>>As we've been reporting, the pandemic has called CSOs to really shift their spending priorities towards securing remote workers. Almost overnight. Zero trust has gone from buzzword to mandate. What's more as we wrote in our recent cybersecurity breaking analysis, not only Maseca pro secured increasingly distributed workforce, but now they have to be wary of software updates in the digital supply chain, including the very patches designed to protect them against cyber attacks. Hello everyone. And welcome to this Q conversation. My name is Dave Vellante and I'm pleased to welcome Derek manky. Who's chief security insights, and global threat alliances for four guard labs with fresh data from its global threat landscape report. Derek. Welcome. Great to see you. >>Thanks so much for, for the invitation to speak. It's always a pleasure. Multicover yeah, >>You're welcome. So first I wonder if you could explain for the audience, what is for guard labs and what's its relationship to fortunate? >>Right. So 40 grand labs is, is our global sockets, our global threat intelligence operation center. It never sleeps, and this is the beat. Um, you know, it's, it's been here since inception at port in it. So it's it's 20, 21 years in the making, since Fortinet was founded, uh, we have built this in-house, uh, so we don't go yum technology. We built everything from the ground up, including creating our own training programs for our, our analysts. We're following malware, following exploits. We even have a unique program that I created back in 2006 to ethical hacking program. And it's a zero-day research. So we try to meet the hackers, the bad guys to their game. And we of course do that responsibly to work with vendors, to close schools and create virtual patches. Um, and, but, you know, so it's, it's everything from, uh, customer protection first and foremost, to following, uh, the threat landscape and cyber. It's very important to understand who they are, what they're doing, who they're, uh, what they're targeting, what tools are they using? >>Yeah, that's great. Some serious DNA and skills in that group. And it's, it's critical because like you said, you can, you can minimize the spread of those malware very, very quickly. So what, what now you have, uh, the global threat landscape report. We're going to talk about that, but what exactly is that? >>Right? So this a global threat landscape report, it's a summary of, uh, all, all the data that we collect over a period of time. So we released this, that biannually two times a year. Um, cyber crime is changing very fast, as you can imagine. So, uh, while we do release security blogs, and, uh, what we call threat signals for breaking security events, we have a lot of other vehicles to release threat intelligence, but this threat landscape report is truly global. It looks at all of our global data. So we have over 5 million censorship worldwide in 40 guard labs, we're processing. I know it seems like a very large amount, but North of a hundred billion, uh, threat events in just one day. And we have to take the task of taking all of that data and put that onto scale for half a year and compile that into something, um, that is, uh, the, you know, that that's digestible. That's a, a very tough task, as you can imagine, so that, you know, we have to work with a huge technologies back to machine learning and artificial intelligence automation. And of course our analyst view to do that. >>Yeah. So this year, of course, there's like the every year is a battle, but this year was an extra battle. Can you explain what you saw in terms of the hacker dynamics over the past? Let's say 12 months. I know you do this twice a year, but what trends did you see evolving throughout the year and what have you seen with the way that attackers have exploited this expanded attack surface outside of corporate network? >>Yeah, it was quite interesting last year. It certainly was not normal. Like we all say, um, and that was no exception for cybersecurity. You know, if we look at cyber criminals and how they pivoted and adapted to the scrap threat landscape, cyber cyber criminals are always trying to take advantage of the weakest link of the chain. They're trying to always prey off here and ride waves of global trends and themes. We've seen this before in, uh, natural disasters as an example, you know, um, trying to do charity kind of scams and campaigns. And they're usually limited to a region where that incident happened and they usually live about two to three weeks, maybe a month at the most. And then they'll move on to the next to the next trip. That's braking, of course, because COVID is so global and dominant. Um, we saw attacks coming in from, uh, well over 40 different languages as an example, um, in regions all across the world that wasn't lasting two to three weeks and it lasted for the better part of a year. >>And of course, what they're, they're using this as a vehicle, right? Not preying on the fear. They're doing everything from initial lockdown, uh, fishing. We were as COVID-19 movers to, um, uh, lay off notices then to phase one, reopenings all the way up to fast forward to where we are today with vaccine rollover development. So there's always that new flavor and theme that they were rolling out, but because it was so successful for them, they were able to, they didn't have to innovate too much, right. They didn't have to expand and shifted to new to new trends. And themes are really developed on new rats families as an example, or a new sophisticated malware. That was the first half of the year and the second half of the year. Um, of course people started to experience COVID fatigue, right? Um, people started to become, we did a lot of education around this. >>People started to become more aware of this threat. And so, um, cyber criminals have started to, um, as we expected, started to become more sophisticated with their attacks. We saw an expansion in different ransomware families. We saw more of a shift of focus on, on, um, uh, you know, targeting the digital supply chain as an example. And so that, that was, that was really towards Q4. Uh, so it, it was a long lived lead year with success on the Google themes, um, targeting healthcare as an example, a lot of, um, a lot of the organizations that were, you know, really in a vulnerable position, I would say >>So, okay. I want to clarify something because my assumption was that they actually did really increase the sophistication, but it sounds like that was kind of a first half trends. Not only did they have to adapt and not have to, but they adapt it to these new vulnerabilities. Uh, my sense was that when you talk about the digital supply chain, that that was a fairly sophisticated attack. Am I, am I getting that right? That they did their sort of their, their, their increased sophistication in the first half, and then they sort of deployed it, did it, uh, w what actually happened there from your data? >>Well, if we look at, so generally there's two types of attacks that we look at, we look at the, uh, the premeditated sophisticated attacks that can have, um, you know, a lot of ramp up work on their end, a lot of time developing the, the, the, the weaponization phase. So developing, uh, the exploits of the sophisticated malware that they're gonna use for the campaign reconnaissance, understanding the targets, where platforms are developed, um, the blueprinting that DNA of, of, of the supply chain, those take time. Um, in fact years, even if we look back to, um, uh, 10 plus years ago with the Stuxnet attacks, as an example that was on, uh, nuclear centrifuges, um, and that, that had four different zero-day weapons at the time. That was very sophisticated, that took over two years to develop as an example. So some of these can take years of time to develop, but they're, they're, uh, very specific in terms of the targets are going to go after obviously the ROI from their end. >>Uh, the other type of attack that we see is as ongoing, um, these broad, wide sweeping attacks, and the reality for those ones is they don't unfortunately need to be too sophisticated. And those ones were the ones I was talking about that were really just playing on the cool, the deem, and they still do today with the vaccine road and development. Uh, but, but it's really because they're just playing on, on, um, you know, social engineering, um, using, uh, topical themes. And in fact, the weapons they're using these vulnerabilities are from our research data. And this was highlighted actually the first pop landscape before last year, uh, on average were two to three years old. So we're not talking about fresh vulnerabilities. You've got to patch right away. I mean, these are things that should have been patched two years ago, but they're still unfortunately having success with that. >>So you mentioned stuck next Stuxnet as the former sort of example, of one of the types of attacks that you see. And I always felt like that was a watershed moment. One of the most sophisticated, if not the most sophisticated attack that we'd ever seen. When I talk to CSOs about the recent government hack, they, they, they suggest I infer maybe they don't suggest it. I infer that it was of similar sophistication. It was maybe thousands of people working on this for years and years and years. Is that, is that accurate or not necessarily? >>Yeah, there's definitely a, there's definitely some comparisons there. Uh, you know, one of the largest things is, uh, both attacks used digital circuits certificate personation, so they're digitally signed. So, you know, of course that whole technology using cryptography is designed by design, uh, to say that, you know, this piece of software installed in your system, hassles certificate is coming from the source. It's legitimate. Of course, if that's compromised, that's all out of the window. And, um, yeah, this is what we saw in both attacks. In fact, you know, stocks in that they also had digitally designed, uh, certificates that were compromised. So when it gets to that level of students or, uh, sophistication, that means definitely that there's a target that there has been usually months of, of, uh, homework done by cyber criminals, for reconnaissance to be able to weaponize that. >>W w what did you see with respect to ransomware? What were the trends there over the past 12 months? I've heard some data and it's pretty scary, but what did you see? >>Yeah, so we're actually, ransomware is always the thorn in our side, and it's going to continue to be so, um, you know, in fact, uh, ransomware is not a new itself. It was actually first created in 1989, and they demanded ransom payments through snail mail. This was to appeal a box, obviously that, that, that didn't take off. Wasn't a successful on the internet was porn at the time. But if you look at it now, of course, over the last 10 years, really, that's where it ran. The ransomware model has been, uh, you know, lucrative, right? I mean, it's been, um, using, uh, by force encrypting data on systems, so that users had to, if they were forced to pay the ransom because they wanted access to their data back data was the target currency for ransomware. That's shifted now. And that's actually been a big pivotal over the last year or so, because again, before it was this let's cast a wide net, in fact, as many people as we can random, um, and try to see if we can hold some of their data for ransom. >>Some people that data may be valuable, it may not be valuable. Um, and that model still exists. Uh, and we see that, but really the big shift that we saw last year and the threat landscape before it was a shift to targeted rats. So again, the sophistication is starting to rise because they're not just going out to random data. They're going out to data that they know is valuable to large organizations, and they're taking that a step further now. So there's various ransomware families. We saw that have now reverted to extortion and blackmail, right? So they're taking that data, encrypting it and saying, unless you pay us as large sum of money, we're going to release this to the public or sell it to a buyer on the dark web. And of course you can imagine the amount of, um, you know, damages that can happen from that. The other thing we're seeing is, is a target of going to revenue services, right? So if they can cripple networks, it's essentially a denial of service. They know that the company is going to be bleeding, you know, X, millions of dollars a day, so they can demand Y million dollars of ransom payments, and that's effectively what's happening. So it's, again, becoming more targeted, uh, and more sophisticated. And unfortunately the ransom is going up. >>So they go to where the money is. And of course your job is to, it's a lower the ROI for them, a constant challenge. Um, we talked about some of the attack vectors, uh, that you saw this year that, that cyber criminals are targeting. I wonder if, if, you know, given the work from home, if things like IOT devices and cameras and, you know, thermostats, uh, with 75% of the work force at home, is this infrastructure more vulnerable? I guess, of course it is. But what did you see there in terms of attacks on those devices? >>Yeah, so, uh, um, uh, you know, unfortunately the attack surface as we call it, uh, so the amount of target points is expanding. It's not shifting, it's expanding. We still see, um, I saw, I mentioned earlier vulnerabilities from two years ago that are being used in some cases, you know, over the holidays where e-commerce means we saw e-commerce heavily under attack in e-commerce has spikes since last summer, right. It's been a huge amount of traffic increase everybody's shopping from home. And, uh, those vulnerabilities going after a shopping cart, plugins, as an example, are five to six years old. So we still have this theme of old vulnerabilities are still new in a sense being attacked, but we're also now seeing this complication of, yeah, as you said, IOT, uh, B roll out everywhere, the really quick shift to work from home. Uh, we really have to treat this as if you guys, as the, uh, distributed branch model for enterprise, right. >>And it's really now the secure branch. How do we take, um, um, you know, any of these devices on, on those networks and secure them, uh, because yeah, if you look at the, what we highlighted in our landscape report and the top 10 attacks that we're seeing, so hacking attacks hacking in tabs, this is who our IPS triggers. You know, we're seeing attempts to go after IOT devices. Uh, right now they're mostly, uh, favoring, uh, well in terms of targets, um, consumer grade routers. Uh, but they're also looking at, um, uh, DVR devices as an example for, uh, you know, home entertainment systems, uh, network attached storage as well, and IP security cameras, um, some of the newer devices, uh, what, the quote unquote smart devices that are now on, you know, virtual assistance and home networks. Uh, we actually released a predictions piece at the end of last year as well. So this is what we call the new intelligent edge. And that's what I think is we're really going to see this year in terms of what's ahead. Um, cause we always have to look ahead and prepare for that. But yeah, right now, unfortunately, the story is, all of this is still happening. IOT is being targeted. Of course they're being targeted because they're easy targets. Um, it's like for cybercriminals, it's like shooting fish in a barrel. There's not just one, but there's multiple vulnerabilities, security holes associated with these devices, easy entry points into networks. >>I mean, it's, um, I mean, attackers they're, they're highly capable. They're organized, they're well-funded they move fast, they're they're agile, uh, and they follow the money. As we were saying, uh, you, you mentioned, you know, co vaccines and, you know, big pharma healthcare, uh, where >>Did you see advanced, persistent >>Threat groups really targeting? Were there any patterns that emerged in terms of other industry types or organizations being targeted? >>Yeah. So just to be clear again, when we talk about AP teams, um, uh, advanced, specific correct group, the groups themselves they're targeting, these are usually the more sophisticated groups, of course. So going back to that theme, these are usually the target, the, um, the premeditated targeted attacks usually points to nation state. Um, sometimes of course there's overlap. They can be affiliated with cyber crime, cyber crime, uh, uh, groups are typically, um, looking at some other targets for ROI, uh, bio there's there's a blend, right? So as an example, if we're looking at the, uh, apt groups I had last year, absolutely. Number one I would say would be healthcare. Healthcare was one of those, and it's, it's, it's, uh, you know, very unfortunate, but obviously with the shift that was happening at a pop up medical facilities, there's a big, a rush to change networks, uh, for a good cause of course, but with that game, um, you know, uh, security holes and concerns the targets and, and that's what we saw IPT groups targeting was going after those and, and ransomware and the cyber crime shrine followed as well. Right? Because if you can follow, uh, those critical networks and crippled them on from cybercriminals point of view, you can, you can expect them to pay the ransom because they think that they need to buy in order to, um, get those systems back online. Uh, in fact, last year or two, unfortunately we saw the first, um, uh, death that was caused because of a denial of service attack in healthcare, right. Facilities were weren't available because of the cyber attack. Patients had to be diverted and didn't make it on the way. >>All right. Jericho, sufficiently bummed out. So maybe in the time remaining, we can talk about remediation strategies. You know, we know there's no silver bullet in security. Uh, but what approaches are you recommending for organizations? How are you consulting with folks? >>Sure. Yeah. So a couple of things, um, good news is there's a lot that we can do about this, right? And, um, and, and basic measures go a long way. So a couple of things just to get out of the way I call it housekeeping, cyber hygiene, but it's always worth reminding. So when we talk about keeping security patches up to date, we always have to talk about that because that is reality as et cetera, these, these vulnerabilities that are still being successful are five to six years old in some cases, the majority two years old. Um, so being able to do that, manage that from an organization's point of view, really treat the new work from home. I don't like to call it a work from home. So the reality is it's work from anywhere a lot of the times for some people. So really treat that as, as the, um, as a secure branch, uh, methodology, doing things like segmentations on network, secure wifi access, multi-factor authentication is a huge muscle, right? >>So using multi-factor authentication because passwords are dead, um, using things like, uh, XDR. So Xers is a combination of detection and response for end points. This is a mass centralized management thing, right? So, uh, endpoint detection and response, as an example, those are all, uh, you know, good security things. So of course having security inspection, that that's what we do. So good threat intelligence baked into your security solution. That's supported by labs angles. So, uh, that's, uh, you know, uh, antivirus, intrusion prevention, web filtering, sandbox, and so forth, but then it gets that that's the security stack beyond that it gets into the end user, right? Everybody has a responsibility. This is that supply chain. We talked about. The supply chain is, is, is a target for attackers attackers have their own supply chain as well. And we're also part of that supply chain, right? The end users where we're constantly fished for social engineering. So using phishing campaigns against employees to better do training and awareness is always recommended to, um, so that's what we can do, obviously that's, what's recommended to secure, uh, via the endpoints in the secure branch there's things we're also doing in the industry, um, to fight back against that with prime as well. >>Well, I, I want to actually talk about that and talk about ecosystems and collaboration, because while you have competitors, you all want the same thing. You, SecOps teams are like superheroes in my book. I mean, they're trying to save the world from the bad guys. And I remember I was talking to Robert Gates on the cube a couple of years ago, a former defense secretary. And I said, yeah, but don't, we have like the best security people and can't we go on the offensive and weaponize that ourselves. Of course, there's examples of that. Us. Government's pretty good at it, even though they won't admit it. But his answer to me was, yeah, we gotta be careful because we have a lot more to lose than many countries. So I thought that was pretty interesting, but how do you collaborate with whether it's the U S government or other governments or other other competitors even, or your ecosystem? Maybe you could talk about that a little bit. >>Yeah. Th th this is what, this is what makes me tick. I love working with industry. I've actually built programs for 15 years of collaboration in the industry. Um, so, you know, we, we need, I always say we can't win this war alone. You actually hit on this point earlier, you talked about following and trying to disrupt the ROI of cybercriminals. Absolutely. That is our target, right. We're always looking at how we can disrupt their business model. Uh, and, and in order, there's obviously a lot of different ways to do that, right? So a couple of things we do is resiliency. That's what we just talked about increasing the security stack so that they go knocking on someone else's door. But beyond that, uh, it comes down to private, private sector collaborations. So, uh, we, we, uh, co-founder of the cyber threat Alliance in 2014 as an example, this was our fierce competitors coming in to work with us to share intelligence, because like you said, um, competitors in the space, but we need to work together to do the better fight. >>And so this is a Venn diagram. What's compared notes, let's team up, uh, when there's a breaking attack and make sure that we have the intelligence so that we can still remain competitive on the technology stack to gradation the solutions themselves. Uh, but let's, let's level the playing field here because cybercriminals moved out, uh, you know, um, uh, that, that there's no borders and they move with great agility. So, uh, that's one thing we do in the private private sector. Uh, there's also, uh, public private sector relationships, right? So we're working with Interpol as an example, Interfor project gateway, and that's when we find attribution. So it's not just the, what are these people doing like infrastructure, but who, who are they, where are they operating? What, what events tools are they creating? We've actually worked on cases that are led down to, um, uh, warrants and arrests, you know, and in some cases, one case with a $60 million business email compromise fraud scam, the great news is if you look at the industry as a whole, uh, over the last three to four months has been for take downs, a motet net Walker, uh, um, there's also IE Gregor, uh, recently as well too. >>And, and Ian Gregor they're actually going in and arresting the affiliates. So not just the CEO or the King, kind of these organizations, but the people who are distributing the ransomware themselves. And that was a unprecedented step, really important. So you really start to paint a picture of this, again, supply chain, this ecosystem of cyber criminals and how we can hit them, where it hurts on all angles. I've most recently, um, I've been heavily involved with the world economic forum. Uh, so I'm, co-author of a report from last year of the partnership on cyber crime. And, uh, this is really not just the pro uh, private, private sector, but the private and public sector working together. We know a lot about cybercriminals. We can't arrest them. Uh, we can't take servers offline from the data centers, but working together, we can have that whole, you know, that holistic effect. >>Great. Thank you for that, Derek. What if people want, want to go deeper? Uh, I know you guys mentioned that you do blogs, but are there other resources that, that they can tap? Yeah, absolutely. So, >>Uh, everything you can see is on our threat research blog on, uh, so 40 net blog, it's under expired research. We also put out, uh, playbooks, w we're doing blah, this is more for the, um, the heroes as he called them the security operation centers. Uh, we're doing playbooks on the aggressors. And so this is a playbook on the offense, on the offense. What are they up to? How are they doing that? That's on 40 guard.com. Uh, we also release, uh, threat signals there. So, um, we typically release, uh, about 50 of those a year, and those are all, um, our, our insights and views into specific attacks that are now >>Well, Derek Mackie, thanks so much for joining us today. And thanks for the work that you and your teams do. Very important. >>Thanks. It's yeah, it's a pleasure. And, uh, rest assured we will still be there 24 seven, three 65. >>Good to know. Good to know. And thank you for watching everybody. This is Dave Volante for the cube. We'll see you next time.

