>> live from Boston, Massachusetts. It's the Cube covering A W s reinforce 2019 brought to you by Amazon Web service is and its ecosystem partners come >> back, Everyone live Coverage of AWS reinforced their first conference, The Cube here in Boston. Messages some jumper. MacOS David Lattin escapes Jesse rusting >> CT on co >> founder of Extra Cube alumni. Great to see you again. VM World Reinvent >> Now the new conference reinforce not a team. A >> summit reinforced a branded event around Cloud security. This is in your wheelhouse. >> Thank you for having me. Yeah, it's a spectacular event. Unbelievable turnout. I think there's 8000 people here. Maybe more. I know that's what they were expecting for an event that was conceived of, or at least announced barely six months ago. The turnout's just >> wait. Many conversation in the past on the Cube and others cloud security now having its own conference. It's not like a like a security conference like Black at Def Con, which is like a broader security. This is really focused on cloud security and the nuances involved for on premises and cloud as it's evolving. It's certainly a lot more change coming on this kind of spins into your direction you would talking this year in the front end. >> It absolutely does. First, it speaks to market demand. Clearly, there was demand for a cloud security focused conference, and that's why this exists. Every survey that I've seen lists security extremely high on the list of anxieties or even causes for delay for shifting workloads to the cloud. So Amazon takes security extremely seriously. >> And then my own personal >> view is that cloud security has been somewhat nascent and immature. And we're seeing, you know, hopefully kind of Ah, somewhere rapid, a >> lot of motivation in that market. Certainly a lot of motivated people want to see it go faster and there spitting in building that out. So I gotta ask >> you before you get off the show, I actually say something if I may. I mean, it's been a long time coming. Yeah, this to your point, Jesse. There was a real need for it, and I think Amazon deserves a lot of credit for that. But at the same time, I think Amazon. There's a little criticism there. I mean, I think that the message that reinvent that's always been we got the best security. We got the most features as I come on in, and the whole theme here of the shared responsibility model, which I'd love to get into, I think was somewhat misunderstood by some of those high high level messaging. So I didn't want to put that out there as a topic that we might touch on. Great. Let's talk about it. Okay, so I do think it was misunderstood. The shared responsibility model. I think the messaging was Hey, the cloud is more secure than your existing data centers. Come on in. And I think a lot of people naively entered waters and then realized, Oh, wait a minute. There's a lot that we still have toe secure. We can't just set it and forget it. I mean, you agree with that? >> I I think that's a controversial topic. I do agree with it. I think it continues to be misunderstood. Shared responsibility model in some ways is Amazon saying We're going the security infrastructure and we're going to give you the tools. But organizations air still expected to follow best practices, certainly, and implement their own, hopefully best in class security operations. >> It's highly nuanced. You can say sharing data see increases visibility into into threats and also of making quality alerts. But I think it's a little bit biased, Dave for Amazon to satiate responsibility because they're essentially want to share in the security posture because they're saying we'll do this. You do that as inherently shared. So why wouldn't they say that? >> Well, I guess we're gonna say way want to own everything? Well, I guess my weight So this show is that I really like their focus on that. I think they shone a light on it and for the goodness of the the industry in the community they have. But it is a bit >> nuanced, and they've said some controversial, perhaps even trajectory statements. In the keynote yesterday, I was I was amused to hear that security is everybody everyone's job, which is something I wholeheartedly believe in. But at the same time, you know, David said that he didn't believe Stephen Step Rather said that he didn't believe in depth set cops, and that seemed a little bit of odds because I but I think they're probably really Steven Schmidt. Steven >> so eight of us. But at the same time, there was a narrative around. Security is code. So, yes, there were some contradictions in messaging, so this smaller remains small ones. They were nuanced but remains some confusion. And that's why people look to the ecosystem to help acorns. And this goes back to >> my earlier point. I I believe that cloud security is really quite nascent. When we look at the way we look at the landscape of vendors, we see a number of vendors that really are kind of on Prem security solutions. They're trying to shoehorn into the cloud way, see a lot of essentially vulnerability scanning and static image scanning. But wait, don't see, in my opinion, that much really best in class security so solutions. And I think until relatively recently it was very hard to enable some of them. And that's why I'd love to talk about the VPC traffic marrying announcement, because I think that was actually the most impactful