(lively music) >> Good afternoon cloud community and welcome back to beautiful Las Vegas, Nevada. We are here at AWS re:Invent, day four of our wall to wall coverage. It is day four in the afternoon and we are holding strong. I'm Savannah Peterson, joined by my fabulous co-host Paul Gillen. Paul, how you doing? >> I'm doing well, fine Savannah. You? >> You look great. >> We're in the home stretch here. >> Yeah, (laughs) we are. >> You still look fresh as a daisy. I don't know how you do it. >> (laughs) You're too kind. You're too kind, but I'm vain enough to take that compliment. I'm very excited about the conversation that we're going to have up next. We get to get a little DevRel and we got a little swagger on the stage. Welcome, Austin. How you doing? >> Hey, great to be here. Thanks for having me. >> Savannah: Yeah, it's our pleasure. How's the show been for you so far? >> Busy, exciting. Feels a lot like, you know it used to be right? >> Yeah, I know. A little reminiscent of the before times. >> Well, before times. >> Before we dig into the technical stuff, you're the most intriguingly dressed person we've had on the show this week. >> Austin: I feel extremely underdressed. >> Well, and we were talking about developer fancy. Talk to me a little bit about your approach to fashion. Wasn't expecting to lead with this, but I like this but I like this actually. >> No, it's actually good with my PR. You're going to love it. My approach, here's the thing, I give free advice all the time about developer relations, about things that work, have worked, and don't work in community and all that stuff. I love talking about that. Someone came up to me and said, "Where do you get your fashion tips from? What's the secret Discord server that I need to go on?" I'm like, "I will never tell." >> Oh, okay. >> This is an actual trait secret. >> Top secret. Wow! Talk about. >> If someone else starts wearing the hat, then everyone's going to be like, "There's so many white guys." Look, I'm a white guy with a beard that works in technology. >> Savannah: I've never met one of those. >> Exactly, there's none of them at all. So, you have to do something to kind stand out from the crowd a little bit. >> I love it, and it's a talk trigger. We're talking about it now. Production team loved it. It's fantastic. >> It's great. >> So your DevRel for Lightstep, in case the audience isn't familiar tell us about Lightstep. >> So Lightstep is a cloud native observability platform built at planet scale, and it powers observability at some places you've heard of like Spotify, GitHub, right? We're designed to really help developers that are working in the cloud with Kubernetes, with these huge distributed systems, understand application performance and being able to find problems, fix problems. We're also part of the ServiceNow family and as we all know ServiceNow is on a mission to help the world of work work better by powering digital transformation around IT and customer experiences for their many, many, many global 2000 customers. We love them very much. >> You know, it's a big love fest here. A lot of people have talked about the collaboration, so many companies working together. You mentioned unified observability. What is unified observability? >> So if you think about a tradition, or if you've heard about this traditional idea of observability where you have three pillars, right? You have metrics, and you have logs, and you have traces. All those three things are different data sources. They're picked up by different tools. They're analyzed by different people for different purposes. What we believe and what we're working to accomplish right now is to take all that and if you think those pillars, flip 'em on their side and think of them as streams of data. If we can take those streams and integrate them together and let you treat traces and metrics and logs not as these kind of inviolate experiences where you're kind of paging between things and going between tab A to tab B to tab C, and give you a standard way to query this, a standard way to display this, and letting you kind of find the most relevant data, then it really unlocks a lot of power for like developers and SREs to spend less time like managing tools. You know, figuring out where to build their query or what dashboard to check, more just being able to like kind of ask a question, get an answer. When you have an incident or an outage that's the most important thing, right? How quickly can you get those answers that you need so that you can restore system health? >> You don't want to be looking in multiple spots to figure out what's going on. >> Absolutely. I mean, some people hear unified observability and they go to like tool consolidation, right? That's something I hear from a lot of our users and a lot of people in re:Invent. I'll talk to SREs, they're like, "Yeah, we've got like six or seven different metrics products alone, just on services that they cover." It is important to kind of consolidate that but we're really taking it a step lower. We're looking at the data layer and trying to say, "Okay, if the data is all consistent and vendor neutral then that gives you flexibility not only from a tool consolidation perspective but also you know, a consistency, reliability. You could have a single way to deploy your observability out regardless of what cloud you're on, regardless if you're using Kubernetes or Fargate or whatever else. or even just Bare Metal or EC2 Bare Metal, right? There's been so much historically in this space. There's been a lot of silos and we think that unify diversability means that we kind of break down those silos, right? The way that we're doing it primarily is through a project called OpenTelemetry which you might have heard of. You want to talk about that in a minute? . >> Savannah: Yeah, let's talk about it right now. Why don't you tell us about it? Keep going, you're great. You're on a roll. >> I am. >> Savannah: We'll just hang out over here. >> It's day four. I'm going to ask the questions and answer the questions. (Savannah laughs) >> Yes, you're right. >> I do yeah. >> Open Tele- >> OpenTelemetry . >> Explain what OpenTelemetry is first. >> OpenTelemetry is a CNCF project, Cloud Native Computing Foundation. The goal is to make telemetry data, high quality telemetry data, a builtin feature of cloud native software right? So right now if you wanted to get logging data out, depending on your application stack, depending on your application run time, depending on language, depending on your deployment environment. You might have a lot... You have to make a lot of choices, right? About like, what am I going to use? >> Savannah: So many different choices, and the players are changing all the time. >> Exactly, and a lot of times what people will do is they'll go and they'll say like, "We have to use this commercial solution because they have a proprietary agent that can do a lot of this for us." You know? And if you look at all those proprietary agents, what you find very quickly is it's very commodified right? There's no real difference in what they're doing at a code level and what's stopped the industry from really adopting a standard way to create this logs and metrics and traces, is simply just the fact that there was no standard. And so, OpenTelemetry is that standard, right? We've got dozens of companies many of them like very, many of them here right? Competitors all the same, working together to build this open standard and implementation of telemetry data for cloud native software and really any software right? Like we support over 12 languages. We support Kubernetes, Amazon. AWS is a huge contributor actually and we're doing some really exciting stuff with them on their Amazon distribution of OpenTelemetry. So it's been extremely interesting to see it over the past like couple years go from like, "Hey, here's this like new thing that we're doing over here," to really it's a generalized acceptance that this is the way of the future. This is what we should have been doing all along. >> Yeah. >> My opinion is there is a perception out there that observability is kind of a commodity now that all the players have the same set of tools, same set of 15 or 17 or whatever tools, and that there's very little distinction in functionality. Would you agree with that? >> I don't know if I would characterize it that way entirely. I do think that there's a lot of duplicated effort that happens and part of the reason is because of this telemetry data problem, right? Because you have to wind up... You know, there's this idea of table stakes monitoring that we talk about right? Table stakes monitoring is the stuff that you're having to do every single day to kind of make sure your system is healthy to be able to... When there's an alert, gets triggered, to see why it got triggered and to go fix it, right? Because everyone has the kind of work on that table stake stuff and then build all these integrations, there's very little time for innovation on top of that right? Because you're spending all your time just like working on keeping up with technology. >> Savannah: Doing the boring stuff to make sure the wheels don't fall off, basically. >> Austin: Right? What I think the real advantage of OpenTelemetry is that it really, from like a vendor perspective, like it unblocks us from having to kind of do all this repetitive commodified work. It lets us help move that out to the community level so that... Instead of having to kind of build, your Kubernetes integration for example, you can just have like, "Hey, OpenTelemetry is integrated into Kubernetes and you just have this data now." If you are a commercial product, or if you're even someone that's interested in fixing a, scratching a particular itch about observability. It's like, "I have this specific way that I'm doing Kubernetes and I need something to help me really analyze that data. Well, I've got the data now I can just go create a project. I can create an analysis tool." I think that's what you'll see over time as OpenTelemetry promulgates out into the ecosystem is more people building interesting analysis features, people using things like machine learning to analyze this large amount, large and consistent amount of OpenTelemetry data. It's going to be a big shakeup I think, but it has the potential to really unlock a lot of value for our customers. >> Well, so you're, you're a developer relations guy. What are developers asking for right now out of their observability platforms? >> Austin: That's a great question. I think there's two things. The first is that they want it to just work. It's actually the biggest thing, right? There's so many kind of... This goes back to the tool proliferation, right? People have too much data in too many different places, and getting that data out can still be really challenging. And so, the biggest thing they want is just like, "I want something that I can... I want a lot of these questions I have to ask, answered already and OpenTelemetry is going towards it." Keep in mind it's the project's only three years old, so we obviously have room to grow but there are people running it in production and it works really well for them but there's more that we can do. The second thing is, and this isn't what really is interesting to me, is it's less what they're asking for and more what they're not asking for. Because a lot of the stuff that you see people, saying around, "Oh, we need this like very specific sort of lower level telemetry data, or we need this kind of universal thing." People really just want to be able to get questions or get questions answered, right? They want tools that kind of have these workflows where you don't have to be an expert because a lot of times this tooling gets locked behind sort of is gate kept almost in a organization where there are teams that's like, "We're responsible for this and we're going to set it up and manage it for you, and we won't let you do things outside of it because that would mess up- >> Savannah: Here's your sandbox and- >> Right, this is your sandbox you can play in and a lot of times that's really useful and very tuned for the problems that you saw yesterday, but people are looking at like what are the problems I'm going to get tomorrow? We're deploying more rapidly. We have more and more intentional change happening in the system. Like it's not enough to have this reactive sort of approach where our SRE teams are kind of like or this observability team is building a platform for us. Developers want to be able to get in and have these kind of guided workflows really that say like, "Hey, here's where you're starting at. Let's get you to an answer. Let's help you find the needle in the haystack as it were, without you having to become a master of six different or seven different tools." >> Savannah: Right, and it shouldn't be that complicated. >> It shouldn't be. I mean we've certainly... We've been working on this problem for many years now, starting with a lot of our team that started at Google and helped build Google's planet scale monitoring systems. So we have a lot of experience in the field. It's actually one... An interesting story that our founder or now general manager tells BHS, Ben Sigelman, and he told me this story once and it's like... He had built this really cool thing called Dapper that was a tracing system at Google, and people weren't using it. Because they were like, "This is really cool, but I don't know how to... but it's not relevant to me." And he's like, the one thing that we did to get to increase usage 20 times over was we just put a link. So we went to the place that people were already looking for that data and we added a link that says, "Hey, go over here and look at this." It's those simple connections being able to kind of draw people from like point A to point B, take them from familiar workflows into unfamiliar ones. You know, that's how we think about these problems right? How is this becoming a daily part of someone's usage? How is this helping them solve problems faster and really improve their their life? >> Savannah: Yeah, exactly. It comes down to quality of life. >> Warner made the case this morning that computer architecture should be inherently event-driven and that we are moving toward a world where the person matters less than what the software does, right? The software is triggering events. Does this complicate observability or simplify it? >> Austin: I think that at the end of the day, it's about getting the... Observability to me in a lot of ways is about modeling your system, right? It's about you as a developer being able to say this is what I expect the system to do and I don't think the actual application architecture really matters that much, right? Because it's about you. You are building a system, right? It can be event driven, can be support request response, can be whatever it is. You have to be able to say, "This is what I expect to... For these given inputs, this is the expected output." Now maybe there's a lot of stuff that happens in the middle that you don't really care about. And then, I talk to people here and everyone's talking about serverless right? Everyone... You can see there's obviously some amazing statistics about how many people are using Lambda, and it's very exciting. There's a lot of stuff that you shouldn't have to care about as a developer, but you should care about those inputs and outputs. You will need to have that kind of intermediate information and understand like, what was the exact path that I took through this invented system? What was the actual resources that were being used? Because even if you trust that all this magic behind the scenes is just going to work forever, sometimes it's still really useful to have that sort of lower level abstraction, to say like, "Well, this is what actually happened so that I can figure out when I deployed a new change, did I make performance better or worse?" Or being able to kind of segregate your data out and say like... Doing AB testing, right? Doing canary releases, doing all of these things that you hear about as best practices or well architected applications. Observability is at the core of all that. You need observability to kind of do any of, ask any of those higher level interesting questions. >> Savannah: We are here at ReInvent. Tell us a little bit more about the partnership with AWS. >> So I would have to actually probably refer you to someone at Service Now on that. I know that we are a partner. We collaborate with them on various things. But really at Lightstep, we're very focused on kind of the open source part of this. So we work with AWS through the OpenTelemetry project, on things like the AWS distribution for OpenTelemetry which is really... It's OpenTelemetry, again is really designed to be like a neutral standard but we know that there are going to be integrators and implementers that need to package up and bundle it in a certain way to make it easy for their end users to consume it. So that's what Amazon has done with ADOT which is the shortening for it. So it's available in several different ways. You can use it as like an SDK and drop it into your application. There's Lambda layers. If you want to get Lambda observability, you just add this extension in and then suddenly you're getting OpenTelemetry data on the other side. So it's really cool. It's been a really exciting to kind of work with people on the AWS side over the past several years. >> Savannah: It's exciting, >> I've personally seen just a lot of change. I was talking to a PM earlier this week... It's like, "Hey, two years ago I came and talked to you about OpenTelemetry and here we are today. You're still talking about OpenTelemetry." And they're like, "What changes?" Our customers have started coming to us asking for OpenTelemetry and we see the same thing now. >> Savannah: Timing is right. >> Timing is right, but we see the same thing... Even talking to ServiceNow customers who are... These very big enterprises, banks, finance, healthcare, whatever, telcos, it used to be... You'd have to go to them and say like, "Let me tell you about distributed tracing. Let me tell you about OpenTelemetry. Let me tell you about observability." Now they're coming in and saying, "Yeah, so we're standard." If you think about Kubernetes and how Kubernetes, a lot of enterprises have spent the past five-six years standardizing, and Kubernetes is a way to deploy applications or manage containerized applications. They're doing the same journey now with OpenTelemetry where they're saying, "This is what we're betting on and we want partners we want people to help us go along that way." >> I love it, and they work hand in hand in all CNCF projects as well that you're talking about. >> Austin: Right, so we're integrated into Kubernetes. You can find OpenTelemetry and things like kept in which is application standards. And over time, it'll just like promulgate out from there. So it's really exciting times. >> A bunch of CNCF projects in this area right? Prometheus. >> Prometheus, yeah. Yeah, so we inter-operate with Prometheus as well. So if you have Prometheus metrics, then OpenTelemetry can read those. It's a... OpenTelemetry metrics are like a super set of Prometheus. We've been working with the Prometheus community for quite a while to make sure that there's really good compatibility because so many people use Prometheus you know? >> Yeah. All right, so last question. New tradition for us here on theCUBE. We're looking for your 32nd hot take, Instagram reel, biggest theme, biggest buzz for those not here on the show floor. >> Oh gosh. >> Savannah: It could be for you too. It could be whatever for... >> I think the two things that are really striking to me is one serverless. Like I see... I thought people were talking about servers a lot and they were talking about it more than ever. Two, I really think it is observability right? Like we've gone from observability being kind of a niche. >> Savannah: Not that you're biased. >> Huh? >> Savannah: Not that you're biased. >> Not that I'm biased. It used to be a niche. I'd have to go niche thing where I would go and explain what this is to people and nowpeople are coming up. It's like, "Yeah, yeah, we're using OpenTelemetry." It's very cool. I've been involved with OpenTelemetry since the jump, since it was started really. It's been very exciting to see and gratifying to see like how much adoption we've gotten even in a short amount of time. >> Yeah, absolutely. It's a pretty... Yeah, it's been a lot. That was great. Perfect soundbite for us. >> Austin: Thanks, I love soundbites. >> Savannah: Yeah. Awesome. We love your hat and your soundbites equally. Thank you so much for being on the show with us today. >> Thank you for having me. >> Savannah: Hey, anytime, anytime. Will we see you in Amsterdam, speaking of KubeCon? Awesome, we'll be there. >> There's some real exciting OpenTelemetry stuff coming up for KubeCon. >> Well, we'll have to get you back on theCUBE. (talking simultaneously) Love that for us. Thank you all for tuning in two hour wall to wall coverage here, day four at AWS re:Invent in fabulous Las Vegas, Nevada, with Paul Gillin. I'm Savannah Peterson and you're watching theCUBE, the leader in high tech coverage. (lively music)

(upbeat music) >> Welcome back to Vegas. Lisa Martin and Dave Vellante here with theCUBE live on the Venetian Expo Hall Floor, talking all things AWS re:Invent 2022. This is the first full day of coverage. It is jam-packed here. People are back. They are ready to hear all the new innovations from AWS. Dave, how does it feel to be back yet again in Vegas? >> Yeah, Vegas. I think it's my 10th time in Vegas this year. So, whatever. >> This year alone. You must have a favorite steak restaurant then. >> There are several. The restaurants in Vegas are actually really good. >> You know? >> They are good. >> They used to be terrible. But I'll tell you. My favorite? The place that closed. >> Oh! >> Yeah, closed. In between where we are in the Wynn and the Venetian. Anyway. >> Was it CUT? >> No, I forget what the name was. >> Something else, okay. >> It was like a Greek sort of steak place. Anyway. >> Now, I'm hungry. >> We were at Pure Accelerate a couple years ago. >> Yes, we were. >> When they announced Cloud Block Store. >> That's right. >> Pure was the first- >> In Austin. >> To do that. >> Yup. >> And then they made the acquisition of Portworx which was pretty prescient given that containers have been going through the roof. >> Yeah. >> So I'm sort of excited to have these guys on and talk about that. >> We're going to unpack all of this. We've got one of our alumni back with us, Venkat Ramakrishna, VP of Product, Portworx by Pure Storage. And Dan Kogan joins us for the first time, VP of Product Management and Product Marketing, FlashArray at Pure Storage. Guys, welcome to the program. >> Thank you. >> Hey, guys. >> Dan: Thanks for having us. >> Do you have a favorite steak restaurant in Vegas? Dave said there's a lot of good choices. >> There's a lot of good steak restaurants here. >> I like SDK. >> Yeah, that's a good one. >> That's the good one. >> That's a good one. >> Which one? >> SDK. >> SDK. >> Where's that? >> It's, I think, in Cosmopolitan. >> Ooh. >> Yeah. >> Oh, yeah, yeah, yeah. >> It's pretty good, yeah. >> There's one of the Western too that's pretty. >> I'm an Herbs and Rye guy. Have you ever been there? >> No. >> No. >> Herbs and Rye is off strip, but it's fantastic. It's kind of like a locals joint. >> I have to dig through all of this great stuff today and then check that out. Talk to me. This is our first day, obviously. First main day. I want to get both of your perspectives. Dan, we'll start with you since you're closest to me. How are you finding this year's event so far? Obviously, tons of people. >> Busy. >> Busy, yeah. >> Yeah, it is. It is old times. Bigger, right? Last re:Invent I was at was 2019 right before everything shut down and it's probably half the size of this which is a different trend than I feel like most other tech conferences have gone where they've come back, but a little bit smaller. re:Invent seems to be the IT show. >> It really does. Venkat, are you finding the same? In terms of what you're experiencing so far on day one of the events? >> Yeah, I mean... There's tremendous excitement. Overall, I think it's good to be back. Very good crowd, great turnout, lot of excitement around some of the new offerings we've announced. The booth traffic has been pretty good. And just the quality of the conversations, the customer meetings, have been really good. There's very interesting use cases shaping up and customers really looking to solve real large scale problems. Yeah, it's been a phenomenal first day. >> Venkat, talk a little bit about, and then we'll get to you Dan as well, the relationship that Portworx by Pure Storage has with AWS. Maybe some joint customers. >> Yeah, so we... Definitely, we have been a partner of AWS for quite some time, right? Earlier this year, we signed what is called a strategic investment letter with AWS where we kind of put some joint effort together like to better integrate our products. Plus, kind of get in front of our customers more together and educate them on how going to how they can deploy and build vision critical apps on EKS and EKS anywhere and Outpost. So that partnership has grown a lot over the last year. We have a lot of significant mutual customer wins together both on the public cloud on EKS as well as on EKS anywhere, right? And there are some exciting use cases around Edge and Edge deployments and different levels of Edge as well with EKS anywhere. And there are pretty good wins on the Outpost as well. So that partnership I think is kind of like growing across not just... We started off with the one product line. Now our Portworx backup as a service is also available on EKS and along with the Portworx Data Services. So, it is also expanded across the product lanes as well. >> And then Dan, you want to elaborate a bit on AWS Plus Pure? >> Yeah, it's for kind of what we'll call the core Pure business or the traditional Pure business. As Dave mentioned, Cloud Block Store is kind of where things started and we're seeing that move and evolve from predominantly being a DR site and kind of story into now more and more production applications being lifted and shifted and running now natively in AWS honor storage software. And then we have a new product called Pure Fusion which is our storage as code automation product essentially. It takes you from moving and managing of individual arrays, now obfuscates a fleet level allows you to build a very cloud-like backend and consume storage as code. Very, very similar to how you do with AWS, with an EBS. That product is built in AWS. So it's a SaaS product built in AWS, really allowing you to turn your traditional Pure storage into an AWS-like experience. >> Lisa: Got it. >> What changed with Cloud Block Store? 'Cause if I recall, am I right that you basically did it on S3 originally? >> S3 is a big... It's a number of components. >> And you had a high performance EC2 instances. >> Dan: Yup, that's right. >> On top of lower cost object store. Is that still the case? >> That's still the architecture. Yeah, at least for AWS. It's a different architecture in Azure where we leverage their disc storage more. But in AWS were just based on essentially that backend. >> And then what's the experience when you go from, say, on-prem to AWS to sort of a cross cloud? >> Yeah, very, very simple. It's our replication technology built in. So our sync rep, our async rep, our active cluster technology is essentially allowing you to move the data really, really seamlessly there and then again back to Fusion, now being that kind of master control plan. You can have availability zones, running Cloud Block Store instances in AWS. You can be running your own availability zones in your data centers wherever those may happen to be, and that's kind of a unification layer across it all. >> It looks the same to the customer. >> To the customer, at the end of the day, it's... What the customer sees is the purity operating system. We have FlashArray proprietary hardware on premises. We have AWS's hardware that we run it on here. But to the customer, it's just the FlashArray. >> That's a data super cloud actually. Yeah, it's a data super cloud. >> I'd agree. >> It spans multiple clouds- >> Multiple clouds on premises. >> It extracts all the complexity of the underlying muck and the primitives and presents a common experience. >> Yeah, and it's the same APIs, same management console. >> Dave: Yeah, awesome. >> Everything's the same. >> See? It's real. It's a thing, On containers, I have a question. So we're in this environment, everybody wants to be more efficient, what's happening with containers? Is there... The intersection of containers and serverless, right? You think about all the things you have to do to run containers in VMs, configure everything, configure the memory, et cetera, and then serverless simplifies all that. I guess Knative in between or I guess Fargate. What are you seeing with customers between stateless apps, stateful apps, and how it all relates to containers? >> That's a great question, right? I think that one of the things that what we are seeing is that as people run more and more workloads in the cloud, right? There's this huge movement towards being the ability to bring these applications to run anywhere, right? Not just in one public cloud, but in the data centers and sometimes the Edge clouds. So there's a lot of portability requirements for the applications, right? I mean, yesterday morning I was having breakfast with a customer who is a big AWS customer but has to go into an on-prem air gap deployment for one of their large customers and is kind of re-platforming some other apps into containers in Kubernetes because it makes it so much easier for them to deploy. So there is no longer the debate of, is it stateless versus it stateful, it's pretty much all applications are moving to containers, right? And in that, you see people are building on Kubernetes and containers is because they wanted multicloud portability for their applications. Now the other big aspect is cost, right? You can significantly run... You know, like lower cost by running with Kubernetes and Portworx and by on the public cloud or on a private cloud, right? Because it lets you get more out of your infrastructure. You're not all provisioning your infrastructure. You are like just deploying the just-enough infrastructure for your application to run with Kubernetes and scale it dynamically as your application load scales. So, customers are better able to manage costs. >> Does serverless play in here though? Right? Because if I'm running serverless, I'm not paying for the compute the whole time. >> Yeah. >> Right? But then stateless and stateful come into play. >> Serverless has a place, but it is more for like quick event-driven decision. >> Dave: The stateless apps. >> You know, stuff that needs to happen. The serverless has a place, but majority of the applications have need compute and more compute to run because there's like a ton of processing you have to do, you're serving a whole bunch of users, you're serving up media, right? Those are not typically good serverless apps, right? The several less apps do definitely have a place. There's a whole bunch of minor code snippets or events you need to process every now and then to make some decisions. In that, yeah, you see serverless. But majority of the apps are still requiring a lot of compute and scaling the compute and scaling storage requirements at a time. >> So what Venkat was talking about is cost. That is probably our biggest tailwind from a cloud adoption standpoint. I think initially for on-premises vendors like Pure Storage or historically on-premises vendors, the move to the cloud was a concern, right? In that we're getting out the data center business, we're going all in on the cloud, what are you going to do? That's kind of why we got ahead of that with Cloud Block Store. But as customers have matured in their adoption of cloud and actually moved more applications, they're becoming much more aware of the costs. And so anywhere you can help them save money seems to drive adoption. So they see that on the Kubernetes side, on our side, just by adding in things that we do really well: Data reduction, thin provisioning, low cost snaps. Those kind of things, massive cost savings. And so it's actually brought a lot of customers who thought they weren't going to be using our storage moving forward back into the fold. >> Dave: Got it. >> So cost saving is great, huge business outcomes potentially for customers. But what are some of the barriers that you're helping customers to overcome on the storage side and also in terms of moving applications to Kubernetes? What are some of those barriers that you could help us? >> Yeah, I mean, I can answer it simply from a core FlashArray side, it's enabling migration of applications without having to refactor them entirely, right? That's Kubernetes side is when they think about changing their applications and building them, we'll call quote unquote more cloud native, but there are a lot of customers that can't or won't or just aren't doing that, but they want to run those applications in the cloud. So the movement is easier back to your data super cloud kind of comment, and then also eliminating this high cost associated with it. >> I'm kind of not a huge fan of the whole repatriation narrative. You know, you look at the numbers and it's like, "Yeah, there's something going on." But the one use case that looks like it's actually valid is, "I'm going to test in the cloud and I'm going to deploy on-prem." Now, I dunno if that's even called repatriation, but I'm looking to help the repatriation narrative because- >> Venkat: I think it's- >> But that's a real thing, right? >> Yeah, it's more than repatriation, right? It's more about the ability to run your app, right? It's not just even test, right? I mean, you're going to have different kinds of governance and compliance and regulatory requirements have to run your apps in different kinds of cloud environments, right? There are certain... Certain regions may not have all of the compliance and regulatory requirements implemented in that cloud provider, right? So when you run with Kubernetes and containers, I mean, you kind of do the transformation. So now you can take that app and run an infrastructure that allows you to deliver under those requirements as well, right? So that portability is the major driver than repatriation. >> And you would do that for latency reasons? >> For latency, yeah. >> Or data sovereign? >> Data sovereignty. >> Data sovereignty. >> Control. >> I mean, yeah. Availability of your application and data just in that region, right? >> Okay, so if the capability is not there in the cloud region, you come in and say, "Hey, we can do that on-prem or in a colo and get you what you need to comply to your EDX." >> Yeah, or potentially moves to a different cloud provider. It's just a lot more control that you're providing on customer at the end of the day. >> What's that move like? I mean, now you're moving data and everybody's going to complain about egress fees. >> Well, you shouldn't be... I think it's more of a one-time move. You're probably not going to be moving data between cloud providers regularly. But if for whatever reasons you decide that I'm going to stop running in X Cloud and I'm going to move to this cloud, what's the most seamless way to do? >> So a customer might say, "Okay, that's certification's not going to be available in this region or gov cloud or whatever for a year, I need this now." >> Yeah, or various commercial. Whatever it might be. >> "And I'm going to make the call now, one-way door, and I'm going to keep it on-prem." And then worry about it down the road. Okay, makes sense. >> Dan, I got to talk to you about the sustainability element there because it's increasingly becoming a priority for organizations in every industry where they need to work with companies that really have established sustainability programs. What are some of the factors that you talk with customers about as they have choice in all FlashArray between Pure and competitors where sustainability- >> Yeah, I mean we've leaned very heavily into that from a marketing standpoint recently because it has become so top of mind for so many customers. But at the end of the day, sustainability was built into the core of the Purity operating system in FlashArray back before it was FlashArray, right? In our early generation of products. The things that drive that sustainability of high density, high data reduction, small footprint, we needed to build that for Pure to exist as a company. And we are maybe kind of the last all-flash vendor standing that came ground up all-flash, not just the disc vendor that's refactored, right? And so that's sort of engineering from the ground up that's deeply, deeply into our software as a huge sustainability payout now. And we see that and that message is really, really resonating with customers. >> I haven't thought about that in a while. You actually are. I don't think there's any other... Nobody else made it through the knothole. And you guys hit escape velocity and then some. >> So we hit escape velocity and it hasn't slowed down, right? Earnings will be tomorrow, but the last many quarters have been pretty good. >> Yeah, we follow you pretty closely. I mean, there was one little thing in the pandemic and then boom! It's just kept cranking since, so. >> So at the end of the day though, right? We needed that level to be economically viable as a flash bender going against disc. And now that's really paying off in a sustainability equation as well because we consume so much less footprint, power cooling, all those factors. >> And there's been some headwinds with none pricing up until recently too that you've kind of blown right through. You know, you dealt with the supply issues and- >> Yeah, 'cause the overall... One, we've been, again, one of the few vendors that's been able to navigate supply really well. We've had no major delays in disruptions, but the TCO argument's real. Like at the end of the day, when you look at the cost of running on Pure, it's very, very compelling. >> Adam Selipsky made the statement, "If you're looking to tighten your belt, the cloud is the place to do it." Yeah, okay. It might be that, but... Maybe. >> Maybe, but you can... So again, we are seeing cloud customers that are traditional Pure data center customers that a few years ago said, "We're moving these applications into the cloud. You know, it's been great working with you. We love Pure. We'll have some on-prem footprint, but most of everything we're going to do is in the cloud." Those customers are coming back to us to keep running in the cloud. Because again, when you start to factor in things like thin provisioning, data reduction, those don't exist in the cloud. >> So, it's not repatriation. >> It's not repatriation. >> It's we want Pure in the cloud. >> Correct. We want your software. So that's why we built CBS, and we're seeing that come all the way through. >> There's another cost savings is on the... You know, with what we are doing with Kubernetes and containers and Portworx Data Services, right? So when we run Portworx Data Services, typically customers spend a lot of money in running the cloud managed services, right? Where there is obviously a sprawl of those, right? And then they end up spending a lot of item costs. So when we move that, like when they run their data, like when they move their databases to Portworx Data Services on Kubernetes, because of all of the other cost savings we deliver plus the licensing costs are a lot lower, we deliver 5X to 10X savings to our customers. >> Lisa: Significant. >> You know, significant savings on cloud as well. >> The operational things he's talking about, too. My Fusion engineering team is one of his largest customers from Portworx Data Services. Because we don't have DBAs on that team, it's just developers. But they need databases. They need to run those databases. We turn to PDS. >> This is why he pays my bills. >> And that's why you guys have to come back 'cause we're out of time, but I do have one final question for each of you. Same question. We'll start with you Dan, the Venkat we'll go to you. Billboard. Billboard or a bumper sticker. We'll say they're going to put a billboard on Castor Street in Mountain View near the headquarters about Pure, what does it say? >> The best container for containers. (Dave and Lisa laugh) >> Venkat, Portworx, what's your bumper sticker? >> Well, I would just have one big billboard that goes and says, "Got PX?" With the question mark, right? And let people start thinking about, "What is PX?" >> I love that. >> Dave: Got Portworx, beautiful. >> You've got a side career in marketing, I can tell. >> I think they moved him out of the engineering. >> Ah, I see. We really appreciate you joining us on the program this afternoon talking about Pure, Portworx, AWS. Really compelling stories about how you're helping customers just really make big decisions and save considerable costs. We appreciate your insights. >> Awesome. Great. Thanks for having us. >> Thanks, guys. >> Thank you. >> For our guests and for Dave Vellante, I'm Lisa Martin. You're watching theCUBE, the leader in live enterprise and emerging tech coverage. (upbeat music)

