from New York it's the cube covering escape 19 okay welcome back to the cube coverage New York City for the inaugural multi-cloud conference the first one ever in the industry is called escape 2019 we're in New York so escapee from New York City from cloud that's the conversation all the thought leaders are here and executives people thinking about the next generation architecture and top tracks are all here if it's Wednesday who's the chief information security officer for Flextronics flex let's thank you for coming on love to have see so some because security seems to be there always a top conversation you got a very busy job I do yes you heard a lot of pressure all the time it's fun it's so fun for me so yeah as a Caesar and it's always like security stop in mind right of everyone out these days yeah and it's very sir one of the most interesting job I think most of the interesting for my trophies I learned so much about our business and they have insight into so many things that's actually really great you know one of the things I was just talking about on the kind of cube conversation was you know how date is really important part of it and how data backup and recovery was built on old thinking around you know data centers failing floods hurricanes electricity gets outages but the biggest disruption in business today is security security threats and so that's the cyber security pressure it's causing CISOs to to be mindful of the best architecture the best platform do we have the right tools so I wanna get your thoughts how are you thinking about that as an organization because you are you building in-house developers are you how you how are you organizing how are you gearing up to fight the battles that need to be fought so I am and I'm with the company so if Lex is a big manufacturing company right 26 billion so we have a lot of p2p business not consumer business which is I believe a different perspective of security versus actually like a consumer company facing so and I'm if in a security team for 15 years so we put it up like security operations and the orders kind of things really right we're old school I am what school learnt everything in that right but you a lot of IOT I mean you just really achieve oh yeah Industrial tea it's one of the topic but coming back to you you're right data is actually the center in Flour business data is getting more center right you collect data from the machine you collect data actually for the business actually to make more decisions right and could be predictive maintenance could be inventory management there could be a lot of things right you have to think about it so and the funny thing is I'm real I'm the seasonal for five years 15 years with the security team 20 years with the company so I rebuilt the team always like every three four years you like it's a kind of rebirth of the team we renew we add new skills right and cloud is one of the things which I think it's a fundamental change and the change is actually with it's actually on the development side what it means with that it's a security team has to move to serve the developers and the problem if the wood school was always like it's after sort so why I secured to such an issue because we had to do patching after we found vulnerabilities right and then old network is unsecure you need to wrap something around that like we did firewall so it was always an after sort now with the cloud it's changing because you have a lot of different things to do but basically we need to enable developers to be very quick and deploy their software very quickly so you know it is a fundamental change in the way you have to think the particular yeah and then that brings up the good question love to ask you because given you guys again not a consumer like Capital One yeah they don't challenge they got they weren't hacked Amazon actually the firewall was misconfigured an s3 bucket but that's a consumer company you have data though you're an industrial company got a lot of industrial IOT ransomware folks are targeting data yes and everyone's a target it's your surface area is large but you probably lock that down in the past so how are you thinking about all this new stuff so yeah I mean IOT it's I mean I would tease the problem as you said Industrial right it's not solved yet completely right because they still have to rethink a lot of the vendors providing this machinery which you've purchased for 25-30 years right this Silla wood school right sometimes like the one witness you can't upgrade or whatever such basic things they'd be lacking actually in terms of security there still has to be a shift in this you know not just in the industry but in a general thinking how you do that yes I have a big environment so we locked it down we use a lot of innovative technologies actually preventive measurements was also detected measuring and you need to create kind of mightily a concept where you actually start okay what is if this figures how we test it okay this face do we have other measurements where we can try to prevent measure stop those kind of things right but Wrentham is a big one there's other things as you know like hacking I mean they're kept in I was healing probably the capital one was an interesting money my I believe in that for the cloud its configuration issues right which I think it comes with cloud security it's about policy and configuration management right how you manage that and how you think about it but it's not it