>> Narrator: theCUBE's live coverage is made possible by funding from Dell Technologies, creating technologies that drive human progress. (upbeat music) >> Welcome back to the Fira in Barcelona. This is Dave Vellante with David Nicholson. Lisa Martin is also here. This is day two of our coverage of MWC 23 on theCUBE. We're super excited. We're in between hall four and five. Stop by if you're here. Dennis Hoffman is here. He's the senior vice president and general manager of the Telecom systems business at Dell Technologies, and he's joined by Yousef Khalidi, who's the corporate vice president of Azure for Operators from Microsoft. Gents, Welcome. >> Thanks, Dave. >> Thank you. >> So we saw Satya in the keynote. He wired in. We saw T.K. came in. No AWS. I don't know. They're maybe not part of the show, but maybe next year they'll figure it out. >> Indeed, indeed. >> Lots of stuff happened in the Telecom, but the Azure operator distributed service is the big news, you guys got here. What's that all about? >> Oh, first of all, we changed the name. >> Oh, you did? >> You did? >> Oh, yeah. We have a real name now. It's called the Azure Operator Nexus. >> Oh, I like Nexus better than that. >> David: That's much better, much better. >> Dave: The engineers named it first time around. >> I wish, long story, but thank you for our marketing team. But seriously, not only did we rename the platform, we expanded the platform. >> Dave: Yeah. >> So it now covers the whole spectrum from the far-edge to the public cloud as well, including the near-edge as well. So essentially, it's a hybrid platform that can also run network functions. So all these operators around you, they now have a platform which combines cloud technologies with the choice where they want to run, optimized for the network. >> Okay and so, you know, we've talked about the disaggregation of the network and how you're bringing kind of engineered systems to the table. We've seen this movie before, but Dennis, there are differences, right? I mean, you didn't really have engineered systems in the 90s. You didn't have those integration points. You really didn't have the public cloud, you didn't have AI. >> Right. >> So you have all those new powers that you can tap, so give us the update from your perspective, having now spent a day and a half here. What's the vibe, what's the buzz, and what's your take on everything? >> Yeah, I think to build on what Yousef said, there's a lot going on with people still trying to figure out exactly how to architect the Telecom network of the future. They know it's got to have a lot to do with cloud. It does have some pretty significant differences, one of those being, there's definitely got to be a hybrid component because there are pieces of the Telecom network that even when modernized will not end up centralized, right? They're going to be highly distributed. I would say though, you know, we took away two things, yesterday, from all the meetings. One, people are done, I think the network operators are done, questioning technology readiness. They're now beginning to wrestle with operationalization of it all, right? So it's like, okay, it's here. I can in fact build a modern network in a very cloud native way, but I've got to figure out how to do that all. And another big part of it is the ecosystem and certainly the partnership long standing between Dell and Microsoft which we're extending into this space is part of that, making it easier on people to actually acquire, deploy, and importantly, support these new technologies. >> So a lot of the traditional carriers, like you said, they're sort of beyond the technology readiness. Jose Maria Alvarez in the keynote said there are three pillars to the future Telecom network. He said low latency, programmable networks, and then cloud and edge, kind of threw that in. You agree with that, Yousef? (Dave and Yousef speaking altogether) >> I mean, we've been for years talking about the cloud and edge. >> Yeah. >> Satya for years had the same graphic. We still have it. Today, we have expanded the graphic a bit to include the network as one, because you can have a cloud without connectivity as well but this is very, very, very, very much true. >> And so the question then, Dennis, is okay, you've got disruptors, we had Dish on yesterday. >> Oh, did you? Good. >> Yeah, yeah, and they're talking about what they're doing with, you know, ORAN and all the applications, really taking account of it. What I see is a developer friendly, you know, environment. You got the carriers talking about how they're going to charge developers for APIs. I think they've published eight APIs which is nowhere near enough. So you've got that sort of, you know, inertia and yet, you have the disruptors that are going to potentially be a catalyst to, you know, cross the chasm, if you will. So, you know, put on your strategy hat. >> Yeah. >> Dave: How do you see that playing out? >> Well, they're trying to tap into three things, the disruptors. You know, I think the thesis is, "If I get to a truly cloud native, communications network first, I ought to have greater agility so that I can launch more services and create more revenue streams. I ought to be lower cost in terms of both acquisition cost and operating cost, right, and I ought to be able to create scale between my IT organization, everything I know how to do there and my Telecom network." You know, classic, right? Better, faster, cheaper if I embrace cloud early on. And people like Dish, you know, they have a clean sheet of paper with which to do that. So innovation and rate of innovation is huge for them. >> So what would you do? We put your Clay Christensen hat on, now. What if you were at a traditional Telco who's like, complaining about- >> You're going to get me in trouble. >> Dave: Come on, come on. >> Don't do it. >> Dave: Help him out. Help him out, help him out. So if, you know, they're complaining about CapEx, they're highly regulated, right, they want net neutrality but they want to be able to sort of dial up the cost of those using the network. So what would you do? Would you try to disrupt yourself? Would you create a skunkworks? Would you kind of spin off a disruptor? That's a real dilemma for those guys. >> Well for mobile network operators, the beauty of 5G is it's the first cloud native cellular standard. So I don't know if anybody's throwing these terms around, but 5G SA is standalone, right? >> Dave: Yeah, yeah. >> So a lot of 'em, it's not a skunkworks. They're just literally saying, "I've got to have a 5G network." And some of 'em are deciding, "I'm going to stand it up all by itself." Now, that's duplicative expense in a lot of ways, but it creates isolation from the two networks. Others are saying, "No, it's got to be NSA. I've got to be able to combine 4G and 5G." And then you're into the brownfield thing. >> That's the hybrid. >> Not hybrid as in cloud, but hybrid as in, you know. >> Yeah, yeah. >> It's a converge network. >> Dave: Yeah, yeah. >> So, you know, I would say for a lot of them, they're adopting, probably rightly so, a wait and see attitude. One thing we haven't talked about and you got to get on the table, their high order bit is resilience. >> Dave: Yeah, totally. >> David: Yeah. >> Right? Can't go down. It's national, secure infrastructure, first responder. >> Indeed. >> Anytime you ask them to embrace any new technology, the first thing that they have to work through in their minds is, you know, "Is the juice worth the squeeze? Like, can I handle the risk?" >> But you're saying they're not questioning the technology. Aren't they questioning ORAN in terms of the quality of service, or are they beyond that? >> Dennis: They're questioning the timing, not the inevitability. >> Okay, so they agree that ORAN is going to be open over time. >> At some point, RAN will be cloud native, whether it's ORAN the spec, open RAN the concept, (Yousef speaking indistinctly) >> Yeah. >> Virtual RAN. But yeah, I mean I think it seems pretty evident at this point that the mainframe will give way to open systems once again. >> Dave: Yeah, yeah, yeah. >> ERAN, ecosystem RAN. >> Any RAN. (Dave laughing) >> You don't have to start with the ORAN where they're inside the house. So as you probably know, our partner AT&T started with the core. >> Dennis: They almost all have. >> And they've been on the virtualization path since 2014 and 15. And what we are working with them on is the hybrid cloud model to expand all the way, if you will, as I mentioned to the far-edge or the public cloud. So there's a way to be in the brownfield environment, yet jump on the new bandwagon of technology without necessarily taking too much risk, because you're quite right. I mean, resiliency, security, service assurance, I mean, for example, AT&T runs the first responder network for the US on their network, on our platform, and I'm personally very familiar of how high the bar is. So it's doable, but you need to go in stages, of course. >> And they've got to do that integration. >> Yes. >> They do. >> And Yousef made a great point. Like, out of the top 30 largest Telcos by CapEx outside of China, three quarters of them have virtualized their core. So the cloudification, if you will, software definition run on industry standard hardware, embraced cloud native principles, containerized apps, that's happened in the core. It's well accepted. Now it's just a ripple-down through the network which will happen as and when things are faster, better, cheaper. >> Right. >> So as implemented, what does this look like? Is it essentially what we used to loosely refer to as Azure stacked software, running with Dell optimized Telecom infrastructure together, sometimes within a BBU, out in a hybrid cloud model communicating back to Azure locations in some cases? Is that what we're looking at? >> Approximately. So you start with the near-edge, okay? So the near-edge lives in the operator's data centers, edges, whatever the case may be, built out of off the shelf hardware. Dell is our great partner there but in principle, it could be different mix and match. So once you have that true near-edge, then you can think of, "Okay, how can I make sure this environment is as uniform, same APIs, same everything, regardless what the physical location is?" And this is key, key for the network function providers and the NEPs because they need to be able to port once, run everywhere, and it's key for the operator to reduce their costs. You want to teach your workforce, your operations folks, if you will, how to manage this system one time, to automation and so forth. So, and that is actually an expansion of the Azure capabilities that