announcement >> that I want to get to it. So So this is ah, a new on the way. By the way, the other feedback up ahead on the Cube is the sessions here have been so good because you can dig deeper than what you can get it re invent given tries. This is a good example. Explained that the that story because this has been one of the most important stories, the traffic mirroring >> well, unlike >> reinvent. I think this show is Is Maura about education than it is about announcements? No, Amazon announced. A few new service is going into G ET, but these were service is, for the most part, that we already knew you were coming here like God Watchtower in security hub. But the BBC traffic mirroring was really the announcement of this show. And, gosh, it's been a long time in coming 11 closely held belief I've had for a long time is that in the fullness of time, there's really nothing of value that that you can do on Prem that you wouldn't eventually be able to do in the cloud. And it's just been a head scratcher for me. WIFE. For so many years, we've been unable to get any sort of view, mirror or tap of the traffic for diagnostic or analytic purpose is something you could do on prim so easily, with a span porter and network tap and in the cloud we've been having to do kind of back flips and workarounds and software taps and things like that. But with this announcement, it's finally here. It's native >> explain VPC Chapman. What is it for? The folks watching might not know it. Why it's wife. What is it and why is it important? >> So BBC traffic marrying is a network tap that is built into E. C. To networking. What it means is that you can configure a V p c traffic mirror four individual E C two instances actually down to the e n I. Level. You can configure filters and you can send that to a target for analysis purposes. And this analysis could be for diagnostics. But I think much more important is for security. Extra hop is is really began as a network analytics platform way do network detection and response. So this type of this ability to analyze the traffic in real time to run predictive models against it to detect in real time suspicious behaviors and potential threats, I think is absolutely game changing for someone security posture. >> And you guys have been on the doorstep of this day in day out. So this is like a great benefit to you guys. As a company, I can see that. I see That's a great thing for you guys. What's the impact of the customers? Because what is the good news that comes out of the traffic nearing for them? What's the impact of their environment? >> Well, it's all about >> friction. First, I wantto clarify that we've been running in a WS for over six years, six or seven years, so we've had that solution. But it's required some friction in the deployment process because our customers had to install some sort of software tap, which was usually an agent, that was analyzing that there was really gathering the packets in some sort of promiscuous mood and then sending them to us in a tunnel. Where is now? This is This is built into the service into the infrastructure. There's no performance penalty at all. You can configure it. You have I am rolls and policies to secure it. All of the friction goes away. I think, for the kind of the first time in in cloud history, you can now get extremely high quality network security analytics with practically the flip of a switch. >> So It's not another thing do manage. It's like you say, inherit to the network. John and I have heard this this week at this event from practitioners that they want to see less just incremental security products and Maur step function and what they mean by that is way want products that actually take action or give us a script that we can implement, or or actually fix the problem for us. Will this announcement on others that you guys were involved in take that next step more proactive security that these guys so a couple of thoughts >> on that first, the answer is yes, it can, and you're absolutely right. Remediation is extremely important, especially for attacks that they're fast and destructive. When you think about kind of the when you think about attack patterns, their attacks are low and slow. Their attacks their advanced in persistent but the taxes, air fast and destructive movie the speed that is really beyond the ability for humans to respond. And for those sorts of attacks, I think you absolutely need some sort of automated remediation. The most common solutions are some form of blocking the traffic, quarantining the traffic or maybe locking the accounts, and you're kind of blocking. Quarantining and locking are my top three, and then various forms of auditing and forensics go along the way. Amazon actually has a very good tool box for that already. And there are security orchestration, products that can help. And for products like extra hop, the ability to feed a detection into an action is actually a trivial form of integration that we offer out of the box. So the answer is yes. >> But let me go >> back to kind of the incrementalist approach as well that you mentioned. I kind of think about the space and really, really broad strokes and organizations for the last 10 years or so have really highly invested in prevention and protection. So a lot of this is your perimeter defense and in point protection, and the technologies have gotten