hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

>>Hey, welcome back everyone to the cubes coverage of eaters reinvent 2021. So our third day wall-to-wall coverage. I'm my coach, Dave Alonzo. He we're getting all the action two sets in person. It's also a virtual hybrid events with a lot of great content online, bringing you all the fresh voices, all the knowledge, all the news and all the action and got great guests here today. As your renderer, managing director of AWS is Europe, middle east, and Africa also known as EMIA. Welcome to the cube. Welcome, >>Welcome. Thanks for coming on. Lovely to be here. >>So Europe is really hot. Middle east Africa. Great growth. The VC culture in Europe specifically has been booming this year. A lot of great action. We've done many cube gigs out there talking to folks, uh, entrepreneurship, cloud, native growth, and then for us it's global. It's awesome. So first question got to ask you is, is you're new to AWS? What brought you here? >>Yeah, no, John, thank you so much. I've been here about three and a half months now, actually. Um, so what brought me here? Um, I have been in and around the tech world since I was a baby. Um, my father was an entrepreneur. I sold fax machines and microfilm equipment in my early days. And then my career has spanned technology in some form or the other. I was at EMC when we bought VMware. Uh, I was a Colt when we did a FinTech startup joined Schneider in my background, which is industrial tech. So I guess I'm a bit of a tech nerd, although I'm not an engineer, that's for sure. The other thing is I've spent a huge part of my career advising clients. And so while I was at McKinsey on business transformation and cloud keeps coming up, especially post pandemic, huge, huge, huge enabler, right of transformation. So when I got the call from AWS, I thought here's my opportunity to finally take what companies are wrestling with, bring together a pioneer in cloud with our enterprise and start-up and SMB clients connect those dots between business and technology and make things happen. So it real magic. So that's what brought me here. And I guess the only other thing to say is I'd heard a lot of other culture, customer mash, obsession, and leadership principles. >>That's why I'm here. It's been a great success. I got to ask you too, now that your new ostium McKinsey, even seeing the front lines, all the transformation, the pandemic has really forced everybody globally to move faster. Uh, things like connect were popular in EMEA. How, how is that going out? There's at the same kind of global pressure on the digital transformation with cloud? What are you seeing out there? >>I've been traveling since I joined, uh, around 10 of the countries already. So Ben planes, trains, automobiles, and what you definitely see is massive acceleration. And I think it's around reinvention of the business. So people are adopting cloud because it's obviously there's cost reasons. There's MNA reasons. There's really increasingly more about innovating. How do I innovate my business? How do I reinvent my business? So you see that constantly. Um, and whether you're a enterprise company or you're a startup, they're all adopting cloud in different, different ways. Um, I mean, I want to tell a core to stack because it's really interesting. And Adam mentioned this in his keynote five to 15% only of workloads have moved to the cloud. So there's a tremendous runway ahead of us. Um, and the three big things on people's minds helped me become a tech company. So it doesn't matter who you are, you're retail, whether you're life sciences or healthcare. You've probably heard about the Roche, uh, work that we're doing with Roche around accelerating R and D with data, or if you're a shoes Addie desk, how do you accelerate again, your personalized experiences? So it doesn't matter who you have helped me become a tech company, give me skills, digital skills, and then help me become a more sustainable company. Those are the three big things I'm thinking of. >>So a couple of things to unpack there. So think about it. Transformation. We still have a long way to go to your point, whatever 10, 15%, depending on which numbers you look at. We've been talking a lot in the cube about the next decade around business transformation, deeper business integration, and the four smarts to digital. And the woke us up to that, accelerated that as you say, so as you travel around to customers in AMEA, what are you hearing with regard to that? I mean, many customers maybe didn't have time to plan. Now they can sit back and take what they've learned. What are you hearing? >>Yeah. And it's, it's a little bit different in different places, right? So, I mean, if you start, if you look at, uh, you know, our businesses, for example, in France, if you look at our businesses in Iberia or Italy, a lot of them are now starting they're on the, at least on the enterprise front, they are now starting to adopt cloud. So they stepping back and thinking about their overall strategy, right? And then the way that they're doing it is actually they're using data as the first trigger point. And I think that makes it easier to migrate because if you, if you look at large enterprises and if you think of the big processes that they've got and all the mainframes and everything that they need to do, if you S if you look at it as one big block, it's too difficult. But when you think about data, you can actually start to aggregate all of your data into one area and then start to analyze and unpack that. >>So I think what I'm seeing for sure is in those countries, data is the first trigger. If you go out to Israel, well that you've got all, it's really start up nation as you know, right. And then we've got more of the digital natives and they want to, you know, absorb all of the innovation that we're throwing at them. And you've heard a lot here at reinvent on some of the things, whether it's digital twins or robotics, or frankly, even using 5g private network, we've just announcement. They are adopting innovation and really taking that in. So it really does differ, but I think the one big message I would leave you with is bringing industry solutions to business is critical. So rather than just talking it and technology, we've got to be able to bring some of what we've done. So for example, the Goldman Sachs financial cloud, bring that to the rest of financial services companies and the media, or if you take the work we're doing on industrials and IOT. So it's really about connecting what industry use cases with. >>What's interesting about the Goldman Dave and I were commenting. I think we coined the term, the story we wrote on Thursday last week, and then PIP was Sunday superclouds because you look at the rise of snowflake and Databricks and Goldman Sachs. You're going to start to see people building on AWS and building these super clouds because they are taking unique platform features of AWS and then sacrificing it for their needs, and then offering that as a service. So there's kind of a whole nother tier developing in the natural evolution of clouds. So the partners are on fire right now because the creativity, the market opportunities are there to be captured. So you're seeing this opportunity recognition, opportunity, capture vibe going on. And it's interesting. I'd love to get your thoughts on how you see that, because certainly the VCs are here in force. I did when I saw all the top Silicon valley VCs here, um, and some European VCs are all here. They're all seeing this. >>So pick up on two things you mentioned that I think absolutely spot on. We're absolutely seeing with our partners, this integration on our platform is so important. So we talk about the power of three, which is you bring a JSI partner, you bring an ISV partner, you bring AWS, you create that power of three and you take it to our customers. And it doesn't matter which industry we are. Our partner ecosystem is so rich. The Adam mentioned, we have a hundred thousand partners around the world, and then you integrate that with marketplace. Um, and the AWS marketplace just opens the world. We have about 325,000 active customers on marketplace. So sassiphy cation integration with our platform, bringing in the GSI and the NSIs. I think that's the real power to, to, to coming back to your point on transformation on the second one, the unicorns, you know, it's interesting. >>So UK France, um, Israel, Mia, I spent a lot of time, uh, recently in Dubai and you can see it happening there. Uh, Africa, Nigeria, South Africa, I mean all across those countries, you're saying huge amount of VC funding going in towards developers, towards startups to at scale-ups more and more of a, um, our startup clients, by the way, uh, are actually going IPO. You know, initially it used to be a lot of M and a and strategic acquisitions, but they have actually bigger aspirations and they're going IPO and we've seen them through from when they were seed or pre-seed all the way to now that they are unicorns. Right? So that there's just a tremendous amount happening in EMEA. Um, and we're fueling that, you know, you know, I mean, born in the cloud is easy, right? In terms of what AWS brings to the table. >>Well, I've been sacred for years. I always talked to Andy Jassy about this. Cause he's a big sports nut. When you bring like these stadiums to certain cities that rejuvenates and Amazon regions are bringing local rejuvenation around the digital economies. And what you see with the startup culture is the ecosystems around it. And Silicon valley thrives because you have all the service providers, you have all the fear of failure goes away. There's support systems. You start to see now with AWS as ecosystem, that same ecosystem support the robustness of it. So, you know, it's classic, rising tide floats all boats kind of vibe. So, I mean, we don't really have our narrative get down on this, but we're seeing this ecosystem kind of play going on. Yeah. >>And actually it's a real virtuous circle, or we call flywheel right within AWS because a startup wants to connect to an enterprise. An enterprise wants to connect to a startup, right? A lot of our ISV partners, by the way, were startups. Now they've graduated and they're like very large. So what we are, I see our role. And by the way, this is one of the other reasons I came here is I see our role to be able to be real facilitators of these ecosystems. Right. And, you know, we've got something that we kicked off in EMEA, which I'm really proud of called our EMEA startup loft accelerator. And we launched that a web summit. And the idea is to bring startups into our space virtually and physically and help them build and help them make those connections. So I think really, I really do think, and I enterprise clients are asking us all the time, right? Who do I need to involve if I'm thinking IOT, who do I need to involve if I want to do something with data. And that's what we do. Super connectors, >>John, you mentioned the, the Goldman deal. And I think it was Adam in his keynote was talking about our customers are asking us to teach them how to essentially build a Supercloud. I mean, our words. But so with your McKinsey background, I would imagine there's real opportunities there, especially as you, I hear you talk about IMIA going around to see customers. There must be a lot of, sort of non-digital businesses that are now transforming to digital. A lot of capital needs there, but maybe you could talk about sort of how you see that playing out over the next several years in your role and AWS's role in affecting that transfer. >>Yeah, no, absolutely. I mean, you're right actually. And I, you know, maybe I will, from my past experience pick up on something, you know, I was in the world of industry, uh, with Schneider as an example. And, you know, we did business through the channel. Um, and a lot of our channel was not digitized. You know, you had point of sale, electrical distributors, wholesalers, et cetera. I think all of those businesses during the pandemic realized that they had to go digital and online. Right. And so they started from having one fax machine in a store. Real literally I'm not kidding nothing else to actually having to go online and be able to do click and collect and various other things. And we were able with AWS, you can spin up in minutes, right. That sort of service, right. I love the fact that you have a credit card you can get onto our cloud. >>Right. That's the whole thing. And it's about instances. John Adam talked about instances, which I think is great. How do businesses transform? And again, I think it's about unpacking the problem, right? So what we do a lot is we sit down with our customers and we actually map a migration journey with them, right? We look across their core infrastructure. We look at their SAP systems. For example, we look at what's happening in the various businesses, their e-commerce systems, that customer life cycle value management systems. I think you've got to go business by business by business use case by use case, by use case, and then help our technology enable that use case to actually digitize. And whether it's front office or back office. I think the advantages are pretty clear. It's more, I think the difficulty is not technology anymore. The difficulty is mindset, leadership, commitment, the operating model, the organizational model and skills. And so what we have to do is AWS is bringing not only our technology, but our culture of innovation and our digital innovation teams to help our clients on that journey >>Technology. Well, we really appreciate you taking the time coming on the cube. We have a couple more minutes. I do want to get into what's your agenda. Now that you're got you're in charge, got the landscape and the 20 mile stare in front of you. Cloud's booming. You got some personal passion projects. Tell us what your plans are. >>So, um, three or four things, right? Three or four, really big takeaways for me is one. I, I came here to help make sure our customers could leverage the power of the cloud. So I will not feel like my job's been done if I haven't been able to do that. So, you know, that five to 15% we talked about, we've got to go 50, 60, 70%. That that's, that's the goal, right? And why not a hundred percent at some point, right? So I think over the next few years, that's the acceleration we need to help bring in AMEA Americas already started to get there as you know, much more, and we need to drive that into me. And then eventually our APJ colleagues are going to do the same. So that's one thing. The other is we talked about partners. I really want to accelerate and expand our partner ecosystem. >>Um, we have actually a huge growth by the way, in the number of partners signing up the number of certifications they're taking, I really, really want to double down on our partners and actually do what they ask us for, which is join. Co-sell joined marketing globalization. So that's two, I think the third big thing is when you mentioned industry industry industry, we've got to bring real use cases and solutions to our customers and not only talk technology got to connect those two dots. And we have lots of examples to bring by the way. Um, and then for hire and develop the best, you know, we've got a new LP as you know, to strive to be at its best employer. I want to do that in a Mia. I want to make sure we can actually do that. We attract, we retain and we grow and we develop that. >>And the diversity has been a huge theme of this event. It's front and center in virtually every company. >>I am. I'm usually passionate about diversity. I'm proud actually that when I was back at Schneider, I launched something called the power women network. We're a network of a hundred senior women and we meet every month. I've also got a podcast out there. So if anyone's listening, it's called power. Women's speak. It is, I've done 16 over the pandemic with CEOs of women podcast, our women speak >>Or women speak oh, >>And Spotify and >>Everything else. >>And, um, you know, what I love about what we're doing is AWS on diversity and you heard Adam onstage, uh, talk to this. We've got our restock program where we really help under employed and unemployed to get a 12 week intensive course and get trained up on thought skills. And the other thing is, get it helping young girls, 12 to 15, get into stem. So lots of different things on the whole, but we need to do a lot more of course, on diversity. And I look forward to helping our clients through that as well. >>Well, we had, we had the training VP on yesterday. It's all free trainings free. >>We've got such a digital skills issue that I love that we've said 29 million people around the world, free cloud training. >>Literally the th the, the gap there between earnings with cloud certification, you can be making six figures like with cloud training. So, I mean, it's really easy. It's free. It's like, it's such a great thing. >>Have you seen the YouTube video on Charlotte Wilkins? Donald's fast food. She changed her mind. She wanted to take Korea. She now has a tech career as a result of being part of restock. Awesome. >>Oh, really appreciate. You got a lot of energy and love, love the podcast. I'm subscribing. I'm going to listen. We love doing the podcast as well. So thanks for coming on the >>Queue. Thank you so much for having me >>Good luck on anemia and your plans. Thank you. Okay. Cube. You're watching the cube, the leader in global tech coverage. We go to the events and extract the signal from the noise. I'm John furrier with Dave, a lot to here at re-invent physical event in person hybrid event as well. Thanks for watching.

>> Well, hello everybody, John Walls here on theCUBE and continuing our coverage. So splunk.com for 21, you know, we talk about big data these days, you realize the importance of speed, right? We all get that, but certainly Formula One Racing understands speed and big data, a really neat marriage there. And with us to talk about that is James Hodge, who was the global vice president and chief strategy officer international at Splunk. James, good to see it today. Thanks for joining us here on theCUBE. >> Thank you, John. Thank you for having me and yeah, the speed of McLaren. Like I'm, I'm all for it today. >> Absolutely. And I find it interesting too, that, that you were telling me before we started the interview that you've been in Splunk going on nine years now. And you remember being at splunk.com, you know, back in the past other years and watching theCUBE and here you are! you made it. >> I know, I think it's incredible. I love watching you guys every single year and kind of the talk that guests. And then more importantly, like it reminds me of conf for every time we see theCUBE, no matter where you are, it reminds me of like this magical week there's dot com for us. >> Well, excellent. I'm glad that we could be a part of it at once again and glad you're a part of it here on theCUBE. Let's talk about McLaren now and the partnership, obviously on the racing side and the e-sports side, which is certainly growing in popularity and in demand. So just first off characterize for our audience, that relationship between Splunk and McLaren. >> Well, so we started the relationship almost two years ago. And for us it was McLaren as a brand. If you think about where they were, they recently, I think it's September a Monza. They got a victory P1 and P2. It was over 3200 days since their last victory. So that's a long time to wait. I think of that. There's 3000 days of continual business transformation, trying to get them back up to the grid. And what we found was that ethos, the drive to digital the, the way they're completely changing things, bringing in kind of fluid dynamics, getting people behind the common purpose that really seem to fit the Splunk culture, what we're trying to do and putting data at the heart of things. So kind of Formula One and McLaren, it felt a really natural place to be. And we haven't really looked back since we started at that partnership. It's been a really exciting last kind of 18 months, two years. >> Well, talk a little bit about, about the application here a little bit in terms of data cars, the, the Formula One cars, the F1 cars, they've got hundreds of sensors on them. They're getting, you know, hundreds of thousands or a hundred thousand data points almost instantly, right? I mean, there's this constant processing. So what are those inputs basically? And then how has McLaren putting them to use, and then ultimately, how is Splunk delivering on that from McLaren? >> So I learned quite a lot, you know, I'm, I'm, I been a childhood Formula One fan, and I've learned so much more about F1 over the last kind of couple of years. So it actually starts with the car going out on the track, but anyone that works in the IT function, the car can not go out on track and less monitoring from the car actually is being received by the garage. It's seen as mission critical safety critical. So IT, when you see a car out and you see the race engineer, but that thumbs up the mechanical, the thumbs up IT, get their vote and get to put the thumbs up before the car goes out on track there around about 300 sensors on the car in practice. And there were two sites that run about 120 on race day that gets streamed on a two by two megabits per second, back to the FIA, the regulating body, and then gets streams to the, the garage where they have a 32 unit rack near two of them that have all of their it equipment take that data. They then stream it over the internet over the cloud, back to the technology center in working where 32 race engineers sit in calm conditions to be able to go and start to make decisions on when the car should pit what their strategy should be like to then relate that back to the track side. So you think about that data journey alone, that is way more complicated and what you see on TV, you know, the, the race energy on the pit wall and the driver going around at 300 kilometers an hour. When we look at what Splunk is doing is making sure that is resilient. You know, is the data coming off the car? Is it actually starting to hit the garage when it hits that rack into the garage, other than streaming that back with the right latency back to the working technology center, they're making sure that all of the support decision-making tools there are available, and that's just what we do for them on race weekend. And I'll give you one kind of the more facts about the car. So you start the beginning of the season, they launched the car. The 80% of that car will be different by the end of the season. And so they're in a continual state of development, like constantly developing to do that. So they're moving much more to things like computational fluid dynamics applications before the move to wind tunnel that relies on digital infrastructure to be able to go and accelerate that journey and be able to go make those assumptions. That's a Splunk is becoming the kind of underpinning of to making sure those mission critical applications and systems are online. And that's kind of just scratching the surface of kind of the journey with McLaren. >> Yeah. So, so what would be an example then maybe on race day, what's a stake race day of an input that comes in and then mission control, which I find fascinating, right? You've got 32 different individuals processing this input and then feeding their, their insights back. Right. And so adjustments are being made on the fly very much all data-driven what would be an example of, of an actual application of some information that came in that was quickly, you know, recorded, noted, and then acted upon that then resulted in an improved performance? >> Well, the most important one is pit stop strategy. It can be very difficult to overtake on track. So starting to look at when other teams go into the pit lane and when they come out of the, the pit lane is incredibly important because it gives you a choice. Do you stay also in your current set of tires and hope to kind of get through that team and kind of overtake them, or do you start to go into the pits and get your fresh sets of tires to try and take a different strategy? There are three people in mission control that have full authority to go and make a Pit lane call. And I think like the thing that really resonated for me from learning about McLaren, the technology is amazing, but it's the organizational constructs on how they turn data into an action is really important. People with the right knowledge and access to the data, have the authority to make a call. It's not the team principle, it's not the person on the pit wall is the person with the most amount of knowledge is authorized and kind of, it's an open kind of forum to go and make those decisions. If you see something wrong, you