people are familiar with in a public cloud, projected into different locations. And we have technology called Arc which basically models everything. >> Yeah, yeah. >> So if you have trained your IT side, you are halfway there, how to manage your new network. Even though of course the network is carrier graded, there's different gear. So yes, what you said, a lot of it is true but the actual components, whatever they might be running, are carrier grade, highly optimized, the next images and our solution is not a DIY solution, okay? I know you cater to a wide spectrum here but for us, we don't believe in the TCO. The proper TCO can be achieved by just putting stuff by yourself. We just published a report with Analysys Mason that shows that our approach will save 36 percent of the cost compared to a DIY approach. >> Dave: What percent? >> 36 percent. >> Dave: Of the cost? >> Of, compared to DIY, which is already cheaper than classical models. >> And there's a long history of fairly failed DIY, right, >> Yeah. >> That preceded this. As in the early days of public cloud, the network operators wrestled with, "Do I have to become one to survive?" >> Dave: Yeah. Right. >> So they all ended up having cloud projects and by and large, they've all dematerialized in favor of this. >> Yeah, and it's hard for them to really invest at scale. Let me give you an example. So, your biggest tier one operator, without naming anybody, okay, how many developers do they have that can build and maintain an OS image, or can keep track of container technology, or build monitoring at scale? In our company, we have literally thousands of developers doing it already for the cloud and all we're doing for the operator segment is customizing it and focusing it at the carrier grade aspects of it. But so, I don't have half a dozen exterior experts. I literally have a building of developers who can do that and I'm being literal, here. So it's a scale thing. Once you have a product that you can give to multiple people, everybody benefits. >> Dave: Yeah, and the carriers are largely, they're equipment engineers in a large setting. >> Oh, they have a tough job. I always have total respect what they do. >> Oh totally, and a lot of the work happens, you know, kind of underground and here they are. >> They are network operators. >> They don't touch. >> It's their business. >> Right, absolutely, and they're good at it. They're really good at it. That's right. You know, you think about it, we love to, you know, poke fun at the big carriers, but think about what happened during the pandemic. When they had us shift everything to remote work, >> Dennis: Yes. >> Landline traffic went through the roof. You didn't even notice. >> Yep. That's very true. >> I mean, that's the example. >> That's very true. >> However, in the future where there's innovation and it's going to be driven by developers, right, that's where the open ecosystem comes in. >> Yousef: Indeed. >> And that's the hard transition for a lot of these folks because the developers are going to win that with new workloads, new applications that we can't even think of. >> Dennis: Right. And a lot of it is because if you look at it, there's the fundamental back strategy hat back on, fundamental dynamics of the industry, forced investment, flat revenues. >> Dave: Yeah. Right. >> Very true. >> Right? Every few years, a new G comes out. "Man, I got to retool this massive thing and where I can't do towers, I'm dropping fiber or vice a versa." And meanwhile, most diversification efforts into media have failed. They've had to unwind them and resell them. There's a lot of debt in the industry. >> Yousef: Yeah. >> Dennis: And so, they're looking for that next big, adjacent revenue stream and increasingly deciding, "If I don't modernize my network, I can't get it." >> Can't do it. >> Right, and again, what I heard from some of the carriers in the keynote was, "We're going to charge for API access 'cause we have data in the network." Okay, but I feel like there's a lot more innovation beyond that that's going to come from the disruptors. >> Dennis: Oh yeah. >> Yousef: Yes. >> You know, that's going to blow that away, right? And then that may not be the right model. We'll see, you know? I mean, what would Microsoft do? They would say, "Here, here's a platform. Go develop." >> No, I'll tell you. We are actually working with CAMARA and GSMA on the whole API layer. We actually announced a service as well as (indistinct). >> Dave: Yeah, yeah, right. >> And the key there, frankly, in my opinion, are not the disruptors as in operators. It's the ISV community. You want to get developers that can write to a global set of APIs, not per Telco APIs, such that they can do the innovation. I mean, this is what we've seen in other industries, >> Absolutely. >> That I critically can think of. >> This is the way they get a slice of that pie, right? The recent history of this industry is one where 4G LTE begot the smartphone and app store era, a bevy of consumer services, and almost every single profit stream went somewhere other than the operator, right? >> Yousef: Someone else. So they're looking at this saying, "Okay, 5G is the enterprise G and there's going to be a bevy of applications that are business service related, based on 5G capability and I can't let the OTT, over the top, thing happen again." >> Right. >> They'll say that. "We cannot let this happen." >> "We can't let this happen again." >> Okay, but how do they, >> Yeah, how do they make that not happen? >> Not let it happen again? >> Eight APIs, Dave. The answer is eight APIs. No, I mean, it's this approach. They need to make it easy to work with people like Yousef and more importantly, the developer community that people like Yousef and his company have found a way to harness. And by the way, they need to be part of that developer community themselves. >> And they're not, today. They're not speaking that developer language. >> Right. >> It's hard. You know, hey. >> Dennis: Hey, what's the fastest way to sell an enterprise, a business service? Resell Azure, Teams, something, right? But that's a resale. >> Yeah, that's a resale thing. >> See, >> That's not their service. >> They also need to free their resources from all the plumbing they do and leave it to us. We are plumbers, okay? >> Dennis: We are proud plumbers. >> We are proud plumbers. I'm a plumber. I keep telling people this thing. We had the same discussion with banks and enterprises 10 years ago, by the way. Don't do the plumbing. Go add value on the top. Retool your workforce to do applications and work with ISVs to the verticals, as opposed to either reselling, which many do, or do the plumbing. You'd be surprised. Traditionally, many operators do around, "I want to plumb this thing to get this small interrupt per second." Like, who cares? >> Well, 'cause they made money on connectivity. >> Yes. >> And we've seen this before. >> And in a world without telephone poles and your cables- >> Hey, if what you have is a hammer, everything's a nail, right? And we sell connectivity services and that's what we know how to do, and that both build and sell. And if that's no longer driving a revenue stream sufficient to cover this forced investment march, not to mention Huawei rip and government initiatives to pull infrastructure out and accelerate investment, they got to find new ways. >> I mean, the regulations have been tough, right? They don't go forward and ask for permission. They really can't, right? They have to be much more careful. >> Dennis: It is tough. >> So, we don't mean to sound like it's easy for these guys. >> Dennis: No, it's not. >> But it does require a new mindset, new skillsets, and I think some of 'em are going to figure it out and then pff, the wave, and you guys are going to be riding that wave. >> We're going to try. >> Definitely. Definitely. >> As a veteran of working with both Dell and Microsoft, specifically Azure on things, I am struck by how you're very well positioned in this with Microsoft in particular. Because of Azure's history, coming out of the on-premises world that Microsoft knows so well, there's a natural affinity to the hybrid nature of Telecom. We talk about edge, we talk about hybrid, this is it, absolutely the center of it. So it seems like a- >> Yousef: Indeed. Actually, if you look at the history of Azure, from day one, and I was there from day one, we always spoke of the hybrid model. >> Yeah. >> The third point, we came from the on-premises world. >> David: Right. >> And don't get me wrong, I want people to use the public cloud, but I also know due to physics, regulation, geopolitical boundaries, there's something called on-prem, something called an edge here. I want to add something else. Remember our deal on how we are partner-centric? We're applying the same playbook, here. So, you know, for every dollar we make, so many of it's been done by the ecosystem. Same applies here. So we have announced partnerships with Ericson, Nokia, (indistinct), all the names, and of course with Dell and many others. The ecosystem has to come together and customers must retain their optionality to drum up whatever they are on. So it's the same playbook, with this. >> And enterprise technology companies are, actually, really good at, you know, decoding the customer, figuring out specific requirements, making some mistakes the first time through and then eventually getting it right. And as these trends unfold, you know, you're in a good position, I think, as are others and it's an exciting time for enterprise tech in this industry, you know? >> It really is. >> Indeed. >> Dave: Guys, thanks so much for coming on. >> Thank you. >> Dave: It's great to see you. Have a great rest of the show. >> Thank you. >> Thanks, Dave. Thank you, Dave. >> All right, keep it right there. John Furrier is live in our studio. He's breaking down all the news. Go to siliconangle.com to go to theCUBE.net. Dave Vellante, David Nicholson and Lisa Martin, we'll be right back from the theater in Barcelona, MWC 23 right after this short break. (relaxing music)