better. Firewalls have turned into next generation firewalls and antivirus agents have turned into next generation anti virus or in point detection and response. But I strongly believe that network security has and in some ways just kind of lagged behind, and it's really ripe for innovation. And that's why that's what we've really spent the last decade >> building. And that's why you're excited about the traffic BPC traffic nearing because it allows for parallel analytics and so more real time, >> more real >> time. But the network has great properties that nothing else has. When you think about network security with the network itself is close to ground Truth as you can get, it's very hard to tamper with, and it's impossible to turn off those air great properties for cyber security. And you can't say that about something like that. Logs, which are from time to time disabled and scrubbed on. You certainly can't say that about en Pointe agents, which are often worked around and in some cases even used as a better for attack. >> I'm gonna ask you Okay, on that point, I get that. So the next question would come to my mind is okay with the surface here. With coyote expanding and with cloud, you have a sprawling surface area. So the surface area is growing just by default by natural evolution, connecting to the cloud people of back hauling their data into the cloud. All this is good stuff. >> Absolutely. Call it the attack surface, and it is absolutely glowing perhaps in an exponential >> about that dynamic, one sprawling attack air. Because that's just the environment now. And what's the best practice to kind of figure out security posture? Great, great >> question. People talk a lot about the dissolution of the perimeter, and I think I think that's a bit of the debate. And regardless of your views on that, we can all believe that the perimeter is changing and that workloads are moving around and that users are becoming more mobile. But I think an extremely important point is that every enterprise just about is hybrid. So we actually need protection for a hybrid attack surface. And that's an area where I believe extra hop offers a great solution because we have a solution that runs on premises in physical data centers are on campuses, which, no matter how much work, would you move to the cloud. You still have some sort of user on some sort of laptop or some sort of work station in some sort of campus environment, way workin in private cloud environments that are virtualized. And then, of course, we work in public cloud environments, and another announcement that we just made it this show, which I also think is game changing, is our revealed ex cloud offering. So this is an SAS. This is a sass based, network detection and response solution, which means that I talked about removing friction by marrying the traffic. But in this case, all >> you have to >> do is mirror the traffic, pointed to our sass, and we'll do all of the management mean that So is that in the streets for you that is in the marketplace. We launched it yesterday, >> So it's great integration point for you guys. Get it, get on board more customers. >> And I think I think solutions like ours are absolutely best practices and required to secure this hybrid attacks in the >> marketplace. What was that experience like, you know, Amazon >> was actually great to work with. I don't mean to say that with disbelief. You work with you work with such a large company. You kind of have certain expectations, and they exceeded all of my expectations in terms of their responsiveness. They worked with us extremely closely to get into the marketplace. They made recommendations with partners who could help accelerate our efforts. But >> in addition to the >> marketplace, we actually worked with them closely on the VPC traffic marrying feature. There was something we began talking with them about a SW far back, as I think last December, even before reinvent, they were extremely responsive to our feedback. They move very, very quickly. They've actually just >> been a delight to work. There's a question about you talking about the nana mutability of logs, and they go off line sometimes. And yet the same time there's been tens of $1,000,000,000 of value creation from that industry. Are there things that our magic there or things that you can learn from the analytics of analyzing logs that you could bring over to sort of what you're positioning is a more modern and cloud like approach? Or is there some kind of barrier to entry doing that? Can you shed some light on Jesse? That's >> a great question, and this is where I'll say it's a genius of the end situation, not a tyranny of the or so I'm not telling people. Don't collect your logs or analyze them. Of course you should do that, you know that's the best practice. But chances are that that space, you know, the log analysis and the, you know, the SIM market has become so mature. Chances are you're already doing that. And I'm not gonna tell organizations that they shouldn't have some sort of point protection. Of course you should. But what I am saying is that the network itself is a very fundamental data source that has all of those properties that are really good for cyber security and the ability that analyze what's going on in your environment in real time. Understand which users air involved? Which resource is air accessed? And are these behavioral