(upbeat music) >> Hello, and welcome to "theCUBE" conversation here in Palo Alto, California. I'm John Furrier, host of "theCUBE," got a great security conversation, Ed Casper who's the founder and CEO of Cloud Storage Security, the great Cloud background, Cloud security, Cloud storage. Welcome to the "theCUBE Conversation," Ed. Thanks for coming on. >> Thank you very much for having me. >> I got Lafomo on that background. You got the nice look there. Let's get into the storage blind spot conversation around Cloud Security. Obviously, reinforced has came up a ton, you heard a lot about encryption, automated reasoning but still ransomware was still hot. All these things are continuing to be issues on security but they're all brought on data and storage, right? So this is a big part of it. Tell us a little bit about how you guys came about the origination story. What is the company all about? >> Sure, so, we're a pandemic story. We started in February right before the pandemic really hit and we've survived and thrived because it is such a critical thing. If you look at the growth that's happening in storage right now, we saw this at reinforced. We saw even a recent AWS Storage Day. Their S3, in particular, houses over 200 trillion objects. If you look just 10 years ago, in 2012, Amazon touted how they were housing one trillion objects, so in a 10 year period, it's grown to 200 trillion and really most of that has happened in the last three or four years, so the pandemic and the shift in the ability and the technologies to process data better has really driven the need and driven the Cloud growth. >> I want to get into some of the issues around storage. Obviously, the trend on S3, look at what they've done. I mean, I saw my land at storage today. We've interviewed her. She's amazing. Just the EC2 and S3 the core pistons of AWS, obviously, the silicons getting better, the IaaS layers just getting so much more innovation. You got more performance abstraction layers at the past is emerging Cloud operations on premise now with hybrid is becoming a steady state and if you look at all the action, it's all this hyper-converged kind of conversations but it's not hyper-converged in a box, it's Cloud Storage, so there's a lot of activity around storage in the Cloud. Why is that? >> Well, because it's that companies are defined by their data and, if a company's data is growing, the company itself is growing. If it's not growing, they are stagnant and in trouble, and so, what's been happening now and you see it with the move to Cloud especially over the on-prem storage sources is people are starting to put more data to work and they're figuring out how to get the value out of it. Recent analysts made a statement that if the Fortune 1000 could just share and expose 10% more of their data, they'd have net revenue increases of 65 million. So it's just the ability to put that data to work and it's so much more capable in the Cloud than it has been on-prem to this point. >> It's interesting data portability is being discussed, data access, who gets access, do you move compute to the data? Do you move data around? And all these conversations are kind of around access and security. It's one of the big vulnerabilities around data whether it's an S3 bucket that's an manual configuration error, or if it's a tool that needs credentials. I mean, how do you manage all this stuff? This is really where a rethink kind of comes around so, can you share how you guys are surviving and thriving in that kind of crazy world that we're in? >> Yeah, absolutely. So, data has been the critical piece and moving to the Cloud has really been this notion of how do I protect my access into the Cloud? How do I protect who's got it? How do I think about the networking aspects? My east west traffic after I've blocked them from coming in but no one's thinking about the data itself and ultimately, you want to make that data very safe for the consumers of the data. They have an expectation and almost a demand that the data that they consume is safe and so, companies are starting to have to think about that. They haven't thought about it. It has been a blind spot, you mentioned that before. In regards to, I am protecting my management plane, we use posture management tools. We use automated services. If you're not automating, then you're struggling in the Cloud. But when it comes to the data, everyone thinks, "Oh, I've blocked access. I've used firewalls. I've used policies on the data," but they don't think about the data itself. It is that packet that you talked about that moves around to all the different consumers and the workflows and if you're not ensuring that that data is safe, then, you're in big trouble and we've seen it over and over again. >> I mean, it's definitely a hot category and it's changing a lot, so I love this conversation because it's a primary one, primary and secondary cover data cotton storage. It's kind of good joke there, but all kidding aside, it's a hard, you got data lineage tracing is a big issue right now. We're seeing companies come out there and kind of superability tangent there. The focus on this is huge. I'm curious, what was the origination story? What got you into the business? Was it like, were you having a problem with this? Did you see an opportunity? What was the focus when the company was founded? >> It's definitely to solve the problems that customers are facing. What's been very interesting is that they're out there needing this. They're needing to ensure their