of sameness, you know it's really paying dividends in the types of use cases that customers are bringing us into. >> So you guys obviously a big partner of VMware, you're done very well in that community. So VMware cloud on AWS, is that a tailwind for you guys or can you take advantage of that at this point? >> Yeah no, so I think the way I look at it is both VMware, Pure, AWS, I think we're all responding to the same market demands and customer needs. Which at the end of the day is, look if I'm an enterprise customer the reality is, I'm going to have some of my workloads running on-premise, I'm going to have some of my workloads running in the cloud, I expect you the vendors to help me manage this diverse, hybrid environment. And what I'd say is, there are puts and takes how the different vendors are going about it but at the end of the day that's the customer need. And so you know we're going about this through a very targeted storage-centric approach because that's where we provide service today. You know and you see VMware going after it from the kind of application, hypervisor kind of virtualization end of things. Over time we've had a great partnership with VMware on-premise, and as both Cloud Block Store and VMware Cloud mature, we'd look to replicate the same motion with them in that offering. >> Yeah, I mean to to extent I mean you think about VMware moving workloads with their customers into the cloud, more mission critical stuff comes into the cloud, it's been hard to get a lot of those workloads in to date and that's maybe the next wave of cloud. Rob W., I have a question for you. You know Amazon's been kind of sleepy in storage over the, S3, EBS, okay great. They dropped a bunch of announcements this year and so it seems like there's more action now in the cloud. What's your sort of point of view as to how you make that an opportunity for Pure? >> The way I've always looked at it is, there's been a way of getting your storage done and delivered on AWS and there's been the way that enterprises have done things on-premise. And I think that was a sort of a longer term bet from AWS that that was the way things will tend to fall towards into the public cloud. And now we see, all of the hyperscalers quite honestly with on-prem, hybrid opportunities. With the like Outpost today, et cetera. The hybrid is a real things, it's not just something people said that couldn't get to the cloud, you know it's a real thing. So I think that actually opens up opportunity from both sides. True enterprise class features that our enterprise class customers are looking for in the cloud through something like CBS are now available. But I think you know at Amazon and other hyperscale are reaching back down into the on-prem environments to help with the onboarding of enterprises up into the cloud >> So the as a service side of things makes life a little bit interesting from my perspective, because that's kind of new for Pure to provide that storage as a service, but also for enterprises as you say, they're used to running things in a particular way so as they move to cloud they're kind of having to adapt and change and yet they don't fully want to. Hybrid is a real thing, there are real workloads that need to perform in a hybrid fashion. So what does that mean for you providing storage as a service, and still to Rob Lee's point, still providing that consistency of experience across the entire product portfolio. 'Cause that's quite an achievement and many other as storage providers haven't actually been able to pull that off. So how do you keep all of those components working coherently together and still provide what customers are actually looking for? >> I think you have to go back to what the basics of what customers are actually looking for. You know they're looking to make smart use of their finances capex potentially moving towards opex, that kind of consumption model is growing in popularity. And I think a lot of enterprises are seeing less and less value in the sort of nuts and bolts storage management of old. And we can provide a lot of that through the as a service offering. So had to look past the management and monitoring. We've always done the Evergreen service subscription, so with software and hardware upgrades. So we're letting their sort of shrinking capex budget and perhaps their limited resources work on the more strategically important elements of their IT strategies, including hybrid-cloud. >> Rob Lee, one of the things we've talked about in the past is AI. I'm interested in sort of the update on the AI workloads . We heard a lot obviously today on the main stage about machine learning, machine intelligence, AI, transformations, how is that going, the whole AI push? You guys were first, really the first storage company to sort of partner up and deliver solutions in that area. Give us the update there. Wow's it going, what are you learning? >> Yeah, so it's going really well. So it continues to be a very strong driver of our flash play business, and again it's really driven by it's a workload that succeeds with very large sums of data, it succeeds when you can push those large sums of data at high speed into modern compute, and rinse and repeat very frequently. And the