>>As we've been reporting, the pandemic has called CSOs to really shift their spending priorities towards securing remote workers. Almost overnight. Zero trust has gone from buzzword to mandate. What's more as we wrote in our recent cybersecurity breaking analysis, not only Maseca pro secured increasingly distributed workforce, but now they have to be wary of software updates in the digital supply chain, including the very patches designed to protect them against cyber attacks. Hello everyone. And welcome to this Q conversation. My name is Dave Vellante and I'm pleased to welcome Derek manky. Who's chief security insights, and global threat alliances for four guard labs with fresh data from its global threat landscape report. Derek. Welcome. Great to see you. >>Thanks so much for, for the invitation to speak. It's always a pleasure. Multicover yeah, >>You're welcome. So first I wonder if you could explain for the audience, what is for guard labs and what's its relationship to fortunate? >>Right. So 40 grand labs is, is our global sockets, our global threat intelligence operation center. It never sleeps, and this is the beat. Um, you know, it's, it's been here since inception at port in it. So it's it's 20, 21 years in the making, since Fortinet was founded, uh, we have built this in-house, uh, so we don't go yum technology. We built everything from the ground up, including creating our own training programs for our, our analysts. We're following malware, following exploits. We even have a unique program that I created back in 2006 to ethical hacking program. And it's a zero-day research. So we try to meet the hackers, the bad guys to their game. And we of course do that responsibly to work with vendors, to close schools and create virtual patches. Um, and, but, you know, so it's, it's everything from, uh, customer protection first and foremost, to following, uh, the threat landscape and cyber. It's very important to understand who they are, what they're doing, who they're, uh, what they're targeting, what tools are they using? >>Yeah, that's great. Some serious DNA and skills in that group. And it's, it's critical because like you said, you can, you can minimize the spread of those malware very, very quickly. So what, what now you have, uh, the global threat landscape report. We're going to talk about that, but what exactly is that? >>Right? So this a global threat landscape report, it's a summary of, uh, all, all the data that we collect over a period of time. So we released this, that biannually two times a year. Um, cyber crime is changing very fast, as you can imagine. So, uh, while we do release security blogs, and, uh, what we call threat signals for breaking security events, we have a lot of other vehicles to release threat intelligence, but this threat landscape report is truly global. It looks at all of our global data. So we have over 5 million censorship worldwide in 40 guard labs, we're processing. I know it seems like a very large amount, but North of a hundred billion, uh, threat events in just one day. And we have to take the task of taking all of that data and put that onto scale for half a year and compile that into something, um, that is, uh, the, you know, that that's digestible. That's a, a very tough task, as you can imagine, so that, you know, we have to work with a huge technologies back to machine learning and artificial intelligence automation. And of course our analyst view to do that. >>Yeah. So this year, of course, there's like the every year is a battle, but this year was an extra battle. Can you explain what you saw in terms of the hacker dynamics over the past? Let's say 12 months. I know you do this twice a year, but what trends did you see evolving throughout the year and what have you seen with the way that attackers have exploited this expanded attack surface outside of corporate network? >>Yeah, it was quite interesting last year. It certainly was not normal. Like we all say, um, and that was no exception for cybersecurity. You know, if we look at cyber criminals and how they pivoted and adapted to the scrap threat landscape, cyber cyber criminals are always trying to take advantage of the weakest link of the chain. They're trying to always prey off here and ride waves of global trends and themes. We've seen this before in, uh, natural disasters as an example, you know, um, trying to do charity kind of scams and campaigns. And they're usually limited to a region where that incident happened and they usually live about two to three weeks, maybe a month at the most. And then they'll move on to the next to the next trip. That's braking, of course, because COVID is so global and dominant. Um, we saw attacks coming in from, uh, well over 40 different languages as an example, um, in regions all across the world that wasn't lasting two to three weeks and it lasted for the better part of a year. >>And of course, what they're, they're using this as a vehicle, right? Not preying on the fear. They're doing everything from initial lockdown, uh, fishing. We were as COVID-19 movers to, um, uh, lay off notices then to phase one, reopenings all the way up to fast forward to where we are today with vaccine rollover development. So there's always that new flavor and theme that they were rolling out, but because it was so successful for them, they were able to, they didn't have to innovate too much, right. They didn't have to expand and shifted to new to new trends. And themes are really developed on new rats families as an example, or a new sophisticated malware. That was the first half of the year and the second half of the year. Um, of course people started to experience COVID fatigue, right? Um, people started to become, we did a lot of education around this. >>People started to become more aware of this threat. And so, um, cyber criminals have started to, um, as we expected, started to become more sophisticated with their attacks. We saw an expansion in different ransomware families. We saw more of a shift of focus on, on, um, uh, you know, targeting the digital supply chain as an example. And so that, that was, that was really towards Q4. Uh, so it, it was a long lived lead year with success on the Google themes, um, targeting healthcare as an example, a lot of, um, a lot of the organizations that were, you know, really in a vulnerable position, I would say >>So, okay. I want to clarify something because my assumption was that they actually did really increase the sophistication, but it sounds like that was kind of a first half trends. Not only did they have to adapt and not have to, but they adapt it to these new vulnerabilities. Uh, my sense was that when you talk about the digital supply chain, that that was a fairly sophisticated attack. Am I, am I getting that right? That they did their sort of their, their, their increased sophistication in the first half, and then they sort of deployed it, did it, uh, w what actually happened there from your data? >>Well, if we look at, so generally there's two types of attacks that we look at, we look at the, uh, the premeditated sophisticated attacks that can have, um, you know, a lot of ramp up work on their end, a lot of time developing the, the, the, the weaponization phase. So developing, uh, the exploits of the sophisticated malware that they're gonna use for the campaign reconnaissance, understanding the targets, where platforms are developed, um, the blueprinting that DNA of, of, of the supply chain, those take time. Um, in fact years, even if we look back to, um, uh, 10 plus years ago with the Stuxnet attacks, as an example that was on, uh, nuclear centrifuges, um, and that, that had four different zero-day weapons at the time. That was very sophisticated, that took over two years to develop as an example. So some of these can take years of time to develop, but they're, they're, uh, very specific in terms of the targets are going to go after obviously the ROI from their end. >>Uh, the other type of attack that we see is as ongoing, um, these broad, wide sweeping attacks, and the reality for those ones is they don't unfortunately need to be too sophisticated. And those ones were the ones I was talking about that were really just playing on the cool, the deem, and they still do today with the vaccine road and development. Uh, but, but it's really because they're just playing on, on, um, you know, social engineering, um, using, uh, topical themes. And in fact, the weapons they're using these vulnerabilities are from our research data. And this was highlighted actually the first pop landscape before last year, uh, on average were two to three years old. So we're not talking about fresh vulnerabilities. You've got to patch right away. I mean, these are things that should have been patched two years ago, but they're still unfortunately having success with that. >>So you mentioned stuck next Stuxnet as the former sort of example, of one of the types of attacks that you see. And I always felt like that was a watershed moment. One of the most sophisticated, if not the most sophisticated attack that we'd ever seen. When I talk to CSOs about the recent government hack, they, they, they suggest I infer maybe they don't suggest it. I infer that it was of similar sophistication. It was maybe thousands of people working on this for years and years and years. Is that, is that accurate or not necessarily? >>Yeah, there's definitely a, there's definitely some comparisons there. Uh, you know, one of the largest things is, uh, both attacks used digital circuits certificate personation, so they're digitally signed. So, you know, of course that whole technology using cryptography is designed by design, uh, to say that, you know, this piece of software installed in your system, hassles certificate is coming from the source. It's legitimate. Of course, if that's compromised, that's all out of the window. And, um, yeah, this is what we saw in both attacks. In fact, you know, stocks in that they also had digitally designed, uh, certificates that were compromised. So when it gets to that level of students or, uh, sophistication, that means definitely that there's a target that there has been usually months of, of, uh, homework done by cyber criminals, for reconnaissance to be able to weaponize that. >>W w what did you see with respect to ransomware? What were the trends there over the past 12 months? I've heard some data and it's pretty scary, but what did you see? >>Yeah, so we're actually, ransomware is always the thorn in our side, and it's going to continue to be so, um, you know, in fact, uh, ransomware is not a new itself. It was actually first created in 1989, and they demanded ransom payments through snail mail. This was to appeal a box, obviously that, that, that didn't take off. Wasn't a successful on the internet was porn at the time. But if you look at it now, of course, over the last 10 years, really, that's where it ran. The ransomware model has been, uh, you know, lucrative, right? I mean, it's been, um, using, uh, by force encrypting data on systems, so that users had to, if they were forced to pay the ransom because they wanted access to their data back data was the target currency for ransomware. That's shifted now. And that's actually been a big pivotal over the last year or so, because again, before it was this let's cast a wide net, in fact, as many people as we can random, um, and try to see if we can hold some of their data for ransom. >>Some people that data may be valuable, it may not be valuable. Um, and that model still exists. Uh, and we see that, but really the big shift that we saw last year and the threat landscape before it was a shift to targeted rats. So again, the sophistication is starting to rise because they're not just going out to random data. They're going out to data that they know is valuable to large organizations, and they're taking that a step further now. So there's various ransomware families. We saw that have now reverted to extortion and blackmail, right? So they're taking that data, encrypting it and saying, unless you pay us as large sum of money, we're going to release this to the public or sell it to a buyer on the dark web. And of course you can imagine the amount of, um, you know, damages that can happen from that. The other thing we're seeing is, is a target of going to revenue services, right? So if they can cripple networks, it's essentially a denial of service. They know that the company is going to be bleeding, you know, X, millions of dollars a day, so they can demand Y million dollars of ransom payments, and that's effectively what's happening. So it's, again, becoming more targeted, uh, and more sophisticated. And unfortunately the ransom is going up. >>So they go to where the money is. And of course your job is to, it's a lower the ROI for them, a constant challenge. Um, we talked about some of the attack vectors, uh, that you saw this year that, that cyber criminals are targeting. I wonder if, if, you know, given the work from home, if things like IOT devices and cameras and, you know, thermostats, uh, with 75% of the work force at home, is this infrastructure more vulnerable? I guess, of course it is. But what did you see there in terms of attacks on those devices? >>Yeah, so, uh, um, uh, you know, unfortunately the attack surface as we call it, uh, so the amount of target points is expanding. It's not shifting, it's expanding. We still see, um, I saw, I mentioned earlier vulnerabilities from two years ago that are being used in some cases, you know, over the holidays where e-commerce means we saw e-commerce heavily under attack in e-commerce has spikes since last summer, right. It's been a huge amount of traffic increase everybody's shopping from home. And, uh, those vulnerabilities going after a shopping cart, plugins, as an example, are five to six years old. So we still have this theme of old vulnerabilities are still new in a sense being attacked, but we're also now seeing this complication of, yeah, as you said, IOT, uh, B roll out everywhere, the really quick shift to work from home. Uh, we really have to treat this as if you guys, as the, uh, distributed branch model for enterprise, right. >>And it's really now the secure branch. How do we take, um, um, you know, any of these devices on, on those networks and secure them, uh, because yeah, if you look at the, what we highlighted in our landscape report and the top 10 attacks that we're seeing, so hacking attacks hacking in tabs, this is who our IPS triggers. You know, we're seeing attempts to go after IOT devices. Uh, right now they're mostly, uh, favoring, uh, well in terms of targets, um, consumer grade routers. Uh, but they're also looking at, um, uh, DVR devices as an example for, uh, you know, home entertainment systems, uh, network attached storage as well, and IP security cameras, um, some of the newer devices, uh, what, the quote unquote smart devices that are now on, you know, virtual assistance and home networks. Uh, we actually released a predictions piece at the end of last year as well. So this is what we call the new intelligent edge. And that's what I think is we're really going to see this year in terms of what's ahead. Um, cause we always have to look ahead and prepare for that. But yeah, right now, unfortunately, the story is, all of this is still happening. IOT is being targeted. Of course they're being targeted because they're easy targets. Um, it's like for cybercriminals, it's like shooting fish in a barrel. There's not just one, but there's multiple vulnerabilities, security holes associated with these devices, easy entry points into networks. >>I mean, it's, um, I mean, attackers they're, they're highly capable. They're organized, they're well-funded they move fast, they're they're agile, uh, and they follow the money. As we were saying, uh, you, you mentioned, you know, co vaccines and, you know, big pharma healthcare, uh, where >>Did you see advanced, persistent >>Threat groups really targeting? Were there any patterns that emerged in terms of other industry types or organizations being targeted? >>Yeah. So just to be clear again, when we talk about AP teams, um, uh, advanced, specific correct group, the groups themselves they're targeting, these are usually the more sophisticated groups, of course. So going back to that theme, these are usually the target, the, um, the premeditated targeted attacks usually points to nation state. Um, sometimes of course there's overlap. They can be affiliated with cyber crime, cyber crime, uh, uh, groups are typically, um, looking at some other targets for ROI, uh, bio there's there's a blend, right? So as an example, if we're looking at the, uh, apt groups I had last year, absolutely. Number one I would say would be healthcare. Healthcare was one of those, and it's, it's, it's, uh, you know, very unfortunate, but obviously with the shift that was happening at a pop up medical facilities, there's a big, a rush to change networks, uh, for a good cause of course, but with that game, um, you know, uh, security holes and concerns the targets and, and that's what we saw IPT groups targeting was going after those and, and ransomware and the cyber crime shrine followed as well. Right? Because if you can follow, uh, those critical networks and crippled them on from cybercriminals point of view, you can, you can expect them to pay the ransom because they think that they need to buy in order to, um, get those systems back online. Uh, in fact, last year or two, unfortunately we saw the first, um, uh, death that was caused because of a denial of service attack in healthcare, right. Facilities were weren't available because of the cyber attack. Patients had to be diverted and didn't make it on the way. >>All right. Jericho, sufficiently bummed out. So maybe in the time remaining, we can talk about remediation strategies. You know, we know there's no silver bullet in security. Uh, but what approaches are you recommending for organizations? How are you consulting with folks? >>Sure. Yeah. So a couple of things, um, good news is there's a lot that we can do about this, right? And, um, and, and basic measures go a long way. So a couple of things just to get out of the way I call it housekeeping, cyber hygiene, but it's always worth reminding. So when we talk about keeping security patches up to date, we always have to talk about that because that is reality as et cetera, these, these vulnerabilities that are still being successful are five to six years old in some cases, the majority two years old. Um, so being able to do that, manage that from an organization's point of view, really treat the new work from home. I don't like to call it a work from home. So the reality is it's work from anywhere a lot of the times for some people. So really treat that as, as the, um, as a secure branch, uh, methodology, doing things like segmentations on network, secure wifi access, multi-factor authentication is a huge muscle, right? >>So using multi-factor authentication because passwords are dead, um, using things like, uh, XDR. So Xers is a combination of detection and response for end points. This is a mass centralized management thing, right? So, uh, endpoint detection and response, as an example, those are all, uh, you know, good security things. So of course having security inspection, that that's what we do. So good threat intelligence baked into your security solution. That's supported by labs angles. So, uh, that's, uh, you know, uh, antivirus, intrusion prevention, web filtering, sandbox, and so forth, but then it gets that that's the security stack beyond that it gets into the end user, right? Everybody has a responsibility. This is that supply chain. We talked about. The supply chain is, is, is a target for attackers attackers have their own supply chain as well. And we're also part of that supply chain, right? The end users where we're constantly fished for social engineering. So using phishing campaigns against employees to better do training and awareness is always recommended to, um, so that's what we can do, obviously that's, what's recommended to secure, uh, via the endpoints in the secure branch there's things we're also doing in the industry, um, to fight back against that with prime as well. >>Well, I, I want to actually talk about that and talk about ecosystems and collaboration, because while you have competitors, you all want the same thing. You, SecOps teams are like superheroes in my book. I mean, they're trying to save the world from the bad guys. And I remember I was talking to Robert Gates on the cube a couple of years ago, a former defense secretary. And I said, yeah, but don't, we have like the best security people and can't we go on the offensive and weaponize that ourselves. Of course, there's examples of that. Us. Government's pretty good at it, even though they won't admit it. But his answer to me was, yeah, we gotta be careful because we have a lot more to lose than many countries. So I thought that was pretty interesting, but how do you collaborate with whether it's the U S government or other governments or other other competitors even, or your ecosystem? Maybe you could talk about that a little bit. >>Yeah. Th th this is what, this is what makes me tick. I love working with industry. I've actually built programs for 15 years of collaboration in the industry. Um, so, you know, we, we need, I always say we can't win this war alone. You actually hit on this point earlier, you talked about following and trying to disrupt the ROI of cybercriminals. Absolutely. That is our target, right. We're always looking at how we can disrupt their business model. Uh, and, and in order, there's obviously a lot of different ways to do that, right? So a couple of things we do is resiliency. That's what we just talked about increasing the security stack so that they go knocking on someone else's door. But beyond that, uh, it comes down to private, private sector collaborations. So, uh, we, we, uh, co-founder of the cyber threat Alliance in 2014 as an example, this was our fierce competitors coming in to work with us to share intelligence, because like you said, um, competitors in the space, but we need to work together to do the better fight. >>And so this is a Venn diagram. What's compared notes, let's team up, uh, when there's a breaking attack and make sure that we have the intelligence so that we can still remain competitive on the technology stack to gradation the solutions themselves. Uh, but let's, let's level the playing field here because cybercriminals moved out, uh, you know, um, uh, that, that there's no borders and they move with great agility. So, uh, that's one thing we do in the private private sector. Uh, there's also, uh, public private sector relationships, right? So we're working with Interpol as an example, Interfor project gateway, and that's when we find attribution. So it's not just the, what are these people doing like infrastructure, but who, who are they, where are they operating? What, what events tools are they creating? We've actually worked on cases that are led down to, um, uh, warrants and arrests, you know, and in some cases, one case with a $60 million business email compromise fraud scam, the great news is if you look at the industry as a whole, uh, over the last three to four months has been for take downs, a motet net Walker, uh, um, there's also IE Gregor, uh, recently as well too. >>And, and Ian Gregor they're actually going in and arresting the affiliates. So not just the CEO or the King, kind of these organizations, but the people who are distributing the ransomware themselves. And that was a unprecedented step, really important. So you really start to paint a picture of this, again, supply chain, this ecosystem of cyber criminals and how we can hit them, where it hurts on all angles. I've most recently, um, I've been heavily involved with the world economic forum. Uh, so I'm, co-author of a report from last year of the partnership on cyber crime. And, uh, this is really not just the pro uh, private, private sector, but the private and public sector working together. We know a lot about cybercriminals. We can't arrest them. Uh, we can't take servers offline from the data centers, but working together, we can have that whole, you know, that holistic effect. >>Great. Thank you for that, Derek. What if people want, want to go deeper? Uh, I know you guys mentioned that you do blogs, but are there other resources that, that they can tap? Yeah, absolutely. So, >>Uh, everything you can see is on our threat research blog on, uh, so 40 net blog, it's under expired research. We also put out, uh, playbooks, w we're doing blah, this is more for the, um, the heroes as he called them the security operation centers. Uh, we're doing playbooks on the aggressors. And so this is a playbook on the offense, on the offense. What are they up to? How are they doing that? That's on 40 guard.com. Uh, we also release, uh, threat signals there. So, um, we typically release, uh, about 50 of those a year, and those are all, um, our, our insights and views into specific attacks that are now >>Well, Derek Mackie, thanks so much for joining us today. And thanks for the work that you and your teams do. Very important. >>Thanks. It's yeah, it's a pleasure. And, uh, rest assured we will still be there 24 seven, three 65. >>Good to know. Good to know. And thank you for watching everybody. This is Dave Volante for the cube. We'll see you next time.

(upbeat music) >> Hey, everyone, welcome to theCube's special program series Women of the Cloud brought to you by AWS. I'm your host, Lisa Martin. I'm very pleased to welcome back one of our alumni Adrianna Bustamante joins me, the VP of Global Alliances at Rackspace Technology. Adrianna, it's great to see you. Thank you so much for joining me today. >> Lisa, thank you so much for having me again. I love this. >> Yeah, me too. Tell me a little bit about you, a little bit about Rackspace Technology, as well as the role that you currently have. >> Sure, so again, I'm Adrianna Bustamante. I look after our global alliances within Rackspace, specifically looking after some of our strategic partners. I've been with Rackspace for a little over 16 years now, working with partners in some form or fashion. Rackspace Technology, we are the multicloud solution experts. We really work with our clients to drive business outcomes and transformations in this multicloud world. And our mission is to embrace technology, empower our customers, and deliver the future. And I get to have the fun pleasure of building and curating and cultivating partnership relationships. So very much our partnerships are important to our success. We are privileged to be able to work with AWS along with other partners across the industry to help do more, and bring more value to clients. >> So you've been with Rackspace Technology for a while. Tell me a little bit about recommendations. Any tactical recommendations that you have for other women, maybe even men who are looking to grow their careers in tech maybe they're wanting to get into tech. What are some of the things that you've learned along the way that you highly recommend? >> Yeah, no, great, great question. I've had the fortune of being at Rackspace now for a number of years, and it's always 'cause I've been able to create my own opportunities and work. And so that really falls in line to some of the recommendations that I hold dear to my heart. And number one is really to stay curious and learn, from reading articles, to staying close, and asking questions from your colleagues. You know, I know just like at AWS and at Rackspace, there are some very talented people across all areas of the business, and they are the best to learn from. You know, I also am a firm believer in developing and expanding that network 'cause that helps you bring and build out your reach and helps you continue to learn in different areas outside the company. I think from raising your hand, leaning in, don't be afraid to speak up. Especially as we think about, you know, women of the cloud which is part of what the theme of this session is. And I think about, you know, how much I love to see women elevated within roles inside of Rackspace and out, you know. It is about raising your hand, getting uncomfortable in speaking up if you're, if you are a bit shy or timid. If there's an area that you are interested in and passionate about, go learn and drive. Because there's opportunities to create new roles for yourself, new ways to bring value into the organization. And then you become memorable for, you know, that, you know this person was known for helping solve this problem. It's been a good fortune. And within our company culture of any Racker, the front lines know how to solve most problems just as much as the top executives. >> Yeah, I love you saying stay curious. I think curiosity is probably one of the best things that people can have. It's, to your point of, I like to call it getting comfortably uncomfortable. Raise your hand, ask a question. I always think, if you're in a meeting, and maybe you tune out or there's something that you don't understand, ask a question. 'Cause I guarantee there's five other people in that room that have the same question, but they're not curious enough or hungry enough to ask the question to learn more. So I think those are such great recommendations that you have provided that I think you probably would tell your younger self stay curious, ask questions. >> Yes, for sure. I also am so big, at least for me personally, context is so important for me. If I understand context, then I'm really able to figure out where can I drive the most value for me personally. And then that goes into leading my teams. And so to me, the only way you get the context is if you're learning or asking the questions if you don't understand. 'Cause it really helps you understand the holistic business. >> A hundred percent. That context is everything. But a lot of people are just a little bit timid sometimes and don't want to be the one to raise their hand in a room or online these days. And I think it's such a great skill that anybody can benefit from. I'd love to know some of your other skills. Some examples of specific success stories where in your current role, where you've really helped organizations solve problems related to the cloud. >> Yes, so, you know, and I think about ultimately we're looking to see and always looking to see how we can help transform our clients' businesses. And often the underlying root of that is through technology solutions. And so, you know, we've helped clients who are mostly, you know, legacy data center based clients that have built large infrastructure components and environments, and they want to learn and lean into the cloud. And they're not really sure how to do that. They probably may have a leader that's told them that they need to do this. Everybody's at a different level of journey. And so, you know, specifically, and especially in partnership with some of our hyperscaler partners just at like AWS is, you know, we can help customers understand what that journey needs to look like. How to successfully move, let's say if they're a large VMware shop today they already have a little bit of cloud native. You know, together through our ecosystem of relationships, we've helped customers not only be able to build and maintain part of their data center footprint that's not ready yet to transform, but move some of this into a facility that is within our data centers to get out of that huge kind of CapEx heavy workload type environment. And then, and especially with AWS, and the partnership that they have along with Rackspace, with VMware, we leverage BMC on AWS solutions. And then we can help them fully embrace that cloud native. And from a Rackspace perspective we are providing those services and expertise across all levels in a single pane of glass. So you can manage from your more traditional workloads to embracing more of a cloud native approach. >> And it's all about helping clients drive business outcomes as you said. Every organization these days, I always like to think, whether it's my grocery store retailer or bank has to be a data driven company. But it has to leverage obviously the cloud. But there's so many options. It's quite nebulous, no pun intended, maybe pun intended. So, but it's all about helping clients drive those business outcomes. I imagine it's quite fulfilling for you to be able to help different types of organizations really maximize their use of technology, their understanding of technology, to really build bridges, deliver the products and services that everybody's expecting these days. >> Yes. No and I think what I, again, it's what I love about being in partnerships because those relationships become fundamental in helping remove those complexities for the clients. And so the more that we as Rackspace are able to connect and deepen these relationships it just becomes less decision making, less things that the client ultimately has to think about. So nothing gives me more joy than being able to help solve the customer's problems. And then in turn we're doing that through our partnership relationships. So we're bringing everybody together to ultimately provide a better outcome for the client. >> Yeah. And as you said, those relationships are foundational to everything and ultimately the outcomes that the end customer is able to deliver to these demanding, whether it's consumer or business or whatnot. A lot of challenges that organizations have today. But it sounds like the relationship cultivating that you're helping lead is really critical in those organizations being able to embrace technology, utilize it in ways that allow them to get products and services to market as fast as the consumer demands. I'd love to get your perspective as a female in technology. We talk a lot about diversity, inclusion, equity. We can talk about it all day long, but there's still some challenges there. What are some of the challenges that you see that are still persistent with respect to diversity and tech today? And maybe some of your recommendations to eradicate some of those? >> No, sure. So, you know, it starts really early. It starts almost in education and making sure that women, and a diverse set of applicants are taking certain, studying certain disciplines. And then I think about it from a recruiting and hiring perspective. Are organizations doing enough to expand their reach? You know, we were actually talking- I have the good fortune of being the executive sponsor of our resource group within Rackspace. It's called Power, which is the professional organization of women's empowerment at Rackspace. And we were talking just I think last week on, we need to make sure we're going where the women are to make sure we are letting them know about Rackspace, the benefits about Rackspace. And it ultimately, in turn that helps build more recruiting into the talent pool. More people are raising their hand and interviewing and hiring. I think talent in general as we're seeing right now, is so hard to come by, and so even more important to retain. And the more diverse pools that we have of Rackers, it's just bringing different perspectives, and Rackers are what we call Rackspace employees. It's bringing those Rackers together to help solve the bigger problems. Because you're able to do more with a diverse set of outlook. And I think, you know, as a woman, I want to have that equitable seat at the table. And so ultimately when I think about myself from a leadership perspective, am I making sure that all of those opportunities are available for the women that come along behind me? And how am I elevating other women within our organization from a day-to-day so they have that spotlight. So, you know, fundamentally, organizations need to focus on how to expand that reach to bring that diverse set of applicants and voices. And then you need strong leaders at every level to be advocates and sponsors to make sure that this is an important topic and top of mind in all organizations. So you can ultimately provide an equitable approach. >> Yeah, I love that. I agree a hundred percent. You know, it's so important to start at the education front, but also to be able to have just the thought diversity alone in organizations. I've seen many studies that show having females in executive positions are, companies that do that, are more profitable. There's a lot of data out there that demonstrates that there are huge advantages to any type of organization to really invest in diversity. But to your point, it's not just about attracting, it's about retaining the talent as well. I mean that, that is critical for every business. >> Yes. No absolutely. You know, more and more we're starting to see that soft benefits are becoming more important as we think about a younger workforce coming in. And when I think about soft benefits, it's more around our employee resource groups. What our benefits look like for our females within our healthcare, within the insurance plans? What type of time off and maternity benefits are we extending? What does that work-life balance look like in a hybrid world or a virtual world? Those questions become, I mean, when I remember years ago no one would even think about asking those questions. And now we see, not only those questions coming up more regularly, but we are trying to be more intentional within our organization. To be proactive about that messaging so we can help show and demonstrate that we are an inclusive community. And that there's support for women to be successful within Rackspace. You know, we have mentoring programs that we do that are you know, that we really try to highlight and promote for our female community. And then also for our broader community. We look at building different circles that women can come together in a space that they feel comfortable to ask questions. To figure out how do they excel and advance in their career. Those become very attractive for getting that talent that we want. >> Absolutely. And you just brought up such a great point, Adrianna and that's intention. Programs like what you're describing that the Rackers have opportunity to access, is that there's intention in all of this. Which is so critical for diversity programs to be successful. To attract the right talent, to retain the right talent. It's like a flywheel, I think it's all, it's all linked together. But I'd love to know what you see that's next in cloud. How do you see your role evolving in the industry? We talked about the great relationship building that you're doing. What do you see as next in cloud? >> No, sure. Again, 'cause I helplessly can't be biased. It is all about to me that that partner ecosystem. It is how we can build strong relationships that help minimize the complexities for the clients. You know, now the pace for innovation and competitive edge is faster than it was than we saw 24 months ago. You know, we saw COVID advance lots of different areas of the business, but really it forced a lot of companies to transform. And this is where I think there's a unique opportunity to really look at what a partner ecosystem looks like. You know, who are the right partners that organizations like AWS, like Rackspace should be working with. 'Cause oftentimes the partners that were our partners and key partners, maybe three to five years ago, maybe aren't going to be as relevant in that same ecosystem in the next five years. So constantly making sure that we have the right ecosystem in place, and the right relationships to help ultimately drive better outcomes for the clients. >> And that's like we said several times already during this interview. It's all about the outcomes for clients. You mentioned COVID, you know, there's been- I call 'em COVID catalysts. A lot of transformation, forcing function. There's definitely been some silver linings, but I'd love to get your perspective if we go back like the last five years. Some of the biggest changes that you've seen in the tech workforce, in innovation, in the last, you know, three to five years that really excite you. >> Yeah, so I think we all had to learn to be virtual by default. And so I think we're just coming out. People are excited to be in person again. You know, when we have different events, whether they be with internal Rackers or with partners or clients, like everyone's excited to to see each other again. But you're still seeing this mix of, we need to be hybrid by default, which I know wasn't in everybody's DNA from a technology perspective. And I think that's enabling more virtual teams, more matrixed type of teams, where you're bringing together different expertise across the organization to move at a faster pace. You know, we talk about, you know, we talk about COVID which led to that great resignation where you saw many people changing their jobs. You know, we saw women not only within Rackspace, but even outside, like really, you know, take a pause and really start thinking about what's important to them in that returning to work. And so I just think all of this has really, as you mentioned, Lisa, of forcing function on being intentional to create the right environments that are building a place that we can retain that level of skill and expertise. And I think that's just going to become something that's more increasingly important with every year and profession choice. >> I agree. It's going to be building upon, like it's that flywheel that I'm talking about. That of successes, of promoting women, of making sure that there's plenty of opportunity. Encouraging women, to your point, to be curious raise your hand, ask the question. There's so much value, it's invaluable for organizations to really have diversity throughout their organization. You did a great job of explaining. Even in the benefits framework. So, I so appreciate you being on theCUBE. Adrianna, it's great to see you again. Thank you for sharing your story, the successes that you've had as a Racker in cloud, and some of the things that you recommend to the next generation. We really appreciate your time. >> No, thank you. If I can walk into more rooms where there is more women at the table and on the calls, I am a happier individual. So I love any opportunity to really see how we can continue to make more space in the rooms for women that are just overly talented and deserve to be there. >> I am with you on that. Again, thank you so much. Great to see you and we'll see you again soon. >> Thank you, Lisa. Take care. Have a good afternoon. >> Thank you. We want to thank you for watching theCube's special program series Women of the Cloud, brought to you by AWS. I'm Lisa Martin, thanks for watching. (upbeat music)