was not a nation gonna solve that I mean that's a open s3 bucket that's trivial I wasn't a big yes and no you look if you look at that it was a little bit more in detail so it was actually the back firewall was misconfigured which is a mod security running on a fresh air but the Miss configuration was actually a SS as server surgery force request issue which means like you tricked this firewall in giving you information you shouldn't give you so it was a little bit more granular as people think it was right just as free pocket configuration so it was a little bit more greener but I think that's the word the difficult comes about it which every security it's a complex problem right it's the many things you have - configuration error it was a configuration dumb as an s3 bucket no it was not rounded more sophisticated but not that sophisticated was it yellow what the change I would not sophisticated but something it's not easy to solve so you have to think about it but you're right it's still something exploit from a corner case it's still something you could have I mean I I'm careful to say you could have avoided yes you could because that's for sure but I know it's a complex environment right I'm not a human as humans involved and I know I don't know that eaters exactly we only know that once it's published right so it's very hard to to charge well let's bring some cloud security so let me ask you on multi-cloud this is a multi cloud conference what's your definition of multi-cloud how do you look at the multiple clouds for me more debris cloud is actually doesn't matter we had the good keynote where I said it's a bunch of service right that's how I see my two cloud it's a bunch of service could be my data centers in the public cloud data centers with different vendors that's what a cow is where I move my services should be actually independent from the public hybrid on-premise whatever it is right that's basically how I see it so it doesn't matter it's infrastructure on demand leverage it leverage it it could be say hey today I spin off this test server but you know what today it seems to be a cheaper all running on the Eva Lovelace versus CPC let's do it here next day next week we might do it somewhere else whatever you trigger whatever what is your requirements so you'd only look at that resource that like that how do you think about the cloud security then because the configurations compliance how do you how do you stay on top of that so that's an interesting thing because we a big enterprise but we as you said know consumer business so our problem is to find the right skill set to attract the right people to our company to do that right because this is our we have some cloud but it's not yet there's a journey we are trying to do as most of the enterprise so we're looking into startups managed services we say okay where are the gaps where we have to really have to outsource some of the things and gaps where we need to get information what's your advice to other CISOs out there that are in the b2b space of none other deal to consumer but I have to get serious that is now becoming more industrialized on the IOT side because you guys have been you know been there done that you have a big footprint on the IOT because you're history but as people get more facilities and they have more virtual offices more people working the edge is extending what's your advice to those CEOs who have to deal with this industrial and IOT edge I think you have to visibility is the key ingredient is first right if you don't know what you have it's very hard to understand what's the risk portfolios right so you need to find the right to set and don't believe you know what they have it's fantastic what you see when you use the right tool what this is everything is connected I mean basically even like I found like this coffee market I connect the devices right it's like like everyone just don't understand like it's kind of light poles get both wake multi-threaded processor what is that doing so there's I mean but visibility is a key ingredient so you have to understand and then you have to look into how you might take a terrace what is your risk about it right I mean if the coffee mug goes down I don't really care but if my testicles sound and I shut down the production I really care about that so you need to understand that risk and say how can i mitigating risk so while I got you here what's your final question what's your message to suppliers out there that all want to sell you something they want to sell you another tool you know an another tool you know I got a platform I got a tool you mean this here 750 which is existing now like the cybersecurity if you go to I say conferences unbelievable right it's like I want to sell you something you're the top dog I use shrinking suppliers down are you looking at some sort of standard API way to deal with them because you know you're obviously probably thinking about platforming and data visibility is critical what's your philosophy on how to support medieval suppliers so usually honestly the most time I really go in so for innovative technology we built in our company our so-called strategic partnership program were being it for startups and most of the time we engage we start of services or through other channels right but you get introduced and you review with a proof of concept of value the technology and we try to keep it like as a minimum value product very short time and say okay let's