fourth piece which I think is really helping to propel some of the business there, is you know, as enterprises, as customers get further on into the AI deployment journeys what they're finding is the application space evolves very quickly there. And the ability for infrastructure in general, but storage in particular, because that's where so much data gravity exists to be flexible to adapt to different applications and changing application requirements really helps speed them up. So said another way, if the application set that your data scientists are using today are going to change in six months, you can't really be building your storage infrastructure around a thesis of what that application looks like and then go an replace it in six months. And so that message as customers have been through now the first, first and a half iterations of that and really sort of internalize, hey AI is a space that's rapidly evolving we need infrastructure that can evolve and grow with us, that's helping drive a lot of second looks and a lot of business back to us. And I would actually tie this back to your previous question which is the direction that Amazon have taken with some of their new storage offerings and how that ties into storage as a service. If I step back as a whole, what I'd say is both Amazon and Pure, what we see is there's now a demand really for multiple classes of service for storage, right. Fast is important, it's going to continue to get more and more important, whether it's AI, whether it's low latency transactional databases, or some other workload. So fast always matters, cost always matters. And so you're going to have this stratification, whether it's in the cloud, whether its on flash with SCM, TLC, QLC, you want the benefits of all of those. What you don't want is to have to manage the complexity of tying and stitching all those pieces together yourself, and what you certainly don't want is a procurement model that locks you out or in to one of these tiers, or in one of these locations. And so if you think about it in the long term, and not to put words in the other Rob's mouth, where I think you see us going with Pure as a service is moving to a model that really shifts the conversation with customers to say, look the way you should be transacting with storage vendors, and we're going to lead the charge is class of service, maybe protocol, and that's about it. It's like where do you want this data to exist? How fast do you want it? Where on the price performance curve do you want to be? How do you want it to be protected? And give us room to take care of it from there. >> That's right, that's right. This isn't about the storage array anymore. You know you look at the modern data experience message this is about what do you need from your storage, from a storage attribute perspective rather than a physical hardware perspective and let us worry about the rest. >> Yeah you have to abstract that complexity. You guys have, I mean simple is the reason why you were able to achieve escape velocity along with obviously great product and pretty good management as well. But you'll never sub optimize simplicity to try to turn some knobs. I mean I've learned that following you guys over the years. I mean that's your philosophy. >> No absolutely, and what I'd say is as technology evolves, as the components evolve into this world of multis, multi-protocol, multi-tier, multi-class of service, you know the focus on that simplicity and taking even more if it on becomes ever more important. And that's a place where, getting to your question about AI we help customers implement AI, we also do a lot of AI within our own products in our fleet. That's a place where our AI driven ops really have a place to shine in delivering that kind of best optimization of price, performance, tiers of service, so on, so forth, within the product lines. >> What are you guys seeing at the macro? I mean that to say, you've achieved escape velocity, check. Now you're sort of entering the next chapter of Pure. You're the big share gainer, but obviously growing slower than you had in previous years. Part of that we think is this, part of your fault. You put so much flash into the marketplace. It's given people a lot of headroom. Obviously NaN pricing has been an issue, you guys have addressed that on your calls, but still gaining share much, much more quickly than most. Most folks are shrinking. So what are you seeing at the macro, what are customers telling you in terms of their long term strategy with regard to storage? >> Well, so I'll start, I'll let Rob add in. What I'd say is we see in the macro a shift, a clear shift to flash. We've called the shots since day one, but what I'd say is that's accelerating. And that's accelerating with pricing dynamics, with and you know we talked about a lot of the NaN pricing and all that kind of stuff, but in the macro I think there's a clear realization now that customers want to be on flash. It's just a matter of what's the sensible rate? What's the price kind of curve to get there? And we see a couple meaningful steps. We saw it originally with our flash array line taking out 15K spinning drives, 10K's really falling. With QLC coming online and what we're doing