data is safe. As the whole story goes, they're putting it to work more, we're seeing this. I thought it was a really interesting series, one of your last series about data as code and you saw all the different technologies that are processing and managing that data and companies are leveraging today but still, once that data is ready and it's consumed by someone, it's causing real havoc if it's not either protected from being exposed or safe to use and consume and so that's been the biggest thing. So we saw a niche. We started with this notion of Cloud Storage being object storage, and there was nothing there protecting that. Amazon has the notion of access and that is how they protect the data today but not the packets themselves, not the underlying data and so, we created the solution to say, "Okay, we're going to ensure that that data is clean. We're also going to ensure that you have awareness of what that data is, the types of files you have out in the Cloud, wherever they may be, especially as they drift outside of the normal platforms that you're used to seeing that data in. >> It's interesting that people were storing data lakes. Oh yeah, just store a womp we might need and then became a data swamp. That's kind of like go back 67 years ago. That was the conversation. Now, the conversation is I need data. It's got to be clean. It's got to feed the machine learning. This is going to be a critical aspect of the business model for the developers who are building the apps, hence, the data has code reference which we've focused on but then you say, "Okay, great. Does this increase our surface area for potential hackers?" So there's all kinds of things that kind of open up, we start doing cool, innovative, things like that so, what are some of the areas that you see that your tech solves around some of the blind spots or with object store, the things that people are overlooking? What are some of the core things that you guys are seeing that you're solving? >> So, it's a couple of things, right now, the still the biggest thing you see in the news is configuration issues where people are losing their data or accidentally opening up to rights. That's the worst case scenario. Reads are a bad thing too but if you open up rights and we saw this with a major API vendor in the last couple of years they accidentally opened rights to their buckets. Hackers found it immediately and put malicious code into their APIs that were then downloaded and consumed by many, many of their customers so, it is happening out there. So the notion of ensuring configuration is good and proper, ensuring that data has not been augmented inappropriately and that it is safe for consumption is where we started and, we created a lightweight, highly scalable solution. At this point, we've scanned billions of files for customers and petabytes of data and we're seeing that it's such a critical piece to that to make sure that that data's safe. The big thing and you brought this up as well is the big thing is they're getting data from so many different sources now. It's not just data that they generate. You see one centralized company taking in from numerous sources, consolidating it, creating new value on top of it, and then releasing that and the question is, do you trust those sources or not? And even if you do, they may not be safe. >> We had an event around super Clouds is a topic we brought up to get bring the attention to the complexity of hybrid which is on premise, which is essentially Cloud operations. And the successful people that are doing things in the software side are essentially abstracting up the benefits of the infrastructures of service from HN AWS, right, which is great. Then they innovate on top so they have to abstract that storage is a key component of where we see the innovations going. How do you see your tech that kind of connecting with that trend that's coming which is everyone wants infrastructures code. I mean, that's not new. I mean, that's the goal and it's getting better every day but DevOps, the developers are driving the operations and security teams to like stay pace, so policy seeing a lot of policy seeing some cool things going on that's abstracting up from say storage and compute but then those are being put to use as well, so you've got this new wave coming around the corner. What's your reaction to that? What's your vision on that? How do you see that evolving? >> I think it's great, actually. I think that the biggest problem that you have to do as someone who is helping them with that process is make sure you don't slow it down. So, just like Cloud at scale, you must automate, you must provide different mechanisms to fit into workflows that allow them to do it just how they want to do it and don't slow them down. Don't hold them back and so, we've come up with different measures to provide and pretty much a fit for any workflow that any customer has come so far with. We do data this way. I want you to plug in right here. Can you do that? And so it's really about being able to plug in where you need to be, and don't slow 'em down. That's what we found so far. >> Oh yeah, I mean that exactly, you don't want to solve complexity with more complexity. That's the killer problem right now so take me through the use case. Can you just walk me through how you guys engage with customers? How they consume your service? How they deploy it? You got some deployment scenarios. Can you talk about how you guys fit in and what's different about what you guys do? >> Sure, so, we're