show what you can where your gaps are and can we get with you guys and come and get you but don't send me an email don't call me because I usually not react I have a job to do so that's most of the time where the disease were what comes all of the guys that hey I found another scissors tell me there's great technology you should look into that and what shows do you go to what events do you hang out and what are good events for you in this in the space RSA Red Hat black depth on are there certain events that you go to that you think are valuable I mean it's easily I go to the to the RSA Conference ership because actually it's very close to me as well yeah and being part being out of Santa C I recommend the b-sides actually I like the peace sign that these guys are great the pieces are great I think they are real value and then I try to a smaller circus I'd be a fun person around papers there's b-sides for folks watching is an alternative group of community industry participants they have kind of a b-side of a side like an album but it's essentially community event they do hackathons and variety of other cool things where people get together very unstructured kind of cool conference addition to bigger conferences I can't recommend desk yeah bitch thanks for coming on and sharing your insights there's pleasure there's a cube coverage here in New York City we're not escaping from the University escape conference the first multi-cloud conference in the industry we'll see how it goes if they're successful they might be back next year if not they won't be but I think multi-class here today what do you think okay great thanks for coming on I'm John Fourier thanks for watching

(upbeat music) >> Announcer: From New York, it's The Cube. Covering ESCAPE/19. (upbeat music) >> Welcome back to The Cube coverage New York City for the inaugural multi-cloud conference. The first one ever in the industry. It's called Escape 2019. We're in New York so escaping from New York, escaping from cloud, that's the conversation. All the thought leaders are here and executives. People thinking about the next generation architecture and talk tracks are all here. Fritz Wetschnig who's the Chief Information Security Officer for Flextronics. >> Flex, yes. >> Flex, thank you for coming on. Love to have CISOs on because security seems to be always the top conversation. You got a very busy job. >> I do yes. (laughing) >> You're under a lot of pressure all the time >> It's fun, it's still fun for me. So, yeah, a CISO, it's always like security's top in mind, right, of everyone now these days. But it's still one of the most interesting jobs. The most interesting for my job is, I learn so much about our business and to have insight into so many things that's actually really great. >> You know, one of the things I was just talking about on a Cube conversation was, you know, how data is a really important part of it and how data backup and recovery was built on old thinking around, you know, data centers failing, floods, hurricanes, electricity gets outages, but the biggest disruption in business today is security, security threats and so that's cybersecurity pressure is causing CISOs to be mindful of the best architecture the best platform. Do we have the right tools? So I want to get your thoughts. How are you thinking about that as an organization, because are you building in-house developers? Are you, how are you organizing, how are you gearing up to fight the battles that need to be fought? >> So, I am with the company, So Flex is a big manufacturing company, right. 26 billion, so we have a lot of P2P business not consumer business, which is I believe a different perspective of security versus actually like a consumer company facing, so and I'm in a security team for 15 years, so we built it up like security operations and all those kind of things we do, right. >> You're old school. >> I am old school learned everything and that, right? >> But you're lot are IOT, I mean, you're Industrial IOT. >> Oh yeah, Industrial IOT it's one of the topics but coming back to you, you're right, data is actually the center even for our business, data is getting more and more center, right. You collect data from the machine, you collect data actually for the business actually to do make more decisions, right. And it could be predictive maintenance, could be inventory management. There could be a lot of things, right. You have to think about it. So, and the funny thing is, I'm real, I'm the CISO now for 5 years, 15 years with the security team, 20 years with the company, So I rebuilt the team always like every three, four years like as a kind of rebirth of the team. We renew, we add new skills, right. And cloud is one of the things, which I think it's a fundamental change and the change is actually, it's actually on the development side. What it means with that is the security team has to move to serve the developers. And the problem with the old school was always like it's afterthought. So why is security such an issue? Because we had to do patching after we found vulnerabilities, right. And then old network is not secure you need to wrap something around it like we did firewalls. So it was always an afterthought. Now with the cloud, it's changing because you have a lot of different things to do but basically we need to enable developers to be very quick and deploy their software very quickly, so I think it's a fundamental change in the way you have to think about