>> Presenter: theCUBE presents UiPath FORWARD5 brought to you by UiPath. >> Back to theCUBE's coverage of UiPath FORWARD5, 2022. This is theCUBE's 4th UiPath FORWARD. They're mining automation gold here at the conference and in the customer base and we're creating Cube Gold, Dave Vellante and Dave Nicholson. Cheryln Chin is here. She's the vice president of Global Alliances at UIPATH. Sameer Bohra, who's the director of Information Technology at Deloitte. Good to see you guys. >> Great. >> Thank you. >> Now normally we would be talking about, how Deloitte's out, doing its thing with its customers, but this is actually a case study on Deloitte's use of automation and UiPath, so that's cool. You not only partner with the GSIs you actually sell to them as well. Okay. What's that all about? What's your relationship like? Why don't you start there? >> Absolutely. So we're thrilled to be here. Thanks for having us. And really appreciate Sameer being here with us. Deloitte was an early adopter of UiPath not just as a partner, driving innovations and investing in getting skilled and building the capability. They were the first to become the US and certified partner network investing in thousands and thousands of skilling up their consultants and resources to help us address our customer needs together. But it's not just about being a great partner it's being a customer with what they've done and built their own business around UiPath and the automations. We've got an amazing story to tell you about today that we'd love to share. >> All right, Sameer, let's hear it. What's the story? What was the catalyst to bring in automation, UiPath? Where are you applying it? Where'd you start? >> Fantastic, well first of all, thanks for having me here. >> You're welcome. >> I'll start this journey with the predictions that we were making at some point. So, Deloitte, as a company, we are in the business of predicting the technology trends. We have been tracking automation as a trend for quite some time, and we have been following how this industries going to come along. And we then started placing our bets not just on the technology, but on the vendor as well in this case. Right around 2017, 18 is when we started kind of implementing automation with UiPath for our internal purposes. And as it happens, different constituents in our member firms started doing it at the same time without kind of consulting with each other. But the surprising thing is that we all ended up with the same results. We all ended up with UiPath. We all ended up using the same technology set and it was good that we all made the same choice because we would then all get along with it together. So we started our journey kind of disintegrated in a way and then we came along quickly all together. We then have COEs in each of our member firms, or at least the big member firms. And around January last year is when we signed an enterprise license agreement with UiPath that really brought some of our mature COEs together. And now we are kind of utilizing the product quite well. We are exploring the benefits of that ELA brings to us. So that has been our journey so far. Just in terms of some numbers, we are more than 400 millionaires saved for our member firm. We have hundreds of processes that we have automated. I'm kind of losing count of that already. And we have a good 70, 80 member team members across our three mature COEs that are constantly automating day in and day out. So there's a lot in terms of the history and there's a lot that we are looking forward to. >> Can you paint a picture of sort of where you're applying these automations in your business and maybe double click on that a little bit? >> Absolutely. So when we started our journey, there were some candidates right off the bat there were some of our enabling areas where we were looking at for instance, finance our talent which we also called as HR. Those were some of our preliminary areas that we started doing automations for. But another surprising thing is that our first automation use cases were actually contingent solutions that we built to help some of the other big deployments that were happening in the firm. And in absence of any good solution, we said, "Let's bring in RP and let's bridge the gap." And that basically opened the door for us to use automation at a bigger scale. So it's enabling area, talent, finance, business operations. Those are the prominent areas, marketing, chief culture, those are the areas that we are applying it. And then our services on the other hand are using automation as well because we need our services people to be armed with the valuable time to be able to invest on our clients rather than, being stuck in repetitive mundane tasks. So we are pretty much applying it all over the board now. >> So as director of IT at Deloitte, I'm curious about how this process works for you. You've heard the term drinking one's own champagne. >> Yeah. >> When you are looking... >> 'or jog fooding, but okay. >> I was trying to be polite, right? One throat to choke one bat to pat, back to pat. Are you immediately and at all times under a microscope when you're deploying something internally because someone else in Deloitte is thinking, "Okay, let's see how this works for us. Because if it works well, if we gain expertise, we can turn this into a line of business to help our clients." Is that something that starts day one? Or do people come to you six months into a project and say, "Hey, I hear you have something going on. That's cool." What's that look like? >> Very interesting question. The way I would like to describe it is we have a symbiotic relationship between our internal COE and our client facing teams that are out in the market selling automation along with UiPath. And the way that symbiotic relationship work for us is when we are doing anything interesting in terms of an automation use case, and we have many that I can talk about, we do have this constant connect with our client facing folks where we tell them about the use case. We tell them about the problem that we are solving and the way in which we are solving that problem. And in many cases, it generates interest. And then we get into conversations where we see, okay is it an asset that we can build out of it? Or is it simply a client use case that we could burn and implement and apply somewhere? So that's one side of the symbolic relationship. The other side is what our client service folks are seeing in the market. So when they see it, they come to us and they tell us, "Look, we see such and such client doing this and we did it for them. We should think about doing this in Deloitte and for ourselves." And then we say, "Fantastic, let's do it." So it's both ways. >> Dave: Both ways. And the fact that it is both ways. There is not that sense of pressure or you know that I'm under a microscope. It's all one big family. >> How do you measure success? >> It's a pretty interesting question again, success is subjective, right? When it comes to automation the typical metrics that people use to define and describe success is how many hours you have saved or how many hours, at least the way we use it how many hours you have reinvested, right? So we started with that as our measure and for some time that was really our measure of success. But lately we are seeing a change in that we are now shifting more over to other matrix like cost avoidance. So for instance, your firm is growing at a certain pace. Do all your enabling areas need to grow at that pace? Maybe not. Maybe we can avoid that cost and maybe we bring in more automation to support that. So cost avoidance is kind of emerging as a bigger matrix for us now, especially given that all low hanging automation fruits have been plucked. That's a big one we are looking at. I think the other matrix which is a bit difficult to measure directly is the employee satisfaction. There's somewhere I read that if you want happy clients you need to have happy employees first, right? And one way of making your employees happy is to give them the task that they really value that they really like to do. Now, again, being a professional services firm are ours are people's, our is our currency, right? So we want to give them as much of their valuable time back so they can invest it in their client facing activities as opposed to, you know doing mundane and ones. So those are some of the matrix and measures we are looking at. >> So I'd like to dig into that a little bit. If I could Sameer. So, aren't hours saved sort of related to cost avoidance? Is that an input to the cost avoidance calculation, if you will? >> So yeah, so yes and no. And the reason I say that is because yes, if you do the math, yes, it makes sense, >> 'not that it's direct. I understand it's not a direct relationship but it's somewhere related. Is it not? >> It is related in the sense that our saved is an immediate measure of automation, right? So if me as a practitioner, if I can hand over a task to the bar, which can take off five hours out of my week, that's an hour saved right away. But cost avoidance is more like, "Hey, I have these 10 engagements that are coming up. Do I need to amp up to meet boost end engagement or I simply amp up my automation, right?" So that's more around the cost avoidance piece. >> Okay. So there's an algorithm there. >> Yeah. >> Which makes sense. Do you find, so in other words, when you save hours at some point it's going to translate it to headcount avoidance. Okay, are you finding that when you run a project if you can automate that project, that the proportion of savings is greater on that automation of the project than it is for those sort of hours saved? I'm just sort of curious as to what the balance looks like. Is it like overwhelmingly speeding up the project? Is the real benefit there? I'm just kind of curious. >> There's absolutely a benefit there. With automation, you can obviously speed up your projects, you can do more with the staff and the team that you have. So that's definitely something that helps us a lot both internally and I believe on the client facing side as well. >> Okay. And just put my CFO hat on. Let's, so are those internal resources or are there sort of out of pocket expenses? In other words, it's the hard dollars that I don't spend or is it resources that I can deploy on another project or both? Or both. >> For the most part it's the resources right? >> So it's okay. >> Yeah, it's the resources that you can now have them do more value work with more clients as opposed to have them do many task at one place. >> Okay, I'm going to just keep going. So that's a productivity measure in my mind anyway, so I just like to keep peeling the onion on the metrics. So I would at some point, so the two things the cost avoidance and the employee satisfaction I would ultimately as the CFO want to see that show up in terms of productivity increases and decreases in turnover. And you probably don't have enough experience yet to measure that. But ultimately, isn't that where you want to go? >> I think that's essentially where it's going and I think that's the way it'll probably go for pretty much everyone who is in this journey of automation at your CFO will eventually want to look at, okay what after this investment, where is it leading us? So that's definitely the direction we are also heading. >> Yeah and so productivity revenue per employee, is that a good starting point? Maybe you get more sophisticated than that, but... >> Yeah, that's probably a good starting point. >> UiPath revenue employees about 250,000, which is pretty average for software companies. Now, maybe it's because they're investing more, but at some point I'd like to see that tick to 350,000 anyway. >> Yeah. >> I Digress. >> And we are on that journey where we are essentially looking to arm everyone with a bot right? There's a philosophy and UiPath around a bot for everyone. We are pretty close to getting to that stage where everybody should be able to leverage the technology. We shouldn't be limited to a certain business unit or certain pockets within a business unit. >> I want a bot. I do, I want a bot, I'm getting a bot. >> I wish I have a bot. >> I would, yeah, I want to a bot and I want to give that bot a very clever name. That's like you're thinking of naming bots. So are your activities evaluated in completely independently as sort of your own P and L or do you get credit for some of that symbiotic relationship that's developed? Because I can imagine a situation where you deploy something intelligent automation and you get a yield that translates into a practice for your firm that brings in a bunch of revenue with a bunch of satisfied customers. Do you get credit for that? Or is it like, no, no, no, no. I wouldn't >> I would love to get credit for that. But again, it's all in the family. It's all one big family. At this time we are simply focused on bringing the right use cases forward for our client facing folks and the other way around. So we haven't got into that stage as left. >> But you need to deliver standalone value. You're evaluated that way. >> And this COE. That's what we are evaluated upon. The matrix that I talked about earlier around cost avoidance, number of our saved employee satisfaction. Those are some of area that we are being rated upon. And that's across all our COEs. >> Oh, surely congratulations on landing Deloitte as a customer and of course a partner. And I'm sure there's big things in the future. We'll give you the last word, bring it home. >> You know, the takeaway here is we are leveraging partners like this who are going way beyond just automating processes for the sake of process and our save the using this to build their business make their consultants more productive and really driving profitability for the business. So really the automation flywheel going beyond that's really trying to fuel digital transformation by taking this, they make it go faster, more profitable, more agile, and they become an amazing customer and an amazing good market partner. >> Yeah, you guys take this pretty seriously behind us there's this, I don't know what you call it but this clouds floating above it. If you walk through there, there's some really inspiring commentary. And so I encourage you to do that if you're here at the show. All right, thanks guys, appreciate it. >> Thank you. >> Thank you. >> You're welcome. All keep it right there Dave Vellante and Dave Nicholson will be back at FORWARD5 UiPath customer event from Las Vegas. We're live right back. (soft music)

>> Hello, everybody. Welcome to VeeamON 2021. You're watching theCUBE's continuous coverage of this year's event. My name is Dave Vellante, and as the saying goes, you can go faster alone but further together, and that observation is most certainly true in the technology business, and with me to talk about the importance of partners and ecosystem expansion and leverage are Daniel Fried, who's the senior vice president for EMEA and worldwide channels and Veeam, and David Harvey who's the vice president of Strategic Global Alliances at Veeam. Gentlemen, welcome to theCUBE. Come on inside. >> Thank you, Dave. >> Thanks so much. Thank you. >> So you're welcome. So Daniel, about 40 partners by my count did at VeeamON virtual this year. Wow. It's unfortunate we can't interact with them face to face, but part of the story here 25% ARR growth and partners, obviously big contributor there. Give us the update from your perspective. >> Well, yeah. So first of all, I think it's going to be much more than the 40 partners that are going to attend VeeamON, because it's a key event that we've had already for a number of years, and this one this year is going to be as huge as usual, even bigger, because it is all remote. So everybody can participate. Now going to the results of the company, it is entirely also due to the partners. All types of partners, because we are 100% partner-based. We are a travel company. So all our businesses go through the buffers to reach out to the end customers, all different types of partners. So I do thank very, very much all partners around the world, all types of partners, because they all participate to the success of Veeam software, and this fantastic 25% growth indeed. >> Yeah, so David that's pretty important when you send that message. I mean a lot of companies, a lot of tech companies, struggle with that. They have a heritage of direct sales, and they say, hey we're super partner friendly, and then they do a big reach around. You kind of clean that up from day zero, but maybe talk a little bit about your philosophy around partnering. >> Yeah, absolutely. I mean it's been a core pillar, as you said Dave, of Veeam from day one, and we've been true to that message all the way through, and when you look at the rich ecosystem of the ProPartner Network that Daniel was talking about, and you also look at the way that we've embraced Alliances, not only from the technology integration point of view, but also within the go-to market position. It's just been a really rich experience for the Veeam field, the alliances and partner field, but more important for the customers, because they get the best of breed from both sides. They get peace of mind on supply chain, but fundamentally, and you touched on this point Dave, a lot of people talk about it in principle. We live it all day every day, and I think when you look at the rich experience that you're going to get from VeeamON, when you look at the fact that the Alliance partners have lent in as the premium sponsors. These are the biggest guys in the industry. It's just a testament to trust, and it's a testament to delivering value to the customers. >> How should we think about the sort of partner makeup, and I'm interested in particularly the perspective from EMEA, but I mean a number of the partners, the majority of the premier partners, for example, they're U.S.-based companies, but of course they have very strong presence around the world, and then of course within EMEA, Daniel, you've got a lot of local partners as well. How should we think about that makeup? The big whales, who account for, many, many tens of millions, hundreds of millions of dollars but as well the collective of the larger ecosystem. How should we think about that pyramid? >> Well, this is a fantastic question. I think that we have to go back into understanding what the role of partner is to reach out to the end customers, and because Veeam is selling to companies, which are very small ones, very small SMB customers all the way to the very large complex multinationals. We need partners who have these capabilities to address all those, and of course the number of companies around the world. It's hundreds of millions of them. To give you an idea, because of the partners, our coverage is more than a hundred countries. In other words, we sell to more than a hundred countries around the world, even in places where our Veeam presence, physical presence is not there. We need different types of partners depending on what is needed, what the customers are requesting, We talk about the popup neural network, but I would like to talk, to go even farther, and talk about an ecosystem, of business ecosystems, using the theme solutions and the Veeam technologies with the alliancers, with the STEM integrators, with the VAR, with the resellers, and with the service providers, with all different types of typologies partners, and it is not one unique way of doing businesses. So you've got huge companies, but you have a lot of small ones to be capable to sell to a mom and dad shop somewhere in the middle of the desert or somewhere around the world, but we also need to have competencies, because customers have requests that become more and more complex, because the world is becoming more and more complex from an IT perspective. So we need to have competencies, and this is what we try in this co-partner network software is to bring these competencies up to be capable through the partners to answer all the requests and all the needs of all the customers around the world. >> So, David, it's not just sort of generic. I mean obviously, as a 100% channel partner company, you're looking for volume and distribution, but as Daniel just said, there's competency. So what are some of the competencies that partners bring to the table? Maybe you have some examples that you can share. >> Yeah, absolutely. So if you look at a couple of different areas, what I would say is we look at this problems that customers are dealing with in two ways. One, they're dealing with the fact that they want a technology solution to something that they're dealing with today, and secondly, they want somebody to support them with a human workflow evolution that's going on with them today, and GSIs is a good example of that one. When you look at the work we're doing and the success we're having with the large global GSIs, what we're solving in that area is two things. Workplace optimization, huge topic at the moment, and secondly, the data center modernization, and what's happening as you go through that evolution is you're dovetailing together the workflows of their business. You're using data as a lifeblood to be able to be successful and relate to their share price, et cetera, but more importantly, you want to make sure that you're bringing into account both those sides. You can't just have a technology solution without an understanding of implementation, and you can't have a great concept without a solid solution to back that up. So that's where we dovetail together. The top alliances that are out there in the market with the top global systems integrators, and both of those combined solutions benefit everybody including the channel, but obviously more importantly, the customer, and I think when you look at that, the work we're doing with Accenture, with Capgemini, the work we're doing with guys like HPE and VMware and all these large thought leaders, that's where it's a really nice dovetail, and as we talked about before, because that's been the lifeblood of our organization from day one, it's a very harmonious experience focused on solving the customer pain. >> So I like that focus on solutions. I'm just thinking about workplace optimization. You think about remote work. I mean everybody's trying to figure out hybrid now. How do I get hybrid right, and of course you guys fit in. What's the right data protection model? Modernization. There's app modernization. Because of cloud, there's a rethink of how you protect data. Maybe it's additional layers, and then of course, I mean every time I look in the paper, there's another hit of ransomware or some cybersecurity attacks. You guys fit in there. There's this solution emphasis, which really dovetails nicely into the customer problem. Maybe you could talk a little bit about that, and the role that partners play and what role you play. >> The role that we play is I'm just here, and we complements response, cause it can be a very large extended answer, and with the role we play is I would say twofold. Just to try to be, to simplify as much as we can, as much as I can. One of them is to provide solutions, and this is number one. So Veeam is providing solutions to end customers through the partners. The partners, they have these competencies, which allow them to build solutions and services to answer the request and the needs of the customers. So this is the key thing. They generate the value add on top of our technologies, on top of our solutions, to meet what the customers request, and you're totally right, because we talked about the marketplace, we talked about a lot of things, but what is very important is we see more and more customers wanted to go to services. So not for themselves to manage the infrastructures, and their back up centers, and their back ups. They are everything which is needed to the security of the data, but to have it done by a potentially third party companies like the system integrators, like the cabin service providers, like all different types of companies, even some consultants giving advices on architectures, the neighborhoods, and all kinds of different services, which are built. I even had some partners that are now developing. We talk about containers more and more, and we have, sorry to be a bit technical here, but we have some partners of ours, obviously some larger ones, which are contributing what they call microservices, which is for this new generation of containers. So they are all developing services to meet the requests and the needs of their customers. There is a big focus at the end customers. So we provide the technology. They add value. >> Well, I don't think you ever have to apologize in theCUBE for talking tech. I mean you think about containers, and your acquisition of Kasten, the whole notion of microservices. Containers used to be ephemeral and stateless, and now they're becoming a fundamental application development platform, and they need protection. So I think that's an important area. We're going to dig into that in some other conversations in theCUBE. but your point, Daniel, about value add is critical. It used to be I call it box selling even though it's, the software's in a box, but it used to be okay I'm going to make some margin just reselling. Partners today want to add value. They just don't want to be a pass through, because they'll get disinter mediated. So that's important. I wonder if you guys could talk about some of the details of your partner programs. There's the ProPartner Network, and I'm very interested in the Veeam Universal License approach that you guys take. What kind of details can you share with us on those two things? >> Daniel, that's a good one for you. >> Right, okay. So what you call the Veeam Universal License, so this is part of the technology that we provide and the licensing that we provide. It's about recurring licensing model, which is totally agnostic. So in other words, it is the same types of licensers that customers can use for whether if they are hydrates, they go with an architecture, which goes to the heartbeat clouds, or any type of architecture or premise, so they can just move down action. So it's from one place to another place when they need it. So we give them the full flexibility with this licensing model to adapt to the new needs that they may have. So to influence that, they define an architecture, which is totally frozen, and then they cannot change it anymore. With us, with our technologies, with our licensing model, with our VUL licensing system, they have full flexibility, and this is a key differentiator for a lot of customers and obviously from our own competition. >> And my understanding is when you guys really started leaning into the ARR model, you actually were were pretty innovative in the way you kind of made that transparent, or irrelevant really, for your partner's sales channels. You guys set up front. We're going to... This is like no change. Go sell. We'll figure out the economics on the backend, and most organizations in your position don't do that. They try to micromanage the margin upfront, and it's sort of the finance guys running the spreadsheet or sort of determining the relationship as opposed to the relationship working backwards. Is that a correct inference on my part? I sort of got this from talking to some of your big partners and asked them, well, isn't that a real challenge when you shift to that model. They said no. Veeam just sort of made it all transparent to us and sort of aided at the backend or however you did that. >> So I think, Dave, that this is a very, very correct statement that you got from the partners, because it is not something which is new, and it is not only on this subscription licensing model What we always try to do with all partners is to have a consistent approach and a very transparent approach with the steps and move step by step to the next grade walls, to the next strategies, to the next ways of doing businesses with them. So the key thing to have a network of partners which works, which really develop and generates a good value add, it is the trust, and I think, I don't want to be too outspoken, but I think, and they can give us feedback, I think that we've succeeded year after year after year to build that trust with the partners, which means that we have the transparency. They just move along with the moves that we do, but our moves also come from them. So in other words, depending on what the end customers request, we help the partners to meet the requests of the end customers. So we help them develop more businesses. >> David, let me ask you something. So if you had 100$ to spend of resource, and you had to spend it on going deeper, sort of the existing partners or expanding the number of partners, and maybe even the quality of partners, and thinking about where IT is headed, Veeam's role in that, how do you allocate your time and your resources? >> Great question, and I think simple answer for me. You go deeper with what you have, and the reason for that is it's expensive, and it's about building trust, as Daniel said, and it's about making sure that the customer isn't caught up in the middle of it, and I think that's the really important part related to this as well. You said at the start of the conversation, Dave, with regards to the complexity, and the reality is there's multiple decisions going on right now. How do I adjust my infrastructure based on the needs of today? How do I look at the blend on hybrid cloud? What's going where, et cetera. How do I evolve into containers? Et cetera, et cetera, et cetera, and I think when you go down that line, and you're presented with these titans of industry that we're looking at here with some of our premium alliances, et cetera, it takes a long time to make sure that you integrate. It takes a long time to make sure you'll go to market and pain-based statements are clear. It takes a long time to go through the trenches, to learn together so that the customer is the one that has choice, doesn't have to investigate the way that Veeam wants to do it or our alliance wants to do it or our partner wants to do it. It's about looking at the best solution for their pain, and I think from that point of view you can only do that with continual commitment. I mean we add to our program in all aspects, but you will see consistency. You'll see releases from day one of the company when we launched the product, with Alliances as an example. That consistency and investment is peace of mind. It's trust, but more important it's innovative, because you get to invest for multiple years moving forwards. So that ideally we can continue our philosophy of being just ahead of what the customer needs, while listening to them and working with their other parts of the IT infrastructure, because as you said from the start again, this is an ecosystem. This is not a singular component, and I think that's where it's really key to have a philosophy, which we have here in Veeam, which is double down with your friends, make sure you make it work, look to evolve as the market evolves with some extension, but you never forget where you came from. >> I like that answer cause it was something. It was kind of a loaded question, because when I talked to a lot of companies behind the scenes, one of their big frustrations is there's a push to get more, more, more, but in reality when they look at the productivity, it's like a snake swallowing a basketball. They got a few partners that are really productive, and then the rest, and they're spending all this time doing Barney press releases. I love you. You love me and dah, dah, dah, and nothing ever happens out of it. So when you approach a strategic partnership, why Veeam? So when you approach a strategic partnership, why Veeam? Pitch me on why I should spend my time with Veeam versus one of the many other competitors that are out there. >> 100%. I mean that's the great thing. We're programmed from a history point of view, and there's nothing better than when you're talking to a strategic partner, than to be able to say you've put your money where your mouth is. Secondly, that money is key. We invest heavily, and it is expensive. It's an expensive scenario. I mean our Alliances organization globally is almost 100 people, and it's a big investment position, because you've got to make sure that you've got the ability to balance out what both sides are looking for, and sometimes you do things that maybe aren't 100% in your best interest, but that's important to your partner and your alliance and vice versa, and so from that point of view, you've got history and proven position. You've got investment potential, and the capital to be able to build together, to move forward, and thirdly, it's about the execution, and that's not just your philosophy where I started. This is about the ability to turn concept into tangible, frankly benefit, which comes down to economics for both sides, and those three things together to me are the way that we've been so successful, in not only growing and maintaining our position, but also attracting new ones as we look to see the evolution of the IT market. Daniel, you may have a different view. >> No, no, no, no, no. No, no, I totally agree. I just would like to complement your part by two things. Two things are very much marketing related. We are number two now worldwide, as IDC mentioned it. So in other words, that means that customers like our technologies, our solutions. So partners are looking for making businesses with somebody who is trusted. Also we get customers, and number two, we have a big marketing machine, and that helps very, very, very much the business, through the partners all the way to the end customers. We always involve the buffers, always systematic. >> Sorry to interrupt. I saw some of that IDC data. You guys are number two worldwide, but am I correct that you're the number one, like pure play independent or am I missing something there? >> Number one. Yeah. Number one in EMEA. >> Right. So I always ask that, because a lot of times other people, it's like cloud washing. I could throw a bunch of stuff in my cloud numbers and say I'm number one in cloud, but when you talk about Veeam all your revenue comes from backup data protection. That's the pure play. We love the pure plays, because they're easier to understand, and even though you guys are a private company, you're more transparent than most private companies. So it's helpful as an analyst to really kind of gauge the progress. So, okay guys. Hey, we got to leave it there. Thanks so much for coming on and talking about the all important partner ecosystem. You guys have done a great job there. Congratulations, and I hear it from your partners and obviously the numbers prove it out. So great job. >> Thanks. Thanks for your time today. >> All right. You're very welcome, and thank you for watching everybody. This is Dave Vellante for theCUBE's continuous coverage of VeeamON 2021, the virtual edition. Keep it right there for more great content.