(bright music) >> Hello, everyone. Welcome back to live coverage day two or day one, day two for theCUBE, day one for the event. I'm John Furrier, host of theCUBE. It's the keynote analysis segment. Adam just finished coming off stage. I'm here with Dave Vellante and Zeus Kerravala, with principal analyst at ZK Research, Zeus, it's great to see you. Dave. Guys, the analysis is clear. AWS is going NextGen. You guys had a multi-day analyst sessions in on the pre-briefs. We heard the keynote, it's out there. Adam's getting his sea legs, so to speak, a lot of metaphors around ocean. >> Yeah. >> Space. He's got these thematic exploration as he chunked his keynote out into sections. Zeus, a lot of networking in there in terms of some of the price performance, specialized instances around compute, this end-to-end data services. Dave, you were all over this data aspect going into the keynote and obviously, we had visibility into this business transformation theme. What's your analysis? Zeus, we'll start with you. What's your take on what Amazon web service is doing this year and the keynote? What's your analysis? >> Well, I think, there was a few key themes here. The first one is I do think we're seeing better integration across the AWS portfolio. Historically, AWS makes a lot of stuff and it's not always been easy to use say, Aurora and Redshift together, although most customers buy them together. So, they announce the integration of that. It's a lot tighter now. It's almost like it could be one product, but I know they like to keep the product development separately. Also, I think, we're seeing a real legitimization of AWS in a bunch of areas where people said it wasn't possible before. Last year, Nasdaq said they're running in the cloud. The Options Exchange today announced that they're going to be moving to the cloud. Contact centers running the cloud for a lot of real time voice. And so, things that we looked at before and said those will never move to the cloud have now moved to the cloud. And I think, my third takeaway is just AWS is changing and they're now getting into areas to allow customers to do things they couldn't do before. So, if you look at what they're doing in the area of AI, a lot of their AI and ML services before were prediction. And I'm not saying you need an AI, ML to do prediction, was certainly a lot more accurate, but now they're getting into generative data. So, being able to create data where data didn't exist before and that's a whole new use case for 'em. So, AWS, I think, is actually for all the might and power they've had, it's actually stepping up and becoming a much different company now. >> Yeah, I had wrote that post. I had a one-on-one day, got used of the transcript with Adam Selipsky. He went down that route of hey, we going to change NextGen. Oh, that's my word. AWS Classic my word. The AWS Classic, the old school cloud, which a bunch of Lego blocks, and you got this new NextGen cloud with the ecosystems emerging. So, clearly, it's Amazon shifting. >> Yeah. >> But Dave, your breaking analysis teed out the keynote. You went into the whole cost recovery. We heard Adam talk about macro at the beginning of his keynote. He talked about economic impact, sustainability, big macro issues. >> Yeah. >> And then, he went into data and spent most of the time on the keynote on data. Tools, integration, governance, insights. You're all over that. You had that, almost your breaking analysis almost matched the keynote, >> Yeah. >> thematically, macro, cost savings right-sizing with the cloud. And last night, I was talking to some of the marketplace people, we think that the marketplace might be the center where people start managing their cost better. This could have an impact on the ecosystem if they're not in in the marketplace. So, again, so much is going on. >> What's your analogy? >> Yeah, there's so much to unpack, a couple things. One is we get so much insight from theCUBE community plus your sit down 101 with Adam Selipsky allowed us to gather some nuggets, and really, I think, predict pretty accurately. But the number one question I get, if I could hit the escape key a bit, is what's going to be different in the Adam Selipsky era that was different from the Jassy era. Jassy was all about the primitives. The best cloud. And Selipsky's got to double down on that. So, he's got to keep that going. Plus, he's got to do that end-to-end integration and he's got to do the deeper business integration, up the stack, if you will. And so, when you're thinking about the keynote and the spirit of keynote analysis, we definitely heard, hey, more primitives, more database features, more Graviton, the network stuff, the HPC, Graviton for HPC. So, okay, check on that. We heard some better end-to-end integration between the elimination of ETL between Aurora and Redshift. Zeus and I were sitting next to each other. Okay, it's about time. >> Yeah. >> Okay, finally we got that. So, that's good. Check. And then, they called it this thing, the Amazon data zones, which was basically extending Redshift data sharing within your organization. So, you can now do that. Now, I don't know if it works across regions. >> Well, they mentioned APIs and they have the data zone. >> Yep. And so, I don't know if it works across regions, but the interesting thing there is he specifically mentioned integration with Snowflake and Tableau. And so, that gets me to your point, at the end of the day, in order for Amazon, and this is why they win, to succeed, they've got to have this ecosystem really cranking. And that's something that is just the secret sauce of the business model. >> Yeah. And it's their integration into that ecosystem. I think, it's an interesting trend that I've seen for customers where everybody wanted best of breed, everybody wanted disaggregated, and their customers are having trouble now putting those building blocks together. And then, nobody created more building blocks than AWS. And so, I think, under Adam, what we're seeing is much more concerted effort to make it easier for customers to consume those building blocks in an easy way. And the AWS execs >> Yeah. >> I talked to yesterday all committed to that. It's easy, easy, easy. And I think that's why. (Dave laughing) Yeah, there's no question they've had a lead in cloud for a long time. But if they're going to keep that, that needs to be upfront. >> Well, you're close to this, how easy is it? >> Yeah. >> But we're going to have Adrian Cockcroft (Dave laughing) on at the end of the day today, go into one analysis. Now, that- >> Well, less difficult. >> How's that? (indistinct) (group laughing) >> There you go. >> Adrian retired from Amazon. He's a CUBE analyst retiree, but he had a good point. You can buy the bag of Lego blocks if you want primitives >> Yeah. >> or you can buy the toy that's glued together. And it works, but it breaks. And you can't really manage it, and you buy a new one. So, his metaphor was, okay, if the primitives allow you to construct a durable solutions, a lot harder relative to rolling your own, not like that, but also the simplest out-of-the box capability is what people want. They want solutions. We call Adam the solutions CEO. So, I think, you're going to start to see this purpose built specialized services allow the ecosystem to build those toys, so that the customers can have an out-of-the box experience while having the option for the AWS Classic, which is if you want durability, you want to tune it, you want to manage it, that's the way to go for the hardcore. Now, can be foundational, but I just see the solutions things being very much like an out-of-the-box. Okay, throw away, >> Yeah. >> buy a new toy. >> More and more, I'm saying less customers want to be that hardcore assembler of building blocks. And obviously, the really big companies do, but that line is moving >> Yeah. >> and more companies, I think, just want to run their business and they want those prebuilt solutions. >> We had to cut out of the keynote early. But I didn't hear a lot about... The example that they often use is Amazon Connect, the call center solution. >> Yeah. >> I didn't hear a lot to that in the keynote. Maybe it's happening right now, but look, at the end of the day, suites always win. The best of breed does well, (John laughing) takes off, generate a couple billion, Snowflake will grow, they'll get to 10 billion. But you look at Oracle, suites work. (laughs) >> Yeah. >> What I found interesting about the keynote is that he had this thematic exploration themes. First one was space that was like connect the dot, the nebula, different (mumbles) lens, >> Ocean. >> ask the right questions. (Dave laughing) >> Ocean was security which bears more, >> Yeah. >> a lot more needed to manage that oxygen going deep. Are you snorkeling? Are you scuba diving? Barely interesting amount of work. >> In Antarctica. >> Antarctica was the performance around how you handle tough conditions and you've got to get that performance. >> Dave: We're laughing, but it was good. >> But the day, the Ocean Day- >> Those are very poetic. >> I tweeted you, Dave, (Dave laughing) because I sit on theCUBE in 2011. I hate hail. (Dave laughing) It's the worst term ever. It's the day the ocean's more dynamic. It's a lot more flowing. Maybe 10 years too soon, Dave. But he announces the ocean theme and then says we have a Security Lake. So, like lake, ocean, little fun on words- >> I actually think the Security Lake is pretty meaningful, because we were listening to talk, coming over here talking about it, where I think, if you look at a lot of the existing solutions, security solutions there, I describe 'em as a collection of data ponds that you can view through one map, but they're not really connected. And the amount of data that AWS holds now, arguably more than any other company, if they're not going to provide the Security Lake, who is? >> Well, but staying >> Yeah. >> on security for a second. To me, the big difference between Azure and Amazon is the ecosystem. So, CrowdStrike, Okta, Zscaler, name it, CyberArk, Rapid7, they're all part of this ecosystem. Whereas Microsoft competes with all of those guys. >> Yes. Yeah. >> So it's a lot more white space than the Amazon ecosystem. >> Well, I want to get you guys to take on, so in your reaction, because I think, my vision of what what's happening here is that I think that whole data portion's going to be data as code. And I think, the ecosystem harvests the data play. If you look at AWS' key announcements here, Security Lake, price performance, they're going to optimize for those kinds of services. Look at security, okay, Security Lake, GuardDuty, EKS, that's a Docker. Docker has security problems. They're going inside the container and looking at threat detection inside containers with Kubernetes as the runtime. That's a little nuance point, but that's pretty significant, Dave. And they're now getting into, we're talking in the weeds on the security piece, adding that to their large scale security footprint. Security is going to be one of those things where if you're not on the inside of their security play, you're probably going to be on the outside. And of course, the price performance is going to be the killer. The networking piece surprise me. Their continuing to innovate on the network. What does that mean for Cisco? So many questions. >> We had Ajay Patel on yesterday for VMware. He's an awesome middleware guy. And I was asking about serverless and architectures. And he said, "Look, basically, serverless' great for stateless, but if you want to run state, you got to have control over the run time." But the point he made was that people used to think of running containers with straight VMs versus Fargate or Knative, if you choose, or serverless. They used to think of those as different architectures. And his point was they're all coming together. And it's now you're architecting and calling, which service you need. And that's how people are thinking about future architectures, which I think, makes a lot of sense. >> If you are running managed Kubernetes, which everyone's doing, 'cause no one's really building it in-house themselves. >> No. >> They're running it as managed service, skills gaps and a variety of other reasons. This EKS protection is very interesting. They're managing inside and outside the container, which means that gives 'em visibility on both sides, under the hood and inside the application layer. So, very nuanced point, Zeus. What's your reaction to this? And obviously, the networking piece, I'd love to get your thought. >> Well, security, obviously, it's becoming a... It's less about signatures and more of an analytics. And so, things happen inside the container and outside the container. And so, their ability to look on both sides of that allows you to happen threats in time, but then also predict threats that could happen when you spin the container up. And the difficulty with the containers is they are ephemeral. It's not like a VM where it's a persistent workload that you can do analysis on. You need to know what's going on with the container almost before it spins up. >> Yeah. >> And that's a much different task. So, I do think the amount of work they're doing with the containers gives them that entry into that and I think, it's a good offering for them. On the network side, they provide a lot of basic connectivity. I do think there's a role still for the Ciscos and the Aristas and companies like that to provide a layer of enhanced network services that connects multicloud. 'Cause AWS is never going to do that. But they've certainly, they're as legitimate network vendor as there is today. >> We had NetApp on yesterday. They were talking about latency in their- >> I'll tell you this, the analyst session, Steven Armstrong said, "You are going to hear us talk about multicloud." Yes. We're not going to necessarily lead with it. >> Without a mention. >> Yeah. >> But you said it before, never say never with Amazon. >> Yeah. >> We talk about supercloud and you're like, Dave, ultimately, the cloud guys are going to get into supercloud. They have to. >> Look, they will do multicloud. I predict that they will do multicloud. I'll tell you why. Just like in networking- >> Well, customers are asking for it. >> Well, one, they have the, not by design, but by defaulter and multiple clouds are in their environment. They got to deal with that. I think, the supercloud and sky cloud visions, there will be common services. Remember networking back in the old days when Cisco broke in as a startup. There was no real shortest path, first thinking. Policy came in after you connected all the routers together. So, right now, it's going to be best of breed, low latency, high performance. But I think, there's going to be a need in the future saying, hey, I want to run my compute on the slower lower cost compute. They already got segmentation by their announcements today. So, I think, you're going to see policy-based AI coming in where developers can look at common services across clouds and saying, I want to lock in an SLA on latency and compute services. It won't be super fast compared to say, on AWS, with the next Graviton 10 or whatever comes out. >> Yeah. >> So, I think, you're going to start to see that come in. >> Actually, I'm glad you brought Graviton up too, because the work they're doing in Silicon, actually I think, is... 'Cause I think, the one thing AWS now understands is some things are best optimized in Silicon, some at software layers, some in cloud. And they're doing work on all those layers. And Graviton to me is- >> John: Is a home run. >> Yeah. >> Well- >> Dave, they've got more instances, it's going to be... They already have Gravitons that's slower than the other versions. So, what they going to do, sunset them? >> They don't deprecate anything ever. So, (John laughing) Amazon paid $350 million. People believe that it's a number for Annapurna, which is like one of the best acquisitions in history. (group laughing) And it's given them, it's put them on an arm curve for Silicon that is blowing away Intel. Intel's finally going to get Sapphire Rapids out in January. Meanwhile, Amazon just keeps spinning out new Gravitons and Trainiums. >> Yeah. >> And so, they are on a price performance curve. And like you say, no developer ever wants to run on slower hardware, ever. >> Today, if there's a common need for multicloud, they might say, hey, I got the trade off latency and performance on common services if that's what gets me there. >> Sure. >> If there's maybe a business case to do that. >> Well, that's what they're- >> Which by the way, I want to.... Selipsky had strong quote I thought was, "If you're looking to tighten your belt, the cloud is the place >> Yeah. >> to do it." I thought >> I tweeted that. >> that was very strong. >> Yeah. >> Yeah. >> And I think, he's right. And then, the other point I want to make on that is, I think, I don't have any data on this, but I believe believe just based on some of the discussions I've had that most of Amazon's revenue is on demand. Paid by the drink. Those on demand customers are at risk, 'cause they can go somewhere else. So, they're trying to get you into optimized pricing, whether it's reserved instances or one year or three-year subscriptions. And so, they're working really hard at doing that. >> My prediction on that is that's a great point you brought up. My prediction is that the cost belt tightening is going to come in the marketplace, is going to be a major factor as companies want to get their belts tighten. How they going to do that, Dave? They're going to go in the marketplace saying, hey, I already overpaid a three-year commitment. Can I get some cohesively in there? Can I get some of this or that and the other thing? >> Yep. >> You're going to start to see the vendors and the ecosystem. If they're not in the marketplace, that's where I think, the customers will go. There are other choices to either cut their supplier base or renegotiate. I think, it's going to happen in the marketplace. Let's watch. I think, we're going to watch that grow. >> I actually think the optimization services that AWS has to help customers lower spend is a secret sauce for them that they... Customers tell me all the time, AWS comes in, they'll bring their costs down and they wind up spending more with them. >> Dave: Yeah. >> And the other cloud providers don't do that. And that has been almost a silver bullet for them to get customers to stay with them. >> Okay. And this is always the way. You drop the price of storage, you drop the price of memory, you drop the price of compute, people buy more. And in the question, long term is okay. And does AWS get commoditized? Is that where they're going? Or do they continue to thrive up the stack? John, you're always asking people about the bumper sticker. >> Hold on. (John drowns out Dave) Before we get the bumper sticker, I want to get into what we missed, what they missed on the keynote. >> Yeah, there are some blind spots. >> I think- >> That's good call. >> Let's go around the horn and think what did they miss? I'll start, I think, they missed the developer productivity angle. Supply chain software was not talked about at all. We see that at all the other conferences. I thought that could have been weaved in. >> Dave: You mean security in the supply chain? >> Just overall developer productivity has been one of the most constant themes I've seen at events. Who are building the apps? Who are the builders? What are they actually doing? Maybe Werner will bring that up on his last day, but I didn't hear Adam talk about it all, developer productivity. What's your take in this? >> Yeah, I think, on the security side, they announced security data lake. I think, the other cloud providers do a better job of providing insights on how they do security. With AWS, it's almost a black hole. And I know there's a careful line they walk between what they do, what their partners do. But I do think they could be a little clearer on how they operate, much like Azure and GCP. They announce a lot of stuff on how their operations works and things like that. >> I think, platform across cloud is definitely a blind spot for these guys. >> Yeah. >> I think, look at- >> But none of the cloud providers have embraced that, right? >> It's true. >> Yeah. >> Maybe Google a little bit >> Yeah. >> and Microsoft a little bit. Certainly, AWS hasn't at this point in time, but I think, they perceive the likes of Mongo and Snowflake and Databricks, and others as ISVs and they're not. They're platform players that are building across clouds. They're leveraging, they're building superclouds. So, I think that's an opportunity for the ecosystem. And very curious to see how Amazon plays there down the stream. So, John, what do you think is the bumper sticker? We're only in day one and a half here. What do you think so far the bumper sticker is for re:Invent 2022? >> Well, to me, the day one is about infrastructure performance with the whole what's in the data center? What's at the chip level? Today was about data, specialized services, and security. I think that was the key theme here. And then, that's going to sequence into how they're going to reorganize their ecosystem. They have a new leader, Ruba Borno, who's going to be leading the charge. They've integrated all their bespoke fragmented partner network pieces into one leadership. That's going to be really important to hear that. And then, finally, Werner for developers and event-based services, micro services. What that world's going on, because that's where the developers are. And ultimately, they build the app. So, you got infrastructure, data, specialized services, and security. Machine learning with Swami is going to be huge. And again, how do developers code it all up is going to be key. And is it the bag of Legos or the glued toy? (Dave chuckles) So, what do you want? Out-of-the-box or you want to build your own? >> And that's the bottom line is connecting those dots. All they got to be is good enough. I think, Zeus, to your point, >> Yep. >> if they're just good enough, less complicated, the will keep people on the base. >> Yeah. I think, the bumper stickers, the more you buy, the more you're saving. (John laughing) Because from an operational perspective, they are trying to bring down the complexity level. And with their optimization services and the way their credit model works, I do think they're trending down that path. >> And my bumper sticker's ecosystem, ecosystem, ecosystem. This company has 100,000 partners and that is a business model secret weapon. >> All right, there it is. The keynote announced. More analysis coming up. We're going to have the leader of (indistinct) coming up next, here on to break down their perspective, you got theCUBE's analyst perspective here. Thanks for watching. Day two, more live coverage for the next two more days, so stay with us. I'm John Furrier with Dave Vellante and Zeus Kerravala here on theCUBE. Be right back. (bright music)

from the cube studios in Palo Alto in Boston bringing you data-driven insights from the cube and ETR this is breaking analysis with Dave vellante the ascendancy of AWS under the leadership of Andy jassy was marked by a tsunami of data and corresponding cloud services to leverage that data now those Services they mainly came in the form of Primitives I.E basic building blocks that were used by developers to create more sophisticated capabilities AWS in the 2020s being led by CEO Adam solipski will be marked by four high-level Trends in our opinion one A Rush of data that will dwarf anything we've previously seen two a doubling or even tripling down on the basic elements of cloud compute storage database security Etc three a greater emphasis on end-to-end integration of AWS services to simplify and accelerate customer adoption of cloud and four significantly deeper business integration of cloud Beyond it as an underlying element of organizational operations hello and welcome to this week's wikibon Cube insights powered by ETR in this breaking analysis we extract and analyze nuggets from John furrier's annual sit-down with the CEO of AWS we'll share data from ETR and other sources to set the context for the market and competition in cloud and we'll give you our glimpse of what to expect at re invent in 2022. now before we get into the core of our analysis Alibaba has announced earnings they always announced after the big three you know a month later and we've updated our Q3 slash November hyperscale Computing forecast for the year as seen here and we're going to spend a lot of time on this as most of you have seen the bulk of it already but suffice to say alibaba's cloud business is hitting that same macro Trend that we're seeing across the board but a more substantial slowdown than we expected and more substantial than its peers they're facing China headwinds they've been restructuring its Cloud business and it's led to significantly slower growth uh in in the you know low double digits as opposed to where we had it at 15 this puts our year-end estimates for 2022 Revenue at 161 billion still a healthy 34 growth with AWS surpassing 80 billion in 2022 Revenue now on a related note one of the big themes in Cloud that we've been reporting on is how customers are optimizing their Cloud spend it's a technique that they use and when the economy looks a little shaky and here's a graphic that we pulled from aws's website which shows the various pricing plans at a high level as you know they're much more granular than that and more sophisticated but Simplicity we'll just keep it here basically there are four levels first one here is on demand I.E pay by the drink now we're going to jump down to what we've labeled as number two spot instances that's like the right place at the right time I can use that extra capacity in the moment the third is reserved instances or RIS where I pay up front to get a discount and the fourth is sort of optimized savings plans where customers commit to a one or three year term and for a better price now you'll notice we labeled the choices in a different order than AWS presented them on its website and that's because we believe that the order that we chose is the natural progression for customers this started on demand they maybe experiment with spot instances they move to reserve instances when the cloud bill becomes too onerous and if you're large enough you lock in for one or three years okay the interesting thing is the order in which AWS presents them we believe that on-demand accounts for the majority of AWS customer spending now if you think about it those on-demand customers they're also at risk customers yeah sure there's some switching costs like egress and learning curve but many customers they have multiple clouds and they've got experience and so they're kind of already up to a learning curve and if you're not married to AWS with a longer term commitment there's less friction to switch now AWS here presents the most attractive plan from a financial perspective second after on demand and it's also the plan that makes the greatest commitment from a lock-in standpoint now In fairness to AWS it's also true that there is a trend towards subscription-based pricing and we have some data on that this chart is from an ETR drill down survey the end is 300. pay attention to the bars on the right the left side is sort of busy but the pink is subscription and you can see the trend upward the light blue is consumption based or on demand based pricing and you can see there's a steady Trend toward subscription now we'll dig into this in a later episode of Breaking analysis but we'll share with you a little some tidbits with the data that ETR provides you can select which segment is and pass or you can go up the stack Etc but so when you choose is and paths 44 of customers either prefer or are required to use on-demand pricing whereas around 40 percent of customers say they either prefer or are required to use subscription pricing again that's for is so now the further mu you move up the stack the more prominent subscription pricing becomes often with sixty percent or more for the software-based offerings that require or prefer subscription and interestingly cyber security tracks along with software at around 60 percent that that prefer subscription it's likely because as with software you're not shutting down your cyber protection on demand all right let's get into the expectations for reinvent and we're going to start with an observation in data in this 2018 book seeing digital author David michella made the point that whereas most companies apply data on the periphery of their business kind of as an add-on function successful data companies like Google and Amazon and Facebook have placed data at the core of their operations they've operationalized data and they apply machine intelligence to that foundational element why is this the fact is it's not easy to do what the internet Giants have done very very sophisticated engineering and and and cultural discipline and this brings us to reinvent 2022 in the future of cloud machine learning and AI will increasingly be infused into applications we believe the data stack and the application stack are coming together as organizations build data apps and data products data expertise is moving from the domain of Highly specialized individuals to Everyday business people and we are just at the cusp of this trend this will in our view be a massive theme of not only re invent 22 but of cloud in the 2020s the vision of data mesh We Believe jamachtagani's principles will be realized in this decade now what we'd like to do now is share with you a glimpse of the thinking of Adam solipsky from his sit down with John Furrier each year John has a one-on-one conversation with the CEO of AWS AWS he's been doing this for years and the outcome is a better understanding of the directional thinking of the leader of the number one Cloud platform so we're now going to share some direct quotes I'm going to run through them with some commentary and then bring in some ETR data to analyze the market implications here we go this is from solipsky quote I.T in general and data are moving from departments into becoming intrinsic parts of how businesses function okay we're talking here about deeper business integration let's go on to the next one quote in time we'll stop talking about people who have the word analyst we inserted data he meant data data analyst in their title rather will have hundreds of millions of people who analyze data as part of their day-to-day job most of whom will not have the word analyst anywhere in their title we're talking about graphic designers and pizza shop owners and product managers and data scientists as well he threw that in I'm going to come back to that very interesting so he's talking about here about democratizing data operationalizing data next quote customers need to be able to take an end-to-end integrated view of their entire data Journey from ingestion to storage to harmonizing the data to being able to query it doing business Intelligence and human-based Analysis and being able to collaborate and share data and we've been putting together we being Amazon together a broad Suite of tools from database to analytics to business intelligence to help customers with that and this last statement it's true Amazon has a lot of tools and you know they're beginning to become more and more integrated but again under jassy there was not a lot of emphasis on that end-to-end integrated view we believe it's clear from these statements that solipsky's customer interactions are leading him to underscore that the time has come for this capability okay continuing quote if you have data in one place you shouldn't have to move it every time you want to analyze that data couldn't agree more it would be much better if you could leave that data in place avoid all the ETL which has become a nasty three-letter word more and more we're building capabilities where you can query that data in place end quote okay this we see a lot in the marketplace Oracle with mySQL Heatwave the entire Trend toward converge database snowflake [ __ ] extending their platforms into transaction and analytics respectively and so forth a lot of the partners are are doing things as well in that vein let's go into the next quote the other phenomenon is infusing machine learning into all those capabilities yes the comments from the michelleographic come into play here infusing Ai and machine intelligence everywhere next one quote it's not a data Cloud it's not a separate Cloud it's a series of broad but integrated capabilities to help you manage the end-to-end life cycle of your data there you go we AWS are the cloud we're going to come back to that in a moment as well next set of comments around data very interesting here quote data governance is a huge issue really what customers need is to find the right balance of their organization between access to data and control and if you provide too much access then you're nervous that your data is going to end up in places that it shouldn't shouldn't be viewed by people who shouldn't be viewing it and you feel like you lack security around that data and by the way what happens then is people overreact and they lock it down so that almost nobody can see it it's those handcuffs there's data and asset are reliability we've talked about that for years okay very well put by solipsky but this is a gap in our in our view within AWS today and we're we're hoping that they close it at reinvent it's not easy to share data in a safe way within AWS today outside of your organization so we're going to look for that at re invent 2022. now all this leads to the following statement by solipsky quote data clean room is a really interesting area and I think there's a lot of different Industries in which clean rooms are applicable I think that clean rooms are an interesting way of enabling multiple parties to share and collaborate on the data while completely respecting each party's rights and their privacy mandate okay again this is a gap currently within AWS today in our view and we know snowflake is well down this path and databricks with Delta sharing is also on this curve so AWS has to address this and demonstrate this end-to-end data integration and the ability to safely share data in our view now let's bring in some ETR spending data to put some context around these comments with reference points in the form of AWS itself and its competitors and partners here's a chart from ETR that shows Net score or spending momentum on the x-axis an overlap or pervasiveness in the survey um sorry let me go back up the net scores on the y-axis and overlap or pervasiveness in the survey is on the x-axis so spending momentum by pervasiveness okay or should have share within the data set the table that's inserted there with the Reds and the greens that informs us to how the dots are positioned so it's Net score and then the shared ends are how the plots are determined now we've filtered the data on the three big data segments analytics database and machine learning slash Ai and we've only selected one company with fewer than 100 ends in the survey and that's databricks you'll see why in a moment the red dotted line indicates highly elevated customer spend at 40 percent now as usual snowflake outperforms all players on the y-axis with a Net score of 63 percent off the charts all three big U.S cloud players are above that line with Microsoft and AWS dominating the x-axis so very impressive that they have such spending momentum and they're so large and you see a number of other emerging data players like rafana and datadog mongodbs there in the mix and then more established players data players like Splunk and Tableau now you got Cisco who's gonna you know it's a it's a it's a adjacent to their core networking business but they're definitely into you know the analytics business then the really established players in data like Informatica IBM and Oracle all with strong presence but you'll notice in the red from the momentum standpoint now what you're going to see in a moment is we put red highlights around databricks Snowflake and AWS why let's bring that back up and we'll explain so there's no way let's bring that back up Alex if you would there's no way AWS is going to hit the brakes on innovating at the base service level what we call Primitives earlier solipsky told Furrier as much in their sit down that AWS will serve the technical user and data science Community the traditional domain of data bricks and at the same time address the end-to-end integration data sharing and business line requirements that snowflake is positioned to serve now people often ask Snowflake and databricks how will you compete with the likes of AWS and we know the answer focus on data exclusively they have their multi-cloud plays perhaps the more interesting question is how will AWS compete with the likes of Specialists like Snowflake and data bricks and the answer is depicted here in this chart AWS is going to serve both the technical and developer communities and the data science audience and through end-to-end Integrations and future services that simplify the data Journey they're going to serve the business lines as well but the Nuance is in all the other dots in the hundreds or hundreds of thousands that are not shown here and that's the AWS ecosystem you can see AWS has earned the status of the number one Cloud platform that everyone wants to partner with as they say it has over a hundred thousand partners and that ecosystem combined with these capabilities that we're discussing well perhaps behind in areas like data sharing and integrated governance can wildly succeed by offering the capabilities and leveraging its ecosystem now for their part the snowflakes of the world have to stay focused on the mission build the best products possible and develop their own ecosystems to compete and attract the Mind share of both developers and business users and that's why it's so interesting to hear solipski basically say it's not a separate Cloud it's a set of integrated Services well snowflake is in our view building a super cloud on top of AWS Azure and Google when great products meet great sales and marketing good things can happen so this will be really fun to watch what AWS announces in this area at re invent all right one other topic that solipsky talked about was the correlation between serverless and container adoption and you know I don't know if this gets into there certainly their hybrid place maybe it starts to get into their multi-cloud we'll see but we have some data on this so again we're talking about the correlation between serverless and container adoption but before we get into that let's go back to 2017 and listen to what Andy jassy said on the cube about serverless play the clip very very earliest days of AWS Jeff used to say a lot if I were starting Amazon today I'd have built it on top of AWS we didn't have all the capability and all the functionality at that very moment but he knew what was coming and he saw what people were still able to accomplish even with where the services were at that point I think the same thing is true here with Lambda which is I think if Amazon were starting today it's a given they would build it on the cloud and I think we with a lot of the applications that comprise Amazon's consumer business we would build those on on our serverless capabilities now we still have plenty of capabilities and features and functionality we need to add to to Lambda and our various serverless services so that may not be true from the get-go right now but I think if you look at the hundreds of thousands of customers who are building on top of Lambda and lots of real applications you know finra has built a good chunk of their market watch application on top of Lambda and Thompson Reuters has built you know one of their key analytics apps like people are building real serious things on top of Lambda and the pace of iteration you'll see there will increase as well and I really believe that to be true over the next year or two so years ago when Jesse gave a road map that serverless was going to be a key developer platform going forward and so lipsky referenced the correlation between serverless and containers in the Furrier sit down so we wanted to test that within the ETR data set now here's a screen grab of The View across 1300 respondents from the October ETR survey and what we've done here is we've isolated on the cloud computing segment okay so you can see right there cloud computing segment now we've taken the functions from Google AWS Lambda and Microsoft Azure functions all the serverless offerings and we've got Net score on the vertical axis we've got presence in the data set oh by the way 440 by the way is highly elevated remember that and then we've got on the horizontal axis we have the presence in the data center overlap okay that's relative to each other so remember 40 all these guys are above that 40 mark okay so you see that now what we're going to do this is just for serverless and what we're going to do is we're going to turn on containers to see the correlation and see what happens so watch what happens when we click on container boom everything moves to the right you can see all three move to the right Google drops a little bit but all the others now the the filtered end drops as well so you don't have as many people that are aggressively leaning into both but all three move to the right so watch again containers off and then containers on containers off containers on so you can see a really major correlation between containers and serverless okay so to get a better understanding of what that means I call my friend and former Cube co-host Stu miniman what he said was people generally used to think of VMS containers and serverless as distinctly different architectures but the lines are beginning to blur serverless makes things simpler for developers who don't want to worry about underlying infrastructure as solipsky and the data from ETR indicate serverless and containers are coming together but as Stu and I discussed there's a spectrum where on the left you have kind of native Cloud VMS in the middle you got AWS fargate and in the rightmost anchor is Lambda AWS Lambda now traditionally in the cloud if you wanted to use containers developers would have to build a container image they have to select and deploy the ec2 images that they or instances that they wanted to use they have to allocate a certain amount of memory and then fence off the apps in a virtual machine and then run the ec2 instances against the apps and then pay for all those ec2 resources now with AWS fargate you can run containerized apps with less infrastructure management but you still have some you know things that you can you can you can do with the with the infrastructure so with fargate what you do is you'd build the container images then you'd allocate your memory and compute resources then run the app and pay for the resources only when they're used so fargate lets you control the runtime environment while at the same time simplifying the infrastructure management you gotta you don't have to worry about isolating the app and other stuff like choosing server types and patching AWS does all that for you then there's Lambda with Lambda you don't have to worry about any of the underlying server infrastructure you're just running code AS functions so the developer spends their time worrying about the applications and the functions that you're calling the point is there's a movement and we saw in the data towards simplifying the development environment and allowing the cloud vendor AWS in this case to do more of the underlying management now some folks will still want to turn knobs and dials but increasingly we're going to see more higher level service adoption now re invent is always a fire hose of content so let's do a rapid rundown of what to expect we talked about operate optimizing data and the organization we talked about Cloud optimization there'll be a lot of talk on the show floor about best practices and customer sharing data solipsky is leading AWS into the next phase of growth and that means moving beyond I.T transformation into deeper business integration and organizational transformation not just digital transformation organizational transformation so he's leading a multi-vector strategy serving the traditional peeps who want fine-grained access to core services so we'll see continued Innovation compute storage AI Etc and simplification through integration and horizontal apps further up to stack Amazon connect is an example that's often cited now as we've reported many times databricks is moving from its stronghold realm of data science into business intelligence and analytics where snowflake is coming from its data analytics stronghold and moving into the world of data science AWS is going down a path of snowflake meet data bricks with an underlying cloud is and pass layer that puts these three companies on a very interesting trajectory and you can expect AWS to go right after the data sharing opportunity and in doing so it will have to address data governance they go hand in hand okay price performance that is a topic that will never go away and it's something that we haven't mentioned today silicon it's a it's an area we've covered extensively on breaking analysis from Nitro to graviton to the AWS acquisition of Annapurna its secret weapon new special specialized capabilities like inferential and trainium we'd expect something more at re invent maybe new graviton instances David floyer our colleague said he's expecting at some point a complete system on a chip SOC from AWS and maybe an arm-based server to eventually include high-speed cxl connections to devices and memories all to address next-gen applications data intensive applications with low power requirements and lower cost overall now of course every year Swami gives his usual update on machine learning and AI building on Amazon's years of sagemaker innovation perhaps a focus on conversational AI or a better support for vision and maybe better integration across Amazon's portfolio of you know large language models uh neural networks generative AI really infusing AI everywhere of course security always high on the list that reinvent and and Amazon even has reinforce a conference dedicated to it uh to security now here we'd like to see more on supply chain security and perhaps how AWS can help there as well as tooling to make the cio's life easier but the key so far is AWS is much more partner friendly in the security space than say for instance Microsoft traditionally so firms like OCTA and crowdstrike in Palo Alto have plenty of room to play in the AWS ecosystem we'd expect of course to hear something about ESG it's an important topic and hopefully how not only AWS is helping the environment that's important but also how they help customers save money and drive inclusion and diversity again very important topics and finally come back to it reinvent is an ecosystem event it's the Super Bowl of tech events and the ecosystem will be out in full force every tech company on the planet will have a presence and the cube will be featuring many of the partners from the serial floor as well as AWS execs and of course our own independent analysis so you'll definitely want to tune into thecube.net and check out our re invent coverage we start Monday evening and then we go wall to wall through Thursday hopefully my voice will come back we have three sets at the show and our entire team will be there so please reach out or stop by and say hello all right we're going to leave it there for today many thanks to Stu miniman and David floyer for the input to today's episode of course John Furrier for extracting the signal from the noise and a sit down with Adam solipski thanks to Alex Meyerson who was on production and manages the podcast Ken schiffman as well Kristen Martin and Cheryl Knight helped get the word out on social and of course in our newsletters Rob hoef is our editor-in-chief over at siliconangle does some great editing thank thanks to all of you remember all these episodes are available as podcasts wherever you listen you can pop in the headphones go for a walk just search breaking analysis podcast I published each week on wikibon.com at siliconangle.com or you can email me at david.valante at siliconangle.com or DM me at di vallante or please comment on our LinkedIn posts and do check out etr.ai for the best survey data in the Enterprise Tech business this is Dave vellante for the cube insights powered by ETR thanks for watching we'll see it reinvent or we'll see you next time on breaking analysis [Music]