(electronic music) (graphics whooshing) (graphics tinkling) >> Telecommunications is well north of a trillion-dollar business globally, that provides critical services on which virtually everyone on the planet relies. Dramatic changes are occurring in the sector, and one of the most important dimensions of this change is the underlying infrastructure that powers global telecommunications networks. Telcos have been thawing out, if you will, they're frozen infrastructure, modernizing. They're opening up, they're disaggregating their infrastructure, separating, for example, the control plane from the data plane, and adopting open standards. Telco infrastructure is becoming software-defined. And leading telcos are adopting cloud native microservices to help make developers more productive, so they can respond more quickly to market changes. They're embracing technology consumption models, and selectively leveraging the cloud where it makes sense. And these changes are being driven by market forces, the root of which stem from customer demand. So from a customer's perspective, they want services, and they want them fast. Meaning, not only at high speeds, but also they want them now. Customers want the latest, the greatest, and they want these services to be reliable and stable with high quality of service levels. And they want them to be highly cost-effective. Hello and welcome to this preview of Mobile World Congress 2023. My name is Dave Vellante, and at this year's event, theCUBE has a major presence at the show made possible by Dell Technologies, and with me to unpack the trends in telco, and look ahead to MWC23 are Dennis Hoffman, he's the Senior Vice President and General Manager of Dell's telecom business, and Aaron Chaisson, who is the Vice President of Telecom and Edge Solutions Marketing at Dell Technologies, gentlemen, welcome, thanks so much for spending some time with me. >> Thank you, Dave. >> Thanks, glad to be here. >> So, Dennis, let's start with you. Telcos in recent history have been slow to deliver and to monetize new services, and a large part because their purpose-built infrastructure could been somewhat of a barrier to responding to all these market forces. In many ways, this is what makes telecoms, really this market so exciting. So from your perspective, where is the action in this space? >> Yeah, the action Dave is kind of all over the place, partly because it's an ecosystem play. I think it's been, as you point out, the disaggregation trend has been going on for a while. The opportunity's been clear, but it has taken a few years to get all of the vendors, and all of the components that make up a solution, as well as the operators themselves, to a point where we can start putting this stuff together, and actually achieving some of the promise. >> So Aaron, for those who might not be as familiar with Dell's a activities in this area, here we are just ahead of Mobile World Congress, it's the largest event for telecoms, what should people know about Dell? And what's the key message to this industry? >> Sure, yeah, I think everybody knows that there's a lot of innovation that's been happening in the industry of late. One of the major trends that we're seeing is that shift from more of a vertically-integrated technology stack, to more of a disaggregated set of solutions, and that trend has actually created a ton of innovation that's happening across the industry, or along technology vendors and providers, the telecoms themselves. And so, one of the things that Dell's really looking to do is, as Dennis talked about, is build out a really strong ecosystem of partners and vendors that we're working closely together to be able to collaborate on new technologies, new capabilities that are solving challenges that the networks are seeing today. Be able to create new solutions built on those in order to be able to bring new value to the industry. And then finally, we want to help both partners, as well as our CSP providers activate those changes, so that they can bring new solutions to market, to be able to serve their customers. And so, the key areas that we're really focusing on with our customers is, technologies to help modernize the network, to be able to capitalize on the value of open architectures, and bring price performance to what they're expecting, and availability that they're expecting today. And then also, partner with the lines of business to be able to take these new capabilities, produce new solutions, and then deliver new value to their customers. >> Great, thank you, Aaron. So Dennis, you and I, known you for a number of years. I've watched you, you're are a trend spotter. You're a strategic thinker. I love now the fact that you're running a business that you had to go out and analyze, and now you got to make it happen. So, how would you describe Dell's strategy in this market? >> Well, it's really two things. And I appreciate the comment, I'm not sure how much of a trend spotter I am, but I certainly enjoy, and I think I'm fascinated by what's going on in this industry right now. Our two main thrusts, Dave, are first round, trying to catalyze that ecosystem, be a force for pulling together a group of folks, vendors that have been flying in fairly loose formation for a couple of years, to deliver the kinds of solutions that move the needle forward, and produce the outcomes that our network operator customers can actually buy and consume, and deploy, and have them be supported. The other thing is, there's a couple of very key technology areas that need to be advanced here. This ends up being a much anticipated year in telecom. Because of the delivery of some open infrastructure solutions that have being developed for years. With the Intel Sapphire Rapids program coming to market, we've of course got some purpose-built solutions on top of that for telecommunications networks. Some expanded partnerships in the area of multi-cloud infrastructure. And so, I would say the second main thrust is, we've got to bring some intellectual property to the party. It's not just about pulling the ecosystem together. But those two things together really form the twin thrusts of our strategy. >> Okay, so as you point out, you obviously not going to go alone in this market, it's way too broad, there's so many routes to market, partnerships, obviously very, very important. So, can you share a little bit more about the ecosystem and partners, maybe give some examples of some of the key partners that you'd be highlighting or working with, maybe at Mobile World Congress, or other activities this year? >> Yeah, absolutely. As Aaron touched on, I'm a visual thinker. The way I think about this thing is a very, very vertical architecture is tipping sideways. It's becoming horizontal. And all of the layers of that horizontal architecture are really where the partnerships are at. So, let's start at the bottom, silicon. The silicon ecosystem is very much focused on this market. And producing very specific products to enable open, high performance telecom networks. That's both in the form of host processors, as well as accelerators. One layer up, of course, is the stuff that we're known for, subsystems, compute storage, the hardware infrastructure that forms the foundation for telco clouds. A layer above that, all of the cloud software layer, the virtualization and containerization software, and all of the usual suspects there, all of whom are very good partners of ours, and we're looking to expand that pretty broadly this year. And then at the top of the layer cake, all of the network functions, all of the VNF's and CNF's that were once kind of the top of proprietary stacks, that are now opening up and being delivered, as well-formed containers that can run on these clouds. So, we're focusing on all of those, if you will, product partnerships, and there is a services wrapper around all of it. The systems integration necessary to make these systems part of a carrier's network, which of course, has been running for a long time, and needs to be integrated with in a very specific way. And so, all of that, together kind of forms the ecosystem, all of those are partners, and we're really excited about being at the heart of it. >> Interesting, it's not like we've never seen this movie before, which is, it's sort of repeating itself in telco. Aaron, you heard my little intro up front about the need to modernize infrastructure, I wonder if I could touch on another major trend, which we're seeing is the cloud, and I'm talkin' about not only public, but private and hybrid cloud. The public cloud is an opportunity, but it's also a threat for telcos. Telcom providers are lookin' to the public cloud for specific use cases, you think about like bursting for an iPhone launch or whatever. But at the same time, these cloud vendors, they're sort of competing with telcos. They're providing local zones, for example, sometimes trying to do an end run on the telco connectivity services, so telecom companies, they have to find the right balance between what they own and what they rent. And I wonder if you could add some color as to what you see in the market and what Dell specifically is doing to support these trends. >> Yeah, and I think the most important thing is what we're seeing, as you said, is these aren't things that we haven't seen before. And I think that telecom is really going through their own set of cloud transformations, and so, one of the hot topics in the industry now is, what is telco cloud? And what does that look like going forward? And it's going to be, as you said, a combination of services that they offer, services that they leverage. But at the end of the day, it's going to help them modernize how they deliver telecommunication services to their customers, and then provide value added services on top of that. From a Dell perspective, we're really providing the technologies to provide the underpinnings to lay a foundation on which that network can be built, whether that's best of breed servers that are built in design for the telecom environments. Recently, we announced our Infer block program, in partnering with virtualization providers, to be able to provide engineered systems that dramatically simplify how our customers can deploy, manage, and lifecycle manage throughout day two operations, an entire cloud environment. And whether they're using Red Hat, whether they're using Wind River, or VMware, or other virtualization layers, they can deploy the right virtualization layer at the right part of their network to support the applications they're looking to drive. And Dell is looking to solve how they simplify and manage all of that, both from a hardware, as well as on management software perspective. So, this is really what Dell's doing to, again, partner with the broader technology community, to help make that telco cloud a reality. >> Aaron, let's stay here for a second, I'm interested in some of the use cases that you're going after with customers. You've got Edge infrastructure, remote work, 5G, where's security fit, what are the focus areas for Dell, and can we double click on that a little bit? >> Yeah, I mean, I think there's two main areas of telecommunication industry that we're talking to. One, we've really been talking