(digital music) >> My, what a difference 10 years makes in the tech industry. At the beginning of the last decade, the cloud generally in AWS specifically ushered in the era where leading developers they tapped into a powerful collection of remote services through programmable interfaces you know, out there in the cloud. By the end of the decade this experience would shape the way virtually every IT professional thinks about acquiring, deploying, consuming and managing technology. Today that remote cloud is becoming ubiquitous, expanding to the "edge" with connections to on-premises, data centers and other local points throughout the globe. One of the most talked about examples of this movement is AWS Outposts, which brings the Amazon experience to the edge wherever that may be. Welcome everyone to this CUBE conversation. My name is Dave Vellante. We're going to explore the ever expanding cloud and how two companies are delivering on customer needs to connect their data center operations to the cloud and the cloud to their on-prem infrastructure and applications. And with me are Joshua Burgin who's the General Manager of AWS Outposts and Michael Sotnick who's the VP at Global Alliances at Pure Storage. Gents, welcome come inside theCUBE. >> Right on. Well, thrilled to be here Dave. >> Great. >> Pleasure is mine, thank you. >> Awesome to have this conversation with you it's really our pleasure. So Joshua, let's start with Outpost. Maybe you could for the audience describe what it is maybe some of the use cases that you're seeing you're heard by narrative upfront maybe you can course correct anything I missed. >> Oh sure. I mean, I think you got it right on. AWS Outpost is a fully managed service that allows you to use AWS, API systems, tools, technology, hardware software innovation in your own data center or a colocation facility. And coming later this year as you put the edge in quotes at almost any edge site, as we announced the small form factor one you and two you Outposts at this last year's re-invent. >> I was excited when I saw Outpost a couple of years ago we were doing theCUBE at reinvent and I said, wow, this is truly going to be interesting. And I'm wondering like, how's Amazon, how are they going to partner? Where do some of the ecosystem get folks fit in? So Michael, you're an AWS Outpost ready partner. You know, what is that program all about? What does that mean for customers? >> Yeah, it's a great question. And you know, like you, Dave, I think we're as a vendor in technology we're inspired by what AWS has done. And when we look at Pure and see the opportunity we have you know, shared customer obsession, focused on outcomes, focused on NPS, great customer experience seeing AWS deliver the cloud to the edge, deliver the cloud to the data center that's just a great fit for us. So we rallied internally across our flash array of block storage solution a unified fast file and object flash plate solution and our container solution Portworx and, you know, across the entire portfolio we're the first to be in our segment the first to be service ready with AWS Outposts. And to us, it's an opportunity to link arms with AWS and cover some ground that's very familiar to us in the data center and clearly cover some ground that's very familiar to AWS in terms of great customer relationships across the board. >> Right, and, you know, I got to say, I've been a student of of Andy Jassy I always have listened to all his talks and go back and read the transcripts and Joshua I've learned that I never say never when it comes to AWS. And you see you guys moving into that, whatever you call it, the hybrid cloud, the on-premises really leaning in in a big way with Outposts and I wonder if you could talk about what's behind that expansion strategy? >> Sure, I mean, the way we looked at it obviously is always kind of working backwards from our customers. We have people tell us that they had some applications with low latency needs or where data resonancy or sovereignty was driven by regulations or in some cases where they needed to do local data processing something like an autonomous vehicle workload or in a factory or a healthcare facility. And they really wanted to say like, look, we're going to move all of our applications, you know the bulk of them to one of your regions in the fullness of time, but what's holding us back is that we want a consistent environment on-prem and in what you call the cloud. So we wanted a continuum of offerings from AWS to be able to serve all those needs. And that's really where Outpost came from. And, you know, we're seeing a lot of traction across financial services with companies like Morningstar and First Abu Dhabi bank, the iGaming space as you can imagine highly regulated industry, every city and, you know, municipality around the world wants to get in on that but they have their own regulations and they really require the infrastructure to be in a specific location and run a certain way. A company like TYPICA, which is based out of Europe they don't want to deliver different solutions depending on whether something's deployed in Minnesota or Germany or, you know, Vancouver. So that's where AWS Outpost comes in and it kind of fits that it works the same way as the things do in the region they can use the same tooling. >> Yeah, so Michael I'm going to ask you this question and maybe Joshua, you can chime in as well. I mean, you've got this, it's sort of a, win-win-win you know, Pure, AWS, you bringing that experience to on-premises, the customer gets that experience that Joshua just explained. I wonder if you could, I mean, you've been out now for a little bit testing the market learning here and there. What are the big takeaways in the learnings you're getting from customers? >> Yeah, I'll start and I'm sure Joshua can compliment quite a bit. And like Joshua hit on, right. You know, I think we take our cues from our customers, Dave, and you know what the customers are looking for, you know is a commercial relationship and so in addition to the technological inspiration we've got from AWS we offer the solution for Outposts and a Pure as a service model. So it's 100% subscription-based for the customer and they're able to consume it, you know the same way that they would all of their services from AWS including Outposts and it's also available on the AWS marketplace. So you've got to meet the customer where they want to be met first and foremost and so they appreciate that. And they see that as a great value in the relationship. You know, the growth of object, you know, I think is another one of those macro trends that's happening in our space. And as customers are deploying locations that are putting out petabytes of object storage requirements there's an increasing need for high-performance object. And that's where we can really compliment an Outpost implementation and deliver high performance and that kind of ubiquitous experience, that hybrid experience to allow the customer on a policy based way to maximize that on-prem performance with Outpost and Pure around that object data set. And then also manage the life cycle of that data and the economics of that data in the cloud. >> So, but Joshua, so you guys obviously you invented that, you know, the modern subscription model for infrastructure but it's different, you're actually installing hardware. So you had to sort of rethink how you did that. What have you learned and how has that model... How do you get it substantially similar as possible to the public cloud? >> Yeah, I mean, I think you called it a win-win-win earlier. And as much as we like to innovate we also like to make things feel kind of comfortable and familiar to people 'cause you think about there's both the developer who's using the APIs and the tools and also the CFO and the people in finance or procurement who are looking at the spending. So with Outposts, it actually feels very similar to the region. If you're used to purchasing our compute savings plans or what people used to call reserved instances or RIs the underlying infrastructure on the Outpost works in a very similar way. You're not going to be deploying a multi-rack Outpost and then ripping it out three weeks later so on demand doesn't really make sense there. But for all the services that are deployed on top of Outposts whether it's application load balancer or elastic cash or Elastic MapReduce, those have the same kind of on demand service model, the pricing model that they do in the region. And so very similarly, the Outpost ready program which lets you use trusted and certified third-party solutions, such as ones from Pure those are also going to feel familiar, whether you're coming from the on-prem world and you're already that technology for your storage, your network monitoring, your security or if you're using that solution from the marketplace in the AWS region, it's going to be a totally seamless deploy on the Outpost. So you're going to get something that's kind of the best of both worlds, familiar to you economically and from an installation perspective but also removing all that undifferentiated heavy lifting of having to patch and manage firmware upgrades and you asked this earlier, what customers really want is that there's this whole world of innovation, things that haven't even been invented yet. A few years ago, we hadn't invented Outposts. People want to know that as those innovations get released to the market they can take advantage of them without having to redeploy and so that's what having an AWS Outpost means. That as third parties or Amazon innovates new services can be made available without shipping a DVD or kind of spinning up an entire staff to manage that. >> Yeah, it's kind of interesting watching this equilibrium you know, take place. And I think it's going to continue to evolve. Obviously AWS has a huge impact on how people think about price, as I said upfront. And it seems like, you know, culturally, Michael, there's a fit. I mean, you guys have always sort of been into that you know, your evergreen model, for the first one that subscription sort of mindset. So it's sort of natural for you whereas, you know, maybe a a legacy company might not (chuckles) be able to lean in as hard as you guys are. Maybe some quick thoughts on that. >> Yeah, look, I love the way you framed that up and couldn't agree more. I think AWS is famous for a lot of things some of the values that they embrace and putting the customer at the center of everything they do couldn't be more shared, you know, with Pure. I think, you know, we talk about our company as one that runs two fires right, to give the customer a great experience. And so we know our way around the data center and I think the opportunity to give that customer, you know a consistent experience with AWS as they deliver Outpost to the data center is a really powerful combination. You know, I think one thing, just look at the backdrop of the pandemic, Dave, you know, every part of a company's organization is going through significant change. And I think the data center is absolutely at the center of some of those changes. And I think every one now as they look at the next generation data center they're asking themselves what are containers what does Kubernetes mean to my business? And I think the opportunity that, you know we see jointly with EKS as a partner is really to help customers achieve that goal of, you know the application deployments anywhere and the ability to drive that application, you know modernize that next generation application cycle. So I love the way you framed it up, giving us credit for being highly differentiated from our legacy competitors and we take great pride in that and really want to give a cloud-like experience to our customers. And I think what we're able to do with AWS Outpost is kind of bring that cloud-like experience that they have come to love from AWS into the data center and at the same time shine a light on what we've always done in terms of a cloud-like experience for the Pure customer. >> There's a lot of ways to skin a cat but when you've invented the cloud and you don't have a lot of legacy baggage you can kind of move faster. And I think that, you know, we're really excited about what's occurring here because take the term digital transformation I mean, before the pandemic (groaning) it's like, yeah okay, it had some meaning but you really had to squint through it and a lot of people were complacent about it. Well, we know what digital means now if you're not a digital business, you're out of business. And so it was kind of this forced march to digital I call it and as a result it really increases the need for things like automation and that cloud experience on-prem because I don't have time to be provisioning LUNs anymore. It's just what you guys call it undifferentiated heavy lifting that is really a no-no these days I just absolutely can't afford it. Let's close on what's next. I mean, we've got new form factors coming we're like super excited about when we see things like what Amazon is doing with custom Silicon we see these innovations coming out with processing power going through the roof. Everybody says Moore's law is dead but processing power is increasing faster than it ever has when you combine all these innovations of GPU's and NPUs and accelerators, it's just, it's amazing. And the costs are coming down so you're going to be able to take advantage of that. Outpost will take advantage of that, Pure will, New Designs but specifically as it relates to Outpost, you got one you, you got two you, you coming optimizing for the edge what do customers need to know about these solutions? Why should they consider this combination of Pure and AWS? Maybe Joshua you can start and Michael you can bring us home. >> Yeah, I mean, you hit a lot of the reasons that people should consider it, right. The pace of innovation is not going to slow down here at AWS or of course, with Pure. Whether you have the need for a single server, or you're somebody like dish rolling out a new cloud enabled, you know cloud native 5G network you want to work with somebody who can deploy all the way at the Telco edge right, with hardware innovation up to a local zone all the way up to a region. You don't want to be working with different providers for that and you don't know what you're going to need in three or five years and frankly, I'm not sure that we know everything yet either but we're going to continue to listen to our customers and as you mentioned, deliver things like graviton and inferential and trainium which are our innovations in custom Silicon. Those are delivering 40% price performance improvements for people who are migrating, that's really an enormous benefit. And we're bringing all of those to the Outpost as well so you don't have to choose between moving to the cloud and that being your only modernization option, you can move to the cloud and at the same time still operate on-prem, you know, at a colo facility or all the way at the edge using all of the same tooling. And you can work with best-in-breed third-party technologies like what's offered by Pure. >> Well, and Michael, I'm going to cut you off before you get a chance to close, but I'll let you close. The Portworx acquisition was really interesting to us because it brings that kind of portability, new programming model and something that Joshua said struck in my mind is when I think about the edge word to me what's going to win the edge you know, obviously the flexibility, the agility but the programmability and the customization. So many different use cases. We're not just going to take general purpose boxes and throw them over the fence and say, here you go. You know, the general purpose, that's not what's going to win the edge it's really going to take a lot more thought than that. But, so I just wanted to put that in there. Michael, bring us home, please. (laughing) >> Right on. Well, look you two, and no surprise here right, you two covered so much great ground there. From first principles you know, what does Pure look at? Like what we did being first in terms of service ready across Portworx, for EKS, for flash plate across unified fast file on object and flash ray, you know for block storage, being first with Outposts we want to be first for the one you and to you solutions. So I think customers can expect, you know that our partnership is going to continue to deliver that cloud-like experience, that cloud experience in the AWS context, that cloud-like experience in the Pure context, you know for their on-prem and hybrid workloads. And I think you hit it up so well like if you're not digital business, you're not in business. And so I think one thing that everyone learned over the last year is exactly that. The other thing they learned is they don't know what they don't know. And so they need to make bets on partners that are modern that are delivering simple solutions that solve complex problems that are automated and that are being delivered with the customer first mindset. And I think in the combination of AWS, Outposts and Pure, we're doing exactly that. >> Great point, so a lot of unknowns out there. Hey guys, congratulations on the progress you've made. It's a great partnership, two super innovative companies and really pleasure to have you in theCUBE. Thank you for coming on. >> Thanks for having us. >> Yeah, always a pleasure. Thank you so much. >> All right, thank you for watching everybody. This is Dave Vellante. We'll see you next time. (digital music)

>> (narrator) From around the globe. It's theCUBE. With digital coverage of AWS re:Invent 2020. Sponsored by Intel, AWS and our community partners. >> Welcome to theCUBE virtual. Our coverage of AWS re:Invent 2020 continues. I'm Lisa Martin. Got a couple of guests joining me next. Wendy Moore the VP of product marketing from Trend Micro is here and Geva Solomonovich Global Alliances CTO from Snyk. Wendy and Geva, It's great to have you both on the program today. >> Thanks for having us. Great to be here. >> Hi, thanks for having us. >> Last year we were probably all crammed in Vegas together. Here we are virtually but it's great that we're still able to connect. So lot has gone on since we were all at re:Invent in Vegas last year. Wendy, let's start with you from a security perspective there's been a growth in open source vulnerabilities that have impacted enterprises globally. Talk to me about what you're seeing there. What's going on? >> Yeah. Well. I think everybody in this audience recognizes the rapid shift to the use of open source in development teams. And what we've seen alongside that is a rapid increase in the number of vulnerabilities that are showing up in open source software. So that means that vulnerabilities that can be exploited and cause damage to your company's application, reputation and your customers, are on the increase out there. >> And a number that you sent over was two and a half X growth in open source vulnerabilities in the last year. Has that number gone up during the pandemic? >> So I'm not sure if the vulnerabilities have gone up during the pandemic, but we've definitely seen an increase in exploitation of vulnerabilities. There's so much in the news about ransomware incidents in healthcare targeting pharmaceutical organizations, and most of those are taking advantage of vulnerabilities. Not necessarily in open source, but some of it is definitely happening in open source. >> Now we've been talking about the rise in ransomware for awhile, and it's all... The numbers and types of companies and healthcare organizations like is it schools, governments, for example lot of vulnerabilities being exploited that's for sure. >> So Geva let's go over to you. Talk about from Synk's perspective. The impact on businesses and how can you guys help. >> And then I'll put in a few insights there. on the open source risk. Wendy talked about it as well. Why is it growing? One of course is open source tuition usage is growing. So of course it bulges, the amounts of vulnerabilities is growing and the amount of exploits. But when you look at it from a hacker's perspective, attacking is an ROI based activity. Hackers want to spend their hacking hours where they're more likely to get our reward, be able to get that ransom or steal the data or do whatever they can. And open source actually makes it much easier for them than a lot of these other alternatives. One, the source is open. So just finding a vulnerability is much easier than trying to find the vulnerability in proprietary code. Two, there's like a market for these exploits and companies even like need for chapter. One of the byproducts of that is you can just go and feel the vulnerabilities out there and pick the ones that you want to try to exploit. But three, which is really the most critical piece is that if you do find the juicy vulnerability in a very popular open source package, the amount of companies you can attack is not one, is thousands or tens of thousands because that's precisely what makes the popular open source packages popular. It's being used broadly and so if you spend this effort to develop an exploit and then you can send it like there just across the world to 10 thousands of companies you're more likely to be successful. And that's what's driving a lot of the hacker attention into the open source vulnerabilities and that's why the growing. >> So it's a low cost high reward for those hackers. Wendy what are some of the ways that organizations can protect themselves from this? >> Well, one of the best ways to protect themselves against exploitation of vulnerabilities and against vulnerability showing up in their code is to actually analyze their code and scan it looking for vulnerabilities. And the best possible place to do that is actually in the code repository. So before code is ever packaged up and deployed it actually gets caught really early. So it's all about shifting security left. But some of the challenges with that is that you know the code repository, Tory and the code and open source has largely been the domain of DevOps and the developers and security who is tasked with managing the risk of the organization has little to know visibility into what vulnerabilities might exist. So something that's a growing part of an enterprise risk profile the security team doesn't really see. And that's a big gap for most organizations. >> So in terms of that visibility being essential, sounds like maybe even a cultural gap there. Geva what are your recommendations? We, you know, we talk about SecOps, we talk about DevOps. Is the solution DevSecOps or SecDevOps? >> I mean, all these partners are definitely helping there but you kind of need to break it down and understand what their problems, which is what Wendy was articulating. Why you have these traditional security teams have all their traditional tools. They look at mostly and let's call it the IC type security. Then you have this entire new category of risk which is lets say open source risk, but it's just inside the code repository inside a GitHub repo or somewhere, or they completely have no visibility into. And what that causes is one has to have a conversation with the developers who are those who are convenient to pick those vulnerabilities, remove them from the code. And, but to also, just from the mind ensuring that in our location it's hard for you to protect something that you don't have visibility into which causes opensource security to be possibly under provisioned in your entire a security fence. As you're looking at the security risk. And as we are talking about solution, so one of the movements we've seen with DevOps, where you know engineering team and IT teams have come together to have a shared ownership of the results of deploying these applications. In production now you expand out into DevSecOps. It's okay to actually make this work. We need to have a shared responsibility model where both developers step up to take some ownership and the traditional security each step up to understand what the developers are doing, build tools to make it easier for them. And ultimately I think Wendy nailed it on the head. She said the best way to protect yourself is actually to remove the vulnerable line of code from your application, not wait for it to be deployed and try to put some blocks in there. >> All right. So Wendy how are Trend Micro and Snyk working together to resolve that challenge that you guys just described? >> Yeah, we'll Trend Micro and Snyk have been working together for over a year now. And we came out with an initial offering and now we're coming out with a new offering that is really focused on basically delivering that code scanning ability right in the code repository. And through Trend Micro's Cloud One platform, we are delivering this as a service to the security operations team so that they get visibility of anything that Snyk finds in the code repository. And they can take action from there. So Trend Micro's Cloud One security services platform basically equips cloud builders with a whole bunch of different types of technologies to satisfy their different infrastructure requirements. So we've got things like workload security application security, network security, a number of different take types of security tools. And this just brings another security tool to the security operations team and the DevOps team so that they can basically extend their visibility and their security controls back to the code repository. >> Geva what are some of the impacts that you're seeing. So for obviously besides wanting to find those vulnerabilities faster as when you talk about shifting left. Give me some examples of some customers that you were working with maybe in the first iteration and what the impact has been. >> The impact is the... what, sorry, can you repeat the question? >> Yeah. Impact of your technologies together? You said that there's a new offering coming up but talk to me about some of the impact that these customers are making. >> Yeah. Okay. Sorry. Thank you for repeating the question. And so this joint product is very cunning from a multiple perspective. So one, it's going to be delivered inside the Cloud One platform, which Wendy just talked about. You asked before what is the impact of COVID? And one of the big impacts has been on the financial stress. Every company in every, every vendor is having. And so just the ease of managing less vendors and less tools and less places to procurement is of high value for every organization Just in terms of efficiency of operations. And just being able to acquire this new product on an existing platform where there are already consuming security tools. That by itself is amazing value. And number two, we're taking again... We're taking a technology which is a cloud native, it's a modern technology. And that's typically has been outside of the purview of a traditional security team and making it accessible to them in a place where it's easy for them to try out and they can, you know, start small and grow from there. They don't have to make a big commitment to get going. And more importantly, it's giving them visibility into this important technology that they didn't have before. >> So Wendy this is all intended at bridging that gap? I'm just curious, like if we take a peek inside, what this enables SecOps to do what it enables DevOps to do. What were some of the feedback that you're hearing from customers about those teams coming together and actually being able to work very collaboratively with that shift left actually being able to be done? >> Yeah. I mean, you know, if you talk to... There's some organizations who do this really well. They're very mature and their security operations teams and their DevOps teams work very closely together collaboratively, excuse me. And they also understand each other's needs. So they're able to insert tools into the security pipeline that don't slow DevOps down but also meet the needs of the security team. Whereas we see some other organizations where Dev is at one side of the pipeline and you've got security at the other and they don't tend to converse or meet. And those are the organizations where there tends to be more challenges. So the idea with this new solution is it's going to give the security team visibility of basically the scale and scope of their open source situation. So that they've actually got some data to go have conversations with the DevOps teams and start going in that direction of making those teams work more seamlessly together. I mean, you used the term DevSecOps before, some organizations that's a very real situation. Others still have a long way to go. And we think this is a great first step to bring those teams together. >> Fostering long-term friendships I'm sure. Just talk to me about the go to market, Wendy. How are you guys going to market together? Trend Micro and Snyk selling direct channel? What is it like? >> So this is actually going to be a Trend Micro Cloud One offering. So we jointly developed it with Snyk but it's going to be Trend Micro who is selling it. And we go to market a number of different ways. AWS marketplace is a big channel to market for us And this will be available for purchase there. When it becomes available in January. And also, we also work very closely with channel partners as well who also participate in AWS marketplace. >> So what are some of the things that you're expecting to customers to be able to take advantage of around the time of re:Invent and into early 2021? >> Yeah. I really encourage customers to visit our page on the AWS re:Invent platform. We're going to have all kinds of exciting demos there. You can go learn more about this new offering that we're delivering jointly developed with Snyk. And you can also ask about how you can sign up for early access to this new offering. So highly encourage you to go check that out. >> Excellent, early access is always nice to be a beta tester and really get that symbiotic relationship. >> Geva last question for you is as the Global Alliances CTO I imagine your customer conversations in the last year have changed dramatically. Talk to me about some of the things that you really think like in terms of like exposing vulnerabilities. Let's talk about exposing opportunities that that Snyk is helping organizations do so that they can not just keep the lights on during this very unprecedented time but actually be winners of tomorrow. >> Yeah, I think again at the heart of the DevOps movement and why it's been successful it's reducing that feedback loop between writing some codes, getting it to production in the hands of customers, getting the feedback from them and rinse and repeat and starting that loop. And those who have it, the faster you can get to market faster and can deliver value faster ultimately are the winners. Now, one of the things we've seen with the COVID is a lot of the this outbound activity has been going down. People have been going less to events and need to look more internally and how you can become better as an organization. And you've actually seen an increase in the investment of a digital transformation and cloud journeys and stuff like that. And one of the... One of kind of the traditional inhibitors that's going fast and all in into the cloud is the loss of control of the traditional security teams on the application development. Where now people can, you know... deploy hundreds of times every application to the cloud a day. And what we've seen is that they come to Snyk or to companies like ours, so we can secure those new modern development life cycles and give the security feedback to the developers as they're building the applications and give the security teams the visibility into those pipelines and application domain. So they have a sense that they're not losing all the control they used to have. They're still getting visibility into those application development and actually allowing their organizations to go faster because of it they can sign up to and be doing the technologies and actually increase the speed of going to the cloud. >> Yeah and that's critical because as we, you mentioned as we've been talking about for months now that the acceleration of cloud adoption, the speed of digital transformation it's one of those things that's challenging to do. You've got to have visibility. Period. In order to facilitate that. And if it's another thing that you kind of were describing Geva as that visibility provides that sense of control or trust, and that's also huge for not just a business to catch vulnerabilities but for teams the DevOps teams, the SecOps teams to be working together in a highly collaborative way. Do you agree Wendy? >> Absolutely. And the beautiful thing is this sets that up This tool. So it allows them to work together very collaboratively but it also sets up that visibility. So that down the road there could be even further automation into that process. Because you know, the whole purpose of DevOps is to take the people out of it. Right. So, but in order... You need to set up those processes to begin with. So this is a first step in terms of setting up that automation and visibility amongst those two teams. >> Excellent. And can you say one more time Wendy where prospective customers can go to learn more and become a early adopter? >> Yeah, absolutely. So visit our Trend Micro page at the AWS reinvent platform. And there you'll be able to learn much more about the offering and also learn how you can access the early adopter program. >> Excellent. You guys thank you so much for joining me on the program today. Sharing what Trend Micro and Snyk are doing together and how you're helping organizations cross-functionally be successful. We appreciate your time. >> Thank you, Lisa. Appreciate it. >> Thank you so much. >> My pleasure. For my guests, I'm Lisa Martin and you're watching theCUBE virtual. (upbeat music)