security. >> And yeah, that brings up the good question I would love to ask you 'cause you've given, again you're not a consumer, like Capital One with in-house, they had their own channel, they weren't hacked. Amazon, actually the firewall was misconfigured, on an SV Bucket but that's a consumer company. You have data though, you're an industrial company, got a lot of industrial IOT. Ransomware folks are targeting data. >> Yes. >> And everyone's a target. Your service area is large. But you probably lock that down in the past. So how are you thinking about all this new stuff? >> So yeah, I mean, IOT it's, I mean, IOT's a problem, as you said, the industrial right. And it's not solved yet completely, right. Because they still have to rethink a lot of the vendors providing this machinery, which you purchase for twenty five, thirty years, right. They still are old school, right, sometimes, like, the one on Windows you can't upgrade or whatever. So it's basic things they're lacking actually in terms of security. There's still, has to be a shift in this, not just in industry but in a general thinking, how you do that. Yes, I have a big environment, so we locked it down, we use a lot of innovative technologies, actually preventive measurements plus also detective measurements. And you need to create kind of mightily a concept where you actually start, okay, what is if this fails? How we test it? Okay, this fails, do we have other measurements where we can try to prevent, stop those kind of things, right. But ransom is a big one. There's other things, as you know, like hacking, I mean, like Capitol One. >> Malware's a big problem. >> The Capital One was an interesting one in my belief and that's for the cloud is configuration issues, right, which I think it comes with cloud security. It's about policy and configuration management, right. How you manage that and how you think about it, but it's not, it's was not that. >> Automation could have solve that, I mean, that's an open S3 bucket, that's trivial. It wasn't a big, technical. >> Yes and no, if you look at that it was a little bit more in detail, >> Okay. >> So it was actually, their back firewall was misconfigured, which is about security running on a back check, but the misconfiguration was actually is, as (mumbles) force request issue, which means, like, you tricked this firewall into giving you information you shouldn't give information, right. >> John: Okay, so it was a little bit more. So, it was a little bit more granular as people think it was, right. Just as 3-pocket configuration. So it was a little bit more granular, but I think that's the really difficultly comes about whichever security. It's a complex program, right. It's mainly things you have. >> But it was a configuration error? >> It was a configuration. >> It wasn't as dumb as an S3 bucket. >> No, it wasn't dumb. >> But it was a bit more sophisticated, but not that sophisticated, was it? On a scale of 1 to 10. >> It was not sophisticated, but something, it's not easy to solve. So you have to think about it, but you're right, it's still something. >> John: It's an exploit from a corner case. >> Yeah, it's still something you could have. I mean, I'm careful to say you could have avoided it, yes you could, because that's for sure, but I know it's a complex environment, right. >> It's a human, there's humans involved. >> And I don't know the details exactly, we only know that what was published, right, so it's very hard to check. >> Well, it brings up cloud security, so let me ask you, on multi-cloud, this is a multi-cloud conference. What's your definition of multi-cloud? How do you look at the multiple-clouds? >> For me, multiple-cloud is, actually it doesn't matter. We had a good keynote words, it's a bunch of servers, right. That's how I see multi-cloud. It's a bunch of servers. Could be my data centers in a public cloud data centers with different vendors, that's what a cloud is. Where I move my services should be actually independent from the public hyper on premise, whatever it is, right. That's basically how I see it. >> So it doesn't matter, it's infrastructure. >> Yeah. >> On demand, leverage it. >> Leverage it, it could be say, hey today, I spin of this test server, but you know what, today it seems to be a bit cheaper running on (mumbles) verses GBC, let's do it here. Next day, next week we might do it somewhere else, whatever you trigger, whatever what is your requirements. >> So if going to look at that resource at like that, how do you think about the cloud security then, because the configurations, compliance, how do you, how do you stay on top of that? >> So, that's an interesting thing because we have begun to prioritize but we, as you said, no consumer business, so our problem is to find the right skill set, to attract the right people to our company to do that right because this is our, we have some cloud, but it's not yet, there's a journey we are trying to do, as most of the enterprise, so we're looking into startups, manage services, We say, okay what are gaps that we have to maybe have to outsource some of the things and gaps where we need to get internal source of supply. >> What's you're advice to other CISOs out there that are in the B2B space of don't have to deal with the consumer but have to get serious, that is now becoming more industrialized on the IOT side because you guys have been, you know, been there, done that, you have a big footprint on the IOT, 'cause you have a