>>Good morning and welcome back to Detroit, Michigan. My name is Savannah Peterson and I'm here on set of the cube, my co-host John Farer. How you doing this morning, John? >>Doing great. Feeling fresh. Day two of three days of coverage, feeling >>Fresh. That is that for being in the heat of the conference. I love that attitude. It's gonna >>Be a great day today. We'll see you at the end of the day. Yeah, >>Well, we'll hold him to it. All right, everyone hold 'em accountable. Very excited to start the day off with an internet, a legend as well as a cube og. We are joined this morning by Matt Klein. Matt, welcome to the show. >>Thanks for having me. Good to see you. Yep. >>It's so, what's the vibe? Day two, Everyone's buzzing. What's got you excited at the show? You've been here before, but it's been three years you >>Mentioned. I, I was saying it's been three years since I've been to a conference, so it's been interesting for me to see what is, what is the same and what is different pre and post covid. But just really great to see everyone here again and nice to not be sitting in my home by myself. >>You know, Savannah said you're an OG and we were referring before we came on camera that you were your first came on the Cub in 2017, second Cuban event. But you were, I think, on the first wave of what I call the contributor momentum, where CNCF really got the traction. Yeah. You were at Lift, Envoy was contributed and that was really hyped up and I remember that vividly. It was day zero they called it back then. Yeah. And you got so much traction. People are totally into it. Yeah. Now we've got a lot of that going on now. Right. A lot of, lot of day Zero events. They call 'em co, co-located events. You got web assembly, a lot of other hype out there. What do you see out there that you like? How would you look at some of these other Sure. Communities that are developing, What's the landscape look like as you look out? Because Envoy set the table, what is now a standard >>Practice. Yeah. What's been so interesting for me just to come here to the conference is, you know, we open source Envoy in 2016. We donated in 2017. And as you mentioned at that time, Envoy was, you know, everyone wanted to talk about Envoy. And you know, much to my amazement, Envoy is now pervasive. I mean, it's used everywhere around the world. It's like, never in my wildest dreams would I have imagined that it would be so widely used. And it's almost gotten to the point where it's become boring. You know, It's just assumed that Envoy is, is everywhere. And now we're hearing a lot about Eeb p f and Web assembly and GI ops and you know, AI and a bunch of other things. So it's, it's actually great. It's made me very happy that it's become so pervasive, but it's also fun. Yeah. We mention to, to look around all other stuff >>Like congratulate. It's just a huge accomplishment really. I think it's gonna be historic, historical moment for the industry too. But I like how it progressed. I mean, I don't mind hype cycles as long as it's some vetting. Sure. Of course. You know, use cases that are clearly defined, but you gotta get that momentum in the community, but then you start gotta get down to, to business. Yep. So, so to speak and get it deployed, get traction. Yep. What should projects look like? And, and give us the update on Envoy. Cause you guys have a, a great use case of how you got traction. Right. Take us through some of the early days of what made Envoy successful in your opinion. Great question. >>Yeah. You know, I, I think Envoy is fairly unique around this conference in the sense that Envoy was developed by Lyft, which is an end user company. And many of the projects in this ecosystem, you know, no judgment, for better or worse, they are vendor backed. And I think that's a different delivery mechanism when it's coming from an end user where you're solving a, a particular business case. So Envoy was really developed for Lyft in a, you know, very early scaling days and just, you know, trying to help Lyft solve its business problems. So I think when Envoy was developed, we were, you know, scaling, we were falling over and actually many other companies were having similar problems. So I think Envoy became very widely deployed because many companies were having similar issues. So Envoy just became pervasive among lift peer companies. And then we saw a lot of vendor uptake in the service mesh space in the API gateway space among large internet providers. So, I I I, I think it's just, it's an interesting case because I think when you're solving real problems on the ground, in some ways it's easier to actually get adoption than if you're trying to develop it from a commercial backing. >>And that's the class, I mean, almost, It's almost like open source product market fit. It is in its own way. Cause you have a problem. Absolutely. Other people have the same problem finding >>Too. I mean, it's, it's designed thinking from >>A different, When, when I talk to people about open source, I like to tell people that I do not think it's any different than starting a company. I actually think it's all the same problems finding pro product, market fit, hiring, like finding contributors and maintainers, like doing PR and marketing. Yeah. Getting team together, traction, getting, getting funding. I mean, you have to have money to do all these things. Yeah. So I think a lot of people think of open source as I, I don't know, you know, this fantastic collaborative effort and, and it is that, but there's a lot more to it. Yeah. And it is much more akin to starting a >>Company. Let's, let's just look at that for a second. Cause I think that's a good point. And I was having a conversation in the hallway two nights ago on this exact point. If the power dynamics of a startup in the open source, as you point out, is just different, it's community based. So there are things you just gotta be mindful of. It's not top down. >>Exactly. It's not like, >>Right. You know, go take that hill. It's really consensus based, but it is a startup. All those elements are in place. Absolutely. You need leadership, you gotta have debates, alignment, commit, You gotta commit to a vision. Yep. You gotta make adjustments. Build the trajectory. So based on that, I mean, do you see more end user traction? Cause I was, we were talking also about Intuit, they donated some of their tow code R goes out there. Yep. R go see the CDR goes a service. Where's the end user contributions to these days? Do you feel like it's good, still healthy? >>I, I mean, I, I'm, I'm biased. I would like to see more. I think backstage outta Spotify is absolutely fantastic. That's an area just in terms of developer portals and developer efficiency that I think has been very underserved. So seeing Backstage come outta Spotify where they've used it for years, and I think we've already seen they had a huge date, you know, day one event. And I, I think we're gonna see a lot more out of that >>Coming from, I'm an end user, pretend I'm an end user, so pretend I have some code. I want to, Oh man, I'm scared. I don't am I'm gonna lose my competitive edge. What's the, how do you talk to the enterprise out there that might be thinking about putting their project out there for whether it's the benefit of the community, developing talent, developing the product? >>Sure. Yeah. I would say that I, I would ask everyone to think through all of the pros and cons of doing that because it's not for free. I mean, doing open source is costly. It takes developer time, you know, it takes management time, it takes budgeting dollars. But the benefits if successful can be huge, right? I mean, it can be just in terms of, you know, getting people into your company, getting users, getting more features, all of that. So I would always encourage everyone to take a very pragmatic and realistic view of, of what is required to make that happen. >>What was that decision like at Lyft >>When you I I'm gonna be honest, it was very naive. I I think we've, of that we think we need to know. No, just didn't know. Yeah. I think a lot of us, myself included, had very minimal open source experience. And had we known, or had I known what would've happened, I, I still would've done it. But I, I'm gonna be honest, the last seven years have aged me what I feel like is like 70 or a hundred. It's been a >>But you say you look out in the landscape, you gotta take pride, look at what's happened. Oh, it's, I mean, it's like you said, it >>Matured fantastic. I would not trade it for anything, but it has, it has been a journey. What >>Was the biggest surprise? What was the most eye opening thing about the journey for you? >>I, I think actually just the recognition of all of the non-technical things that go into making these things a success. I think at a conference like this, people think a lot about technology. It is a technology conference, but open source is business. It really is. I mean, it, it takes money to keep it going. It takes people to keep >>It going. You gotta sell people on the concepts. >>It takes leadership to keep it going. It takes internal, it takes marketing. Yeah. So for me, what was most eyeopening is over the last five to seven years, I feel like I actually have not developed very many, if any technical skills. But my general leadership skills, you know, that would be applicable again, to running a business have applied so well to, to >>Growing off, Hey, you put it out there, you hear driving the ship. It's good to do that. They need that. It really needs it. And the results speak for itself and congratulations. Yeah. Thank you. What's the update on the project? Give us an update because you're seeing, seeing a lot of infrastructure people having the same problem. Sure. But it's also, the environments are a little bit different. Some people have different architectures. Absolutely different, more cloud, less cloud edges exploding. Yeah. Where does Envoy fit into the landscape they've seen and what's the updates? You've got some new things going on. Give the updates on what's going on with the project Sure. And then how it sits in the ecosystem vis-a-vis what people may use it for. >>Yeah. So I'm, from a core project perspective, honestly, things have matured. Things have stabilized a bit. So a lot of what we focus on now are less Big bang features, but more table stakes. We spend a lot of time on security. We spend a lot of time on software supply chain. A topic that you're probably hearing a lot about at this conference. We have a lot of software supply chain issues. We have shipped Quicken HTB three over the last year. That's generally available. That's a new internet protocol still work happening on web assembly where ha doing a lot of work on our build and release pipeline. Again, you would think that's boring. Yeah. But a lot of people want, you know, packages for their fedora or their ADU or their Docker images. And that takes a lot of effort. So a lot of what we're doing now is more table stakes, just realizing that the project is used around the world very widely. >>Yeah. The thing that I'm most interested in is, we announced in the last six months a project called Envoy Gateway, which is layered on top of Envoy. And the goal of Envoy Gateway is to make it easier for people to run Envoy within Kubernetes. So essentially as an, as an ingress controller. And Envoy is a project historically, it is a very sophisticated piece of software, very complicated piece of software. It's not for everyone. And we want to provide Envoy Gateway as a way of onboarding more users into the Envoy ecosystem and making Envoy the, the default API gateway or edge proxy within Kubernetes. But in terms of use cases, we see Envoy pervasively with service mesh, API gateway, other types of low balancing cases. I mean, honestly, it's, it's all over the place at >>This point. I'm curious because you mentioned it's expanded beyond your wildest dreams. Yeah. And how could you have even imagined what Envoy was gonna do? Is there a use case or an application that really surprised you? >>You know, I've been asked that before and I, it's hard for me to answer that. It's, it's more that, I mean, for example, Envoy is used by basically every major internet company in China. I mean, like, wow. Everyone in China uses Envoy, like TikTok, like Alibaba. I mean like everyone, all >>The large sale, >>Everyone. You know, and it's used, it's used in the, I'm just, it's not just even the us. So I, I think the thing that has surprised me more than individual use cases is just the, the worldwide adoption. You know, that something could be be everywhere. And that I think, you know, when I open my phone and I'm opening all of these apps on my phone, 80 or 90% of them are going through Envoy in some form. Yeah. You know, it's, it's just that pervasive, I blow your mind a little bit sometimes >>That does, that's why you say plumber on your Twitter handle as your title. Cause you're working on all these things that are like really important substrate issues, Right. For scale, stability, growth. >>And, you know, to, I, I guess the only thing that I would add is, my goal for Envoy has always been that it is that boring, transparent piece of technology. Kind of similar to Linux. Linux is everywhere. Right? But no one really knows that they're using Linux. It's, it's justs like Intel inside, we're not paying attention. It's just there, there's >>A core group working on, if they have pride, they understand the mission, the importance of it, and they make their job is to make it invisible. >>Right. Exactly. >>And that's really ease of use. What's some of the ease of use sways and, and simplicity that you're working on, if you can talk about that. Because to be boring, you gotta be simpler and easier. All boring complex is unique is not boring. Complex is stressful. No, >>I I think we approach it in a couple different ways. One of them is that because we view Envoy as a, as a base technology in the ecosystem, we're starting to see, you know, not only vendors, but other open source projects that are being built on top of Envoy. So things like API Gateway, sorry, Envoy Gateway or you know, projects like Istio or all the other projects that are out there. They use Envoy as a component, but in some sense Envoy is a, as a transparent piece of that system. Yeah. So I'm a big believer in the ecosystem that we need to continue to make cloud native easier for, for end users. I still think it's too complicated. And so I think we're there, we're, we're pushing up the stack a bit. >>Yeah. And that brings up a good point. When you start seeing people building on top of things, right? That's enabling. So as you look at the enablement of Envoy, what are some of the things you see out on the horizon if you got the 20 mile stare out as you check these boring boxes, make it more plumbing, Right? Stable. You'll have a disruptive enabling platform. Yeah. What do you see out there? >>I am, you know, I, again, I'm not a big buzzword person, but, so some people call it serverless functions as a service, whatever. I'm a big believer in platforms in the sense that I really believe in the next 10 to 15 years, developers, they want to provide code. You know, they want to call APIs, they want to use pub subsystems, they want to use cas and databases. And honestly, they don't care about container scheduling or networking or load balancing or any of >>These things. It's handled in the os >>They just want it to be part of the operating system. Yeah, exactly. So I, I really believe that whether it's an open source or in cloud provider, you know, package solutions, that we're going to be just moving increasingly towards systems likes Lambda and Fargate and Google Cloud Run and Azure functions and all those kinds of things. And I think that when you do that much of the functionality that has historically powered this conference like Kubernetes and Onvoy, these become critical but transparent components that people don't, they're not really aware of >>At that point. Yeah. And I think that's a great call out because one of the things we're seeing is the market forces of, of this evolution, what you just said is what has to happen Yep. For digital transformation to, to get to its conclusion. Yep. Which means that everything doesn't have to serve the business, it is the business. Right. You know it in the old days. Yep. Engineers, they serve the business. Like what does that even mean? Yep. Now, right. Developers are the business, so they need that coding environment. So for your statement to happen, that simplicity in visibility calling is invisible os has to happen. So it brings up the question in open source, the trend is things always work itself out on the wash, as we say. So when you start having these debates and the alignment has to come at some point, you can't get to those that stay without some sort of defacto or consensus. Yep. And even standards, I'm not a big be around hardcore standards, but we can all agree and have consensus Sure. That will align behind, say Kubernetes, It's Kubernetes a standard. It's not like an i e you know, but this next, what, what's your reaction to this? Because this alignment has to come after debate. So all the process contending for I am the this of that. >>Yeah. I'm a look, I mean, I totally see the value in like i e e standards and, and there's a place for that. At the same time, for me personally as a technologist, as an engineer, I prefer to let the, the market as it were sort out what are the defacto standards. So for example, at least with Envoy, Envoy has an API that we call Xds. Xds is now used beyond Envoy. It's used by gc, it's used by proprietary systems. And I'm a big believer that actually Envoy in its form is probably gonna go away before Xds goes away. So in some ways Xds has become a defacto standard. It's not an i e e standard. Yeah. We, we, we have been asked about whether we should do that. Yeah. But I just, I I think the >>It becomes a component. >>It becomes a component. Yeah. And then I think people gravitate towards these things that become de facto standards. And I guess I would rather let the people on the show floor decide what are the standards than have, you know, 10 people sitting in a room figure out >>The community define standards versus organizational institutional defined standards. >>And they both have places a >>Hundred percent. Yeah, sure. And, and there's social proof in both of them. Yep. >>Frankly, >>And we were saying on the cube that we believe that the developers will decide the standard. Sure. Because that's what you're basically saying. They're deciding what they do with their code. Right. And over time, as people realize the trade of, hey, if everyone's coding this right. And makes my life easier to get to that state of nirvana and enlightenment, as we would say. Yeah. Yeah. >>Starting strong this morning. John, I I love this. I'm curious, you mentioned Backstage by Spotify wonderful example. Do you think that this is a trend we're gonna see with more end users >>Creating open source projects? Like I, you know, I hope so. The flip side of that, and as we all know, we're entering an uncertain economic time and it can be hard to justify the effort that it takes to do it well. And what I typically counsel people when they are about to open source something is don't do it unless you're ready to commit the resources. Because opensourcing something and not supporting it. Yeah. I actually can be think, I think it'd be worse. >>It's an, it's insult that people, you're asking to commit to something. Exactly. Needs of time, need the money investment, you gotta go all in and push. >>So I, so I very much want to see it and, and I want to encourage that here, but it's hard for me to look into the crystal ball and know, you know, whether it's gonna happen more >>Or less at what point there were, are there too many projects? You know, I mean, but I'm not, I mean this in, in a, in a negative way. I mean it more in the way of, you know, you mentioned supply chain. We were riffing on the cube about at some point there's gonna be so much code open source continuing thundering away with, with the value that you're just gluing things. Right. I don't need the code, this code there. Okay. What's in the code? Okay. Maybe automation can help out on supply chain. Yeah. But ultimately composability is the new >>Right? It is. Yeah. And, and I think that's always going to be the case. Case. Good thing. It is good thing. And I, I think that's just, that's just the way of things for sure. >>So no code will be, >>I think, I think we're seeing a lot of no code situations that are working great for people. And, and, but this is actually really no different than my, than my serverless arguing from before. Just as a, as a, a slight digression. I'm building something new right now and you know, we're using cloud native technologies and all this stuff and it's still, >>What are you building? >>Even as a I'm, I'm gonna keep that, I'm gonna keep that secret. I know I'm, but >>We'll find out on Twitter. We're gonna find out now that we know it. Okay. Keep on mystery. You open that door. We're going down see in a couple weeks. >>Front >>Page is still an angle. >>But I, I was just gonna say that, you know, and I consider myself, you know, you're building something, I'm, I see myself an expert in the cloud native space. It's still difficult, It's difficult to, to pull together these technologies and I think that we will continue to make it easier for people. >>What's the biggest difficulties? Can you give us some examples? >>Well, just, I mean, we still live in a big mess of yammel, right? Is a, there's a, there's a lot of yaml out there. And I think just wrangling all of that in these systems, there's still a lot of cobbling together where I think that there can be unified platforms that make it easier for us to focus on our application logic. >>Yeah. I gotta ask you a question cuz I've talked to college kids all the time. My son's a junior in CS and he's, you know, he's coding away. What would you, how does a student or someone who's learning figure out where, who they are? Because there's now, you know, you're either into the infrastructure under the hood Yeah. Or you're, cuz that's coding there option now coding the way your infrastructure people are working on say the boring stuff so everyone else can have ease of use. And then what is just, I wanna just code, there's two types of personas. How does someone know who they are? >>My, when I give people career advice, my biggest piece of advice to them is in the first five to seven to 10 years of their career, I encourage people to do different things like every say one to two to three years. And that doesn't mean like quitting companies and changing companies, it could mean, you know, within a company that they join doing different teams, you know, working on front end versus back end. Because honestly I think people don't know. I think it's actually very, Yeah. Our industry is so broad. Yeah. That I think it's almost impossible to >>Know. You gotta get your hands dirty to jump >>In order to know what you like. And for me, in my career, you know, I've dabbled in different areas, but I've always come back to infrastructure, you know, that that's what I enjoy >>The most. Okay. You gotta, you gotta taste everything. See what you, what >>You like. Exactly. >>Right. Last question for you, Matt. It's been three years since you were here. Yep. What do you hope that we're able to say next year? That we can't say this year? Hmm. Beyond the secrets of your project, which hopefully we will definitely be discussing then. >>You know, I I, I don't have anything in particular. I would just say that I would like to see more movement towards projects that are synthesizing and making it easier to use a lot of the existing projects that we have today. So for example, I'm, I'm very bullish on backstage. Like I, I've, I've always said that we need better developer UIs that are not CLIs. Like I know it's a general perception among many people. Totally agree with you. Frankly, you're not a real systems engineer unless you type on the command line. I, I think better user interfaces are better for humans. Yep. So just for a project like Backstage to be more integrated with the rest of the projects, whether that be Envo or Kubernete or Argo or Flagger. I, I just, I think there's tremendous potential for further integration of some >>Of these projects. It just composability That makes total sense. Yep. Yep. You're, you're op you're operating and composing. >>Yep. And there's no reason that user experience can't be better. And then more people can create and build. So I think it's awesome. Matt, thank you so much. Thank you. Yeah, this has been fantastic. Be sure and check out Matt on Twitter to find out what that next secret project is. John, thank you for joining me this morning. My name is Savannah Peterson and we'll be here all day live from the cube. We hope you'll be joining us throughout the evening until a happy hour today. Thanks for coming. Thanks for coming. Thanks for watching.