>> Narrator: From around the globe it's theCUBE with digital coverage of Dell Technologies World. Digital experience brought to you by Dell Technologies. >> Welcome back everybody. Jeff Frick here with theCUBE. Welcome back to our ongoing coverage of Dell Technology World. We've been covering Dell Tech World since it started really. It used to just be Dell World and there was EMC World after the merger and this is the all virtual version but we're excited to be here and we've got a great panel coming up. I think you're going to enjoy it. Our first guest is Rajesh Janey. He is the Senior Vice President of Global Alliances for APJ for Dell Technologies. Rajesh, where are you coming in from today? >> I'm speaking to you from Gurgaon, India. >> Awesome. It's the power of the virtual, right? It's not all bad that we don't have to get on planes all the time. >> Absolutely. >> And joining him is Utpal Bakshi. He is the Vice President and Global Vertical Head High Tech for Wipro. Utpal, good to see you. >> Nice to see you. >> And where are you calling us in from? >> I'm from Dallas, Texas. Actually suburb outside of Dallas called South Lake. >> Oh, excellent. Great to see you and again didn't have to get on a plane to do this so not all bad. And also joining us is Satish Yadavalli. He is the Vice President and Global Practice Head, Cloud and Infrastructure Services for Wipro. Satish, where are you joining us from? >> Hi, I'm joining from Bangalore, India. >> Excellent. Welcome. So gentlemen let's just jump into it. Wipro's a huge services firm, does a lot of work with Dell so I wonder Rajesh if you can talk really about the importance of partnerships and the importance of having somebody like Wipro within the Dell ecosystem. >> Absolutely. Thank you for having us on with Wipro. Wipro and we have had a partnership which is over two decades old and we have a multifaceted 360 degree kind of relationship with Wipro. Wipro is a platinum partner and what's more while we bring a lot of technology and products and the depth of product which are relevant to customer's transformation scenarios today, coupled with Wipro's consulting and services and design abilities this becomes an unbeatable power house so to say whereby we can work closely with a customer to help them transform and live in what we are calling the next normal. >> Yeah that's great. Utpal to you there's a lot of interesting trends going on. We've had cloud and big data been going on for a lot but really the talk in social media is what's driving your digital transformation, the CEO, the CIO or COVID and we all know what the answer is. So we've got a lot of new stuff in terms of digital transformation, working from anywhere, workforce transformation. Wonder if you can speak a little bit about how COVID has accelerated some of the priorities that your customers are trying to get done. >> Yeah. I think that's a great point. Wipro has been transforming over the last several years. We were a strong, large scale system integration partner, large IT organization but over the last several years we pivoted hard into the digital transformation world moving into the design side, leading the design, moving to cloud and helping our clients help make that journey and all of that got accelerated with the whole COVID situation. The work from home became all pervasive and the whole virtualization of the workforce really pivoted with some of our key transformational ideas around live workspace and the virtual desk which we've been working very closely with Dell have taken shape. So that has been a big part of our ongoing strategy. Doing the modernization off the network has also accelerated the customer networks and infrastructure was not necessarily set up for enabling these hybrid work environment. A lot of our clients are coming back and saying they want to modernize and actually accelerate. So that has all changed with COVID. Some of it is very positive actually for the business. >> Right. >> From an SI perspective. >> Satish, you've got cloud and infrastructure in your title. Public cloud really changed the game when Amazon kind of came on the scene and now we're seeing this evolution and change over time between a public cloud and hybrid cloud and multi cloud and cloud on cloud. I wonder if you could speak to and then even have an AWS inside of other people's clouds. They're trying to get it out there. The evolution of cloud both as a technology but really more as a way of thinking in terms of rapid deployment of new functionality to support the business and what you're seeing with your customers today. >> So let me share a perspective, right? Enterprises today are looking at options to extract greater value from hybrid cloud investment. It's a brownfield environment today where customers have their existing data centers but the hyperscalers have really come into play now and right cloud is the strategy which most of our customers embrace to address the market demands which are primarily focused on business outcomes today. As Wipro we have invested in developing a holistic extensible platform led approach called Wipro BoundaryLess Enterprise to drive business outcomes to customers. So the BLE construct is all about providing a ready to use plug-and-play platforms making IT easily consumable from multiple stakeholder personas be it admins, be it line of businesses, developers and partners. So basically we have built a holistic solution and our BLE solutions has majorly five building blocks. The first building block would be the BoundaryLess Data Center. The second is the BoundaryLess Container Platform. The third is the BoundaryLess Data Protection Platform. The fourth is the BoundaryLess Cloud Exchange where we get together all the internet connections and define the software defined network part to give access to the workloads across hybrid environments and the BoundaryLess Integration Platform which we call it as BLIP. Basically this is what we have put together to deliver an outcome to the customers powered by BLE. >> So BLE again, you call it the BoundaryLess Enterprise. What's the most important components of BLE? What are the things that most people are missing to actually implement the strategy? >> So if I actually build on you, right? The five building blocks let me elaborate in detail. The first is on the BoundaryLess Data Center. This enables our clients to deliver an infrastructure as a service across data centers and public clouds and enables customers to seamlessly move workloads from Edge to Cloud and manage them in a consistent and efficient model. That's the first building block of our BLE. The second important building block is container, right? We all know today container orchestration is key across hybrid cloud and with micro services and architectures becoming more prominent we see huge search for managing various Kubernetes enrollments with our clients. So our BLCP platform leverages solutions like VMware Tanzu, which is again a Dell company to enable clients manage the multicloud Kubernetes enrollments through a single pane of glass and provide seamless migration and movement of workloads across cloud environments. That's going to be the key in the future with microservices being dominant and every enterprise embracing microservices architectures this becomes very important building block in our overall solution. The third important stuff is BoundaryLess Data Protection. Now that data is all cross in hybrid cloud environment and application actually consume this data it is important to protect the data which is intellectual property and very critical to every business. So with the BLDP platform we ensure that we deliver availability, solidarity, security and reliability of cloud adoption increasingly and rapidly across multicloud platforms. So our solution leverages the DTC of Dell and other existing Dell storages and data production solutions to offer seamless and right cost models which will be very critical for any cloud transformation and schedules as we move forward. The fourth point which I was talking about is BLCE. This is basically a cloud exchange where in a hybrid cloud environment you need to establish connectivities across PaaS and SaaS platforms as well as on-premise networks to provide seamless access to data and the workloads which are in multicloud scenarios. So that's about BLCE. With respect to BLIP it is an integration platform. Today we are in a software defined world and when I talk about providing a single pane of glass solution it is important for us to have an integration platform where I can bring all EPIs together and do northbound and southbound integrations with the architectures of clients and the cloud providers to spin off workloads, to commission, decommission and provide a seamless consumption experience to clients across multiple hyperscalers and on-premise infrastructure. >> Thank you for that summary. I think you hit on all the big trends. I want to go back to you Rajesh 'cause you said that this is a really unique time. You've been in the business for a very long time. You've seen a lot of other transformations and you've seen a lot of big trends. Why is this one different? What makes where we are today such a unique point in time in this IT industry journey? >> Excellent. I think I would say we are in a period of what is called an enforced innovation. While most of the time transformation in IT has been very, very sequential or continuous I think we are seeing an order of shift in the transformation and this whole situation is forcing everyone to accelerate the pace of innovation and transformation. There are two key priorities for every organization in this time. One, build resilient operations and second employee safety. These two parameters have forced the organization to look at their businesses differently, look at their IT infrastructure differently and created a sort of opportunity you can say which is ripe for Wipro's BoundaryLess Enterprise because there are no boundaries. People are working from home. They're no longer in an office confined or boundary. So that's smart. Coming back we are seeing an accelerated innovation. That means our partnership to deliver customer transformation at scale becomes all the more important. Bringing all the good technologies of Dell on one side and combining it Wipro's size, scale and services help us lead in the marketplace for customer transformation. And what's more, we are adding our Dell financial services solutions as Dell Tech on demand to enable all this to be consumed as a service and with flexible payment options which Wipro helps us translate it to customer offerings. >> That's great. Utpal, I want to go to you and get your perspective on how customers, in terms of this boundaryless, how things have changed since March 15th which at least here in the US, I don't know if in India it was on the same date when everything basically got shut down. So it was this light switch moment. Everybody worked from home, no planning, no thought like ready, set, go to now we're six, seven, eight months into this thing and clearly we're it's a marathon not a sprint and even if we go back to some semblance of what was the old normal the new normal is going to be different and everyone is not going to go back to work full time like they did before. So how, from a customer perspective, from a technology implementation perspective and from an initiative and getting this stuff done how has that changed pre-COVID then oh my goodness, it's the light switch moment and now it's, hey, we're in this for the long term. >> Yeah. I think Rajesh did hit upon that a little bit. This is truly that moment where it was a forced innovation. Some of it was happening anyways and it was bound to happen but I think the COVID kind of accelerated all of it. What has impacted is it all started with, okay, how do we enable work from home? And that is when the whole BoundaryLess infrastructure, the virtual desk solutions and all of that started getting impact. I think after that most companies have realized that this is not a short term fix. It is a longterm it's going to be here for staying so they wanted to have a longterm fix so they wanted to come in with innovation but at the same time from a business perspective they've had impact in business so they wanted very creative business models for them to get set with the technology innovation quicker but they didn't want to do it in a traditional way of paying it all upfront and moving it to that. So that is where the creativity in terms of joint innovation which we did with Dell, in flexible payment options, bringing in some kind of an asset lease model and things like that have gained traction. A lot more conversations are around we want to transform help us find a way to make the transformation sooner with maybe less investment upfront and find a way to fund this from the future savings we'll get so that we can be ready for the future without necessarily impacting the bottom line today. All of that has changed, I would say in summary, has accelerated the adoption and the rate of change but it has also led to all of us thinking some creative business models and new approaches to doing business. >> Right, right. Satish back to you. What are the big conflicts that always exist? There's innovation versus security, right? And enabling innovation and giving people more power, more tools, more data to do things at the same time now your tax surface has increased you don't necessarily have everybody locked down on their home infrastructure and they were forced into this. When people are talking about digital transformation, how do they continue to drive forward and how are you helping them on innovation and enabling innovation at the same time as you talked about keeping the data protected and really thinking about business resiliency and continuity in this to increase the tax surface not only because of mobile, but now with the working from home thing? It's increased exponentially. >> Yeah. So I would just take an example of how Wipro handled this pandemic when it hit us and what solutions we get. So let me just give you a perspective. As we all know the current pandemic has disrupted many industries and we were no exception. Basically COVID has brought to the forefront many crucial factors in terms of business continuity process, the quality of employee experience and the automation connected with the employees. So while we enable our employees to connect, collaborate, and communicate with ease from anywhere from any device in a secure way with a consistent user experience powered by Wipro LiVE Workspace platform which actually takes care of delivering a seamless onboarding of user via the Wipro LiVE Workspace platform and consume all the services the way they used to traditionally consume when they were working from office? So this is something which is the power of Wipro LiVe Workspace platform we have implemented to deliver a seamless employee experience access to the workspaces. That's one but also there are some learnings. When we implemented the solutions on the flip side as businesses we must also acknowledge and be cognizant of the fact that employees are trying hard to juggle between frequent interruptions at home and notifications from various applications we receive both on corporate and personal devices. Basically in a nut shell it is difficult to have the culture of corporate to be working from home. Basically that's another big learning. While all of us are adjusting to this new normal we are in constant touch with our employees and trying to improve the overall employee connect and experience. From a solution perspective let me just give you what we actually did. We have close to 175,000 employees across the globe. Suddenly started working from home post lockdown. What does this mean? The traffic pattern suddenly changed the directions which were traditionally moving on a East to West direction started moving North to South. Basically this means a 100% of the workforce in a corporate started coming from the internet to access the corporate infrastructure and then gain access to the customer network. So basically we had to quickly swing in with our solutions and got our engineering teams to re engineer and tweet the infrastructure and security architecture to this new normal. By leveraging our Wipro BLE and video architectures which is powered by Dell VxRail, NSX we were able to spin off and build capacity on on-prem as well as on cloud in less than 24 hours post one got approvals from the client. Lastly we also deployed a back to work IoT solution which helped our employees to get back to work safely. Basically the solution offers various security parameters. Apart from traditional COVID updates it also helps in scanning the employees' temperatures, employee movement within the office premises, bundled with video analytics and enables secure touch less access to the ODCs for employees who are coming back to work. So we are putting all these solutions together and we pretty much seamlessly were able to navigate from the pandemic situation and get our business back to operations in a matter of days. >> 175,000 People. It's really interesting to think about how that network traffic completely changed from inside the firewalls to everything coming from the outside. It's a lot of people to get working from home right away so congratulations on that. As we come to a close Rajesh, I want to come back to you and talk about again, partnership in the age of this rapid acceleration of technology adoption, new technology move. We talked about the work from home. We've talked about cloud. We haven't talked very much about there's this other big thing that's coming down the pike which is 5G and IoT and kind of this entirely new scale of communication that's machine to machine, not person to person and now these connected devices. The amount of traffic continues to go up into the right at an accelerating rate. Tell us a little bit about the meaningfulness of having a partnership like Wipro that you guys can build solutions around new cutting edge technologies and have that real close connection with the customer or with all the supporting services. >> We'd love to. And maybe first I'll give you a perspective on how our employee base started working from home. Some other statistics that they wanted to show maybe add on towards what Satish said. We transitioned 120,000 employees. Twice the normal to work from home within two weeks and every day we are running something like 20,000 meetings and 16 million zoom minutes per day. That's the kind of traffic IT has seen. >> 16 million zoom minutes per day? >> Zoom minutes per day. >> Wow. >> That's the kind of traffic and our VPN traffic user load just tripled. At software or IT we call Dell digital. It was just a smooth and seamless experience. Now coming back, you said rightly. While we have partnered so far to deliver to the solution which are here today and the customers needs which are here today, what are we going to do for the future needs especially ie 5G IoT? We believe as a corporation that Edge is going to be the next wave of innovation. And next way our customers will benefit. Therefore connectivity to Edge via 5G becomes critical. IoT devices and managing the traffic and contain it there itself rather than flowing it back to data center becomes critical. As an example Wipro and Dell technologies are using our hyper converge solutions along with VMware telco and software for a European telco to provide automation and AI to deliver rapid results for the customer. So these are just early parts of it. We are partnering with Wipro to build solutions around 5G as well as telecom related innovation that'll come into the picture. IoT Satish spoke about a simple example of employee attendance. Imagine this is a need which will only accelerate from every organization, multiply it with the automation and AI that needs to be built into machines and feeding all the data back to drive some intelligence and refine the processes, refine the business outcomes. So I think we are working together on many such things and what's important is in all this, when the universe just explodes to devices and millions of devices, security becomes a paramount feature and we are working with Wipro to build what is called an embedded security into each of the solutions that we are designing. Security cannot be an afterthought or a bolt on it's becoming an integral part of the overall solution as we move towards the Edge. >> Yeah, right. And I think as Satish talked about all the distractions and notifications there're a lot of great opportunities for applied AI too to help people know what to do next. It's hard to be context switching all the time, not only on your work, but also the spouses working from home, the kids are doing homeschooling. It's not an optimal environment at all. Gentlemen thank you for your time. Congratulations on your partnership and hope you have a fantastic Dell Tech World. Sorry we can't be in person but this is not too bad. >> Thank you. >> Jeff >> Thank you >> Thank you Utpal, thank you Satish for your partnership. >> All right. Thank you gentlemen. >> Thank you. >> Alright. Stay with us for continuing coverage of Dell Technologies World 2020. I'm Jeff Frick. Thanks for watching. (upbeat music)

(upbeat music) >> Introducer: Live, from San Francisco, celebrating 10 years of high tech coverage, it's theCUBE. Covering VMworld 2019. Brought to you by VM Ware, and it's ecosystem partners. Hello and welcome back to theCUBE's live coverage here in San Francisco, from VMworld 2019. I'm John Furrier with my co-host Dave Vellante. Dave, 10 years of theCUBE, covering VMworld. A lot's changed, a lot's happening, 10 more years. Two great guests here from Veeam. Carey Stanton is VP of Global Alliances and Ken Ringdahl who is the VP of Global Alliance Architecture. Both with Veeam. Love the green. >> Good to see you gents. >> Epic party last night. You guys are known for the legendary party. >> Yes. Andy Rammer? Did you? It was great. We had 2,500 people waving, shouting. Yeah it was great. >> So welcome back to theCUBE. So what's the news for you guys? You're always popping some news out. What's going on here for you guys at VMworld 2019? Top story. >> Top story for us I think is continuation of what we're doing with VMware on VMC and AWS, you know we continue to be the number one data protection workload on VSAN, working with them on their new marketplace as a design partner that they just launched this week as well, so I would say that we are always everything to VMware and then we just continue to ratch it up with continuing to grow out their ACF platform with VSAN and the new marketplace which is their VCPP, which is a big part of our business. >> And the cloud's certainly a big part of the equation for VMware this year. I mean you've seen the announce cloud native support, kubernetes on Vsphere, so they're starting to get their software mojo down on trying to build that next generation platform. You guys are kind of there with your solution. What's the big takeaway technically that's going on that customers should care about in your mind Ken? What do you think? >> Yeah, you know. Certainly this, is a big push towards Cloud I think. You know as Ratmir our co-founder would tell you, "hey, we track VMware." So when VMware started on print we would track along, they've now moved into the public cloud, and we're following along there, so whether it's VMC and AWS, the new relationships with Azure and Google, you know, goodness for us because we provide inherent support there. But you know some of the next generation things, a lot of news about project Pacific, and kubernetes, and next generation cloud native applications and, yeah we're here to support our customers, you know we're looking at all the new things that are there, we've done a lot of things recently about adopting object storage for cloud storage, etc. A lot of things we're doing from a product and technology perspective. >> So Pat Gelsinger, on theCUBE one time said, "If you don't ride the waves you're going to become driftwood." You guys have always been wave riders. When you see something like the project Pacific, what does that mean to you? How do you respond to that? Do you talk to customers? Do you sort of huddle internally and start designing? >> We do. We certainly take a lot of feedback, you know as we all know in tech, there's a lot of things that come and go, some of these things are great ideas, and at VM where you can look at vCloud Air right? You know, it was great momentum for a while and VMware made a very good pivot right? They understood that, we shouldn't compete in the space, we should partner in this space, and so we do the same thing, we look at when we're evaluating new technologies, kubernetes, etc., I mean I think at this point we know kubernetes is here to stay right? That's not a fad. It's very clear, the adoption is clear, so we're evaluating how we participate there. Our customers are largely, on-prem customers but moving to the cloud it's a real hybrid story, and so when we go in and implement our support and look at how we're going to integrate that, it's all about how we help our customers in that world. So when you see a new trend you say what, "We can protect that." Right? It's anything, everything needs to be protected. How do you think about protecting containers? Yeah so we look at it and say, hey look, the way that containers are delivered it's inside of a system regardless so, sometimes it's inside a VM, sometimes it's within a physical system. We can protect what support's there and we're looking at how can we help customers today. A lot of customers are moving their workloads. Similar to when server virtualization came up, it was a little bit of a lift in shift right, I'm going to take what was working on physical, move it to virtual. A lot of customers today are moving what they have in legacy apps and they're just putting 'em into containers just to get there, and then they're building new applications, they're moving in a more stateless fashion. We can support the customers today when they move to a stateful system. And we're evaluation how we support more the stateful longterm view of kubernetes. >> But Carey so you obviously know VMware very well. Yes sir. I've spent some time there. When you think about how the ecosystem's evolving, VMware now is a networking company, they're a storage company, obviously they compute, but they haven't sort of aimed the cannon at data protection, they've left that to the eco system. Your thoughts on how the ecosystem is evolving, your relationship with VMware, and the broader. >> Yeah I think it's not dissimilar to, if we just pick vSAN, storage, primary workload, they don't play in the secondary storage, and they allow their customers to work with reference architectures that we create to say which data protection partner would you like to have. We're fortunate to be number one, if you look at HBE, right, again, they have a lot of partners, we're number one with them, NetApp, Cisco and the like, so you know, VMware's not any dissimilar, so we're fortunate to have that Tier 1 relationship with them that they're looking to us as serving their customers. And then we also have a very close working relationship with them on the engineering side to ensure that we're always protecting their customers, and we have lots of other great meetings this week and lots of other things to be announced in the weeks ahead with working with them and their customers so we're very excited on what they're doing in that space and how we can solve their customers. >> That's interesting. None of the big platform players really have attacked ever, historically, back up, I mean I guess IBM kind of, but that's for different reasons. They'd probably say, "Okay, we've replicated, we're good." Why do you think that is? Is this cause it's so hard? You guys as an industry are that far ahead of the functionality? It's a tough business? >> Well I think it's.. It's big, it's a large business I think it is. It's a 6+ billion dollar town. I think that it's also a legacy. I mean if you look at where Veeam came in and we were disrupters when VMware was it and doing the virtualization, we were disrupting the legacy players without saying all the names what we did, and I believe that with the two decade plus world the data protection has been in, and the evolution, that it would take a lot of work on their part to want to come in and say that they're going to get into that space and try and have a solution that is as credible as Veeam is in the marketplace. So again we're fortunate, we stay very close with them and you know we continue to see them as one of our Tier 1 partners as well. >> Talk about the integration aspect because you're Tier 1, you guys are number 1 recommended with these guys, relationship's strong, integration's are key, for you guys and with VMware but also as customers, look at the Cloud 2.0 world, and you guys are following VMware with multi-Cloud, you guys can play everywhere. You're going to be integrating a lot, so that has to be a core competence for you guys. Can you just talk about, how you guys view your integration with VMware and then, from a customer standpoint, why is it important? >> I'll take the first crack and then pass it Ken, but if you look at two years ago with VMC on AWS when they made those announcements, we were a design partner in, and then they started to evolve that and doing those pilot, we're starting to see those pilots turn into large enterprises deployments. You hear Pat and Sanjay talking about the evolution that they're having and we're seeing the result of that, the customer's saying, "I need what was using on-pram." And that's moving to the Cloud and it just works, the Veeam slogan, it just works. So we're seeing a lot of those deployments for customers taking those enterprise solutions that they had on AWS and scaling them out, and we're going to continue to do that across all of, you know, what Ken was just talking about kubernetes, the Pacific project and others that were.. Again, we're at the table working with them, but I don't think that Veeam is going to stay away, we're only going to get closer as go into new technologies. >> You have to and the tech's getting better too. >> Yeah, what I'll say also is, Veeam, when you look at the data protection landscape we're a pure play ISV. That actually makes us pretty unique because all of our competitors either sell their software on a piece of hardware, or it's at least an option. We have no Veeam whitebox option that you'll see a Veeam label on it, and it really resonates with out partners. We're totally non-competitive, or non-overlapping with our partners and so, they welcome us with open arms as a result of that, and it really helps us drive in. But the integrations are critical and just to quickly make a comment about the last question about sort of the point solutions and why doesn't the big platform players. I'll give you two examples, two public Cloud examples: Azure and AWS, the two primary hyperscale Cloud vendors. They both have backup solutions, AWS has site recovery, sorry, Azure has site recovery, AWS come out with AWS backup. About a year ago they announced that at Reinvent. They need that for point solutions for customers that are looking for a checkbox. Customers, really that more the developer that just needs the base level protection. But they partner with folks like ourselves, for the broader support, for the hybrid support, because silicon angle right? I just read an article yesterday, or two days ago on silicon angle. It's a hybrid cloud world. You guys, talking all about it. That's where our strength is and that's why we have these partners coming to us. You know they build point solutions on their own, again for that checkbox, we're not checkbox, we're deep integrations, we're hybrid cloud, portability, flexibility, reliability. >> And that's smart of the cloud guys to do that because some people want end to end or compliance reasons they have to use the cloud's solution, or it's a requirement, but look at Cloud Trail, and data job's going public. You got New Relic. You got these companies that are winning in adding value with their products through leadership. Not necessarily. Amazon's got a solution out there but they're not really, going down that road. >> And John, and what I would say is also they see, the number of customers and the size of the petabytes that we're driving on the respective clouds, again back to Ken's point on AWS and Azure, I mean that business for us is growing 30 to 35%, month over month, and so they understand the number of customers, and they see that this is a hybrid play, the customers tiering off data to the cloud, but their primary workload is on-prem >> That will give you more EC2 cycles. I mean, crank up the EC2 baby. >> And they know that we're coming out with cloud native solutions as well so, I mean we're doing all the heavy RD investment, solving their customer problems, so again reason number 452 as to why they would want to go in and be disrupted to that? >> As you guys do these integrations, a lot of cloud action, you got VMC on AWS, Cloud Tier with AWS and Azure, you have a bunch of stuff going on with VMware solutions with Cloud Simple. As you work in this multi-cloud world, how are you changing your licensing and pricing models to adapt? Yeah a think Ratmir and Danny were on this week and talking about instances, so we're moving the portability of the license no longer, making the customer have to make a hard decision on the day of licensing with Veeam, is we're saying, hey, the license, it's an instance, it's on-prem, it's an instance in the cloud, you determine what's right for your business and move those licenses. So we were the first to really make that giant leap and we're going to continue to evolve that solution and make it even easier for them to do that, and then another thing that Veeam is there's no tax, we don't charge the customer any money if you want to move those data environments up into the public cloud, and again that's Veeam differentiating as it were, that customer company. We're always focused on what's right for the customer, from the product, right down to the licensing model. Yeah you're tag line is it just works. And I don't know it that's the tag line but that's what customers always say. >> It was for many years. And it's more than just a product, it's the business model. You guys have always been, pretty innovative in that regard. And especially with partners, you and I have talked about this in terms of how you make a transparent for the partner, for the sales reps. On the partner's side, to not care, whether it's they're selling on-prem or if it's a cloud solution. >> And it's been well received as you know we have global resell agreement with the Cisco's and HP's and NetApp's of the world and they're very appreciate to the way that we make it easy for them to sell to their customers and allow them to have that portability of the licenses. >> It's been great following you guys and your events, and getting to see you guys be successful, the product does the talking, and the customers are the references. I mean they vote with their wallets. You know and you guys are a Tier 1 partner. Congratulations. >> Yeah. Thank you very much. >> Final question for you, is the event successful in your mind for you guys? What do you think is happening here? What's the top story coming out of the event overall for the folks that didn't make it here? >> So, first and foremost, huge success, we're 100% back here next year trying to make it even bigger, and I would say that what's coming out of it is just the, the success that our customers show by coming to our booth and showing us that they're looking to keep with Veeam on the journey as they go with VMware. And Ken touches on kubernetes and look at all the new solutions, and so we have an overwhelming support to customers saying, "Hey, I've been with you for the last decade, I want to be with you on the journey." And so that's, we've hear that over and over again this week so very strong. >> Yeah, I think I'll second what Carey said and maybe I'll give you a broader picture. I mean if you look at what VMware's done over the last 12 to 15 months. Last year at VMworld they announced the Cloud Health acquisition, they acquired Security Company, Pivotal, you know they're really broading and they're seeing that hey look, it's not just about on-prem server virtualization, we need to have a very broad story. We need to be relevant in the public cloud, we need to provide some management and multi-cloud capabilities. We're doing the same, but I think VMware is clearly in a period of transition and figuring out.. You know I think VMC and AWS is a great step. You know having the CloudSimple relationship and virtustream for Azure, you know runnig VMware, and Azure, and Google, but I think you'll continue to see that evolve and I think they've put the breadcrumbs down so that as we go forward here in the coming months, weeks, and next year when we're here at VMworld, you'll see that continue. >> And it's certainly a great growth in terms of infrastructure's, code. You're starting to see the Enterprise Cloud start to stand up a little bit. Hybrid cloud's got visibility. It's not as easy as leaving stuff in the cloud, getting the enterprise to work, you guys know that first hand. And Congratulations. Thanks for coming on theCUBE. Thank you very much. Appreciate it >> VMworld 2019 CUBE coverage. Here live in San Francisco, I'm John Furrier, Dave Vellante. We'll be back with more after this short break. (upbeat music)