about the sort of the network buyer, how do they modernize the core, the network Edge, the RAN capabilities to deliver traditional telecommunication services, and modernize that as they move into 5G and beyond. I think the other side of the business is, telecoms are really looking from a line of business perspective to figure out how do they monetize that network, and be able to deliver value added services to their enterprise customers on top of these new networks. So, you were just touching on a couple of things that are really critical. In the enterprise space, AI and IoT is driving a tremendous amount of innovation out there, and there's a need for being able to support and manage Edge compute at scale, be able to provide connectivity, like private mobility, and 4G and 5G, being able to support things like mobile workforces and client capabilities, to be able to access these devices that are around all of these Edge environments of the enterprises. And telecoms are seeing as that, as an opportunity for them to not only provide connectivity, but how do they extend their cloud out into these enterprise environments with compute, with connectivity, with client and connectivity resources, and even also provide protection for those environments as well. So, these are areas that Dell is historically very strong at. Being able to provide compute, be able to provide connectivity, and being able to provide data protection and client services, we are looking to work closely with lines of businesses to be able to develop solutions that they can bring to market in combination with us, to be able to serve their end user customers and their enterprises. So, those are really the two key areas, not only network buyer, but being able to enable the lines of business to go and capitalize on the services they're developing for their customers. >> I think that line of business aspect is key, I mean, the telcos have had to sit back and provide the plumbing, cost per bit goes down, data consumption going through the roof, all the over at the top guys have had the field day with the data, and the customer relationships, and now it's almost like the revenge (chuckles) of the telcos. Dennis, I wonder if we could talk about the future. What can we expect in the years ahead from Dell, if you break out the binoculars a little bit. >> Yeah, I think you hit it earlier. We've seen the movie before. This has happened in the IT data center. We went from proprietary vertical solutions to horizontal open systems. We went from client server to software-defined open hardware cloud native. And the trend is likely to be exactly that, in the telecom industry because that's what the operators want. They're not naive to what's happened in the IT data center, they all run very large data centers. And they're trying to get some of the scale economies. Some of the agility, the cost of ownership benefits for the reasons Aaron just discussed. It's clear as you point out, this industry's been really defined by the inability to stop investing, and the difficulty to monetize that investment. And I think now, everybody's looking at this 5G, and frankly, 5G plus 6G, and beyond, as the opportunity to really go get a chunk of that revenue, and Enterprise Edge is the target. >> And 5G is touching so many industries, and that kind of brings me, Aaron into Mobile World Congress. I mean, you look at the floor layout, it's amazing. You got Industry 4.0, you've got our traditional industry and telco colliding. There's public policy. So, give us a teaser to Mobile World Congress 23, what's on deck at the show from Dell? >> Yeah, we're really excited about Mobile World Congress. This, as you know, is a massive event for the industry every year. And it's really the event that the whole industry uses to kick off this coming year. So, we're going to be using this obviously to talk to our customers and our partners about what Dell's looking to do, and what we're innovating on right now, and what we're looking to partner with them around. In the front of the house, we're going to be doin', we're going to be highlighting 13 different solutions and demonstrations to be able to show our customers what we're doing today, and show them the use cases, and put into action, so they get to actually look and feel, and touch, and experience what it is that we're working around. Obviously, meetings are important, everybody knows Mobile World Congress is the place to get those meetings and kickoff for the year. So, we're going to have, we're lookin' at several hundred meetings, hundreds of meetings that we're going to be lookin' to have across the industry with our customers and partners in the broader community. And of course, we've also got technology that's going to be in a variety of different partner spaces as well. So, you can come and see us in hall three, but we're also going to have technologies, kind of spread all over the floor. And of course, there's always theCUBE. You're going to be able to see us live all four days, all day, every day. You're going to be hearing our executives, our partners, our customers, talk about what Dell is doing to innovate in the industry, and how we're looking to leverage the broader, open ecosystem to be able to transform the network, and what we're lookin' to do. So, in that space, we're going to be focusing on what we're doing from an ecosystem perspective, our infrastructure focus. We'll be talking about what we're doing to support telco cloud transformation. And then finally, as we talked about earlier, how are we helping the lines of business within our telecoms monetize the opportunity? So, these are all different things we're really excited to be focusing on, and look forward to the event next month. >> Yeah, it's going to be awesome in Barcelona at the FITA, as you say, Dell's big presence in hall three, Orange is in there, Deutsche Telecom, Intel's in hall three. VMware's there, Nokia, Vodafone, you got some great things to see there. Check that out, and of course, theCUBE, we are super excited to be collaborating with you, we got a great setup. We're in the walkway right between halls four and five, right across from the government of Catalonia, who are the host partners for the event, so there's going to be a ton of action there. Guys, can't wait to see you there, really appreciate your time today. >> Great, thanks. >> Alright, Mobile World Congress, theCUBE's coverage starts on February 27th right after the keynotes. So, first thing in the morning, east coast time, we'll be broadcasting is, Aaron said all week, Monday through Thursday in the show floor, check that out at thecube.net. siliconangle.com has all the written coverage, and go to dell.com, see what's happenin' there, have all the action from the event. Don't miss us, this is Dave Vellante, we'll see you there. (electronic music)

(upbeat music) >> Telecommunic^ations is well north of a trillion-dollar business globally that provides critical services on which virtually everyone on the planet relies. Dramatic changes are occurring in the sector, and one of the most important dimensions of this change is the underlying infrastructure that powers global telecommunications networks. Telcos have been thawing out, if you will, their frozen infrastructure, modernizing. They're opening up. They're disaggregating their infrastructure, separating, for example, the control plane from the data plane and adopting open standards. Telco infrastructure is becoming software-defined, and leading telcos are adopting cloud-native microservices to help make developers more productive, so they can respond more quickly to market changes. They're embracing technology consumption models and selectively leveraging the cloud where it makes sense, and these changes are being driven by market forces, the root of which stem from customer demand. So from a customer's perspective, they want services, and they want them fast, meaning not only at high speeds, but also they want them now. Customers want the latest, the greatest, and they want these services to be reliable and stable with high quality of service levels, and they want them to be highly cost effective. Hello and welcome to this preview of Mobile World Congress 2023. My name is Dave Vellante and at this year's event, theCUBE has a major presence at the show, made possible by Dell Technologies, and with me, to unpack the trends in Telco and look ahead to MWC 23, Dennis Hoffman. He's the senior vice-president and general manager of Dell's telecom business and Aaron Chaisson, who is the vice-president of telecom and edge solutions marketing at Dell Technologies. Gentlemen, welcome. Thanks so much for spending some time with me. >> Thank you, Dave. >> Thanks, glad to be here. So, Dennis, let's start with you. Telcos in recent history have been slow to deliver and to monetize new services, in a large part, because their purpose-built infrastructure can been somewhat of a barrier to respondent to these market forces. In many ways, this is what makes telecoms, really, this market, so exciting. So from your perspective, where is the action in this space? >> Yeah, the action, Dave, is kind of all over the place, partly because it's an ecosystem play. You know, I think it's been, as you point out, the disaggregation trend has been going on for a while. The opportunity's been clear, but it has taken a few years to get all of the vendors and all of the components that make up a solution, as well as the operators themselves, to a point where we can start putting this stuff together and actually achieving some of the promise. >> So, Aaron, for those who might not be as familiar with Dell's a activities in this area, you know, here we are just ahead of Mobile World Congress. It's the largest event for telecoms. What should people know about Dell, and what's the key message to this industry? >> Sure, yeah, I think everybody knows that there's a lot of innovation that's been happening in the industry of late. One of the major trends that we're seeing is that shift from more of a vertically-integrated technology stack to more of a disaggregated set of solutions, and that trend has actually created a ton of innovation that's happening across the industry, well, along technology vendors and providers, the telecoms themselves, and so one of the things that Dell's really looking to do is, as Dennis talked about, is build out a really strong ecosystem of partners and vendors that we're working closely together to be able to collaborate on new technologies, new capabilities, that are solving challenges that the networks are seeing today, be able to create new solutions built on those in order to be able