are just as likely to be able to put your hand up and say, something's wrong here. This is my, my decision than anyone else. And so when we think about all these organizations that are trying to transform the business, we can learn a lot from Formula One on how we delegate authority and just think of like technology and data as the beginning of that journey. It's the people in process that F1 is so well. >> We're talking a lot about racing, but of course, McLaren is also getting involved in e-sports. And so people like you like me, we can have that simulated experience to gaming. And I know that Splunk has, is migrating with McLaren in that regard. Right. You know, you're partnering up. So maybe if you could share a little bit more about that, about how you're teaming up with McLaren on the e-sports side, which I'm sure anybody watching this realizes there's a, quite a big market opportunity there right now. >> It's a huge market opportunity is we got McLaren racing has, you know, Formula One, IndyCar and now extreme E and then they have the other branch, which is e-sports so gaming. And one of the things that, you know, you look at gaming, you know, we were talking earlier about Ted Lasso and, you know, the go to the amazing game of football or soccer, depending on kind of what side of the Atlantic you're on. I can go and play something like FIFA, you know, the football game. I can be amazing at that. I have in reality, you know, in real life I have two left feet. I am never going to be good at football however, what we find with e-sports is it makes gaming and racing accessible. I can go and drive the same circuits as Lando Norris and Daniel Ricardo, and I can improve. And I can learn like use data to start to discover different ways. And it's an incredibly expanding exploding industry. And what McLaren have done is they've said, actually, we're going to make a professional racing team, an e-sports team called the McLaren Shadow team. They have this huge competition called the Logitech KeyShot challenge. And when we looked at that, we sort of lost the similarities in what we're trying to achieve. We are quite often starting to merge the physical world and the digital world with our customers. And this was an amazing opportunity to start to do that with the McLaren team. >> So you're creating this really dynamic racing experience, right? That, that, that gives people like me, or like our viewers, the opportunity to get even a better feel for, for the decision-making and the responsiveness of the cars and all that. So again, data, where does that come into play there? Now, What, what kind of inputs are you getting from me as a driver then as an amateur driver? And, and how has that then I guess, how does it express in the game or expressed in, in terms of what's ahead of me to come in a game? >> So actually there are more data points that come out of the F1 2021 Codemasters game than there are in Formula One car, you get a constant stream. So the, the game will actually stream out real telemetry. So I can actually tell your tire pressures from all of your tires. I can see the lateral G-Force longitudinal. G-Force more importantly for probably amateur drivers like you and I, we can see is the tire on asphalt, or is it maybe on graphs? We can actually look at your exact position on track, how much accelerator, you know, steering lock. So we can see everything about that. And that gets pumped out in real time, up to 60 Hertz. So a phenomenal amount of information, what we, when we started the relationship with McLaren, Formula One super excited or about to go racing. And then at Melbourne, there's that iconic moment where one of the McLaren team tested positive and they withdrew from the race. And what we found was, you know, COVID was starting and the Formula One season was put on hold. The FIA created this season and called i can't remember the exact name of it, but basically a replica e-sports gaming F1 series. We're using the game. Some of the real drivers like Lando, heavy gamer was playing in the game and they'd run that the same as race weekends. They brought celebrity drivers in there. And I think my most surreal zoom call I ever was on was with Lando Norris and Pierre Patrick Aubameyang, who was who's the arsenal football captain, who was the guest driver in the series to drive around Monaco and Randy, the head of race strategy as McLaren, trying to coach him on how to go drive the car, what we ended up with data telemetry coming from Splunk. And so Randy could look out here when he pressing the accelerator and the brake pedal. And what was really interesting was Lando was watching how he was entering corners on the video feed and intuitively kind of coming to the same conclusions as Randy. So kind of, you could see that race to intuition versus the real stats, and it was just incredible experience. And it really shows you, you know, racing, you've got that blurring of the physical and the virtual that it's going to be bigger and bigger and bigger. >> So to hear it here, as I understand what you were just saying now, the e-sports racing team actually has more data to adjust its performance and to modify its behaviors, then the real racing team does. Yep. >> Yeah, it completely does. So what we want to be able to do is turn that into action. So how do you do the right car setup? How do you go and do the right practice laps actually have really good practice driver selection. And I think we're just starting to scratch the surface of what really could be done. And the amazing part about this is now think of it more like a digital twin, what we learn on e-sports we can actually say we've learned something really interesting here, and then maybe a low, you know, if we get something wrong, it may be doesn't matter quite as much as maybe getting an analytics wrong on race weekend. >> Right. >> So we can actually start to look and improve through digital and then start to move that support. That's over to kind of race weekend analytics and supporting the team. >> If I could, you know, maybe pun intended here, shift gears a little bit before we run out of time. I mean, you're, you're involved on the business side, you know, you've got, you know, you're in the middle east Africa, right? You've got, you know, quite an international portfolio on your plate. Now let's talk about just some of the data trends there for our viewers here in the U S who maybe aren't as familiar with what's going on overseas, just in terms of, especially post COVID, you know, what, what concerns there are, or, or what direction you're trying to get your clients to, to be taking in terms of getting back to work in terms of, you know, looking at their workforce opportunities and strengths and all those kinds of things. >> I think we've seen a massive shift. I think we've seen that people it's not good enough just to be storing data its how do you go and utilize that data to go and drive your business forwards I think a couple of key terms we're going to see more and more over the next few years is operational resilience and business agility. And I'd make the assertion that operational resilience is the foundation for the business agility. And we can dive into that in a second, but what we're seeing take the Netherlands. For example, we run a survey last year and we found that 87% of the respondents had created new functions to do with data machine learning and AI, as all they're trying to do is go and get more timely data to front line staff to go. And next that the transformation, because what we've really seen through COVID is everything is possible to be digitized and we can experiment and get to market faster. And I think we've just seen in European markets, definitely in Asia Pacific is that the kind of brand loyalty is potentially waning, but what's the kind of loyalty is just to an experience, you know, take a ride hailing app. You know, I get to an airport, I try one ride hailing app. It tells me it's going to be 20 minutes before a taxi arrives. I'm going to go straight to the next app to go and stare. They can do it faster. I want the experience. I don't necessarily want the brand. And we're find that the digital experience by putting data, the forefront of that is really accelerating and actually really encouraging, you know, France, Germany are actually ahead of UK. Let's look, listen, their attitudes and adoption to data. And for our American audience and America, America is more likely, I think it's 72% more likely to have a chief innovation officer than the rest of the world. I think I'm about 64% in EMEA. So America, you are still slightly ahead of us in terms of kind of bringing some of that innovation that. >> I imagine that gap is going to be shrinking though I would think. >> It is massively shrinking. >> So before we, we, we, we are just a little tight on time, but I want to hear about operational resilience and, and just your, your thought that definition, you know, define that for me a little bit, you know, put a little more meat on that bone, if you would, and talk about why, you know, what that is in, in your thinking today and then why that is so important. >> So I think inputting in, in racing, you know, operational resilience is being able to send some response to what is happening around you with people processing technology, to be able to baseline what your processes are and the services you're providing, and be able to understand when something is not performing as it should be, what we're seeing. Things like European Union, in financial services, or at the digital operational resilience act is starting to mandate that businesses have to be operational in resilient service, monitoring fraud, cyber security, and customer experience. And what we see is really operational resilience is the amount of change that can be absorbed before opportunities become risk. So having a stable foundation of operational resilience allows me to become a more agile business because I know my foundation and people can then move and adjust quickly because I have the awareness of my environment and I have the ability to appropriately react to my environment because I've thought about becoming a resilient business with my digital infrastructure is a theme. I think we're going to see in supply chain coming very soon and across all other industries, as we realize digital is our business. Nowadays. >> What's an exciting world. Isn't it, James? That you're, that you're working in right now. >> Oh, I, I love it. You know, you said, you know, eight and an eight and a half years, nine years at Splunk, I'm still smiling. You know, it is like being at the forefront of this diesel wave and being able to help people make action from that. It's an incredible place to be. I, is liberating and yeah, I can't even begin to imagine what's, you know, the opportunities are over the next few years as the world continually evolves. >> Well, every day is a school day, right? >> It is my favorite phrase >> I knew that. >> And it is, James Hodge. Thanks for joining us on theCUBE. Glad to have you on finally, after being on the other side of the camera, it's great to have you on this side. So thanks for making that transition for us. >> Thank you, John. You bet James Hodge joining us here on the cube coverage of splunk.com 21, talking about McLaren racing team speed and Splunk.

>>Um, Jamie Sharath with Liga data, I'm primarily on the delivery side of the house, but I also support our new business teams. I'd like to spend a minute really just kind of telling you about, uh, uh, legal data where basically a Silicon valley startup, uh, started in 2014 and, uh, our lead iron, our executive team, basically where the data officers at Yahoo before this, uh, we provide managed data services and we provide products that are focused on telcos. So we have some experience in non telco industry, but our focus for the last seven years or so is specifically on telco. So again, something over 200 employees, we have a global presence in north America, middle east Africa, Asia, and Europe. And we have folks in all of those places. Uh, I'd like to call your attention to the, uh, the middle really of the screen there. >>So here is where we have done some partnership with Cloudera. So if you look at that, you can see we're in Holland and, uh, Jamaica, and then a lot to throughout Africa as well. Now the data fabric is the product that we're talking about. And the data fabric is basically a big data type of data warehouse with a lot of additional functionality involved. The data fabric is comprised of, uh, some something called flare, which we'll talk about admitted below there, and then the Cloudera data platform underneath. So this is how we're partnering together. We, uh, we, we have this tool and it's, uh, it's functioning and delivering in something over and up. Oops. So flare now, flare is a piece of that. It's legal data IP. The rest is Cloudera. And what flare does is that basically pulls in data and integrates it to an event streaming, uh, platform. >>It, uh, it is the engine behind the data fabric. Uh, it's also a decisioning platform. So in real time, we're able to pull in data. We're able to run analytics on it and we're able to alert our, do whatever is needed in a real-time basis. Of course, a lot of clients at this point are still sending data in batch. So it handles that as well, but we call that a cut off picture Sanchez. Now Sacho is a very interesting app. It's an AI analytics app for executives. What it is is it runs on your mobile phone. It ties into your data. Now this could be the data fabric, but it couldn't be a standalone product. And basically it allows you to ask, you know, human type questions to say, how are my gross ads last week? How are they comparing against same time last week before that? >>And even the same time 60 days ago. So as an executive or as an analyst, I can pull it up and I can look at it instantly in a meeting or anywhere else without having to think about queries or anything like that. So that's pretty much for us legal data. Now, it really does set the context of where we are. So this is a traditional telco environment. So you see the systems of record and you see the cloud, you see OSS and BSS day. So one of the things that the next step above which calls we call the system of intelligence of the data fabric does, is it mergers that BSS and OSS data. So the longer we have any silos or anything that's separated, it's all coming into one area to allow business, to go in or allow data scientists go in and do that. >>So if you look at the bottom line, excuse me, of the, uh, of the system of intelligence, you can see that flare is the tool that pulls in the data. So it provides even screening capabilities, it preserves entity states, so that you can go back and look at it to the state at any time. It does stream analytics that is as the data is coming in, it can perform analytics on it. And it also allows real-time decisioning. So that's something that, uh, that's something that business users can go in and create a system of, uh, if them's, it looks very much like a graph database where you can create a product that will allow the user to be notified if a certain condition happens. So for instance, a bundle, so a real-time offer or user is fixing to run out of is ongoing and an offer can be sent to him right on the fly. >>And that's set up by the business user as opposed to programmers a data infrastructure. So the fabric has really three areas. That data is persistent, obviously there's the data lake. So the data lake stores that level of granularity that is very deep years and years of history, data scientists love that. And, uh, you know, for a historical record keeping and requirements from the government, that data would be stored there. Then there's also something we call the business semantics layer and the business semantics layer contains something over 650 specific telco KPIs. These are initially from PM forum, but they also are included in, uh, various, uh, uh, mobile operators that we've delivered at. And we've, we've grown that. So that's there for business. The data lake is there for data scientists, analytical stores, uh, they can be used for many different reasons. There are a lot of times RDBMS is, are still there. >>So these, this, this basically platform, this cloud they're a platform can tie into analytical data stores as well via flair access and reporting. So graphic visualizations, API APIs are a very key part of it. A third-party query tools, any kind of grid jewels can be used. And those are the, of course, the, uh, the ones that are highly optimized and allow, you know, search of billions of records. And then if you look at the top, it's the systems of engagement, then you might vote this use cases. So telco reporting, hundreds of KPIs that are, that are generated for users, segmentation, basically micro to macro segmentation, segmentation will play a key role in a use case. We talk about in a minute monetizations. So this helps telco providers monetize their specific data, but monetize it in, okay, how to do they make money off of it, but also how might you leverage this data to, in, in dates with another client? >>So for instance, in some cases where it's allowed a DPI is used and the, uh, fabric tracks exactly where each person goes each, uh, we call it a subscriber, goes within his, uh, um, uh, internet browsing for 5g and, uh, all that data is stored. Uh, whereas you can tell a lot of things where the segment, the profile that's being used and, you know, what are they propensity to buy? Did they spend a lot of time on the Coca-Cola page? There are buyers out there that find that information very valuable, and then there's sideshow. And we spoke briefly about Sacha before that sits on top of the fabric or it's it's alone. >>So, so the story really that we want to tell is, is one, this is, this is one case out of it. This is a CVM type of case. So there was a mobile operator out there that was really offering, you know, packages, whether it's a bundle or whether it's a particular tool to subscribers, they, they were offering kind of an abroad approach that it was not very focused. It was not depending on the segments that were created around the profiling earlier, uh, the subscriber usage was somewhat dated and this was causing a lot of those. Uh, a lot of those offers to be just basically not taken and not, not, uh, uh, there was limited segmentation capabilities really before the, uh, before the, uh, fabric came in. Now, one of the key things about the fabric is when you start building segments, you can build that history. >>So all of that data stored in the data lake can be used in terms of segmentation. So what did we do about that? The, the, the MDNO, the challenge, uh, we basically put the data fabric in and the data fabric was running Cloudera data platform and that, uh, and that's how we team up. Uh, we facilitated the ability to personalize campaign. So what that means is, uh, the segments that were built and that user fell within that segment, we knew exactly what his behavior most likely was. So those recommendations, those offers could be created then, and we enable this in real time. So real-time ability to even go out to the CRM system, again, their further information about that, all of these tools, again, we're running on top of the cloud data platform, uh, what was the outcome? Willie, uh, outcome was that there was a much more precise offer given to the client that is, that was accepted, you know, increase in cross sell and upsell subscriber retention. >>Uh, our clients came back to us and pointed out that, uh, it was 183% year on year revenue increase. Uh, so this is a, this is probably one of the key use cases. Now, one thing to really mention is there are hundreds and hundreds of use cases running on the fabric. And, uh, I would even say thousands. A lot of those have been migrated. So when the fabric is deployed, when they bring the, uh, Cloudera and the legal data solution in there's generally a legacy system that has many use cases. So many of those were, were migrated virtually all of them in pen, on put on the cloud. Uh, another issue is that new use cases are enabled again. So when you get this level of granularity and when you have campaigns that can now base their offers on years of history, as opposed to 30 days of history, the campaigns campaign management response systems, uh, are, are, uh, are enabled quite a bit to do all, uh, to be precise in their offers. Yeah. >>Okay. So this is a technical slide. Uh, one of the things that we normally do when we're, when we're out there talking to folks, is we talk and give an overview and that last little while, and then we give a deep technical dive on all aspects of it. So sometimes that deep dive can go a couple of hours. I'm going to do this slide and a couple of minutes. So if you look at it, you can see over on the left, this is the, uh, the sources of the data. And they go through this tool called flare that runs on the cloud. They're a data platform, uh, that can either be via cues or real-time cues, or it can be via a landing zone, or it can be a data extraction. You can take a look at the data quality that's there. So those are built in one of the things that flare does is it has out of the box ability to ingest data sources and to apply the data quality and validation for telco type sources. >>But one of the reasons this is fast to market is because throughout those 10 or 12 opcos that we've done with Cloudera, where we have already built models, so models for CCN, for air for, for most mediation systems. So there's not going to be a type of, uh, input that we haven't already seen are very rarely. So that actually speeds up deployment very quickly. Then a player does the transformation, the, uh, the metrics, continuous learning, we call it continuous decisioning, uh, API access. Uh, we, uh, you know, for, for faster response, we use distributed cash. I'm not going to go too deeply in there, but the layer and the business semantics layer again, are, are sitting top of the Cloudera data platform. You see the cough, but flu, uh, Q1 on the right as well. >>And all of that, we're calling the fabric. So the fabric is Cloudera data platform and the cloud and flair and all of this runs together. And by the way, there've been many, many, many, many hundreds of hours testing flare with Cloudera and, uh, and the whole process, the results, what are the results? Well, uh, there are, there are four I'm going to talk about, uh, we saw the one for the, it was called my pocket pocket, but it's a CDM type, uh, use case. Uh, the subscribers of that mobile operator were 14 million plus there was a use case for a 24 million plus a year on year revenue was 130%, uh, 32 million plus for 38%. These are, um, these are different CVM pipe, uh, use cases, as well as network use cases. And then there were 44%, uh, telco with 76 million subscribers. So I think that there are a lot more use cases that we could talk about, but, but in this case, this is the ones we're looking at again, 183%. This is something that we find consistently, and these figures come from our, uh, our actual end client. So how do we unlock the full potential of this? Well, I think to start is to arrange a meeting and, uh, it would be great to, to, uh, for you to reach out to me or to Anthony. Uh, we're working in conjunction on this and we can set up a, uh, we can set up a meeting and we can go through this initial meeting. And, uh, I think that's the very beginning. Uh, again, you can get additional information from Cloudera website and from the league of data website, Anthony, that's the story. Thank you. >>Oh, that's great. Jeremy, thank you so much. It's a, it's, it's wonderful to go deep. And I know that there are hundreds of use cases being deployed in MTN, um, but great to go deep on one. And like you said, it can, once you get that sort of architecture in place, you can do so many different things. The power of data is tremendous, but it's great to be able to see how you can, how you can track it end to end from collecting the data, processing it, understanding it, and then applying it in a commercial context and bringing actual revenue back into the business. So there is your ROI straightaway. Now you've got a platform that you can transform your business on. That's, that's, it's a tremendous story, Jimmy, and thank you for your partnership. So, um, that's, uh, that's, that's our story for today, like Jamie says, um, please do fleet, uh, feel free to reach out to us. Um, the, the website addresses are there and our contact details, and we'd be delighted to talk to you a little bit more about some of the other use cases, perhaps, um, and maybe about your own business and, uh, and how we might be able to make it, make it perform a little better.