in FlashArray//C the 7200 RPM drive kind of in the enterprise, you know those days are numbered, right. And I think for many customers at this point it's really a matter of, okay how quickly can we get there and when does it make sense to move, as opposed to, does it make sense. In many ways it's really exciting. Because if you think about it, the focus for so long has been in those tier one environments, but in many ways the tier two environments are the ones that could most benefit from a move to flash because a couple things happen there. Because they're considered lower tier, lower cost they tend to spread like bunnies, they tend to be kind of more neglected parts of the environment and so having customers now be able to take a second look at modernizing, consolidating those environments is both helpful from a operational point of view, it's also helpful from the point of view of getting them to be able to make that data useful again. >> I would also say that those exact use cases are perfect candidates for an as a service consumption model because we can actually raise the utilization, actually helping customers manage to a much more utilized set of arrays than the over consumption, under consumption game they're trying to play right now with their annual capex cycles. >> And so how aggressive do you see customers wanting to take advantage of that as a service consumption model? Is it mixed or is it like, we want this? >> There's a lot of customers who are just like we want this and we want it now. We've seen a very good traction and adoption so yeah, it's a surprisingly large, complex enterprise customer adoption as well. >> A lot of enterprise, they've gotten used to the idea of cloud from AWS. They like that model of dealing with things and they want to bring that model of operating on site, because they want cloud everywhere. They don't actually want to transform the cloud into enterprise. >> No, exactly, I mean if I go back 20 plus years to when I was doing hands on IT, the idea that we as a team would let go of any of the widgetry that we are responsible for, never would have happened. But then you've had this parallel path of public cloud experience, and people are like well I don't even need to be doing that anymore. And we get better results. Oh and it's secure as well? And that list just goes on. And so now as you say, the enterprise wants to bring it back on-prem for all of those benefits. >> One of the other things that we've been tracking, and maybe it falls in the category of cloud 2.0 is the sort of new workload forming. And I'll preface it this way, you know the early days, the past decade of cloud infrastructures of service have been about, yeah I'm going to spin up some EC2, I'm going to need some S3, whatever, I need some storage, but today it seems like, there's all this data now and then you're seeing new workloads driven by platforms like Snowflake, Redshift, you know clearly throw in some ML tools like Databricks and it's driving a lot of compute now but it's also driving insights. People are really pulling insights out of that data. I just gave you cloud examples, are you seeing on-prem examples as well, or hybrid examples, and how do you guys fit into that? >> Yeah, no absolutely. I think this is a secular trend that was kicked off by open source and the public cloud. But it certainly affects, I would say, the entire tech landscape. You know a lot of it is just about how applications are built. If you about, think back to the late '80s, early '90s you had large monoliths, you had Oracle, and it did everything, soup to nuts. Your transactional system, your data warehouse, ERP, cool, we got it all. That's not how applications are built anymore. They're built with multiple applications working together. You've got, whether it's Kafka connecting into some scale out analytics database, connected into Cassandra, connected right. It's just the modern way of how applications are built. And so whether that's connecting data between SaaS services in the cloud, whether it's connecting data between multiple different application sets that are running on-prem, we definitely see that trend. And so when you peel back the covers of that, what we see, what we hear from customers as they make that shift, as they try to stand up infrastructure to meet those need, is again the need for flexibility. As multiple applications are sharing data, are handing off data as part of a pipeline or as part of a workflow, it becomes ever more important for the underlying infrastructure, the storage array if you will, to be able to deliver high performance to multiple applications. And so the era of saying, hey look I'm going to design a storage array to be super optimized for Oracle and nothing else like you're only going to solve part of the problem now. And so this is why you see us taking, within Pure the approach that we do with how we optimize performance, whether it's across FlashArray, FlashBlade, or Cloud Block Store. >> Excellent, well guys we got to leave it there. Thanks so much for coming on theCUBE and sharing your thoughts with us. And have a good rest of re:Invent. >> Thanks for having us back >> Dave: All right, pleasure >> Thank you >> All right, keep it right there everybody. We'll be back to wrap day one. Dave Vellante for Justin Warren. You're watching theCUBE from AWS re:Invent 2019. Right back (electronic music)