what we're seeing is and I'll go back to this data coming from numerous sources. We see different agencies, different enterprises taking data in and maybe their solution is intelligence on top of data, so they're taking these data sets in whether it's topographical information or whether it's in investing type information. Then they process that and they scan it and they distribute it out to others. So, we see that happening as a big common piece through data ingestion pipelines, that's where these folks are getting most of their data. The other is where is the data itself, the document or the document set, the actual critical piece that gets moved around and we see that in pharmaceutical studies, we see it in mortgage industry and FinTech and healthcare and so, anywhere that, let's just take a very simple example, I have to apply for insurance. I'm going to upload my Social Security information. I'm going to upload a driver's license, whatever it happens to be. I want to one know which of my information is personally identifiable, so I want to be able to classify that data but because you're trusting or because you're taking data from untrusted sources, then you have to consider whether or not it's safe for you to use as your own folks and then also for the downstream users as well. >> It's interesting, in the security world, we hear zero trust and then we hear supply chain, software supply chains. We get to trust everybody, so you got kind of two things going on. You got the hardware kind of like all the infrastructure guys saying, "Don't trust anything 'cause we have a zero trust model," but as you start getting into the software side, it's like trust is critical like containers and Cloud native services, trust is critical. You guys are kind of on that balance where you're saying, "Hey, I want data to come in. We're going to look at it. We're going to make sure it's clean." That's the value here. Is that what I'm hearing you, you're taking it and you're saying, "Okay, we'll ingest it and during the ingestion process, we'll classify it. We'll do some things to it with our tech and put it in a position to be used properly." Is that right? >> That's exactly right. That's a great summary, but ultimately, if you're taking data in, you want to ensure it's safe for everyone else to use and there are a few ways to do it. Safety doesn't just mean whether it's clean or not. Is there malicious content or not? It means that you have complete coverage and control and awareness over all of your data and so, I know where it came from. I know whether it's clean and I know what kind of data is inside of it and we don't see, we see that the interesting aspects are we see that the cleanliness factor is so critical in the workflow, but we see the classification expand outside of that because if your data drifts outside of what your standard workflow was, that's when you have concerns, why is PII information over here? And that's what you have to stay on top of, just like AWS is control plane. You have to manage it all. You have to make sure you know what services have all of a sudden been exposed publicly or not, or maybe something's been taken over or not and you control that. You have to do that with your data as well. >> So how do you guys fit into the security posture? Say it a large company that might want to implement this right away. Sounds like it's right in line with what developers want and what people want. It's easy to implement from what I see. It's about 10, 15, 20 minutes to get up and running. It's not hard. It's not a heavy lift to get in. How do you guys fit in once you get operationalized when you're successful? >> It's a lightweight, highly scalable serverless solution, it's built on Fargate containers and it goes in very easily and then, we offer either native integrations through S3 directly, or we offer APIs and the APIs are what a lot of our customers who want inline realtime scanning leverage and we also are looking at offering the actual proxy aspects. So those folks who use the S3 APIs that our native AWS, puts and gets. We can actually leverage our put and get as an endpoint and when they retrieve the file or place the file in, we'll scan it on access as well, so, it's not just a one time data arrest. It can be a data in motion as you're retrieving the information as well >> We were talking with our friends the other day and we're talking about companies like Datadog. This is the model people want, they want to come in and developers are driving a lot of the usage and operational practice so I have to ask you, this fits kind of right in there but also, you also have the corporate governance policy police that want to make sure that things are covered so, how do you balance that? Because that's an important part of this as well. >> Yeah, we're really flexible for the different ways they want to consume and and interact with it. But then also, that is such a critical piece. So many of our customers, we probably have a 50/50 breakdown of those inside the US versus those outside the US and so, you have those in California with their information protection act. You have GDPR in Europe and you have Asia having their own policies as well and the way we solve for that is we scan close to the data and we scan in the customer's account, so we don't require them to lose chain of custody and send data outside of the accoun. That is so critical to that aspect. And then we don't ask them to transfer it outside of the region, so, that's another