>>Hi today, I'm going to talk about network analytics and what that means for, for telecommunications as we go forward. Um, thinking about, uh, 5g, what the impact that's likely to have on, on network analytics and the data requirement, not just to run the network and to understand the network a little bit better. Um, but also to, to inform the rest of the operation of the telecommunications business. Um, so as we think about where we are in terms of network analytics and what that is over the last 20 years, the telecommunications industry has evolved its management infrastructure, uh, to abstract away from some of the specific technologies in the network. So what do we mean by that? Well, uh, in the, in the initial, uh, telecommunications networks were designed, there were management systems that were built in, um, eventually fault management systems, uh, assurance systems, provisioning systems, and so on were abstracted away. >>So it didn't matter what network technology had, whether it was a Nokia technology or Erickson technology or Huawei technology or whatever it happened to be. You could just look at your fault management system, understand where false, what happened as we got into the last sort of 10, 15 years or so. Telecommunication service providers become became more sophisticated in terms of their approach to data analytics and specifically network analytics, and started asking questions about why and what if in relation to their network performance and network behavior. And so network analytics as a, as a bit of an independent function was born and over time, more and more data began to get loaded into the network analytics function. So today just about every carrier in the world has a network analytics function that deals with vast quantities of data in big data environments that are now being migrated to the cloud. >>As all telecommunications carriers are migrating as many it workloads as possible, um, to the cloud. So what are the things that are happening as we migrate to the cloud that drive, uh, uh, enhancements in use cases and enhancements and scale, uh, in telecommunications network analytics? Well, 5g is the big thing, right? So 5g, uh, it's not just another G in that sense. I mean, in some cases, in some senses, it is 5g means greater bandwidth, lower latency and all those good things. So, you know, we can watch YouTube videos with less interference and, and less sluggish bandwidth and so on and so forth. But 5g is really about the enterprise and enterprise services. Transformation, 5g is more secure, kind of a network, but 5g is also a more pervasive network 5g, a fundamentally different network topology than previous generations. So there's going to be more masts and that means that you can have more pervasive connectivity. >>Uh, so things like IOT and edge applications, autonomous cars, smart cities, these kinds of things, um, are all much better served because you've got more masks that of course means that you're going to have a lot more data as well. And we'll get to that. The second piece is immersive digital services. So with more masks, with more connectivity, with lower latency with higher man, the potential, uh, is, is, is, is immense for services innovation. And we don't know what those services are going to be. We know that technologies like augmented reality, virtual reality, things like this have great potential. Um, but we, we have yet to see where those commercial applications are going to be, but the innovation and the innovation potential for 5g is phenomenal. Um, it certainly means that we're going to have a lot more, uh, edge devices, um, uh, and that again is going to lead to an increase in the amount of data that we have available. >>And then the idea of pervasive connectivity when it comes to smart, smart cities, uh, autonomous, autonomous currents, um, uh, integrated traffic management systems, um, all of this kind of stuff, those of those kind of smart environments thrive where you've got this kind of pervasive connectivity, this persistent, uh, connection to the network. Um, again, that's going to drive, um, um, uh, more innovation. And again, because you've got these new connected devices, you're going to get even more data. So this rise, this exponential rise in data is really what's driving the change in, in network analytics. And there are four major vectors that are driving this increase in data in terms of both volume and in terms of speed. So the first is more physical elements. So we said already that 5g networks are going to have a different apology. 5g networks will have more devices, more and more masks. >>Um, and so with more physical elements in the network, you're going to get more physical data coming off those physical networks. And so that needs to be aggregated and collected and managed and stored and analyzed and understood when, so that we can, um, have a better understanding as to why things happened the way they do, why the network behaves in which they do in, in, in, in ways that it does and why devices that are connected to the network. And ultimately of course, consumers, whether they be enterprises or retail customers, um, behave in the way they do in relation to their interaction within our edge nodes and devices, we're going to have a, uh, an explosion in terms of the number of devices. We've already seen IOT devices with your different kinds of trackers and, uh, and, and sensors that are hanging off the edge of the network, whether it's to make buildings smarter car smarter, or people smarter, um, in, in terms of having the, the, the measurements and the connectivity and all that sort of stuff. >>So the numbers of devices on the agent beyond the age, um, are going to be phenomenal. One of the things that we've been trying to with as an industry over the last few years is where does the telco network end, and where does the enterprise, or even the consumer network begin. You used to be very clear that, you know, the telco network ended at the router. Um, but now it's not, it's not that clear anymore because in the enterprise space, particularly with virtualized networking, which we're going to talk about in a second, um, you start to see end to end network services being deployed. Um, uh, and so are they being those services in some instances are being managed by the service provider themselves, and in some cases by the enterprise client, um, again, the line between where the telco network ends and where the enterprise or the consumer network begins, uh, is not clear. >>Uh, so, so those edge, the, the, the proliferation of devices at the age, um, uh, in terms of, um, you know, what those devices are, what the data yield is and what the policies are, their need to govern those devices, um, in terms of security and privacy, things like that, um, that's all going to be really, really important virtualized services. We just touched on that briefly. One of the big, big trends that's happening right now is not just the shift of it operations onto the cloud, but the shift of the network onto the cloud, the virtualization of network infrastructure, and that has two major impacts. First of all, it means that you've got the agility and all of the scale, um, uh, benefits that you get from migrating workloads to the cloud, the elasticity and the growth and all that sort of stuff. But arguably more importantly for the telco, it means that with a virtualized network infrastructure, you can offer entire networks to enterprise clients. >>So if you're selling to a government department, for example, is looking to stand up a system for certification of, of, you know, export certification, something like that. Um, you can not just sell them the connectivity, but you can sell them the networking and the infrastructure in order to serve that entire end to end application. You could sentence, you could offer them in theory, an entire end-to-end communications network, um, and with 5g network slicing, they can even have their own little piece of the 5g bandwidth that's been allocated against the carrier, um, uh, and, and have a complete end to end environment. So the kinds of services that can be offered by telcos, um, given virtualize network infrastructure, uh, are, are many and varied. And it's a, it's a, it's a, um, uh, an outstanding opportunity. But what it also means is that the number of network elements virtualized in this case is also exploding. >>That means the amount of data that we're getting on, uh, informing us as to how those network elements are behaving, how they're performing, um, uh, is, is, is going to go up as well. And then finally, AI complexity. So on the demand side, um, while historically, uh, um, network analytics, big data, uh, has been, has been driven by, um, returns in terms of data monetization, uh, whether that's through cost avoidance, um, or service assurance, uh, or even revenue generation through data monetization and things like that. AI is transforming telecommunications and every other industry, the potential for autonomous operations, uh, is extremely attractive. And so understanding how the end-to-end telecommunication service delivering delivery infrastructure works, uh, is essential, uh, as a training ground for AI models that can help to automate a huge amount of telecommunications operating, um, processes. So the AI demand for data is just going through the roof. >>And so all of these things combined to mean big data is getting explosive. It is absolutely going through the roof. So that's a huge thing that's happening. So as telecommunications companies around the world are looking at their network analytics infrastructure, which was initially designed for service insurance primarily, um, and how they migrate that to the cloud. These things are impacting on those decisions because you're not just looking at migrating a workload to operate in the cloud that used to work in the, in the data center. Now you're looking at, um, uh, migrating a workload, but also expanding the use cases in that work and bear in mind, many of those, those are going to need to remain on prem. So they'll need to be within a private cloud or at best a hybrid cloud environment in order to satisfy a regulatory jurisdictional requirements. So let's talk about an example. >>So LGU plus is a Finastra fantastic service provider in Korea. Um, huge growth in that business over the last, uh, over the last 10, 15 years or so. Um, and obviously most people will be familiar with LG, the electronics brand, maybe less so with, uh, with LG plus, but they've been doing phenomenal work. And we're the first, uh, business in the world who launch commercial 5g in 2019. And so a huge milestone that they achieved. And at the same time they deploy the network real-time analytics platform or in rep, uh, from a combination of Cloudera and our partner calmer. Now, um, there were a number of things that were driving, uh, the requirement for it, for the, for the analytics platform at the time. Um, clearly the 5g launch was that was the big thing that they had in mind, but there were other things that re so within the 5g launch, um, uh, they were looking for, for visibility of services, um, and service assurance and service quality. >>So, you know, what services have been launched? How are they being taken up? What are the issues that are arising, where are the faults happening? Um, where are the problems? Because clearly when you launch a new service, but then you want to understand and be on top of the issues as they arise. Um, so that was really, really important. The second piece was, and, you know, this is not a new story to any telco in the world, right. But there are silos in operation. Uh, and so, um, taking advantage of, um, or eliminating redundancies through the process, um, of, of digital transformation, it was really important. And so particular, the two silos between wired and the wireless sides of the business come together so that there would be an integrated network management system, um, for, uh, for LGU plus, as they rolled out 5g. So eliminating redundancy and driving cost savings through the, the integration of the silos is really, really important. >>And that's a process and the people thing every bit, as much as it is a systems and a data thing. So, um, another big driver and the fourth one, you know, we've talked a little bit about some of these things, right? 5g brings huge opportunity for enterprise services, innovation. So industry 4.0 digital experience, these kinds of use cases, um, are very important in the south Korean marketing and in the, um, in the business of LGU plus. And so, uh, um, looking at AI and how can you apply AI to network management? Uh, again, there's a number of use cases, really, really exciting use cases that have gone live now, um, in LG plus since, uh, since we did this initial deployment and they're making fantastic strides there, um, big data analytics for users across LGU plus, right? So it's not just for, um, uh, it's not just for the immediate application of 5g or the support or the 5g network. >>Um, but also for other data analysts and data scientists across the LGU plus business network analytics, while primarily it's primary it's primary use case is around network management, um, LGU plus, or, or network analytics, um, has applications across the entire business, right? So, um, you know, for customer churn or next best offer for understanding customer experience and customer behavior really important there for digital advertising, for product innovation, all sorts of different use cases and departments within the business needed access to this information. So collaboration sharing across the network, the real-time network analytics platform, um, it was very important. And then finally, as I mentioned, LG group is much bigger than just LG plus it's because the electronics and other pieces, and they had launched a major group wide digital transformation program in 2019, and still being a part of that was, well, some of them, the problems that they were looking to address. >>Um, so first of all, the integration of wired and wireless data service data sources, and so getting your assurance data sources, your network, data sources, uh, and so on integrated with is really, really important scale was massive for them. Um, you know, they're talking about billions of transactions in under a minute, uh, being processed, um, and hundreds of terabytes per day. So, uh, you know, phenomenal scale, uh, that needed to be available out of the box as it were, um, real time indicators and alarms. And there was lots of KPIs and thresholds set that, you know, w to make, make it to meet certain criteria, certain standards, um, customer specific, real time analysis of 5g, particularly for the launch root cause analysis, an AI based prediction on service, uh, anomalies and service service issues was, was, was a core use case. Um, as I talked about already the provision of service of data services across the organization, and then support for 5g, uh, served the business service, uh, impact, uh, was extremely important. >>So it's not just understand well, you know, that you have an outage in a particular network element, but what is the impact on the business of LGU plus, but also what is the impact on the business of the customer, uh, from an outage or an anomaly or a problem on, on, on the network. So being able to answer those kinds of questions really, really important, too. And as I said, between Cloudera and Kamarck, uh, uh, and LGU plus, uh, really themselves an intrinsic part of the solution, um, uh, this is, this is what we, we ended up building. So a big complicated architecture space. I really don't want to go into too much detail here. Um, uh, you can see these things for yourself, but let me skip through it really quickly. So, first of all, the key data sources, um, you have all of your wireless network information, other data sources. >>This is really important because sometimes you kind of skip over this. There are other systems that are in place like the enterprise data warehouse that needed to be integrated as well, southbound and northbound interfaces. So we get our data from the network and so on, um, and network management applications through file interfaces. CAFCA no fire important technologies. And also the RDBMS systems that, uh, you know, like the enterprise data warehouse that we're able to feed that into the system. And then northbound, um, you know, we spoke already about me making network analytics services available across the enterprise. Um, so, uh, you know, uh, having both the file and the API interface available, um, for other systems and other consumers across the enterprise is very important. Um, lots of stuff going on then in the platform itself to petabytes and persistent storage, um, Cloudera HDFS, 300 nodes for the, the raw data storage, um, uh, and then, uh, could do for real time storage for real-time indicator analysis, alarm generation, um, uh, and other real time, um, processes. >>Uh, so there, that was the, the core of the solution, uh, spark processes for ETL key quality indicators and alarming, um, and also a bunch of work done around, um, data preparation, data generation for transferal to, to third party systems, um, through the northbound interfaces, um, uh, Impala, API queries, um, for real-time systems, uh, there on the right hand side, and then, um, a whole bunch of clustering classification, prediction jobs, um, through the, uh, the, the, the, the ML processes, the machine learning processes, uh, again, another key use case, and we've done a bunch of work on that. And, um, I encourage you to have a look at the Cloudera website for more detail on some of the work that we did here. Um, so this is some pretty cool stuff. Um, and then finally, just the upstream services, some of these there's lots more than, than, than simply these ones, but service assurance is really, really important. So SQM cm and SED grade. So the service quality management customer experience, autonomous controllers, uh, really, really important consumers of, of the, of the real-time analytics platform, uh, and your conventional service assurance, um, functions like faulted performance management. Uh, these things are as much consumers of the information and the network analytics platform as they are providers of data to the network, uh, analytics >>Platform. >>Um, so some of the specific use cases, uh, that, uh, have been, have been stood up and that are delivering value to this day and lots of more episodes, but these are just three that we pulled out. Um, so first of all, um, uh, sort of specific monitoring and customer quality analysis, Karen response. So again, growing from the initial 5g launch and then broadening into broader services, um, understanding where there are the, where there are issues so that when people complaining, when people have an issue, um, that, um, uh, that we can answer the, the concerns of the client, um, in a substantive way, um, uh, AI functions around root cause analysis or understanding why things went wrong when they went wrong. Um, uh, and also making recommendations as to how to avoid those occurrences in the future. Uh, so we know what preventative measures can be taken. Um, and then finally the, uh, the collaboration function across LGU plus extremely important and continues to be important to this day where data is shared throughout the enterprise, through the API Lira through file interfaces and other things, and through interface integrations with, uh, with upstream systems. >>So, um, that's kind of the, the, uh, real quick run through of LGU plus the numbers are just stave staggering. Um, you know, we've seen, uh, upwards of a billion transactions in under 40 seconds being, um, uh, being tested. Um, and, and we've gone beyond those thresholds now, already, um, and we're started and, and, and, and this isn't just a theoretical sort of a benchmarking test or something like that. We're seeing these kinds of volumes of data and not too far down the track. So, um, with those things that I mentioned earlier with the proliferation of, of, um, of network infrastructure, uh, in the 5g context with virtualized elements, with all of these other bits and pieces are driving massive volumes of data towards the, uh, the, the, the network analytics platform. So phenomenal scale. Um, this is just one example we work with, with service providers all over the world is over 80% of the top 100 telecommunication service providers run on Cloudera. >>They use Cloudera in the network, and we're seeing those customers, all migrating legacy cloud platforms now onto CDP onto the Cloudera data platform. Um, they're increasing the, the, the jobs that they do. So it's not just warehousing, not just ingestion ETL, and moving into things like machine learning. Um, and also looking at new data sources from places like NWTF the network data analytics function in 5g, or the management and orchestration layer in, in software defined networks, network, function, virtualization. So, you know, new use cases coming in all the time, new data sources coming in all the time growth in, in, in, in the application scope from, as we say, from edge to AI. Um, and so it's, it's really exciting to see how the, the, the, the footprint is growing and how, uh, the applications in telecommunications are really making a difference in, in facilitating, um, network transformation. And that's covering that. That's me covered for today. I hope you found that helpful, um, by all means, please reach out, uh, there's a couple of links here. You can follow me on Twitter. You can connect to the telecommunications page, reach out to me directly at Cloudera. I'd love to answer your questions, um, uh, and, uh, and talk to you about how big data is transforming networks, uh, and how network transformation is, is accelerating telcos, uh, throughout >>Jamie Sharath with Liga data, I'm primarily on the delivery side of the house, but I also support our new business teams. I'd like to spend a minute really just kind of telling you about the legal data, where basically a Silicon valley startup, uh, started in 2014, and, uh, our lead iron, our executive team, basically where the data officers at Yahoo before this, uh, we provide managed data services, and we provide products that are focused on telcos. So we have some experience in non telco industry, but our focus for the last seven years or so is specifically on telco. So again, something over 200 employees, we have a global presence in north America, middle east Africa, Asia, and Europe. And we have folks in all of those places, uh, I'd like to call your attention to the, uh, the middle really of the screen there. So here is where we have done some partnership with Cloudera. >>So if you look at that and you can see we're in Holland and Jamaica, and then a lot to throughout Africa as well. Now, the data fabric is the product that we're talking about. And the data fabric is basically a big data type of data warehouse with a lot of additional functionality involved. The data fabric is comprised of, uh, some something called a flare, which we'll talk about in a minute below there, and then the Cloudera data platform underneath. So this is how we're partnering together. We, uh, we, we have this tool and it's, uh, it's functioning and delivering in something over 10 up. So flare now, flare is a piece of that legal data IP. The rest is there. And what flare does is that basically pulls in data, integrates it to an event streaming platform. It's, uh, it is the engine behind the data fabric. >>Uh, it's also a decisioning platform. So in real time, we're able to pull in data. We're able to run analytics on it, and we're able to alert are, do whatever is needed in a real-time basis. Of course, a lot of clients at this point are still sending data in batch. So it handles that as well, but we call that a CA picture Sanchez. Now Sacho is a very interesting app. It's an AI analytics app for executives. What it is is it runs on your mobile phone. It ties into your data. Now this could be the data fabric, but it couldn't be a standalone product. And basically it allows you to ask, you know, human type questions to say, how are my gross ads last week? How are they comparing against same time last week before that? And even the same time 60 days ago. So as an executive or as an analyst, I can pull it up and I can look at it instantly in a meeting or anywhere else without having to think about queries or anything like that. >>So that's pretty much for us at legal data, not really to set the context of where we are. So this is a traditional telco environments. So you see the systems of record, you see the cloud, you see OSS and BSS data. So one of the things that the next step above which calls we call the system of intelligence of the data fabric does, is it mergers that BSS and OSS data. So the longer we have any silos or anything that's separated, it's all coming into one area to allow business, to go in or allow data scientists go in and do that. So if you look at the bottom line, excuse me, of the, uh, of the system of intelligence, you can see that flare is the tools that pulls in the data. So it provides even streaming capabilities. It preserves entity states, so that you can go back and look at it state at any time. >>It does stream analytics that is as the data is coming in, it can perform analytics on it. And it also allows real-time decisioning. So that's something that, uh, that's something that business users can go in and create a system of, uh, if them's, it looks very much like the graph database, where you can create a product that will allow the user to be notified if a certain condition happens. So for instance, a bundle, so a real-time offer or user is succinct to run out of is ongoing, and an offer can be sent to him right on the fly. And that's set up by the business user as opposed to programmers, uh, data infrastructure. So the fabric has really three areas. That data is persistent, obviously there's the data lake. So the data lake stores that level of granularity that is very deep years and years of history, data, scientists like that, uh, and, uh, you know, for a historical record keeping and requirements from the government, that data would be stored there. >>Then there's also something we call the business semantics layer and the business semantics layer contains something over 650 specific telco KPIs. These are initially from PM forum, but they also are included in, uh, various, uh, uh, mobile operators that we've delivered at. And we've, we've grown that. So that's there for business data lake is there for data scientists, analytical stores, uh, they can be used for many different reasons. There are a lot of times RDBMS is, are still there. So these, this, this basically platform, this cloud they're a platform can tie into analytical data stores as well via flair access and reporting. So graphic visualizations, API APIs are a very key part of it. A third-party query tools, any kind of grid tools can be used. And those are the, of course, the, uh, the ones that are highly optimized and allow, you know, search of billions of records. >>And then if you look at the top, it's the systems of engagement, then you might vote this use cases. So teleco reporting, hundreds of KPIs that are, that are generated for users, segmentation, basically micro to macro segmentation, segmentation will play a key role in a use case. We talked about in a minute monetization. So this helps teleco providers monetize their specific data, but monetize it in. Okay, how to, how do they make money off of it, but also how might you leverage this data to engage with another client? So for instance, in some where it's allowed a DPI is used, and the fabric tracks exactly where each person goes each, uh, we call it a subscriber, goes within his, uh, um, uh, internet browsing on the, on the four or 5g. And, uh, the, all that data is stored. Uh, whereas you can tell a lot of things where the segment, the profile that's being used and, you know, what are they propensity to buy? Do they spend a lot of time on the Coca-Cola page? There are buyers out there that find that information very valuable, and then there's signs of, and we spoke briefly about Sanchez before that sits on top of the fabric or it's it's alone. >>So, so the story really that we want to tell is, is one, this is, this is one case out of it. This is a CVM type of case. So there was a mobile operator out there that was really offering, you know, packages, whether it's a bundle or whether it's a particular tool to subscribers, they, they were offering kind of an abroad approach that it was not very focused. It was not depending on the segments that were created around the profiling earlier, uh, the subscriber usage was somewhat dated and this was causing a lot of those. A lot of those offers to be just basically not taken and, and not, not, uh, audited. Uh, there was limited segmentation capabilities really before the, uh, before the, uh, fabric came in. Now, one of the key things about the fabric is when you start building segments, you can build that history. >>So all of that data stored in the data lake can be used in terms of segmentation. So what did we do about that? The, the, the envy and, oh, the challenge this, uh, we basically put the data fabric in and the data fabric was running Cloudera data platform and that, uh, and that's how we team up. Uh, we facilitated the ability to personalize campaign. So what that means is, uh, the segments that were built and that user fell within that segment, we knew exactly what his behavior most likely was. So those recommendations, those offers could be created then, and we enable this in real time. So real-time ability to even go out to the CRM system and gather further information about that. All of these tools, again, we're running on top of the Cloudera data platform, uh, what was the outcome? Willie, uh, outcome was that there was a much more precise offer given to the client that is, that was accepted, no increase in cross sell and upsell subscriber retention. >>Uh, our clients came back to us and pointed out that, uh, it was 183% year on year revenue increase. Uh, so this is a, this is probably one of the key use cases. Now, one thing to really mention is there are hundreds and hundreds of use cases running on the fabric. And I would even say thousands. A lot of those have been migrated. So when the fabric is deployed, when they bring the Cloudera and the legal data solution in there's generally a legacy system that has many use cases. So many of those were, were migrated virtually all of them in pen, on put on the cloud. Uh, another issue is that new use cases are enabled again. So when you get this level of granularity and when you have campaigns that can now base their offers on years of history, as opposed to 30 days of history, the campaigns campaign management response systems, uh, are, are, uh, are enabled quite a bit to do all, uh, to be precise in their offers. Okay. >>Okay. So this is a technical slide. Uh, one of the things that we normally do when we're, when we're out there talking to folks, is we talk and give an overview and that last little while, and then we give a deep technical dive on all aspects of it. So sometimes that deep dive can go a couple of hours. I'm going to do this slide and a couple of minutes. So if you look at it, you can see over on the left, this is the, uh, the sources of the data. And they go through this tool called flare that runs on the cloud. They're a data platform, uh, that can either be via cues or real-time cues, or it can be via a landing zone, or it can be a data extraction. You can take a look at the data quality that's there. So those are built in one of the things that flare does is it has out of the box ability to ingest data sources and to apply the data quality and validation for telco type sources. >>But one of the reasons this is fast to market is because throughout those 10 or 12, uh, opcos that we've done with Cloudera, where we have already built models, so models for CCN, for air for, for most mediation systems. So there's not going to be a type of, uh, input that we haven't already seen are very rarely. So that actually speeds up deployment very quickly. Then a player does the transformations, the, uh, the metrics, continuous learning, we call it continuous decisioning, uh, API access. Uh, we, uh, you know, for, for faster response, we use distributed cash. I'm not going to go too deeply in there, but the layer in the business semantics layer again, are, are sitting on top of the Cloudera data platform. You see the Kafka CLU, uh, Q1, the right as well. >>And all of that, we're calling the fabric. So the fabric is Cloudera data platform and the cloud and flair and all of this runs together. And, and by the way, there've been many, many, many, many hundreds of hours testing flare with Cloudera and, uh, and the whole process, the results, what are the results? Well, uh, there are, there are four I'm going to talk about, uh, we saw the one for the, it was called my pocket pocket, but it's a CDM type, a use case. Uh, the subscribers of that mobile operator were 14 million plus there was a use case for 24 million plus that a year on year revenue was 130%, uh, 32 million plus for 38%. These are, um, these are different CVM pipe, uh, use cases, as well as network use cases. And then there were 44%, uh, telco with 76 million subscribers. So I think that there are a lot more use cases that we could talk about, but, but in this case, this is the ones we're looking at, uh, again, 183%. This is something that we find consistently. And these figures come from our, uh, our actual end client. How do we unlock the full potential of this? Well, I think to start is to arrange a meeting and, uh, it would be great to, to, uh, for you to reach out to me or to Anthony. Uh, we're working at the junction on this, and we can set up a, uh, we can set up a meeting and we can go through this initial meeting. And, uh, I think that's the very beginning. Uh, again, you can get additional information from Cloudera website and from the league of data website, Anthony, that's the story. Thank you. >>No, that's great. Jeremy, thank you so much. It's a, it's, it's wonderful to go deep. And I know that there are hundreds of use cases being deployed in MTN, um, but great to go deep on one. And like you said, it can, once you get that sort of architecture in place, you can do so many different things. The power of data is tremendous, but it's great to be able to see how you can, how you can track it end to end from collecting the data, processing it, understanding it, and then applying it in a commercial context and bringing actual revenue back into the business. So there is your ROI straight away. Now you've got a platform that you can transform your business on. That's, that's, it's a tremendous story, Jamie, and thank you for your part. Sure. Um, that's a, that's, that's our story for today. Like Jamie says, um, please do flee, uh, feel free to reach out to us. Um, the, the website addresses are there and our contact details, and we'd be delighted to talk to you a little bit more about some of the other use cases, perhaps, um, and maybe about your own business and, uh, and how we might be able to make it, make it perform a little better. So thank you.