>> Live, from Las Vegas. It's theCUBE! Covering VMworld 2018. Brought to you by VMware and it's ecosystem partners. >> Hello, everyone, welcome back to theCUBE's live coverage, here in Las Vegas, for VMworld 2018, with Day Three of three days of wall-to-wall coverage, two sets. Our ninth year of covering VMworld, we're going to have like 96 interviews, a lot of content happening, lot of updates from the entrepreneurs, from the executives, and also the partnerships. In this segment we're going to be talking Cisco and Veeam. We got Stefan Renner who's the technical director of Global Alliances for Veeam, and Chris O'Brien, Technical Marketing Director at Cisco. Programmable networks, easy-to-use backup restore, disaster recovery, all those great stuff. >> You guys just get here from Omnia? (laughing) >> Welcome to theCUBE. >> It's a good party. >> Thank you. >> Thanks for havin' us. >> Do we look like that? (laughing) >> I feel like that. (laughing) >> You know, you guys have been very successful on the Veeam side. We had Peter McKay, the co-CEO on yesterday. Cisco has been very active and relevant in programmable DevOps, or DevNetOps, as it has been called in there. So the need to make things programmable and easy, are a nice combination. You guys have a partnership. How is the Cisco/Veeam partnership going, how did it start? Take a minute to explain, how it all came together, and what's the current situation of the partnership? Well, I think from a Cisco perspective, the partnership is going great, fantastic. They were Partner of the Year. What we're hearing from our customers is they want us to solve some of their problems around how do they scale and manage their data, right? I'm from the UCS Business Unit. We see an opportunity for us to bring UCS was built on programmability, right? We have the APIs, we have those capabilities. We started out with Veeam a few, I guess 18 months ago, maybe two years ago, really focusing on some solutions around our HyperPlex platform, and we released a number of validated designs. When we do these validated designs, it's not just Cisco doing the work. We're in the labs together, we're developing the solutions. >> With Veeam. >> With Veeam. All the engineering efforts, and then obviously, as you go through and you grow that solution, you really see an opportunity where you can enhance the solution. So things like automation, we want to bring that to the table, certainly, with our partner. >> And what's your contribution on this? Obviously, Veeam's role in the solution. Are you guys doing joint validations, or joint engineering? Talk about the integration piece with Cisco, why it's important. >> If you look back, maybe it's two years, right? I took on Veeam actually three years ago, three-and-a-half years ago, and when actually, we really started to kick off the thing with Cisco. So it's a bit more than two years, I would say it's three years, right? But in these days, a couple of years back, it's more about finding a right data protection platform, where we can host Veeam on. Meaning a backup server, right? And these days, it was more about back and recovery. Well, today we talk about hyper-availability. It's not only about backing up stuff or recovering stuff, it's about providing the whole platform, the whole orchestration layer for data availability. Back in these times, three years ago, it was about finding an s3260 or a c240 server of Cisco, which fits exactly the needs we need for Veeam to run on it, right? But over the last, now, 24 months, since Cisco really started HyperFlex and going into hyperconvergency, we partner with them to make sure we have the right data protection for this kind of solution. That's what you just talked about, talking about integrations. We really invested a lot of time and efforts on both fights, it's not only Veeam development, it's also trying to see Cisco develop, to integrate into HyperFlex, to make sure we can provide the right data protection for the customer needs are. >> So talk about the high availability, I just want to talk about that for a second, 'cause I think this really highlights one, the relationship, and the desire in the market for realtime data, whether it's for developers, or for applications, to integrate. High availability is about having data available and integrating into whatever that would be, whether it's a mishmash of application development, and routing across networks. This is a huge deal, this is not like a punchline. High availability used to be, oh, we have a data center where it's fault tolerant. There's a whole another new level that that's going to. Can you just talk what that means, because backing it up and making it available means something different now. >> Yeah. >> Talk about that. >> I do agree, because again, looking back, it was really about backing up and recovering stuff. If I look back couple of years, customers were looking for a solution, that are able to pull the VM out of the v-stream data center, make sure it's stored somewhere, and they can't get it back once it's deleted, right? >> Check. >> But now, if you look at Vmworld, right, we have it at Vmworld, it's all about automation, it's about APIs being true. I can integrate this data protection platform in my centralized management interfaces, making sure I have an orchestration layer on top of it, so it's not only about backing up and recovery anymore, it's about the whole stack from end-to-end, right? Getting data from A to Z, maybe get it offsite to an S3 storage for longterm retention. So, we really went from an on-premise, very small kind of solution stack to a big solution stack, going from a VM into the cloud, and overlaying that stuff. >> Stefan, I want you to comment on this, and of course I want to get your take as well. Talk about the time aspect of it, because you mentioned, okay, I can get it back, okay, got to get the data back. When you talk about making data available, the time series or the timeframe, is critical, in some cases, latency, nanoseconds, milliseconds. This is the new normal; you guys got to make that happen. Talk about that dynamic, are customers really doing that, obviously that want it, but what are some of the examples? >> No, they are, they are. In terms of speed, like in data protection and availability, if I talk about speed I really talk about SLAs, and the RTOs, and the RPOs, so how often do I backup, how often do I have a recovery point, that's what you just talked about, and how fast can I get a data application back once it's gone, or once it's deleted, or once it's discovered an issue in the data center. Again, over the last couple of years, that really involved because in the early days customers said, you know, I want to have that, but it's luxury, right, I don't want to pay for it, it's too expensive, I can't afford that. But looking in these days, and today, even at the conference, you talk to customers that say, I need it, it's critical, I cannot live a second without my data. So this kind of RTOs requirements, they really went down from, maybe a day, which was usual ten years back, to like five minutes, ten minutes, fifteen minutes, right now. That's maybe the maximum you can really afford as a customer, and that's where the integration part comes in, and all the stuff we do with Cisco, because with integration we can actually make sure that we can cover that, and get data back in ten minutes. >> So we're really talking about a whole new way of delivering infrastructure. If I go back to the early days of UCS and conversion infrastructure, yeah, we can support a thousand VMs, and they're like, how are you going to back a thousand VMs up? And they're like, uhhhhh, well, let's see, we're workin' on that. Today, you got your take in this platform approach, it's a fundamental part of cloud, developer, DevOps, and so I wonder if you can talk about, you know, when we were at Cisco Live, the DevNet area was one of the most exciting parts of the show. And if you think about traditional enterprise companies, really, not many, I think even one, has really done a good job with developers, it's Cisco. So where do developers play, is this a platform play, really, for cloud and hybrid infrastructure? I wonder if you can talk about that, the role of developers, and how you're approaching this mindset. >> Yeah, I think from our perspective, there's no downtime window, there's no scheduled windows of downtime, right? >> It's not allowed. >> We don't have that anymore. The way that we look at our infrastructure, we certainly want it to be robust, to address latencies, issues and concerns, and what we're doing with Veeam is really tweaking that infrastructure to make that data available when it's called on, so you can consume it as a developer, as a part of the DevOps team. All of our infrastructure, as you guys probably know, are all open systems, all policy-based models. So with these APIs being available, it allows developers to consume more, if they need to scale-out these infrastructures quickly, we can do it. We're certainly playing in the DevNet space, it's growing, we have our own separate conferences. >> The network becomes more and more important, every day, I mean, at a whole 'nother level. Talk about program ability, you got to be ready for anything Veeam wants to do with you, or whatever the customer wants with respect to high availability. >> Yeah. >> And as the definition changes, you got to be enabling that. >> Totally available if you can get to it through the network. (John laughing) And we certainly carry that all the way through the UCS fabric. >> Talk about Veeam strategy, because I think there's general perception that, oh, Veeam does backup for small- and medium-sized business, that's Veeam. And we had Peter McKay on yesterday, he said, "A third of our business is SMB, a third is commercial, a third is enterprise," number one. Number two is, you guys are getting into the orchestration and management for data availability. Can you talk about the extension of Veeam, in that regard? >> I want to actually grab on your number, because we talked about, oh, we got a thousand VMs, that needs to be backed up and recover. That was a couple of years back, Today, we talk more about ten thousand VMs. Customers actually here at the booth, I talked to customer that talked about ten thousand to twenty thousand VMs that needs to be available. Now I would call a customer that hosts ten thousand VMs no longer an SMB customer, right? That's more of the enterprise, and you're right, and I guess Peter McKay said the same. I didn't actually watch the video, so hopefully, I'm inline with him, but it's really he's, for sure, going into the enterprise, making sure the products actually fit the enterprise's needs. Talking about the orchestration piece, I mentioned before, Veeam Availability Orchestrator we recently announced and released, that's certainly a step into the enterprise market because an SMB customer, even a mid-range customer, they will not invest in an orchestration layer that provides the full capabilities of fade-over secondary data centers, and all that stuff. That's certainly an enterprise play, and that's also where the company's heading to, making sure we have the right fit for the still SMB customers, and mid-range customers, because I think they are still important to the business, right? I'm not saying they're unimportant. But also having the right products, and the scale. And I think scale is actually something we going to talk about anyway, in this conversation. The right scale, to even cover that customer, ten thousand VMs, twenty-thousand VMs, they are approaching us. >> I think the other big trend that we see, and I wonder if you guys could comment, is, again, data protection, backup, used to be an afterthought, and it also used to be kind of a one-size-fits-all. So that'd mean, almost by definition, you're either under-protected or over-protected, spending too much, or too little. Today you're offering much more granularity, and the like; it's a fundamental component of the platform that you're developing, and it's extending beyond just backup. Call it data protection, there's a security component, there's a DevOps and cloud piece, there's a management piece. Maybe you guys could give us your perspectives on those trends. >> Yeah, so short comment on that one, actually, in each and every one of my sessions I speak here, I always say, once you consider to replace your storage system, or your v-stream wired man, or you consider to use HCI, make sure you include data protection immediately, on Day One of your project, because, you're completely right, the last year or so, even still now, a lot of customers I'm going to, they tell me, oh, I replaced all my infrastructure last 6 months, 8 months, and now I want the data protection. Then I get in and I say, yeah, unfortunately, what you did on your infrastructure is completely wrong for the expectations and the requirements you have in data protection. So that's exactly what to talk about, you need to bring together those projects and make sure you bring them under one hood, and talk about this from Day One. Otherwise, you might get in to a wrong direction. >> Yeah, that whole-house view of the world. >> I think, from a Cisco perspective, we really look at, we're unifying the data, we have what your intentions are, your intentions are production apps, your intentions are data protection. I think through ACI we can certainly create the application profiles to make that happen. We carry through our fabric with the UCS system, so for us, we see ourselves as flexible enough to deliver all these options, obviously there's some improvements that we can bring, you know we were talkin' earlier. But that's part of the road map, and part of the way we want to go with Veeams. >> I think one of the things I'm impressed with Cisco about, and looking at the analysis, is that the network guys have always had the keys to the kingdom. You go back to IT, you go back twenty years, if you were a network guy, you ran the show. And you had storage guys came in, they became that same kind of tier, but the network was running everything, everything was sacred. Couldn't let the network go down. It ran offices, it ran branches. And then, when the cloud came, the network now with Cloud Native, and some of the stuff going on up at the stack, makes networking skills, people who think like a networking guy, really valuable, because the data needs to be networked. So, the data's now at the application, that's where the security is, so as you guys have your Veeam, you have needs, you're moving data around, you need more in Cisco, you're going to be better for him, so this is a nice dynamic. >> We're trying to instrument it so we understand what their needs are. If you look at AppDynamics, if you look at Tetration, all these things give us more and more visibility to make the right decisions, and hopefully those will all be automated down the road so we can move as fast as the business wants to. >> Well, and I think of things, you know people talk about air gaps for ransomware, but you need more than air gaps, you need analytics that identify anomalous behavior, and the corpus of backup data has all the data there, and if you can figure out how to analyze it, you're going to have a leg up. >> As you said, that's actually a good point because ransomware, and all that stuff, like Tetration, your project to analyze the network traffic and making sure-- I actually get informed, or I take an action, once I identify ransomware attacks, that's something that we can partner up with, because it would literally mean if Cisco identifies an attack, right, they can trigger automatically a backup or a snapshot backup of the data to make sure we actually have a backup right before the attack happens. So you can see a chain of activities and potential new products, or go to marketplace in the next couple of months and years. >> A lot of opportunities. >> Because there is a lot of stuff, and a lot of potential behind those technologies. >> And there's clear visibility from a customer standpoint, that we would report here on theCUBE, that's lookin' at nanosecs and things of that nature, where at the application, whether it's a V-map, or other things. Security and data has to be centric around the app, it decouples from the network so that you're not bumping into each other, you're helping each other, you're more effective. You help them, you guys help each other. This is the new stack model, this is the way it's going. >> I would say that's all what alliances is about, right? (laughing) It's why we have alliance business, right, because no one, neither Cisco nor us, we couldn't do it on our own, we always need a partner to do that. >> Guys, thanks for comin' and sharing the partnership news. I really think, and Alan Cohen, our CUBE guest this week, said, partnerships used to be a tennis match, now it's like soccer, a lot of things going on, multiple players, certainly you know that, Cisco's been doin' a lot of that for a while. Great stuff, thanks for coming on. Final question for you guys, big takeaways from VMworld 2018 this year. Comment, what's your thoughts, third day now, lookin' back, what's the theme here, what's the big story that people need to know about? >> Just from my experience, I've had a lot of conversations around security, and bringing it to our solution, more embedded within. I'm part of the Validated Design Program, and they're asking, at least the conversations that I've had on the floor here, has really been about showcasing some of the other aspects of Cisco, what we can bring from a security perspective to protect the data. I'm certainly bringing that home. >> Awesome. >> And what are you seeing? I just can continue what he said, because the most conversations I had is around scalability and still the data growth. We've been talking about that the last couple of years, but the more data you have, and the more VMs you have, the more challenging it is to protect it. It's all about scalability and making sure you can really cover and fulfill your needs. >> Well, congratulations on your success at Veeam, the numbers don't lie. You guys are doing very well. >> Thank you. >> Congratulations on Cisco, you guys have a clear line of sight on what you guys want to do with the network. >> Thanks. >> It's great to see, thanks for comin' on. Appreciate it. >> Thank you. CUBE coverage here, live, in Las Vegas. From VMworld 2018, it's theCUBE. I'm John Furrier with Dave Vellante. Stay with us, more Day Three coverage after this short break. (techno music)

>> Announcer: Live from Chicago, Illinois, it's theCUBE. Covering VeeamOn 2018 brought to you by Veeam. >> We're back at VeeamOn 2018, you're watching theCUBE, the leader in live tech coverage. I'm Dave Vellante with my cohost Stu Miniman. Stu, always great working with you. Bruce Shaw is here, he's the Senior Director of Global Alliances and Industry Solutions at NetApp. Great to see you, thanks for coming on theCUBE. >> Thanks for having me. >> So, I got to start out with NetApp, I mean, we've followed NetApp for decades, ya know, from the very beginning back when I was at IDC, Stu, you were probably still in your mother's womb. (laughing) But you guys are back in a big way, I mean, for a while there it looked vulnerable. You took advantage of the Dell EMC merger. You're gaining share again, you're growing, stock price is up, there's a spring in your step, what's going on? >> Well, a lot of things are going on. I think we've had a lot of leadership additions to the company, Henri Richard joined and took over as the CSO with the company. We've got a new CMO in Jean English. But more importantly, a lot of the areas that we were late to the market, and candidly we've admitted we were late. We didn't have a good Flash story a couple years ago. We've been very aggressive with Flash over the last 24 to 18 months. We're now the fastest growing Flash storage provider out in the market, and we think we'll exit this year as number one. In fact, we think that's the current course and trajectory. We're very happy with where that's going. The FlexPod partnership with Cisco was great this past year. We had a record year in Converged infrastructure, which was a down market, we picked up about 13 points a share according to IDC, so a lot of the cylinders are starting to fire, but the one that is probably the biggest and the most shocking for folks is three, four years ago, the belief was that cloud was going to kill on-prem storage for companies like NetApp. I think the one thing that they did right ahead of the curve was they embraced the cloud. They've got great partnerships with Google, Amazon, the hyperscalers, and cloud strategy and the business that drives the company there is the fastest part of the company, and Anthony Lye runs that team, and it's doing an amazing job. >> Explain how, and you're absolutely right, many, most, frankly myself at times, felt that way. Explain how cloud is a tailwind and not just a one-way street into the roach motel. >> Oh well, there isn't an enterprise today that isn't thinking about cloud in some way, shape, or form, right? Now, ya have prognosticators on either side saying it's all going to the cloud or something less than that, but the truth is when you look at a strategy like ONTAP and the ability to move your data, whether it's on-prem or to the cloud and manage it through our data fabric story, that's where NetApp really starts coming into their own. I think, again, that's where we've been able to take advantage, and it's not just having it one way or the other or being good just with the hyperscalers or good with the guys that want to be secure because most companies do a hybrid story, and they want to bit of both. >> Well, I think the one thing that I would observe about NetApp, having followed the company for many, many years, which I think gives you an advantage, is NetApp really has always had storage services in software that were largely decoupled from the hardware, and that allowed you to get into cloud early, don't ya think, Stu? >> Yeah, absolutely, and Bruce, we're here at VeeamOn, and their message sounds a lot like that to me, so maybe help explain, we were just talking to Veeam's CMO, when you hear some of the descriptions of storage services, software, multicloud, and everything, NetApp and Veeam sound alike. How are they complementary in, ya know, maybe where do they bump up against each other, yeah? >> Yeah, well, we both compete in the same market, which is storage, so of course, there's areas where we're going to compete with each other, but we are very complementary in terms of the story and the markets that we serve, right? NetApp is incredible strong in the enterprise. Veeam has great commercial channel presence, so from a route to market there's a lot of complementary stuff we do with each other. Price point, in terms of where we hit the market and the things that we go after, we have a lot of opportunity where there's not overlap to help each out to the point they're now, the relationship's evolved over the last four years where we're actually doing OEM of each other's products. We've got our E-Series we just announced yesterday that we're OEMing with these guys, which again is targeted at exactly those markets. The story between the two that we're both at our core not hardware companies, not storage companies, but data management companies really is where this starts to come together and play well. The fact that they're mutually supportive of each other makes for a really strong value proposition for the customer and the channel, especially the guys like the service providers or ya know, hybrid cloud providers, it's a big time story for them. >> So you're growing with, the partnership with Veeam is growing. >> Right. >> Ya got a combination of trends that become tailwinds, but then you've got execution. Can you explain what are those tailwinds, and what's the execution ethos with the partnership? >> We are a channel-only company for all intents and purposes. >> Dave: Oh yeah, I don't know what the number is now, but you've always been very, very high performing. >> Yeah, I know, so we look at businesses that we drive, and channel is at the core of what we do, so when you have a tailwind like, ya know, where we are with Flash and the growth there, the channel partners are making more money, the programs that are coming for them, we're not taking business that they're doing today and pushing it towards the cloud. Again, we're talking about the story that's transitory between the two, so for a lot of the channel providers that are out there getting in the market, that's a very powerful story for them. That it's not a competitive business, we're not going to try to create our own cloud service to take away from them. We want to help them as they migrate between the two. >> All right, Bruce, one of the other areas we're hearing a lot about at this show that I think lines up with NetApp is the analytics and AI, can you maybe talk about how that ties into the products? >> Yeah, I mean, you look at a lot of these markets like AI, like analytics in terms of what companies are doing, it sheds off a tremendous amount of data, right? And that data is at the heart of what they want to analyze and go through, and when they bring those things to market, the goal is how I quickly move it from where I'm capturing it to where I need it, and ONTAP does a really good job of doing that in terms of being able to take the data to where they need it, whether it's at the edge or whether it's back at the core of the company, so that you can actually do the real work with it and gain the insights that drive the business. >> Bruce, what's the resale agreement that you have with Veeam, can you explain that? >> We have Veeam on our price list. Our sales reps can sell Veeam, can be compensated for it, vice versa, they can absolutely hook in and drive away with NetApp, and now that we're getting products like E-Series where their product is embedded in ours, that only strengthens that kind of motion. So for a NetApp sales rep today, if they have an opportunity where Veeam is needed on it as part of the offering, it's absolutely in their wheelhouse to go sell it, and they get the sale level of love and attention from quote and comp standpoint that they would if it was NetApp only products. >> So this is kind of interesting innovation that Veeam, I think, has been out in front of, they, and I dunno how they do it, Stu, but I think Veeam understands the lifetime value of a customer and is willing to make, put sweat equity into a deal as part of a partnership to make it transparent to a partner sales force. >> Yeah absolutely. >> That's innovation in business model. >> Absolutely, we're very proud of our sales force and the work that they're able to do. We view ourselves as kind of the last big enterprise standalone storage company that's out there doing this, and I run strategic alliances, and some partners integrate really well with our sales guys. Others, it's more of a, ya know, it requires more work. To your point, Veeam has done a superb job at identifying how and where they play with our folks and getting together where we go to market together. >> It's interesting, we used to, ya know, several years ago now, ask the question can NetApp remain independent. We've seen all these independent storage companies kind of go away. Used to have this conversation with David Scott at 3PAR all the time, EMC itself wasn't able to maintain it, and then NetApp got to the point where it was almost too big for an acquisition, and although stock price was down, everybody, NetApp was the rumor of MNA more than any company I can think of in the storage business, but now you're seeing sort of antithetical to what most people expected, it's kind of like the cloud we were talking about before, storage companies emerged. Pure was the first one over a billion since NetApp. What are your thoughts, and what's that, I wonder what, you guys must talk in the hallways about that whole, the dynamics of the industry. It seems like it's still a viable business model to be best of breed. >> It's very viable, so I took over running the strategic alliances at the beginning of January, and my dance card's full. I can't believe the number of folks that are calling up wanting to partner. I think we've gotten much more mature in terms of how we view the market and our ability to get strategically with other companies to be successful, and there absolutely is always going to be a place out there for a best of breed story. Customers want the best technology that they can get to handle their business needs, and if we partner with great partners, whether it's Veeam or others to provide that for them, I think the viability of NetApp only gets stronger not weaker. >> It's interesting because now ya got NetApp, Pure, Nutanix, soon to be Veeam, as billion dollar independent pure play companies in the storage business. Isilon couldn't get there, Data Domain couldn't get there, Compellent couldn't get there, 3PAR couldn't get there, Lefthand couldn't get, EqualLogic, I can go down the list. They were never able to reach that escape velocity, and maybe it is cloud, maybe cloud is that weird tailwind for people who can figure out how to take advantage of cloud and hybrid cloud, your thoughts? >> Yeah, I think it is, number one. I think also the companies that you mentioned at various times, and I'm a hardware industry dinosaur, I've been around forever. A lot of those companies you talk about the difficult moment from them was hey, we're a storage company, now we want to add compute or now we want to go into this part of the market that put them at odds with the guys they were partnering with. George, our CEO, has been absolutely maniacal with his vision of our path forward is managing data, period. Whatever that form takes, we don't need to be a compute company, we don't need to be a networking company, we want to be a data company. I think how that then drives the decisions, whether it's partnering with cloud, whether it's going into new markets with HCI, even if it's things about transforming the legacy data center from traditional data center and how it's managed on-prem to something that's all Flash driven and much more efficient and much more programmable than it was in the past, so it's easier to administer, those are the areas that we can go innovate, and as long as we're partnering with the right partners out in the industry, that makes us a very good viable destination for the customer without worrying about well, do we have a compute node, are we in the server business now, are we suddenly in the switch business? Those are things that are not even on our radar. >> Yeah, I mean, you guys are in a unique position from that standpoint. You're very large now, you're the largest independent storage company, so everybody wants to work with you. You don't bump up into these adjacencies, and you can make bets, you can place your chips in areas whereas some of the startups, there's tons of innovation, but it's really hard to hit that escape. The amount of resources that you need, the money you need for promotion, the talent war that's going on out there, the go-to-market challenges, the partner challenges, so you guys are in a pretty good position right now. >> We really are, and I think we've actually done a lot of the restructuring internally to continue that and capitalize on it. Probably the biggest change, which outside the company, most folks wouldn't notice immediately, is that we moved at the beginning of this year to a three distinct business unit structure where we're focusing on three parts of the business to go forward. We've got our cloud business unit, which is driving into, as I said, the hyperscalers under Anthony Lye. We've got cloud data center, which is more of the new technologies like HCI and Converge and object storage technology like StorageGRID, and that's, right now that's an incredibly fast growing business for us. Then, of course, we've got our traditional storage software infrastructure business where we have products like E-Series and modernizing the data center, which is primarily driven with this transition to Flash. You've got three BUs now that are maniacally focused on the different areas of the market where we see here's an immediate opportunity in Flash. Here's a slightly longer opportunity in things like hybrid cloud and HCI and Converge infrastructure and a much longer term bet was how does the cloud really become a piece where we're managing between all of those. It lets us be a lot nimble between it. It's almost like three subbusinesses where we're going to market. >> Yeah, Dave, and actually that aligns perfectly with the research we've been doing for over five years from server stand and true private cloud, you've got the hyperscale, you've got the transformation locally in spanning those two, and then you've got that transition from the traditional. >> Oh, I think it's a sound strategy, and it'll serve us well in the years to come. >> There's obviously a lot of noise about artificial intelligence in the marketplace. You've got some companies trying to position to be the platform for machine intelligence or artificial intelligence, what's NetApp's point of view on that? >> Well certainly, we share some of that, but again, I think at the end of the day for us, it's much more important about fine, wherever I'm capturing that artificial intelligence is not likely the place where I'm going to do a lot of the analytics and work on it, so it really does come down to, ya know, am I moving it up to the cloud to do that work, where am I making my big insights, where am I mining through it, and then how am I relating that back, whether it's at the edge or whether it's at the core data center, and again, we think with ONTAP, with the partners that we're going to market with for AI, for ML, IoT, that's the difference maker for us at the end of the day. It's not that we're just another storage company storing the telemetry data off of a car for AI, we're putting it into a format and a form that's usable quickly, efficiently, real time, where Tesla can go make a decision on the car right now, not days, weeks, months from now. >> All right, Bruce, well hey, thanks for coming on theCUBE. Really appreciate your time and good luck. >> Enjoyed having me, thank you. >> All right, great. >> Good to see you guys. >> All right, keep it right there everybody. We'll be back with our next guest. You're watching VeeamOn 2018, this is theCUBE.

>> Announcer: Live from Las Vegas, it's theCUBE covering Veritas Vision 2017, brought to you be Veritas. (light music) >> Welcome back to the Aria Hotel and Veritas Vision 2017. This is theCUBE, the leader in live tech coverage. We go out to the events and extract the signal from the noise. My name is Dave Vellante, and I'm here with my co-host, Stewart Miniman. Rama Kolappan is here, he's the Vice, worldwide Vice President of Product Management and Global Alliances. Rama, thanks for coming on theCUBE. >> Thank you. Thanks for having me. >> You're welcome. So, 360 is a big topic of conversation. It's a fundamental, strategic evolution for Veritas. Why is 360 Data Management needed? >> So, 360 Data Management is an integrated set of products and solutions, if you will, that helps you with data protection, also with copy data management use cases. If you want to move the data and workload for some of the resiliency services as well, and if you, if a customer is also looking for any of the data visibility, which is a very important part of the 360 Data Management. So, we can offer all of it as part of one platform. So it is a very powerful integrated solution set, if you will. >> So we should think of it as a platform, not a product. Everybody talks about platforms today, the API Economy, Platforms beat Products is sort of the mantra, right? Is that the right way to think about it? >> Correct. And, also, we make sure that the different solutions, which is part of 360 Data Management Suite, works with each other, right? For example, if you actually back up your data, you should be able to use the same copy to do a DevTest. So we have a solution called Velocity that is part of our copy data management solution. It should be used, you should be able to use the backup data to do your disaster recovery if you can, right. >> So how does that resonate with customers? I mean, I get the platform perspective, certainly from a vendor view, you got to have the platform. Do the customers see it the same way? Or do they just want to buy products? >> No, so it is a suite, right? And what customers want, especially enterprise customers, they're looking for, to partner with a vendor, like, for example, us. One is for data protection, primarily, in many cases. Once you protect your data, they're looking for instead of finding the products to use, I can use the same data and how can I get value out of it? So I need to have the visibility about the data itself, so we have our InfoMap solution as part of 360 DM suite, to give you the visibility of what that data is with all the metadata information through that, and once they back up the data, they also have other things to do with respect to moving your data, moving your workload, and especially with the cloud adoption, many of them are going through the transformation. There are some pre-consolidation cloud adoption, and so on, so forth, and they need to move their data and workload, say, from on-prem to cloud, and you can also do it from cloud to cloud also, which is coming soon. So, some of those challenges are very critical, and they are looking for someone like Veritas who can offer that solution for them, which is essentially protect it, move your data, workload, be able to do copy data management on it for DevTest use cases, be able to provide visibility, and the digital compliance is a big factor, which I haven't even gone deeper into. There are lot of solutions to offer for the customers. >> Rama, take us inside how 360 Data Management fulfills the vision that was laid out a year ago. I think back to early in my career it was, like, it was the hardware, you know, you follow the Tick-tock of Intel. Today, software, we can usually talk a little bit further about the roadmap but, you know, customers are going to hold you well, "Can I use it now?" Do you have all those pieces, you know? What kind of pieces have been filled in this week, and, you know, where are the pieces where it's more aspirational than where we are today? >> I'm surprised you remembered the Tick-tock Model, which is essentially go through the process and architecture change, alternating with Intel, right? That's the model, I was there for like nine years or so. >> Marching to the cadence of Moore's law, that's what we used to do as an industry. >> Exactly. So, for 360 Data Management, we announced it last year at Vision and at that point, we are putting in the solutions and the use cases together. And what we did, we worked really hard the past one year to make sure that we put these solutions together. One, they should work with each other. Two, we have a tighter integration. And three, we should be also adding more solutions together and we made it also easier for a customer to buy, it's one SKU, right? So, you don't need to have multiple SKUs to do 10 different things. It's much easier to buy. It'll do all the things that an enterprise customer want with all the stuff that I talked about earlier, and from there on, they should be also, we should be able to also cater to some of the newer problems that customers have, which is, essentially, we launched CloudPoint, for example, which does a snapshot management, and we're adding more capabilities to it, and going forward, you will see that the 360 Data Management will evolve to cater to the customer needs. We always place customer in the forefront and make sure that their needs are met first, and that's the stuff that will design the solution, based on their needs. >> We spoke to Mike Palmer this morning and one of the things he said that kind of matured a little bit is, "That interaction with the cloud, when you get down into it, it's nice to talk about public clouds and people use many clouds but they're all a little bit different." So, maybe take us inside, there's a couple announcements you made, maybe give us a little bit of color on that and, you know, come on, tell us how is it working with all these big players? >> So, I run the technology alliances team here as well, so my team works with the various cloud vendors, which is essentially Azure through IBM to Google, AWS, and so on, so forth, right? So we are already working with AWS on multiple product integration, deeper integration. With Azure we are making sure that from some of the roadmap, like when recently we launched EnterpriseWorld, to make sure that it supports Azure, and then also we launched the VIP release that happened very recently. Support for Azure, as well. And we make sure that the other products that I talked about have the cloud as a significant piece of it, part of the roadmap. We have other vendors that are, we have partners that we are working with like IBM, Google, et cetera. They have their own strengths and we are initially going to go, we already sell on a backup as part of our, with IBM. We've been doing that business with them for more than 10 years, right? So there's a lot of moving parts in the sense that they are coming up with a lot of innovation. We are coming up with a lot of innovation and we make sure that we deliver what the customers want with those cloud vendors. And a very simple example is that if you want to do a data and workload migration on-prem to cloud, we can help with that very critical use case for anyone who's going through, looking at cloud transformation and journey to cloud. And, likewise, basic use cases also like backup to cloud, backup in cloud, disaster recovery, migration, DevTest, and these use cases is what we target, and it is part of the 360 Data Management suite itself. >> Can I ask you, it's kind of a wonky question, but it's something I'm curious about, and we talked to Mike Palmer a little bit about it, the challenge of integrating to various cloud services, in the non-trivial nature that, his answer was actually quite interesting. He said, "Listen, it was a lot harder "when we had a gazillion OS's, a lot easier now." But I want to understand that better. So, when you look at, and I am going to pick AWS only because I know it a little bit better and their services, but when you look at the myriad of data, sort of services that they have, are you just targeting the data stores? Like, an S3 or an EBS or a Glacier, or do you have to also think about integrating with other data types, DynamoDB, Kinesis, RedShift, Aurora, et cetera, et cetera. How far do you have to go, and what are the complexities of doing that? >> It's a very interesting time, right. There are various cloud service providers who are there, and each of them have their own services and their own storage, right? So, there's no one standard. S3 has been a standard for last one or two years or so. What we are doing is that we're looking at the portfolio, and we look at the use cases for what we are trying to solve for the customers in the cloud and based on that, we actually have some basic use cases which you don't need a full integration. You need some integration with some of those services, which is where we have people that are doing a lot of closer integration with AWS, and other service providers as well. Going forward, we will be using some of those, you mentioned about many DynamoDB, and other services that they have, machine learning services that they have. >> Stu: Sure. >> And different cloud providers have their own strengths and where they, what they offer. So, we will be looking to integrate with our existing portfolio with some of those services so that it is beneficial for customer. For example, if a customer wants to use only AWS, we are tightly integrated so that they get the best experience in AWS, same thing with Azure, same thing with Google cloud, same thing with IBM cloud, same thing with Oracle public cloud. So, that's our direction. First things first, get all of these basic use cases catered to for the customer. Going forward, have a tighter integration with their services. >> And your value in that chain is visibility and management. It's not so much optimization of that service, is it? >> So, I wouldn't call it as optimization of services. We focus a lot on the data visibility. I think in the keynote, and in my keynote, you might have heard also, is that some of the things that customers, we talk with customers a lot and we find that many of the, many times, they don't know what they have it. Everyone knows that it's called dark data, right. We provide the visibility so that they know what data they have before they do any migration. They know what needs to be migrated. And, as you all know, there are different storage tiers in cloud, like your S3, S3IA. You have your Glacier and it is expensive to bring data back from, say, Glacier to any other storage tier all on-prem. So, you need to have the visibility before you send the data out, right? So, we helped with that as well. So, visibility plays a very critical role in so many areas, not even just cloud but also on-prem as well. >> Rama, 360 Data Management's vision was laid out a year ago. A lot of the pieces are in place now. How are you tracking success, you know? Can you give us how many customers you're doing or just kind of growth, adoption, and how should we be looking forward to kind of measure and say how good this is doing? >> So, we actually launched 360 Data Management not too long ago. In the sense we put the package together, program together, and, as part of it, we saw extremely a lot of good traction not just from one geo, we actually saw a lot of traction in Asia Pacific, in MER, in Americas as well. A lot of the customers are looking for, I mean, there are three tiers to it, as well. We have bronze, gold, silver, right? And we see equal traction across the board. And, right now, I can't give you the numbers numbers, but, having said that, we see a lot of traction from customers on adoption and we have a huge pipeline where customers are very interested. These are backup customers who are looking to do many other things like resiliency services, like copy data management, and so on, so forth. So, the 360 Data Management really solves the problem, what they're looking for. >> Yeah. Can you give us a little color to that packaging and pricing? It's a subscription model to my understanding. >> It is a subscription model but-- >> Which is a little different than if you have a traditional and, you know, what are you seeing, what's the feedback been from customers? >> So, it is a subscription model when we went to market. We are going to be offering as a perpetual as well. So there is a gold, silver bronze tier, I had mentioned it. We have a Backup, InfoMap, and also EBFile as part of the bronze. And then you have, we have P as part of the silver plus bronze together and then in the gold, we have Access, also, as part of the solution. So, they can pick what they want and from our... Going forward, we do hear feedback from customers that they want perpetual as well. So, we already, we heard them. We'll make it happen. >> How about the small, midsize business, what are you, what are you doing for them? And can you talk about that a little bit? >> I'm glad you asked that because a lot of the 360 Data Management is centered around net backup, right? And with net backup, adark, all the good releases. There are also a lot of SMB and mid-market customers, and we have a solution called BackupExec, and I'm sure most of you are aware of BackupExec, it's been there for many years. So, BackupExec solves their problem and within BackupExec, we make sure that there are a lot of SMB customers who have like three or four backup products. And we want to make sure that there's one product that can protect the physical, virtual, and cloud environments. So, BackupExec does that. >> Last question. So, the ecosystem, it's evolving. You guys have great ambitions. Microsoft was here, had a big, big presence. Maybe just general thoughts on the ecosystem and, specifically, your relationship with Microsoft and other cloud suppliers. >> So, we work very closely from a strategic level with the CSPs. We call them the Cloud Service Providers. With Microsoft, we are doing a lot of, not just product integration for Azure, we'll also be supporting many things for AzureStack going forward. We're working with them on that. Also, I mentioned about BackupExec, we're also going to market. We are spending a significant amount of money to define the goal, to go to market with them, with their partners, and so on, so forth. Not just for BackupExec but across for all other products. That said, we also have other partners from the Cloud Service Provider point of view. There is a lot of effort happening from product integration, defining goal market, and as we define that, we're also engaging with their channel partners, who are also our channel partners, to help with the goal market. >> Cool, alright. Well, listen, thanks very much for coming on theCUBE, Rama. Really great to meet you and great to talk to you. >> Thank you, thank you for having me. >> You're welcome, alright. Keep it right there, buddy. We'll be back with our next guest. This is theCUBE. We're live from Veritas Vision 2017. Be right back. (light music)