>>Keon Cloud Native Con kicks off in Detroit on October 24th, and we're pleased to have Stewart Miniman, who's the director of Market Insights, hi, at, for hybrid platforms at Red Hat back in the studio to help us understand the key trends to look for at the events. Do welcome back, like old, old, old >>Home. Thank you, David. It's great to, great to see you and always love doing these previews, even though Dave, come on. How many years have I told you Cloud native con, It's a hoodie crowd. They're gonna totally call you out for where in a tie and things like that. I, I know you want to be an ESPN sportscaster, but you know, I I, I, I still don't think even after, you know, this show's been around for so many years that there's gonna be too many ties into Troy. I >>Know I left the hoodie in my off, I'm sorry folks, but hey, we'll just have to go for it. Okay. Containers generally, and Kubernetes specifically continue to show very strong spending momentum in the ETR survey data. So let's bring up this slide that shows the ETR sectors, all the sectors in the tax taxonomy with net score or spending velocity in the vertical axis and pervasiveness on the horizontal axis. Now, that red dotted line that you see, that marks the elevated 40% mark, anything above that is considered highly elevated in terms of momentum. Now, for years, the big four areas of momentum that shine above all the rest have been cloud containers, rpa, and ML slash ai for the first time in 10 quarters, ML and AI and RPA have dropped below the 40% line, leaving only cloud and containers in rarefied air. Now, Stu, I'm sure this data doesn't surprise you, but what do you make of this? >>Yeah, well, well, Dave, I, I did an interview with at Deepak who owns all the container and open source activity at Amazon earlier this year, and his comment was, the default deployment mechanism in Amazon is containers. So when I look at your data and I see containers and cloud going in sync, yeah, that, that's, that's how we see things. We're helping lots of customers in their overall adoption. And this cloud native ecosystem is still, you know, we're still in that Cambridge explosion of new projects, new opportunities, AI's a great workload for these type type of technologies. So it's really becoming pervasive in the marketplace. >>And, and I feel like the cloud and containers go hand in hand, so it's not surprising to see those two above >>The 40%. You know, there, there's nothing to say that, Look, can I run my containers in my data center and not do the public cloud? Sure. But in the public cloud, the default is the container. And one of the hot discussions we've been having in this ecosystem for a number of years is edge computing. And of course, you know, I want something that that's small and lightweight and can do things really fast. A lot of times it's an AI workload out there, and containers is a great fit at the edge too. So wherever it goes, containers is a good fit, which has been keeping my group at Red Hat pretty busy. >>So let's talk about some of those high level stats that we put together and preview for the event. So it's really around the adoption of open source software and Kubernetes. Here's, you know, a few fun facts. So according to the state of enterprise open source report, which was published by Red Hat, although it was based on a blind survey, nobody knew that that Red Hat was, you know, initiating it. 80% of IT execs expect to increase their use of enterprise open source software. Now, the CNCF community has currently more than 120,000 developers. That's insane when you think about that developer resource. 73% of organizations in the most recent CNCF annual survey are using Kubernetes. Now, despite the momentum, according to that same Red Hat survey, adoption barriers remain for some organizations. Stu, I'd love you to talk about this specifically around skill sets, and then we've highlighted some of the other trends that we expect to see at the event around Stu. I'd love to, again, your, get your thoughts on the preview. You've done a number of these events, automation, security, governance, governance at scale, edge deployments, which you just mentioned among others. Now Kubernetes is eight years old, and I always hear people talking about there's something coming beyond Kubernetes, but it looks like we're just getting started. Yeah, >>Dave, It, it is still relatively early days. The CMC F survey, I think said, you know, 96% of companies when they, when CMC F surveyed them last year, were either deploying Kubernetes or had plans to deploy it. But when I talked to enterprises, nobody has said like, Hey, we've got every group on board and all of our applications are on. It is a multi-year journey for most companies and plenty of them. If you, you look at the general adoption of technology, we're still working through kind of that early majority. We, you know, passed the, the chasm a couple of years ago. But to a point, you and I we're talking about this ecosystem, there are plenty of people in this ecosystem that could care less about containers and Kubernetes. Lots of conversations at this show won't even talk about Kubernetes. You've got, you know, big security group that's in there. >>You've got, you know, certain workloads like we talked about, you know, AI and ml and that are in there. And automation absolutely is playing a, a good role in what's going on here. So in some ways, Kubernetes kind of takes a, a backseat because it is table stakes at this point. So lots of people involved in it, lots of activities still going on. I mean, we're still at a cadence of three times a year now. We slowed it down from four times a year as an industry, but there's, there's still lots of innovation happening, lots of adoption, and oh my gosh, Dave, I mean, there's just no shortage of new projects and new people getting involved. And what's phenomenal about it is there's, you know, end user practitioners that aren't just contributing. But many of the projects were spawned out of work by the likes of Intuit and Spotify and, and many others that created some of the projects that sit alongside or above the, the, you know, the container orchestration itself. >>So before we talked about some of that, it's, it's kind of interesting. It's like Kubernetes is the big dog, right? And it's, it's kind of maturing after, you know, eight years, but it's still important. I wanna share another data point that underscores the traction that containers generally are getting in Kubernetes specifically have, So this is data from the latest ETR survey and shows the spending breakdown for Kubernetes in the ETR data set for it's cut for respondents with 50 or more citations in, in by the IT practitioners that lime green is new adoptions, the forest green is spending 6% or more relative to last year. The gray is flat spending year on year, and those little pink bars, that's 6% or down spending, and the bright red is retirements. So they're leaving the platform. And the blue dots are net score, which is derived by subtracting the reds from the greens. And the yellow dots are pervasiveness in the survey relative to the sector. So the big takeaway here is that there is virtually no red, essentially zero churn across all sectors, large companies, public companies, private firms, telcos, finance, insurance, et cetera. So again, sometimes I hear this things beyond Kubernetes, you've mentioned several, but it feels like Kubernetes is still a driving force, but a lot of other projects around Kubernetes, which we're gonna hear about at the show. >>Yeah. So, so, so Dave, right? First of all, there was for a number of years, like, oh wait, you know, don't waste your time on, on containers because serverless is gonna rule the world. Well, serverless is now a little bit of a broader term. Can I do a serverless viewpoint for my developers that they don't need to think about the infrastructure but still have containers underneath it? Absolutely. So our friends at Amazon have a solution called Fargate, their proprietary offering to kind of hide that piece of it. And in the open source world, there's a project called Can Native, I think it's the second or third can Native Con's gonna happen at the cncf. And even if you use this, I can still call things over on Lambda and use some of those functions. So we know Dave, it is additive and nothing ever dominates the entire world and nothing ever dies. >>So we have, we have a long runway of activities still to go on in containers and Kubernetes. We're always looking for what that next thing is. And what's great about this ecosystem is most of it tends to be additive and plug into the pieces there, there's certain tools that, you know, span beyond what can happen in the container world and aren't limited to it. And there's others that are specific for it. And to talk about the industries, Dave, you know, I love, we we have, we have a community event that we run that's gonna happen at Cubans called OpenShift Commons. And when you look at like, who's speaking there? Oh, we've got, you know, for Lockheed Martin, University of Michigan and I g Bank all speaking there. So you look and it's like, okay, cool, I've got automotive, I've got, you know, public sector, I've got, you know, university education and I've got finance. So all of you know, there is not an industry that is not touched by this. And the general wave of software adoption is the reason why, you know, not just adoption, but the creation of new software is one of the differentiators for companies. And that is what, that's the reason why I do containers, isn't because it's some cool technology and Kubernetes is great to put on my resume, but that it can actually accelerate my developers and help me create technology that makes me respond to my business and my ultimate end users. Well, >>And you know, as you know, we've been talking about the Supercloud a lot and the Kubernetes is clearly enabler to, to Supercloud, but I wanted to go back, you and John Furrier have done so many of, you know, the, the cube cons, but but go back to Docker con before Kubernetes was even a thing. And so you sort of saw this, you know, grow. I think there's what, how many projects are in CNCF now? I mean, hundreds. Hundreds, okay. And so you're, Will we hear things in Detroit, things like, you know, new projects like, you know, Argo and capabilities around SI store and things like that? Well, you're gonna hear a lot about that. Or is it just too much to cover? >>So I, I mean the, the good news, Dave, is that the CNCF really is, is a good steward for this community and new things got in get in. So there's so much going on with the existing projects that some of the new ones sometimes have a little bit of a harder time making a little bit of buzz. One of the more interesting ones is a project that's been around for a while that I think back to the first couple of Cube Cuban that John and I did service Mesh and Istio, which was created by Google, but lived under basically a, I guess you would say a Google dominated governance for a number of years is now finally under the CNCF Foundation. So I talked to a number of companies over the years and definitely many of the contributors over the years that didn't love that it was a Google Run thing, and now it is finally part. >>So just like Kubernetes is, we have SEO and also can Native that I mentioned before also came outta Google and those are all in the cncf. So will there be new projects? Yes. The CNCF is sometimes they, they do matchmaking. So in some of the observability space, there were a couple of projects that they said, Hey, maybe you can go merge down the road. And they ended up doing that. So there's still you, you look at all these projects and if I was an end user saying, Oh my God, there is so much change and so many projects, you know, I can't spend the time in the effort to learn about all of these. And that's one of the challenges and something obviously at Red Hat, we spend a lot of time figuring out, you know, not to make winners, but which are the things that customers need, Where can we help make them run in production for our, our customers and, and help bring some stability and a little bit of security for the overall ecosystem. >>Well, speaking of security, security and, and skill sets, we've talked about those two things and they sort of go hand in hand when I go to security events. I mean, we're at reinforced last summer, we were just recently at the CrowdStrike event. A lot of the discussion is sort of best practice because it's so complicated. And, and, and will you, I presume you're gonna hear a lot of that here because security securing containers now, you know, the whole shift left thing and shield right is, is a complicated matter, especially when you saw with the earlier data from the Red Hat survey, the the gaps are around skill sets. People don't have the skill. So should we expect to hear a lot about that, A lot of sort of how to, how to take advantage of some of these new capabilities? >>Yeah, Dave, absolutely. So, you know, one of the conversations going on in the community right now is, you know, has DevOps maybe played out as we expect to see it? There's a newer term called platform engineering, and how much do I need to do there? Something that I, I know your, your team's written a lot about Dave, is how much do you need to know versus what can you shift to just a platform or a service that I can consume? I've talked a number of times with you since I've been at Red Hat about the cloud services that we offer. So you want to use our offering in the public cloud. Our first recommendation is, hey, we've got cloud services, how much Kubernetes do you really want to learn versus you want to do what you can build on top of it, modernize the pieces and have less running the plumbing and electric and more, you know, taking advantage of the, the technologies there. So that's a big thing we've seen, you know, we've got a big SRE team that can manage that for use so that you have to spend less time worrying about what really is un differentiated heavy lifting and spend more time on what's important to your business and your >>Customers. So, and that's, and that's through a managed service. >>Yeah, absolutely. >>That whole space is just taken off. All right, Stu I'll give you the final word. You know, what are you excited about for, for, for this upcoming event and Detroit? Interesting choice of venue? Yeah, >>Look, first of off, easy flight. I've, I've never been to Detroit, so I'm, I'm willing to give it a shot and hopefully, you know, that awesome airport. There's some, some, some good things there to learn. The show itself is really a choose your own adventure because there's so much going on. The main show of QAN and cloud Native Con is Wednesday through Friday, but a lot of a really interesting stuff happens on Monday and Tuesday. So we talked about things like OpenShift Commons in the security space. There's cloud Native Security Day, which is actually two days and a SIG store event. There, there's a get up show, there's, you know, k native day. There's so many things that if you want to go deep on a topic, you can go spend like a workshop in some of those you can get hands on to. And then at the show itself, there's so much, and again, you can learn from your peers. >>So it was good to see we had, during the pandemic, it tilted a little bit more vendor heavy because I think most practitioners were pretty busy focused on what they could work on and less, okay, hey, I'm gonna put together a presentation and maybe I'm restricted at going to a show. Yeah, not, we definitely saw that last year when I went to LA I was disappointed how few customer sessions there were. It, it's back when I go look through the schedule now there's way more end users sharing their stories and it, it's phenomenal to see that. And the hallway track, Dave, I didn't go to Valencia, but I hear it was really hopping felt way more like it was pre pandemic. And while there's a few people that probably won't come because Detroit, we think there's, what we've heard and what I've heard from the CNCF team is they are expecting a sizable group up there. I know a lot of the hotels right near the, where it's being held are all sold out. So it should be, should be a lot of fun. Good thing I'm speaking on an edge panel. First time I get to be a speaker at the show, Dave, it's kind of interesting to be a little bit of a different role at the show. >>So yeah, Detroit's super convenient, as I said. Awesome. Airports too. Good luck at the show. So it's a full week. The cube will be there for three days, Tuesday, Wednesday, Thursday. Thanks for coming. >>Wednesday, Thursday, Friday, sorry, >>Wednesday, Thursday, Friday is the cube, right? So thank you for that. >>And, and no ties from the host, >>No ties, only hoodies. All right Stu, thanks. Appreciate you coming in. Awesome. And thank you for watching this preview of CubeCon plus cloud Native Con with at Stu, which again starts the 24th of October, three days of broadcasting. Go to the cube.net and you can see all the action. We'll see you there.

(upbeat music) >> Hello, and welcome to "theCUBE" conversation here in Palo Alto, California. I'm John Furrier, host of "theCUBE," got a great security conversation, Ed Casper who's the founder and CEO of Cloud Storage Security, the great Cloud background, Cloud security, Cloud storage. Welcome to the "theCUBE Conversation," Ed. Thanks for coming on. >> Thank you very much for having me. >> I got Lafomo on that background. You got the nice look there. Let's get into the storage blind spot conversation around Cloud Security. Obviously, reinforced has came up a ton, you heard a lot about encryption, automated reasoning but still ransomware was still hot. All these things are continuing to be issues on security but they're all brought on data and storage, right? So this is a big part of it. Tell us a little bit about how you guys came about the origination story. What is the company all about? >> Sure, so, we're a pandemic story. We started in February right before the pandemic really hit and we've survived and thrived because it is such a critical thing. If you look at the growth that's happening in storage right now, we saw this at reinforced. We saw even a recent AWS Storage Day. Their S3, in particular, houses over 200 trillion objects. If you look just 10 years ago, in 2012, Amazon touted how they were housing one trillion objects, so in a 10 year period, it's grown to 200 trillion and really most of that has happened in the last three or four years, so the pandemic and the shift in the ability and the technologies to process data better has really driven the need and driven the Cloud growth. >> I want to get into some of the issues around storage. Obviously, the trend on S3, look at what they've done. I mean, I saw my land at storage today. We've interviewed her. She's amazing. Just the EC2 and S3 the core pistons of AWS, obviously, the silicons getting better, the IaaS layers just getting so much more innovation. You got more performance abstraction layers at the past is emerging Cloud operations on premise now with hybrid is becoming a steady state and if you look at all the action, it's all this hyper-converged kind of conversations but it's not hyper-converged in a box, it's Cloud Storage, so there's a lot of activity around storage in the Cloud. Why is that? >> Well, because it's that companies are defined by their data and, if a company's data is growing, the company itself is growing. If it's not growing, they are stagnant and in trouble, and so, what's been happening now and you see it with the move to Cloud especially over the on-prem storage sources is people are starting to put more data to work and they're figuring out how to get the value out of it. Recent analysts made a statement that if the Fortune 1000 could just share and expose 10% more of their data, they'd have net revenue increases of 65 million. So it's just the ability to put that data to work and it's so much more capable in the Cloud than it has been on-prem to this point. >> It's interesting data portability is being discussed, data access, who gets access, do you move compute to the data? Do you move data around? And all these conversations are kind of around access and security. It's one of the big vulnerabilities around data whether it's an S3 bucket that's an manual configuration error, or if it's a tool that needs credentials. I mean, how do you manage all this stuff? This is really where a rethink kind of comes around so, can you share how you guys are surviving and thriving in that kind of crazy world that we're in? >> Yeah, absolutely. So, data has been the critical piece and moving to the Cloud has really been this notion of how do I protect my access into the Cloud? How do I protect who's got it? How do I think about the networking aspects? My east west traffic after I've blocked them from coming in but no one's thinking about the data itself and ultimately, you want to make that data very safe for the consumers of the data. They have an expectation and almost a demand that the data that they consume is safe and so, companies are starting to have to think about that. They haven't thought about it. It has been a blind spot, you mentioned that before. In regards to, I am protecting my management plane, we use posture management tools. We use automated services. If you're not automating, then you're struggling in the Cloud. But when it comes to the data, everyone thinks, "Oh, I've blocked access. I've used firewalls. I've used policies on the data," but they don't think about the data itself. It is that packet that you talked about that moves around to all the different consumers and the workflows and if you're not ensuring that that data is safe, then, you're in big trouble and we've seen it over and over again. >> I mean, it's definitely a hot category and it's changing a lot, so I love this conversation because it's a primary one, primary and secondary cover data cotton storage. It's kind of good joke there, but all kidding aside, it's a hard, you got data lineage tracing is a big issue right now. We're seeing companies come out there and kind of superability tangent there. The focus on this is huge. I'm curious, what was the origination story? What got you into the business? Was it like, were you having a problem with this? Did you see an opportunity? What was the focus when the company was founded? >> It's definitely to solve the problems that customers are facing. What's been very interesting is that they're out there needing this. They're needing to ensure their data is safe. As the whole story goes, they're putting it to work more, we're seeing this. I thought it was a really interesting series, one of your last series about data as code and you saw all the different technologies that are processing and managing that data and companies are leveraging today but still, once that data is ready and it's consumed by someone, it's causing real havoc if it's not either protected from being exposed or safe to use and consume and so that's been the biggest thing. So we saw a niche. We started with this notion of Cloud Storage being object storage, and there was nothing there protecting that. Amazon has the notion of access and that is how they protect the data today but not the packets themselves, not the underlying data and so, we created the solution to say, "Okay, we're going to ensure that that data is clean. We're also going to ensure that you have awareness of what that data is, the types of files you have out in the Cloud, wherever they may be, especially as they drift outside of the normal platforms that you're used to seeing that data in. >> It's interesting that people were storing data lakes. Oh yeah, just store a womp we might need and then became a data swamp. That's kind of like go back 67 years ago. That was the conversation. Now, the conversation is I need data. It's got to be clean. It's got to feed the machine learning. This is going to be a critical aspect of the business model for the developers who are building the apps, hence, the data has code reference which we've focused on but then you say, "Okay, great. Does this increase our surface area for potential hackers?" So there's all kinds of things that kind of open up, we start doing cool, innovative, things like that so, what are some of the areas that you see that your tech solves around some of the blind spots or with object store, the things that people are overlooking? What are some of the core things that you guys are seeing that you're solving? >> So, it's a couple of things, right now, the still the biggest thing you see in the news is configuration issues where people are losing their data or accidentally opening up to rights. That's the worst case scenario. Reads are a bad thing too but if you open up rights and we saw this with a major API vendor in the last couple of years they accidentally opened rights to their buckets. Hackers found it immediately and put malicious code into their APIs that were then downloaded and consumed by many, many of their customers so, it is happening out there. So the notion of ensuring configuration is good and proper, ensuring that data has not been augmented inappropriately and that it is safe for consumption is where we started and, we created a lightweight, highly scalable solution. At this point, we've scanned billions of files for customers and petabytes of data and we're seeing that it's such a critical piece to that to make sure that that data's safe. The big thing and you brought this up as well is the big thing is they're getting data from so many different sources now. It's not just data that they generate. You see one centralized company taking in from numerous sources, consolidating it, creating new value on top of it, and then releasing that and the question is, do you trust those sources or not? And even if you do, they may not be safe. >> We had an event around super Clouds is a topic we brought up to get bring the attention to the complexity of hybrid which is on premise, which is essentially Cloud operations. And the successful people that are doing things in the software side are essentially abstracting up the benefits of the infrastructures of service from HN AWS, right, which is great. Then they innovate on top so they have to abstract that storage is a key component of where we see the innovations going. How do you see your tech that kind of connecting with that trend that's coming which is everyone wants infrastructures code. I mean, that's not new. I mean, that's the goal and it's getting better every day but DevOps, the developers are driving the operations and security teams to like stay pace, so policy seeing a lot of policy seeing some cool things going on that's abstracting up from say storage and compute but then those are being put to use as well, so you've got this new wave coming around the corner. What's your reaction to that? What's your vision on that? How do you see that evolving? >> I think it's great, actually. I think that the biggest problem that you have to do as someone who is helping them with that process is make sure you don't slow it down. So, just like Cloud at scale, you must automate, you must provide different mechanisms to fit into workflows that allow them to do it just how they want to do it and don't slow them down. Don't hold them back and so, we've come up with different measures to provide and pretty much a fit for any workflow that any customer has come so far with. We do data this way. I want you to plug in right here. Can you do that? And so it's really about being able to plug in where you need to be, and don't slow 'em down. That's what we found so far. >> Oh yeah, I mean that exactly, you don't want to solve complexity with more complexity. That's the killer problem right now so take me through the use case. Can you just walk me through how you guys engage with customers? How they consume your service? How they deploy it? You got some deployment scenarios. Can you talk about how you guys fit in and what's different about what you guys do? >> Sure, so, we're what we're seeing is and I'll go back to this data coming from numerous sources. We see different agencies, different enterprises taking data in and maybe their solution is intelligence on top of data, so they're taking these data sets in whether it's topographical information or whether it's in investing type information. Then they process that and they scan it and they distribute it out to others. So, we see that happening as a big common piece through data ingestion pipelines, that's where these folks are getting most of their data. The other is where is the data itself, the document or the document set, the actual critical piece that gets moved around and we see that in pharmaceutical studies, we see it in mortgage industry and FinTech and healthcare and so, anywhere that, let's just take a very simple example, I have to apply for insurance. I'm going to upload my Social Security information. I'm going to upload a driver's license, whatever it happens to be. I want to one know which of my information is personally identifiable, so I want to be able to classify that data but because you're trusting or because you're taking data from untrusted sources, then you have to consider whether or not it's safe for you to use as your own folks and then also for the downstream users as well. >> It's interesting, in the security world, we hear zero trust and then we hear supply chain, software supply chains. We get to trust everybody, so you got kind of two things going on. You got the hardware kind of like all the infrastructure guys saying, "Don't trust anything 'cause we have a zero trust model," but as you start getting into the software side, it's like trust is critical like containers and Cloud native services, trust is critical. You guys are kind of on that balance where you're saying, "Hey, I want data to come in. We're going to look at it. We're going to make sure it's clean." That's the value here. Is that what I'm hearing you, you're taking it and you're saying, "Okay, we'll ingest it and during the ingestion process, we'll classify it. We'll do some things to it with our tech and put it in a position to be used properly." Is that right? >> That's exactly right. That's a great summary, but ultimately, if you're taking data in, you want to ensure it's safe for everyone else to use and there are a few ways to do it. Safety doesn't just mean whether it's clean or not. Is there malicious content or not? It means that you have complete coverage and control and awareness over all of your data and so, I know where it came from. I know whether it's clean and I know what kind of data is inside of it and we don't see, we see that the interesting aspects are we see that the cleanliness factor is so critical in the workflow, but we see the classification expand outside of that because if your data drifts outside of what your standard workflow was, that's when you have concerns, why is PII information over here? And that's what you have to stay on top of, just like AWS is control plane. You have to manage it all. You have to make sure you know what services have all of a sudden been exposed publicly or not, or maybe something's been taken over or not and you control that. You have to do that with your data as well. >> So how do you guys fit into the security posture? Say it a large company that might want to implement this right away. Sounds like it's right in line with what developers want and what people want. It's easy to implement from what I see. It's about 10, 15, 20 minutes to get up and running. It's not hard. It's not a heavy lift to get in. How do you guys fit in once you get operationalized when you're successful? >> It's a lightweight, highly scalable serverless solution, it's built on Fargate containers and it goes in very easily and then, we offer either native integrations through S3 directly, or we offer APIs and the APIs are what a lot of our customers who want inline realtime scanning leverage and we also are looking at offering the actual proxy aspects. So those folks who use the S3 APIs that our native AWS, puts and gets. We can actually leverage our put and get as an endpoint and when they retrieve the file or place the file in, we'll scan it on access as well, so, it's not just a one time data arrest. It can be a data in motion as you're retrieving the information as well >> We were talking with our friends the other day and we're talking about companies like Datadog. This is the model people want, they want to come in and developers are driving a lot of the usage and operational practice so I have to ask you, this fits kind of right in there but also, you also have the corporate governance policy police that want to make sure that things are covered so, how do you balance that? Because that's an important part of this as well. >> Yeah, we're really flexible for the different ways they want to consume and and interact with it. But then also, that is such a critical piece. So many of our customers, we probably have a 50/50 breakdown of those inside the US versus those outside the US and so, you have those in California with their information protection act. You have GDPR in Europe and you have Asia having their own policies as well and the way we solve for that is we scan close to the data and we scan in the customer's account, so we don't require them to lose chain of custody and send data outside of the accoun. That is so critical to that aspect. And then we don't ask them to transfer it outside of the region, so, that's another critical piece is data residency has to be involved as part of that compliance conversation. >> How much does Cloud enable you to do this that you couldn't really do before? I mean, this really shows the advantage of natively being in the Cloud to kind of take advantage of the IaaS to SAS components to solve these problems. Share your thoughts on how this is possible. What if there was no problem, what would you do? >> It really makes it a piece of cake. As silly as that sounds, when we deploy our solution, we provide a management console for them that runs inside their own accounts. So again, no metadata or anything has to come out of it and it's all push button click and because the Cloud makes it scalable because Cloud offers infrastructure as code, we can take advantage of that and then, when they say go protect data in the Ireland region, they push a button, we stand up a stack right there in the Ireland region and scan and protect their data right there. If they say we need to be in GovCloud and operate in GovCloud East, there you go, push the button and you can behave in GovCloud East as well. >> And with server lists and the region support and all the goodness really makes a really good opportunity to really manage these Cloud native services with the data interaction so, really good prospects. Final question for you. I mean, we love the story. I think it is going to be a really changing market in this area in a big way. I think the data storage relationship relative to higher level services will be huge as Cloud native continues to drive everything. What's the future? I mean, you guys see yourself as a all encompassing, all singing and dancing storage platform or a set of services that you're going to enable developers and drive that value. Where do you see this going? >> I think that it's a mix of both. Ultimately, you saw even on Storage Day the announcement of file cash and file cash creates a new common name space across different storage platforms and so, the notion of being able to use one area to access your data and have it come from different spots is fantastic. That's been in the on-prem world for a couple of years and it's finally making it to the Cloud. I see us following that trend in helping support. We're super laser-focused on Cloud Storage itself so, EBS volumes, we keep having customers come to us and say, "I don't want to run agents in my EC2 instances. I want you to snap and scan and I don't want to, I've got all this EFS and FSX out there that we want to scan," and so, we see that all of the Cloud Storage platforms, Amazon work docs, EFS, FSX, EBS, S3, we'll all come together and we'll provide a solution that's super simple, highly scalable that can meet all the storage needs so, that's our goal right now and where we're working towards. >> Well, Cloud Storage Security, you couldn't get a more a descriptive name of what you guys are working on and again, I've had many contacts with Andy Jassy when he was running AWS and he always loves to quote "The Innovator's Dilemma," one of his teachers at Harvard Business School and we were riffing on that the other day and I want to get your thoughts. It's not so much "The Innovator's Dilemma" anymore relative to Cloud 'cause that's kind of a done deal. It's "The Integrator's Dilemma," and so, it's the integrations are so huge now. If you don't integrate the right way, that's the new dilemma. What's your reaction to that? >> A 100% agreed. It's been super interesting. Our customers have come to us for a security solution and they don't expect us to be 'cause we don't want to be either. Our own engine vendor, we're not the ones creating the engines. We are integrating other engines in and so we can provide a multi engine scan that gives you higher efficacy. So this notion of offering simple integrations without slowing down the process, that's the key factor here is what we've been after so, we are about simplifying the Cloud experience to protecting your storage and it's been so funny because I thought customers might complain that we're not a name brand engine vendor, but they love the fact that we have multiple engines in place and we're bringing that to them this higher efficacy, multi engine scan. >> I mean the developer trends can change on a dime. You make it faster, smarter, higher velocity and more protected, that's a winning formula in the Cloud so Ed, congratulations and thanks for spending the time to riff on and talk about Cloud Storage Security and congratulations on the company's success. Thanks for coming on "theCUBE." >> My pleasure, thanks a lot, John. >> Okay. This conversation here in Palo Alto, California I'm John Furrier, host of "theCUBE." Thanks for watching.