>>Live from Barcelona, Spain. It's the Cube covering Cisco Live 2020 right to you by Cisco and its ecosystem partners. >>Welcome back, everyone to the Cube's live coverage Day four of four days of wall to wall action here in Barcelona, Spain, for Cisco Live. 2020. I'm John Furrier with my co host Dave Volante, with a very special guest here to wrap up Cisco Live. The president of Europe, Middle East Africa and Russia. Francisco Wendy Mars Cube Alumni. Great to see you. Thanks for coming on to. I kind of put a book into the show here. Thanks for joining us. >>It's absolutely great to be here. Thank you. >>So what a transformation. As Cisco's business model of continues to evolve, we've been saying brick by brick, we still think big move coming. I think there's more action. I can sense the walls talking to us like Cisco live in the US and more technical announcement. In the next 24 months, you can see you can see where it's going. It's cloud, it's APS. It's policy based program ability. It's really a whole another business model shift for you and your customers. Technology shift in the business model shift. So I want to get your perspective this year. Opening. Keynote. Oh, you let it off Talking about the philosophy of the business model, but also the first presenter was not a networking guy. It was an application person. App dynamics. Yep, this is a shift. What's going on with Cisco? What's happening? What's the story? >>You know, if if you look for all of the work that we're doing is is really driven by what we see from requirements from our customers to change, that's happening in the market and it is all around. You know, if you think digital transformation is the driver organizations now are incredibly interested in, how do they capture that opportunity? How do they use technology to help them? But, you know, if you look at it, really, there's the three items that are so important it's the business model evolution. It's actually the business operations for for organizations. Plus, there people, they're people in the communities within that those three things working together. And if you look at it with, it's so exciting with application dynamics there because if you look for us within Cisco, that linkage off the application layer through into the infrastructure into the network. And bringing that linkage together is the most powerful thing because that's the insights and the value our customers are looking for. >>You know, we've been talking about the the innovation sandwich, you know, you got data in the middle and you've got technology and applications underneath. That's kind of what's going on here, but I'm glad you brought up the part about business model. This is operations and people in communities. During your keynote, you had a slide that laid out three kind of pillars. Yes, people in communities, business model and business operations. There was no 800 series in there. There was no product discussions. This is fundamentally the big shift that business models are changing. I tweeted provocatively, the killer wrap in digital business model. Because you think about it. The applications are the business. What's running under the covers is the technology, but it's all shifting and changing, so every single vertical every single business is impacted by. This is not like a certain secular thing in the industry. This is a real change. Can you describe how those three things are operating with that can >>sure. I think if you look from, you know, so thinking through those three areas. If you look at the actual business model itself, our business models is organizations are fundamentally changing and they're changing towards as consumers. We are all much more specific about what we want. We have incredible choice in the market. We are more informed than ever before. But also we are interested in the values of the organizations that we're getting the capability from us as well as the products and the services that naturally we're looking to gain. So if you look in that business model itself, this is about, you know, organizations making sure they stay ahead from a competitive standpoint about the innovation of portfolio that they're able to bring, but also that they have a strong, strong focus around the experience, that they're customer gains from an application, a touch standpoint that all comes through those different channels, which is at the end of the day, the application. Then if you look as to how do you deliver that capability through the systems, the tools, the processes? As we all evolve, our businesses have to change the dynamic within your organization to cope with that. And then, of course, in driving any transformation, the critical success factor is your people and your culture. You need your teams with you. The way teams operate now is incredibly different. It's no longer command and control. It's agile capability coming together. You need that to deliver on any transformation. Never, never mind. Let it be smooth, you know, in the execution they're all three together. >>But what I like about that model and I have to say, this is, you know, 10 years of doing the Cube, you see that marketing in the vendor community often leads what actually happens. Not surprising as we entered the last decade, there's a lot of talk about Cloud. Well, it kind of was a good predictor. We heard a lot about digital transformation. A lot of people roll their eyes and think it's a buzzword, but we really are. I feel like exiting this cloud era into the digital era. It feels, really, and there are companies that get it and are leaning in. There are others that maybe you're complacent. I'm wondering what you're seeing in Europe just in terms of everybody talks digital, every CEO wants to get it right. But there is complacency. Their financial services said Well, I'm doing pretty well, not on my watch. Others say, Hey, we want to be the disruptors and not get disrupted. What are you seeing in the region? In terms of that sentiment, >>I would say across the region, you know, there will always be verticals and industries that slightly more advanced than others. But I would say that the bulk of conversations that I'm engaged in independence of the industry or the country in which we're having that conversation in there is a acceptance off transfer. Digital transformation is here. It is affecting my business. I if I don't disrupt, I myself will be disrupted and we challenged Help me. So I You know, I'm not disputing the end state and the guidance and support soon drive the transition and risk mitigated manner, and they're looking for help in that there's actually pressure in the board room now around a what are we doing within within organizations within the enterprise service, right of the public sector, any type of style of company. There's that pressure point in the board room of Come on, we need to move it speed. >>Now the other thing about your model is technology plays a role and contribute. It's not the be all end. All that plays a role in each of those the business model of business operations developing and nurturing communities. Can you add more specifics? What role do you see technology in terms of advancing those three years? >>So I think, you know, if you look at it, technology is fundamental to all of those fears in regard. Teoh Theo innovation that differentiation technology could bring the key challenges. One being able to apply it in a manner where you can really see differentiation of value within the business. So and then the customer's organization. Otherwise, it's technology for the sake of technology. So we see very much a movement now to this conversation of talk about the use case, the use cases, the way by which that innovation could be used to deliver value to the organization on also different ways by which a company will work. Look at the collaboration Kate Capability that we announced earlier this week of helping to bring to life that agility. Look at the the APP D discussion of helping the link the layer of the application into the infrastructure of the network to get to root, cause identification quickly and to understand where you may have a problem before you actually arises and causes downtime many, many ways. >>I think the agility message has always been a technical conversation. Agile methodology, technology, softer development, No problem check. That's 10 years ago. But business agility is moving from a buzz word to reality. Exactly. That's what you're kind of getting. >>Their teams have. Teams operate, how they work and being able to be quick, efficient, stand up, stand down and operate in that way. >>You know, we were kind of thinking out loud on the Cube and just riffing with Fabio Gori on your team on Cisco's team about clarification with you, Gene Kim around kind of real time. What was interesting is we're like, Okay, it's been 13 years since the iPhone, and so 13 years of mobile in your territory in Europe, Middle East Africa mobility has been around before the iPhone, so more advanced data privacy much more advanced in your region. So you you you have a region that's pretty much I think, the tell signs for what's going on North American around the world. And so you think about that. You say Okay, how is value created? How the economics changing this is really the conversation about the business model is okay. If the value activities are shifting and being more agile and the economics are changing with SAS, if someone's not on this bandwagon is not an end state discussion, very. It's done Deal. >>Yeah, it's But I think also there were some other conversation which, which are very prevalent here, is in the region so around trust around privacy law, understanding compliance. If you look at data where data resides, portability of that data GDP our came from Europe has pushed out on those conversations will continue as we go over time. And if I also look at, you know, the dialogue that you saw, you know, within World Economic Forum around sustainability that is becoming a key discussion now within government here in Spain, you know, from a climate standpoint and many other areas >>as well. David, I've been riffing around this whole where the innovation is coming from. It's coming from your region, not so much the us US. We've got some great innovations. But look at Blockchain. Us is like, don't touch it pretty progressive outside United States. A little dangerous to, But that's where innovation is coming from, and this is really the key that we're focused on. I want to get your thoughts on. How do you see it going? Next level? The next level. Next. Gen Business model. What's your What's your vision? >>So I think there'll be lots of things if we look at things like it with the introduction. Introduction of artificial intelligence, Robotics capability five g of course, you know, on the horizon we have Mobile World Congress here in Barcelona a few weeks time. And if you talked about with the iPhone, the smartphone, of course, when four g was introduced, no one knew what the use case where that would be. It was the smartphone, which wasn't around at that time. So with five G and the capability there, that will bring again yet more change to the business model for different organizations and capability and what we can bring to market >>the way we think about AI privacy data ownership becomes more important. Some of the things you were talking about before. It's interesting what you're saying. John and Wendy, the GDP are set this standard and and you're seeing in the US they're stovepipes for that standard California is gonna do want every state is gonna have a difference, and that's going to slow things down. It's going to slow down progress. Do you see sort of an extension of GDP, our like framework of being adopted across the region, potentially accelerating some of these sticky issues and public policy issues that can actually move the market forward? >>I think I think that will because I think there'll be more and more if you look at this is terminology of data. Is the new oil What do you do with data? How do you actually get value from that data? Make intelligent business decisions around that? So, yeah, that's critical. But yet if you look for all of ours, we are extremely passionate about where's our data used again? Back to trust and privacy. You need compliance, you need regulation. And I think this is just the beginning off how we will see that >>evolving. You know, when you get your thoughts. David, I've been riffing for 10 years around the death of storage. Long live storage. But data needs to be stored somewhere. Networking is the same kind of conversation just doesn't go away. In fact, there's more pressure now to get the smartphone. That was 13 years ago, before that. Mobility, data and Video. Now super important driver. That's putting more pressure on you guys. And so hey, we did well, networking. So it's kind of like Moore's Law. More networking, more networking. So video and data are now big your thoughts on video and data video. >>But if you look out the Internet of the future, you know what? So if you look for all of us now, we are also demanding as individuals around capability and access of. That's an Internet of the future. The next phase. We want even more so they'll be more more requirement for speed availability, that reliability of service, the way by which we engage in we communicate. There's some fundamentals there, so continuing to grow, which is which is so, so exciting force. >>So you talk about digital transformation that's obviously in the mind of C level executives. I got to believe security is up. There is a topic one other. What's the conversation like in the corner office when you go visit your customers? >>So I think there's a There's a huge excitement around the opportunity, realizing the value of the of the opportunity on. You know, if you look at top of mind conversations around security around, making sure that you can make taint, maintain that fantastic customer experience because if you don't the customer go elsewhere, How do you do that? How do you enrich at all times and also looking at market? Jason sees, you know, as you go in a new tour at senior levels, within, within organizations independent of the industry in which they're in. They're a huge amount of commonalities that we see across those of consistent problems by which organizations are trying to solve. And actually, one of the big questions is what's the pace of change that I should operate us on? When is it too fast? And one is one of my too slow and trying to balance that is exciting but also a challenge for a company. >>So you feel like sentiment. There's still strong, even though we're 10 years into this, this bull market you get Brexit, China tensions with US US elections. But but generally you see sentiment still pretty strong demand. >>So I would say that the the the excitement around technology, the opportunity that is there around technology in its broader sense is greater than ever before. And I think it's on all of us to be able to help organizations to understand how they can consume and see value from us. But it's a fantastic times, >>gets economic indicators way. So >>I know you >>have to be careful, >>but really, the real I think I'm trying to get to is is the mindset of the CEO. The corner office right now is it is that we're gonna we're gonna grow short term by cutting or do we going to be aggressive and go after this incremental opportunity? And it's probably both. You see a lot of automation in cars >>both, and I think if you look fundamentally for organizations, it's it's the three things helped me to make money, how to save money, keep me out of trouble. So those are the pivots they all operate with on, you know, depending on where an organization is in its journey, whether they're start up there in the middle, the more mature and some of the different dynamics and the markets in which they operate in a well, there's all different variables, you know? So it's it's it's mixed. >>Wendy, thanks so much to spend the time to come on. The Cube really appreciate great keynote folks watching. If you haven't seen the keynote opening section, that's good. Second, the business model. I think it's really right on. I think that's gonna be a conversation will continue. So thanks for sharing that before we look. Before we leave, I want to just ask a question around, What? What's going on for you here in Barcelona? As the show winds down, you had all your activities. Take us in the day in the life of what you do. Customer meetings. What were some of those conversations? Take us inside inside. What? What goes on for you here? >>I tell you, it's been an amazing It's been amazing few days, So it's a combination of customer conversations around some of the themes We just talked about conversations with partners. There's investor companies that we invest in a Cisco that I've been spending some time with on also spending time with the teams as well. The definite zone, you know, is amazing. We have this afternoon the closing session where we got a fantastic, um, external guests who's coming in is going to be really exciting as well. And then, of course, the party tonight and will be announcing the next location, which I'm not going to reveal now. Later on today, >>we kind of figured it out because that's our job is to break news, but we're not gonna break it for you to have that. Hey, thank you so much for coming on. Really appreciate. When any market in Europe, Middle East Africa and Russia for Cisco she's got her hand on the pulse and the future is the business model. That's what's going on. Fundamentally radical change across the board in all areas. This is the Cube, bringing you all the action here in Barcelona. Thanks for watching. >>Yeah, yeah,

[Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] you [Music] [Applause] [Music] live from Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners come back this is the cubes coverage of Cisco live 2020 here in Barcelona doing about three and a half days of wall-to-wall coverage here I'm Stu minim and my co-host for this segment is Dave Volante John furs also here scouring the floor and really happy to welcome to the program to first-time guests I believe so Ron Daris is the product manager of product marketing for cloud computing with Cisco and sitting to his left is Matt Ferguson who's director of product development also with the Cisco cloud group Dave and I are from Boston Matt is also from the Boston area yes and Costas is coming over from London so thanks so much for joining us thanks IBPS all right so obviously cloud computing something we've been talking about many years we've really found fascinating the relationship Cisco's had with its customers as well as through the partner ecosystem had many good discussions about some of the announcements this week maybe start a little bit you know Cisco's software journey and you know positioning in this cloud space right now yes oh so it's a it's a really interesting dynamic when we start transitioning to multi cloud and we actually deal with cloud and compute coming together and we've had whether you're looking at the infrastructure ops organization or whether you're looking at the apps operations or whether you're looking at you know your dev environment your security operations each organization has to deal with their angle at which they view you know multi cloud or they view how they actually operate within those the cloud computing context and so whether you're on the infrastructure side you're looking at compute you're looking at storage you're looking at resources if you're an app operator you're looking at performance you're looking at visibility assurance if you are in the security operations you're looking at maybe governance you're looking at policy and then when you're a developer you really sort of thinking about CI CD you're talking about agility and there's very few organizations like Cisco that actually is looking at from a product perspective all those various angles of multi-cloud yeah definitely a lot of piece of cost us maybe up level it for us a little bit there's there's so many pieces you know we talked for so long you know you don't talk to any company that doesn't have a cloud strategy doesn't mean that it's not going to change over time and it means every company's got at home positioning but talk about the relationship cisco has with its customer and really the advisory position that you want to have with them it's actually a very relevant question to what to what Matt is talking about because we talk a lot about multi cloud as a trend and hybrid clouds and this kind of relationship between the traditional view of looking at computing data centers and then expanding to different clouds you know public cloud providers have now amazing platform capabilities and if you think about it the the it goes back to what Matt said about IT ops and the development kind of efforts why is this happening really you know there's there's the study that we did with with an analyst and there was an amazing a shocking stat around how within the next three years organizations will have to support 50% more applications than they do now and we have been trying to test this stat our events that made customer meetings etc that is a lot of a lot of change for organizations so if you think about why are they use why do they need to basically what go and expand to those clouds is because they want to service IT Ops teams want ER servers with capabilities their developers faster right and this is where you have within the IT ops kind of theme organization you have the security kind of frame the compute frame the networking where you know Cisco has a traditional footprint how do you blend all this how do you bring all this together in a linear way to support individual unique application modernization efforts I think that's what are we hearing from customers in terms of the feedback and this is what influences our strategy to converts the different business units and engineering engineering efforts right couple years ago I have to admit I was kind of a multi cloud skeptic I always said I thought it was more of a symptom than actually a strategy a symptom of you know shadow IT and different workloads and so forth but now I'm kind of buying in because I think IT in particular has been brought in to clean up the crime scene I often say so I think it is becoming a strategy so if you could help us understand what you're hearing from customers in terms of their strategy toward the multi cloud and how Cisco that was mapping into that yeah so so when we talk to customers it comes back to the angle at which they're approaching the problem in like you said the shadow IT has been probably around for longer than anybody won't cares to admit because the people want to move faster organizations want to get their product out to market sooner and and so what what really is we're having conversations now about you know how do I get the visibility how do I get you know the policies and the governance so that I can actually understand either how much I'm spending in the cloud or whether I'm getting the actual performance that I'm looking for that I need the connectivity so I get the bandwidth and so these are the kinds of conversations that we have with customers is is is going I realize that this is going on now I actually have to now put some you know governance and controls around that is their products is their solutions is their you know they're looking to Cisco to help them through this journey because it is a journey because as much as we talk about cloud and you know companies that were born in the cloud cloud native there is a tremendous number of IT organizations that are just starting that journey that are just entering into this phase where they have to solve these problems yeah I agree and it's just starting the journey with a deliberate strategy as opposed to okay we got this this thing but if you think about the competitive landscape its kind of interesting and I want to try to understand where Cisco fits because again you you initially had companies that didn't know in a public cloud sort of pushing multi cloud and you'd say oh well okay so they have to do that but now you see anthos come out with Google you see Microsoft leaning in we think eventually AWS is going to lean in and then you say I'm kind of interested in working with someone whose cloud agnostic not trying to force now now Cisco a few years ago you didn't really think about Cisco as a player now so this goes right in the middle I have said often that Cisco's in a great position John Fourier as well to connect businesses and from a source of networking strength making a strong argument that we have the most cost-effective most secure highest performance network to connect clouds that seems to be a pretty fundamental strength of yours and does that essentially summarize your strategy and and how does that map into the actions that you're taking in terms of products and services that you're bringing to market I would say that I can I can I can take that ya know it's a chewy question for hours yeah so I I was thinking about a satellite in you mentioned this before and you're like okay that's you know the world is turning around completely because we we seem to talk about satellite e is something bad happening and now suddenly we completely forgot about it like let let free free up the developers gonna let them do whatever they want and basically that is what I think is happening out there in the market so all the solutions you mentioned in the go to market approaches and the architectures that the public cloud providers at least are offering out there certainly the big three have differences have their strengths and I think those strengths are closer to the developer environment basically you know if you're looking into something like a IML there's one provider that you go with if you're looking for a mobile development framework you're gonna go somewhere else if you're looking for a dr you're gonna go somewhere else maybe not a big cloud but your service provider that you've been dealing with all these all these times and you know that they have their accreditation that you're looking for so where does Cisco come in you know we're not a public cloud provider we offer products as a service from our data centers and our partners data centers but at the - at the way that the industry sees a cloud provider a public cloud like AWS a sure Google Oracle IBM etc we're not that we don't do that our mission is to enable organizations with software hardware products SAS products to be able to facilitate their connectivity security visibility observability and in doing business and in leveraging the best benefits from those clouds so we we kind of we kind of moved to a point where we flip around the question and the first question is who is your cloud provider what how many tell us the clouds you work with and we can give you the modular pieces you can put we can put together for you so there's so that you can make the best out of your plan it's been being able to do that across clouds we're in an environment that is consistent with policies that are consistent that represent the edicts of your organization no matter where your data lives that's sort of the the vision in the way this is translated into products into Cisco's product you naturally think about Cisco as the connectivity provider networking that's that's really sort of our you know go to in what we're also when we have a significant computing portfolio as well so connectivity is not only the connectivity of the actual wire between geographies point A to point B in the natural routing and switching world there's connectivity between applications between cute and so this week you know the announcements were significant in that space when you talk about the compute and the cloud coming together on a single platform that gives you not only the ability to look at your applications from a experience journey map so you can actually know where the problems might occur in the application domain you can actually then go that next level down into the infrastructure level and you can say okay maybe I'm running out of some sort of resource whether it's compute resource whether it's memory whether it's on your private cloud that you have enabled on Prem or whether it's in the public cloud that you have that application residing and then why candidly you have the actual hardware itself so inter-site it has an ability to control that entire stack so you can have that visibility all the way down to the hardware layer I'm glad you brought up some of the applications wonderful we can you know stay there for a moment and talk about some of the changing patterns for customers a lot of talk in the industry about cloud native often it gets conflated with you know microservices containerization and lots of the individual pieces there but you know one of our favorite things that been talked about this week is the software that really sits at the application layer and how that connects down through some of the infrastructure pieces so help us understand what you're hearing from customers and and where how you're helping them through this transition to constants as you were saying absolutely there's going to be lots of new applications more applications and they still have the the old stuff that they need to continue to manage because we know an IT nothing ever goes away that's that's definitely true I was I was thinking you know there's there's a vacuum at the moment and and there's things that Cisco is doing from from technology leadership perspective to fill that gap between the application what do you see when it comes to monitoring making sure your services are observable and how does that fit within the infrastructure stack you know everything upwards network the network layer base again that is changing dramatically some of the things that Matt touched upon with regards to you know being able to connect the the networking the security in the infrastructure the computer infrastructure that the developers basically are deploying on top so there's a lot of there's a lot of things on containerization there's a lot of in fact it's you know one part of the of the self-injure side of the stack that you mentioned and one of the big announcements you know that there's a lot of discussion in the industry around ok how does that abstract further the conversation on networking for example because that now what we're seeing is that you have huge