patterns of suspicious and do they represent potential threats? I think that's very powerful. I have a I have a whole threat research team that we've built that just runs attacks, simulations and they run attack tools so that we can take behavioral profiles and understand what these look like in the environment. We build predictive models around how we expect you re sources and users and end points to behave. And when they deviate from those models, that's how we know something suspicious is going on. So this is definitely a a genius of the end situation. John >> reminds me of your you like you're very fond of saying, Hey, what got you here is not likely to move you forward. And that's kind of the takeaway for practitioners is >> yeah. I mean, you gotta build on your success. I mean, having economies of scale is about not having Disick onyx of scale, meaning you always constantly reinventing your product, not building on the success. And then you're gonna have more success if you can't trajectory if you it's just basic competitive strategy product strategy. But the thing that's interesting here is is that as you get more successful and you continue to raise the bar, which is an Amazon term, they work with you better. So if you're raising the bar and you did your own network security probably like OK, now we get parallel traffic mirroring so that >> that's true. But I think we've also heard the Amazon is I think they caught maniacally customer focused, right? And so I think that this traffic marrying capability really is due to customer demand. In fact, when you when you were if you were at the Kino when they made the announcement, that was the announcement where I feel like every phone in the in the whole auditorium went up. That's the announcement where I think there's a lot of excitement and for security practitioners in particular, and SEC ops teams I think this. I think this really reduces some anxiety they have, because cloud workloads really tend to be quite opaque. You have logs, you have audit logs, but it's very difficult to know what actually going on there and who is actually accessing that environment. And, even more important, where is my data going? This is where we can have all sorts of everything from a supply chain attack to a data exfiltration on. It's extremely important to to be able to have that visibility into these clouds >> way agree. We've been saying on the cue many, many years now that the network is the last bottleneck, really, where that script gets flipped upside down where Workloads air dictating Dev ops. Now the network piece is here, so I think this is going to create a lot of innovation. That's our belief. Love to follow up Mawr in Palo Alto. When we get back on this hybrid cloud, I think that's a huge opportunity. I think there's a create a blind spot for companies because that's where the the attackers will go, because they'll know that the hybrids rolling out and that'll be a vulnerability area >> one that's, you know, it's an arms race. Network security is not new. It's been around for decades. But the attack the attackers in the attacks have become more sophisticated, and as a result, you know the defenders need to raise their game as well. This is why, on the one hand, there's there's so much hype and I think machine learning in some ways is oversold. But in other ways, it is a great tool in our arsenal. You know, the machine learning the predictive models, the behavioral models, they really do work. And it really is the next evolution for defensive >> capabilities. Thanks for coming on. Great insight. >> One last question. The beer. Extra guys have been here way did in the past. It's been a while since >> we've done that, but it comes from early days when when I founded the company, people would ask you in the name extra hoppy. Oh, are you guys an online brewery? And we were joking. We said no, that that was extra hops way embraced it and We actually worked with a local brewer that has since been acquired by a major beverage brands. I >> don't know that. I just heard way built our own >> label, and it was the ex Rob Wired P. A. It was it was extremely well received. Every time we visit a customer they'd ask us to bring here. >> That's pretty. You gotta go back to proven formula. Thanks for the insights. Let's follow up when we get back in Palo Alto in our studio on his high breathing's a compelling conversation network Security Network analytics innovation areas where all the action's happening here in Boston, 80 best reinforced. Keep coverage. We'll be right back.

>> live from San Francisco. It's the Cube covering Google Club Next nineteen Rodeo by Google Cloud and its ecosystem partners. >> Hey, welcome back. Everyone's the live Cube covers here in San Francisco for Google Cloud. Next nineteen. I'm Javert Day Volante here on the ground floor, day two of three days of wall to wall coverage to great guests. We got Kartik lost. Meena Ryan, product management director of Cloud Identity for Google and Kim parent chief security officer for Doctor on Demand. Guys, welcome to the Cube. Appreciated Coming on. >> Great to be here. >> Thank you so honestly Way covering Google Cloud and Google for many, many years. And one of the things that jumps out at me, besides allows the transformation for the enterprise is Google's always had great technology, and last year I did an interview, and we