>>from Las >>Vegas. It's the cues covering quality security Conference 2019 by quality. Hey, welcome back already, Jefe Rick here with the Cube were in Las Vegas at the Bellagio at the Kuala Security Conference. It's the 19th year they've been doing this. It's our first year here, and we're excited to be here. And it's great to have a veteran who's been in this space for so long to give a little bit more of historical perspective as to what happened in the past. Where we are now, what can we look forward to in the future? So coming right off its keynote is Felipe Quarto, the chairman and CEO of Qualities felt great. See, >>Thank you. Same. Same same for me. >>Absolutely. So you touched on so many great topics in your conversation about kind of the shifts of of modern computing, from the mainframe to the mini. We've heard it over and over and over. But the key message was really about architecture. If you don't have the right architecture, you can't have the right solution. How is the evolution of architects of architectures impacted your ability to deliver security solutions for your clients >>So no That's a very good question. And in fact, you know what happened is that we started in 1999 with the vision that we could use exactly like Salesforce. They'll come this nascent Internet technologies and apply that to security. And s and Marc Benioff applied that essentially changing the way serum was essentially used and deployed in enterprises and with a fantastic success as we know. So for us, the I can't say today that 19 years later the vision was right. It took a significant longer because the security people are not really, uh, warm at the idea of Senate Lee, uh, having the data interview which was in place that they could not control. And the i t people, they didn't really like a toll. The fact that certainly they were not in control anymore of the infrastructure. So whether a lot of resistance, I wever, we always I always believe, absolutely believe that the cloud will be the architecture to go back. A lot of people make the confusion That was part of the confusion that for people it was a cloud, that kind of magical things someplace would you don't know where and when I was trying to explain, and I've been saying that so many times that well, you need to look at the club like a computer that can architecture which distribute the computing power for more efficiently than the previous one, which was Clyde Server, which was distributing the computing power for better then, of course, the mainframes and minicomputers. And so if you look at their architecture's so the mainframe were essentially big data centers in in Fort Knox, like setting private lines of communication to damn terminal. And of course, security was not really an issue then, because it's a gritty was building by the IBM said company simply with the minicomputer, which then was, instead of just providing the computing power to the large, very large company could afford it. Now 70 the minicomputer through the advance and say, My conductor technology could reduce the food frank. And then I'll bring the company power to the labs and to the departments. And that was then the new era of the dish, your equipment, the primes, that General et cetera, Uh, and then conservative. So what client service did again? If you look at the architecture, different architectures now, incidently servers LAN or the Internet network and the PC, and that was now allowing to distribute the computing power to the people in the company. And so, but then you needed to so everybody. Nobody paid attention to security because then you were inside of the enterprise. So it starts inside the wars of the castle if you prefer. So nobody paid attention to that. It was more complex because now you have multiple actors instead of having one IBM or one desert equipped. But its center said, You have the people manufacturing the servers. The software that that obeys the PC is an unannounced excellently there was the complexity increased significantly, but nobody paid attention to security because it was not needed. Until suddenly we realized that viruses could come in through the front door being installed innocent. You were absolutely, absolutely compromised. And of course, that's the era of the anti VARS, which came in and then because of the need to communicate more more. Now, Senator, you could not stay only in your castle. You need to go and communicate your customers to your suppliers, et cetera, et cetera. And now you were starting to up and up your your castle to the word and a low now so that the bad guy could come in and start to steal your information. And that's what the new era of the far wall. Now you make sure that those who come in But of course, that was a bit naive because there were so many other doors and windows that people could come in, you know, create tunnels and these and over that transfer, insure your custard. Because the day I was becoming more, more rich and more more important, more value. So whatever this value, of course, the bad guys are coming in to try to sell it. And that was that new era off a win. Each of attention to security. The problem is being is because you have so many different actors. There was nothing really central there. Now. I just suddenly had Maura and more solutions, and now absolutely like 800 vendors. Boarding on security and boating on anything is shortly at the end of the day because you put more more weight, and then you also increasing complexity in all these different solutions. Didn't they need to talk together? So you have a better context, but they weren't designed to talk together. So now you need to put other system where they could communicate that information. So you complicated, complicated, complicated the solution. And that's the problem of today. So now cloud computing comes in and again. If you look at the architecture of cloud computing, it's again Data centers, which not today, have become, thanks to the