monoliths enterprise applications that are being carved down into micro services ok they you know there's a big misunderstanding around what is cloud native is it related to containers different kind of things right but containers are naturally the infrastructure de facto currency for developers to deploy because of many many benefits but then what happens you know between the kubernetes layer which seems to be the standard and the application who's gonna be managing services talking to each other that are multiplying you know things like service mesh network service mess how is the network evolving to be able to create this immutable infrastructure for developers to deploy applications so there's so many things happening at the same time where cisco has actually a lot of taking a lot of the front seat this is where it gets really interesting you know it's sort of hard to squint through because you mentioned kubernetes is the de facto standard but it's a de-facto standard that's open everybody's playing with but historically this industry has been defined by you know a leader who comes out with a de facto standard kubernetes not a company right it's an open standard and so but there's so many other components than containers and so history would suggest that there's going to be another de facto standard or multiple standards that emerge and your point earlier is you you got to have the full stack you can't just do networking you can't just do certain few so you guys are attacking that whole pie so how do you think this thing will evolve I mean you guys are obviously intend to put out as Casta as wide a net as possible capture not only your existing install base but attractive attract others and you're going aggressively at it as are as are others how do you see it shaking out deep do you see you know four or five pockets do you see you know one leader emerging I mean customers would love all you guys to get together come up with standards that's not going to happen so we're it's jump ball right now well yeah and you think about you know to your point regarding kubernetes is not a company right it is it is a community driven I mean it was open source by a large company but it's but it's community driven now and that's the pace at which open source is sort of evolving there is so much coming at IT organizations from a new paradigm a new software something that's you know the new the shiny object that sort of everybody sort of has to jump on to and sort of say that is the way we're going to function so IT organizations have to struggle with this influx of just every coming at them and every angle and I think what's starting to happen is the management and the you know that stack who controls that or who is helping IT organizations to manage it for them so really what we're trying to say is there's elements that you have to put together that have to function and kubernetes is just one example docker the operating system that associated with it that runs all that stuff then you have the application that goes rides IDEs on top of it so now what we have to have is things like what we just announced this week HX ap the application platform for HX so you have the compute cluster but then you have the on top of that that's managed by an organization that's looking at the security that's looking at the the actual making opinions about what should go in the stock and managing that for you so you don't have to deal with that because you can just focus on the application development yeah I mean Cisco's in a strong position to do there's no question about it and to me it comes down to execution if you guys execute and deliver on the the products and services that you say you know your nouns for instance this week and previously and you continue on a roadmap you're gonna get a fair share of this marketplace I think there's no question so last topic before we let you go is love your viewpoint on customers what's separating kind of leaders from you know the followers in this space you know there's so much data out there you know I'm a big fan of the state of DevOps report yeah focus you know separate you know some but not the not here's the technology or the piece but the organizational and you know dynamics that you should do so it sounds like Matt you you like that that report also love them what are you hearing from customers how do you help guide them towards becoming leaders in the cloud space yeah the state of DevOps report was fascinating and I mean they've been doing that for what a number of years yeah exactly and really what it's sort of highlighting is two main factors that I think that are in this revolution or this this this paradigm shift or journey we're going through there's the technology side for sure and so that's getting more complex you have micro services you have application explosion you have a lot of things that are occurring just in technology that you're trying to keep up but then it's really about the human aspect that human elements the people about it and that's really I think what separates you know the the elites that are really sort of you know just charging forward in the head because they've been able to sort of break down the silos because really what you're talking about in cloud native DevOps is how you take the journey of that experience of the service from end to end from the development all the way to production and how do you actually sort of not have organizations that look at their domain their data set their operations and then have to translate that or have to sort of you know have another conversation with another organization that it doesn't look at that that has no experience of that so that is what we're talking about that end-to-end view is that in addition to all the things we've been talking about I think Security's a linchpin here now you guys are executing on security you got a big portfolio and you've seen a lot of M&A and a lot of companies now trying to get in and it's gonna be interesting to see how that plays out but that's going to be a key because organizations are going to start there from a strategy standpoint and then build out yeah absolutely if you follow the DevOps methodology its security gets baked in along the way so that you're not having to sit on after do anything Custis give you the final word I was just as follow-up with regard what what Mark was saying there's so many there's what's happening out there is this just democracy around standards which is driven by communities and we will love that in fact cisco is involved in many open-source community projects but you asked about customers and and just right before you were asking about you know who's gonna be the winner there's so many use cases there's so much depth in terms of you know what customers want to do with on top of kubernetes you know take AI ml for example something that we have we have some some offering the services around there's the customer that wants to do AML there their containers that their infrastructure will be so much different to someone else's doing something just hosting yeah and there's always gonna be a SAS provider that is niche servicing some oil and gas company you know which means that the company of that industry will go and follow that instead of just going to a public law provider that is more organized if there's a does that make sense yeah yeah this there's relationships that exist the archer is gonna get blown away that add value today and they're not gonna just throw them out so exactly right well thank you so much for helping us understand the updates where your customers are driving super exciting space look forward to keeping an eye on it thank you thank you so much all right there's still lots more coming here from Cisco live 20/20 in Barcelona people are standing watching all the developer events lots of going on the floor and we still have more so thank you for watching the cute [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] you [Music] live from Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners welcome back over 17,000 in attendance here for Cisco live 2020 in Barcelona ops to Minh and my co-host is Dave Volante and to help us to dig into of course one of the most important topic of the day of course that security we're thrilled to have back a distinguished engineer Francisco one of our cube alumni TK Kia Nene TK thanks so much for joining us ideal man good good all right so TK it's 2020 it's a new decade we know the bad actors are still out there they're there the the question always is you know it used to be you know how do you keep ahead of them then I've here Dave say many times well you know it's not you know when it's it's not if it's when you know you probably already have been okay you know compromised before so it gives latest so you know what you're seeing out there what you're talking to customers about in this important space yeah it's uh it's kind of an innovation spiral you know we we innovate we make it harder for them and then they innovate they make it harder for us right and round and round we go that's been going on for for many years I think I think the most significant changes that have happened recently have to deal with not essentially their objectives but how they go about their objectives and Defenders topologies have changed greatly instead of just your standard enterprise you now have you know hybrid multi cloud and all these new technologies so while while all that innovation happens you know they get a little clever and they find weaknesses and round and round we go so we talked a lot about the sort of changing profile of the the threat actors going from hacktivists took criminals now is a huge business and nation-states even what's that profile look like today and how has that changed over the last decade or so you know that's pretty much stayed the same bad guys are bad guys at some point in time you know just how how they go about their business their techniques they're having to like I said innovate around you know we make it harder for them they you know on Monday we're safe on Tuesday we're not you know and then on Wednesday it switches again so so it talked about kind of this multi-cloud environment when we talk to customers it's like well I want the developer to be able to build their application and not really have to think too much underneath it that that has to have some unique challenges we know security we knew long ago well I just go to the cloud it doesn't mean they take care of it some things are there some things they're gonna remind you now you need to make sure you set certain things otherwise you could be there but how do we make sure that Security's baked in everywhere and is up as a practice that everybody's doing well I mean again some of the practices hold true no matter what the environment I think the big thing was cognitive is in back in the day when when you looked at an old legacy data center you were part sort of administrator in your part detective and most people don't even know what's running on there that's not true in cloud native environments some some llamó file some some declaration it's it's just exactly what productions should look like right and then the machines instantiate production so you're doing things that machine scale forces the human scale people to be explicit and and for me I mean that's that's a breath of fresh air because once you're explicit then you take the mystery out of what you're protecting how about in terms of how you detect threats right phishing for credentials has become a huge deal but not just you know kicking down the door or smashing a window using your your own credentials to get inside of your network so how is that affected the way in which you detect yeah it's it's a big deal you know a lot of a lot of great technology has a dual use and what I mean by that is network cryptology you know that that whole crypto on the network has made us safer for us to compute over insecure networks and unfortunately it works just as well for the bad guys so you know all of their malicious activity is now private to so it you know for us we just have to invent new ways of detecting direct inspection for instance I think it's a thing of the past I mean we just can't depend on it anymore we have to have tools of inference and not only that but it's it's gave rise in a lot of innovation on behavioral science and as you say you know it's it's not that the attacker is breaking into your network anymore they're logging in ok what do you do then right Alice Alice's account it's not gonna set off the triggers so you have to say you know when did Alice start to behave differently you know she's working in accounting why is she playing around with the source code repository that's that's a different thing right yes automation is such a big trend you know how do we make sure that automation doesn't leave us more vulnerable that's rarity because we need to be able automate we've gone beyond human scale for most of these configurations that's exactly right and and how do how do we I always say just with security automation in particular just because you can automate something doesn't mean you should and you really have to go back and have practices you know you could argue that that this thing is just a you know machine scale automation you could do math on a legal pad or you can use a computer to do it right what so apply that to production if you mechanized something like order entry or whatever you're you're you're automating part of your business use threat modeling you use the standard threaten modeling like you would your code the network is code now right and the storage is code and everything is code so you know just automate your testing do your threat modeling do all that stuff please do not automate for your attacker matrix is here I want to go back to the Alice problem because you're talking about before you have to use inference so Alice's is in the network and you're observing her moves every day and then okay something anomalous occurs maybe she's doing something that normally she wouldn't do so you've got to have her profile in her actions sort of observed documented stored the data has got to be there and at the same time you want to make sure it's always that balance of putting handcuffs on people you know versus allowing them to do their job and be productive at the same time as well you don't want to let the bad guys know that you know that alice is doing something that she didn't be doing is actually not Alice so all that complexity how are you dealing with it and what's the data model look like doing it machines help let's say that machines can help us you know you and I we have only so many sense organs and the cognitive brain can only store so many so much state machines really help us extend that and so you know looking at not three dimensions of change but 7000 dimensions have changed right something in the machine is going to say there's an outlier here that's interesting and you can get another machine to say that's that's interesting maybe I should focus on that and you build these analytical pipelines so that at the end of it you know they may argue with each other all the way to the end but at the end you have a very high fidelity indicator that might be at the protocol level it might be at the behavioral level it might be seven days back or thirty days back all these temporal and spatial dimensions it's really cheap to do it with a machine yeah and if we could stay on that for a second so it try to understand I know that's a high-level example but is it best practice to have the Machine take action or is it is it an augmentation and I know it depends on the use case but but how is that sort of playing out again you have to do all of this safely okay a lot of things that machines do don't return back to human scale stuff that returns back to human scale that humans understand that is as useful so for instance if machines you know find out all these types of in assertions even in medical you know right now if if you've got so much telemetry going into the medical field see the machine tells you you have three weeks to live I mean you better explain what the heck you know how you came about that assertion it's the same with security you know if I'm gonna say look we're gonna quarantine your machine or we're gonna readjust machine it's not I'm not like picking movies for you or the next song you might listen to this is high stakes and so when you do things like that your analytics needs to have what is called entailment you have to explain what it is how you got to that assertion that's become incredibly important in how we measure our effectiveness in in doing analytics that's interesting because because you're using a lot of machine intelligence to do this and in a lot of AI is blackbox you're saying you cannot endure that blackbox problem in security yeah that black boxes is is very dangerous you know I you know personally I feel that you know things that should be open sourced this type of technology it's so advanced that the developer needs to understand that the tester needs to understand that certainly the customer needs to understand it you need to publish papers and be very very transparent with this domain because if it is in fact you know black box and it's given the authority to automate something like you know shut down the power or do things like that that's when things really start to get dangerous so good TK what wondered you know give us the latest on stealthWatch there you know Cisco's positioning when it when it comes to everything we've been talking about here you know stealthWatch again is it's been in market for quite some time it's actually been in market since 2001 and when I when I look back and see how much has changed you know how we've had to keep up with the market and again it's not just the algorithms rewrite for detection it's the environments have changed right but when did when did multi-cloud happen so so operating again cusp it's not that stealthWatch wants to go their customers are going there and they want the stealthWatch function across their digital business and so you know we've had to make advancements on the changing topology we've had to make advancements because of things like dark data you know the the network's opaque now right we have to have a lot of inference so we've just you know kept up and stayed ahead of it you know we've been spending a lot of time talking to developer communities and there's a lot of open-source tooling out there that that's helping enable developers specifically in security space you were talking about open-source earlier how does what you've been doing the self watch intersect with that yeah that's always interesting too because there's been sort of a shift in let's call them the cool kids right the cool kids they want everything is code right so it's not about what's on glass or you know a single pane of glass anymore it's it's what stealth watches code right what's your router as code look at dev net right yeah yeah I mean definite is basically Cisco as code and it's beautiful because that is infrastructure as code I mean that is the future and so all the products not just stealthWatch have beautiful api's and that's that's really exciting I've been saying for a while now it's do you I think you agree is that that is a big differentiator for Cisco I think you you're one of the few if not the only large established player and the enterprise that has figured out that sort of infrastructure is code play others have tried and are sort of getting there but you know start/stop you use a term that really cool is like living off the land you know bear bear grylls like the guy who lives down so bad so and and and threat actors are doing that now they're using your own installed software and tooling to hack you and and steal from you how were you dealing with that problem yeah it's a tough one and like I said you know much respect the the adversary is talented and they're patient they're well funded okay that's that's where it starts and so you know why why bring why bring an interpreter to a host when there's already one there right why right all this complicated software distribution when I can just use yours and so that's that's where the the play the game starts and and the most advanced threats aren't leaving footprints because the footprints are already there you know they'll get on a machine and behaviorally they'll check the cache to see what's hot and what's hot in the cache means that behaviorally it's a path they can go they're not cutting a new trail most of the time right so living off the land is not only the tools that they're using the automation your automation they're using against you but it's also behavioral and so that that makes it you know it makes it harder it's it impossible no can we make it harder for them yes so yeah no I'm having fun and I've been doing this for over twenty five years every week it's something new well it's a hard problem you're attacking and you know Robert Herjavec who came on the cube sort of opened my eyes and you think about what are we securing we're securing everything I mean a critical infrastructure were essentially exerted securing the entire global economy and he said something that really struck me it's an 86 trillion dollar economy we spend point zero one four percent on securing that economy and it's nothing now of course he's an entrepreneur and he's pimping for his is his business but it's true we are barely scratching the surface of this problem yeah I'm and it's changing I mean it's changing it could it be better yes it is changing his board awareness you know twenty years ago then right me to a dinner party they you know what does your husband do I'd say you know cyber security or something they'd roll their eyes and change the subject now they asked me the same question so oh you know my computer's running really slow right these are not this is everyone I'm worried about a life hack yeah how do I protect myself or what about these coming off the bank I mean that's those guys a dinner table cover every party so now now you know I just make something up I don't do cybersecurity I just you know a tort or a jipner's you've been to this business forever I can't remember have I ever asked you the superhero question what is that your favorite superhero that's a tough one there's all the security guys I know they like it's always dreamed about saving the world [Laughter] you're my superhero man I love what you do I think you've a great asset for Cisco and Cisco's customers really thanks TK give us a final word if people want to you know find out more about about what Cisco's doing read more of what you're working on but what's some of the best resource I have to go do you know just drop by the web pages I mean everything's published out that like I said even even for the super nerdy you know we published all our our laurs security analytics papers I think we're over 50 papers published in the last 12 years TK thank you so much always a pleasure to catch alright yeah and a travels thank you so much for de Villante I'm Stu Mittleman John furrier is also in the house we will be back with lots more coverage here from Cisco live 20/20 in Barcelona thanks for watching the keys [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] live from Barcelona Spain it's the cube covering Cisco live 2020s brought to you by Cisco and its ecosystem partners hello and welcome back to the cubes live coverage it's our fourth day of four days of coverage here in Barcelona Spain for Cisco live 2020 I'm John Faria my co-host to many men to great guests here in the dev net studio where the cube is sitting all week long been packed with action mindy Whaley senior director developer experiences but dev net and partner a senior director welcome back to this cube good to see you guys glad to be here so we've had a lot of history with you guys what from day one yes watching def net from an idea of hey we should develop earthing you also have definite create yes separate more developer focused definite is Cisco's developer environment we've been here from the beginning what a progression congratulations on the success thank you thank you so much it's great to be here in Barcelona with everybody here you know learning in the workshops and we just love these times to connect with our community at Cisco live and it definitely ate what you mentioned which is coming up in March so it's right around the corner def net zone which we're in it's been really robust spins it's been the top of the show every year and it gets bigger and the sessions are packed because people are learning developers new developers as well as Cisco engineers who were certified coming in getting new skills as the modern cloud hybrid environments are new skills is a technology shift yeah exactly and what we have in the definite zone are different ways that the engineers and developers can engage with that technology shift so we have demos around IOT and security and showing how you know to prevent threats from attacking the Industrial routers and things like that we have coding workshops from you know beginning intro to Python intro to get all the way up through advanced like kubernetes topics and things like that so people can really dive in with what they're looking for and this year we're really excited because we have the new definite certifications with those exams coming out right around the corner in February so a lot of people are here saying I'm ready to skill up for those exams I'm starting to dive into this topic well Susie we was on she's the chief of deaf net among other things and she said there's gonna be a definite 500 the first 500 certifications of deaf net are gonna be kind of like the Hall of Fame or you know the inaugural or founder certifications so can you explain what this it means it's not a definite certification badge it's a series of write different sir can you deeper in then yeah just like we have our you know existing network certifications which are so respected and loved around the world people get CCIE tattoos and things just like there's an associate and professional and expert level on the networking truck there's now a definite associate a definite professional and coming soon definite expert and then there's also specialist badges which help you add specific skills like data center automation IOT WebEx so it's a whole new set of certifications that are more focused on the software so there are about 80 80 % software skills 20 percent knowledge of networking and then how you really connect up and down the stock so these are new certifications not replacing anything all the same stuff they're new they're part of the same program they have the same rigor the same kind of tests they actually have ways to enter weave with the existing networking certifications because we want people to do both skill paths right to build this new IT team of the future and so it's a completely new set of exams the exams are gonna be available to take February 24th and you can start signing up now so with the definite 500 you know that's gonna be a special recognition for the first 500 people who get dead note certifications it'll be a lifetime achievement they'll always be in the definite 500 right and I've had people coming up and telling me you know I'm signed up for the first day I'm taking my exams on the first day I'm trying to get into them you and I only always want to be on the lift so I think we might be on them and what's really great is with the certifications we've heard from people in the zone that they've been coming and taking classes and learning these skills but they didn't have a specific way to map that to their career path to get rewarded at work you know to have that sort of progression and so with the certifications they really will have that and it's also really important for our partners and par is doing a lot of work with certifications and partners yeah definitely that would love to hear a little bit we've interviewed on the cube over the years some of the definite partners from a technology standpoint of course the the channels ecosystem hugely important to Cisco's business gives the update as to you know definite partnering as well as what will these certifications mean to both the technology and go to market partners yeah the wonderful thing about this is it really demonstrates Cisco's embracement of software and making sure that we're providing that common language for software developers and networkers to bring the two together and what we've found is that our partners are at different levels of maturity along that progression of program ability and this new definite specialization which is anchored in the individuals that are now certified at that partner allow them to demonstrate from a go-to-market standpoint from a recognition standpoint that as a practice they have these skills and look at the end of the day it's all about delivering what our customers need and our customers are asking us for significant help in automation digital transformation they're trying to drive new business outcomes and this this will provide that recognition on on who to partner with in the market it's so important I remember when Cisco helped a lot of the partner ecosystem build data center practices went from the silos and now embracing you've got the hardware the software we're talking multi cloud it's the practice that is needed today going forward to help customers with where they're going it really is and and another benefit that we're finding and talking to our partners is we're packaging this up and rolling it out is not only will it help them from a recognition standpoint from a practice standpoint and from a competitive differentiation standpoint but it'll also help them attract challenge I mean it's no secret there is a talent shortage right now if you talk to any CEO that's top of mind and how these partners are able to attract these new skills and attract smart people smart people like working on smart things right and so this has really been a big traction point for them as well it's also giving ways to really specifically train for new job roles so some of the ways that you can combine the new definite certifications with the network engineering certifications we've looked at it and said you know there's there's a role of Network automation developer that's a new role everyone we ask in one of our sessions who needs that person on their team so many customers partners raise