history. But as people get more facilities and they have more virtual offices, more people working, the edge is extending. What's your advice to those CISOs who have to deal with this industrial end IOT edge? >> I think you have to, visibility is the key ingredient is first, right. If you don't know what you have, it's very hard to understand what's a risk portfolio, right. So, you need to find the right toolset, and don't believe you know what you have. It's fantastic what you see when you use the right tool what distance everything is connected. I mean, basically even, like, I found like, this coffee mug, you know. I connect it to devices, right. It's like, not like everyone, not just that they don't understand my coffee mug is connected to (laughing). >> That light bulb's got multithreaded processor. What is that doing? >> So, so there's concerns, I may, but visibility is a key ingredient you have to understand. And then you have to look into how you mitigate a risk. What is a risk about it, right. I mean, if the government goes down, I don't really care, but if my testos goes down and does shut down the production, I really care about that. So you need to understand that the risk and say, how can I mitigate the risk? >> So while I got you here, what's you final question? What's your message to suppliers out there that all want to sell you something? Want to sell you another tool, you know. Want another tool? You know, I got a platform. I got a tool. Buy from me. >> You mean, to sell 750 watches (drowned out by laughter) If you go to ISA conferences, unbelievable, right. >> I want to sell you something. You're the top dog, I promise. >> Don't send me an email. >> Don't send them an email. Are you shrinking suppliers down? Are you looking at some kind of standard API way to deal with them? >> Yes. >> Because, you know, you're probably thinking about platforming, and date of visibility's critical. >> Yes. >> What's you philosophy on how to support video suppliers? >> So usually, honestly, the most time I really go it so for in the weight of technology we built in our company is called the Strategic Partnership Program where we can get for startups, and most of the time we engage, we startups overseas, or as through other channels, right. Where you get introduced, and you review, with the proof of work concept or value, the technology, and we try to keep it like a mini product, very short time, and say, okay, let's show what you can, where your gaps are, and can we get with you guys and can we get you. But don't send me an email, don't call me because I usually not react. I have a job to do. (laughing) >> Yeah, exactly. >> So that's most of the time, whatever we sees, what comes or if, a guy said hey, I found another CISOs tell me there's great technology, you should leap into that. >> And what shows do you go to? What events do you hang out in? What are good events for you in the space, RSA, Red Hat, Black Defcon? Are there certain events you go to that you think are valuable? >> I mean, as a CISO, I go to the RSA Conference, which I should because it's actually very close to me as well, and being part, being out of San Jose, I recommend the BSides, actually. I like the BSides. >> John: The BSides are great. >> The BSides are great. I think they are real, really. And then I try to smaller circles, right. We have our personal round tables. >> BSides for folks watching is an alternative group of community, industry participants, they have kind of a B-side, an A-side, like an album. But it's such a community event. They do hacker funds and a variety of other cool things where people get together, very unstructured kind of, cool conference, in addition to bigger conferences. >> I can recommend this. >> Yeah, awesome. Fritz, thanks for coming on and sharing your insights. >> Thanks. >> Been a pleasure. The Cube coverage in New York City, we're not escaping from New York but this is the Escape Conference, the first multi-cloud conference in the industry, we'll see how it goes. If they're successful, they might be back next year. If not, they won't be. But I think multi-cloud's going to stay. What do you think? >> I am think so too, yes. >> Okay, Fritz, thanks for coming on. I'm John Furrier, thanks for watching. (upbeat music)

>> Hey, welcome back everybody. Jeff Rick here with the Cube. We are live in downtown San Jose at the historic Pagoda Lounge, part of Big Data SV, which is part of Strata + Hadoop Conference, which is part of Big Data Week because everything big data is pretty much in San Jose this week. So we're excited to be here. We're here with George Gilbert, our big data analyst from Wikibon, and a great guest, Gaurav Dhillon, Chairman and CEO of SnapLogic. Gaurav, great to see you. >> Pleasure to be here, Jeff. Thank you for having me. George, good to see you. >> You guys have been very busy since we last saw you about a year ago. >> We have. We had a pretty epic year. >> Yeah, give us an update, funding, and customers, and you guys have a little momentum. >> It's a good thing. It's a good thing, you know. A friend and a real mentor to us, Dan Wormenhoven, the Founder and CEO of NetApp for a very long time, longtime CEO of NetApp, he always likes to joke that growth cures all startup problems. And you know what, that's the truth. >> Jeff: Yes. >> So we had a scorching year, you know. 2016 was a year of continuing to strengthen our products, getting a bunch more customers. We got about 300 new customers. >> Jeff: 