>> Announcer: Live from Las Vegas, It's The Cube, covering NAB 2017. Brought to you by HGST. >> Welcome back to NAB day three. I'm Lisa Martin. We are here live in Las Vegas very excited to introduce you to our next guest, Alan Hoff, VP of Market Solutions for Avid. Welcome to The Cube. >> Thank you, Lisa. It's great to be here. >> You are an NAB veteran. This is your 21st year. >> Indeed, yes. >> You must have seen incredible transformation. >> Alan: It's true, yes. >> Tell us about just, you were saying before we went live that you've really been here at the start of digital transformation. Walk us through that kind of the evolution that you've witnessed? >> Yes, certainly. So when I first came here in 1996, the show was a little bit smaller and I came with a company that did non-linear digital video editing systems, not Avid but a competitor. And that was really the first link in the overall production chain that became digitized, and so that was really the forefront of the digital transformation that we're now seeing play out and ultimately culminating with all these cloud-based workflows that everybody's talking about. So I've been watching it as that digital production value chain has evolved all across knocking down one category after another, and as I say, it's really culminating now with the journey to the Cloud. >> Speaking of journey, this journey that you've been on in your seat, what are some of the things that surprise you still in yearr 21 for you at NAB? And what are some of the trends that you've seen go from maybe something buzzy to a real key value solution? >> Yeah, so I think Cloud was being hyped quite a bit a few years ago, and Avid was there. We announced some cloud-based workflows a couple years ago, et cetera, along with others. But it's really just now at this show that we're really seeing it come into a more pragmatic, broader workflow solution. The challenges that the industry is facing at all levels is that they need to create more content at higher quality that is more standout in nature and that is engaging and attention-grabbing than ever before, because there's so much more of it being created, and there are so many more outlets in which it can be consumed, and it's no longer on anybody's schedule but the consumer's schedule. So that has really thrown a wrench in the works in the traditional business models that people have gone through. And so Avid saw this a few years ago, and we developed something that we call the Media Central Platform. The goal of that platform was to standardize all the disparate different technologies and bits and standards that were out there into one unified whole to make it easier for individual artists or creative teams, like at post houses, or even the largest media enterprises out there, to get more efficient in the way they create their content and distribute their content. So what that's meant is Avid, which historically had been a very vertically oriented and closed company, had to learn how to play well with others. This is not unlike what we're seeing from other large players in the industry, Microsoft for example. These guys have realized that, in order to deliver what it is that the customers are looking for, again, regardless of their level of the segment, they have to be open and play well with the perhaps traditional competitors or folks that you never would have thought would have a solid workflow. So in the case of Avid, we, a year ago, announced that we were working with Adobe, which has always been a tool of choice for Avid customers. It's very common for them to have Avid products, Adobe products. But in some areas, we were directly competitive, and so what we ended up doing was we made it so that the Adobe Premiere products could work seamlessly within the Avid Media Central Platform. This year, we did something similar with-- >> You've got a big announcement at this show? >> Well, with EVS, we did integration. So EVS makes these, arguably, the world's best sports replay service, those great sports slomo replay, et cetera, that you see on sporting events. They have basically become the standard in that area. So we wanted to integrate the workflow. So we worked with EVS. They used our connectivity toolkit to create a flow-blown, certified membership in the platform so that an Avid user can have access to the EVS assets as if they were the Avid assets. So seamless workflow, all because that's what the customers need to be able to create this content faster and get it out to more devices. >> Speaking of the customer, you mentioned some alliance partners. In your role at Avid, you're responsible for product marketing alliances. Talk to us about what you're seeing, from the customer journey perspective, as they're transitioning media production to the Cloud. You mentioned some of the pain points. Walk us through kind of a typical journey, Whether it's a customer in sports or a customer in media and entertainment. >> Sure. Great, great. So our big announcement at the show here was the partnership with Microsoft and the fact that we were going