learned a lot about what's going on the chip level with the devices you got. Chrome browser. Always extension. All these security features built into a lot of the edge devices that Google has, so there's definitely a security DNA in there and Google the world. But now, when you start getting into cloud access and permissions yesterday and the Kino, Thomas Kurian and Jennifer Lin said, Hey, let's focus on agility. Not all his access stuff. This is kind of really were identity matters. Kartik talk about what's going on with cloud identity. Where are we? What's the big news? >> Yeah, thank you. So clouded. Entities are solution to manage identity devices and the whole axis management for the clouds. And you must have heard of beyond Corp and the whole zero trust model and access. One thing we know about the cloud if you don't make the access simple and easy and at the same time you don't provide security. You can get it right. So you need security and you need that consumer level simplicity. >> Think it meant explain beyond core. This is important. Just take a minute to refresh for the folks that might not know some of the innovations. They're just start >> awesome. Yeah. So traditional on premises world, the security model was your corporate network. Your trust smaller. Lose The corporate network invested a lot to get to keep the bad people out. You get the right people on and that made ten T applications on premises. Your data was on premises now the Internet being a new network, you work from anywhere. Work is no longer a thing. You work from anywhere. What gets done right? So what is the new access? More look like? That's what people have been struggling with. What Google came up with in two thousand eleven is this model called Beyond Core versus Security Access Model will rely on three things. Who you are is a user authentication the device identity and security question and last but not least, the context off. What are you trying to access in very trying to access from So these things together from how you security and access model And this is all about identity. And this is Bianca. >> And anyone who has a mobile device knows what two factor authentication is. That's when you get a text messages. That's just two factor M. F. A multi factor. Authentication really is where the action is, and you mentioned three of them. There's also other dimensions. This is where you guys are really taking to the next level. Yeah, where are we with FAA and some of the advances around multi factor >> s O. So I think keeping you on the highlight is wear always about customer choice. We meet customers where they are. So customers today have invested in things like one time use passwords and things like that. So we support all of that here in cloud identity. But a technology that we are super excited about the security, Keith. And it's built on the fighter standard. And it's inserted this into your USB slot of that make sense. And we just announced here at next you can now use your android phone as a security key. So this basically means you don't have to enter any codes because all those codes you enter can be fished on way. Have this thing at Google and we talked about it last time. Since we roll our security keys. No Google account, it's >> harder for the hackers. Really Good job, Kim. Let's get the reality. You run a business. You've been involved in a lot of start ups. You've been cloud nated with your company. Now talk about your environment does at the end of the year, the chief security officer, the buck stops with you. You've got to figure this out. How are you dealing with all this? These threats at the same time trying to be innovative with your company. >> So for clarity. So I've been there six years since the very beginning of the company. And we started the company with zero hardware, all cloud and before there was beaten beyond Corp. Where there was it was called de-perimeterization. And that's effectively the posture we took from the very beginning so our users could go anywhere. And our I always say, our corporate network is like your local coffee shop. You know, WiFi like that's the way we view it. We wanted to be just a secure there at the coffee shop, you know, we don't care. Like we always have people assessing us and they're looking at a corporate network saying, You know, where your switches that you're, you know, like where your hardware like, we want to come in and look at all like we don't have anything like, >> there's no force. The scan >> is like way. Just all go to the Starbucks will be the same thing. So that's part of it. And now you know, when we started like way wanted to wrap a lot of our services in the Google, but we had the problem with hip a compliance. So in the early days, Google didn't have six years ago. In our early days, Google didn't have a lot of hip, a compliant services. Now they do. Now we're moving. We're trying to move everything we do almost in the Google. That's not because we just love everything about Google. It's for me. I have assessed Google security are team has assessed their security. We have contracts with them and in health care. It's very hard to take on new vendors and say Hey, is there security? Okay, are their contracts okay? It's like a months long process and then even at the end of the day, you still have another vendor out there that sharing your day, that you're sharing your