(upbeat music) >> We're back in Boston, theCUBE's coverage of Re:Inforce 2022. My name is Dave Vellante. Dave Hatfield is here. He's the co-CEO of Lacework. Dave, great to see again. Hat. >> Thanks Dave. >> Do you still go by Hat? >> Hat is good for me. (Dave V laughing) >> All right cool. >> When you call me David, I'm in trouble for something. (Dave V Laughing) So just call me Hat for now. >> Yeah, like my mom, David Paul. >> Exactly. >> All right. So give us the update. I mean, you guys have been on a tear. Obviously the Techlash, >> Yep. >> I mean, a company like yours, that has raised so much money. You got to be careful. But still, I'm sure you're not taking the foot off the gas. What's the update? >> Yeah no. We were super focused on our mission. We want to de deliver a cloud security for everybody. Make it easier for developers and builders, to do their thing. And we're fortunate to be in a situation, where people are in the early innings of moving into the cloud, you know. So our customers, largely digital natives. And now increasingly cloud migrants, are recognizing that in order to build fast, you know, in the cloud, they need to have a different approach to security. And, you know, it used to be that you're either going be really secure or really fast. And we wanted to create a platform that allowed you to have both. >> Yeah. So when you first came to theCUBE, you described it. We are the first company. And at the time, I think you were the only company, thinking about security as a data problem. >> Yeah. >> Explain what that means. >> Well, when you move to the cloud, you know, there's literally a quintillion data sets, that are out there. And it's doubling every several days or whatever. And so it creates a massive problem, in that the attack surface grows. And different than when you're securing a data center or device, where you have a very fixed asset, and you kind of put things around it and you kind of know how to do it. When you move to the shared ephemeral massive scale environment, you can't write rules, and do security the way you used to do it, for a data centers and devices. And so the insight for us was, the risk was the data, the upside was the data, you know? And so if you can harness all of this data, ingest it, process it, contextualize it, in the context of creating a baseline of what normal is for a company. And then monitor it constantly in real time. Figure out, you know, identify abnormal activity. You can deliver a security posture for a company, unlike anything else before. Because it used to be, you'd write a rule. You have a known adversary or a bad guy that's out there, and you constantly try and keep up with them for a very specific attack service. But when you move to the cloud, the attack service is too broad. And so, the risk of the massive amount of data, is also the solution. Which is how do you harness it and use it with machine learning and AI, to solve these problems. >> So I feel like for CISOs, the cloud is now becoming the first line of defense. >> Yep. The CISOs is now the second line. Maybe the auditing is the third line. I don't know. >> Yeah. >> But, so how do you work with AWS? You mentioned, you know, quadrillion. We heard, I think it was Steven Schmidt, who talked about in his keynote. A quadrillion, you know, data points of a month or whatever it was. That's 15 zeros. Mind boggling. >> Yeah. >> How do you interact with AWS? You know, where's your data come from? Are you able to inspect that AWS data? Is it all your own kind of first party data? How does that all work? >> Yeah, so we love AWS. I mean we ultimately, we started out our company building our own service, you know, on AWS. We're the first cloud native built on the cloud, for the cloud, leveraging data and harnessing it. So AWS enabled us to do that. And partners like Snowflake and others, allowed us to do that. But we are a multi-cloud solution too. So we allow builders and customers, to be able to have choice. But we'd go deep with AWS and say, the shared responsibility model they came up with. With partners and themselves to say, all right, who ultimately owns security? Like where is the responsibility? And AWS does a great job on database storage, compute networking. The customer is responsible for the OS, the platform, the workloads, the applications, et cetera, and the data. And that's really where we come in. And kind of help customers secure their posture, across all of their cloud environments. And so we take a cloud trail data. We look at all of the network data. We look at configuration data. We look at rules based data and policies, that customers might have. Anything we can get our hands on, to be able to ingest into our machine learning models. And everybody knows, the more data you put into a machine learning model, the finer grain it's going to be. The more insightful and the more impactful it's going to be. So the really hard computer science problem that we set out to go do seven years ago, when we founded the company, was figure out a way to ingest, process, and contextualize mass amounts of data, from multiple streams. And the make sense out of it. And in the traditional way of protecting customers' environments, you know, you write a rule, and you have this linear sort of connection to alerts. And so you know, if you really want to tighten it down and be really secure, you have thousands of alerts per day. If you want to move really fast and create more risk and exposure, turn the dial the other way. And you know, we wanted to say, let's turn it all the way over, but maintain the amount of alerts, that really are only the ones that they need to go focus on. And so by using machine learning and artificial intelligence, and pulling all these different disparate data systems into making sense of them, we can take, you know, your alert volume from thousands per day, to one or two high fidelity critical alerts per day. And because we know the trail, because we're mapping it through our data graph, our polygraph data platform, the time to remediate a problem. So figure out the needle in the haystack. And the time to remediate is 90, 95% faster, than what you have to do on your own. So we want to work with AWS, and make it really easy for builders to use AWS services, and accelerate their consumption of them. So we were one of the first to really embrace Fargate and Graviton. We're embedded in Security Hub. We're, you know, embedded in all of the core platforms. We focus on competencies, you know. So, you know, we got container competency. We've got security and compliance competencies. And we really just want to continue to jointly invest with AWS. To deliver a great customer outcome and a really integrated seamless solution. >> I got a lot to unpack there. >> Okay. >> My first question is, what you just described, that needle in the haystack. You're essentially doing that in near real time? >> Yep. >> Or real time even, with using AI inferencing. >> Yeah. >> Describe it a little better. >> You're processing all of this data, you know, how do you do so efficiently? You know. And so we're the fastest. We do it in near real time for everything. And you know, compared to our competitors, that are doing, you know, some lightweight side scanning technology, and maybe they'll do a check or a scan once a day or twice a day. Well, the adversaries aren't sleeping, you know, over the other period of time. So you want to make it as near real time as you can. For certain applications, you know, you get it down into minutes. And ideally over time, you want to get it to actual real time. And so there's a number of different technologies that we're deploying, and that we're putting patents around. To be able to do as much data as you possibly can, as fast as you possibly can. But it varies on the application of the workload. >> And double click in the technology. >> Yeah. >> Like tell me more about it. What is it? Is it a purpose-built data store? >> Yeah. Is it a special engine? >> Yeah. There's two primary elements to it. The first part is the polygraph data platform. And this is this ingestion engine, the processing engine, you know, correlation engine. That has two way APIs, integrates into your workflows, ingests as much data as we possibly can, et cetera. And unifies all the data feeds that you've got. So you can actually correlate and provide context. And security now in the cloud, and certainly in the future, the real value is being able to create context and correlate data across the board. And when you're out buying a bunch of different companies, that have different architectures, that are all rules based engines, and trying to stitch them together, they don't talk to each other. And so the hard part first, that we wanted to go do, was build a cloud native platform, that was going to allow us to build applications, that set on top of it. And that, you know, handled a number of different security requirements. You know, behavior based threat detection, obviously is one of the first services that we offered, because we're correlating all this data, and we're creating a baseline, and we're figuring out what normal is. Okay, well, if your normal behavior is this. What's abnormal? So you can catch not only a known bad threat, you know, with rules, et cetera, that are embedded into our engines, but zero day threats and unknown unknowns. Which are the really scary stuff, when you're in the cloud. So, you know, we've got, you know, application, you know, for behavioral threat detection. You have vulnerability management, you know. Where you're just constantly figuring out, what vulnerabilities do I have across my development cycle and my run time cycle, that I need to be able to keep up on, and sort of patch and remediate, et cetera. And then compliance. And as you're pulling all these data points in, you want to be able to deliver compliance reports really efficiently. And the Biden Administration, you know, is issuing, you know, all of these, you know, new edicts for regulations. >> Sure. Obviously countries in, you know, in Europe. They have been way ahead of the US, in some of these regulations. And so they all point to a need for continuous monitoring of your cloud environment, to ensure that you're, you know, in real time, or near real time complying with the environments. And so being able to hit a button based on all of this data and, you know, deliver a compliance report for X regulation or Y regulation, saves a lot of time. But also ensures customers are secure. >> And you mentioned your multi-cloud, so you started on AWS. >> Yeah. >> My observation is that AWS isn't out trying to directly, I mean, they do some monetization of their security, >> Yep. >> But it's more like security here it is, you know. Use it. >> Yeah. >> It comes with the package. Whereas for instance, take Microsoft for example, I mean, they have a big security business. I mean, they show up in the spending surveys. >> Yeah. >> Like wow, off the charts. So sort of different philosophies there. But when you say you're Multicloud, you're saying, okay, you run on AWS. Obviously you run on Azure. You run on GCP as well. >> Yeah. Yep. >> We coin this term, Supercloud, Dave. It's it's like Multicloud 2.0. The idea is it's a layer above the clouds, that hides the underlying complexity. >> Yep. >> You mentioned Graviton. >> Yep. >> You worry about Graviton. Your customer don't, necessarily. >> We should be able to extract that. >> Right. But that's going to be different than what goes on Microsoft. With Microsoft primitives or Google primitives. Are you essentially building a Supercloud, that adds value. A layer, >> Yeah. >> on top of those Hyperscalers. >> Yeah. >> Or is it more, we're just going to run within each of those individual environments. >> Yeah. No we definitely want to build the Security OS, you know, that sort of goes across the Supercloud, as you talk about. >> Yeah. >> I would go back on one thing that you said, you know, if you listen to Andy or Adam now, talk about AWS services, and all the future growth that they have. I mean, security is job one. >> Yeah. Right, so AWS takes security incredibly seriously. They need to. You know, they want to be able to provide confidence to their customers, that they're going to be able to migrate over safely. So I think they do care deeply it. >> Oh, big time. >> And are delivering a number of services, to be able to do it for their customers,. Which is great. We want to enhance that, and provide Multicloud flexibility, deeper dives on Kubernetes and containers, and just want to stay ahead, and provide an option for companies. You know, when you're operating in AWS, to have better or deeper, more valuable, more impactful services to go layer on top. >> I see. >> And then provide the flexibility, like you said, of, hey look, I want to have a consistent security posture across all of my clouds. If I choose to use other clouds. And you don't, the schema are different on all three. You know, all of the protocols are different, et cetera. And so removing all of that complexity. I was just talking with the CISO at our event last night, we had like 300 people at this kind of cocktail event. Boston's pretty cool in the summertime. >> Yeah. Boston in July is great. >> It's pretty great. They're like going, look, we don't want to hire a Azure specialist, and a AWS specialist, and you know, a GCP specialist. We don't want to have somebody that is deep on just doing container security, or Kubernetes security. Like we want you to abstract all of that. Make sense of it. Stay above it. Continue to innovate. So we can actually do what we want to do. Which is, we want to build. We want to build fast. Like the whole point here, is to enable developers to do their job without restriction. And they intuitively want to have, and build secure applications. And, you know, because they recognize the importance of it. But if it slows them down. They're not going to do it. >> Right. >> And so we want to make that as seamless as possible, on top of AWS. So their developers feel confident. They can move more and more applications over. >> So to your point about AWS, I totally agree. I mean, security's job one. I guess the way I would say it is, from a monetization standpoint. >> Yeah. >> My sense is AWS, right now anyway, is saying we want the ecosystem, >> Yeah. >> to be able to monetize. >> Yeah. >> We're going to leave that meat on the bone for those guys. Whereas Microsoft is, they sometimes, they're certainly competitive with the ecosystem, sometimes. End point. >> Yeah. >> They compete with CrowdStrike. There's no question about it. >> Yeah. >> Are they competitive with you in some cases? Or they're not there yet. Are you different. >> Go talk to George, about what he thinks about CrowdStrike and I, versus Microsoft. (Dave V laughing) >> Well, yeah. (Dave H laughing) A good point in terms of the depth of capability. >> Yeah. >> But there's definitely opportunities for the ecosystem there as well. >> Yeah. But I think on certain parts of that, there are more, there's higher competitiveness, than less. I think in the cloud, you know, having flexibility and being open, is kind of core to the cloud's premise. And I think all three of the Hyperscalers, want to provide a choice for customers. >> Sure. >> And they want to provide flexibility. They obviously, want to monetize as much as they possibly can too. And I think they have varying strategies of those. And I do think AWS is the most open. And they're also the biggest. And I think that bodes well for what the marketplace really wants. You know, if you are a customer, and you want to go all in for everything, with one cloud. All right, well then maybe you use their security stack exclusively. But that's not the trend on where we're going. And we're talking about a $154 billion market, growing at, you know, 15% for you. It's a $360 billion market. And one of the most fragmented in tech. Customers do want to consolidate on platforms. >> Absolutely. >> If they can consolidate on CSPs, or they consolidate on the Supercloud, I'm going to steal that from you, with the super cloud. You know, to be able to, you know, have a consistent clarity posture, for all of your workloads, containers, Kubernetes, applications, across multiple clouds. That's what we think customers want. That's what we think customers need. There's opportunity for us to build a really big, iconic security business as well. >> I'm going to make you laugh. Because, so AWS doesn't like the term Supercloud. And the reason is, because it implies that they're the infrastructure, kind of commodity layer. And my response is, you'll appreciate this, is Pure Storage has 70% gross margin. >> Yeah. Yep. >> Right. Look at Intel. You've got Graviton. You control, you can have Intel, like gross margin. So maybe, your infrastructure. But it's not necessarily commodity, >> Yeah. >> But it leaves, to me, it leaves the ecosystem value. Companies like Lacework. >> Amazon offers 220 something services, for customers to make their lives easier. There's all kinds of ways, where they're actually focusing on delivering value, to their customers that, you know, is far from commodity and always will be. >> Right. >> I think when it comes to security, you're going to have, you're going to need security in your database. Your storage. Your network compute. They do all of that, you know, monetize all of that. But customers also want to, you know, be able to have a consistent security posture, across the Supercloud. You know, I mean, they don't have time. I think security practitioners, and security hiring in general, hasn't had unemployment for like seven or 10 years. It's the hardest place to find quality people. >> Right. >> And so our goal, is if we can up level and enable security practitioners, and DevSecOps teams, to be able to do their job more efficiently, it's a good thing for them. It's a win for them. And not having to be experts, on all of these different environments, that they're operating in. I think is really important. >> Here's the other thing about Supercloud. And I think you'll appreciate this. You know, Andreesen says, all companies are software companies. Well, all companies are becoming SAS and Cloud companies. >> Yeah. >> So you look at Capital One. What they're doing with on Snowflake. You know, Goldman what they're doing with AWS. Oracle by Cerner, you know that. So industries, incumbents, are building their own Superclouds. They don't want to deal with all this crap. >> Yeah. >> They want to add their own value. Their own tools. Their own software. And their own data. >> Yeah. >> And actually serve their specific vertical markets. >> Yeah. A hundred percent. And they also don't want tools, you know. >> Right. >> I think when you're in the security business. It's so fragmented, because you had to write a rule for everything, and they were super nuanced. When you move to a data driven approach, and you actually have a platform, that removes the need to actually have very nuanced, specific expertise across all these different. Because you're combining it into your baseline and understanding it. And so, customers want to move from, you know, one of the biggest banks in North America, has 550 different point solutions for security. Thousands of employees to go manage all of this. They would love to be able to consolidate around a few platforms, that integrate the data flows, so they can correlate value across it. And this platform piece is really what differentiates our approach. Is that we already have that built. And everybody else is sort of working backwards from Legacy approaches, or from a acquired companies. We built it natively from the ground up. Which we believe gives us an advantage for our customers. An advantage of time to market speed, efficacy, and a much lower cost. Because you can get rid of a bunch of point solutions in the process. >> You mentioned Devs. Did you, you know, that continuous experience across clouds. >> Yep. >> Do you have like the equivalent of a Super PAs layer, that is specific to your use case? Or are you kind of using, I mean, I know you use off the shelf tooling, >> Yep. >> you allow your developers to do so, but is, is the developer experience consistent across the clouds? That's really what I'm asking? >> Well, I think it is. I mean, I was talking to another CEO of a company, you know, on the floor here, and it's focusing on the build side. You know we focus on both the build and the run time. >> Right. >> And we were talking about, you know, how many different applications, or how fragmented the developer experience is, with all the different tools that they have. And it's phenomenal. I mean, like this, either through acquisition or by business unit. And developers, like to have choice. Like they don't like to be told what to do or be standardized, you know, by anybody. Especially some compliance organization or security organization. And so, it's hard for them to have a consistent experience, that they're using a bunch of different tools. And so, yeah. We want to be able to integrate into whatever workload, a workflow a customer uses, in their Dev cycle, and then provide consistent security on top of it. I mean, for our own company, you know, we got about a thousand people. And a lot of them are developers. We want to make it as consistent as we possibly can, so they can build code, to deliver security efficacy, and new applications and new tools for us. So I think where you can standardize and leverage a platform approach, it's always going to be better. But the reality is, especially in large existing companies. You know, they've got lots of different tools. And so you need to be able to set above it. Integrate with it and make it consistent. And security is one of those areas, where having a consistent view, a consistent posture, a consistent read, that you can report to the board, and know that your efficacy is there. Whatever environment you're in. Whatever cloud you're on. Is super, super critical. >> And in your swim lane, you're providing that consistency, >> Yep. >> for Devs. But you're right. You've got to worry about containers. You got to worry about the run time. You got to worry about the platform. The DevSecOps team is, you know, becoming the new line of defense, right? I mean, security experts. >> Absolutely. Well, we have one customer, that we just have been working with for four years ago. And it's, you know, a Fortune, a Global 2000 company. Bunch of different industries grew through acquisition, et cetera. And four years ago, their CTO said, we're moving to the cloud. Because we want to drive efficiency and agility, and better service offerings across the board. And so he has engineering. So he has Dev, you know. He has operations. And he has security teams. And so organizationally, I think that'll be the model, as companies do follow entries in to sort of, you know, quote. Become software companies and move on their digital journeys. Integrating the functions of DevSecOps organizationally, and then providing a platform, and enabling platform, that makes their jobs easier for each of those personas. >> Right. >> Is what we do. You want to enable companies to shift left. And if you can solve the problems in the code, on the front end, you know, before it gets out on the run time. You're going to solve, you know, a lot of issues that exist. Correlating the data, between what's happening in your runtime, and what's happening in your build time, and being able to fix it in near realtime. And integrate with those joint workflows. We think is the right answer. >> Yeah. >> Over the long haul. So it's a pretty exciting time. >> Yeah. Shift left, ops team shield right. Hat, great to see you again. >> Good to see you, Dave. >> Thanks so much for coming on theCUBE. >> Thanks a lot. >> All Right. Keep it right there. We'll be back. Re:Inforce 2022. You're watching theCUBE from Boston. (calming music)

(gentle music) (upbeat music) (crowd chattering) >> Welcome back to The City That Never Sleeps. Lisa Martin and John Furrier in New York City for AWS Summit '22 with about 10 to 12,000 of our friends. And we've got two more friends joining us here today. We're going to be talking with Haseeb Budhani, one of our alumni, co-founder and CEO of Rafay Systems, and Kevin Coleman, senior manager for Go-to Market for EKS at AWS. Guys, thank you so much for joining us today. >> Thank you very much for having us. Excited to be here. >> Isn't it great to be back at an in-person event with 10, 12,000 people? >> Yes. There are a lot of people here. This is packed. >> A lot of energy here. So, Haseeb, we've got to start with you. Your T-shirt says it all. Don't hate k8s. (Kevin giggles) Talk to us about some of the trends, from a Kubernetes perspective, that you're seeing, and then Kevin will give your follow-up. >> Yeah. >> Yeah, absolutely. So, I think the biggest trend I'm seeing on the enterprise side is that enterprises are forming platform organizations to make Kubernetes a practice across the enterprise. So it used to be that a BU would say, "I need Kubernetes. I have some DevOps engineers, let me just do this myself." And the next one would do the same, and then next one would do the same. And that's not practical, long term, for an enterprise. And this is now becoming a consolidated effort, which is, I think it's great. It speaks to the power of Kubernetes, because it's becoming so important to the enterprise. But that also puts a pressure because what the platform team has to solve for now is they have to find this fine line between automation and governance, right? I mean, the developers, you know, they don't really care about governance. Just give me stuff, I need to compute, I'm going to go. But then the platform organization has to think about, how is this going to play for the enterprise across the board? So that combination of automation and governance is where we are finding, frankly, a lot of success in making enterprise platform team successful. I think, that's a really new thing to me. It's something that's changed in the last six months, I would say, in the industry. I don't know if, Kevin, if you agree with that or not, but that's what I'm seeing. >> Yeah, definitely agree with that. We see a ton of customers in EKS who are building these new platforms using Kubernetes. The term that we hear a lot of customers use is standardization. So they've got various ways that they're deploying applications, whether it's on-prem or in the cloud and region. And they're really trying to standardize the way they deploy applications. And Kubernetes is really that compute substrate that they're standardizing on. >> Kevin, talk about the relationship with Rafay Systems that you have and why you're here together. And two, second part of that question, why is EKS kicking ass so much? (Haseeb and Kevin laughing) All right, go ahead. First one, your relationship. Second one, EKS is doing pretty well. >> Yep, yep, yep. (Lisa laughing) So yeah, we work closely with Rafay, Rafay, excuse me. A lot of joint customer wins with Haseeb and Co, so they're doing great work with EKS customers and, yeah, love the partnership there. In terms of why EKS is doing so well, a number of reasons, I think. Number one, EKS is vanilla, upstream, open-source Kubernetes. So customers want to use that open-source technology, that open-source Kubernetes, and they come to AWS to get it in a managed offering, right? Kubernetes isn't the easiest thing to self-manage. And so customers, you know, back before EKS launched, they were banging down the door at AWS for us to have a managed Kubernetes offering. And, you know, we launched EKS and there's been a ton of customer adoption since then. >> You know, Lisa, when we, theCUBE 12 years, now everyone knows we started in 2010, we used to cover a show called OpenStack. >> I remember that. >> OpenStack Summit. >> What's that now? >> And at the time, at that time, Kubernetes wasn't there. So theCUBE was present at creation. We've been to every KubeCon ever, CNCF then took it over. So we've been watching it from the beginning. >> Right. And it reminds me of the same trend we saw with MapReduce and Hadoop. Very big promise, everyone loved it, but it was hard, very difficult. And Hadoop's case, big data, it ended up becoming a data lake. Now you got Spark, or Snowflake, and Databricks, and Redshift. Here, Kubernetes has not yet been taken over. But, instead, it's being abstracted away and or managed services are emerging. 'Cause general enterprises can't hire enough Kubernetes people. >> Yep. >> They're not that many out there yet. So there's the training issue. But there's been the rise of managed services. >> Yep. >> Can you guys comment on what your thoughts are relative to that trend of hard to use, abstracting away the complexity, and, specifically, the managed services? >> Yeah, absolutely. You want to go? >> Yeah, absolutely. I think, look, it's important to not kid ourselves. It is hard. (Johns laughs) But that doesn't mean it's not practical, right. When Kubernetes is done well, it's a thing of beauty. I mean, we have enough customer to scale, like, you know, it's like a, forget a hockey stick, it's a straight line up, because they just are moving so fast when they have the right platform in place. I think that the mistake that many of us make, and I've made this mistake when we started this company, was trivializing the platform aspect of Kubernetes, right. And a lot of my customers, you know, when they start, they kind of feel like, well, this is not that hard. I can bring this up and running. I just need two people. It'll be fine. And it's hard to hire, but then, I need two, then I need two more, then I need two, it's a lot, right. I think, the one thing I keep telling, like, when I talk to analysts, I say, "Look, somebody needs to write a book that says, 'Yes, it's hard, but, yes, it can be done, and here's how.'" Let's just be open about what it takes to get there, right. And, I mean, you mentioned OpenStack. I think the beauty of Kubernetes is that because it's such an open system, right, even with the managed offering, companies like Rafay can build really productive businesses on top of this Kubernetes platform because it's an open system. I think that is something that was not true with OpenStack. I've spent time with OpenStack also, I remember how it is. >> Well, Amazon had a lot to do with stalling the momentum of OpenStack, but your point about difficulty. Hadoop was always difficult to maintain and hiring against. There were no managed services and no one yet saw that value of big data yet. Here at Kubernetes, people are living a problem called, I'm scaling up. >> Yep. And so it sounds like it's a foundational challenge. The ongoing stuff sounds easier or manageable. >> Once you have the right tooling. >> Is that true? >> Yeah, no, I mean, once you have the right tooling, it's great. I think, look, I mean, you and I have talked about this before, I mean, the thesis behind Rafay is that, you know, there's like 8, 12 things that need to be done right for Kubernetes to work well, right. And my whole thesis was, I don't want my customer to buy 10, 12, 15 products. I want them to buy one platform, right. And I truly believe that, in our market, similar to what vCenter, like what VMware's vCenter did for VMs, I want to do that for Kubernetes, right. And that the reason why I say that is because, see, vCenter is not about hypervisors, right? vCenter is about hypervisor, access, networking, storage, all of the things, like multitenancy, all the things that you need to run an enterprise-grade VM environment. What is that equivalent for the Kubernetes world, right? So what we are doing at Rafay is truly building a vCenter, but for Kubernetes, like a kCenter. I've tried getting the domain. I couldn't get it. (Kevin laughs) >> Well, after the Broadcom view, you don't know what's going to happen. >> Ehh. (John laughs) >> I won't go there! >> Yeah. Yeah, let's not go there today. >> Kevin, EKS, I've heard people say to me, "Love EKS. Just add serverless, that's a home run." There's been a relationship with EKS and some of the other Amazon tools. Can you comment on what you're seeing as the most popular interactions among the services at AWS? >> Yeah, and was your comment there, add serverless? >> Add serverless with AKS at the edge- >> Yeah. >> and things are kind of interesting. >> I mean, so, one of the serverless offerings we have today is actually Fargate. So you can use Fargate, which is our serverless compute offering, or one of our serverless compute offerings with EKS. And so customers love that. Effectively, they get the beauty of EKS and the Kubernetes API but they don't have to manage nodes. So that's, you know, a good amount of adoption with Fargate as well. But then, we also have other ways that they can manage their nodes. We have managed node groups as well, in addition to self-managed nodes also. So there's a variety of options that customers can use from a compute perspective with EKS. And you'll continue to see us evolve the portfolio as well. >> Can you share, Haseeb, can you share a customer example, a joint customer example that you think really articulates the value of what Rafay and AWS are doing together? >> Yeah, absolutely. In fact, we announced a customer very recently on this very show, which is MoneyGram, which is a joint AWS and Rafay customer. Look, we have enough, you know, the thing about these massive customers is that, you know, not everybody's going to give us their logo to use. >> Right. >> But MoneyGram has been a Rafay plus EKS customer for a very, very long time. You know, at this point, I think we've earned their trust, and they've allowed us to, kind of say this publicly. But there's enough of these financial services companies who have, you know, standardized on EKS. So it's EKS first, Rafay second, right. They standardized on EKS. And then they looked around and said, "Who can help me platform EKS across my enterprise?" And we've been very lucky. We have some very large financial services, some very large healthcare companies now, who, A, EKS, B, Rafay. I'm not just saying that because my friend Kevin's here, (Lisa laughs) it's actually true. Look, EKS is a brilliant platform. It scales so well, right. I mean, people try it out, relative to other platforms, and it's just a no-brainer, it just scales. You want to build a big enterprise on the backs of a Kubernetes platform. And I'm not saying that's because I'm biased. Like EKS is really, really good. There's a reason why so many companies are choosing it over many other options in the market. >> You're doing a great job of articulating why the theme (Kevin laughs) of the New York City Summit is scale anything. >> Oh, yeah. >> There you go. >> Oh, yeah. >> I did not even know that but I'm speaking the language, right? >> You are. (John laughs) >> Yeah, absolutely. >> One of the things that we're seeing, also, I want to get your thoughts on, guys, is the app modernization trend, right? >> Yep. >> Because unlike other standards that were hard, that didn't have any benefit downstream 'cause they were too hard to get to, here, Kubernetes is feeding into real app for app developer pressure. They got to get cloud-native apps out. It's fairly new in the mainstream enterprise and a lot of hyperscalers have experience. So I'm going to ask you guys, what is the key thing that you're enabling with Kubernetes in the cloud-native apps? What is the key value? >> Yeah. >> I think, there's a bifurcation happening in the market. One is the Kubernetes Engine market, which is like EKS, AKS, GKE, right. And then there's the, you know, what, back in the day, we used to call operations and management, right. So the OAM layer for Kubernetes is where there's need, right. People are learning, right. Because, as you said before, the skill isn't there, you know, there's not enough talent available to the market. And that's the opportunity we're seeing. Because to solve for the standardization, the governance, and automation that we talked about earlier, you know, you have to solve for, okay, how do I manage my network? How do I manage my service mesh? How do I do chargebacks? What's my, you know, policy around actual Kubernetes policies? What's my blueprinting strategy? How do I do add-on management? How do I do pipelines for updates of add-ons? How do I upgrade my clusters? And we're not done yet, there's a longer list, right? This is a lot, right? >> Yeah. >> And this is what happens, right. It's just a lot. And really, the companies who understand that plethora of problems that need to be solved and build easy-to-use solutions that enterprises can consume with the right governance automation, I think they're going to be very, very successful here. >> Yeah. >> Because this is a train, right? I mean, this is happening whether, it's not us, it's happening, right? Enterprises are going to keep doing this. >> And open-source is a big driver in all of this. >> Absolutely. >> Absolutely. >> And I'll tag onto that. I mean, you talked about platform engineering earlier. Part of the point of building these platforms on top of Kubernetes is giving developers an easier way to get applications into the cloud. So building unique developer experiences that really make it easy for you, as a software developer, to take the code from your laptop, get it out of production as quickly as possible. The question is- >> So is that what you mean, does that tie your point earlier about that vertical, straight-up value once you've set up it, right? >> Yep. >> Because it's taking the burden off the developers for stopping their productivity. >> Absolutely. >> To go check in, is it configured properly? Is the supply chain software going to be there? Who's managing the services? Who's orchestrating the nodes? >> Yep. >> Is that automated, is that where you guys see the value? >> That's a lot of what we see, yeah. In terms of how these companies are building these platforms, is taking all the component pieces that Haseeb was talking about and really putting it into a cohesive whole. And then, you, as a software developer, you don't have to worry about configuring all of those things. You don't have to worry about security policy, governance, how your app is going to be exposed to the internet. >> It sounds like infrastructure is code. >> (laughs) Yeah. >> Come on, like. >> (laughs) Infrastructure's code is a big piece of it, for sure, for sure. >> Yeah, look, infrastructure's code actually- >> Infrastructure's sec is code too, the security. >> Yeah. >> Huge. >> Well, it all goes together. Like, we talk about developer self-service, right? The way we enable developer self-service is by teaching developers, here's a snippet of code that you write and you check it in and your infrastructure will just magically be created. >> Yep. >> But not automatically. It's going to go through a check, like a check through the platform team. These are the workflows that if you get them right, developers don't care, right. All developers want is I want to compute. But then all these 20 things need to happen in the back. That's what, if you nail it, right, I mean, I keep trying to kind of pitch the company, I don't want to do that today. But if you nail that, >> I'll give you a plug at the end. >> you have a good story. >> But I got to, I just have a tangent question 'cause you reminded me. There's two types of developers that have emerged, right. You have the software developer that wants infrastructures code. I just want to write my code, I don't want to stop. I want to build in shift-left for security, shift-right for data. All that's in there. >> Right. >> I'm coding away, I love coding. Then you've got the under-the-hood person. >> Yes. >> I've been to the engines. >> Certainly. >> So that's more of an SRE, data engineer, I'm wiring services together. >> Yeah. >> A lot of people are like, they don't know who they are yet. They're in college or they're transforming from an IT job. They're trying to figure out who they are. So question is, how do you tell a person that's watching, like, who am I? Like, should I be just coding? But I love the tech. Would you guys have any advice there? >> You know, I don't know if I have any guidance in terms of telling people who they are. (all laughing) I mean, I think about it in terms of a spectrum and this is what we hear from customers, is some customers want to shift as much responsibility onto the software teams to manage their infrastructure as well. And then some want to shift it all the way over to the very centralized model. And, you know, we see everything in between as well with our EKS customer base. But, yeah, I'm not sure if I have any direct guidance for people. >> Let's see, any wisdom? >> Aside from experiment. >> If you're coding more, you're a coder. If you like to play with the hardware, >> Yeah. >> or the gears. >> Look, I think it's really important for managers to understand that developers, yes, they have a job, you have to write code, right. But they also want to learn new things. It's only fair, right. >> Oh, yeah. >> So what we see is, developers want to learn. And we enable for them to understand Kubernetes in small pieces, like small steps, right. And that is really, really important because if we completely abstract things away, like Kubernetes, from them, it's not good for them, right. It's good for their careers also, right. It's good for them to learn these things. This is going to be with us for the next 15, 20 years. Everybody should learn it. But I want to learn it because I want to learn, not because this is part of my job, and that's the distinction, right. I don't want this to become my job because I want, I want to write my code. >> Do what you love. If you're more attracted to understanding how automation works, and robotics, or making things scale, you might be under-the-hood. >> Yeah. >> Yeah, look under the hood all day long. But then, in terms of, like, who keeps the lights on for the cluster, for example. >> All right, see- >> That's the job. >> He makes a lot of value. Now you know who you are. Ask these guys. (Lisa laughing) Congratulations on your success on EKS 2. >> Yeah, thank you. >> Quick, give a plug for the company. I know you guys are growing. I want to give you a minute to share to the audience a plug that's going to be, what are you guys doing? You're hiring? How many employees? Funding? Customer new wins? Take a minute to give a plug. >> Absolutely. And look, I come see, John, I think, every show you guys are doing a summit or a KubeCon, I'm here. (John laughing) And every time we come, we talk about new customers. Look, platform teams at enterprises seem to love Rafay because it helps them build that, well, Kubernetes platform that we've talked about on the show today. I think, many large enterprises on the financial service side, healthcare side, digital native side seem to have recognized that running Kubernetes at scale, or even starting with Kubernetes in the early days, getting it right with the right standards, that takes time, that takes effort. And that's where Rafay is a great partner. We provide a great SaaS offering, which you can have up and running very, very quickly. Of course, we love EKS. We work with our friends at AWS. But also works with Azure, we have enough customers in Azure. It also runs in Google. We have enough customers at Google. And it runs on-premises with OpenShift or with EKS A, right, whichever option you want to take. But in terms of that standardization and governance and automation for your developers to move fast, there's no better product in the market right now when it comes to Kubernetes platforms than Rafay. >> Kevin, while we're here, why don't you plug EKS too, come on. >> Yeah, absolutely, why not? (group laughing) So yes, of course. EKS is AWS's managed Kubernetes offering. It's the largest managed Kubernetes service in the world. We help customers who want to adopt Kubernetes and adopt it wherever they want to run Kubernetes, whether it's in region or whether it's on the edge with EKS A or running Kubernetes on Outposts and the evolving portfolio of EKS services as well. We see customers running extremely high-scale Kubernetes clusters, excuse me, and we're here to support them as well. So yeah, that's the managed Kubernetes offering. >> And I'll give the plug for theCUBE, we'll be at KubeCon in Detroit this year. (Lisa laughing) Lisa, look, we're giving a plug to everybody. Come on. >> We're plugging everybody. Well, as we get to plugs, I think, Haseeb, you have a book to write, I think, on Kubernetes. And I think you're wearing the title. >> Well, I do have a book to write, but I'm one of those people who does everything at the very end, so I will never get it right. (group laughing) So if you want to work on it with me, I have some great ideas. >> Ghostwriter. >> Sure! >> But I'm lazy. (Kevin chuckles) >> Ooh. >> So we got to figure something out. >> Somehow I doubt you're lazy. (group laughs) >> No entrepreneur's lazy, I know that. >> Right? >> You're being humble. >> He is. So Haseeb, Kevin, thank you so much for joining John and me today, >> Thank you. >> talking about what you guys are doing at Rafay with EKS, the power, why you shouldn't hate k8s. We appreciate your insights and your time. >> Thank you as well. >> Yeah, thank you very much for having us. >> Our pleasure. >> Thank you. >> We appreciate it. With John Furrier, I'm Lisa Martin. You're watching theCUBE live from New York City at the AWS NYC Summit. John and I will be right back with our next guest, so stick around. (upbeat music) (gentle music)