to be moving the Avid Media Central Platform to Microsoft Azure Cloud. This is a really big watershed moment for the industry, if I may be so bold, because now, Avid with her big alliance ecosystem is going to be migrating to the Cloud. And the more gravity that the Cloud has, the more easy it will be for folks to have a peace of mind that that's a place they can trust and move to. We feel that we had a great advantage in moving to the Cloud, because we already had taken a platform approach. So when we say we're moving into the Cloud, it's obviously not to the exclusion of the typical terrestrial ways that people are accustomed to working. It's all meant to be complementary so that folks can take a hybrid approach. What I mean by this is, whether you're in sports production or in news production or in post-production, you're probably not just going to wake up one morning and say, okay, that's it. Everything I'm doing has got to be in the Cloud, because that's where everybody's going. I need to look in a very planful manner at the way I go about doing things and look at the benefits of what the Cloud brings and be selective in terms of what parts you want to migrate when. And with the partnership with Microsoft, what Avid is saying is you could continue to stay in your traditional on-premises approach here, if you want. You could being to migrate things into a private data center, either still in your own facility or maybe down the street in a data center. Or you could go fully into the public Cloud. And that last one, it's interesting how many people have reacted: oh, I don't know if I'm ready to put my assets, my gold bar equivalence-- >> Mission critical, right. >> into the Cloud, I don't know if I'm comfortable doing that. But the reality is this Microsoft Azure Cloud is trusted by every large banking institution on the planet. It's trusted by the United States Department of Defense. The biggest secrets and the largest assets in the globe are protected by Microsoft Azure. They've gone to extraordinary lengths to make sure that data is going to be secure, and the same holds true for media and entertainment assets. And to really put a fine point on it, they went and got the Motion Picture Association, the MPAA, certification for security, so they have all that. So it's as good as being in Fort Knox when it's in the Cloud. So I really want to put that to rest. I mean, these guys, all they do is think about the security and denial of access to any sort of outside threat, whereas most media and entertainment companies, that's only one of the things they're thinking about. They've got a lot going on, you know. >> Lisa: Exactly, exactly. >> And they are actually more vulnerable, even in terra firma on promoli solutions than they would be going to the Cloud. So just a little editorial aside, because security is a big concern to people at all levels of the industry. >> It is. Certainly, those in the technology space understand is, it's a reducing of the concern, but it is a concern nonetheless. It sounds like what you just articulated customers have the choice of hybrid as a journey or hybrid as a destination. >> Correct, correct, right. They might never move beyond a hybrid state, although I would predict that in five years from now, most everything is going to be cloud-based, and once people start to see the scale and reach and productivity they can get, as well as the benefits of things like machine learning and artificial intelligence (mumbles), just going to help them speed the way that they go about doing what they do. It will be clear that that's the way they should probably be doing what they do, >> Exactly. >> And that's at levels. >> And finding more value from the digital assets that they already have. That's right, exactly. And so, that's the other thing is, once it's in the Cloud, it's easier for you to repurpose and distribute, say, to over the top services, et cetera. So we were talking before about Netflix and Hulu and Amazon and Avid's role there. This may be-- >> Yeah, tremendous amount of content, 80% to 90% original content is produced with Avid. So in the last minute or so, tell us about that. >> Yeah, so Avid has grown up through the industry, we're almost 30 years old, and we understand the pains and challenges that the traditional broadcasters are facing by these insurgent and incumbent newcomers like the streaming services. But what I think is interesting is that those guys are using our tools, too, as you say, to a very large degree. So we're very privileged to have the streaming services as well as eleven of the largest international news organizations using us. Six of the largest Hollywood film studios are using us. We're very fortunate to have all that great diversity of customers that have embraced us across various parts of their workflow. >> Fantastic. Well, it sounds like not a dull moment for Avid or you. >> Right. >> I want to thank you so much, Alan, for stopping by The Cube. >> Thank you, Lisa. >> You are now a Cube alumni. I am, yes. It's great to have been here. Thanks for the invitation. >> Thank you. >> Okay. >> We want to thank you for watching again. We are live at NAB from Las Vegas. I am Lisa Martin. Stick around. We'll be right back.