critical piece is data residency has to be involved as part of that compliance conversation. >> How much does Cloud enable you to do this that you couldn't really do before? I mean, this really shows the advantage of natively being in the Cloud to kind of take advantage of the IaaS to SAS components to solve these problems. Share your thoughts on how this is possible. What if there was no problem, what would you do? >> It really makes it a piece of cake. As silly as that sounds, when we deploy our solution, we provide a management console for them that runs inside their own accounts. So again, no metadata or anything has to come out of it and it's all push button click and because the Cloud makes it scalable because Cloud offers infrastructure as code, we can take advantage of that and then, when they say go protect data in the Ireland region, they push a button, we stand up a stack right there in the Ireland region and scan and protect their data right there. If they say we need to be in GovCloud and operate in GovCloud East, there you go, push the button and you can behave in GovCloud East as well. >> And with server lists and the region support and all the goodness really makes a really good opportunity to really manage these Cloud native services with the data interaction so, really good prospects. Final question for you. I mean, we love the story. I think it is going to be a really changing market in this area in a big way. I think the data storage relationship relative to higher level services will be huge as Cloud native continues to drive everything. What's the future? I mean, you guys see yourself as a all encompassing, all singing and dancing storage platform or a set of services that you're going to enable developers and drive that value. Where do you see this going? >> I think that it's a mix of both. Ultimately, you saw even on Storage Day the announcement of file cash and file cash creates a new common name space across different storage platforms and so, the notion of being able to use one area to access your data and have it come from different spots is fantastic. That's been in the on-prem world for a couple of years and it's finally making it to the Cloud. I see us following that trend in helping support. We're super laser-focused on Cloud Storage itself so, EBS volumes, we keep having customers come to us and say, "I don't want to run agents in my EC2 instances. I want you to snap and scan and I don't want to, I've got all this EFS and FSX out there that we want to scan," and so, we see that all of the Cloud Storage platforms, Amazon work docs, EFS, FSX, EBS, S3, we'll all come together and we'll provide a solution that's super simple, highly scalable that can meet all the storage needs so, that's our goal right now and where we're working towards. >> Well, Cloud Storage Security, you couldn't get a more a descriptive name of what you guys are working on and again, I've had many contacts with Andy Jassy when he was running AWS and he always loves to quote "The Innovator's Dilemma," one of his teachers at Harvard Business School and we were riffing on that the other day and I want to get your thoughts. It's not so much "The Innovator's Dilemma" anymore relative to Cloud 'cause that's kind of a done deal. It's "The Integrator's Dilemma," and so, it's the integrations are so huge now. If you don't integrate the right way, that's the new dilemma. What's your reaction to that? >> A 100% agreed. It's been super interesting. Our customers have come to us for a security solution and they don't expect us to be 'cause we don't want to be either. Our own engine vendor, we're not the ones creating the engines. We are integrating other engines in and so we can provide a multi engine scan that gives you higher efficacy. So this notion of offering simple integrations without slowing down the process, that's the key factor here is what we've been after so, we are about simplifying the Cloud experience to protecting your storage and it's been so funny because I thought customers might complain that we're not a name brand engine vendor, but they love the fact that we have multiple engines in place and we're bringing that to them this higher efficacy, multi engine scan. >> I mean the developer trends can change on a dime. You make it faster, smarter, higher velocity and more protected, that's a winning formula in the Cloud so Ed, congratulations and thanks for spending the time to riff on and talk about Cloud Storage Security and congratulations on the company's success. Thanks for coming on "theCUBE." >> My pleasure, thanks a lot, John. >> Okay. This conversation here in Palo Alto, California I'm John Furrier, host of "theCUBE." Thanks for watching.