to bring new value to the industry and then finally, we want to help both partners as well as our CSP providers activate those changes so that they can bring new solutions to market to be able to serve their customers, and so the key areas that we're really focusing on, with our customers, is technologies to help modernize the network to be able to capitalize on the value of open architectures and bring price performance to what they're expecting and availability that they're expecting today and then also partner with the lines of business to be able to take these new capabilities, produce new solutions and then deliver new value to their customers. >> Great, thank you, Aaron. So, Dennis, I have known you for a number of years. I've watched you. You are a trend spotter, and you're a strategic thinker, and I love now the fact that you're running a business that you had to go out and analyze, and now you got got to make it happen. So how would you describe Dell's strategy in this market? >> Well, it's really two things, and I appreciate the comment. I'm not sure how much of a trend spotter I am, but I certainly enjoy, and I think I'm fascinated by what's going on in this industry right now. Our two main thrusts, Dave, are, first round, trying to catalyze that ecosystem, you know, be a force for pulling together a group of folks, vendors, that have been flying in fairly loose formation for a couple of years to deliver the kinds of solutions that move the needle forward and produce the outcomes that our network-operator customers can actually buy, and consume, and deploy, and have them be supported. The other thing is there's a couple of very key technology areas that need to be advanced here. This ends up being a much anticipated year, in telecom, because of the delivery of some open infrastructure solutions that have been being developed for years, with the Intel Sapphire Rapids program coming to market. We've of course got some purpose-built solutions on top of that for telecommunications networks, some expanded partnerships in the area of multi-cloud infrastructure, and so I would say the second main thrust is we've got to bring some intellectual property to the party. It's not just about pulling the ecosystem together, but those two things together really form the twin thrusts of our strategy. >> Okay, so as you point out, you're obviously not going to go alone in this market. It's way too broad. There's so many routes to market, partnerships, obviously, very, very important. So can you share a little bit more about the ecosystem and partners, maybe give some examples of some of the key partners that you'd be highlighting or working with, maybe at Mobile World Congress or other activities this year? >> Yeah, absolutely. You know, as Aaron touched on. I'm a visual thinker. The way I think about this thing is a very, very vertical architecture is tipping sideways. It's becoming horizontal, and all of the layers of that horizontal architecture are really where the partnerships are at. So let's start at the bottom, silicon. The silicon ecosystem is very much focused on this market and producing very specific products to enable open, high-performance telecom networks. That's both in the form of host processors as well as accelerators. One layer up, of course, is the stuff that we're known for, subsystems, compute, storage, the hardware infrastructure that forms the foundation for telco clouds. A layer above that, all of the cloud software layer, the virtualization and containerization software and all of the usual suspects there, all of whom are very good partners of ours, and we're looking to expand that pretty broadly this year, and then at the top of the layer cake, all of the network functions, all of the VNFs and CNFs that were once kind of the top of proprietary stacks that are now opening up and being delivered as well-formed containers that can run on these clouds. So, you know, we're focusing on all of those, if you will, product partnerships, and there is a services wrapper around all of it, the systems integration necessary to make these systems part of a carrier's network, which, of course, has been running for a long time and needs to be integrated with in a very specific way, and so all of that together kind of forms the ecosystem. All of those are partners, and we're really excited about being at the heart of it. >> Interesting, it's not like we've never seen this movie before, which is sort of repeating itself in telco. Aaron, you heard my little intro up front about the need to modernize infrastructure. I wonder if I could touch on, you know, another major trend which we're seeing, is the cloud, and I'm talking about, not only public, but private and hybrid cloud. The public cloud is an opportunity, but it's also a threat for telcos. You know, telecom providers are looking to the public cloud for specific use cases. You think about, like, bursting for an iPhone launch or whatever but at the same time, these cloud vendors, they're sort of competing with telcos. They're providing, you know, local zones, for example, sometimes trying to do an end run on the telco connectivity services. So telecom companies, they have to find the right balance between what they own and what they rent, and I wonder if you could add some color as to what you see in the market and what Dell, specifically, is doing to support these trends. >> Yeah, I think the most important thing is what we're seeing, as you said, is these aren't things that we haven't seen before, and I think that telecom is really going through their own set of cloud transformations, and so one of the hot topics in the industry now is what is telco cloud and what does that look like going forward? And it's going to be a, as you said, a combination of services that they offer, services that they leverage, but at the end of the day, it's going to help them modernize how they deliver telecommunication services to their customers and then provide value-added services on top of that. From a Dell perspective, you know, we're really providing the technologies to provide the underpinnings to lay a foundation on which that network can be built, whether that's best-of-breed servers that are built and designed for the telecom environments. Recently we announced our, our Infra Block program in partnering with virtualization providers to be able to provide engineered systems that dramatically simplify how our customers can deploy, manage and lifecycle-manage throughout day-two operations, an entire cloud environment, and whether they're using Red Hat, whether they're using Wind River or VMware or other virtualization layers, they can deploy the right virtualization layer at the right part of their network to support the applications they're looking to drive, and Dell is looking to solve how they simplify and manage all of that, both from a hardware as well as a management software perspective. So this is really what Dell's doing to, again, partner with the broader technology community to help make that telco cloud a reality. >> Aaron, let's stay here for a second. I'm interested in some of the use cases that you're going after with customers. You've got edge infrastructure, remote work, 5G. Where's security fit? What are the focus areas for Dell, and can we double-click on that a little bit? >> Yeah, I mean, I think there's two main areas of telecommunication industry that we're talking to. One, we've really been talking about sort of the network buyer, how do they modernize the core, the network edge, the RAN capabilities, to deliver traditional telecommunication services and modernize that as they move into 5G and beyond. I think the other side of the business is telecoms are really looking, from a line of business perspective, to figure out how do they monetize that network and be able to deliver value-added services to their enterprise customers on top of these new networks. So you were just touching on a couple of things that are really critical. You know, in the enterprise space, AI and IoT is driving a tremendous amount of innovation out there, and there's a need for being able to support and manage edge compute at scale, be able to provide connectivity, like private mobility and 4G and 5G, being able to support things like mobile workforces and client capabilities to be able to access these devices that are around all of these edge environments of the enterprises, and telecoms are seen as that, as an opportunity for them to not only provide connectivity, but how do they extend their cloud out into these enterprise environments with compute, with connectivity, with client and connectivity resources, and even also provide protection for those environments as well. So these are areas that Dell's historically very strong at, being able to provide compute, being able to provide connectivity and being able to provide data protection and client services. We are looking to work closely with lines of businesses to be able to develop solutions that they can bring to market in combination with us to be able to serve their end user customers and their enterprises. So those are really the two key areas, not only network buyer, but being able to enable the lines of business to go and capitalize on the services they're developing for their customers. >> I think that line of business aspect is key. I mean, the telcos have had to sit back and provide the plumbing. Cost per bit goes down. Data consumption going through the roof. All the way over to the top guys, you know, had the field day with the data and the customer relationships, and now it's almost like the revenge of the telcos. (chuckles) Dennis, I wonder if we could talk about the future. What can we expect in the years ahead from Dell, if you, you know, break out the binoculars a little bit? >> Yeah, I think you hit it earlier. We've seen the movie before. This has happened in the IT data center. We went from proprietary vertical solutions to horizontal open systems. We went from client server to software-defined, open-hardware, cloud-native and you know, the trend is likely to be exactly that, in the telecom industry, because that's what the operators want. They're not naive to what's happened in the IT data center. They all run very large data centers, and they're trying to get some of the scale economies, some of the agility, the cost of ownership benefits for the reasons Aaron just discussed. You know, it's clear, as you point out, this industry's been really defined by the inability to stop investing and the difficulty to monetize that investment, and I think now everybody's looking at this 5G, and, frankly, 5G plus, 6G and beyond, as the