>>The cube presents, Coon and cloud native con Europe, 2022, brought to you by red hat, the cloud native computing foundation and its ecosystem partners. >>Welcome to Valencia Spain in Coon and cloud native con Europe, 2022. I'm Keith Townsend, along with my host, Paul Gillon senior editor, enterprise architecture at Silicon angle. We are continuing the conversation here at KU con cloud native con around security app defense. Paul, were you aware it was this many security challenges and, and that were native to like cloud native >>Well there's security challenges with every new technology. And as we heard, uh, today from our, some of our earlier guests, uh, containers and Kubernetes naturally introduce new variables in the landscape and that creates the potential vulnerabilities. So there's a whole industry that's evolving around that. And what we've been looking at today, yesterday, we talked very much about managing Kubernetes today. We're talking about many of the nuances of building a, a Kubernetes based environment and security is clearly one of them. >>So welcome our guests on Garrett, head of products. >>Thank >>You and community at deep fence. You know what I'm going. I'm going to start out the question with a pretty interesting security at scale is one of your taglines. >>Absolutely. >>What does that mean? Exactly. >>So Kubernetes is all about scale securing applications and Kubernetes is a completely different game to securing your traditional monolithic legacy enterprise applications. Kubernetes grows it scales it's elastic, and the perimeter around a Kubernetes application is very, very porous. There are lots of entry points. So you can't think about securing a cloud native application. The way that you might have secured a monolith securing a monolith is like securing a castle. You build a wall around it. You put guards on the gate. You control, who comes in and out, and job is more or less done securing a cloud native application. It's like securing a city. People are roaming through the city without checks and balances. There are lots of services in the city that you've got to check and monitor. It's extremely porous. So sec, all of the security problems in Kubernetes with cloud native applications, they're amplified by scale, the size of the application, the number of nodes and the complexity of the application and the way that it's built and delivered. >>That's, uh, kind of a chilling phrase. The perimeter is porous. Uh, yeah, companies are adopting Kubernetes right now. Evidently bringing in all of these new, these new, uh, vulnerability points. Do they know what they're getting into >>Many don't, there's, there's a huge amount of work around trying to help organizations make the transition from thinking about applications as single components to thinking about them as microservices with multiple little, little components, it's a really essential step because that's what allows businesses to evolve, to digitize, to deliver services, using APIs, mobile, mobile apps. So it's a necessary technical change, but it brings with it. Lots of challenges and security is one of those biggest challenges. >>So as I'm thinking about that poorest nature, I can't help, but think, you know, if I have my, my traditional IPS does a really great job of blocking that centralized data center and access to that centralized data center. As I think about that city example that you gave me, I'm thinking, you know what? I have intruders or not even intruders. I have bad actors within my city. You >>Do you, how >>Do, how does deep defense help protect me from those bad actors that are inside or roaming the city? >>So this is the wonderful, unique technology we have within deep fence. So we install little sensors, little lightweight sensors on each host. That's running your application on Kubernetes nodes as a Damon set against Fargate instances on Docker hosts on bare metal. And those sensors install little taps into the network using E B P F and they monitor the workloads. So it's a little bit like having CCTV cameras throughout your city tracking what's happening. There are a lot of solutions which we'll look at what happens on a workload traditional XDR solutions that look for things like process changes or file system changes. And we gather those signals indicators of compromise, but those alone are too little too late. They tell you that a breach has probably already happened. What deep defense does is we also look at the network. We gather network signals. We can see someone using a, a reconnaissance tool roaming through your application, sending probe traffic to try and find weak points. >>We can see them then elevating the level of attack and trying to weaponize a particular exploit that they might have find, or vulnerability that they find. We can see everything that comes into each of the components, not just at the perimeter, but right inside your application. We see what happens in those components process file, integrity, changes. And we see what comes out, attempt exfiltrate, something that looks like a database file or et cetera password. And we put all of these little subtle signals, the indicators of attack, the network based signals and the indicators of compromise. We put those together and we build a picture of the threats against each of the workloads in your cloud, native application. There's lots and lots of background, recon traffic. We see that you generally don't need to worry about that. It's just noise. But as that elevates and you see evidence of exploits and later spread, we identify that we'll let you know, or we can step in and we can proactively block the behavior that's causing those problems. So we can stop someone from accessing a component, or if a component's compromised, we can, we can freeze it and restart it. And this is a key part of the technology within our threat striker security observability platform, >>Uh, false alerts are the bane of the security ministry's existence. What do you do to protect against those? >>So we use a range of heuristics and a degree, a small degree of machine learning to try and piece together. What's happening. It's a complicated picture. So some of your viewers will have heard of a might attack matrix. So a dictionary of techniques and tactics and, and protocols that attackers might use in order to attack an infrastructure. So we gather the signals, those TTPs, and we then build a model to try and understand how those little signals pieced together. So maybe there's, you know, there's a guy with a striped striped vest that is trying the doors in your city, you know, a low level criminal who isn't getting anywhere. We'll pick that up and that's low risk. But then if we see that person infiltrate a building, because they find an open door, then that raises the level of risk. So we monitor the growing level of risk against each workload. >>And once it hits a level of concern, then we let you know, but you can then forensically go back in time and look at all of the signals that surround that. So we don't just tell you, there was an alert and a file was compromised in your workload, do something about it. We tell you the file was compromised. And prior to that, there were these events, process failures. Those could have been caused by network events that are correlated to a vulnerability that we know. And those in, in turn could have been discovered by recon traffic. So we help you build that entire active picture up. Every application's different. You need to have the context to understand and interpret signals that a solution like threat striker gives you, and we give you that context. >>So I would push back. If I'm a platform team, say, you know what? I have a service mesh. I, I have trusted traffic going to trucked traffic going from trusted sources. I'm, I'm cutting off the problem even before it happens. Why should I use, uh, deep fix? >>So a service mesh won't cut off the problem. It'll just hide the problem because a service mesh will just encrypt the traffic between each of the components. It doesn't stop the bad traffic flowing. If a component is compromised, people can still talk to another component and the service mesh happily encrypts it and hides it. What we do. We love service meshes because we can decrypt the traffic or we can inspect the individual application components before they talk to the mesh side car. So we can pull out and see the plane, text traffic. We can identify things that other tools wouldn't have a hope of, of identifying. >>So, you know, you, you just, uh, triggered something. >>Yeah. >>A lot of companies do not like decrypting that traffic after it's been sent, they don't want anyone else, including security tools to see it. Yeah. How do you ensure, how do you serve those clients? >>So we serve those clients by having an architecture that sits entirely on premise in their infrastructure. Their sensitive data never leaves their network, their VPCs, their, their boundary. They install a threat striker console. So this is the tool that does all of the analysis and make the protection decisions. They run that themselves. They deploy the threat, striker sensors in their production environment. They talk over secure links, authenticated to the console. So everything sits within their power view, their level of their degree of control. >>So if, if they're building a, a, a cloud application though, or, or a hybrid cloud application, how do you connect? How do you deal with the cloud side? >>So whether their production environments are next to the threat striker console, whether they're running on remote clouds, our sensors will run in all of those environments and the console will manage a complex hybrid environment. It will show you traffic running in your Kubernetes cluster and AWS traffic Mon running on your VMs on Google traffic, running in your 4g instances on again, on AWS and on your on-prem instances, it gathers that data securely from each of those remote places, sends it to the console that you own and operate securely. So you have full control over what is captured. It's encrypted, it's authenticated, it's streamed back. So it never leaves your level of control. >>Talk to me about the overhead. How is this deployed and managed with MI environment? >>So there are two components, as we've learned, we have the console. All of the work is done on the console, the any necessary decryption, all the calculation that runs on a Kubernetes cluster, that, that you would deploy, that you would scale. So that's fully in your control. Then you need to install little sensors on each of your production environments to bring the data back to the console. >>Now those on pots, or are those in running inside of, uh, containers themselves. >>So they are container based. They're typically deployed as a demon set. So one instance per node in your Kubernetes cluster, they are, we have put a lot of engineering work into making those as lightweight as possible. They do very little analysis themselves. They do a little bit of pre-filtering of network traffic to reduce the bandwidth, and then they pass the packets back to the management console. So our goal is to have the minimal impact on customers, production environments, so that they can scale and operate without an impact on the performance or availability of their applications. And we have customers who are monitoring services running on literally thousands of Kubernetes nodes and streaming the data back to their management console and using that to analyze from a single point of control what's going on in their applications. >>So we hear time and again, CIOs complaining that they have too many point security products. Yes, I think average of 87 in, in, in the enterprise, according to, to one survey, aren't you just another, >>And that is the big challenge with security. There is no silver bullet product that will secure everything that you have. You have your, the what, you're the, what you're securing scales over space from your infrastructure to the containers and the workloads and the application code. It scales over time. Are you secure? Are you putting security measures in, at shift left development when you deploy or are you securing production? And it scales over the environments. There is no silver bullet that will provide best to breed security across that entire set of dimensions. There are large organizations that will present you with holistic solutions, which are a bunch of different solutions with the same logo on them, bundle together under the same umbrella. Those don't necessarily solve the problem. You need to understand the risks that your organization is faced. And then what are the best to breed solutions for each of those risks and for the life cycle of your application at deep fence, we are about securing your production environment. >>Your developers have built applications. They've secured those applications using tools like SNCC, and they've ticked and signed off saying with this list of documented vulnerabilities, my application is secure. It's now ready to go into production. But when I talk to, to application security people to ops people, and I say, are the applications in your Kubernetes environment? Are they secure? They say, look, honestly, I don't know, the developers have signed off something, but that's not what I'm running. I've had to inject things into the application. So it's different. There could have been issues that were, that were discovered after the developers signed it off. The developers made exceptions, but also 60, 80% of the code I'm running in production. Didn't come from my development team. It's infrastructure, it's third party modules. So when you look at security as a whole, you realize there are so many ax axis that you have to consider. There are so many points along these, a axis, and you need to figure out in a kind of a van diagram fashion, how are you going to address security issues at each of those points? So when it comes to production security, if you want a best breed solution for finding vulnerabilities in your production environment, threat map, open source, we'll do that. And then for monitoring attack behavior threat striker enterprise will do that. Then deep defense is a great set of solutions to look at. >>So on. Thanks for stopping by security at layers is a repetitive thing that we hear security experts talk about. Not one solution will solve every problem when it comes to security from Valencia Spain, I'm Keith Townson, along with Paul Gillon and you're watching the Q the leader in high tech coverage.

(upbeat music) >> Hello, and welcome to this startup showcase. It's great to be here and talk about some of the innovations we are doing at AWS, how we work with our partner community, especially our open source partners. My name is Deepak Singh. I run our compute services organization, which is a very vague way of saying that I run a number of things that are connected together through compute. Very specifically, I run a container services organization. So for those of you who are into containers, ECS, EKS, fargate, ECR, App Runner Those are all teams that are within my org. I also run the Amazon Linux and BottleRocketing. So anything AWS does with Linux, both externally and internally, as well as our high-performance computing team. And perhaps very relevant to this discussion, I run the Amazon open source program office. Serving at AWS for over 13 years, almost 14, involved with compute in various ways, including EC2. What that has done has given me a vantage point of seeing how our customers use the services that we build for them, how they leverage various partner solutions, and along the way, how AWS itself has gotten involved with opensource. And I'll try and talk to you about some of those factors and how they impact, how you consume our services. So why don't we get started? So for many of you, you know, one of the things, there's two ways to look at AWS and open-source and Amazon in general. One is the number of contributors you may have. And the number of repositories that contribute to. Those are just a couple of measures. There are people that I work with on a regular basis, who will remind you that, those are not perfect measures. Sometimes you could just contribute to one thing and have outsized impact because of the nature of that thing. But it address being what it is, increasingly we'll look at different ways in which we can help contribute and enhance open source 'cause we consume a lot of it as well. I'll talk about it very specifically from the space that I work in the container space in particular, where we've worked a lot with people in the Kubernetes community. We've worked a lot with people in the broader CNCF community, as well as, you know, small projects that our customers might have got started off with. For example, I want to like talking about is Argo CD from Intuit. We were very actively involved with helping them figure out what to do with it. And it was great to see how into it. And we worked, etc, came together to think about get-ups at the Kubernetes level. And while those are their projects, we've always been involved with them. So we try and figure out what's important to our customers, how we can help and then take because of that. Well, let's talk about a little bit more, here's some examples of the kinds of open source projects that Amazon and AWS contribute to. They arranged from the open JDK. I think we even now have our own implementation of Java, the Corretto open source project. We contribute to projects like rust, where we are very active in the rest foundation from a leadership role as well, the robot operating system, just to pick some, we collaborate with Facebook and actively involved with the pirates project. And there's many others. You can see all the logos in here where we participate either because they're important to us as AWS in the services that we run or they're important to our customers and the services that they consume or the open source projects they care about and how we get to those. How we get and make those decisions is often depends on the importance of that particular project. At that point in time, how much impact they're having to AWS customers, or sometimes very feel that us contributing to that project is super critical because it helps us build more robust services. I'll talk about it in a completely, you know, somewhat different basis. You may have heard of us talk about our new next generation of Amazon Linux 2022, which is based on fedora as its sub stream. One of the reasons we made this decision was it allows us to go and participate in the preneurial project and make sure that the upstream project is robust, stays robust. And that, that what that ends up being is that Amazon Linux 2022 will be a robust operating system with the kinds of capabilities that our customers are asking for. That's just one example of how we think about it. So for example, you know, the Python software foundation is something that we work with very closely because so many of our customers use Python. So we help run something like PyPy which is many, you know, if you're a Python developer, I happened to be a Ruby one, but lots of our customers use Python and helping the Python project be robust by making sure PyPy is available to everybody is something that we help provide credits for help support in other ways. So it's not just code. It can mean many different ways of contributing as well, but in the end code and operations is where we hang our happens. Good examples of this is projects that we will create an open source because it makes sense to make sure that we open source some of the core primitives or foundations that are part of our own services. A great example of that, whether this be things that we open source or things that we contribute to. And I'll talk about both and I'll talk about things near and dear to my heart. There's many examples I've picked the two that I like talking about. The first of these is firecracker. Many of you have heard about it, a firecracker for those of you who don't know is a very lightweight virtual machine manager, which allows you to run these micro VMs. And why was this important many years ago when we started Lambda and quite honestly, Fugate and foggy, it still runs quite a bit in that mode, we used to have to run on VMs like everything else and finding the right VM for the size of tasks that somebody asks for the size of function that somebody asks for is requires us to provision capacity ahead of time. And it also wastes a lot of capacity because Lambda function is small. You won't even if you find the smallest VM possible, those can be a little that can be challenging. And you know, there's a lot of resources that are being wasted. VM start at a particular speed because they have to do a whole bunch of things before the operating system spins up and the virtual machine spins up and we asked ourselves, can we do better? come up with something that allows us to create right size, very lightweight, very fast booting. What's your machines, micro virtual machine that we ended up calling them. That's what led to firecracker. And we open source the project. And today firecrackers use, not just by AWS Lambda or foggy, but by a number of other folks, there's companies like fly IO that are using it. We know people using firecracker to run Kubernetes on prem on bare metal as an example. So we've seen a lot of other folks embrace it and use it as the foundation for building their own serverless services, their own container services. And we think there's a lot of value and learnings that we can bring to the table because we get the experience of operating at scale, but other people can bring to the table cause they may have specific requirements that we may not find it as important from an AWS perspective. So that's firecracker an example of a project where we contribute because we feel it's fundamentally important to us as continually. We were found, you know, we've been involved with continuity from the beginning. Today, we are a whole team that does nothing else, but contribute to container D because container D underlies foggy. It underlies our Kubernetes offerings. And it's increasingly being used by customers directly by their placement. You know, where they're running container D instead of running a full on Docker or similar container engine, what it has allowed us to do is focus on what's important so that we can operate continuously at scale, keep it robust and secure, add capabilities to it that AWS customers need manifested often through foggy Kubernetes, but in the end, it's a win-win for everybody. It makes continuously better. If you want to use containers for yourself on AWS, that's a great way to you. You know, you still, you still benefit from all the work that we're doing. The decision we took was since it's so important to us and our customers, we wanted a team that lived in breathed container D and made sure a super robust and there's many, many examples like that. No, that we ended up participating in, either by taking a project that exists or open sourcing our own. Here's an example of some of the open source projects that we have done from an AWS on Amazon perspective. And there's quite a few when I was looking at this list, I was quite surprised, not quite surprised I've seen the reports before, but every time I do, I have to recount and say, that's a lot more than one would have thought, even though I'd been looking at it for such a long time, examples of this in my world alone are things like, you know, what work had to do with Amazon Linux BottleRocket, which is a container host operating system. That's been open-sourced from day one. Firecracker is something we talked about. We have a project called AWS peril cluster, which allows you to spin up high performance computing clusters on AWS using the kind of schedulers you may use to use like slum. And that's an open source project. We have plenty of source projects in the web development space, in the security space. And more recently things like the open 3d engine, which is something that we are very excited about and that'd be open sourced a few months ago. And so there's a number of these projects that cover everything from tooling to developer, application frameworks, all the way to database and analytics and machine learning. And you'll notice that in a few areas, containers, as an example, machine learning as an example, our default is to go with open source option is where we can open source. And it makes sense for us to do so where we feel the product community might benefit from it. That's our default stance. The CNCF, the cloud native computing foundation is something that we've been involved with quite a bit. You know, we contribute to Kubernetes, be contribute to Envoy. I talked about continuity a bit. We've also contributed projects like CDK 8, which marries the AWS cloud development kit with Kubernetes. It's now a sandbox project in Kubernetes, and those are some of the areas. CNCF is such a wide surface area. We don't contribute to everything, but we definitely participate actively in CNCF with projects like HCB that are critical to eat for us. We are very, very active in just how the project evolves, but also try and see which of the projects that are important to our customers who are running Kubernetes maybe by themselves or some other project on AWS. Envoy is a good example. Kubernetes itself is a good example because in the end, we want to make sure that people running Kubernetes on AWS, even if they are not using our services are successful and we can help them, or we can work on the projects that are important to them. That's kind of how we think about the world. And it's worked pretty well for us. We've done a bunch of work on the Kubernetes side to make sure that we can integrate and solve a customer problem. We've, you know, from everything from models to work that we have done with gravity on our arm processor to a virtual GPU plugin that allows you to share and media GPU resources to the elastic fabric adapter, which are the network device for high performance computing that it can use at Kubernetes on AWS, along with things that directly impact Kubernetes customers like the CDKs project. I talked about work that we do with the container networking interface to the Amazon control of a Kubernetes, which is an open source project that allows you to use other AWS services directly from Kubernetes clusters. Again, you notice success, Kubernetes, not EKS, which is a managed Kubernetes service, because if we want you to be successful with Kubernetes and AWS, whether using our managed service or running your own, or some third party service. Similarly, we worked with premetheus. We now have a managed premetheus service. And at reinvent last year, we announced the general availability of this thing called carpenter, which is a provisioning and auto-scaling engine for Kubernetes, which is also an open source project. But here's the beauty of carpenter. You don't have to be using EKS to use it. Anyone running Kubernetes on AWS can leverage it. We focus on the AWS provider, but we've built it in such a way that if you wanted to take carpenter and implemented on prem or another cloud provider, that'd be completely okay. That's how it's designed and what we anticipated people may want to do. I talked a little bit about BottleRocket it's our Linux-based open-source operating system. And the thing that we have done with BottleRocket is make sure that we focus on security and the needs of customers who want to run orchestrated container, very focused on that problem. So for example, BottleRocket only has essential software needed to run containers, se Linux. I just notice it says that's the lineups, but I'm sure that, you know, Lena Torvalds will be pretty happy. And seeing that SE linux is enabled by default, we use things like DM Verity, and it has a read only root file system, no shell, you can assess it. You can install it if you wanted to. We allowed it to create different bill types, variants as we call them, you can create a variant for a non AWS resource as well. If you have your own homegrown container orchestrator, you can create a variant for that. It's designed to be used in many different contexts and all of that is open sourced. And then we use the update framework to publish and secure repository and kind of how this transactional system way of updating the software. And it's something that we didn't invent, but we have embraced wholeheartedly. It's a bottle rockets, completely open source, you know, have partners like Aqua, where who develop security tools for containers. And for them, you know, something I bought in rocket is a natural partnership because people are running a container host operating system. You can use Aqua tooling to make sure that they have a secure Indiana environment. And we see many more examples like that. You may think so over us, it's all about AWS proprietary technology because Lambda is a proprietary service. But you know, if you look peek under the covers, that's not necessarily true. Lambda runs on top of firecracker, as we've talked about fact crackers and open-source projects. So the foundation of Lambda in many ways is open source. What it also allows people to do is because Lambda runs at such extreme scale. One of the things that firecracker is really good for is running at scale. So if you want to build your own firecracker base at scale service, you can have most of the confidence that as long as your workload fits the design parameters, a firecracker, the battle hardening the robustness is being proved out day-to-day by services at scale like Lambda and foggy. For those of you who don't know service support services, you know, in the end, our goal with serverless is to make sure that you don't think about all the infrastructure that your applications run on. We focus on business logic as much as you can. That's how we think about it. And serverless has become its own quote-unquote "Sort of environment." The number of partners and open-source frameworks and tools that are spun up around serverless. In which case mostly, I mean, Lambda, API gateway. So it says like that is pretty high. So, you know, number of open source projects like Zappa server serverless framework, there's so many that have come up that make it easier for our customers to consume AWS services like Lambda and API gateway. We've also done some of our own tooling and frameworks, a serverless application model, AWS jealous. If you're a Python developer, we have these open service runtimes for Lambda, rust dot other options. We have amount of number of tools that we opened source. So in general, you'll find that tooling that we do runtime will tend to be always be open-sourced. We will often take some of the guts of the things that we use to build our systems like firecracker and open-source them while the control plane, etc, AWS services may end up staying proprietary, which is the case in Lambda. Increasingly our customers build their applications and leverage the broader AWS partner network. The AWS partner network is a network of partnerships that we've built of trusted partners. when you go to the APN website and find a partner, they know that that partner meets a certain set of criteria that AWS has developed, and you can rely on those partners for your own business. So whether you're a little tiny business that wants some function fulfill that you don't have the resources for or large enterprise that wants all these applications that you've been using on prem for a long time, and want to keep leveraging them in the cloud, you can go to APN and find that partner and then bring their solution on as part of your cloud infrastructure and could even be a systems integrator, for example, to help you solve this specific development problem that you may have a need for. Increasingly, you know, one of the things we like to do is work with an apartment community that is full of open-source providers. So a great one, there's so many, and you have, we have a panel discussion with many other partners as well, who make it easier for you to build applications on AWS, all open source and built on open source. But I like to call it a couple of them. The first one of them is TIDELIFT. TIDELIFT, For those of you who don't know is a company that provides SAS based tools to curate track, manage open source catalogs. You know, they have a whole network of maintainers and providers. They help, if you're an independent open developer, or a smart team should probably get to know TIDELIFT. They provide you benefits and, you know, capabilities as a developer and maintainer that are pretty unique and really help. And I've seen a number of our open source community embraced TIDELIFT quite honestly, even before they were part of the APN. But as part of the partner network, they get to participate in things like ISP accelerate and they get to they're officially an advanced tier partner because they are, they migrated the SAS offering onto AWS. But in the end, if you're part of the open source supply chain, you're a maintainer, you are a developer. I would recommend working with TIDELIFT because their goal is making all of you who are developing open source solutions, especially on AWS, more successful. And that's why I enjoy this partnership with them. And I'm looking to do a lot more because I think as a company, we want to make sure that open source developers don't feel like they are not supported because all you have to do is read various forums. It's challenging often to be a maintainer, especially of a small project. So I think with helping with licensing license management, security identification remediation, helping these maintainers is a big part of what TIDELIFT to us and it was great to see them as part of a partner network. Another partner that I like to call sysdig. I actually got introduced to them many years ago when they first launched. And one of the things that happened where they were super interested in some of our serverless stuff. And we've been trying to figure out how we can work together because all of our customers are interested in the capabilities that cystic provides. And over the last few years, he found a number of areas where we can collaborate. So sysdig, I know them primarily in a security company. So people use cystic to secure the bills, detect, you know, do threat response, threat detection, completely continuously validate their posture, get this continuous analytics signal on how they're doing and monitor performance. At the end of it, it's a SAS platform. They have a very nice open source security stack. The one I'm most familiar with. And I think most of you are probably familiar with is Falco. You know, sysdig, a CNCF project has been super popular. It's just to go SSS what 3, 37, 40 million downloads by now. So that's pretty, pretty cool. And they have been a great partner because we've had to do make sure that their solution works at target, which is not a natural place for their software to run, but there was enough demand and interest from our customers that, you know, or both companies leaned in to make sure they can be successful. So last year sister got a security competency. We have a number of specific competencies that we for our partners, they have integration and security hub is great. partners are lean in the way cystic has onto making our customer successful. And working with us are the best partners that we have. And there's a number of open source companies out there built on open source where their entire portfolio is built on open source software or the active participants like we are that we love working with on a day to day basis. So, you know, I think the thing I would like to, as we wind this out in this presentation is, you know, AWS is constantly looking for partnerships because our partners enable our customers. They could be with companies like Redis with Mongo, confluent with Databricks customers. Your default reaction might be, "Hey, these are companies that maybe compete with AWS." but no, I mean, I think we are partners as well, like from somebody at the lower end of the spectrum where people run on top of the services that I own on Linux and containers are SE 2, For us, these partners are just as important customers as any AWS service or any third party, 20 external customer. And so it's not a zero sum game. We look forward to working with all these companies and open source projects from an AWS perspective, a big part of how, where my open source program spends its time is making it easy for our developers to contribute, to open source, making it easy for AWS teams to decide when to open source software or participate in open source projects. Over the last few years, we've made significant changes in how we reduce the friction. And I think you can see it in the results that I showed you earlier in this stock. And the last one is one of the most important things that I say and I'll keep saying that, that we do as AWS is carry the pager. There's a lot of open source projects out there, operationalizing them, running them at scale is not easy. It's not all for whatever reason. It may not have anything to do with the software itself. But our core competency is taking that and being really good at operating it and becoming experts at operating it. And then ideally taking that expertise and experience and operating that project, that software and contributing back upstream. Cause that makes it better for everybody. And I think you'll see us do a lot more of that going forward. We've been doing that for the last few years, you know, in the container space, we do it every day. And I'm excited about the possibilities. With that. Thank you very much. And I hope you enjoy the rest of the showcase. >> Okay. Welcome back. We have Deepak sing here. We just had the keynote closing keynote vice-president of compute services. Deepak. Great to a great keynote, great wisdom and insight from that session. A very notable highlights and cutting edge trends and product information. Thanks for sharing. >> No, anytime it's always good to be here. It's too bad that we still doing this virtually, but always good to talk to you, John. >> We'll get hopefully through this way pretty quickly, I want to jump right in. Cause we don't have a lot of time. I want to get some quick question. You've brought up a good things. Open source innovation. Okay. Going next level. You've seen the rise of super clouds and super apps developing at open source. You're seeing big companies contributing, you know, you mentioned Argo into it. You're seeing that dynamic where companies are forming around this. This is a rising tide. This is, this is actually real. It's not the old school of, okay, here's a project. And then someone manages support and commercialization of it. It's actually platform in cloud scale. This is next gen. >> Yeah. And actually I think it started a few years ago. We can talk about a company that, you know, you're very familiar with as part of this event, which is armory many years ago, Netflix spun off this project called Spinnaker. A Spinnaker is CISED you know, CSED system that was developed at Netflix for their own purposes, but they chose to open solicit. And since then, it's become very popular with customers who want to use it even on prem. And you have a company that spun up on it. I think what's making this world very unique is you have very large companies like Facebook that will build things for themselves like VITAS or Netflix with Spinnaker and open source them. And you can have a lot of discussion about why they chose to do so, etc. But increasingly that's becoming the default when Amazon or Netflix or Facebook or Mehta, I guess you call them these days, build something for themselves for their own needs. The first question we ask ourselves is, should it be opensource? And increasingly we are all saying yes. And here's what happens because of that. It gives an opportunity depending on how you open source it for innovation through commercial deployments, so that you get SaaS companies, you know, that are going to take that product and make it relevant and useful to a very broad number of customers. You build partnerships with cloud providers like AWS, because our customers love this open source project and they need help. And they may choose an AWS managed service, or they may end up working with this partner on a day-to-day basis. And we want to work with that partner because they're making our customers successful, which is one reason all of us are here. So you're having this set of innovation from large companies from, you know, whether they are just consumer companies like Metta infrastructure companies like us, or just random innovation that's happening in an open source project that which ends up in companies being spun up and that foster that innovative innovation and that flywheel that's happening right now. And I think you said that like, this is unique. I mean, you never saw this happen before from so many different directions. >> It really is a nice progression on the business model side as well. You mentioned Argo, which is a great organic thing that was Intuit developed. We just interviewed code fresh. They just presented here in the showcase as well. You seeing the formation around these projects develop now in the community at a different scale. I mean, look at code fresh. I mean, Intuit did it Argo and they're not just supporting it. They're building a platform. So you seeing the dynamics of tools and now emerging the platforms, you mentioned Lambda, okay. Which is proprietary for AWS and your talk powered by open source. So again, open source combined with cloud scale allows for new potential super applications or super clouds that are developing. This is a new phenomenon. This isn't just lift and shift and host on the cloud. This is actually a construction production developer workflow. >> Yeah. And you are seeing consumers, large companies, enterprises, startups, you know, it used to be that startups would be comfortable adopting some of these solutions, but now you see companies of all sizes doing so. And I said, it's not just software it's software, the services increasingly becoming the way these are given, delivered to customers. I actually think the innovation is just getting going, which is why we have this. We have so many partners here who are all in inventing and innovating on top of open source, whether it's developed by them or a broader community. >> Yeah. I liked, I liked the represent container. Do you guys have, did that drove that you've seen a lot of changes and again, with cloud scale and open source, you seeing the dynamics change, whether you're enabling that, and then you see kind of like real big change. So let's take snowflake, a big customer of AWS. They started out as a startup too, but they weren't a data warehouse. They were bringing data warehouse like functionality and then changing everything differently and making it consumable for the cloud. And hence they're huge. So that's a disruption into an incumbent leader or sector. Then you've got new capabilities emerging. What's your thoughts, Deepak? Can you share your vision on how you have the disruption to existing leaders, old guard, if you will, as you guys call them and then new capabilities as these new platforms emerge at a net new functionality, how do you see that emerging? >> Yeah. So I speak from my side of the world. I've lived in over the last few years, which has containers and serverless, right? There's a lot of, if you go to any enterprise and ask them, do you want to modernize the infrastructure? Do you want to take advantage of automated software delivery, continuous delivery infrastructure as code modern observability, all of them will say yes, but they also are still a large enterprise, which has these enterprise level requirements. I'm using the word enterprise a lot. And I usually it's a trigger word for me because so many customers have similar requirements, but I'm using it here as large company with a lot of existing software and existing practices. I think the innovation that's coming and I see a lot of companies doing that is saying, "Hey, we understand the problems you want to solve. We understand the world where you live in, which could be regulated." You want to use all these new modalities. How do we allow you to use all of them? Keep the advantages of switching to a Lambda or switching to, and a service running on far gate, but give you the same capabilities. And I think I'll bring up cystic here because we work so closely with them on Falco. As an example, I just talked about them in my keynote. They could have just said, "Oh no, we'll just support the SE2 and be done with it." They said, "No, we're going to make sure that serverless containers in particular are something that you're going to be really good at because our customers want to use them, but requires us to think differently. And then they ended up developing new things like Falco that are born in this new world, but understand the requirements of the old world. If you get what I'm saying. And I think that a real example. >> Yeah. Oh, well, I mean, first of all, they're smart. So that was pretty obvious for most people that know, sees that you can connect the dots on serverless, which is a great point, but not everyone can see that again, this is what's new and and systig was just found in his backyard. As I found out on my interview, a great, great founder, they would do a new thing. So it was a very easy to connect the dots there again, that's the trend. Well, I got to ask if they're doing that for serverless, you mentioned graviton in your speech and what came out of you mentioned graviton in your speech and what came out of re-invent this past year was all the innovation going on at the compute level with gravitron at many levels in the Silicon. How should companies and open source developers think about how to innovate with graviton? >> Yeah, I mean, you've seen examples from people blogging and tweeting about how fast their applications run and grab it on the price performance benefits that they get, whether it's on, you know, whether it's an observability or other places. something that AWS is going to embrace across a compute something that AWS is going to embrace across a compute portfolio. Obviously you can go find EC2 instances, the gravitron two instances and run on them and that'll be great. But we know that most of our customers, many of our customers are building new applications on serverless containers and serveless than even as containers increasingly with things like foggy, where they don't want to operate the underlying infrastructure. A big part of what we're doing is to make sure that graviton is available to you on every compute modality. You can run it on a C2 forever. You've been running, being able to use ECS and EKS and run and grab it on almost since launch. What do you want me to take it a step further? You elastic Beanstalk customers, elastic Beanstalk has been around for a decade, but you can now use it with graviton. people running ECS on for gate can now use graviton. Lambda customers can pick graviton as well. So we're taking this price performance benefits that you get So we're taking this price performance benefits that you get from graviton and basically putting it across the entire compute portfolio. What it means is every high level service that gets built on compute infrastructure. And you get the price performance benefits, you get the price performance benefits of the lower power consumption of arm processes. So I'm personally excited like crazy. And you know, this has graviton 2 graviton 3 is coming. >> That's incredible. It's an opportunity like serverless was it's pretty obvious. And I think hopefully everyone will jump on that final question as the time's ticking here. I want to get your thoughts quickly. If you look at what's happened with containers over the past say eight years since the original founding of the first Docker instance, if you will, to how that's evolved and then the introduction of Kubernetes and the cloud native wave we're seeing now, what is, how would you describe the relationship between the success Docker, seeing now with Kubernetes in the cloud native construct what's different and why is this combination so successful? >> Yeah. I often say that containers would have, let me rephrase that. what I say is that people would have adopted sort of the modern way of running applications, whether containers came around or not. But the fact that containers came around made that migration and that journey is so much more efficient for people. So right from, I still remember the first doc that Solomon gave Billy announced DACA and starting to use it on customers, starting to get interested all the way to the more sort of advanced orchestration that we have now for containers across the board. And there's so many examples of the way you can do that. Kubernetes being the most, most well-known one. Here's the thing that I think has changed. I think what Kubernetes or Docker, or the whole sort of modern way of building applications has done is it's taken people who would have taken years adopting these practices and by bringing it right to the fingertips and rebuilding it into the APIs. And in the case of Kubernetes building an entire sort of software world around it, the number of, I would say number of decisions people have to take has gone smaller in many ways. There's so many options, the number of decisions that become higher, but the com the speed at which they can get to a result and a production version of an application that works for them is way low. I have not seen anything like what I've seen in the last 6, 7, 8 years of how quickly the most you know, the most I would say is, you know, a company that you would think would never adopt modern technology has been able to go from, this is interesting to getting a production really quickly. And I think it's because the tooling makes it So, and the fact that you see the adoption that you see right and the fact that you see the adoption that you see right from the fact that you could do Docker run Docker, build Docker, you know, so easily back in the day, all the way to all the advanced orchestration you can do with container orchestrator is today. sort of taking all of that away as well. there's never been a better time to be a developer independent of whatever you're trying to build. And I think containers are a big central part of why that's happened. >> Like the recipe, the combination of cloud-scale, the timing of Kubernetes and the containerization concepts just explode as a beautiful thing. And it creates more opportunities and will challenges, which are opportunities that are net new, but it solves the automation piece that we're seeing this again, it's only makes things go faster. >> Yes. >> And that's the key trend. Deepak, thank you so much for coming on. We're seeing tons of open cloud innovations, thanks to the success of your team at AWS and being great participants in the community. We're seeing innovations from startups. You guys are helping enabling that. Of course, they want to live on their own and be successful and build their super clouds and super app. So thank you for spending the time with us. Appreciate. >> Yeah. Anytime. And thank you. And you know, this is a great event. So I look forward to people running software and building applications, using AWS services and all these wonderful partners that we have. >> Awesome, great stuff. Great startups, great next generation leaders emerging. When you see startups, when they get successful, they become the modern software applications platforms out there powering business and changing the world. This is the cube you're watching the AWS startup showcase. Season two episode one open cloud innovations on John Furrier your host, see you next time.