300 new customers? >> Yes, and as you know, we don't sell to small business. We sell to the enterprise. >> Right, right. >> So, this is the who's who of pharmaceuticals, continued strength in high-tech, continued strength in retail. You know, all the way from Subway Sandwich to folks like AstraZeneca and Amgen and Bristol-Myers Squibb. >> Right. >> So, some phenomenal growth for the company. But, you know, we look at it very simply. We want to double our company every year. We want to do it in a responsible way. In other words, we are growing our business in such a way that we can sail over to cash flow break-even at anytime. So responsibly doubling your business is a wonderful thing. >> So when you look at it, obviously, you guys are executing, you've got good products, people are buying. But what are some of the macro-trends that you're seeing talking to all these customers that are really helping push you guys along? >> Right, right. So what we see is, and it used to be the majority of our business. It's now getting to be 50/50. But still I would say, historically, the primary driver for 2016 of our business was a digital transformation at a boardroom level causing a rethinking of the appscape and people bringing in cloud applications like Workday. So, one of the big drivers of our growth is helping fit Workday into the new fabric in many enterprises: Vassar College, into Capital One, into finance and various other sectors. Where people bring in Workday, they want to make that work with what they have and what they're going to buy in the future, whether it's more applications or new types of data strategies. And that is the primary driver for growth. In the past, it was probably a secondary driver, this new world of data warehousing. We like to think of it as a post-modern era in the use of data and the use of analytics. But this year, it's trending to be probably 50/50 between apps and data. And that is a shift towards people deploying in the same way that they moved from on-premise apps to SAS apps, a move towards looking at data platforms in the cloud for all the benefits of racking and stacking and having the capability rather than being in the air-conditioning, HVAC, and power consumption business. And that has been phenomenal. We've seen great growth with some of the work from Microsoft Azure with the Insights products, AWS's Redshift is a fantastic growth area for us. And these sorts of technologies, we think are going to be of significant impact to the everyday, the work clothing types of analytics. Maybe the more exotic stuff will stay on prem, but a lot of the regular business-like stuff, you know, stuff in suits and ties is moving into the cloud at a rapid pace. >> And we just came off the Google Next show last week. And Google really is helping continue to push kind of ML and AI out front. And so, maybe it's not the blue suit analytics. >> Gaurav: Indeed, yes. >> But it does drive expectations. And you know, the expectations of what we can get, what we should get, what we should be moving towards is rapidly changing. >> Rapidly changing, for example, we saw at The New York Times, which as many of Google's flagship enterprise customers are media-related. >> Jeff: Right. >> No accident, they're so proficient themselves being in the consumer internet space. So as we encountered in places like The New York Times, is there's a shift away from a legacy data warehouse, which people like me and others in the last century, back in my time in Informatica, might have sold them towards a cloud-first strategy of using, in their case, Google products, Bigtable, et cetera. And also, they're doing that because they aspirationally want to get at consumer prices without having to have a campus and the expense of Google's big brain. They want to benefit from some of those things like TensorFlow, et cetera, through the machine learning and other developer capabilities that are now coming along with that in the cloud. And by the way, Microsoft has amazing machine learning capability in its Azure for Microsoft Research as well. >> So Gaurav, it's interesting to hear sort of the two drivers. We know PeopleSoft took off starting with HR first and then would add on financials and stumble a little bit with manufacturing. So, when someone wants to bring in Workday, is it purely an efficiency value prop? And then, how are you helping them tie into the existing fabric of applications? >> Look, I think you have to ask Dave or Aneel or ask them together more about that dynamic. What I know, as a friend of the firm and as somebody we collaborate with, and, you know, this is an interesting statistic, 20 percent of Workday's financial customers are using SnapLogic, 20 percent. Now, it's a nascent business for them and you and I were around in the last century of ERP. We saw the evolution of functional winners. Some made it into suites and some didn't. Siebel never did. PeopleSoft at least made a significant impact on a variety of other things. Yes, there was Bonn and other things that prevented their domination of manufacturing and, of course, the small company in Walldorf did a very good job on it too. But that said, what we find is it's very typical, in a sense, how people using TIBCO and Informatica in the last century are looking at SnapLogic. And it's no accident because we saw Workdays go to market motion, and in a sense, are following, trying to do the same thing Dave and Aneel have done, but we're trying to do the same