technology, having infinite, almost company power and storage capabilities. And like the previous data center, there are much more fracture because you just once gave and they become essentially a bit easier to secure. And by the way, it's your fewer vendors now doing that. And then, of course, the access can be controlled better on then. Of course, the second component is that the land and the one it's now the Internet and the Internet, of course, eyes the Web communications extremely cheap, and it brings you in every place on the planet and soon in Morse. Why no so and so now. The issue today is that still the Internet needs to be secure, and today how are you going to secure the Internet? Which is very important thing today because you see today that you can spoof your image, you can spoof your website. You could attack the Deanna's who? Yes, there's a lot of things that the bad guy still do in fact, themselves that ever is the Internet, of course, to access everywhere, so they take advantage of it. So now this is obviously, you know, I created the trustworthy movement many years ago to try to really address that. Unfortunately, qualities was too small, and it was not really our place. Today there's all the Google, the Facebook, the big guys which contract their business, depend on the Internet. Now need to do that and I upload will be been criticised very much so. Google was the 1st 1 to essentially have a big initiative. I was trying to Bush SSL, which everybody understands secret encryption, if you prefer and to everybody. So they did a fantastic job, really push it. So now today's society is becoming like okay, it's a said. You want to have this a settle on your communication, but that's not enough. And now they're pushing and some people criticize them, and I absolutely applaud them to say we need to change the Internet protocols which were created at the time when security you were transferring information from universities. And so for these was a hay days, you know, if everything was fine, there's no bad guys. No, The heebie day is if you like arranging that everybody was free, Everybody was up in fantastic. Okay. And now, of course, today, these poor cold this to be a graded, which is a lot of work. But today I really believe that if you put Google Amazon Facebook altogether and they can fix these internet for records so we could forget about the spoofing and we forget about all these fishing and all this thing this is there responsibility. So and then you have now on the other side, you have now a very intelligent devices from in a very simple sensors and, you know, too sophisticated devices the phone, et cetera, and Maura and more Maur devices interconnected and for people to understand what is being so This is the new environment. And whether we always believe is that if you adopt an architecture which is exactly which fits which is similar, then we could instead of bolting security in, we can also have the build security in voting signal on. We could be in security in. And we have been very proud of the work that went down with my car itself, which we announce, in fact, reluctantly recently, very recently, that, in fact, our agent technologies now it's banned erred in Microsoft. So we have been security with Microsoft in So from a security perspective today, if you go to the Microsoft as your security center, you click on a link, and now you have the view. If you're in tar, is your environment courtesy of record? It's agent. You click on a second link, and now you have the view of your secret cameras. First year, crazy of the same qualities agent. And then you click on the third inning with us. Nothing to do with quite it's It's old Mike ourself you create your playbook and Yuri mediates The security in this environment has become quickly, quick, nothing to in store, nothing to update, and the only thing you bring. All your policies saying I don't want to have this kind of machine exposed on the Internet on what this is what I want and you can continuously owed it essentially in real time, right? So, as you can see, totally different than putting boxes and boxes and so many things. And then I think for you, so very big game changer. So the analogy that I want you that I give to people it's so people understand that paradigm shift. It's already happening in the way we secure our homes. You put sensors everywhere, your cameras of detection, approximately detection. Essentially, when somebody tried to enter your home all that day, that's continuously pumped up into an incident response system. And then from your phone again across the Internet, you can change the temperature of your rooms. You can do it. You can see the person who knocks on the door. You can see its face. You can open the door, close the door, the garage door. You can do all of that remotely and automatically. And then, if there's a burglar, then in your house, who's raking immediately that the incidence response system called the cops or the farmer shirt? If good far. And that's the new paradigm. So security has to follow that product, and then you have interesting of the problem today that we see with all the current security systems incidents Original system developed for a positive force. Positive and negative are the enemy reedy off security? Because if you have forced positive, you cannot automate the response because then you're going to try to respond to something that is that true? So you are. You could create a lot of damage. And the example. I give you that today in the if you leave your dog in your house and if you don't have the ability the dog would bark would move, and then the senses will say intruder alert. So that's become the force. Pretty. So how do you eliminate that? By having more context, you can eliminate automatically again this false positives, like now you, I think a fingerprint of fuel dog and of his voice. And now the camera and this and the sensors on the voice can pick up and say, Oh, this