data with them and it's precarious for me. It just it doubles my threat landscape. When I go from Google toe one more, it's like if I put my data there, >> so you're saying multi vendor the old way. This is actually a problematic situation for you. Both technically and what operate timewise or both are super >> problematic for me in terms of like where we spread our data to like It just means that company every hack against that company is brutal for us, like And you know, the other side of the equation is Google has really good pricing. Comparatively, yes, Today we're talking about Big Query, for example, and they wanted to compare Big Query to some other systems and be crazy. G, c p. And And we looked at the other systems and we couldn't find the pricing online. And, like Google's pricing was right there was completely transparent. Easy to understand. The >> security's been vetted. The security's >> exactly Kim. Can you explain when you said the multi vendor of creates problems for you? Why is this? Is it not so much that one vendor is better? The other assistant? It's different. It's different processes or their discernible differences in the quality of the security. >> There are definitely discernible differences in quality, for sure. Yeah, >> and then add to that different processes. Skill sets. Is that writer? Yes, Double click on that E >> everybody away. There's always some I mean almost every vendor. You know, there's always something that you're not perfectly okay with. On the part of the security is something you don't totally like about it. And the more vendors you add, you have. Okay. This person, they're not too good on their physical security at their data center or they're not too good on their policies. They're not too good on their disaster recovery. Like there's you always give a little bit somewhere. I hate to say it, but it's true. It's like nobody's super >> perfect like it's It's so it's a multiplication effects on the trade offs that you have to make. Yeah, it's necessarily bad, but it's just not the way you want to do it. All right? Okay. >> All the time. So you got to get in an S L A u have meetings. You gotta do something vetting. It's learning curves like on the airport taking your shoes off. Yeah. Yeah. And then there's the >> other part. Beyond the security is also downtime. Like if they suffer downtime. How much is that going to impact our company? >> Karthik, you talked about this This new access mall, this three layer who authentication that is the device trusted in the context. I don't understand how you balance the ratio between sort of false positives versus blocking. I think for authentication and devices pretty clear I can authenticate. You are. I don't trust this device. You're not getting in, but the context is interesting. Is that like a tap on the shoulder with with looking at mail? Hey, be careful. Or how are you balancing that? The context realm? >> Yeah, I think it's all about customer choice. Again, customers have, but they look at their application footprint there, making clear decisions on Hey, this is a parole application is a super sensitive as an example, maybe about based meeting application. Brotherly, not a sensitive. So when they're making decisions about hey, you have a manage device. I will need a manage device in order for you to access the payroll application. But if you have you bring your own device. I'm off perfectly fine if you launch a meeting from that. So those are the levels that people are making decisions on today, and it's super easy to segment and classify your application. >> Talk about the the people that are out there watching might say, You know what? I've been really struggling with identity. I've had, you know, l'd app servers at all this stuff out there, you name it. They've all kinds of access medals over the years, the perimeters now gone. So I got a deal to coffee shop, kind of working experience and multiple devices. All these things are reality. I gotta put a plan together. So the folks that are trying to figure this out, what's that? You guys have both weigh in on on approach to take or certain framework. What's what's? How does someone get the first few steps off to go out towards good cloud identity? >> Sure, I only go first, so I think many ways. That's what we try to simplify it. One solution that we call cloud identity because what people want is I want that model. Seems like a huge mountain in front of me, like how do I figure these things out? I'm getting a lot of these terminologies, so I think the key is to just get started on. We've given them lots of ways. You can take the whole of cloud identity solution back to Kim's point. It can be one license from us, that's it and you're done. It's one unified. You I thinks like that. You can also, if you just want to run state three applications on DCP we have something called identity ofher Proxy. It's very fast. Just load yaps random on disability and experience this beyond >> work Classic enterprise Khun >> Yeah, you run all the applications and dcpd and you can And now they're announcing some things that help you connect back with John Thomas application. That's a great way to get started. >> Karthik painted this picture of Okay, it's no perimeter. You can't just dig a moat. The queen wants to leave the castle. All the security, you know, metaphors that we use. I'm interested in how you're