>>Yeah. Hello and welcome back to the cubes coverage of AWS public sector summit here in Washington D. C. We're live on the ground for two days. Face to face conference and expo hall and everything here but keith brooks who is the director and head of technical business development for a dress government Govcloud selling brains 10th birthday. Congratulations. Welcome to the cube. Thank you john happy to be E. C. 2 15 S three is 9.5 or no, that maybe they're 10 because that's the same day as sqs So Govcloud. 10 years, 20 years. What time >>flies? 10 years? >>Big milestone. Congratulations. A lot of history involved in Govcloud. Yes. Take us through what's the current situation? >>Yeah. So um let's start with what it is just for the viewers that may not be familiar. So AWS Govcloud is isolated. AWS cloud infrastructure and services that were purposely built for our U. S. Government customers that had highly sensitive data or highly regulated data or applications and workloads that they wanted to move to the cloud. So we gave customers the ability to do that with AWS Govcloud. It is subject to the fed ramp I and D O D S R G I L four L five baselines. It gives customers the ability to address ITAR requirements as well as Seaga's N'est ce MMC and Phipps requirements and gives customers a multi region architecture that allows them to also designed for disaster recovery and high availability in terms of why we built it. It starts with our customers. It was pretty clear from the government that they needed a highly secure and highly compliant cloud infrastructure to innovate ahead of demand and that's what we delivered. So back in august of 2011 we launched AWS GovCloud which gave customers the best of breed in terms of high technology, high security, high compliance in the cloud to allow them to innovate for their mission critical workloads. Who >>was some of the early customers when you guys launched after the C. I. A deal intelligence community is a big one but some of the early customers. >>So the Department of Health and Human Services, the Department of Veterans Affairs, the Department of Justice and the Department of Defense were all early users of AWS GovCloud. But one of our earliest lighthouse customers was the Nasa jet propulsion laboratory and Nasa Jpl used AWS GovCloud to procure Procure resources ahead of demand which allowed them to save money and also take advantage of being efficient and only paying for what they needed. But they went beyond just I. T. Operations. They also looked at how do they use the cloud and specifically GovCloud for their mission programs. So if you think back to all the way to 2012 with the mars curiosity rover, Nasa Jpl actually streamed and processed and stored that data from the curiosity rover on AWS Govcloud They actually streamed over 150 terabytes of data responded to over 80,000 requests per second and took it beyond just imagery. They actually did high performance compute and data analytics on the data as well. That led to additional efficiencies for future. Over there >>were entire kicking they were actually >>hard core missing into it. Mission critical workloads that also adhere to itar compliance which is why they used AWS GovCloud. >>All these compliance. So there's also these levels. I remember when I was working on the jetty uh stories that were out there was always like level for those different classifications. What does all that mean like? And then this highly available data and highly high availability all these words mean something in these top secret clouds. Can you take us through kind of meetings >>of those? Yeah absolutely. So it starts with the federal compliance program and the two most popular programs are Fed ramp and Dodi srg fed ramp is more general for federal government agencies. There are three levels low moderate and high in the short and skinny of those levels is how they align to the fisma requirements of the government. So there's fisma low fisma moderate fisma high depending on the sensitivity of the government data you will have to align to those levels of Fed ramp to use workloads and store data in the cloud. Similar story for D. O. D. With srg impact levels to 45 and six uh impacts levels to four and five are all for unclassified data. Level two is for less sensitive public defense data levels. Four and five cover more sensitive defense data to include mission critical national security systems and impact level six is for classified information. So those form the basis of security and compliance, luckily with AWS GovCloud celebrating our 10th anniversary, we address Fed ramp high for our customers that require that and D. O. D impact levels to four and five for a sensitive defense guy. >>And that was a real nuanced point and a lot of the competition can't do that. That's real people don't understand, you know, this company, which is that company and all the lobbying and all the mudslinging that goes on. We've seen that in the industry. It's unfortunate, but it happens. Um, I do want to ask you about the Fed ramp because what I'm seeing on the commercial side in the cloud ecosystem, a lot of companies that aren't quote targeting public sector are coming in on the Fed ramp. So there's some good traction there. You guys have done a lot of work to accelerate that. Any new, any new information to share their. >>Yes. So we've been committed to supporting the federal government compliance requirements effectively since the launch of GovCloud. And we've demonstrated our commitment to Fed ramp over the last number of years and GovCloud specifically, we've taken dozens of services through Fed ramp high and we're 100% committed to it because we have great relationships with the Fed ramp, Jabor the joint authorization board. We work with individual government agencies to secure agency A. T. O. S. And in fact we actually have more agency A. T. O. S. With AWS GovCloud than any other cloud provider. And the short and skinny is that represents the baseline for cloud security to address sensitive government workloads and sensitive government data. And what we're seeing from industry and specifically highly regulated industries is the standard that the U. S. Government set means that they have the assurance to run control and classified information or other levels of highly sensitive data on the cloud as well. So