is my dog. So then, of course, you eliminate that forces right now, if if another dog managed to return your home through a window which was open or whatever for so what do we know? A window was open, but you know you can't necessarily fix it on the dog weapons, then you will know it. Sze, not yours. So that's what securities avoiding such a huge sea of change which is happening because of all that injured that end today Companies today after leverages nuclear technology which are coming, there's so much new to college. What people understand is where's that technology coming from? How come silently we have doctors cybernetics a ll these solutions today which are available at almost no cost because it's all open source So what happened is that which is unlike the enterprise software which were Maur the oracle, et cetera, the manufacturer of that software today is in fact the cloud bubbly club Sanders, the Amazon, the Google, the Facebook, the macro self which shouldn't be needed to have to develop new technology so they could scale at the size of the planet. And that very shrewdly realized that if I keep the technology for me, I'm essentially going to imprison. The technology is not going to evolve. And then I need other technologies that I'm not developing. So they realize that they totally changed that open source movement, which in the early days of happens offers more controlled by people who had more purity. If you prefer no commercial interests, it was all for the good, off the civilization and humankind. And they say they're licensing Modern was very complex or the simplified all of that. And then Nelson and you had all this technology coming at you extremely fast. And we have leverage that technology, which was not existing in the early days when when such was not come started with the eunuchs, the lamb, pork or what's called leaks. Apache mice Fewer than Petri limiting Announcer Tiel This technology, like elasticsearch, was coming. We index today now back and three trillion points or less excerpts, clusters, and we return information in 100 minutes seconds and then on the calf campus, which is again something that open source way Baker Now today, five million messages a day and on and on and on. So the word is changing. And of course, if that's what it's called now, the dish transformation now enterprises to be essentially a joy to reach out to the customers better and Maur, they need to embrace the cloud as well, >>right? I >>do retool their entire right infrastructure, and it's such A. It's a huge sea of change, and that's what we see even the market of security just to finish now, evolving in a totally different ways than the way it has Bean, which in the positive market of security was essentially the market for the enterprise. And I'm bringing you might my board, my board, towns, traditions that you have to go in installed and make work. And then you had the the anti virus, essentially for all the consumers and so forth. So today, when we see the marketplace, which is fragmenting in four different segments, which is one is the large enterprise which are going to essentially constantly data start moving to the transformation. Leveraging absolutely develops, which isn't becoming the new buyer. And, of course, so they could improve their I t. For to reach out to more customers and more effectively than the current providers. As I mentioned earlier, which are building security in the knife, you use them. You don't have to worry about infrastructure about how many servers you need, amenities. It's all done for you and something about security. The third market is going to be in an emergence of a new generation of managed Grannie service providers which are going to take all these companies. We don't have enough resources. Okay, Don't worry. I'm going to help you, you know, duel that digital transformation and help you build the security. And then there's a totally new market of all these devices, including the phone, et cetera, which connects and that you essentially I want to all these i, o t and I ot devices that are or now connected, which, of course, present security risk. So I need to also secure them. But you also need to be able to also not only check their health to make sure that okay, because you cannot send people read anymore. So you tournament simply on security. If you find that that phone is compromised, you need to make to be able to make immediate decisions about Should I kill that phone? Destroyed everything in it. Should I Now don't let that phone connect any more to my networks. What should I do? Should I, by the way, detected that they've done with the application which another loud Because what we see is more and more companies are giving tablets to their users and in doing so now, today's the company property so they could say, OK, you use these tablets and you're not allowed to do that so you could check all of that and then automatically. But that again requires full visibility in what you are. And that's why just to finish, we make a big decision about the few three months ago that were We build the ability for any company on the planet to automatically build their targetable itis it eventually, which nobody knows what they have. That old networking environment. You don't know what connects to have the view of the known and the unknown totally free of charge across on premise and pawned crowd continues Web obligations or to united devices to come. So now that's the cornerstone of securities with that totally free. So and then, of course, you have all these additional solutions, and we're being very scalable up in platform where we can take data, a passel data as well. So we really need to be and want to be good citizen here because security at the end of it, it's almost like we used to say, like the doctors, you have to have that kind of feeble court oath that you can do no arms. So if you keep if you try to take the data that you have, keep it with you, that's all.