>> Announcer: Live from Las Vegas it's theCUBE covering Veritas Vision 2017. Brought to you by Veritas. (upbeat techno music) >> Everybody this is theCUBE, the leader in live tech coverage. And we're here covering Veritas Vision. The hashtag is Vtas, v-t-a-s vision. Little bit of a funny hashtag so make sure you get that one right if you want to follow all of the action. I'm Dave Vellante with my co-host this week Stu Miniman. Michelle VanAmburg is here. She's the Director of Global Alliances for Veritas. And she's joined by Daniel Witteveen who is the Vice President of Global Portfolio Resiliency Services at IBM. Folks, thanks for coming on theCUBE. >> Thanks for having us. >> Thank you for having us. >> Michelle, let's start with you. Alliances are a fundamental component of Veritas' strategy. You got to make friends with a lot of different people. What's your general philosophy around alliances? Let's start there. >> Yeah, well specially with IBM, we've had a long term alliance starting back in 2004, around backup and managed services. It's evolved into a very strategic alliance with IBM providing both internal IT support to migrate our key applications into their Bluemix and IBM cloud infrastructure. And then also, evolving the managed service around backup strategically moving into the cloud. We announced something in March to work on backup in the cloud with IBM as part of their Bluemix services. So, each and every partner in alliances has specific strengths and weaknesses. And I think with IBM we're maximizing our partnership around their strengths and that's the services and their play in the enterprise market. We both have about 86% overlap among those customers. >> So, I mean, this is interesting, Daniel, I mean IBM big technology company, huge product portfolio, some of the products competitive with Veritas, but you're part of the services organization so you've got to have the customer's interest first. You guys are sort of technology agnostic generally as a services professional. So, what's your philosophy with regard, maybe I just laid it out, but with regards specifically to data protection and back up? >> So, you said exactly right. We measure ourselves against the business outcomes for our clients. And that truly is vendor agnostic. But when you take a partnership like Veritas, and if you saw the keynotes this morning, they were talking about the leader in the Magic Quadrant for the last several years. IBM's also been the leader in resiliency and in security. So, that's an unparalleled partnership that you can't get from anywhere else. You've got a services firm that can take their software, provide a high-valued outcome to their clients, our clients or mutual clients, and provide it in the cloud. And that could be our cloud, that could be another provider's cloud. Very significant for our clients. >> So, every time we go to these shows you hear about digital transformation. And it's an important topic but sometimes putting meat on the bones is hard. So, let's try to do that. I presume you're hearing this same thing from your joint customers. We got to become a digital business. You hear that from the top. So, what does that mean to your customers? What does it mean to become a digital business? >> So, for me I think a lot of people say that in the context of a one time event. We have to go through digital transformation. >> Voilà! >> Yeah, or suddenly, "Whoo-hoo! We're there!" (laughter) And that's a big, wide definition of what that could mean. I think it's continual transformation. It's innovation. That's a buzz word to me that says, okay, yeah this creates the conversation that's a door opener. But we really have to talk about evolving transformation, cognitive learning, using IBM Watson, always making us better. It's not laying out here's what we're doing and walk away. It has to be continual. >> Can you add anything to that, Michelle? What are your thoughts on digital? We think digital means data. >> Michelle: Mmm-hmm. >> You guys, all we heard this morning is how you're the sort of center of the data universe. What are you hearing from customers on digital? >> Well, I think we're all, including us, Veritas internally struggling with the same thing, right? How do you get there? How do you save cost over time? And how do you keep your business running with all the governance and compliance regulations that are coming down, like GDPR? So, there are a lot of challenges coming out of a lot of these organizations. And I think it takes not only somebody that's the leader in technology, like Veritas, but then it takes somebody who's the system integrator who is monitoring the outcomes for their customers over time. If you look at all the large accounts that IBM manages, we have a huge play for Veritas technology and use of those products in those accounts. So, I think it takes more than just a point, product, or a point in time like Daniel mentioned. It really takes an evolution over time, and a solid plan that can be, again, flexible as GDPR regulations come down the pike. How do we move with the times? How do we manage those outcomes for our customers to be cost effective so that we can keep their business and grow it too. >> Daniel, did you want to comment on that one? >> Yeah, I mean, we mentioned GDPR which I think is kind of the biggest event. It's going to be the Y2K of 2018, right? It's massively significant. But if you throw that under the compliance bucket, we really think about what does that mean for our clients and protecting our clients with those compliance requirements. When you look at IBM and Veritas, our partnership has extensively talked about, Bill Coleman was talking this morning about meeting with the two largest banks. IBM covers 75% of the top 35 banks. We get regulation. That's our job. Customers look for us to lead that example. We have 80% of the Fortune 100 across multiple industries. So, when you combine these technologies together, you combine that regulation overlay, which we have to know not just for one customer but across all of our customers. It's really unmatched. >> So, in addition to kind of the governance piece, what about security? It's been something in my whole career. Used to get a lot of lip service. Today, it's board level discussion. Everybody's handling it. Resiliency services have to believe covers that as well as kind of traditional BCDR type activity. >> Yeah, we define that under cyber resiliency. And that is really going from everything from direct protection all the way to outage to recovery. And I think a lot of customers are struggling with that. We did a study with Ponemon Institute back in May, and 68 of their respondents said they lacked actually reliable foundational way to recover against a cyber attack. And when you really think about it everyone's been in the news over the last several months. You have to respond to that very differently than a hurricane outage or what people think of a disaster recovery which I struggle with that name because it's really any kind of outage. So, cyber resiliency is key. In fact, we have a session tomorrow at 12:30 specifically, talking about our combined approach against cyber resiliency starting from threat protection deterrence. But more importantly when the outage occurs how do you make sure you're actively responding? You're not out for hours, days, and months. You're really, truly out for minutes. >> Michelle, anything around ransomware, the cyber resiliency piece? How does Veritas look at partnering with companies like IBM for these solutions? >> Since we've broken off from Symantec, and we had a lot of security and data protection that was combined, we really look for our partners, like IBM, to to provide a lot of that security specific services around our product. So, one of the things that Daniel had developed, is the cyber resilience offer that we are looking to our joint customers to provide specifically a short engagement around that to help them. So, really, we are starting to look to our partners to offer that security service. >> So, I'm a little bit of an industry historian, mainly cause I'm old. (Michelle laughs) And so, when I look back 1983 when Veritas got started, and we heard today that Veritas has been a leader in the Magic Quadrant for 15 years. So, you had the the PC era, which changed backup when the pendulum swung from mainframe mini to PC. And then obviously clients server evolved that and then virtualization business change that. So, you saw backup evolve, and obviously Veritas stayed with that as a leader throughout. Now, we come to digital business and cloud. And when you think of digital business and cloud, I'm interested in the impacts that it's having on data protection. I think of distributed data, analytics, edge computing, the cloud itself. Whole different set of technologies and processes and skillsets to manage data protection. So, I wonder if you could bring that back to the customer. How are they re-architecting their businesses around, specifically, the data protection side of the business. >> So, I think the first, and we saw this with virtualization we saw it with storage area networks. And we saw it with cloud. The first instinct and the first sales point is well, then I don't need DR. I don't need backup. And it's kind of this false sense of or "I have an SLA, so I'm covered." Which an SLA is just a penalty. It doesn't mean you're covered at all, right? So, we've seen that at every kind of hurdle in our business. But then what we've seen, when you saw storage and virtualization is probably a perfect example, When it's more consolidated, your risk is a lot more condensed. So, before you could have one server outage. You might never have known. But now you have an entire virtual system SAN or even a cloud. We've seen that in the press just being out. It's much more significant. So, customers are taking a lot more serious look at how they're architecting those solutions, making sure their not reliant on one of those consolidated entities. Do I have my data in the cloud? Do I have a way to have that data out of the cloud? Can I run in this cloud, maybe that cloud, on-prem, hybrid IT? Hear that a lot from IBM. But how can I diversify? Which is a very different way of architecting solutions when you've just had client server. >> Stu: Right. Okay, anything you could add to that Michelle, just in terms of what customers are asking you? And specifically, how it might relate to some of your partnerships. >> Michelle: Yeah. >> Maybe, no offense, but broader even than IBM. >> Yeah, from a broader perspective we're seeing all the cloud providers in the market, and we're partnering with all of them at Veritas. Each one of them has their strength. And if you look across our partners, and I've been integral in some of our accounts. Some of them are doing things just as simple as snapshots. They don't have a way to index. They have a hard time recovering. Things like that. Our customers are really on that high end. So, as Daniel mentioned, we have a lot of overlap in the Fortune 1,000. And they are looking for ways to recover their data like they did on-prem but they're moving to the cloud. So, our solutions together, with IBM, are really those heavy-duty enterprise solutions that allow them to have the data recovery, same times RTO, RPO. And also, the disaster recovery programs and the security around those high-end applications that have all the compliance around them. So, from my point of view, IBM's a key partner in that space to allow those highly regulated customers to have the same type of data protection. >> So historically, you guys are in the insurance business. It's a great business, no question. And I always ask, is data an asset or a liability? And the answer is both. But if you had the value pie. Clearly, the pendulum is swinging and things are evolving. Is data still more of a liability in your world than it is an asset? >> Daniel: So, our CEO said it best, data is the new natural resource. So, data is the number one important thing within the customer environment. Without it you don't have intelligence. You don't have machine learning. You don't have predictive outage. You don't have sales force automation. All that is reliant on data. So, it's more critical. Where you could argue it becomes a liability is when you have to be compliant and you have to have that data for the next number of years. A lot of people like to promote backup success. Well, that's nice if you can back it up but can you restore it? Can you make that data active? So, that's where it can be treated as a liability but there's no way I would say it's a liability over an asset. It's absolutely the number one asset in a business. >> Stu: You would Agree, I presume? >> Yeah, I would agree. And we always use the iceberg analogy. The data that you really need is just at the tip of the iceberg above the water. And then you have all this data hidden under the water. How do you make that secure, and understand what you have? And so, I think the analytics, and some of the data protection, and the tiering, the understanding what you readily need available versus what can be archived and stored in the lower cost tier is really important. >> So, where do you guys want to take this relationship? When you sit down ... Give us a little inside baseball here. Where do you see this going over the next 18 to 24 months? >> Daniel: It's only going to be stronger. A lot of conversations in the works about doing a lot more strategic relationships together. I'll leave it as that. We've been very healthy partners for over 11 years, you mentioned 2004 timeframe, I think. We have folks on my development team that are a integral part of Veritas' product offering. Very important to the feedback loop. And vice versa the managed service. So, I think that's going to get tighter. I think that's going to expand just beyond backup. And I'm really looking forward to those possibilities. >> Yep. >> Michelle? So, I'm really excited about our cloud partnership that we announced in March. I see IBM as a key to allowing Veritas to leap into that market, and to provide the enterprise strength solutions. And just really excited about our future. >> Stu: Great. All right, well thank you very much. Good luck with your partnership. >> Michelle: Thank you. >> Daniel: Excellent. >> All right, keep it right there, everybody. We'll be back with our next guest. We're live at Veritas Vision 2017 in Las Vegas. This is theCUBE. Be right back. >> Daniel: Excellent >> Michelle: Awesome, guys. (upbeat techno music)

(upbeat techno music) >> Hello, everyone, and welcome to this special Cube conversation here in Palo Alto. I'm John Furrier, co-host of the Cube. And we've got two great guests. Prashant Jagganathan, Technical Director of Global Alliances at Catalogic, and Vaughn Stewart, Cube alumni, good friend of the Cube, Vice-President of Technology at Pure Storage. Guys, welcome to this Cube Conversation. Good to see you. >> John, it's great to be here. Nice to see you, mate. >> So, you're on the road. You guys are a growing startup. You guys are doing great. Congratulations. >> Prashant: Thank you. >> So you guys, Catalogic, we've been covering you guys. And you guys came busting out. Still, in my opinion, not well known, but well known. You're the most unknown well-known company because you have a really awesome solution. Pure Storage, you guys are known. You just went public, earnings, again, another successful quarter. Congratulations to the team there. Again, everyone's like, "Pure Storage!" You guys continue to demystify the marketplace with performance, congratulations. Why, what's going on? >> Thanks! Again, we've just announced our quarterly earnings. Another great quarter. We've accomplished 3350 customers, 25% of those are in the Fortune 500. Over 25% of our revenue comes from cloud service providers, be it SaaS, PaaS, you know, hosted private cloud. Really the key of our success has been not the performance of Flash, which I think a lot of folks assume, it's been about reinventing the operational model through simplicity. We'd like to talk about being effortless, efficient, and evergreen. That's kind of our tagline to help customers put their data to work. >> There's certainly a cloud transformation going on, and I want to get your guys thoughts. Because one of the things that our team at Wikibon, our editorial team at SiliconANGLE are focused on, is really three major pillars we're seeing that are powering a whole new set of applications. Cloud-native, whatever you want to call them, that is, obviously cloud computing, which is a combination of on premises, hybrid, and then public. Big data, which is now AI, machine learning, and then IOT. Those are like really the underpinnings that's transforming the data center. And this is causing a lot of opportunity for app developers on top. And you're seeing all the key software markets just completely being disrupted and transforming. So I got to ask you guys, what does this mean to your relationship? Because you guys have a partnership. So how does that fit into that industry trend. Can you talk about the partnership that you two guys have together? >> Prashant: Sure. I'll let you go first. >> So we first started engaging, almost a year ago. >> Prashant: Right. >> You know, there was a lot of relationships based out of the Valley from previous relationships, or I should say employment -- >> John: It's a small industry, the storage industry. >> Yeah, we all know each other. >> And, so at that time, even more than your current opening statements, Catalogic was really flying under the radar, right? A powerful set of tools, how to bring in a copy-data management and data protection scheme into a heterogeneous storage infrastructure. And, they've kind of bridged this gap between, I'm software enabled, software defined, giving you a control plane. Leveraging all of the offload and acceleration capabilities within the hardware infrastructure. And at the end of the day what we were able to identify is this fills a huge gap within the market. Whether customers are looking to convert their virtual infrastructure into a private cloud, meaning it can be self-service, right, by the end users, or consumerized, if you will. They can better accelerate their development teams. And develop a more DevOps centric model, that lets these teams start to work in a more agile infrastructure. And ultimately start to embrace better hybrid storage technologies by making data protection just a native element within their onprem, and extending it into the cloud. >> Prashant, what are some of the use cases, because this really highlights the demand for faster solutions, not necessarily buying the new tool or something else. People got to use what they got. >> Yeah exactly. First to start with the integration rate. So we are a very synergistic relation. Catalogic is an orchestration engine. So it leverages in place existing infrastructure, to automate certain operations. So these operations include, answering your question on use cases, include DevOps, include TestDev automation, and also data protection and disaster recovery management. So it makes it use-case driven, and also for different industries, where they're looking for a centralized, a heterogeneous automation tool that can perform a lot of operations, but not reinventing it, so we don't need to move it to another appliance to deliver these use cases, but leverage the services that the storage, and the hardware already provides. >> TestDev is obviously low hanging fruit. That's kind of been around for a while. We've heard a lot of the top cloud guys say that. We're hearing, as we go out through a variety of the events, real practitioners and end users putting production workloads into the cloud, and really bringing the hybrid architecture in there, which impacts the storage and the preexisting. Outside of test and dev, I hear a lot about mission critical. Are you guys seeing that? Is that a use case? And then, how do the people who are your customers deal with that pressure. Okay, move some mission critical workloads. Make them work. What happens? >> Right, mission critical applications are what's actually driving. They are actually driving the purchasing point of the product itself. So, applications like if you take Oracle, or SQL Database, they are running on high performance storage on Flash. And, what these developers and app owners are looking for is, I have my production data but I need to access that data. They cannot touch production. So they end up using a copy of data, which is driven by backup tools. They backup the data to some tape or some disk appliance, and they perform a full restore operation, which is slower and doesn't give them data access right away. So, with Catalogic what we are trying to do is leverage these production databases, and then quickly spin them up for these mission critical applications. They get a data protection locally on the storage. And these copies can be spun up instantly from an end user for self service. They are looking for quick access to data, which sometimes the storage administrators cannot give them right away. But we provide the tools, and the necessary components to give users access to the data. >> Let me add some color to this, because I agree with what you said. I think when you look at what's occurring within midsize businesses and enterprises, which is really where we sell to. At Pure Storage we don't go into the small market. There is this macro desire from organizations to get their private cloud finalized. This transition from virtual to private cloud. Because the end-state of private cloud is then to optimize IT resources, and start to move your people into areas of future investment. Meaning focus more on IOT. A lot more on the analytics. Whether it be ML or AI. And so when you take a step back and say, okay they'll come from macro and let's talk about our two products. We make an all Flash array. What was interesting about the introduction of our Flash array when we first brought it to market was, it didn't start in tier two or tier three. It started mission critical tier one. In which you're in that space, and you're dealing with some applications powered by an Oracle suite, or on top of SQL Server for example. There are a lot of steps that have to be taken to protect that data. I've got to call the application. I've got to coordinate with the hypervisor layer, the storage. And if I'm now going to start to automate this to bring a cloud-like experience to my end users, I've got to deal with compliance, operations, and security concerns. I should say regulatory, concerns. >> Think of all the personas involved in this. >> Which means, it may be a retention policy. It may be a release the resources. It may be measuring the resource constraints. It may require data masking. All of these elements that are above the storage layer, and above our great performance and cloning engine. Catalogic manages for us. And they've got geocentricity to it. Is it onprem, what country is it in? Is it off in the cloud? These are the elements when you say, I want to make a private cloud a cloud. It's where the hypervisor vendors have kind of left us looking for more. >> John: So that's a gap. So that's the gap you're talking about, if I get your thoughts on that, because Wikibon just put out a survey just last month, that through 2026, the true private cloud, they call it true private cloud, is going to be 237 billion dollars. That speaks to the data center migration to cloud, where you've got true private cloud, which is essentially data center that has cloud-like features for DevOps, and hybrid cloud. But, this mission critical question comes back to it. Because, as VP of technology, you know. We've talked about storage in the past. Databases in isolation are easy to deal with, but when you're dealing with production databases, this is a nightmare. No one wants to fool with them. So talk about how hard this is, because most people don't get how complicated it is to wrangle production databases to get something into production, in a true private cloud. >> So, like you said, production database, nobody wants to touch it, because that's driving business, and anything to do with business, the developers don't want to touch it, the QA. >> They call it NoOps. No, don't touch it. >> Prashant: Don't touch it. Exactly. >> And they also want self-service too. They want no operational people involved as well. >> And that is part of the problem as well. Every time you're, the whole DevOps moment is you trying to combine the developers and talk to the Ops people. But the true DevOps is, the Ops is not involved. Just developer wants some access to it, they get it right away. The Ops people don't usually want to give access to developers for the production environment. Part of the reason because developers want to do a lot of different things with it. They want to do batch testing. They might want to run queries against it, run analytics against it. Use it for big data consumption. And if you do this against production database, not only are you degrading the performance of it, even if it's on Flash, you're performing operations that you don't normally perform on a production database. Which is why they need access to it in a self-contained environment. Not directly on the production. >> And one of the values that the private cloud can differentiate itself on today versus public cloud offerings, is in the public cloud, there isn't an ability to make instant copies of production data. You've got to be making backups that come out of one storage silo across the interconnects to another silo, and then when you want to clone, it's got to copy out of that silo. So from an agility, a time to perspective, the clouds not there on that construct yet. It's all based on software copies. In the model that Catalogic enables, whether its Pure Storage or other storage partners that are within their portfolio of support, we get to leverage these engines that are very mature and robust within the enterprise class storage arrays today, to deliver this agility and speed. And we find customers being very creative in how they're leveraging these technologies. I was sharing before we sat down. We have a customer that, they've taken their legacy environment, which is storing all these customer records and information in a relational database, and now they're leveraging it to say, let's make multiple copies of this database and run queries and parallel across multiple cloned instances. Because they don't have the staff that knows how to adopt a dupe ecosystem today. >> Alright, so let me see if I can put this together. Because, the things I like to look at externally to what you guys are doing, and some trends that I can point to. Pure, your growth on terms of number, is in the green. Competition's down. So you're obviously in a modernization kind of wave. People are buying your stuff and they're moving it in. But also seeing on the data protection side, in the cloud you're seeing new startups emerging. I look around, there's a lot of startups reinventing data protection, and backup and recovery for cloud. So the pressure that the customers have is, I want the best of what I've been doing, but yet I got to move to the cloud really quick. IT modernization, consumers. Whatever you want to call it, it's happening. How do you guys work together to make that happen? Because, I still got to get this new environment, but I got to make the production protection work. There's no four walls anymore. Am I getting this right? >> Yeah, that is correct. So, customers are moving to the cloud there. The notion of hybrid cloud exists in some fashion as in, they are running most of their mission critical applications on production and on faster performing arrays. But they are still moving their workloads into the cloud. So they have a mix of both. With a true data protection, you have to cover both these scenarios. The hybrid cloud model, where you're taking care of data protection both on premises and also into the cloud. So with the cloud migration, now it becomes more important to understand and catalog the entire environment, to identify what's out there. Are they protected? And are my users getting the right access to the right data? So that's where Catalogic comes into the picture, where it can provide a single global view into things, of identifying these are your mission critical applications right there on premises, and here's the data in the cloud. And, not only drive data protection natively in the cloud, but I also give cloud people access to data that's on premises. >> So you guys have a good fit with Pure that way, because they're >> Prashant: Exactly. >> hitting the large enterprises, and then emerging modern enterprises, but to store Flash. You guys kind of give some extensibility through that integration >> Right. >> So I got to ask you the tough question. Data masking and security. Huge issues right now. Security in particular. There's no perimeter in the cloud. You guys know all about this on the storage side. Onprem is pretty well known, but still there's no perimeter even on premise. How are you guys dealing with security in your relationships? >> That's a great question. It's actually easier for me. That wasn't a tough one. >> John: Damn, I wanted it to be a hard question. >> That wasn't a tough one. So data obfuscation, or data masking, is a main ask for mission critical applications. So, especially when you're talking about DevOps giving access to data. You don't want to give access to production data that contains information like credit card info, social security number, blood group of your firstborn. Kind of information that you want to keep private. So, Catalogic integrates with some of the data masking, or obfuscation tools out there. So, that's a great value add to the storage as well. So, from a storage layer you don't really know what's the content of the data. Whereas Catalogic provides that information, where it can take the database information, and apply masking against it. And, when we manage these snapshots, we provide role-based access control against it. So an end user, we'll give them access to them. For admins to do basic recovery they can perform against the entire database. Whereas a developer who needs access to a subset of the data will only get access or see the data that we allow them to see. >> Okay, hard question, then I'll try to bring another one to you. Self-service as nirvana. IT operations moving into higher value, cloud-native, developer. How do you guys see the progress of full self-service. Scalable, horizontally scalable data. Are you there now? Where does that fit, that picture of full self-service? No operations guys involved. >> So, no operations guys involved is still. >> John: See I stumped you. >> Right. So, it's still in a runner because it combines a couple of things. So one, if you want to give access to data, it has to be instant. And it doesn't have to be script driven. It has to be either click of a button, or leverage the existing tools that they have. And the other is, how much can you give access? So in the sense that, I have 15 developers. And, 15 developers are all asking for the same data, and you need to have a performing storage that should be able to handle these multiple stream requests. >> And I think you're speaking very eloquently about the technology, but I think you're understating the whole nature of enabling the private cloud and having it be self-service. There is a point in time when you first take that first 30 to 60 minutes to setup Catalogic and to register into the authentication realms, and the virtualization environment, and the storage array. Okay sure, that's overhead. Then you're going to spend some time with your team, as the operations side of the house, defining your infrastructure policies. And you're probably going to go reach to talk to, again this is DevOps. I'm going to go talk to the development teams, and go talk to the regulatory folks. What are the requirements? Because does this data have to stay in country? What countries is is visible for? >> There's some legwork up front. >> What has to be masked based on what groups? And you setup these role-based policies. Once that's in place, that's no different than ... Now you have a service catalog. And you're showing up, and you're like, "Hey I'm John." "You guys know I'm part of the Oracle team." >> And so the developers can have full access to that data. They can program with it. >> Vaughn: They get to catalog and the API set >> Prashant: So what we ... Exactly, so what we create is templates. And these templates can be customized to a developer. So I have a financial services team, that needs access to the financial service data. So we'll create templates that'll include policies like, hey, this is the storage provision for it. This is the data, the mass data which contains the financials. And, we'll give that template to the financial services team. >> And just for the audience, because I think we all grok this, but I want to make sure the audience gets this. The difference between what we're talking about, and just saying well, "Hey I can clone" "a database virtual machine today" "by my hypervisor." Sure. But that's a manual process by the virtualization team. Which is disconnected from the application team. >> There needs to be an email. A meeting gets setup. People have to weigh in. >> But there's no data masking. There's no role-based access posse. There's no termination of the resource policy. So, we're sitting again and back in, sure virtualization gave us agility, but we're still manual and trying to track it. This gives us not just a catalog of services. It's all audited. Now we can go back and see who accessed what data at what time. Cloud. >> Awesome. Vaughn I want to ask you the final question, because I want to talk about kind of of a futuristic industry view. AI is the hype right now. Augmented intelligence I call it. But, soon artificial intelligence. We're seeing self-driving cars out there. Will there be self-driving storage? I don't mean literally driving around, but I mean, talking about auto provision. We're talking about the ability to just plug something in, having machine learning and AI, these kinds of things. Are you guys working on things like that in R&D? I would imagine a world where ultimately you plug the storage in. Magic happens. People are programming with it. It's programmable. Where are we on this? What's the vision? >> So you got to watch out. This is a trick question, right? Rule number one from your Comms team, don't make news. So, I would say is, again, going back to our pillars, in the foundation for Pure. How do we help customers put their data to work? We make it effortless, efficient, and evergreen. And under that effortless piece, the big notion with Purists is there's no knobs to turn. And so the secret sauce is that I can give you Flash performance at disk economics. And guess what? You're virtualization admin can be a storage expert. Can hit six nine's availability without ever reading a manual. So this is the foundation of what we've built with Flash Array. We've now rolled out Flash Blade. And, let's just say with our partnership >> Are you being a good, you're being a good spokesperson right now, by not trying, trying to go to the script. Prashant we'll go to you, because we know everyone's working on automation. So that's not a secret. The question though is specific. I don't want to get you in trouble, but the point is, people are looking for real automation where there's some intelligence. That's the trend. You guys are kind of at the beginning stages of your relationship >> Prashant: Correct. >> that are doing that now at some level. When's that next level, what's it look like. >> The heart of automation is building that catalog. And there goes in the name of our company Catalogic. I don't want to give any future details away, but yeah, that's where everybody's going. They're all looking for a chatbot, or an Alexa-like project. >> Well storage is a service is what people say. Tesla is a car, it's not really a car anymore. It's a service. >> Prashant: It's a service, right. >> Powered by software. Storage you can almost imagine some product coming out that's very service and connected oriented. >> Well look, I wasn't trying to dodge your question but, >> I know. >> at the end of the day, everybody wants to automate their data center. I think you were taking it a step further saying, "Okay look, I see frameworks here" "of what we're talking about between Pure and Catalogic." What comes next? We've got a lot of folks that we know in this valley that are working for a number of startups trying to say hey, how do I bring AI into the data center? I think it's going to be more prevalent over the next four or five years, so let's see how it develops. >> Okay, so where does the partnership go next? We'll kind of end it on that. And you guys have a great partnership, and thanks for coming in and sharing the data. But Prashant and Vaughn, where does this go next? What happens next? Good integration, what's the next step? >> I think customers who are looking at this today, the easiest place to start is to say I want to automate Oracle and/or SQL, or I want to bring, and look at reinventing my backup space. I don't want to buy an appliance. I want data protection to be part of my ecosystem and cloud-connected. Where does it go from here? I think we'll see probably an expansion in terms of our partnership. So we've got a new product called Flash Blade that we want to look at, >> Prashant: You want to look at as well. >> work at working on together. We've got us some other work that we can't announce at this point in time. But if you come to Accelerate, which is our user conference in June, you'll hear about some of the new capabilities we're going to bring to market, and that we are working on within that ecosystem together as well. >> Yeah, and for us it goes back to the mission critical databases. So we are expanding our portfolio, and adding more databases, and expanding existing databases. >> John: Expanding the catalog. Microservices oriented, that kind of thing? >> Exactly, and supporting other ... >> Key industry applications, based on vertical. >> Right, and tighter integration with existing storage arrays as well as the new ones. >> Cloud is about the data, right? The data is where the action is. That's the action. >> And we are looking at how to extend into the cloud as well. >> Alright, Catalogic and Pure here on inside the CubeConversation. Prashant, Vaughn, thanks for spending the time. I'm John Furrier. Thanks for watching this CubeConversation.