Fed ramp set that standard. It's interesting >>that the cloud, this is the ecosystem within an ecosystem again within crossover section. So for instance um the impact of not getting Fed ramp certified is basically money. Right. If you're a supplier vendor uh software developer or whatever used to being a miracle, no one no one would know right bed ramp. I'm gonna have to hire a whole department right now. You guys have a really easy, this is a key value proposition, isn't it? >>Correct. And you see it with a number of I. S. V. S. And software as the service providers. If you visit the federal marketplace website, you'll see dozens of providers that have Fed ramp authorized third party SAAS products running on GovCloud industry leading SAAS companies like Salesforce dot com driven technology Splunk essay PNS to effectively they're bringing their best of breed capabilities, building on top of AWS GovCloud and offering those highly compliant fed ramp, moderate fed ramp high capabilities to customers both in government and private industry that need that level of compliance. >>Just as an aside, I saw they've got a nice tweet from Teresa Carlson now it's plunk Govcloud yesterday. That was a nice little positive gesture uh, for you guys at GovCloud, what other areas are you guys moving the needle on because architecturally this is a big deal. What are some areas that you're moving the needle on for the GovCloud? >>Well, when I look back across the last 10 years, there were some pretty important developments that stand out. The first is us launching the second Govcloud infrastructure region in 2018 And that gave customers that use GovCloud specifically customers that have highly sensitive data and high levels of compliance. The ability to build fault tolerant, highly available and mission critical workloads in the cloud in a region that also gives them an additional three availability zones. So the launch of GovCloud East, which is named AWS GovCloud Us East gave customers to regions a total of six availability zones that allowed them accelerate and build more scalable solutions in the cloud. More recently, there is an emergence of another D O D program called the cybersecurity maturity model, C M M C and C M M C is something where we looked around the corner and said we need to Innovate to help our customers, particularly defense customers and the defense industrial based customers address see MMC requirements in the cloud. So with Govcloud back in December of 2020, we actually launched the AWS compliant framework for federal defense workloads, which gives customers a turnkey capability and tooling and resources to spin up environments that are configured to meet see MMC controls and D. O. D. Srg control. So those things represent some of the >>evolution keith. I'm interested also in your thoughts on how you see the progression of Govcloud outside the United States. Tactical Edge get wavelength coming on board. How does how do you guys look at that? Obviously us is global, it's not just the jet, I think it's more of in general. Edge deployments, sovereignty is also going to be world's flat, Right? I mean, so how does that >>work? So it starts back with customer requirements and I tie it back to the first question effectively we built Govcloud to respond to our U. S. Government customers and are highly regulated industry customers that had highly sensitive data and a high bar to meet in terms of regulatory compliance and that's the foundation of it. So as we look to other customers to include those outside of the US. It starts with those requirements. You mentioned things like edge and hybrid and a good example of how we marry the two is when we launched a W. S. Outpost in Govcloud last year. So outpost brings the power of the AWS cloud to on premises environments of our customers, whether it's their data centers or Coehlo environments by bringing AWS services, a. P. I. S and service and points to the customer's on premises facilities >>even outside the United States. >>Well, for Govcloud is focused on us right now. Outside of the U. S. Customers also have availability to use outpost. It's just for us customers, it's focused on outpost availability, geography >>right now us. Right. But other governments gonna want their Govcloud too. Right, Right, that's what you're getting at, >>Right? And it starts with the data. Right? So we we we spent a lot of time working with government agencies across the globe to understand their regulations and their requirements and we use that to drive our decisions. And again, just like we started with govcloud 10 years ago, it starts with our customer requirements and we innovate from there. Well, >>I've been, I love the D. O. D. S vision on this. I know jet I didn't come through and kind of went scuttled, got thrown under the bus or whatever however you want to call it. But that whole idea of a tactical edge, it was pretty brilliant idea. Um so I'm looking forward to seeing more of that. That's where I was supposed to come in, get snowball, snowmobile, little snow snow products as well, how are they doing? And because they're all part of the family to, >>they are and they're available in Govcloud and they're also authorized that fed ramp and Gov srg levels and it's really, it's really fascinating to see D. O. D innovate with the cloud. Right. So you mentioned tactical edge. So whether it's snowball devices or using outposts in the future, I think the D. O. D. And our defense customers are going to continue to innovate. And quite