their hands like we want the network Automation developer on our team and you can combine you know your CCNP Enterprise with a definite certification and build up the skills to be that Network automation developer certainly has been great buzz I got to get your guys thoughts because certainly it's for careers and you guys are betting on the the people and the people are betting on Cisco mm-hmm yes this is what's going on submit surety of Devin it almost it's like a pinch me moment for you guys because you continue to grow I got to ask you what are some of the cool things that you're showing here as you mature you still have the start here session which is intro to Python and other things pretty elementary and then there's more advanced things what are some of the new things that's going on yeah that you could share so some of the new things we've got going on and one of my favorites is the IOT insecurity demonstration there's a an industrial robot arm that's picking and placing things and you can see how it's connected to the network and then something goes wrong with that robot alarm and then you can actually show how you can use the software and security tools to see was there code trying to access you know something that that robot was it was using it's getting in the way of it working so you could detect threats and move forward on that we also have a whole automation journey that starts from modeling your network to testing to how you would deploy automation to a deep dive on telemetry and then ends with multi domain automation so really helping engineers like look at that whole progression that's been that's been really popular Park talked about the specialization which ones are more popular or entry-level which ones are people coming into getting certified first network engineering automation first or what's the yeah so we're so the program is going to roll out with three different levels one is a specialized level the second is an advanced level and then we'll look to that third level again they're anchored in the in the individual certs and so as we look for that entry level it's really all about automation right I mean some things you take for granted but you still need these new skills to be able to automate and scale and have repeatable scalable benefits from that this the second tier will be more cross-domain and that's where we're really thinking that an additional skill set is needed to deliver dashboard experience compliance experiences and then that next level again we'll anchor towards the expert level that's coming out but one thing I want to point out is in addition to just having the certified people on staff they also have to demonstrate that they have a practice around it so it's not just enough to say I've passed an exam as we work with them to roll out the practice and they earn the badge they're demonstrating that they have the full methodology in place so that it really there's a lot behind it that means we can't be in the 500 list then even if a 500 list I don't know that the cube would end up being specialized its advertising no seriously all fun it's all fun it's Cisco live in Europe is there a difference between European and USD seeing any differences in geographic talent you know in the first couple years we did it I think there was a bigger difference it felt like there were different topics that were very popular in the US slightly different in Europe last year and this year I feel like they have converged it's it's the same focus on DevOps automation security as a huge focus in both places and it also feels like the the interest and level of the people attending has also converged it's really similar congratulations been fun to watch the rise and success of Devon it continues to be strong how see in the hub here and the definite zone behind us pact sessions yes what's the biggest surprise for you guys in terms of things that you didn't expect or some of the success what's what's jumped out yeah I think you know one of the points that I want to make sure we also cover and it has been an added benefit we're hoping it would happen we just didn't realize it would happen this soon we're attracting new companies new partners so the specialization won't just be available for our traditional bars this is also available for our non resale and we are finding different companies accessing definite resources and learning these skills so that's been a really great benefit of Deb net overall definitely my favorite surprises are when I show up at the community events and I hear from someone I met last year what the what they went back and did and the change that they drove and they come in their company and I think we're seeing those across the board of people who start a grassroots movement take back some new ideas really create change and then they come back and we get to hear about that from them those are my favorite surprises and I tell you we've known for years how important the developer is but I think the timing on this has been perfect because it is no longer just oh the developer has some tools that they like in the corner the developer connected to the business and driving things forward exactly so perfect timing congratulations on this certification their thing that's been great is that our at Cisco itself we now have API is across the whole portfolio and up and down the stock so that's been a wonderful thing to see come together because it opens up possibilities for all these developers so Cisco's API first company we are building it guys everywhere we can and and that the community is is taking them and finding creative things to build it's been fun to watch you guys change Cisco but also impact customers has been great to watch far many thanks for coming up yeah games live coverage here in Barcelona for Cisco live 20/20 I'm John Ford Dave Dave Alon face to many men we right back with more after this short break [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] you live from Barcelona Spain it's the cube covering Cisco live 2020 brought to you by Cisco and its ecosystem partners hello and welcome back to the cubes live coverage here at Cisco live 20/20 and partial into Spain I'm John first evening men cube coverage we've got a lot of stuff going on with Cisco multi-cloud and cloud technologies of clarification of Cisco's happening in real time is happening right now cloud is here here to stay we got two great guests to unpack what's going on in cloud native and networking and applications as the modern infrastructure and software evolves we got eugene kim global product marketing and compute storage at cisco global part of marketing manager and fabio corey senior director cloud solutions marketing guys great comeback great thanks for coming back appreciate it thanks very much great to see a lot of guys so probably we've had multiple conversations and usually even out from the sales force given kind of the that the discussion and the motivation cloud is big it's here it's here to stay it's changing Cisco API first we hear and all the products it's changing everything what's the story now what's going on I would say you know the reason why we're so excited about the launch here in Barcelona it's because this time it's all about the application experience I mean the last two years we've been announcing some really exciting stuff in the cloud space right think about all the announcements with the AWS the Google's the Azure so the world but this time it really boils down to making sure that is incredibly hyper distributed world well there is an application explosion ultimately we will help for the right operations tools and infrastructure management tools to ensure that the right application experience will be guaranteed for the end customer and that's incredibly important because at the end what really really matters is that you will ensure the best possible digital experience to your customer otherwise ultimately nothing is gonna work and of course you're going to lose your brand and your customers one of the main stories that we're covering is the transformation of the industry also Cisco and one of the highlights to me was the opening keynote you had app dynamics first not networking normally it's like what's under the hood the routers and the gear no it was about the applications this is the story we're seeing it's kind of a quiet unveiling it's not yet a launch but it's evolving very quickly can you share what's going on behind this all this absolutely it's exactly along the lines of what I was saying a second ago in the end that the reason why we're driving the announcement if you want from the application experience side of the house is because without dynamics we already have a very very powerful application performance measurement tool which it's evolving extremely rapidly first of all after Amex can correlate not just the application performance to some technology kpi's but to true actual business KPIs so AB dynamics can give you for instance the real-time visibility of say a marketing funnel conversion rates transactions that you're having in your in your business operation now we're introducing an incredibly powerful new capability that takes the bar to a whole new level and that's the dynamics experience journey Maps what are those it's actually the ability of focusing not so much on front-ends and backends and databases performances but really focusing on what the user is seeing in front of his or her screen and so what really matters is capturing the journey that a given user of your application is is being and understanding whether the experience is the one that you want to deliver oh you have like a sudden drop of somewhere and you know why that is important because in the end we've been talking about is it a problem of the application performance user performance well it could be a badly designed page how do you know and so this is a very precious information is that were giving to application developers not just to the IT ops guys that is incredibly precious to get this in so you just brought up that journey so that's part of the news so just break down real quick one minute yeah what the news is yeah so we have three components the first one as you as you correctly pointed out is really introduction the application journey Maps right the experience journey Maps that's very very important the second is we are actually integrating after am it's with the inter-site action inter-site optimization manager the workload team is a workload promisor and so because there is a change of data between the two now you are in a position to immediately understand whether you have an application problem we have a workload problem or infrastructure problem which is ultimate what you really need to do as quickly as you can and thirdly we have introduced a new version of our hyper flex platform which is hyper-converged flat G flat for Cisco with a fully containerized version we tax free if you want as well there is a great platform for containerized application of parameter so you teen when I've been talking to customers last few years when they go through their transformational journey there's the modernization they need to do the patterns I've seen most successful is first you modernize the platform often HCI is you know and often for that it really simplifies the environment you know reduces the silos and has more of that operational model that looks closer to what the cloud experience is and then if I've got a good platform then I can modernize the applications on top of it but often those two have been a little bit disconnected it feels like the announcements now that they are coming together what are you seeing what are you hearing how is your solution set solving this issue yeah exactly I mean as we've been talking to our customers love them are going through different application modernisations and kubernetes and containers is extremely important to them and to build a container cloud on Prem is extremely one of their needs and so there's three distinctive requirements that they've kind of talked to us about a lot of it has to be able to it's got to be very simple very turnkey and a fully integrated ready to turn on the other one is something that's very agile right very DevOps friendly and the third being a very economic container cloud on Prem as far we mentioned high flex application platform takes our hyper-converged system and builds on top of it a integrated kubernetes platform to deliver a container as a service type capability and it provides a full stack fully supported element platform for our customers and the one of the best great aspects of is that's all managed from inside from the physical infrastructure to the hyper-converged layer to all the way to the container management so it's very exciting to have that full stack management and insight as well yeah it's great to you know John and I have been following this kubernetes wave you know since the early early days Fabio mentioned integrations with the Amazons and Google's the world because you know a few years ago you talked to customers and they're like oh well I'm just gonna build my own urbanity right back nobody ever said that is easy now just delivering at his service seems to be the way most people wanted so if I'm doing it on Amazon or Google they've got their manage service that I could do that or that they're through partners they're working with so explain what you're doing to make it simpler in the data center environment because I'm tram absolutely is a piece of that hybrid equation the customers need yes so essentially from the customer experience perspective as I mentioned it's very fairly turnkey right from the hyper flicks application platform we're taking our hyper grew software we're integrating a application virtualization layer on top of it Linux KVM based and then on top of that we're integrating the kubernetes stack on top as well and so in essence right it's a fully curated kubernetes stack right it has all the different elements from the networking from the storage elements and and providing that in a very turnkey way and as I mentioned the inner site management is really providing that simplicity that customers need for that management ok Fabio this the previous announcement you've made with the public clouds yeah this just ties into those hybrid environments that's exactly you know a few years ago people like oh is there gonna be a distribution that wins in kubernetes we don't think that's the answer but still I can't just move between kubernetes you know seamlessly yet but this is moving towards that direction so a lot of customers want to have a very simple implementation at the same time they want of course a multi cloud approach and I really care about you know marking the difference between you know multi-cloud hybrid cloud there's been a lot of confusion but if you think about it multi cloud is really rooted into the business need of harnessing innovation from whatever it comes from you know the different clouds PV different things and you know what they do today tomorrow it could even change so people want option maladie so they want a very simple implementation that's integrated with public cloud providers that simplifies their life in terms of networking security and application of workload management and we've been executing towards that goal to fundamentally simplify the operations of these pretty complex kind of hybrid environments I want you to nail that operations on ibrid that's where multi cloud comes in absolutely just a connection point absolutely you're not a shitty mice no isn't a shit so in order to fulfill your business like your I know business needs you then you have a hybrid problem and you want to really kind of have a consistent production rate environment between fins on Prem that you own and control versus things that you use and you want to control better now of course there are different school of thoughts but most of the customers who are speaking with really want to expand their governance and technology model right to the cloud as opposed to absorb in different ways of doing things from each and every clock I want to unpack a little bit of what you said earlier about the knowing where the problem is because a lot of times it's a point the finger at the other first and where's it's the application problem isn't a problem so I want to get into that but first I want to understand the hyper flex application platform Eugene if you could just share the main problem that you guys saw what did some of the pain points that customers had what problems does the AP solve yeah as I mentioned it's really the platform for our customers to modernize their applications on right and it addresses those things that they're looking for as far as the economics right really the ability to provide a full stack container experience without having to you know but you know bringing any third party hypervisor licenses as well as support cost so that's fully integrated there you have your integrated hyper-converged storage capability you have the cloud-based management and that's really developing you providing that developer DevOps simplicity from the data Julie that they're looking for internally as well as for their product production environments and then the other aspect is its simplicity to be able to manage all this right in the entire lifecycle management as well so it's the operational side of the whole yeah uncovers Papio on the application side where the problem is because this is where I'm a little bit skeptical you know normally rightfully so but I can see in a problem where it's like whose fault is it gasification is problem or the network I mean it runs into more serious workloads the banking app that's having trouble how do you know where it what the problem is and how do you solve that problem what what's going on for that specific issue absolutely and you know the name of the game here is breaking down this operational side right and I love what our app dynamics VP GM Danny winoker said you know it has this terminology beast DevOps which you know may sound like an interesting acrobatics but it's absolutely true the business has to be part of this operational kind of innovation because as you said you know developer edges you know drops their containers and their code to the IET ops team but you don't really know whether the problem a certain point is gonna be in the code or in how the application is actually deployed or maybe a server that doesn't have enough CPU so in the end it boils down to one very important thing you have to have visibility inside and take action and every layer of the stack I mean instrumentation absolutely there are players that only do it in their software overlay domain the problem is very often these kind of players assume that underneath links are fine and very often they're not so in the end this visibility inside inaction is the loop that everybody is going after these days to really get to the next if you want generational operation where you gotta have a constant feedback loop and making it more faster and faster because in the end you can only win in the marketplace right regardless of your IT ops if you're faster than your competitor well still still was questioning the GM of AppDynamics running observability and he's like no it's not to feature it's everywhere so he his comment was yeah but serve abilities don't really talk about it because it's big din do you agree with that absolutely it has to be at every layer of the stack and only if you have visibility inside an action through the entire stack from the software all the way to the infrastructure level that you can solve the problem otherwise the finger-pointing quote-unquote will continue and you will not be able to gain the speed that you need okay so the question on my mind I want to get both of you guys can weigh in on this is that you look at Cisco as a company you got a lot going on I mean a guy's huge customer base core routers - no applications there's a lot going on a lot of a lot of complexity you got IOT security Ramirez talked about that you got the WebEx rooms got totally popular it's kind of got a lot of glam to it having the WebEx kind of you know I guess what virtual presence was yeah telepresence kind of model and then you get cloud is there a mind share within the company around how cloud is baked into everything because you can't do IOT edge without having some sort of cloud operational things so there's stuff you're talking about is not just a division it's kind of gonna it's kind of threads everywhere across Cisco what's the what's the mind share right now within the Cisco teams and also customers around clarification well I would say it's it's a couple of dimension the first one is the cloud is one of the critical domains of this multi domain architecture that of course is the cornerstone of Cisco's technology strategy right if you think about it it's all about connecting users to applications wherever they are and not just the user the applications themselves like if you look at the latest stats from IDC 58% of workloads is heading to the public cloud and to the edge it's like the data center is literally exploding in many different directions so you have this highly distributed kind of fabric guess what sits in between all these applications and microservices is a secure network and that's exactly what we're executing upon now that's the first kind of consideration the second is if you look at the other silver line most of the Cisco technology innovation is also going a direction of absorbing cloud as a simplified way of managing all the components or the infrastructure you look at the IP flex ap is actually managed by inter site which is a SAS kind of component this journey started a long time ago with Cisco Meraki and then of course we have SAS properties like WebEx everything else is kind of absolutely migrants reporter we've been reporting eugen that from years ago we saw the movement where api's are starting to come in when you go back five years ago not a lot of the gear and stuff at Cisco had api's now you got api's building into all the new products that's right you see the software shift with you know you know intent-based networking to AppDynamics it's interesting it's you're seeing kind of this agile mindset this is some of you and I talk about all the time but agile now is the new model is it ready for customers I mean the normal Enterprise is still got the infrastructure and application it's separated okay how do I bring it together what are you guys seeing the customer base what's going on with with not that not the early adopters heavy-duty hardcore pioneers out there but you know the the general mainstream enterprise are they there yet have they had that moment of awakening yeah I mean I think they they are there because fundamentally it's all about that ensuring that application experience and you can only ensure that application experience right by having your application teams and your structure teams work together and that's what's exciting you mentioned the API is and what we've done there with AppDynamics integrating with inter-site workload optimizer as Fabio mentioned it's all about visibility inside action and what app dynamics is provides providing that business and end-user application performance experience visibility inner sites giving you know visibility on the underlining workload and the resources whether it's on Prem in your you know drive data center environment or in different type of cloud providers so you get that full stack visibility right from the application all the way down to the bottom and then inner side local optimizer is then also optimizing the resources to proactively ensure that application experience so before you know if we talk about someone at a checkout and they're about to have abandonment because the functions not working we're able to proactively prevent that and take a look at all that so you know in the end I think it's all about ensuring that application experience and what we're providing with app dynamics is for the application team is kind of that horizontal visibility of how that application is performing and at the same time if there's an issue the infrastructure team could see exactly within the workload topology where the issue is and insert' aeneas lee whether it be manual intervention or even automatically there's or a ops capability go ahead and provide that action so the action could be you know scaling out the VMS it's on-prem or looking at a new different type of ec2 template in the cloud that's what's very exciting about this it's really the application experience is now driving and optimizing infrastructure in real time and let me flip your question like do you even have a choice John when you think about in the next two years 50% more applications if you're a large enterprise you have 5 to 7,000 apps you have another to 3,000 applications just coming into into the the frame and then 50% of the existing ones that are gonna be refactor lifted and shifted or replace or retired by SAS application it's just like it's tsunami that's that's coming on you and oh by the way because of again the micro service is kind of affect the number of dependencies between all these applications is growing incredibly rapidly like last year we were eight average interdependencies for applications now we are 20 so imaging imaging what happens as as you are literally flooded with the way the scanner really you have to ensure that your application infrastructure fundamentally will get tied up as quickly as you can still and I have been toilet for at least five years now if not longer the networking has been the key kind of last changeover - clarification and I would agree with you guys I think I've asked the question because I wanted to get your perspective but think about it it's 13 years since the iPhone so mobile has shown people that a mobile app can change business but now if you look at the pressure the network's bringing the pressure on the network or the pressure for the network to be better than programmable is the rise of video and data I mean so you got mobile check now you've got video I mean more people doing video now than ever before videos of consumer oil as streaming you got data these two things absolutely forced yeah the customers to deal with it but what really tipped the the balance John is is actually the SAS effect is the cloud effect because as you know it's in IT sort of inflection points nothing is linear right so once you reach a certain critical mass of cloud apps and we're absolutely there already all of a sudden you're traffic pattern on your network changes dramatically so why in the world are you continuing kind of you know concentrating all of your traffic in your data center and then going to the internet you have to absolutely open the floodgates at the branch level as close to the users as possible and that implies a radical change I would even add to that and I think you guys are right on where you guys are going it may be hard to kind of tease out with all the complexity with Cisco but in the keynote the business model shifts come from SAS so you got all this technical stuff going on now you have this Asif ocation or cloud that's changes the business models so new entrants can come in and existing players can get better so I think that whole business model conversation yeah never was discussed at Cisco live before yeah in depth as well hey run your business connect your hubs campus move packets around that was applications in business model yeah but also the fact that there is increasing number of software capabilities and so fundamental you want to simplify the life of your customers through subscription models that help the customer by now using what they really need right at any given point in time all the way to having enterprise agreements I also think that's about delivering these application experiences for your business small different type experience that's really what's differentiating you from your different competitors right and so I think that's a different type of shift as well well you guys are good got some good angle on this cloud I love it I got to ask you the question what can we expect next from Cisco more progression along clarification what's next well I would say we've been incredibly consistent I believe in the last few years in executing on our cloud strategy which again is centered around helping customers really gluon this mix set of data centers and clouds to make it work as one write as much as possible and so what we really deliver is networking security and application of performance management and we're integrating there's more and more on the two sides of the equation right the the designer side and the powerful outside and more more integrating in between all of these layers again to fundamentally give you this operational capability to get faster and faster we'll continue doing so and you set up before we came on camera that you were talking to the sales teams what are they what's their vibe with the sales team they get excited by this what's that oh yeah feedback oh yeah absolutely from the inner side were claw optimizer and they have dynamics that's very exciting for them especially the conversations they're having with their customers really from that application experience and proactively insuring it and on the hyper flex application platform side this is extremely exciting with providing a container cloud to our customers and you know what's coming down is more and more capabilities for our customers to modernize their applications on hyper flex you guys are riding some pretty big waves here at Cisco I get a cloud way to get the IOT Security wave it's pretty exciting pretty big stuff thanks for coming in thanks for sharing the insights Fabio I appreciate it thank you for having us your coverage here in Barcelona I'm John Force dude Minutemen be back with more coverage fourth day of four days of cube coverage we right back after this short break [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] why Trump Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners welcome back to Barcelona everybody we're here at Cisco live and you're watching the cube the leader in live tech coverage we got to the events and extract the signal from the noise this is day one really we started a zero yesterday Eric Hertzog is here he's the CMO and vice president of storage channels probably been on the cube more than [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Music] [Music] [Music] live