thing, being a bunch of ex-Informatica guys. So here's what it is. When you look at your legacy installation, and you want to modernize it, what are your choices? You can do a big old upgrade because it's on-premise software. Or you can say, "You know what? "For 20% more, I could just get the new thing." And guess what? A lot of people want to get the new thing. And that's what you're going to see all the time. And that's what's happening with companies like SnapLogic and Workday is, you know, someone. Right here locally, Adobe, it's an icon in technology and certainly in San Jose that logo is very big. A few years ago, they decided to make the jump from legacy middleware, TIBCO, Informatica, WebMethods, and they've replaced everything globally with SnapLogic. So in that same way, instead of trying to upgrade this version and that version and what about what we do in Japan, what do we do in Sweden, why don't you just find a platform as a service that lets you elevate your success and go towards a better product, more of a self-service better UX, millennial-friendly type of product? So that's what's happening out there. >> But even that three-letter company from Walldorf was on-stage last week. You can now get SAP on the Google Cloud Platform which I thought was pretty amazing. And the other piece I just love but there's still a few doubters out there on the SAS platform is now there's a really visual representation. >> Gaurav: There is. >> Of the dominance of that style going up in downtown San Francisco. It's 60 stories high, and it's taken over the landscape. So if there's ever any a doubt of enterprise adaptation of SAS, and if anything, I would wonder if kind of the proliferation of apps now within the SAS environment inside the enterprise starts to become a problem in and of its own self. Because now you have so many different apps that you're working on and working. God help if the internet goes down, right? >> It's true, and you know, and how do you make e pluribus unim, out of many one, right? So it's hilarious. It is almost at proliferation at this point. You know, our CFO tapped me the other day. He said, "Hey, you've got to check this out." "They're using a SAS application which they got "from a law firm to track stock options "inside the company." I'm like, "Wow, that is a job title and a vertical." So only high growth private venture backed companies need this, and typically it's high tech. And you have very capable SAS, even in the small grid squares in the enterprise. >> Jeff: Right, right. >> So, a sign, and I think that's probably another way to think about the work that we do at SnapLogic and others. >> Jeff: Right, right. >> Other people in the marketplace like us. What we do essentially is we give you the ERP of one. Because if you could choose things that make sense for you and they could work together in a very good way to give you very good fabric for your purposes, you've essentially bought a bespoke suit at rack prices. Right? Without that nine times multiplier of the last century of having to have just consultants without end, darkened the sky with consultants to make that happen. You know? So that, yes, SAS proliferation is happening. That is the opportunity, also the problem. For us, it's an opportunity where that glass is half-full we come in with SnapLogic and knit it together for you to give you fabric back. And people love that because the businesses can buy what they want, and the enterprise gets a comprehensive solution. >> Jeff: Right, right. >> Well, at the risk of taking a very short tangent, that comment about darkening the skies, if I recall, was the battle of the Persians threatening the 300 Greeks at the battle of Thermopylae. >> Gaurav: Yes. >> And they said, "We'll darken the skies with our arrows." And so the Greek. >> Gaurav: Come and get 'em. >> No, no. >> The famous line was, he said, "Give us your weapons." And the guy says, "Come and get 'em." (laughs) >> We got to that point, the Greek general says, "Well, we'll fight in the shade." (all laughing) But I wanted to ask you. >> This is the movie 300 as well, right? >> Yes. >> The famous line is, "Give us your weapons." He said, "Come and get 'em." (all laughing) >> But I'm thinking also of the use case where a customer brings in Workday and you help essentially instrument it so it can be a good citizen. So what does that make, or connect it so it can be a good citizen. How much easier does that mean or does that make fitting in other SAS apps or any other app into the fabric, application fabric? >> Right, right. Look, George. As you and I know, we both had some wonderful runs in the last century, and here we are doing version 2.0 in many ways, again, very similar to the Workday management. The enterprise is hip to the fact that there is a Switzerland nature to making things work together. So they want amazing products like Workday. They want amazing products like the SAP Cloud Suite, now with Concur, SuccessFactors in there. Some very cool things happening in the analytics world which you'll see at Sapphire and so on. So some very, very capable products coming from, I mean, Oracle's bought 80 SAS companies or 87 SAS companies. And so, what you're seeing is the enterprise understands that there's going to be red versus blue and a couple other stripes and colors and that they want their businesspeople to buy whatever works for them. But they want to make them work together. All right? So there is a natural sort of