frankly for us, it represents our commitment to the space we want to make sure our defense customers and the defense industrial base defense contractors have access to the best debris capabilities like those edge devices and edge capable. I >>think about the impact of certification, which is good because I just thought of a clean crows. We've got aerospace coming in now you've got D O. D, a little bit of a cross colonization if you will. So nice to have that flexibility. I got to ask you about just how you view just in general, the intelligence community a lot of uptake since the CIA deal with amazon Just overall good health for eight of his gum cloud. >>Absolutely. And again, it starts with our commitment to our customers. We want to make sure that our national security customers are defense customers and all of the customers and the federal government that have a responsibility for securing the country have access to the best of breed capability. So whether it's the intelligence community, the Department of Defense are the federal agencies and quite frankly we see them innovating and driving things forward to include with their sensitive workloads that run in Govcloud, >>what's your strategy for partnerships as you work on the ecosystem? You do a lot with strategy. Go to market partnerships. Um, it's got its public sector pretty much people all know each other. Our new firms popping up new brands. What's the, what's the ecosystem looks like? >>Yeah, it's pretty diverse. So for Govcloud specifically, if you look at partners in the defense community, we work with aerospace companies like Lockheed martin and Raytheon Technologies to help them build I tar compliant E. R. P. Application, software development environments etcetera. We work with software companies I mentioned salesforce dot com. Splunk and S. A. P. And S. To uh and then even at the state and local government level, there's a company called Pay It that actually worked with the state of Kansas to develop the Icann app, which is pretty fascinating. It's a app that is the official app of the state of Kansas that allow citizens to interact with citizens services. That's all through a partner. So we continue to work with our partner uh broad the AWS partner network to bring those type of people >>You got a lot of MST is that are doing good work here. I saw someone out here uh 10 years. Congratulations. What's the coolest thing uh you've done or seen. >>Oh wow, it's hard to name anything in particular. I just think for us it's just seeing the customers and the federal government innovate right? And, and tie that innovation to mission critical workloads that are highly important. Again, it reflects our commitment to give these government customers and the government contractors the best of breed capabilities and some of the innovation we just see coming from the federal government leveraging the count now. It's just super cool. So hard to pinpoint one specific thing. But I love the innovation and it's hard to pick a favorite >>Child that we always say. It's kind of a trick question I do have to ask you about just in general, the just in 10 years. Just look at the agility. Yeah, I mean if you told me 10 years ago the government would be moving at any, any agile anything. They were a glacier in terms of change, right? Procure Man, you name it. It's just like, it's a racket. It's a racket. So, so, but they weren't, they were slow and money now. Pandemic hits this year. Last year, everything's up for grabs. The script has been flipped >>exactly. And you know what, what's interesting is there were actually a few federal government agencies that really paved the way for what you're seeing today. I'll give you some examples. So the Department of Veterans Affairs, they were an early Govcloud user and way back in 2015 they launched vets dot gov on gov cloud, which is an online platform that gave veterans the ability to apply for manage and track their benefits. Those type of initiatives paved the way for what you're seeing today, even as soon as last year with the U. S. Census, right? They brought the decennial count online for the first time in history last year, during 2020 during the pandemic and the Census Bureau was able to use Govcloud to launch and run 2020 census dot gov in the cloud at scale to secure that data. So those are examples of federal agencies that really kind of paved the way and leading to what you're saying is it's kind >>of an awakening. It is and I think one of the things that no one's reporting is kind of a cultural revolution is the talent underneath that way, the younger people like finally like and so it's cooler. It is when you go fast and you can make things change, skeptics turned into naysayers turned into like out of a job or they don't transform so like that whole blocker mentality gets exposed just like shelf where software you don't know what it does until the cloud is not performing, its not good. Right, right. >>Right. Into that point. That's why we spend a lot of time focused on education programs and up skilling the workforce to, because we want to ensure that as our customers mature and as they innovate, we're providing the right training and resources to help them along their journey, >>keith brooks great conversation, great insight and historian to taking us to the early days of Govcloud. Thanks for coming on the cube. Thanks thanks for having me cubes coverage here and address public sector summit. We'll be back with more coverage after this short break. Mhm. Mhm mm.