opportunity to really go get a chunk of that revenue, and enterprise edge is the target. >> And 5G is touching so many industries, and that kind of brings me here into Mobile World Congress. I mean, you look at the floor layout, it's amazing. You got industry 4.0. You've got, you know, our traditional industry and telco colliding. There's public policy. So give us a teaser to Mobile World Congress '23. What's on deck at the show for from Dell? >> Yeah, we're really excited about Mobile World Congress. This, as you know, is a massive event for the industry every year, and it's really the event that the whole industry uses to kick off this coming year. So we're going to be using this, obviously, to talk to our customers and our partners about what Dell's looking to do and what we're innovating on right now, and what we're looking to partner with them around. In the front of the house, we're going to be highlighting 13 different solutions and demonstrations to be able to show our customers what we're doing today and show them the use cases and put it into action, so they get to actually look and feel and touch and experience what it is that we're working around. Obviously, meetings are important. Everybody knows Mobile World Congress is the place to get those meetings and kick off for the year. You know, we're looking at several hundred meetings, hundreds of meetings that we're going to be looking to have across the industry with our customers and partners and the broader community, and, of course, we've also got technology that's going to be in a variety of different partner spaces as well. So you can come and see us in hall three, but we're also going to have technologies kind of spread all over the floor, and, of course, there's always theCUBE. You're going to be able to see us live all four days, all day, every day. You're going to be hearing our executives, our partners, our customers, talk about, you know, what Dell is doing to innovate in the industry and how we're looking to leverage the broader open ecosystem to be able to transform, you know, the network and what we're looking to do. So in that space, we're going to be focusing on what we're doing from an ecosystem perspective, our infrastructure focus. We'll be talking about what we're doing to support telco cloud transformation and then finally, as we talked about earlier, how are we helping the lines of business within our telecoms monetize the opportunity. So these are all different things we're really excited to be focusing on and look forward to the event next month. >> Yeah, it's going to be awesome In Barcelona at the Fira. As you say, Dell's big presence in Hall three. Orange is in there, Deutsche Telekom. Intel's in Hall three. VMware's there, Nokia, Vodafone. You got great things to see there. Check that out and of course, theCUBE, we are super excited to be collaborating with you. We got a great setup. We're in the walkway, right between halls four and five, right across from the Government of Catalonia, who are the host partners for the event. So there's going to be a ton of action there. Guys, can't wait to see you there. Really appreciate your time today. >> Great, thanks. >> All right, Mobile World Congress, theCUBE's coverage starts on February 27th, right after the keynotes. So first thing in the morning, East coast time, we'll be broadcasting, as Aaron said, all week, Monday through Thursday, on the show floor. Check that out at thecube.net. Siliconangle.com has all the written coverage, and go to dell.com, see what's happening there. Have all the action from the event. Don't miss us. This is Dave Vellante. We'll see you there. (upbeat music)

(corporate electronic xylophone jingle intro) >> Good afternoon everyone. Welcome back to theCUBE's live coverage of AWS re:Invent 22 from Vegas. We're at the Venetian Expo Hall with we're hearing, north of 50,000 people. I know we've been giving you different numbers but, that's kind of what we've settled on here. Hundreds of thousands are watching online. This is a huge event. People, John Furrier, Lisa Martin are ready to be back. >> Yes, it's really great show. A lot of change going on at Amazon. They're continuing the innovation, continuing to grow. The theme this year's data security and their partner ecosystem, which is continuing to grow. Their partners are filling the gaps on solutions and, it's just a whole another, I think, partner friendly cloud. This next gen wave that's coming, it's really next segment I think speaks to, I'm looking forward to this. >> It does. We're going to be digging into that partner network. We've got two guests. One of them's an alumni, Reza Honarmand SVP Global Cloud at TD SYNNEX. Great to have you back. >> Hello. >> Sergio Farache joins us as well, the Chief Strategy Officer at TD SYNNEX. Welcome to the program. >> Thank you. Thank you for having us. >> Great to be back in person, isn't it? >> Yeah, absolutely. It's a great experience. >> Amazing. The energy here has been hot at the highest levels since we came here Monday, Monday night, which is great. Sergio, I want to start with you. Last year when you guys were on the show, Tech Data. Tech Data has been around a long time. Now your TD SYNNEX. Talk a little bit about that. What's new, that transformation? >> Yeah, that is correct. It's great to be able now to present TD Synnex as a new merger between Tech Data and Synnex Corporation. Now, we are the largest distributor basically, across the world, with more than 62 billion dollar in a business. And, Amazon is obviously a strategic partner with a hyper growth and, we has been very focused to working with them to expand that partner ecosystem across solution ISVs and service providers. There has been very nice experience combine these two company and now have the reach and a scale that enable more than 140,000 partners across the world. >> Wow. >> And, the partner's message here is changing too. The new leader, Aruba is up on stage talking about this new partner paths. A lot of changes in a good way. They're bringing people together. What's your guys take and reaction to AWS's new posture towards partners? Obviously, the ecosystem we see going to be doubling and tripling we see in size and, also the value proposition is going to be stronger too and, more money making of course. But, the new Amazon's posture with partners. What's your reaction? >> We were at Aruba just an hour ago. Fantastic. If I look at the change from when we first got here a few years ago to now, it is beyond comparison. The realization is that technology and, especially what we work with Amazon is deflationary force and, we need scale to actually drive that across all of our partners to the customers. And, I can only see that accelerating now in terms of what Amazon is doing and actually with the channel and what Aruba is doing. I think this is exactly the right direction. >> John: What's your message? >> My message is, this is now channel. This is channel and this is serious. So, partners with Amazon equals growth. >> As we've seen so much transformation in the last couple of years, Sergio, with every business having to become digital to survive, right. And then, to eventually thrive and succeed and grow and the challenging economic times that we've had. What are some of the pivots that TD Synnex has made through your partner program to meet customer needs to accelerate their transformation? >> Yeah, as you said, has been a significant transformation. I think that in the past was clear what was a technology company and what an industrial company etcetera and, those frontiers are blending right now. Then, as a consequence we has been investing in several elements. One is to really increase the capability of the partner network in a way that they can on one side provide more solution-oriented activities to those customers to drive either growth or cost optimization. The other element has been verticalization meaning, know the industry where you are playing. We have been investing in the healthcare market, of course, as a consequence of all the demand that has been generating. But, at the same time and, we recently announced the competency in the government sector where we expand drastically our capabilities around specifically the federal and non federal business. But, not only in US but, across the world with those elements. Then, I would say that it's a combination of enhancing the skill, enhancing the knowledge on the industry, and finally provide the tools through our platform to enable the partner to operate in a digital way and enable the access of ISVs to the Iotly and serving the customers end to end. >> Is that the ISV experience project that I heard about, ISV experience with SaaS companies? Is that what you're referring to? >> Yeah, ISVs is one, ISV experience is one of the components that we use but, basically what we are trying to achieve with the ISV is helping in the journey of certification. Is how you transform either a partner that is born in the cloud or a partner that is still in the on-premise side. How you transition to the cloud and enabling how you reach to the end user in a more effective way and, how we expose 140,000 partner across the multiple geographies to help those ISVs to reach more customers. >> It's great distribute, it's great distribution. It's a business model innovation. >> Sorry? >> It's a business model innovation for these ISVs. >> Absolutely. Some of the ISVs, as you can imagine, they're incumbent with us. We work with them. So, actually it's finding new ways of consuming technology but, there's thousands of them that actually do not understand how to operate with a channel. And, this is a part where we help them with the channel, build a program, coach them through the process, help them access their partners and the customers that Sergio was referring to. >> Let me ask you guys a question. Where's the growth going to come from? You mentioned ecosystem, more growth, Aruba mentioned that's where the growth is. They are serious. So, you going to deliver that keynote now. Where do you guys see your growth coming from? >> Well, to be honest, the growth is unlimited in our opinion, right? It's so many areas. >> John: The wave is still coming. Yeah, the wave is still there. When you see still the amount of platform that need to be migrated to the cloud then, we have been investing in a significant way in enable capabilities of migration programs from the on-premise to the off-premise. At the same time, we have been expanding geographically because, it's still several segments and markets we operate globally. As an example, we recently launched our public sector capability in Latin