geographic or structural nature to this business where there is a need for Switzerland and there is a need for amazing technology, some of which can only come from large companies with big balance sheets and vertical understanding and a legacy of success. But if a customer like an AstraZeneca where you have a CIO like Dave Smoley who transformed Flextronics, is now doing the same thing at AstraZeneca bringing cloud apps, is able to use companies like SnapLogic and then deploy Workday appropriately, SAP appropriately, have his own custom development, some domestic, some overseas, all over the world, then you've got the ability again to get something very custom, and you can do that at a fraction of the cost of overconsulting or darkening the skies in the way that things were done in the last century. >> So, then tell us about maybe the convergence of the new age data warehousing, the data science pipeline, and then this bespoke collection of applications, not bespoke the way Oracle tried it 20 years ago where you had to upgrade every app tied into every other app on prem, but perhaps the integration, more from many to one because they're in the cloud. There's only one version of each. How do you tie those two worlds together? >> You know, it's like that old bromide, "Know when to hold 'em. "Know when to fold them." There is a tendency when programming becomes more approachable, you have more millennials who are able to pick up technology in a way. I mean, it's astounding what my children can do. So what you want to do is as a enterprise, you want to very carefully build those things that you want to build, make sure you don't overbuild. Or, say, if you have a development capability, then every problem looks like a development nail and you have a hammer called development. "Let's hire more Java programmers." That's not the answer. Conversely, you don't want to lose sight of the fact that to really be successful in this millennium, you have to have a core competence around technology. So you want to carefully assemble and build your capability. Now, nobody should ever outsource management. That's a bad idea. (chuckles) But what you want to do is you want to think about those things that you want to buy as a package. Is that a core competence? So, there are excellent products for finance, for human capital management, for travel expense management. Coupa just announced today their for managing your spend. Some of the work at Ariba, now the Ariba Cloud at SAP, are excellent products to help you do certain job titles really well. So you really shouldn't be building those things. But what you should be doing is doing the right element of build and buy. So now, what does that mean for the world of analytics? In my view, people building data platforms or using a lot of open source and a lot of DevOps labor and virtualization engineering and all that stuff may be less valuable over time because where the puck is going is where a lot of people should skate to is there is a nature of developing certain machine language and certain kind of AI capabilities that I think are going to be transformational for almost every industry. It is hard to imagine anything in a more mechanized back office, moving paper, manufacturing, that cannot go through a quantum of improvement through AI. There are obviously moral and certain humanity dystopia issues around that to be dealt with. But what people should be doing is I think building out the AI capabilities because those are very custom to that business. Those have to do with the business's core competence, its milieu of markets and competitors. But there should be, in a sense, stroking a purchase order in the direction of a SAS provider, a cloud data provider like Microsoft Azure or Redshift, and shrinking down their lift-and-shift bill and their data center bill by doing that. >> It's fascinating how long it took enterprises to figure out that. Just like they've been leveraging ADP for God knows how many years, you know, there's a lot of other SAS applications you can use to do your non-differentiated heavy lifting, but they're clearly all in now. So Gaurav, we're running low on time. I just want to say, when we get you here next year, what's top of your plate? What's top of priorities for 2017? Cause obviously you guys are knocking down things left and right. >> Thank you, Jeff. Look, priority for us is growth. We're a growth company. We grow responsibly. We've seen a return to quality on the part of investors, on the part of public and private investors. And you know, you'll see us continue to sort of go at that growth opportunity in a manner consistent with our core values of building product with incredible success. 99% of our customers are new to our products last quarter. >> Jeff: Ninety-nine percent? >> Yes sir. >> That says it all. >> And in the world of enterprise software where there's a lot of snake oil, I'm proud to say that we are building new product with old-fashioned values, and that's what you see from us. >> Well 99% customer retention, you can't beat that. >> Gaurav: Hard to beat! There's no way but down from there, right? (laughing) >> Exactly. Alright Gaurav, well, thanks. >> Pleasure. >> For taking a few minutes out of your busy day. >> Thank you, Jeff. >> And I really appreciate the time. >> Thank you, Jeff, thank you, George. >> Alright, he's George Gilbert. I'm Jeff Rick. You're watching the Cube from the historic Pagoda Lounge in downtown San Jose. Thanks for watching.