(upbeat music) >> Hello, and welcome to this Cube Conversation kicking off 2022, I'm John Furrier, your host of theCUBE. We're with Loris Degioanni, Chief Technology Officer and founder of Sysdig. A company that's in the pioneering cloud native and cloud native security, open source, big part of the CNCF, CUBECon coverage. Of course, we know them as of that environment as well as DockerCon which we've covered many times. Sysdig is a very successful company. Loris, welcome to theCUBE Conversation. >> Thank you and thanks for having me. >> Well, we know a lot about you, but a lot of folks are learning about you guys with your success. Congratulations on the funding and the validation of your product, which is not a surprise. We've been saying on theCUBE open source has been powering innovation for some time and getting stronger, faster. The predictions in the Linux Foundation about this open source contributions continue to be blown away by their projections and more and more is coming. A new generation is upon us. Cloud Native, Edge, Kubernetes. All of these things are powering a modern application environment which is changing business. And under the covers, you guys are a big part of it. So take us through who Sysdig is, what you guys do for the folks out there and let's get into it. Obviously open source is a big part of it. Take us through who is Sysdig and what do you guys do. >> Yeah, Sysdig helps you run your software in the cloud in a way that is secure and confidently. We have a security solution that covers containers, cloud and Kubernetes. And we cover you in the life cycle of modern application. So the Sysdig security platform helps you secure application in a way that ranges from like shift left in CSD and finding vulnerabilities in your CSD pipeline to run time security that is very important in the cloud in particular with orchestrated infrastructures like the ones that are run by Kubernetes. And then of course, everything that has to do with the forensics, threat-hunting and so on. And the world is changing, security is changing, and Sysdig is one of the startups, one of the companies that is at the forefront of true modern cloud native security. >> So I got to ask you. Were you sitting in your backyard one day thinking, hey, I'm going to start a company? How did this all come together? I mean, the originator story, because we saw open source, we saw even more before CNCF was formed, you saw what cloud was doing. Again, we saw OpenStack and all these other things happening around technology. What was the driver behind the founding of Sysdig, and then how did that progress? Because again, there's an open source component here I want to get into. >> Yeah, and it's interesting that you say backyard because actually Sysdig was actually started in my backyard. Just outside of here. So the backyard metaphor is very, very fitting here. And in a general way, let's say I come from a background in open source for a very long time. Sysdig is my second company. My first company was called Case Technologies. It was the company behind an open source network analyzer called Wireshark, which is widely used by millions and millions of people around the world to do network troubleshooting and network analysis. And when we were doing network packets, we were using like the network devices to collect information. The data that is being transferred on the network has some very nice properties, it's rich. It's very deep. When you can see and decode what's happening on the network, you can understand what applications are doing, what the users are doing. I used to say, packets never lie, right? Because you could connect to the router and collect this data and they have a very good picture without any two instrument libraries to link, to install stuff and so on. And all of a sudden, we're moving to the cloud and the router that was like the vintage point for this beautiful way of doing security and visibility disappears. And you're renting instances that are floating in the Amazon cloud. And when the world changed that way from one point of view, I was sure that what we're doing before was useful and was powerful for the users. But I was also sure, okay, the world is going to change. The retrofitted solutions are not going to work. We can take our product, but then we have the innovator dilemma. We have a product that we cannot completely radically change. So I decided let's start from scratch. Let's start Sysdig. Let's try to understand actually what this cloud is going, where containers are going. There's this new Kubernetes thing that everybody's talking about. What does it mean to offer deep, rich, but at the same time lightweight and easy to deploy security and visibility for this kind of new way of writing software and that's how Sysdig was born. >> So if I remember correctly back in that timeframe, that couple you said you found a millions people using that application. If I remember correctly, that was software network monitoring. Is that true? Is that open source at that time? Was that an open project or was that? >> Yeah, like Wireshark is a network analyzer and the software that we're doing was heavily open source oriented and was mostly software and there were also potentially appliances because this was data center more kind of stuff. >> That was before cloud even came here. So again, defined data center software and defined clouds happening. So again, good segue into kind of where security, you mentioned footprints, you can track people with packets. So to your point, is this the tie into security, tell us how this fits in with open source and security with the software piece? >> Yeah, what Sysdig did essentially, the idea was let's learn from our prior life. I always say that every new wave of technology is built on the shoulders of the previous one. And you'd never reinvent anything. You just apply it and evolve it. And the same thing we did with Sysdig. So we learned what was working with our previous approaches that were based on observing the applications behavior by looking essentially at network traffic, but we adapted it to modern infrastructures. And open source was our mantra before with Wireshark and became our mantra with Sysdig. Sysdig, the company name comes from the open source tool that we released was the first thing that we released in our company. And then few years later with Falco, which now is the premier open source project that was created by Sysdig and is now part of the CNCF, it's an incubating project. And it's essentially the runtime security tool for containers, Kubernetes, and cloud. >> Take us through that Falco, because I think this is an important distinction on your success trajectory because CNCF has a nice playbook where companies can contribute to the CNCF at the same time, that creates an open environment for all, and then have a business model tied to it. This is kind of a new, not new, but this is a successful way to be open source and have a commercial opportunity. >> Yeah, and very much a substantial portion of our commercial product is let's say an extension of Falco. But let's say our approach was like, let's first produce something that is truly useful for the community and fits in the proper way with the ecosystem, with the rest of the ecosystem. Nowadays in every field security as well, you don't build any more a single solution. You build something that needs to fit very well in the stack. Kubernetes, Prometers, network meshes and DCO and this kind of stuff, these all fit together. So Falco, which is the runtime security component needs to fit as well. So initially our focus was like, okay, we need to fill the gap of runtime security for containers, for Kubernetes, and also for cloud. But we need to do that in a way that is community first and data really helps, but also engages and takes advantage of the users, of the broader community. At that point, going to the CNCF and telling the CNCF, hey, look, we developed these, are you interested in partnering with us and being essentially the organization behind this project, was very natural. And that's what we did in 2016, sorry, 2018. 2016 is when Falco started, 2018. And at that point, you know, it's a great partnership because the CNCF is really a great home for all of these projects and really makes it possible for the users to trust a project in a way that they know that even if the commercial banker, even if the original creators, even if the team rotates and changes and evolves, the end users can still use this project, trust this project and know that it's community driven. And it's been a great journey for us. >> How would you describe what Falco is and what are the key use cases? >> Yeah, Falco is, I compare it to the security camera for your containers, your house and your cloud infrastructure. So the same way that the security camera allows you to observe maybe what's happening in your home, even if you have a lock, is still useful to have a security camera, right? To understand when something breaks in what they're doing, when they do it, get an alarm when something better happens. Similarly, in software infrastructures, you can still have your lock, your firewall and so on, but then you use a security camera like Falco that is able to observe every single container, every single process, every single machine, every single network connection and so on. Keep an eye on it and then it has sort of a points-based system that includes a bunch of policies that come essentially pre-packaged that allow the users to detect when something dangerous or suspicious happens in the infrastructure. For example, I don't know somebody is spawning or sharing their radius container. Or somebody is logging in AWS without multi-factor authentication. Falco keeps a constant eye and lets you know, it gives you an alert when something like that happens. >> You know what I love about what you guys do and kind of highlights what we've been saying on theCUBE for many, many years is that the networking concepts of the older generations have been moving up the stack with cloud because you got rule engines, policy automation, all these things are now part of connected systems. So if you have the cloud, which is essentially a distributed computing, you have more networks, more connections. And so the networking paradigms of packets can be moved over to software, well, software maintenance, if you will, or anything, any middleware, whatever you want to call it. I mean, this is kind of a new paradigm. So, what's your reaction to that? I want to get your take on this because this is kind of really happening. >> Yeah, and you are absolutely right. And what us as a Falco community or as Sysdig as a company is exactly that. We're taking the concepts that were maybe at the base of the previous generation of the data center in terms of policies, in terms of one clause and we're sort of elevating them to what modern cloud is. To give you an example, I don't know if you remember, but a Falco was inspired by a tool called Snort and the company also was Sourcefire. Snort used to listen on the network, constantly observe the network traffic and the deploy policies to tell you, okay, somebody uploaded a file from China and this file contains a malware. Now we do this, but we're able to see inside containers. We have cloud context. We understand the regions. We understand Kubernetes namespace and all these kinds of stuff. So we're able to put so much more context and be so much closer to the user, but the concepts are the same. We're just, as I was saying, sitting on the shoulders of people before us that invented this and we're modernizing them. >> Well, this is what refactoring is all about. This is the benefit of the cloud. I think, this is why a lot of the cloud native success is happening because companies are realizing that they can actually not just re platform in the cloud, but actually refactor their business, completely different. Using other paradigms and not necessarily rip and replace or just cut and paste. They can take concepts and codify them in their workloads, not necessarily general purpose. So again, key cloud concept and only going to get stronger with the edge developing. So again, more and more complexity, connected complexity. >> Yeah, complexity that more and more you manage through automation, right? Which is another key concept in the cloud. So we are able as a market, as a community to have and manage more and more complex infrastructures because we have tools that are able to automate, to take care of stuff for us, to potentially remediate, which is another big theme in modern security for us and so on. And of course, again, companies like Sysdig, try to really read these in the plight, in a proper way that can be the most possible useful. >> And hackers love complexity, right? And love chaos. And so unless you tame that with really good software, this is the key challenge. >> You need to manage chaos and you need good software to help you manage chaos. >> All right, final question for you. How is Sysdig and the Falco community working with AWS? >> Yeah, in a number of ways. One of the beauties, as I was telling before of essentially being built on an open source project like Falco is that you can really work together with cloud providers like AWS with mutual advantage. For example, AWS and team members at Amazon have done many contributions to Falco and the Sysdig system and integrations and so on. We partnered as Falco community and Sysdig with AWS to offer proper support for Falco versus the products on Fargate, which is, managed containers are the future, are very powerful. Everybody wants to go there, but then you need to make sure that you are covered, you have security from the point of view of severability and so on. Sysdig and AWS work together on doing a P trace based implementation, this is a technical thing, but essentially it means that a tool like Falco can give you invitations, can be the security camera for Fargate as well. And in general way, Amazon is a great partner for us on a daily basis as a community and as a company. >> Loris, you've got a great company there. And again, it was great to see you guys grow from the beginning and the wave is here. As they say, in California, you guys are riding the right wave. And I think it's just the beginning. I think you're going to see more and more security be programmable, built in, automated, under the covers, invisible, but working. And I think the same is going to be true for data and other things. So a lot more to do. And again, it's distributed computing. We've seen this movie before, but not in this environment. So new tools are coming and you guys are a big part of it. Thank you so much for coming on theCUBE and sharing what you guys are doing and the technology behind Sysdig. Thanks for coming on. >> Thank you very much and thank you for the great conversation. >> Okay, this is theCUBE I'm John Furrier your host for Cube conversations with Sysdig's Loris Degioanni, CTO of Sysdig. Thanks for watching. (gentle music)

(upbeat music) >> Welcome back to theCUBE's continuous coverage of AWS re:Invent 2021 I'm Lisa Martin. This is our third day here on set We've got two live sets, two remote studios, over a hundred guests on the program and a lot going on with AWS and its ecosystem of partners am pleased to welcome back one of our Cube alumni, Buddy Brewer, the GVP & GM of product partnerships at New Relic. Welcome back, Buddy. Good to have you. >> Thanks it's great to be here >> Great to be in an in-person event isn't? >> No kidding it's really amazing to see everybody out here and after spending so much time on zoom calls, we had a lot of really great moments among the team and the booth playing the game of seeing if people's height matched up with >> (laughs) >> What your expectation was because so many of the people we work with >> Never mind. >> We've only known over zoom. >> Yes ,and zoom has been a savior for all of us we've been doing so much recording on zoom at the same time it's great to be here in person and seeing what a safe job AWS has done with getting I from hearing upwards of 30,000 people in here that are here in person. So talk to me about you lead the technology partnerships at New Relic. Talk to me about your role, and then we'll get into the partnership with AWS. >> Yeah, absolutely. Well, you know, the point about zoom, it's fascinating. Like you said, that just having the ability to communicate with people has been such a key enabler of being able to make progress and to continue to lead our personal and our professional lives despite the pandemic I mean, imagine what it would have been like if this had happened 10 years ago, even, but certainly 50 years ago >> Right. or something like that, right? Like everything would have ground to a halt and technology took on such an amazing, you know, critical role in allowing us to do all of these things and so at New Relic, we're all about helping people make sure that all of this software works correctly. And so observability helps people understand the detail level about everything from the front end, the end user experience to every single piece that happens along the path of delivering that experience all the way down to the infrastructure into the network. But my role at New Relic is also to help all of the other tools that software developers use every day to create those experiences that they connect into their observability platform so that they can understand all of those details and make sure that people are able to continue doing things that have become really so basic to life like ordering groceries or getting food, or, you know, communicating with a loved one over something like zoom. >> Yeah the things that to your point, if this had happened, you know, five, 10 years ago, it would have been a completely different story. We've been able to function really well and one of the things too, that, you know, I noticed yesterday and today, you probably did as well with the plethora, typical AWS the plethora of announcements, the amount of innovation that's going on, the customer flywheel that we've just seen this acceleration of technology and what it's enabling, but the observability portion is really key you talk about, you know, the developers need to the whole SDLC they need to be able to understand exactly what's going on because at the end of the day, whether it's a consumer or an enterprise of the other end of the spectrum, we need to know exactly what's going on because people's patience is far thinner these days the pandemic showed is that there is really no having access to real-time data. Isn't a luxury anymore it's really a necessity. >> Right, yeah, absolutely. >> Talk to me about some of these so a lot of announcements coming up from AWS, you guys talk to me about the partnership, what you guys are doing there. And some of the things that are exciting on that front. >> Yeah, AWS is a really key partner for us. We're big users of AWS ourselves for our observability platform and all of our infrastructure and, you know, we've had our own journey as a 13 year old business that started out pre cloud and moving our own infrastructure to the cloud. And then along that journey, we've worked closely with AWS and we've built a lot of joint solutions to help people who are moving to the cloud themselves or who are cloud native to understand all of the details about what's happening in that software so we have over 60 different integrations to all of the different tools with Amazon that you can use on the cloud from data storage, to EKS on Fargate and all of that stuff. And then we recently announced a five-year strategic agreement with Amazon to make it even easier for customers to adopt New Relic if they're building in Amazon AWS and so you know, we're in their marketplace, we have an offering for startups, for people who are just getting started that, you know, provides really simple and fast on-ramps with discounts and things like that. That's all designed to help people, software developers in particular, focus on what matters most to them, which is building great experiences for their customers. You know, you mentioned that the SDLC and this is one of the things that, you know, our mission at New Relic is to make observability a daily data-driven habit for developers across all phases of the software delivery life cycle. The problem with observability and how it's used today is that it's only used in the run phase by most people they use it when the software is on fire to put the fire out we believe that, that telemetry has tremendous strategic value in the plan, build and deploy phases of software development as well. And so partnerships like AWS allow us to unlock the accessibility of that data across all of those different phases for people who software developers are as a result in many ways that the things that we were talking about earlier with the expectations that the pandemic has placed on how software has to work, it's not an option they're busier, they're under more pressure than they've ever been before and so we want to help them relieve that pressure with tools that help them do their jobs better. >> Relieving that pressure is key there is so much pressure on developers I mean, these days from observability to security and that sort of thing, but it sounds like one of the things that you're also fundamentally doing is really shifting that observability left and helping them from a cultural perspective, it seems like almost a shift, but you're trying to make things easier for them giving them more tools and to unlock what they're not seeing right now. >> That's right and you know, the interesting thing about it is everyone realizes that observability is critical to, you know, successful software businesses so for example, we did a survey recently of 1300 software developers and IT decision makers and executives, and found that among the C-level executives that were surveyed 80% of them expected to increase their observability budget and 20% of those expected to increase it significantly. However, that same survey found that a very small percentage of those who we actually surveyed feel that they have a mature observability practice today. And when we unpack the reasons why in the survey, we found that most of them reduce down to basically this issue of they just don't have enough time to instrument all of the software, especially in a world where the shift to the cloud has driven a change in architecture where monoliths have been torn down and replaced by hundreds, or may be even thousands of microservices. >> Right. >> And we're in an era now where if observability isn't really, really easy and incredibly fast and simple to execute on then software developers can no longer instrument fast enough to keep up with the pace of the software that they're delivering and so what that leads to is visibility gaps, visibility gaps lead to poor customer experiences. And so what we're trying to do, and we've been on this massive simplification of our own platform to make it, you know, incredibly cost-effective at just 25 cents a gigabyte for ingestion and really simple licensing seat based licensing, where you get access to all of our tools to make it really simple and to take simply minutes to get observability on all those different pieces. >> If simplicity is a word that we throw around a lot, but it's really critical element and it's interesting to understand how do you actually facilitate that? You talked about, you know, kind of the 80 20 rule there. >> Yeah. >> A lot of the organization's not on that maturity curve with observability, how does New Relic and its ecosystem of partners like AWS how do you help have those conversations within organizations in any industry tell them, understand how you can actually simplify that and unlock that visibility, knowing that it's not only a matter of software development, but it's a competitive differentiator. It's also something that can damage a brand if they're not top of it. >> Yeah, we launched a re-imagined version of our partner ecosystem really our entire integration ecosystem about six weeks ago on October 13th called New Relic Instant Observability. And one of the central goals of New Relic IO, which we call it for short is to make it take just like five minutes for people to instrument something. So in the old way, what people had to do is if they wanted observability, they had to go learn about an observability vendor then they had to go install it, figure out how all that works and then they could get to solving their problem, which might've just been simply instrumenting a Kafka you know and so what we want to do is just keep people in that mode if all you wanted to do is instrument Kafka, then go find the Kafka instrumentation tile on New Relic and observability and then there's a guided install process that takes you through that and at the end you've instrumented Kafka and if you want to add something else like EKS Fargate from Amazon, or if you want to add something else like a Java service, you can simply click more of those guidance installs and add within minutes in an incremental way without having to stop and do a whole vendor evaluation to do so in fact, one of the other things that we launched recently is a free tier that's free forever. So there's no trial process or anything you don't have to put in a credit card if all you want to do is instrument this one thing right now, you can go through this process provision a free account you get access to all of our functionality for one user and ingest up to a hundred gigabytes of telemetry data for free within minutes. And so what we're trying to do is take all of that adoption friction out so that people aren't fighting with their instrumentation so much, and again, they can get back to doing what they really want to do in the first place, which has built great experiences for their end users. >> Great experiences for the end users but that translates to employee experience that translates to an end user customer experience, which translates back to brand reputation. I'm just wondering, you know, you're focused on the developers and we've been hearing a lot about the last two and a half days, a big focus on developers has observability kind of escalated up and its evolution up the stack within organizations is this a C-suite concern? Is this a board level concern? where does this fit now? and what's the vision of New Relic to deliver on that? >> With observability? >> Yes. >> Yeah, 90% of those in the survey that I was talking about felt that observability was not just a tool that they needed to use, but strategically critical to their business and, you know, this goes back to, as we know, and especially as a result of the intensity on the importance of software coming out of the pandemic, your digital business is your business these days. And so if you don't understand what's happening in that software and you can't move quickly, then you know you're really in trouble in terms of trying to succeed in a highly competitive environment and that goes back to again, one of our core beliefs is that all of this telemetry data that people have been collecting about how their software operates is so useful in contexts outside of just when there's a problem in production. Imagine if you could take that information and you could actually put it inside the IDE, which is something that we did with a recent acquisition of a company called CodeStream. We can take this telemetry data and put it inside the IDE so that as developers are writing the software, they know where those issues are. You can click straight from a stack frame, for example, inside of our, where we show all of our errors in a capability called Error's inbox and shoot right into your IDE and go see where the line of code is that caused that error, shortening that feedback loop and unlocking this really big investment that a lot of companies make in telemetry data earlier in the software life cycle, we believe is the future of observability and we want to help people get there. >> Well, the observability is really key for organizations these days because we've been hearing every company these days has to be a data company. >> Yeah. >> And it's one thing to say that it's a whole other thing to be able to implement it and observability is absolutely critical to that as being able to take that data and apply it in different contexts to really enable that business to be digital which is absolutely table-stakes these days to be successful and to deliver that customer experience ultimately. >> Yeah. >> That's what it all do. >> Yeah, absolutely. And you know, the other thing is really hard about this problem when I talk with our customers and we found this in the survey as well, is that, you know, software developers, don't just use one tool to create software they use a lot of tools in fact, 13% of those that we surveyed use 10 or more tools. >> Whoa. >> Just for the observability piece. And so, you know, obviously we're always trying to expand organically what we do inside of our platform to cover more and more use cases, but an equally important part of our strategy, if we really want to make observability a data-driven daily habit for people is to find all of those other, you know, really well-built amazing tools that those developers use and find valuable ways to integrate with them. And so that's the other part of our ecosystem that we've built out is this ability to take all of the other tools that you use and wire them into New Relic so that, for example, if you're using, let's say Lacework for security then you can, you know, if someone's installed a Bitcoin miner on your infrastructure somewhere, you can quickly navigate because of that integration from a poor customer experience through the infrastructure that's suffering may be with, you know, a lot of memory pressure, and a lot of CPU being used for this Bitcoin miner and then find out that, you know, through the integration where the miner was installed, how it got installed so that you can remediate those types of issues and connecting those pieces together, making software truly interoperable is another thing that's really critical to our mission at New Relic. >> It is critical to not only to the developers, but to the organizations and their success as businesses these days Buddy thank you for joining me, talking about what's going on at New Relic What's new, how you're really empowering those developers and all of the downstream positive effects that, that leads to we appreciate your time. >> Thank you ,thanks for having me. >> All right, you are Buddy Brewer I'm Lisa Martin you're watching theCUBE, the global leader in live tech coverage. (soft music)

(upbeat music) >> Hey, welcome back everyone to theCube's coverage of AWS re:Invent 2021. I'm John Furrier, host of theCube, wall-to-wall coverage in-person and hybrid. The two great guests here, Manu Parbhakar, worldwide Leader, Linux and IBM Software Partnership at AWS, and Mike Evans, Vice President of Technical Business Development at Red Hat. Gentlemen, thanks for coming on theCube. Love this conversation, bringing Red Hat and AWS together. Two great companies, great technologies. It really is about software in the cloud, Cloud-Scale. Thanks for coming on. >> Thanks John. >> So get us into the partnership. Okay. This is super important. Red Hat, well known open source as cloud needs to become clear, doing an amazing work. Amazon, Cloud-Scale, Data is a big part of it. Modern software. Tell us about the partnership. >> Thanks John. Super excited to share about our partnership. As we have been partnering for almost 14 years together. We started in the very early days of AWS. And now we have tens of thousands of customers that are running RHEL on EC2. If you look at over the last three years, the pace of innovation for our joint partnership has only increased. It has manifested in three key formats. The first one is the pace at which RHEL supports new EC2 instances like Arm, Graviton. You know, think a lot of features like Nitro. The second is just the portfolio of new RHEL offerings that we have launched over the last three years. We started with RHEL for sequel, RHEL high availability, RHEL for SAP, and then only last month, we've launched the support for knowledge base for RHEL customers. Mike, you want to talk about what you're doing with OpenShift and Ansible as well? >> Yeah, it's good to be here. It's fascinating to me cause I've been at Red Hat for 21 years now. And vividly remember the start of working with AWS back in 2008, when the cloud was kind of a wild idea with a whole bunch of doubters. And it's been an interesting time, but I feel the next 14 years are going to be exciting in a different way. We now have a very large customer base from almost every industry in the world built on RHEL, and running on AWS. And our goal now is to continue to add additional elements to our offerings, to build upon that and extend it. The largest addition which we're going to be talking a lot about here at the re:Invent show was the partnership in April this year when we launched the Red Hat OpenShift service on AWS as a managed version of OpenShift for containers based workloads. And we're seeing a lot of the customers that have standardized on RHEL on EC2, or ones that are using OpenShift on-premise deployments, as the early adopters of ROSA, but we're also seeing a huge number of new customers who never purchased anything from Red Hat. So, in addition to the customers, we're getting great feedback from systems integrators and ISV partners who are looking to have a software application run both on-premise and in AWS, and with OpenShift being one of the pioneers in enabling both container and harnessing Kubernetes where ROSA is just a really exciting area for us to track and continue to advance together with AWS. >> It's very interesting. Before I get to ROSA, I want to just get the update on Red Hat and IBM, obviously the acquisition part of IBM, how is that impacting the partnership? You can just quickly touch on that. >> Sure. I'll start off and, I mean, Red Hat went from a company that was about 15,000 employees competing with a lot of really large technology companies and we added more than 100,000 field oriented people when IBM acquired Red Hat to help magnify the Red Hat solutions, and the global scale and coverage of IBM is incredible. I like to give two simple examples of people. One is, I remember our salesforce in EMEA telling me they got a $4 million order from a country in Africa theydidn't even know existed. And IBM had 100 people in it, or AT&T is one of Red Hat's largest accounts, and I think at one point we had seven full-time people on it and AT&T is one of IBM's largest accounts and they had two seven storey buildings full of people working with AT&T. So RHELative to AWS, we now also see IBM embracing AWS more with both software, and services, in the magnification of Red Hat based solutions, combined with that embrace should be, create some great growth. And I think IBM is pretty excited about being able to sell Red Hat software as well. >> Yeah, go ahead. >> And Manu I think you have, yeah. >> Yeah. I think there's also, it is definitely very positive John. >> Yeah. >> You know, just the joint work that Red Hat and AWS have done for the last 14 years, working in the trenches supporting our end customers is now also providing lot of Tailwinds for the IBM software partnership. We have done some incredible work over the last 12 months around three broad categories. The first one is around product, what we're doing around customer success, and then what we're doing around sales and marketing. So on the product side, we have listed about 15 products on Marketplace over the course of the last 12 to 15 months. And our goal is to launch all of the IBM Cloud Paks. These are containerized versions of IBM software on Marketplace by the first half of next year. The other feedback that we are getting from our customers is that, hey, we love IBM software running at Amazon, but we like to have a cloud native SaaS version of the software. So there's a lot of work that's going on right now, to make sure that many of these offerings are available in a cloud-native manner. And you're not talking with Db2 Cognos, Maximo, (indistinct), on EC2. The second thing that we're doing is making sure that many of these large enterprise customers are running IBM software, are successful. So our technical teams are attached to the hip, working on the ground floor in making customers like Delta successful in running IBM software on them. I think the third piece around sales and marketing just filing up a vibrant ecosystem, rather how do we modernize and migrate this IBM software on Cloud Paks on AWS? So there's a huge push going on here. So (indistinct), you know, the Red Hat partnership is providing a lot of Tailwinds to accelerate our partnership with IBM software. >> You know, I always, I've been saying all this year in Red Hat summit, as well as Ansible Fest that, distributed computing is coming to large scale. And that's really the, what's happening. I mean, you looking at what you guys are doing cause it's amazing. ROSA Red Hat OpenShift on AWS, very notable to use the term on AWS, which actually means something in the partnership as we learned over the years. How is that going Mike because you launched on theCube in April, ROSA, it had great traction going in. It's in the Marketplace. You've got some integration. It's really a hand in glove situation with Cloud-Scale. Take us through what's the update? >> Yeah, let me, let me let Manu speak first to his AWS view and then I'll add the Red Hat picture. >> Thanks Mike. John for ROSA is part of an entire container portfolio. So if you look at it, so we have ECS, EKS, the managed Kubernetes service. We have the serverless containers with Fargate. We launched ECS case anywhere. And then ROSA is part of an entire portfolio of container services. As you know, two thirds of all container workloads run on AWS. And a big function of that is because we (indistinct) from our customer and then sold them what the requirements are. There are two sets of key customers that are driving the demand and the early adoption of ROSA. The first set of customers that have standardized on OpenShift on-premises. They love the fact that everything that comes out of the box and they would love to use it on Arm. So that's the first (indistinct). The second set of customers are, you know, the large RHEL users on EC2. The tens of thousands of customers that we've talked about that want to move from VM to containers, and want to do DevOps. So it's this set of two customers that are informing our roadmap, as well as our investments around ROSA. We are seeing solid adoption, both in terms of adoption by a customer, as well as the partners and helping, and how our partners are helping our customers in modernizing from VMs to containers. So it's a, it's a huge, it's a huge priority for our container service. And over the next few years, we continue to see, to increase our investment on the product road map here. >> Yeah, from my perspective, first off at the high level in mind, my one of the most interesting parts of ROSA is being integrated in the AWS console and not just for the, you know, where it shows up on the screen, but also all the work behind what that took to get there and why we did it. And we did it because customers were asking both of us, we're saying, look, OpenShift is a platform. We're going to be building and deploying serious applications at incredible scale on it. And it's really got to have joint high-quality support, joint high-quality engineering. It's got to be rock solid. And so we came to agreement with AWS. That was the best way to do that, was to build it in the console, you know, integrated in, into the core of an AWS engineering team with Red Hat engineers, Arm and Arms. So that's, that's a very unique service and it's not like a high level SaaS application that runs above everything, it's down in the bowels and, and really is, needs to be rock solid. So we're seeing, we're seeing great interest, both from end users, as I mentioned, existing customers, new customers, the partner base, you know, how the systems integrators are coming on board. There's lots of business and money to be made in modernizing applications as well as building new cloud native applications. People can, you know, between Red Hat and AWS, we've got some, some models around supporting POCs and customer migrations. We've got some joint investments. it's a really ripe area. >> Yeah. That's good stuff. Real quick. what do you think of ROSA versus EKS and ECS? What's, how should people think about that Mike? (indistinct) >> You got to go for it Manu. Your job is to position all these (indistinct). (indistinct) >> John, ROSA is part of our container portfolio services along with EKS, ECS, Fargate, and any (indistinct) services that we just launched earlier this year. There are, you know, set of customers both that are running OpenShift on-premises that are standardized on ROSA. And then there are large set of RHEL customers that are running RHEL on EC2, that want to use the ROSA service. So, you know, both AWS and Red Hat are now continuing to invest in accelerating the roadmap of the service on our platform. You know, we are working on improving the console experience. Also one of the things we just launched recently is the Amazon controller to Kubernetes, or what , you know, service operators for S3. So over the next few years you will see, you know, significant investment from both Red Hat and AWS in this joint service. And this is an integral part of our overall container portfolio. >> And great stuff to get in the console. That's great, great integration. That's the future. I got to ask about the graviton instances. It's been one of the most biggest success stories, I think we believe in Amazon history in the acquisition of Annapurna, has really created great differentiation. And anyone who's in the software knows if you have good chips powering apps, they go faster. And if the chips are good, they're less expensive. And that's the innovation. We saw that RHEL now supports graviton instances. Tell us more about the Red Hat strategy with graviton and Arms specifically, has that impact your (indistinct) development, and what does it mean for customers? >> Sure. Yeah, it's pretty, it's a pretty fascinating area for me. As I said, I've been a Red Hat for 21 years and my job is actually looking at new markets and new technologies now for Red Hat and work with our largest partners. So, I've been tracking the Arm dynamics for awhile, and we've been working with AWS for over two years, supporting graviton. And it's, I'm seeing more enthusiasm now in terms of developers and, especially for very horizontal, large scale applications. And we're excited to be working with AWS directly on it. And I think it's going to be a fascinating next two years on Arm, personally. >> Many of the specialized processors for training and instances, all that stuff, can be applied to web services and automation like cloud native services, right? Is that, it sounds like a good direction. Take us through that. >> John, on our partnership with Red Hat, we are continuing to iterate, as Mike mentioned, the stuff that we've done around graviton, both the last two years is pretty incredible. And the pace at which we are innovating is improving. Around the (indistinct) and the inferential instances, we are continuing to work with Red Hat and, you know, the support for RHEL should come shortly, very soon. >> Well, my prediction is that the graviton success was going to be applied to every single category. You can get that kind of innovation with this on the software side, just really kind of just, that's the magical, that's the, that's the proven form of software, right? We've been there. Good software powering with some great performance. Manu, Mike, thank you for coming on and sharing the, the news and the partnership update. Congratulations on the partnership. Really good. Thank you. >> Excellent John. Incredible (indistinct). >> Yeah, this is the future software as we see, it's all coming together. Here on theCube, we're bringing all the action, software being powered by chips, is theCube coverage of AWS re:invent 2021. I'm John Furrier, your host. Thanks for watching. (upbeat music)