America and Europe, expanding those segments. And, in addition to that, again, how we bring more ISVs more solution oriented driven. There's many spots of growth. And, I think that Amazon message recently recognized more and more the value of, nobody have all the solutions. You need this ecosystem playing together to bring those solutions to market. >> So if I build on that. If we look at the growth in the public cloud last year, was around 40 billion dollars. We expect a similar growth level this year as well. I mentioned about deflationary force, the technology being a deflationary force. Now, everybody knows a lot of businesses out there are going under a lot of challenges. So, they have to compete, they have to have the insights, they have to be efficient, and actually, they're going to get a lot of that through the technologies that we're talking about here. The key to that is partners with the right skill sets. What we are seeing is the partners with the skill sets who can participate in that 40 billion dollar growth, take a big, big share of it. >> And you guys are providing a great service. I think, when I wrote the story on Friday that I published. One of my premise was is that, this next-gen cloud is going to lift up more ISVs which is kind of a legacy classic, independent software vendor, create new kinds of partners that have platforms or unique solutions for verticals. So, the ISV classic definition will still exist and, new customers are emerging. It's got a new dynamic developing. We're seeing people build clouds on top of the cloud, tap the ecosystem, partner distribution services. It's a whole new way to build and take something to market. What do you guys think about that? >> Yeah, I think that the beauty of our position in the market is that we are in the center of that ecosystem. Again, we have access to thousands of ISVs, thousands of hardware vendors, the hyperscalers. Then somebody need to put all those pieces together. That is our role in the market. >> John: It's a good position to be in. >> It's a good place to be. And, enabling those partners now to collaborate with all those entities to bring the solution because, the customer is not acquiring technology anymore. They're acquiring a solution to a problem now. And, that solution require multiple components. >> Last year, no, this year, I'm sorry, you guys were announced as EMEA Distributor of the Year. Congratulations on that. >> Yeah, thank you. >> Talk about that in terms of just the evolution of the partnership. >> The partnership in EMEA is now across our entire geo. The growth that we've driven across the EMEA market space is I think, the reason why we have won it, as well as the competencies that we have built. Now, you were just talking about ISVs to give you an example. There are many ISVs that sit in EMEA that want to access the US market and vice versa. So, where we sit in the middle and enable that access, the frameworks that they need to move. So, those are the kind of things that contribute to the strength in the relationship what those awards are coming from. >> Yeah, the other critical factor here is again, how we bring more capability in terms of the serve to the market to Amazon. And, that has been another component of data where that we are very thankful. Again, we has been enabling and bringing numerous new partners and numerous new end customers that now have access, support, and services including, again, the competencies that we already described but, including service oriented businesses like migration, like cost optimization of the use, et cetera, that now we through partner serve to the market. >> Reza, Sergio. I want to ask you guys a question around trust. Trust. You're a trust broker because you have a lot of services and people and companies to put together. We were just talking about the good position you're in. Trust is a big part of your relationship with your customers. You've got two sides of your business. You got one side is the supply side and you got the distribution side, and then both sides are working together. Requires a lot of trust. What's that look like inside your company? Could you just take a minute to explain, take a bit to explain what's that like, the culture of the company and that trust. >> Yeah, absolutely. And, that is why the term of Trust Advisor came to the table, right? And, and again, for more than 40 years we has been building this ecosystem. We has been driving that motion and, we have been proving to the market a consistent approach with a strong support to the two tier model. We never get in opposition to our customers and, we enable those customers in a consistent way. Then, I think that trust is something that you earn not something that you ask for. And, that is what we are doing day basis. >> Well, congratulations. It's been great chatting with you. Challenge time for the challenge >> Lisa: Challenge Time, all right guys. >> A new challenge on theCUBE, new format. We usually say... >> Yes at the end of the interview. What's the take on the show? What's the bumper sticker? So, think of it like an Instagram Reel. Thought leadership, hot take. Each of you, spend a minute, 30 seconds to share a hot take, thought leadership, what you think was going on at Amazon, why you're here, what's important. What would you say if you were going to do an Instagram Reel right now? >> Yeah, the Amazon enable a new way to do business and a new transformation of the Iotly economy. We are here in TD Synnex to expand that capability across the segments enhancing partners to reach to their goals and, in users to get those transformations. In general, we will provide what is needed and, we continue investing to continue growing the capacity across all geographies and all the type of solutions that we deliver. >> All right, Sergio, you nailed it. Reza, you're up, your hot take, your sizzle reel. >> Well, frankly, I think, Sergio nailed it. It's about covering the geos and taking the competencies and, make sure we execute consistently across all of our geos. >> All right, nailed it. Thanks so much. >> Consistent execution. Reza, Sergio, thank you so much... >> Thank you so much. for joining John and me on the program, talking about what TD SYNNEX has done since we've last seen you. What you're doing with AWS and the partner ecosystem. We really appreciate you stopping by the set >> Thank you. >> Thank you for the time. >> All right, our pleasure. For our guests and for John Furrier, I'm Lisa Martin. You're watching theCUBE, the leader at live tech coverage. (corporate electronic xylophone jingle outro)

(upbeat music) >> Good afternoon everyone. Welcome back to The Cube's live coverage of AWS Reinvent 22 from Vegas. We're at the Venetian Expo Hall, we're hearing north of 50 000 people. I know we've been giving you different numbers but that's kind of what we've settled on here. Hundreds of thousands are watching online. This is a huge event people. John Ferrior and Lisa Martin are ready to be back. >> Yes, it's really great show. A lot of change going on at Amazon. They're continuing the innovation, continuing to grow. The theme this year's Data Security. And their partner ecosystem, which is continuing to grow. Their partners are filling the gaps on solutions. And it's just a whole nother, I think partner friendly cloud. This NextGen wave that's coming is really, the next thing segment I think speaks to that, I'm looking forward to this. >> It does. We're going to be digging into that partner network. We've got two guests, one of them is an alumni, Reza Honarmand SVP Global Cloud at TD Synnex. Great to have you back. >> Yeah. >> Sergio Farache joins us as well the Chief Strategy Officer at TD Synnex. Welcome to the program. >> Thank you. >> Thank you for having us. >> Great to be back in person, isn't it? >> Yeah absolutely. That's great experience. >> Amazing, the energy here at the highest level since we came here Monday night, which is great. Sergio, I want to start with you. Last year when you guys were on the show Tech Data. Tech Data has been around a long time now you're TD Synnex. Talk a little bit about that, what's new, that transformation? >> Yeah, that is correct. It's great to be able now to present it in Synnex as a new merger between Tech Data and Synnex Corporation. And now we are the largest distributor basically across the world with more than $62 billion in a business. And Amazon is obviously an strategic partner with a hyper growth and we have been very focused to working with them to expand that partner ecosystem across solution ISVs and service providers. That has been very nice experience combine these two company and now have the reach and skill that enable more than 140,000 partners across the world. >> Wow. >> And the partner's message here is changing too. The new leader, Ruba is up on stage talking about this new partner paths, a lot of changes in a good way. They're bringing people together. What's your guys take and reaction to AWS's new posture towards partners? Obviously the ecosystem we see going to be doubling and tripling we see in size. And also the value proposition being stronger too and more money making of course. But the new Amazon's posture with partners. What's your reaction? >> Well, (indistinct) just an hour ago. Fantastic. I mean, if I look at the change from when we first got here a few years ago to now, it is beyond comparison. The realization is that technology and especially what we work with Amazon is deflationary force and we need scale to actually drive that across all of our partners to the customers. And yeah, I can only see that accelerating now in terms of what Amazon is doing and actually with the channel and what Ruba is doing. I think this is exactly in the right direction. >> What's your message? >> My message is, this is now channel. This is channel and this is serious. So partners with Amazon equals growth. >> As we've seen so much transformation in the last couple of years, Sergio, with every business having to become digital to survive. Right and then to eventually thrive and succeed and grow in the challenging economic times that we've had. What are some of the, the pivots that TD Synnex has made through your partner program to meet customer needs to accelerate their transformation? >> Yeah, as you said, has been a significant transformation. I think that in the past was clear what was a technology company and what industrial company, et cetera and those frontiers are blending right now. Then as a consequence we have been investing in several elements. Once is to really increase the capability of the partner network in a way that they can on one side provide more