>> Announcer: Live from New Orleans, it's theCUBE. Covering VeeamON 2017, brought to you by Veeam. >> Welcome back to New Orleans everybody, I'm Dave Vellante with Stu Miniman. This is theCUBE, the leader in live tech-coverage. This is day one of our continuous coverage of VeeamON, continuous coverage of continuous data protection. Big theme here today. Maria Olson is here, she's the vice president of Global & Strategic Alliances at NetApp. Andy Vandeveld is back, he's the vice president of Global Alliances at Veeam. Folks, welcome to theCUBE, good to see you again. >> Thank you, nice to be here. >> Thank you. >> So, first of all, let's start with Maria. So VeeamON, big show, a lot of action. How's it going? >> You know, the energy here is amazing here. I remember being at VeeamON years before, and what I see here in terms of the number of customers and partners, and starting to see the big growth in the enterprise market. And all the announcements and innovation that they've made today is fantastic. >> There's like a groundswell right? We've been following NetApp for years. You guys have the best snapshot technology in the marketplace, customers love it and very efficient, and have always had an interesting take on data protection. And data fabric obviously is a big theme of NetApp these days, so explain that to us and we can get into how you guys partner. >> Sure absolutely, so most companies think of us as a storage company, but we really have evolved from a storage company to a data management company. We have a full portfolio of products, including all of our All Flash FAS offerings. We did an acquisition, which was our largest acquisition with SolidFire as well. We also have back up to Cloud offerings with our AltaVault offering that backs up to Azure and Amazon. We have StorageGRID Webscale. We have a very full, large portfolio. What all this allows customers to do, and where NetApp is heading is in terms of being able to manage and move the date, regardless of where it's at. So I call this, the gold opportunity. I just came back from SAPPHIRE, you talk to Bill McDermott, he talks about how data's gold. You heard the same thing here with Peter McKay as well. And to me the whole thing, it doesn't matter if the gold's there, you got to be able to manage it, and monetize, and do something with it. And that's what NetApp helps provide. >> So Andy, that sounds very consistent with the strategy that Veeam is putting forth. >> Yes. >> That we heard certainly this morning, and throughout this conference. So what's the partnership? Where do you pick up and NetApp leave off, or vice versa? >> Well, so in the date protection space, it's the ability to manage the data, to make sure that it's getting into a form that can be stored and accessed and available as quickly as possible, is really what we're focusing on. And to do that, we need partners like NetApp, who have the infrastructure assets that we can leverage. Particularly as we move more and more into the enterprise business with enterprise customers. Those customer's are spitting off a lot of data. They need their data to be available as quickly as possible in the case of an outage or some other disruption to their business. And to do that, Veeam needs infrastructure partners that have robust portfolios that can handle that sort of requirement, and that's where the relationship with NetApp comes into play. And it's been very good for us over the years. >> I like this notion of data fabric, has a connotation of fluidity, and it sort of reminds me of the Veeam Waves here a little bit. So explain more Maria, if you will, the data fabric, what is that concept, how are customers actually getting value out of it? >> Absolutely, so data fabric was more of a framework, right? We don't have a SKU that you just go buy data fabric. It's really a framework and a portfolio of products, integrated with our ecosystem of partners like Veeam, to be able to manage and move the data. Regardless if it's on PRIM, or where they want to go as part of their digital transformation. So customers are all at different phases in terms of where they want to go, in terms of becoming more of a digitally-oriented business. And we help get them there through the journey, because of the strength that we have on the on premise side, as well as the integrations that we've done with our partner ecosystem, specifically with Veeam and others. So we can help move them in that direction. >> So take that a little bit further, in terms of, so the customer sees this vast portfolio. Andy you were talking before about NetApps infrastructure. It's pretty vast, it's a leader in it's space. What are they asking you guys for? What are they challenging you to do? Specifically in the context of data protection. >> So customers are asking us, number one, make sure that it's simple. And that's one of the big value props that Veeam makes, number one. >> And NetApp over the years. >> And NetApp too. That it's always on and available. That there is no disaster that occurs, that the data is there, that we know where it is, that we can manage it, we can back it up. Those are the big things. The third things customers are asking for, is help us in terms of, how do we digitally transform our business? It's the business outcome that they're looking for. Of which, the products that NetApp and Veeam does, is a subset of that, that helps them on that journey. So they can actually digitally migrate, and become more of a digitally-oriented business, with our offerings helping in the whole backup and recovery and whole data management space. >> Yeah and I would just sort of tag onto that, customer's consumption models are changing. So they're on PRIM, they're in a private Cloud, they're in a public Cloud. The way that they consume is changing, and it's different. And no two look the same. And I think what customers are telling us is, let us decide how we're going to consume. You just be able to accommodate that consumption. And that's really what we've been focusing on. So if it's in an on PRIM environment, great. If it's in a public Cloud, fantastic. If it's some hybrid model, that's great too. We can accommodate that, and that's really what customers are asking us. As well as making sure that we accommodate the various business models that exist. So whether it's purchasing licenses, or some subscription-based models or whatever, they want that flexibility and that's what they're asking us to provide. >> Maria, I'm wondering if you have any joint customers that you're highlighting here at the show, or any specific examples you might be able to walk us through. >> So we have several joint customers, as a matter of fact, you heard Peter McKay talk about 210,000 customers. Of those, 30% are NetApp, so it's a very big area. And now, in terms of some of the announcements they've made, in terms of supporting NaaS, in terms of physical environment. NetApp is the leader in that space, so it's even going to become broader. So you saw today, in terms of Peter McKay talking about the Denver Broncos, that's a big NetApp customer in terms of the solutions that they have there. Also, Telefónica was announced there. Very large service provider. It's another very big NetApp customer. So there's a lot of customers in the enterprise space. Veeam's more known in terms of the s and v space, but when you start to look at the momentum they've had in going up the stack, there's a lot of enterprise customers that we actually are jointly engaging with. >> I would just say that the more that we penetrate the enterprise market and the service provider market, the more that we're going to need partnerships like we have with NetApp. To become stronger, because they're the trusted advisors, the ones that the customers are listening to. It's easier for us just to ride on their coattails into these opportunities than to try to create these relationships all ourselves. That's what makes this such a great partnership for us. >> The Cloud service customer channel base has come up a couple times today. But we haven't really explored some of the fundamental assumptions behind it. And what I want to ask you guys is, everybody sees the ascendancy of Amazon. Very impressive, amazing growth. Yet at the same time, your respective Cloud service provider businesses are also growing very rapidly. >> Maria: Very much. >> So you've got the disruption to the traditional legacy enterprise business we all have covered that very well. But there's not much been discussed about what's going to happen within the Cloud business. There's maybe some camp that says, okay everything's going to go to Amazon and I think many people believe that. But what's happening within the Cloud service provider base? It seems to be quite fragmented, which is a good thing for you guys. It seems to be local in nature, very specialized services, and ability to compete with Amazon and Azure, because they're not competing necessarily with scale volume, they're competing in other ways. So I wonder if you could help us unpack that a little bit. As to what's happening in your respective bases there. >> Yeah, so we're seeing a lot of momentum in the service provider space. So we've sold a lot of storage and data management over to what the large new service providers of the world. The IBM SoftLayers, the Azures, Google Cloud Platform. All of them as well as the existing ones, the AT&Ts and the Verizons and Telefónicas of the world. And so we continue to see a fragmentation there. You kind of have the new world service providers, and the old world service providers. And they're all trying to figure out the business model, so they can make sure that they're all going to be there over the next 20, 25 years to see how this whole game evolves. But we have a big footprint in both of those camps. And as a matter of fact, one of the things I love about the relationship between NetApp an Veeam, is we're companies that are embracing Cloud. We're not fighting Cloud, we're really trying to embrace it. So we have multiple offerings in terms of NetApp across our storage and date management, across all the new emerging Cloud players, and the existing one. And Veeam also has pretty deep relationships. They just announced today in offerings with AWS, and with Microsoft Azure as well. >> Dave: Anything you'd add Andy? >> Yeah, I think you're right about the market being a little bit more fragmented. There are smaller, more specialized Cloud providers. And there's a set of customers that want that. So I think it kind of gets back to the point that I was making earlier, which is the consumption models are changing. And who they consume from, in terms of Cloud, is not 100% consistent, and so we need to be able to deliver the technology that can accommodate whatever that decision is that the customer makes. >> From a partnership perspective, how does something like this start? And what do you, I mean obviously you say, let's go to market together. That's a logical starting point, but then there's maybe some other integration that has to take place. What do you guys sort of set out to accomplish? What are the milestones, the metrics, that you try to, how do you measure success on a partnership like this? How do you know when it's going to work, and is working? >> Yeah, that's a great question. Number one, you first have to have alignment in terms of what solutions you're going to go out there and build. And I think part of the secret of the success of the relationship, if you think back in terms of, NetApp made a big bet in virtualized environments. In doing big differentiated offerings with VMware. Even though their owned by EMC. And we we're extremely successful, 50,000 joint customers. You look at Veeam, they made a big bet with VMware, so our installed basis and the co-nih-va-tion and development that we've done already there, is already paid off there in spades. So number one, you got to have the co-nih-va-tion and the solution that you're building. The second thing is an aligned go-to-market, in terms of what is our go-to-market plan, how are we doing that through the channel? Is it a comprehensive program? What does that look like? And then it comes down to people at the end of the day, and the culture. Do the companies have really good cultures and people that really want to go at, and execute those plans? >> Yeah, and we have strong alignment at the executive levels as well, which helps. Because you need to have that sort of strategic vision, you're looking out 18 months, 24 months. Are we in alignment? And I think that helps. I would say another strong metric for Veeam is our Net Promoter Score, we're 73, it's off the charts, it's fantastic. That doesn't happen if you're not delivering the right solutions with the right set of partners. And to us, that's just another metric of, how successful are these partnerships? Particularly the one that we have with NetApp. >> And actually, I looked at NetApps Net Promoter Score, and we're 64, so we're way up there as well. So that's another area that we're very aligned as well. >> You know NPS is interesting. If you're, you're not really a one-product company, but you're smaller, and so it's easier to have a high NPS when you're smaller. Now, of course you've got on-tap. >> I wanted to be on that graph up there on the key note. >> That's pretty good. (group laughing) I was at ServiceNow last week, and they have a very happy customer base, and they were touting their, I think 53 NPS. And that's, so 60's for a company the size of NetApp. And you guys, like you say, off the charts. So that's impressive, go ahead Stu. >> Yeah just the last piece you talked about, some of the announcements that were made that impact, including in v 10, there's going to be NaaS. We look forward, anything that we should be looking to measure success of the partnerships, and anything that your companies are working on together that you can speak to. >> Well I think at the end of the day, it's customers and revenue. Ensuring that that continues to grow. Veeam's on fire, they've got 210,000 customers, they're growing at 450-- >> 245,000 at the end of-- >> 45, and every day they're adding 200 customers a day. >> Peter corrected me. (group laughing) >> Right, yeah exactly, so I really think we measure it by customers and revenue, in terms of how we're driving. And then new solution areas, like I said, with Cloud we're very aligned in both companies, embracing Cloud. Big opportunity to go after some of these service provider areas. >> Yeah, I think we're going to continue to focus on delivering joint solutions. That's really kind of, if I had to put my finger on one thing, watch this space. It's joint solutions we want to put out to the marketplace that are going to benefit our customers. >> All right, we have to leave it there. Thanks very much for coming on theCUBE. It was great to see you. >> All right, thank you. >> Thank you. Appreciate it. >> You're welcome. All right, keep it right there everybody. We'll be back, rockin' New Orleans with theCube VeeamON 2017. (upbeat techno music) (keyboard typing)

>> Voiceover: Live from New Orleans, it's the Cube covering VeeamON 2017 brought to you by Veeam. >> Welcome back to New Orleans everybody. This is the Cube, the leader in live tech coverage. We go out to the events and extract the signal from the noise. My name is Dave Vellante, and I'm here with my cohost Stu Miniman. Frank Palumbo is here. He's the senior vice president at Cisco Systems. And Andy Vandeveld is the vice president of Global Alliances at Veeam Software. Gents, welcome to The Cube. >> How we doing? >> Thank you. >> It's great to be here. >> Good, Frank, hot off the keynote. It was great, Yankees fan, love it. The rivalry continues. Of course you guys know the Cube, Red Sox fans, some of us. Stu's not. >> Not all of us. >> So we love it. We love the action, and it's always fun. But Frank we had to cut out a little bit before your keynote because we had to get ready to do the Cube. But you put up a slide that was awesome. We could do an hour on The Cube on that, and it's all about the apps, I mean really. But you had this great slide with apps and microservices and virtualization and bare metal and OnPrim and really laying out the complexity today. And you guys are at the heart of that. Maybe give us a quick summary of how you guys see the world. >> When you're talking about the applications, the application profile, it's important, the network kind of brings this together because we do touch everything. Where people are in this kind of application history is some of them are on legacy, mainframe. Some of them are on RISC processors. But as a network provider, we have to bring those in too even with the more modern applications. So you look at what the platforms or workloads are on so move those in. And then you're looking at workload placement, on Prim or in the Cloud. Do we put data in a colo? Do we put the application in the Cloud? There's different hybrid mentalities to do that. Then you get into the systems management where there's just too much stuff out there. Humans can't manage it anymore so the machines and the software have to manage the machines and the software. We'd like to think we're right in the middle of that because of the way we bring things together with the network. >> So Andy, I look at the... Stu and I walked the floor before we come in here, the ecosystem is really quite impressive-- >> Andy: Thank you. >> for a relatively small company. I mean not that small anymore. It didn't just happen overnight. Maybe you could talk a little bit about themes and philosophy with partnerships and some of the things that you're doing with Alliances generally and specifically get into the Cisco partnership. >> Well I think partnerships have been in our DNA since the beginning of the company. We're a 100% channel-lead company. We don't have a direct sales force. That's an important piece of the company's philosophy. These alliances are really key for us because as we start to move into markets that are maybe a little bit higher than where we've been into the large enterprise and mid-enterprise and large enterprise, we really look at partnerships like the one with Cisco that are going to benefit Veeam and the customers by us being together doing joint developments. Some of the things that Frank talked about in his keynote speech, those are the sorts of things that create solutions for that level of customer where Cisco's been resident for many, many years. So we look at these partnerships as really central to where Veeam wants to go as a company and where we think customers want Veeam to participate with the partners. >> What's the specific nature of the partnership? Can you unpack that a little bit for us? >> From my side, certainly we have a robust go-to-market relationship in terms of when we're positioning UCS or Hyperflex, our server and hyper converged platforms, now we can bring to bear the Veeam value problem as we go forward with customers. And customers look to Cisco really to complete the story and offer an end-to-end solution. We weren't able to complete it without the Veeam technology. Then on the development side, some of the things that we're doing, we've integrated so now the Veeam software can work with our Snap technology and hyper converge. So you're starting to see it come together at the screen level with the bits and bytes in terms of the integration. >> Dave: So there's a greater degree of technical integration as well. >> Frank: Yes. >> It's not just go-to, I mean that's important because a lot of times back-up data protection is kind of an afterthought. It's a bolt-on. But if you're going to be a complete solution provider, that's fundamental and it's becoming more important. >> I think you know I was just mentioning to Frank back in the green room before we came out here I look at the start of this partnership as really being about 18 months ago. Although we'd had a partnership for a while, we really kind of started about 18 months ago in this meeting that we had at their partner conference in Maui. And Radmeer and I sat down with Frank and kind of explained why we thought data protection was a solution that Cisco could get behind particularly now that they were coming out with their S-Series devices. But that's just the start of it. It has to come with integration as well. Then we started with Hyperflex. It was a new product for them, 1.0 version. With the 2.0 version, we got integrated with snapshot technology like Frank mentioned. I look at this short runway of time in this relationship that kicked off with our meeting with Frank and he got it right away. We didn't have to explain it. >> Dave: It resignated. >> Frank: Oh, no question. We're very proud of our S-Series storage server. The hardware is nice. The infrastructure piece is nice, but it really doesn't come together unless you got the application on a run with it. That's where Veeam just jumps in and fills that gap perfectly for us. >> Frank, I think back to when virtualization really took off. Networking was one of the things that we had to fix. It put a lot of stress on the network. It's one of the reasons Cisco created UCS and backup also creates a lot of strain on the network. So it seems a natural fit. Can you talk about all the complexities that are coming and how you're going to be, what can we expect to see from jointly going forward? >> I think we've learned a lot from Veeam in terms of they've been able to really attack complex issues in a very simple fashion. Simplicity is the game with customers right now. Things are moving so fast. If you can't be simple, you're going to have a tough time out there. So I think that's where it's really come together for us in that vein. But when you look at the value of data and whether it's a second old or two years old or a year old, there's so many different more paradigms coming out about what you can do with this data. And customers and even customers of customers have now found ways to use this data either to make better decisions, monetize it, to stay away from things. So that's why this whole lifecycle for us is so important. This is where Veeam and us can really do some nice things for customers. >> Andy, can you build on that about the multi-Cloud position that Veeam has? How many of those, do you know, touch what Cisco's doing here and how does the partnership help drive that value of data type offering? >> For Veeam, our message is all about availability, availability of the data which makes the applications available and which basically makes the business stay up and running. One analogy we use is a cell phone. When you're cell phone dies, you can't get access to your email. You can't get access to your instant messages. >> Dave: You freak bascially. >> You feel like you're lost, right? >> Frank: It's getting kind of pathetic. >> Yeah. >> Dave: It is pretty bad. >> So think about not being able to get access to your data or access to your applications because of some outage, not being able to backup and recover. Your business could go out of business. Working with Cisco on solutions that are on premise, that are in the Cloud, that are multi-Cloud is really the value of the partnership that we have that we bring together. It's just at the beginning. We've got solutions that we're building now. We got solutions that are on the horizon. We've got a very strong go-to-market partnership in a very short period of time that are targeting enterprise customers, service providers, the whole gamut. It's really that sort of relationship that you find in an industry every so often. When it comes together like it has with us and Cisco, it's really a very strong, strong value prop. >> Well Veeam capitalized on the original virtualization trend with VMware that was a big transformation, the server infrastructure. You're seeing a huge network transformation now. There are so many forces affecting the network that I wonder, Frank, if you could comment on. You got ScaleOut. There's Flash. There's Cloud. There's Microservice. There's DevOps makes everything go faster. The flattening of the network. Describe what's happening and then maybe you can talk about how your ecosystem is going to take advantage of that. From what were the challenges the network has is exactly like you said. You have certainly the virtualized workloads now. The Microservices containerize workloads. I think the one people forget about is there's still a ton of bare metal out there, right? You look at the Hadoop workloads and such. A lot of these are bare metal oriented, right? Quite frankly, moving a VM around a fabric is actually pretty easy to do. But when you got to move a bare metal workload around a fabric, and that's something we can do with UCS the way we do it statelessly, that's much harder. That's why we have the extraction layer with what we call the fabric interconnection with UCS to do that kind of stuff. I think that's sometimes lost in the translation in terms of how you're going to handle all these different workloads. >> If I understand it, the link then to the opportunity for you guys, Andy, is that the stakes are just much higher now, right? You could do so much more around the networks. Stakes are so much higher. That increases the need for your products and services. Carry that through if you would. >> Well, it is. As we make our way up-market into the enterprise, the amount of data that businesses are spinning off of, their infrastructure and their data center or from robo offices or wherever, is growing immensely. Being able to have a partnership with an infrastructure provider like Cisco, where we can put solutions together that really give the customers the rock solid base for backing up their data and making sure that it's available is really critical for us as we move into those larger enterprise and larger environments. So this is an essential relationship I would say. >> I think, too, if I could mention, this is something our channel wanted to see, too. We're the same. We're at about 98% of our business goes through the channel. So they're selling our full line of infrastructure products. This completes the story for them. So we got a lot of guides to them say, "Hey, yes, Cisco. "We'd like to see you come together with Veeam "so we can start bundling offers out there in the market "and be that kind of end-end-to supplier, too." That was a big impetus especially from mid-market up to enterprise customers. >> Excellent, well, we got to wrap there. The partnerships give you huge leverage as a small, again not so small company anymore. The fact that you can get somebody like Frank to come down, talk about the partnership, is a testament to what you guys have built. So congratulations. Really appreciate you guys coming on The Cube. >> No, my pleasure, our pleasure. >> All right, keep it right there, everybody. We'll be back with our next guest. This is The Cube. We're live from New Orleans, VeeamON 2017. We'll be right back. (tinkling music)