from Barcelona Spain it's the cube covering Cisco live 2020 rot to you by Cisco and its ecosystem partners welcome back everyone's two cubes live coverage day four of four days of wall-to-wall action here in Barcelona Spain Francisco live 2020 I'm John Ferrier with mykos Dave Volante with a very special guest here to wrap up Cisco live the president of Europe Middle East Africa and Russia Francisco Wendy Mars cube alumni great to see you thanks for coming on to kind of put a bookend to the show here thanks for joining us right there it's absolutely great to be here thank you so what a transformation as Cisco's business model of continues to evolve we've been saying brick by brick we still think is a big move coming I think there's more action I can sense the walls talking to us like let's just go live in the US and more technical announcements in the next 24 months you can see you can see where it's going it's cloud its apps yeah its policy based program ability it's really a whole nother business model shift for you and your customers the technology shift and the business model shift so I want to get your perspective of this year opening key no you let it off talking about the philosophy of the business model but also the first presenter was not a networking guy it was an application person yeah app dynamics yep this is a shift what's going on with Cisco what's happening what's the story well you know if you look for all of the work that we're doing is but is really driven by what we see from requirements from our customers the change that's happening in the market and it is all around you know if you think digital transformation is the driver organizations now are incredibly interested in how do they capture that opportunity how do they use technology to help them but you know if you look at it really there's the three items that are so important it's the business model evolution it's actually the business operations for for organisations plus their people there are people in the communities within that those three things working together and if you look at it with you know it's so exciting with application dynamics there because if you look for us within Cisco that linkage of the application layer through into the infrastructure into the network and bringing that linkage together is the most powerful thing because that's the insight and the value our customers are looking for you know we've been talking about the in the innovation sandwich you know you got you know date in the middle and you got technology and applications underneath that's kind of what's going on here but you I'm glad you brought up the year the part about business model business operations and people in communities because during your keno you had a slide that laid out three kind of pillars yes people in communities business model and business operations there was no 800 series in there there was no product discussions this is fundamentally the big shift that business models are changing I tweeted provocatively the killer app and digital the business model because you think about it the applications are the business and what's running under the covers is the technology but it's all shifting and changing so every single vertical every single business is impacted by this it's not like a certain secular thing in the industry this is a real change can you describe how those three things are operating with that constitute think if you look from you know so thinking through those three areas if you look at the actual business model itself our business models as organizations are fundamentally changing and they're changing towards as consumers we are all much more specific about what we want we have incredible choice in the market we are more informed than ever before but also we are interested in the values of the organizations that were getting the capability from as well as the products and the services that naturally we're looking to gain so if you look in that business model itself this is about you know organizations making sure they stay ahead from a competitive standpoint about the innovation of portfolio that they're able to bring but also that they have a strong strong focus around the experience that their customer gains from an application a touch standpoint that all comes through those different channels which is at the end of the day the application then if you look as to how do you deliver that capability through the systems the tools and the processes as we all evolve our businesses you have to change the dynamic within your organization to cope with that and then of course in driving any transformation the critical success factor is your people and your culture you need your teams with you the way teams operate now is incredibly different it's no longer command and control its agile capability coming together you need that to deliver on any transformation never never mind let it be smooth you know in the execution there so it's all three together what I like about that model and I have to say we this is you know ten years to do in the cube you you see that marketing in the vendor community often leads what actually happens not surprising as we entered the last decade it was a lot of talk about cloud well it kind of was a good predictor we heard a lot about digital transformations a lot of people roll their eyes and think it's a buzzword but we really are I feel like an exiting this cloud era into the digital era it feels real and there are companies that you know get it and are leaning in there are others that maybe you're complacent I'm wondering what you're seeing in in Europe just in terms of everybody talks digital yeah be CEO wants to get it right but there is complacency there when it's a services say well I'm doing pretty well not on my watch others say hey we want to be the disruptors and not get disrupted what are you seeing in the region in terms of that sentiment I would say across the region you know there will always be verticals and industries that are slightly more advanced than others but I would say that then the bulk of conversations that I'm engaged in independence of the industry or the country in which we're having that conversation in there is a acceptance of transfer digital transformation is here it is affecting my business i if I don't disrupt I myself will be disrupted and be challenged help me so I you know I'm not disputing the end state I need guidance and support to drive the transition and a risk mythic mitigated manner and they're looking for help in that and there's actually pressure in the boardroom now around a what are we doing within within organizations within that enterprise the service right of the public said to any type of style of company there's that pressure point in the boardroom of come on we need to move it speed now the other thing about your model is technology plays a role in contribute it's not the be-all end-all but plays a role in each of those the business model of business operations and developing and nurturing communities can you add more specifics what role do you see technology in terms of advancing those three spheres so I think you know if you look at it technology is fundamental to all of those spheres in regard to the innovation the differentiation technology can bring then the key challenges one of being able to reply us in a manner where you can really see differentiation of value within the business so in then the customers organization otherwise it's just technology for the sake of technology so we see very much a movement now to this conversation of talk about the use case the use cases the way by which that innovation can be used to deliver the value to the organization and also different ways by which a company will work look at the collaboration capability that we announced earlier this week of helping to bring to life that agility look at the app D discussion of helping to link the layer of the application into the infrastructure the network's to get to root cause identification quickly and to understand where you may have a problem before you thought it actually arises and causes downtime many many ways I think the agility message has always been a technical conversation a gel methodology technology software development no problem check that's ten years ago but business agility mmm it's moving from a buzzword to reality exactly that's what you're kind of getting in here and teams how teams operate how they work you know and being able to be quick efficient stand up stand down and operate in that way you know we were kind of thinking out loud on the cube and just riffing with Fabio gory on your team on Cisco's team about clarification with Eugene Kim around just just kind of real-time what was interesting is we're like okay it's been 13 years since the iPhone and so 13 years of mobile in your territory in Europe Middle East Africa mobilities been around before the iPhone so with in more advanced data privacy much more advanced in your region so you got you out you have a region that's pretty much I think the tell signs for what's going on in North America and around the world and so you think about that you say okay how is value created how the economics changing this is really the conversation about the business model is okay if the value activities are shifting and be more agile and the economics are changing with sass if someone's not on this bandwagon it's not an in-state discussion where it's done deal yeah it's but I think also there were some other conversation which which are very prevalent here is in in the region so around trust around privacy law understanding compliance you look at data where data resides portability of that data GDP are came from Europe you know and as ban is pushed out and those conversations will continue as we go over time and if I also look at you know the dialogue that you saw so you know within World Economic Forum around sustainability that is becoming a key discussion now within government here in Spain you know from a climate standpoint and many other areas as well Dave and I've been riffing around this whole where the innovation is coming from it's coming from Europe region not so much the u.s. I mean us discuss some crazy innovations but look at blockchain us is like don't touch it pretty progressive outside United States little bit dangerous to but that's where innovation is coming from and this is really the key that we're focused on I want to get your thoughts on how do you see it going next level the next level next-gen business model what's your what's your vision so I think there'll be lots of things if we look at things like with the introduction of artificial intelligence robotics capability 5g of course you know on the horizon we have Mobile World Congress here in Barcelona in a few weeks time and if you talked about with the iPhone the smartphone of course when 4G was introduced no one knew what the use case would that would be it was the smartphone which wasn't around at that time so with 5g in the capability there that will bring again yet more change to the business model for different organizations and the capability and what we can bring to market when we think about AI privacy data ownership becomes more important some of the things you were talking about before it's interesting what you're saying John and when the the GDP are set the standard and and you see in the u.s. there are stovepipes for that standard California is going to do one every state is going to have a different center that's going to slow things down that's going to slow down progress do you see sort of an extension of a GDP are like framework of being adopted across the region and that potentially you know accelerating some of these you know sticky issues and public policy issues that can actually move the market forward I think I think the will because I think there'll be more and more you know if you look at there's this terminology of data is the new oil what do you do with data how do you actually get value from that data and make intelligent business decisions around that so you know that's critical but yet if you look for all of ours we are extremely passionate about you know where is our data used again back to trust and privacy you need compliance you need regulation you know I think this is just the beginning of how we will see that evolve you know when do I get your thoughts does Dave and I have been riffing for 10 years around the death of storage long live storage and but data needs to be stored somewhere networking is the same kind of conversation just doesn't go away in fact there's more pressure now forget the smartphone that was 13 years ago before that mobility data and video now super important driver that's putting more pressure on you guys and so hey we're networking so it's kind of like Moore's law it's like more networking more networking so video and data are now big your thoughts on video and data video but if you look at the Internet of the future you know what so if you look for all of us now we are also demanding as individuals around capability and access to that and inter vetted the future the next phase we want even more so there'll be more and more - you know requirement for speed availability that reliability of service the way by which we engage and we communicate there's some fundamentals there so continuing to to grow which is which is so so exciting for us so you talk about digital transformation that's obviously in the mind of c-level executives I got to believe security is up there as a topic what other what's the conversation like in the corner office when you go visit your customers so I think that there's a huge excitement around the opportunity realizing the value of the of the opportunity you know if you look at top of mind conversations are around security around making sure that you can make tank maintain that fantastic customer experience because if you don't the custom will go elsewhere how do you do that how do you enrich at all times and also looking at markets adjacencies you know as you go in and you talk at senior levels within within organizations independent of the industry in which they're in there are a huge amount of commonalities that we see across those of consistent problems by which organizations are trying to solve and actually one of the big questions is what's the pace of change that I should operate at and when is it too fast and when is what am I too slow and trying to balance that is exciting but also a challenge for companies so you feel like sentiment is still strong even though we're 10 years into this this bull market you know you got Briggs it you get you know China tensions with the US u.s. elections but but generally you see Tennessee sentiment still pretty strong and demand so I would say that the the excitement around technology the opportunity that is there around technology in its broadest sense is greater than ever before and I think it's on all of us to be able to help organizations to understand how they can consume I see value from us but it's you know it's fantastic science it tastes trying to get some economic indicators but really the real thing I'm trying to get you is Minh set of the CEO the corner office right now is it is it we're gonna we're gonna grow short-term by cutting or do we do are we gonna be aggressive and go after this incremental opportunity and it's probably both you're seeing a lot of automation yeah and I think if you look fundamentally for organizations it's it's that the three things helped me to make money how me to save money keep me out of trouble you know so those are the pivots they all operate with and you know depending on where an organization is in its journey whether a start-up there you know in in the in the mid or the more mature and some of the different dynamics and the markets in which they operate in as well there's all different variables you know so it's it's it's mix Wendy thanks so much for spending the time to come on the cube really appreciate great keynote folks watching if you haven't seen the keynote opening sections that's a good section the business model I think it's really right on I think that's going to be a conversation it's going to continue thanks for sharing that before we look before we leave I want to just ask you a question around what you what's going on for you here at Barcelona as the show winds down you had all your activities take us in the day of the life of what you do customer meetings what were some of those conversations take us inside inside what what goes on for you here well I'd say it's been an amazing it's been an amazing few days so it's a combination of customer conversations around some of the themes we just talked about conversations with partners and there's investor companies that we invest in a Cisco that I've been spending some time with and also you know spending time with the teams as well the DEF net zone you know is amazing we have this afternoon the closing session where we've got a fantastic external guest who's coming in it's going to be really exciting as well and then of course the party tonight and we'll be announcing the next location which I'm not gonna reveal now later on today we kind of figured it out already because that's our job and there's the break news but we're not gonna break it for you you can have that hey thank you so much for coming on really appreciate Wendy Martin expecting the Europe Middle East Africa and Russia for Cisco she's got our hand on the pulse and the future is the business model that's what's going on fundamental radical change across the board in all areas this the cue bringing you all the action here in Barcelona thanks for watching [Music] [Music] [Music] [Applause] [Music] [Music] [Music] [Music] [Applause] [Music] [Applause] [Music] [Music]

>> from Bahrain. It's the Q covering AWS Public sector Bahrain brought to you by Amazon Web service is >> Welcome back to the cubes coverage here in by rain in the Middle East for AWS Summit wrapping up event here with the cloud computing shift that's happening. Amazon regions live lot of innovation in the area Middle East and Africa. We're here with the head executive of A W s who manages the territory. Suban Shag, part head of Middle East Africa for public sector. Thanks for coming on. Appreciate it. >> Absolutely. John, Thank you. Thank you for having me here. And thanks for being here with your team, learning about this story from the Middle East and, of course, all the way to North Africa and Africa as well to >> Well, it's been a lot of work that you're on your team have done it been successful, were super interested because there's a big story developing here. The Amazon region, which was announced two years ago, is available on Day one. Pun intended a lot of couples shipping their products on the cloud, but it's also a cultural revolution happening for a whole another generation that could change the landscape of the Middle East. Culture, technology, innovation, banking, entrepreneurship. This is a grass roots groundswell of change, empowerment, self esteem, money making, banking. I mean, all this that's going on >> absolute in the middle of it. Well, hey, we're proud to be part of it, and we're proud to be partners with many different organizations here as well. I think it's actually coming from all different directions, not just the ground swell, but even the leadership, the leadership of the countries that can Bahrain, but also the other countries in the Middle East and across the region. What we're seeing is that these countries air creating these vision plants, and these vision plans air about diversifying the economy, creating opportunity for youth, creating opportunity for folks that are diversifying from the economy. So then they're actually being displaced, and where do you turn to sew? These countries are turning to technology and in ah, Bahrain, in particular, they've set up programs where they helped to develop youth. They helped develop citizens, they could get free training on technology, all that to do, sees it and take it. And we've seen that uptake as well to have seen a lot of Bahrainis just taking courses, getting trained and then building. And that's what you witnessed today at our summit. >> You know, innovation takes on many forms you've seen in every way from the mobile wave. You saw, um, countries that didn't have good infrastructure, stand up mobile, fisher and Beam or connected than some of the incumbent countries that had connectivity last mile into >> an elite leap is >> the lead frog, right? So So this is happening here. But the trend we're seeing is that the old business school adage of focus on your core competency and then it's okay to outsource that that's not a core competency is a trend we're seeing with Cloud where you guys are providing the infrastructure for countries, not just businesses. Yeah, to focus on their core competency, and it's making things go faster. So speed is the table stakes, so it's slow. It's probably the old way. What are some of the conversations around this? Because this seems to be the hottest topic from things I've seen in the United States with CIA and Jed I that Therese has been involved in two education with educate and now here with the government modernizing with cloud first. Yeah, that's trickling throughout the entire country. >> Yeah, well, I mean, it's it's need, I'm part of that is needs. So in some of the countries in the region barring included, they wanted to spend controls. They want to reduce their costs. You want to get away from legacy, They want to get away from licenses they're not using or hardware that's sitting on shelves. So then they come and look at what we're doing in the same Well, wait a second. You're investing in the region. You're making infrastructure available. I can build on top of that, I can leverage open source I can create I could make citizen service is it's almost a no brainer for them to one of the biggest problems they have is that the train people and then those folks go in. They do start ups where they're going to start work for other businesses. Well, which is fantastic. It's actually creating that Gertrude a cycle that we want to be a part of his well too. So already starting to see that happening in the past couple of years. Have you been here? And of course, now we have the region lunch, which is only accelerating the journey. >> Talk about the business because you guys are active. Your presents early with a region which we think is a revitalisation, creates economic value. That's something we've been reporting on. But there's more than that. It's not just by rain. It's the whole region that you cover. What's the business landscape like? What if some of the deals you're doing? What's the startups look like when you talk about some of the the landscape dynamics? >> Absolutely. So first, let's start up Eco system is very, um, I was gonna say robust, but it's it's some to use the word that use. It's a groundswell Right now. We're seeing a lot of interest, Lot of activity. Ah, lot of folks getting into in experimenting very quickly. But it's not easy as we know. Doing a start. It's not easy, so that robust war will come with time. Ah, we're seeing that more funding is going into the space now. It's still very anemic. So in the Middle East, there's not enough funds going in there, especially for the early stage. We're seeing interest coming from outside for the later stages. We're talking about the creams, and we're talking about the cabbages and some of those companies, but at the earliest, ones >> that are clearly validated, growing like >> exactly the ones who have already earned market share with ones that air. Starting right now, they're finding their way. So we didn't do you need more funding for experimentation? Enter AWS and we provide is programs like Activate, which is an early stage start, a program. We work very closely with the V C's and the accelerators, so they're leveraging that now, too. So we're starting to see that growth, whether it's in Dubai or Abu Dhabi or Riyadh or Cairo or here. It's just starting to grow, which is great. And we're seeing that interest and some of that, um, should I go into this field? Would what When my mom's safe, I'm an entrepreneur versus a doctor that started swaying Now to where people say entrepreneurship is actually pretty >> cool, it's a legitimate field. >> It's a legitimate feeling that, believe it or not, which is excited, and people are going into it as well. On the enterprise side, s Emi's all the way to large enterprises. We're seeing that folks are saying, Hey, I can actually maybe even get new markets. So if you look at Al Tayyar Group, which are telltale Travel Group, which is out of Saudi Arabia, they're using that to learn more about their custom. Customers come up with new solutions and new packages that they can offer, all using a I and ML, which is incredible or fly Dubai FlyDubai in, In. In Dubai, you probably guessed that Ah, they need to stand up very quickly and online booking system. They did it in four months. It's leveraging cloud. So they're getting that they're getting that idea that you can kick it off real quick, get it running, and then launch it as well, too, and then the government. So we're seeing governments across the region saying, Hey, we've got a controller cost first of all, and we've got to make a better citizen service is we want to make sure that we improve the lives of citizens. So been able to launch new service is in a short amount of time. Today we heard about the I G A. Working on a building permit system that allows people to build quicker because they're able to get a permit in days instead of months. This is an example scene where speed matters to the point where we now have the government challenging business in terms of moving quicker, which is unheard of anywhere else in the world, which is super exciting, >> not certainly in the United States, that's for sure. I would like just to point out that from my standpoint, I heard this many V C. C are seeing them in the hallways mix of veces entrepreneurs business, globalize V's and New Eyes bees. The Amazon partner networks here. Yeah, it is partner Network. So it's all the things are in place now. Yes, What's missing? What do you see? It's to do items. Where do you think that you can raise the bar for AWS? What's what do you sees as to do items for you? What's your plan? >> Well, to your point, I mean, all the ingredients are here. So in terms of what's missing, I don't think there's anything missing spoke putting the ingredients together and build baking that cake. That's what we gotta work on right now, too. So that's why we're doing a lot of activity in the schools across the region, getting our program Educate and Academy, which of two different programs, ones broad. One is very directed to the schools. That is what we're helping to make sure that we get the next generation of learners. We're working on items, a cloud degrees. So in four years you can actually a degree leveraging all the technologies that are enabled by cloud. That's happened at the University of Bahrain, and we hope to get that in other schools. But also just getting training out there, just getting quick training. So you learn a little mint modules and you go and build something that's another area. Need spend more time and again encouraging experimentation. Try some new things, get it out there, see what the market says. So in terms of what we could do more of it. AWS is continue to push that message. Continue developing the people out here so that they're building. >> I gotta ask you, you know, you've been in Silicon Valley. You know that game for the folks living in silicon value in the U. S. What should they know about what's going on in your territory out here that they may not know? Or maybe this was fleeting thought or something that's not being reported. What's what. What's should did people know about what's going on in this region? >> Absolutely. I think sometimes for for many markets that are outside of Silicon Valley outside of the U. S. It's about copycats, start ups, which is fine. You can actually do quite well with that. Ah, usually the returns on that when you go to an exit event is less than what you might see it in the valley. Ah, but again, there's a great triage opportunity. So you want to bring the funds here? But I do see now a change where folks are building original technologies as well, too. And I think we're going to see more of the multiples, tens or 20 time multiples out here in the region, which would be wonderful. Ah, we saw a company today. You know, phonic, which is from Saudi Arabia that is building telecommunications, and, uh, contact invoice type of service is that's gonna be huge if they get this right. And I think they will, because they got a really scrappy and hungry team. That's one of those companies that actually could start getting people to notice the Middle East is a place for original innovation. >> Awesome. Um, anything else on your to do list for next year? What's Ah, Give a quick plug for your crew. You guys hiring? I see the region here. You gotta fill staff here. Actually got curriculum in the schools here. What are you looking >> for? You coming all the big What's not here to do? Yeah. You know, into this is continue to develop my team. We got a wonderful team here. Ah, lot of people that are local to the, uh, to the region. Ah, that We want to make sure that they're growing and contributing. A swell too. Our team missions to do good into. Well, at the same time, I think they go hand in hand. So we want to do more around programs that help to develop communities. You know, there are refugee crisis is around the region. We want to make sure we can help out over there. Ah, women in tech is a big area of focus for us. How can we get more women into technology and leading and technology as well? To have got my team having a mandate to get more solution architects that our women as well to we don't have one yet. We have a lot of great women on our team, but we need more technical women, too. That's another key focus area for us. Um, and just continue building continued to help the communities build solutions on the cloud. >> Zubin Chang, part here, head of the territory here in the Middle East and Africa. That's the cubes coverage of eight of US Summit and buyer in the Middle East. Signing off our second year. We'll be back with more next year and you'll see it around in the territory. Thanks for Thanks for watching.