(gentle music) >> Hello everyone, and welcome back to day two of AWS re:Invent 2021, theCUBE's continuous coverage. My name is Dave Vellante, I'm here with my co-host, David Nicholson. We've got two sets. We had two remote sets prior to the show. We're running all kinds of activities and we've got AWS executives, partners, ecosystem technologists, Scott Weber is here as the director and an AWS partner, ambassador from PwC. Scott, good to see you. >> Nice to meet you guys. Thanks for letting me be here. >> Well, so your expertise is around application modernization. It's a hot theme these days. If you're a company with a lot of legacy debt, you've got a big complex application portfolio. I would think, especially with the forced match to digital over the last year and a half, two years. Now is really a time when you're probably too late to really start thinking about rationalizing your portfolio. What are you seeing in this space? >> Definitely, we're seeing the customers that have reached that point. I view modernization as sort of the second wave of cloud that's coming. So you had your first wave, the early adopters that lifted and shifted into the cloud. We still have people looking at getting into the cloud, but for those that went early, now, they're saying, "How do I get more out of the cloud? How do I get closer to cloud native?" And that's what we're starting to see around this modernization move is, I want to start to utilize those higher level services from AWS and the cloud providers. I want to get a better return, I want to stop worrying about running infrastructure and hardware. >> So when you think about, I go back all the way back to Y2K, that was like a boondoggle for IT to spend a bunch of doh and do some cool stuff. And then of course the .com crashed, but today it's different. It's really about the business impact the business outcome that you can drive in transforming your digital business. So how do you as a technology agnostic consultant help a company understand what they should leave alone or sunset? What they should aggressively migrate? What's the process that you use to do that? >> In some ways we go back, we can reuse sort of those 6Rs that maybe got a customer to the cloud, or as they're on that cloud journey, right? And you really want to focus on where can you optimize ROI. And you're going to come across those things that are going to be like, look, maybe it's a vendor COTS solution. There's not a lot we can do there. You're just going to have to continue down that path. Unless we can look to move that to a SaaS service. Maybe the vendor has gone to a SaaS offering. Or we get into looking at they've done development in house, but that development is still monolithic running on virtual machines, either in the data center or in AWS, but it's a critical system to that business. It's maybe it's become fragile. How can we now modernize that? Because that's where there's going to be a great return on investment for that customer, and it's also going to allow business agility for those customers. As we can get them to microservices and Lambda and function as a service, the blast radius for changes become smaller, allows the customer to move faster than what they're doing. So it's the rationalization becomes what's driving the business forward? What's critical to the business? But what's holding them back as well? So that the customers can start to move faster. >> So it's a formula of okay, what's the business value of those applications essentially? You can kind of rank that, but then it's a formula there's a cost equation. That's pretty straightforward to figure out the s is and the 2b but then there's a speed. Like an ongoing time to value from a developer standpoint and then I guess there's risk. Have you got your core jewels? Maybe you don't want to touch those yet. Is that kind of your algorithm? >> It is and on that sort of cost and value piece, that's where we can really see some interesting things happen, where as we get customers away from licensed OSS proprietary databases, that return on investment can be huge. So we've helped customers migrate from running .net applications on top of a typical Microsoft Windows stack and SQL server stack. All the way to taking those workloads, all the way, either to Linux containers or all the way to serverless if we're going to take all the steps to rewrite, you can drive 60, 70, 80% of the cost of operating at that platform out of it, then you start this flywheel effect of reinvesting that money back into the next project to help the customer move forward. >> And it's quick follow up, but I know you want to jump in. >> Yeah, yeah. >> Why wouldn't a customer, that's a Microsoft customer just run that on Azure? Why AWS? >> I mean, that's a good question and that sort of gets into a lot of philosophical, like discussion we talk about for a long time. The fact of the matter is the majority of your Windows workloads still run on top of AWS today. I would argue AWS has some pretty superior things in their underlying architecture, they're nitro architectures and things like that. But I think it's also choice. And, the whole move of .net to Linux, Microsoft started that they put the ability to, you can run SQL server on top of Linux. Well, if I run SQL server on top of Linux, I take out 20% of my costs right there. They put the support in for .net core to be able to run on Linux or on containers, but that's to help the developers move faster, that's to help us get to microservices. So that cloud provider choice, I think is becomes a bigger discussion, but a lot of people are choosing AWS because they're not just doing Microsoft workloads . Again, we could get very deep into like, trade-offs on why one over the other, but customers are choosing AWS for a lot of these words. >> Diversity and better cloud, better infrastructure. >> Yeah, and philosophical is an interesting way to look at it when it becomes a hostage negotiation. I'm not sure there was a lot of philosophy involved when server and SQL 2008 were being end of support life. And people were told, move it to Azure and we'll take care of you. Don't move it to Azure, you're on your own. But something on the subject of ROI. ROI is typically measured over time. How do you rectify and address the sort of CIO dilemma, which is that if ROI is being delivered fantastically in four years, but the average tenure of a CIO is 2.7 years, how do you address that? What is the sweet spot for timeframes that you're seeing for people to actually implement when you consider as was mentioned today, the keynote that somewhere around 15% of IT spend is in cloud today, which leaves 85% of it on premises. So what do we do about that? >> Yeah, that's a great question. So, I think, I like to get small wins. So find a very big pain point for that customer. How can we start to get them some small wins and start that flywheel effect going of like you saved money here, now, can we reinvest and start to show some wins, but we've engaged in projects where we've completely rewritten a whole application stack that was the core service for a business in a year and a half, and we took them from a run rate of somewhere between 40 and $60,000 a month. Had they been running that in AWS, they were running it in a data center today. So that was our estimate to less than $5,000 a month to run that application on a serverless platform inside of AWS. >> So when you talk about modernizing an application environment, that's typically not thought of as low hanging fruit. So does that mean that all the low hanging fruit has been consumed? Are all the net new things that are developed in a cloud native format, have they already been done? Is this the only frontier for opportunity now? >> No, it's not the only frontier. I mean, there's a lot of customers that are still just trying to get into the cloud. >> Lots of applications out there? >> Yeah, and you look at things like mainframe as well. That's I think a coming area where customers are finally starting to say, "Enough with the mainframe, we saw it in the keynote today of a new sort of service offering around helping customers rationalize how to do, to start to do things with the mainframe." So, but sometimes you can get those easy wins. Like we find a scalability issue. And we can inject scalability and pull back costs very rapidly. 'Cause you run in that scenario, there provision for max capacity that may happen 10% of the year. Now they're vastly overpaying. So we can still get some easy wins with slight tweaks to the platform while we help them rationalize those longer built times. I think the other thing we're starting to see is a shift in CIOs that are coming more from a software background too. That aren't from the pure infrastructure background and as we see those software dBase CIO start to come in. They're starting to understand the game that can be had of making the investment in the software and those upgrades to the software. >> And their tenure is elongating 'cause, CIO career is over was the joke. Now you're losing CIO, is cause they're going onto a bigger and better. They getting more options. I mean, they're becoming rockstars again. I want to ask you just as a side about that mainframe compatible runtime that they announced 'cause it sounds like you've got some experience in converting mainframe. >> Yeah. >> 'Cause I've always been a skeptic. We've seen this movie before where people have to freeze code, they've got to freeze code for 18 months. It takes 24 months, but now it's cloud, Adam Selipsky said, we can cut migration time, which is critical here by two-thirds 'cause that's the key. If you can reduce the time of which you have to freeze the code or maybe not even freeze the code. Again, I'm a skeptic, but what are you seeing with practical experience? >> So at PwC, we're seeing a lot of customers, start down this path and the ROI is pretty amazing when once you get in and you really start to dig in of what it can be if to go down this path. And there's a lot of tools out there, there's a gentleman on our team that's a real genius with this and he's helped multiple customers go down this path. There's tools that can start to do code conversion for you. I mean, we all get a little skeptical on those things cause we never know what the machine is going to try to make the code look like, but it's the starting point. But there is more. >> Like a prewash? >> Yeah, (Dave laughs) there's more and more design patterns coming out to help us down those pathways. But it goes back to agility for the business cause a lot of these customers running mainframes today are looking at a six month release cycle if they want to make any changes to their environment. If we can get them into an agile mindset to a microservice, they can get to two weeks or less for release cycles. So it's a big win for the company overall. Yes, there's a risk, but I think you can take, you can try to de-risk it as much as you can, you don't take the core, the absolute core critical piece of that mainframe. You start to pick away around the edges and you get comfortable with what you're doing. >> And going back to the concept of ROI, specifically in the mainframe space, there have been some not so subtle nudges from the marketplace that changed the dynamics associated with staying on your mainframe. Because if I tell you that the tax to stay on your mainframe is going to triple or quadruple over the next several years, that changes the balance. So you have the old guard in the software business who will remain nameless, jacking up the prices because they feel like, you know what, "What are you going to do? What are you going to do other than write me a cheque?" And the answer is, "Well move," right?. >> Yep, it's reached a point like the companies are moving. And what I think companies start to see too is, when we talk about purpose-driven databases, Adam was talking about that in the keynote today too. And we've seen that with customers when we've done builds, what's the right database for this data? And now you can start to get things moving even faster. And you unleash new ways of thinking. And I mean, some of the vendors are doing things like that and the companies aren't happy about it. >> Well, yes, but look, you're talking about Oracle in particular. (group chattering) That's one of them, but Oracle invests in its database and it's two different theories. Adam, today's the right tool for the right job, API and primitives and Oracle takes the kind of Swiss army knife approach. But they do invest if you have hard core mission critical, recovery is everything. There's a risk factor involved there, but if you want to go fast and you're a developer, you're not going to necessarily knock on Oracle's door, you're going to go to get an AWS. But it gets to my question, having done a lot of TCO analysis, it used to be labor, was always two-thirds of the cost. Now with automation, especially in Oracle environments, software license costs are the dominant component and it's maybe less true for SQL server, certainly true for Db2. I remember the early days of the flash, we used to tell customers, install flash. You're going to be able to consolidate, reduce your Oracle licenses when they come up. So that was a preferred strategy, but what are you seeing in terms of the ability? First of all is that a correct premise that software licenses is still a big component or an increasingly large component, and how do you unshackle from that? >> Yeah, so definitely software licensing costs for the OSS and for the databases are huge. I mean, there's numbers out there that like for SQL server enterprise, if you can get somebody off the SQL server enterprise and get them to an open solution like Aurora Postgres or something like that, it's a 90% ROI, and the numbers are similar for Oracle. And I talked to a lot of customers are like, "But we don't know Postgres," but it's not really that different. It's still data modeling. And when you get to these managed services platforms like RDS and Aurora, you free up those DBS to do the higher value things. The ROI of a DBA is not managing memory and desk and babysitting the servers, it's helping the developers build better data models. And those sorts of things that are higher value. So it is a big thing and we're seeing customers saying like, "Help us reduce this licensing cost," and help us be more efficient because the open platforms now, especially in the relational database area, are on par in a lot of ways with the Oracles and the SQL servers. So then you start to say, "Well, what am I gaining by paying and being sort of held hostage to these numbers?" So we definitely see customers making this transition. >> I mean, the point about Postgres is a good one because you're going to get enterprise class recoverability but even EDB would say okay, don't start with your mission critical core, pick around the edges just what he's saying over and over time, you're going to become more cloud native and get to the point, can you get to that point where everything's cloud native, everything is a service, maybe not a 100%, but a large part of your application portfolio can get there, right? >> Yeah, you're going to find those, that goes back to doing that application tiering and evaluation and ROI. So, we have a case study that we did with Constellation Brands, where they really needed a B2B type ordering portal solution. And they looked at sort of the typical vendors in a packaged solution if you will, a cottage type solution. And we proposed doing a full custom solution, soup to nuts and building it natively in AWS. And it was built completely on top of platform services. There was no servers in that environment and we were done. We were using AWS Fargate to run their containers on top of, we were using RDS Postgres, we were using Lambda and in some places we were using DynamoDB for holding inflate orders. And so the whole environment is deployable from one cloud formation template. So it completely changed how we even went through the testing of the thing. 'Cause you ran the same cloud formation template to deploy to a different environment. And you knew you were getting the same exact thing. And so they went from, they no longer had to worry about securing underlying compute, secure the containers, run on top of Fargate, use a platform service for your databases, and it was a beautiful solution for them. >> Yeah, you got to taste of that and your eyes open up and say, "Wow, what's possible?" >> Yeah, its a game changer. >> We heard that from NASDAQ this morning. An amazing story. She said, our first Amazon bill was 20 bucks. I bet it's higher now, but first hits free kind of thing. But the point is when people talk about the AWS bill, et cetera, no question, you should try to optimize that. But at the end of the day, it's about the business value Scott, isn't it? >> Scott: Yeah, it is. >> Hey, thanks so much for coming to theCUBE. It was great perspectives, >> No, thank you guys. I appreciate having you guys on. >> Thank you very much. >> Keep it right there, Dave Nicholson and I will be right back. You're watching theCUBE's coverage of AWS re:Invent 2021. (gentle music)

(upbeat music) >> Welcome to the Q3 AWS Startup Showcase. I'm Lisa Martin. I'm pleased to welcome Knox Anderson, the VP of Product Management, from Sysdig, to the program. Knox, welcome. >> Thanks for having me, Lisa. >> Excited to uncover Sysdig. Talk to me about what you guys do. >> So Sysdig, we are a secure DevOps platform, and we're going to really allow customers to secure the entire lifecycle of an application from source to production. So give you the ability to scan IAC for security best practices, misconfiguration, help you facilitate things like image scanning as part of the build process, and then monitor runtime behavior for compliance or threats, and then finish up with incident response, so that you can respond to and recover from incidents quickly. >> What are some of the main challenges that you're solving and have those changed in the last 18 months? >> I'd say the main challenge people face today is a skills gap with Kubernetes. Everyone wants to use Kubernetes, but the amount of people that can operate those platforms is really difficult. And then getting visibility into the apps, that's running in those environments is also a huge challenge. So with Sysdig, we provide just an easy way to get your Kubernetes clusters instrumented, and then provide strong coverage for threat detection, compliance, and then observability for those environments. >> One of the things that we've seen in the last 18 months is a big change in the front landscape. So, I'm very curious to understand how you're helping customers navigate some of the major dynamics that are going on. >> Yeah, I'd say, the adoption of cloud and the adoption of Kubernetes have, have changed drastically. I'd say every single week, there's a different environment that has a cryptomining container. That's spun up in there. Obviously, if the price of a Bitcoin and things like that go up, there's more and more people that want to steal your resources for mining. So, we're seeing attacks of people pulling public images for Docker hub onto their clusters, and there's a couple of different ways that we'll help customers see that. We have default Falco rules, better vetted by the open source community to detect cryptomining. And then we also see a leading indicator of this as some of the metrics we, we collect for resource abuse and those types of things where you'll see the CPU spike, and then can easily identify some workload that could have been compromised and is now using your resources to mine Bitcoin or some other alt-coin. >> Give me a picture of a Sysdig customer. Help me understand the challenges they had, why they chose you and some of the results that they're achieving. >> Yeah, I used to say that we were very focused on financial services, but now everyone is doing Kubernetes. Really where we get introduced to an organization is they have their two or three clusters that are now in production and I'm going through a compliance audit, or it's now a big enough part of my estate that I need to get security for this Kubernetes and cloud environment. And, so we come in to really provide kind of the end-to-end tools that you would need for that compliance audit or to meet your internal security guidelines. So they'll usually have us integrated within their Dev pipelines so that developers are getting actionable data about what they need to do to make sure their workloads are as secure as possible before they get deployed to production. So that's part of that shift, left mindset. And then the second main point is around runtime detection. And that's where we started off by building our open source tool Falco, which is now a CNCF project. And that gives people visibility into the common things like, who's accessing my environment? Are there any suspicious connections? Are my workloads doing what they expected? And, those types of things. >> Since the threat landscape has changed so much in the last year and a half, as I mentioned. Are the conversations you're having with customers changing? Is this something at the C-suite or the board level from a security and a visibility standpoint? >> I think containers and Kubernetes and cloud adoption under the big umbrella of digital transformation is definitely at board level objective. And then, that starts to trickle down to, okay, we're taking this app from my on-prem data center, it's now in the cloud and it has to meet the twenty security mandates have been meeting for the last fifteen years. What am I going to do? And so definitely there's practitioners that are coming in and picking tools for different environments. But, I would definitely say that cloud adoption and Kubernetes adoption are something that everyone is trying to accelerate as quickly as possible. >> We've seen a lot of acceleration of cloud adoption in the last eighteen months here, right? Now, something that I want to get into with you is the recent executive order, the White House getting involved. How is this changing the cybersecurity discussion across industries? >> I really like how they kind of brought better awareness to some of the cybersecurity best practices. It's aligned with a lot of the NIST guidance that's come out before, but now cloud providers are picking, private sector, public sector are all looking at this as kind of a new set of standards that we need to pay attention to. So, the fact that they call out things like unauthorized access, you can look at that with Kubernetes audit logs, cloud trail, a bunch of different things. And then, the other term that I think you're going to hear a lot of, at least within the federal community and the tech community, over the next year, is this thing called an 'S bomb', which is for, which is a software bill of materials. And, it's basically saying, "as I'm delivering software to some end user, how can I keep track of everything that's in it?" A lot of this probably came out of solar winds where now you need to have a better view of what are all the different components, how are those being tracked over time? What's the life cycle of that? And, so the fact that things like S bombs are being explicitly called out is definitely going to raise a lot of the best practices as organizations move. And then the last point, money always talks. So, when you see AWS, Azure, Google all saying, we're putting 10, 10 billion plus dollars behind this for training and tooling and building more secure software, that's going to raise the cybersecurity industry as a whole. And so it's definitely driving a lot of investment and growth in the market. >> It's validation. Absolutely. Talk to me about some of the, maybe some of the leading edges that you're seeing in private sector versus public sector of folks and organizations who are going alright, we've got to change. We've got to adopt some of these mandates because the landscape is changing dramatically. >> I think Kubernetes at auction goes hand in hand with that, where it's a declarative system. So, the way you define your infrastructure and source code repost is the same way that runs in production. So, things like auditing are much easier, being able to control what's in your environment. And then containers, it's much easier to package it once and then deploy it wherever you want. So container adoption really makes it easier to be more secure. It's a little tricky where normally like you move to something that's bleeding edge, and a lot of things become much harder. And there's operational parts that are hard about Kubernetes. But, from a pure security perspective, the apps are meant to do one thing. It should be easy to profile them. And so definitely I think the adoption of more modern technology and things like cloud services and Kubernetes is a way to be more secure as you move into these environments. >> Right? Imagine a way to be more secure and faster as well. I want to dig in now to the Sysdig AWS partnership. Talk to me about that. What do you guys do together? >> AWS is a great partner. We, as a company, wouldn't be able to deliver our software without AWS. So we run our SAS services on Amazon. We're in multiple regions around the globe. So we can deliver that to people in Europe and meet all the GDPR requirements and those kinds of things. So from a, a vendor partnership perspective, it's great there. And then on a co-development side, we've had a lot of success and a fun time working with the Fargate team, Fargate is a service on Amazon, that makes it easier for you to run your containers without worrying about the underlying compute. And so they faced the challenge about a year and a half ago where customers didn't want to deploy on Fargate because they couldn't do deeper detection and incident response. So we worked together to figure out different hooks that Amazon could provide to open source tools like Falco or commercial products like Sysdig. So then customers could meet those incident response needs, and those detection needs for Fargate. And really, we're seeing more and more Fargated option as kind of more and more companies are moving to the cloud. And, you don't want to worry about managing infrastructure, a service like Fargate is a great place to get started there. >> Talk to me a little bit about your joint. Go to mark. Is there a joint go-to-market? I should say. >> Yeah, we sell through the AWS marketplace. So customers can procure Sysdig software directly though AWS. It'll end up on your AWS bill. You can kind of take some of your committed spend and draw it down there. So that's a great way. And then we also work closely with different solutions architects teams, or people who are more boots on the ground with different AWS customers trying to solve those problems like PCI-compliance and Fargate, or just building a detection and response strategy for EKS and those types of things. >> Let's kind of shift gears now and talk about the role of open source, in security. What is Sysdig's perspective? >> Yeah, so the platform, open source is a platform, is something that driving more and more adoption these days. So, if you look at like the fundamental platform like Kubernetes, it has a lot of security capabilities baked in there's admission controllers, there's network policies. And so you used to buy a firewall or something like that. But with Kubernetes, you can enforce services, service communication, you put a service mesh on top of that, and you can almost pretend it's a WAF sometimes. So open source is building a lot of fundamental platform level security, and by default. And then the second thing is, we're also seeing a rise of just open source tools that traditionally had always come from commercial products. So, there's things like OPA, which handle authorization, which is becoming a standard. And then there's also projects like Falco, that provide an easy way for people to do IDS use cases and auditing use cases in these environments. >> Last question for you. Talk to me about some of the things that you're most excited about. That's coming down here. We are at, this is the, our Q3 AWS Startup Showcase, but what are some of the things that you're most excited about in terms of being able to help customers resolve some of those challenges even faster? >> I think there's more and more Kubernetes standardization that's going on. So a couple of weeks ago, Amazon released EKS Anywhere, which allows companies who still have an on-prem footprint to run Kubernetes locally the same way that they would run it in the cloud. That's only going to increase cloud adoption, because once you get used to just doing something that matches the cloud, the next question you're going to answer is, okay, how fast can I move that to the cloud? So that's something I'm definitely really excited about. And then, also, the different, or AWS is putting a lot of investment behind tools like security hub. And we're doing a lot of native integrations where we can publish different findings and events into security hubs, so that different practitioners who are used to working in the AWS console can remediate those quickly without ever kind of leading that native AWS ecosystem. And that's a trend I expect to see more and more of over time, as well. >> So a lot of co-innovation coming up with AWS. Where can folks go to learn more information? Is there a specific call to action that you'd like to point them to? >> The Sysdig blog is one of the best sources that I can recommend. We have a great mixture of technical practitioner content, some just one-oh-one level, it's, I'm starting with container security. What do I need to know? So I'd say we do a good job of touching the different areas and then really the best way to learn about anything is to get hands-on. We have a SAS trial. Most of the security vendors have something behind a paywall. You can come in, get started with us for free and start uncovering what's actually running in your infrastructure. >> Knox, let's talk about the secure DevOps movement. As we see that DevOps is becoming more and more common, how is it changing the role of security? >> Yeah, so a lot of traditional security requirements are now getting baked into what a DevOps team does day-to-day. So the DevOps team is doing things like implementing IAC. So your infrastructure is code, and no changes are manually made to environments anymore. It's all done by a Terraform file, a cloud formation, some code that's representing what your infrastructure looks at. And so now security teams, or sorry, these DevOps teams have to bake security into that process. So they're scanning their IAC, making sure there's not elevated privileges. It's not doing something, it shouldn't. DevOps teams, also, traditionally, now are managing your CI/CD Pipeline. And so that's where they're integrating scanning tools in as well, to go in and give actionable feedback to the developers around things like if there's a critical vulnerability with a fix, I'm not going to push that to my registry. So it can be deployed to production. That's something a developer needs to go in and change. So really a lot of these kind of actions and the day-to-day work is driven by corporate security requirements, but then DevOps has the freedom to go in and implement it however they want. And this is where Sysdig adds a lot of value because we provide both monitoring and security capabilities through a single platform. So that DevOps teams can go into one product, see what they need for capacity planning, chargebacks, health monitoring, and then in the same interface, go in and see, okay, is that Kubernetes cluster meeting my SOC 2 controls? How many images have my developers submitted to be scanned over the past day? And all those kinds of things without needing to learn to how to use four or five different tools? >> It sounds to me like a cultural shift almost in terms of the DevOps, the developers working with security. How does Sysdig help with that? If that's a cultural shift? >> Yeah, it's definitely a cultural shift. I see some people in the community getting angry when they see oh we're hiring for a Head of DevOps. They're like DevOps is a movement, not a person. So would totally agree with that there, I think the way we help is if you're troubleshooting an issue, if you're trying to uncover what's in your environment and you are comparing results across five different products, it always turns into kind of a point the finger, a blame game. There's a bunch of confusion. And so what we think, how we help that cultural shift, is by bringing different teams and different use cases together and doing that through a common lens of data, user workflows, integrations, and those types of things. >> Excellent. Knox, thank you for joining me on the program today, sharing with us, Sysdig, what you do, your partnership with AWS and how customers can get started. We appreciate your information. - Thank you. For Knox Anderson. I'm Lisa Martin. You're watching the cube.

(soft electronic music) >> Welcome to this CUBE Conversation. I'm Lisa Martin. This conversation is part of our third AWS Startup Showcase for this year. I'm pleased to welcome Knox Anderson, the VP of Product Management at Sysdig. Knox, welcome to the program. >> Thanks for having me, Lisa. >> Talk to me a little bit about Sysdig, secure DevOps for containers, Kubernetes, and cloud. Give the audience an overview of what you guys do. >> So Sysdig is this secure DevOps platform that provides observability, security, and compliance functions for anyone that's adopting Kubernetes and Cloud. We really secure the entire lifecycle from source to production, so do things like scan your ISE for misconfiguration, monitor your runtime environments for threats and operational best practices. We provide a lot of capabilities around Prometheus Monitoring, as well, and then also let organizations perform incident response and compliance audits against these environments. >> So founded in 2013, talk to me about the gap in the market that you guys saw then and what some of the key challenges are that you saw for your customers. >> Yeah so we came to market around the same time as containers and Kubernetes and I'd say 2015 to 2018 we kept on saying it's the year of Kubernetes, it's the year of Kubernetes, it's the year of Kubernetes. And then really during the last year and a half in the COVID pandemic, Kubernetes has gone gangbusters. Every major cloud is seeing a huge adoption in their Kubernetes services so that's really our wedge into a lot of organizations. They're changing their platform to take advantages of containers and Kubernetes and you really have to rethink all of your security tooling, and that's when a company like Sysdig comes in. >> Talk to me about customers in terms of, especially in the last year and a half when things have been so dynamic, we've seen so much too, on the threat landscape front changing. Give me an example of a customer or two that you're really helped with solving some of their major challenges, here. >> Yeah, a great customer that we work with is SAP Concur and they kind of encompass a lot of the things that are nice about modern DevOps. So it's a DevOps team that's running a Kubernetes platform that thousands of developers are building their apps and deploying those onto. And they chose Sysdig because really it's not scalable to have every single data team ping that DevOps team and say what's the performance of my service, how is it responding, how can I get scanning integrated with that and so they use Sysdig as a platform that allows developers to easily onboard onto their Kubernetes clusters and then ensure that they're meeting compliance needs and FedRAMP needs for that platform that they deliver their core business apps on. >> Let's talk about the Sysdig's commitment to opensource on the Falco project. >> So Falco is a opensource project that we started at Sysdig, it's built on top of our core system core instrumentation. And so Falco meets a lot of your IDS or your file integrity monitoring requirements that you might have as you move to Kubernetes. And really, it's something we started at about 2016. In 2019, we donated that project to the CMCS which is the same governance body behind Kubernetes, Prometheus, and other kind of core building blocks of the climate of ecosystem. Since then, it's grown immensely. Companies like Shopify are using it to make sure that their PCI apps that they run Kubernetes are fully compliant. And so it's something that we are constantly contributing to the community also from even companies like AWS is a core contributor to the Falco project. And I'm really excited to see where it goes over the next year as Falco extends to also cover some cloud security use cases. >> What can you tell me about the relationship that Sysdig and AWS have? >> They've been a great partner. We internally run our SaaS on AWS so we're using AWS services to deliver our product to our customers. And then we've also really worked closely around how you can provide better security for services like Fargate. So we did working sessions with their engineering teams, learned what we could do to get the visibility that we need for tools like Falco and Sysdig to work seamlessly in Fargate environments. And last April we were able to kind of, AWS released that new functionality, Sysdig built on top of that, and we've already seen great adoption of customers using the Sysdig product on top of Fargate. >> Excellent. Well thank you very much, Knox, for stopping by theCUBE telling us about Sysdig, what you guys are doing ahead of the AWS Startup Showcase. We appreciate your time and your information. >> Thanks for having me. >> For Knox Anderson, I'm Lisa Martin. You're watching this CUBE Conversation. (soft electronic music)