approaching response to these days because you have to make trade us because there are discernible differences with different vendors. Make the assumption that people are going to get in so response becomes increasingly important. What have you changed to respond more quickly? What is Google doing to help? >> Well, yeah, So in a model where we are using, a lot of different vendors were having to like they're not necessarily giving us response and detection. Google. Every service we'd wrap into them automatically gets effectively gets wrapped into our security dashboard. There's a couple of different passwords we can use and weaken. Do reporting. We do it. A tremendous amount of compliance content, compliance controls on our DLP, out of e mail out of Dr and there's detection. There's like it's like we don't have to buy an extra tool for detection for every different type of service we have, it's just built into the Google platform, which is it's It's phenomenal from >> detection baked in, It's just >> baked in. We're not to pay extra for it. In fact, I mean way by the enterprise license because it's completely worth it for us. Um, you know, assumes that came out, the enterprise part of it and all the extra tools. We were just immediately on that because the vault is a big thing for us as well. It's like not only response, but how you dig through your assets toe. Look for evidence of things like, if you have some sort of legal case, you need vault, Tio, you know, make the proper ah, data store for that stuff >> is prioritization to Is it not like, figure it out? Okay, which, which threats to actually go after and step out? And I guess other automation. I mean, I don't know if you're automating your run book and things of that nature. But automation is our friends. Ah, big friend of starting >> on the product measures I What's the roadmap looks like and you share any insight into what your priorities are to go the next level. Aussie Enterprise Focus. For Google Cloud is clear Customs on stage. You guys have got a lot of integration points from Chromebooks G Sweep all the way down through Big Query with Auto ML All the stuff's happening. What's on your plate for road map? What things are you innovating around? >> I mean, it's beyond car vision that we're continuing to roll out. We've just ruled out this bit of a sweet access, for example, but all these conditions come in. Do you want to take that to G et? You're gonna look. We're looking at extending that context framework with all the third party applications that we have even answers Thing called beyond our devices FBI and beyond Corp Alliance, because we know it's not just Google security posture. Customers are made investments and other security companies and you want to make sure all of that interoperate really nicely. So you see a lot more of that coming out >> immigration with other security platform. Certainly, enterprises require that I buy everything on the planet these days to protect themselves >> Like there's another company. Let's say that you're using for securing your devices. That sends a signal thing. I trust this device. It security, passing my checks. You want to make sure that that comes through and >> now we're gonna go. But what's your boss's title? Kim Theo, you report to the CEO. Yeah, Awesome guys. >> Creation. Thank you >> way. We've seen a lot of shifts in where security is usually now pretty much right. Strategic is core for the operations with their own practices. So, guys, thanks for coming on. Thanks for the thing you think of the show so far. What's the What's The takeaway came I'll go to you first. What's your What's the vibe of the >> show? It's a little tough for me because I have one of my senior security engineers here, and he's been going to a lot of the events and he comes to me and just >> look at all >> this stuff that they have like, way were just going over before this. I was like, Oh my God, we want to go back to our r R R office and take it all in right today. You know, if we could So yeah, it's a little tough because >> in the candy store way >> love it because again, it's like it's already paying for it. It's like they're just adding on services that we wanted, that we're gonna pay for it now. It's >> and carted quickly. Just get the last word I know was commenting on our opening this morning around how Google's got all five been falling Google since really the beginning of the company and I know for a fact is a tana big day that secures all spread for the company matter. Just kind of getting it. Yeah, share some inside quickly about what's inside Google. From a security asset standpoint, I p software. >> Absolutely. I mean, security's built from the ground up. We've been seeing that and going back to the candy store analogy. It feels like you've always had this amazing candy, but now there's like a stampede to get it, and it's just built in from the ground up. I love the solution. Focus that you found the keynotes and all the sessions that's happening. >> That's handsome connective tissue like Antos. Maybe the kind of people together. >> Yeah. I don't like >> guys. Thanks for coming on. We appreciate Kartik, Kim. Thanks for coming on. It's accused. Live coverage here on the ground floor were on the floor here. Day two of Google Cloud next here in San Francisco on Jeffrey David Lantz Stevens for more coverage after this short break.