>> live from Boston, Massachusetts. It's the Cube covering A W s reinforce 2019. Brought to you by Amazon Web service is and its ecosystem partners. >> Well, welcome back. Everyone's Cube Live coverage here in Boston, Massachusetts, for AWS. Reinforce Amazon Web sources. First inaugural conference around security. It's not Osama. It's a branded event. Big time ecosystem developing. We have returning here. Cube Alumni Bill Jeff for VP of strategy and the partnerships that Iron Net Cyber Security Company. Welcome back. Thanks. General Keith Alexander, who was on a week and 1/2 ago. And it was public sector summit. Good to see you. Good >> to see you. Thanks for >> having my back, but I want to get into some of the Iran cyber communities. We had General Qi 1000. He was the original commander of the division. So important discussions that have around that. But don't get your take on the event. You guys, you're building a business. The minute cyber involved in public sector. This is commercial private partnership. Public relations coming together. Yeah. Your models are sharing so bringing public and private together important. >> Now that's exactly right. And it's really great to be here with eight of us were really close partner of AWS is we'll work with them our entire back in today. Runs on AWS really need opportunity. Get into the ecosystem, meet some of the folks that are working that we might work with my partner but to deliver a great product, right? And you're seeing a lot of people move to cloud, right? And so you know some of the big announcement that are happening here today. We're willing. We're looking to partner up with eight of us and be a first time provider for some key new Proactiv elves. AWS is launching in their own platform here today. So that's a really neat thing for us to be partnered up with this thing. Awesome organization. I'm doing some of >> the focus areas around reinforcing your party with Amazon shares for specifics. >> Yes. So I don't know whether they announced this capability where they're doing the announcement yesterday or today. So I forget which one so I'll leave that leave that leave that once pursued peace out. But the main thing is, they're announcing couple of new technology plays way our launch party with them on the civility place. So we're gonna be able to do what we were only wanted to do on Prem. We're gonna be able to do in the cloud with AWS in the cloud formation so that we'll deliver the same kind of guy that would deliver on prime customers inside their own cloud environments and their hybrid environment. So it's a it's a it's a sea change for us. The company, a sea change for a is delivering that new capability to their customers and really be able to defend a cloud network the way you would nonpregnant game changer >> described that value, if you would. >> Well, so you know, one of the key things about about a non pregnant where you could do you could look at all the flows coming past you. You look at all the data, look at in real time and develop behavior. Lana looks over. That's what we're doing our own prime customers today in the cloud with his world who looked a lox, right? And now, with the weight of your capability, we're gonna be able to integrate that and do a lot Maur the way we would in a in a in a normal sort of on Prem environment. So you really did love that. Really? Capability of scale >> Wagon is always killed. The predictive analytics, our visibility and what you could do. And too late. Exactly. Right. You guys solve that with this. What are some of the challenges that you see in cloud security that are different than on premise? Because that's the sea, So conversation we've been hearing. Sure, I know on premise. I didn't do it on premises for awhile. What's the difference between the challenge sets, the challenges and the opportunities they provide? >> Well, the opportunities air really neat, right? Because you've got that even they have a shared responsibility model, which is a little different than you officially have it. When it's on Prem, it's all yours essential. You own that responsibility and it is what it is in the cloud. Its share responsible to cloud provider the data holder. Right? But what's really cool about the cloud is you could deliver some really interesting Is that scale you do patch updates simultaneously, all your all your back end all your clients systems, even if depending how your provisioning cloud service is, you could deliver that update in real time. You have to worry about. I got to go to individual systems and update them, and some are updated. Summer passed. Some aren't right. Your servers are packed simultaneously. You take him down, you're bringing back up and they're ready to go, right? That's a really capability that for a sigh. So you're delivering this thing at scale. It's awesome now, So the challenge is right. It's a new environment so that you haven't dealt with before. A lot of times you feel the hybrid environment governed both an on Prem in sanitation and class sensation. Those have to talkto one another, right? And you might think about Well, how do I secure those those connections right now? And I think about spending money over here when I got all seduced to spend up here in the cloud. And that's gonna be a hard thing precisely to figure out, too. And so there are some challenges, but the great thing is, you got a whole ecosystem. Providers were one of them here in the AWS ecosystem. There are a lot here today, and you've got eight of us as a part of self who wants to make sure that they're super secure, but so are yours. Because if you have a problem in their cloud, that's a challenge. Them to market this other people. You talk about >> your story because your way interviews A couple weeks ago, you made a comment. I'm a recovering lawyer, kind of. You know, we all laughed, but you really start out in law, right? >> How did you end up here? Yeah, well, the truth is, I grew up sort of a technology or myself. My first computer is a trash 80 a trs 80 color computer. RadioShack four k of RAM on board, right. We only >> a true TRS 80. Only when I know what you're saying. That >> it was a beautiful system, right? Way stored with sword programs on cassette tapes. Right? And when we operated from four Keita 16 k way were the talk of the Rainbow Computer Club in Santa Monica, California Game changer. It was a game here for 16. Warning in with 60 give onboard. Ram. I mean, this is this is what you gonna do. And so you know, I went from that and I in >> trouble or something, you got to go to law school like you're right >> I mean, you know, look, I mean, you know it. So my dad, that was a chemist, right? So he loved computers, love science. But he also had an unrequited political boners body. He grew up in East Africa, Tanzania. It was always thought that he might be a minister in government. The Socialist came to power. They they had to leave you at the end of the day. And he came to the states and doing chemistry, which is course studies. But he still loved politics. So he raised at NPR. So when I went to college, I studied political science. But I paid my way through college doing computer support, life sciences department at the last moment. And I ran 10 based. He came on climate through ceilings and pulled network cable do punch down blocks, a little bit of fibrous placing. So, you know, I was still a murderer >> writing software in the scythe. >> One major, major air. And that was when when the web first came out and we had links. Don't you remember? That was a text based browser, right? And I remember looking to see him like this is terrible. Who would use http slash I'm going back to go for gophers. Awesome. Well, turns out I was totally wrong about Mosaic and Netscape. After that, it was It was it was all hands on >> deck. You got a great career. Been involved a lot in the confluence of policy politics and tech, which is actually perfect skill set for the challenge we're dealing. So I gotta ask you, what are some of the most important conversations that should be on the table right now? Because there's been a lot of conversations going on around from this technology. I has been around for many decades. This has been a policy problem. It's been a societal problem. But now this really focus on acute focus on a lot of key things. What are some of the most important things that you think should be on the table for techies? For policymakers, for business people, for lawmakers? >> One. I think we've got to figure out how to get really technology knowledge into the hands of policymakers. Right. You see, you watch the Facebook hearings on Capitol Hill. I mean, it was a joke. It was concerning right? I mean, anybody with a technology background to be concerned about what they saw there, and it's not the lawmakers fault. I mean, you know, we've got to empower them with that. And so we got to take technologist, threw it out, how to get them to talk policy and get them up on the hill and in the administration talking to folks, right? And one of the big outcomes, I think, has to come out of that conversation. What do we do about national level cybersecurity, Right, because we assume today that it's the rule. The private sector provides cyber security for their own companies, but in no other circumstance to expect that when it's a nation state attacker, wait. We don't expect Target or Wal Mart or any other company. J. P. Morgan have surface to air missiles on the roofs of their warehouses or their buildings to Vegas Russian bear bombers. Why, that's the job of the government. But when it comes to cyberspace, we expect Private Cummings defending us everything from a script kiddie in his basement to the criminal hacker in Eastern Europe to the nation state, whether Russia, China, Iran or North Korea and these nation states have virtually a limited resource. Your armies did >> sophisticated RND technology, and it's powerful exactly like a nuclear weaponry kind of impact for digital. >> Exactly. And how can we expect prices comes to defend themselves? It's not. It's not a fair fight. And so the government has to have some role. The questions? What role? How did that consist with our values, our principles, right? And how do we ensure that the Internet remains free and open, while still is sure that the president is not is not hampered in doing its job out there. And I love this top way talk about >> a lot, sometimes the future of warfare. Yeah, and that's really what we're talking about. You go back to Stuxnet, which opened Pandora's box 2016 election hack where you had, you know, the Russians trying to control the mean control, the narrative. As you pointed out, that that one video we did control the belief system you control population without firing a shot. 20 twenties gonna be really interesting. And now you see the U. S. Retaliate to Iran in cyberspace, right? Allegedly. And I was saying that we had a conversation with Robert Gates a couple years ago and I asked him. I said, Should we be Maur taking more of an offensive posture? And he said, Well, we have more to lose than the other guys Glasshouse problem? Yeah, What are your thoughts on? >> Look, certainly we rely intimately, inherently on the cyber infrastructure that that sort of is at the core of our economy at the core of the world economy. Increasingly, today, that being said, because it's so important to us all the more reason why we can't let attacks go Unresponded to write. And so if you're being attacked in cyberspace, you have to respond at some level because if you don't, you'll just keep getting punched. It's like the kid on the playground, right? If the bully keeps punching him and nobody does anything, not not the not the school administration, not the kid himself. Well, then the boy's gonna keep doing what he's doing. And so it's not surprising that were being tested by Iran by North Korea, by Russia by China, and they're getting more more aggressive because when we don't punch back, that's gonna happen. Now we don't have to punch back in cyberspace, right? A common sort of fetish about Cyrus is a >> response to the issue is gonna respond to the bully in this case, your eggs. Exactly. Playground Exactly. We'll talk about the Iran. >> So So if I If I if I can't Yeah, the response could be Hey, we could do this. Let them know you could Yes. And it's a your move >> ate well, And this is the key is that it's not just responding, right. So Bob Gates or told you we can't we talk about what we're doing. And even in the latest series of alleged responses to Iran, the reason we keep saying alleged is the U. S has not publicly acknowledged it, but the word has gotten out. Well, of course, it's not a particularly effective deterrence if you do something, but nobody knows you did it right. You gotta let it out that you did it. And frankly, you gotta own it and say, Hey, look, that guy punch me, I punch it back in the teeth. So you better not come after me, right? We don't do that in part because these cables grew up in the intelligence community at N S. A and the like, and we're very sensitive about that But the truth is, you have to know about your highest and capabilities. You could talk about your abilities. You could say, Here are my red lines. If you cross him, I'm gonna punch you back. If you do that, then by the way, you've gotta punch back. They'll let red lines be crossed and then not respond. And then you're gonna talk about some level of capabilities. It can't all be secret. Can't all be classified. Where >> are we in this debate? Me first. Well, you're referring to the Thursday online attack against the intelligence Iranian intelligence community for the tanker and the drone strike that they got together. Drone take down for an arm in our surveillance drones. >> But where are we >> in this debate of having this conversation where the government should protect and serve its people? And that's the role. Because if a army rolled in fiscal army dropped on the shores of Manhattan, I don't think Citibank would be sending their people out the fight. Right? Right. So, like, this is really happening. >> Where are we >> on this? Like, is it just sitting there on the >> table? What's happening? What's amazing about it? Hi. This was getting it going well, that that's a Q. What's been amazing? It's been happening since 2012 2011 right? We know about the Las Vegas Sands attack right by Iran. We know about North Korea's. We know about all these. They're going on here in the United States against private sector companies, not against the government. And there's largely been no response. Now we've seen Congress get more active. Congress just last year passed to pass legislation that gave Cyber command the authority on the president's surgery defenses orders to take action against Russia, Iran, North Korea and China. If certain cyber has happened, that's a good thing, right to give it. I'll be giving the clear authority right, and it appears the president willing to make some steps in that direction, So that's a positive step. Now, on the back end, though, you talk about what we do to harden ourselves, if that's gonna happen, right, and the government isn't ready today to defend the nation, even though the Constitution is about providing for the common defense, and we know that the part of defense for long. For a long time since Secretary Panetta has said that it is our mission to defend the nation, right? But we know they're not fully doing that. How do they empower private sector defense and one of keys That has got to be Look, if you're the intelligence community or the U. S. Government, you're Clinton. Tremendous sense of Dad about what you're seeing in foreign space about what the enemy is doing, what they're preparing for. You have got to share that in real time at machine speed with industry. And if you're not doing that and you're still count on industry to be the first line defense, well, then you're not empowered. That defense. And if you're on a pair of the defense, how do you spend them to defend themselves against the nation? State threats? That's a real cry. So >> much tighter public private relationship. >> Absolutely, absolutely. And it doesn't have to be the government stand in the front lines of the U. S. Internet is, though, is that you could even determine the boundaries of the U. S. Internet. Right? Nobody wants an essay or something out there doing that, but you do want is if you're gonna put the private sector in the in the line of first defense. We gotta empower that defense if you're not doing that than the government isn't doing its job. And so we gonna talk about this for a long time. I worked on that first piece of information sharing legislation with the House chairman, intelligence Chairman Mike Rogers and Dutch Ruppersberger from Maryland, right congressman from both sides of the aisle, working together to get a fresh your decision done that got done in 2015. But that's just a first step. The government's got to be willing to share classified information, scaled speed. We're still not seeing that. Yeah, How >> do people get involved? I mean, like, I'm not a political person. I'm a moderate in the middle. But >> how do I How do people get involved? How does the technology industry not not the >> policy budgets and the top that goes on the top tech companies, how to tech workers or people who love Tad and our patriots and or want freedom get involved? What's the best approach? >> Well, that's a great question. I think part of is learning how to talk policy. How do we get in front policymakers? Right. And we're I run. I run a think tank on the side at the National Institute at George Mason University's Anton Scalia Law School Way have a program funded by the Hewlett Foundation who were bringing in technologists about 25 of them. Actually. Our next our second event. This Siri's is gonna be in Chicago this weekend. We're trained these technologies, these air data scientists, engineers and, like talk Paul's right. These are people who said We want to be involved. We just don't know how to get involved And so we're training him up. That's a small program. There's a great program called Tech Congress, also funded by the U. A. Foundation that places technologists in policy positions in Congress. That's really cool. There's a lot of work going on, but those are small things, right. We need to do this, its scale. And so you know, what I would say is that their technology out there want to get involved, reach out to us, let us know well with our partners to help you get your information and dad about what's going on. Get your voice heard there. A lot of organizations to that wanna get technologies involved. That's another opportunity to get in. Get in the building is a >> story that we want to help tell on be involved in David. I feel passion about this. Is a date a problem? So there's some real tech goodness in there. Absolutely. People like to solve hard problems, right? I mean, we got a couple days of them. You've got a big heart problems. It's also for all the people out there who are Dev Ops Cloud people who like to work on solving heart problems. >> We got a lot >> of them. Let's do it. So what's going on? Iron? Give us the update Could plug for the company. Keith Alexander found a great guy great guests having on the Cube. That would give the quick thanks >> so much. So, you know, way have done two rounds of funding about 110,000,000. All in so excited. We have partners like Kleiner Perkins Forge point C five all supporting us. And now it's all about We just got a new co CEO in Bill Welshman. See Scaler and duo. So he grew Z scaler. $1,000,000,000 valuation he came in to do Oh, you know, they always had a great great exit. Also, we got him. We got Sean Foster in from from From Industry also. So Bill and Sean came together. We're now making this business move more rapidly. We're moving to the mid market. We're moving to a cloud platform or aggressively and so exciting times and iron it. We're coming toe big and small companies near you. We've got the capability. We're bringing advanced, persistent defense to bear on his heart problems that were threat analytics. I collected defence. That's the key to our operation. We're excited >> to doing it. I call N S A is a service, but that's not politically correct. But this is the Cube, so >> Well, look, if you're not, if you want to defensive scale, right, you want to do that. You know, ECE knows how to do that key down here at the forefront of that when he was in >> the government. Well, you guys are certainly on the cutting edge, riding that wave of common societal change technology impact for good, for defence, for just betterment, not make making a quick buck. Well, you know, look, it's a good business model by the way to be in that business. >> I mean, It's on our business cards. And John Xander means it. Our business. I'd say the Michigan T knows that he really means that, right? Rather private sector. We're looking to help companies to do the right thing and protect the nation, right? You know, I protect themselves >> better. Well, our missions to turn the lights on. Get those voices out there. Thanks for coming on. Sharing the lights. Keep covers here. Day one of two days of coverage. Eight of us reinforce here in Boston. Stay with us for more Day one after this short break.