solution-oriented activities to those customers to drive either growth or cost optimization. The other element has been verticalization meaning know the industry where you are playing. We have been investing in the healthcare market, of course as a consequence of all the demand that has been generating. But at the same time and we recently announced the competence in the government sector where we expand drastically our capabilities around specifically the federal, and non feral business, but not only in US but across the world with those elements. Then I would say it's a combination of enhancing the skill, enhancing the knowledge on the industry, and finally provide the tools through our platform to enable the partner to operate in a digital way and enable the access of ISVs to digitally and serving the customers end to end. >> Is that the ISV experience project that I heard about? ISV experience with SaaS companies, Is that what you're referring to? >> Yeah, ISVs is one. ISP experience is one of the components that we use, but basically what we are trying to achieve with the ISV is helping in the journey of specification. It's how you transform either a partner that is born in the cloud or a partner that is still in the, in the OnPrem side how you transition to the cloud and enabling how you reach to the end user in a more effective way. And how we expose 140,000 partner across the multiple geographies to help those ISVs to reach more customers. >> It's great distribution. I mean this is, a business model innovation. >> Sorry? >> It's a business model innovation for these ISVs. >> Absolutely. Some of the ISVs, as you can imagine they're incumbent with us. We work with them. So actually it's finding new ways of consuming technology. But there's thousands of them that actually do not understand how to operate with a channel. And this is a part where we help them with the channel, build a program. Coach them through the process, help them access the partners and the customers that Sergio was referring to. >> Let me ask you guys a question. Where's the growth going to come from? I mean you mentioned ecosystem, more growth, Ruba was mentioned that's where the growth is. They are serious. She's going to deliver that keynote now. Where do you guys see your growth coming from? >> Well, to be honest the growth is unlimited in our opinion, right. It's so many areas. >> The wave is still coming. Yeah >> The wave is still there, you know. When you see still the amount of platform that need to be immigrated to the cloud then we have been investing in a significant way in enable capabilities of migration programs from the on-premise to off premise. At the same time, we have been expanding geographically because it's still several segments and markets we operate globally. As an example we recently launched our public sector capability in Latin America and Europe, expanding those segments. And in addition to that again, how we bring more ISVs more solution oriented driven than many spots of growth. And I think that Amazon message recently recognized more and more the value of nobody have all the solutions. You need this ecosystem plan together to bring those solutions to market. >> So if I build on that. If we look at the growth in public cloud last year, was around $40 billion. We expect a similar growth level this year as well. I mentioned about deflationary force, the technology being a deflationary force. Now everybody knows a lot of businesses out there are going under a lot of challenges. So they have to compete, they have to have the insights they have to be efficient and actually they're going to get a lot of that through the technologies that we're talking about here. The key to that is partners with the right skillsets. What we are seeing is the partners with the skillsets who can participate in that $40 billion growth, take a big, big share of it. >> And you guys are providing a great service. I think when I wrote the story on Friday that I published one of my premise was, is that this Next-Gen cloud is going to lift up more ISVs which is kind of a legacy classic, independent software vendor. Create new kinds of partners that have platforms or unique solutions for verticals. So, the ISV classic definition will still exist and new customers are emerging. It's got a new dynamic developing. We're seeing people build clouds on top of the cloud tap the ecosystem, partner distribution, services. It's a whole new way to build and take something to market. What do you guys think about that? >> Yeah, I think that the beauty of our position in the market is that we are in the center of that ecosystem. Again, we have access to thousands of ISVs thousands of hardware vendors, the hyper-scalers then somebody need to put all those pieces together. That is our role in the market. >> It's a good position to be in. >> It's a good place to be. And enabling those partners now to collaborate with all those entities to bring the solution because the customer is not acquiring technology anymore. They're acquiring a solution to a problem now. And that solution require multiple components. >> Last year. No, this year, I'm sorry. You guys were announced as EMEA distributor of the, of the year. Congratulations on that. >> Yeah, thank you. Talk about that in terms of just the evolution of the partnership. >> The partnership in EMEA is now across our entire geo. The growth that we have driven across the EMEA market space, is I think the reason why we have won it. As well as the competencies that we have built. Now you were just talking about ISVs to give you an example, there are many ISVs that sit in EMEA that want to access the US market and vice versa. So where we sit in the middle and enable that access. The frameworks that they need to move. So those are the kind of things that contribute to the strengthened in the relationship and what those awards are coming from. >> Yeah. The other critical factor here is, again how we bring more capillarity in terms of the serve to the market to Amazon. And that has been another component of data that we are very thankful. Again, we has been enabling and bringing numerous new partners and numerous new end customers that now have access, support and services. Including again, the competencies that we already described but including service oriented businesses like migration, like cost optimization of the use, et cetera. That now we through partners serve to the market. >> Reza and Sergio, I want ask you guys a question around trust. Trust. You're a trust broker because you have a lot of services and people and companies to put together. We were just talking about the good position you're in. >> Trust is a big part of your relationship with your customers. You've got two sides of your business, you got one side's the supply side and you got the distribution side and then both sides are working together, requires a lot of trust. What's that look like inside your company? Can you just chip in and explain, take a bit to explain what's that like? The culture of the company and that trust. >> Yeah, absolutely. And that is why the term of trust advisor came to the table right? And again, for more than 40 years we have been building this ecosystem. We have been driving that motion and we have been proving to the market a consistent approach with a strong support to the two tier model. We never, you know get in opposition to our customers and we enable those customers in a consistent way. And I think that trust is something that you earn, not something that you ask for. And that is what we are doing day to day basis. >> Congratulations, it's been great. Great chatting with you. Challenge time? For the challenge time? >> Challenge time. >> Alright guys. >> New challenge on the Cuba new format. We usually say yes at the end of the interview. What's take on the show, what's the bumper sticker? So think of it like an Instagram reel, thought leadership, hot take. Each of you, spend a minute 30 seconds to share a hot take, thought leadership, what you think was going on at Amazon? Why you're here? What's important? What would you say if you were going to do an Instagram reel right now? >> Yeah, the Amazon enable a new way to do business and a new transformation of the digital economy. We are here TD Synnex to expand that capability across the segments. Enhancing partners to reach to their goals and in users to get those transformations. In general we will provide what is needed and we continue investing to continue growing the capacity across all geographies and all the type of solutions that we deliver. >> All right, Sergio you nailed it. Reza you're up. Your hot take your sizzle reel. >> Well, frankly I think Sergio nailed it. It's about covering the geos and taking the competencies and make sure we execute consistently across all of our geos. >> All right, nailed it. Thanks so much. >> Consistent execution. Reza, Sergio. Thank you so much for joining John and me on the program, talking about what TD Synnex has done since we've last seen you. What you're doing with AWS and the partner ecosystem. We really appreciate you stopping by this side. >> Thank you very much. Thank you for the time. >> Alright, our pleasure. For our guests and for John Furrier, I'm Lisa Martin. You're watching theCUBE, the leader at Live Tech coverage.

>> Good afternoon, fellow cloud nerds and welcome back to AWS Reinvent 2022. We are live here from fabulous Las Vegas, Nevada. My name is Savannah Peterson, joined by Lisa Martin. So excited to be here Lisa, it's my first reinvent. >> Is it really? >> Yeah. >> I think it's only like my fourth or fifth. >> Only your fourth or fifth. >> Only. >> You're such a pro here. >> There's some serious veterans here in attendance that have been to all 11. >> I love that. >> Yeah. Wow, go them. I know, maybe we'll be at that level sooner. >> One day we will. >> Are you enjoying the show so far? >> Absolutely, it is. I cannot believe how many people are here. We've had 70,000 and we're only seeing what's at the foundation Expo Hall, not at the other hotel. So, I can only imagine. >> I mean, there's a world outside of this. >> Yes, and there's sunlight. There's actual sunlight outside of this room. >> Nobel idea. Well, Lisa, I'm very excited to be sitting here next to you and to welcome our fabulous guests, from TEKsystems, we have Brandon and Srini. Thank you so much for being here. How is the show going for you gentlemen so far? >> It's great. Lot of new insights and the customers are going to love what AWS is releasing in this reinvent. >> There is such a community here, and I love that vibe. It's similar to what we had at Cloud Native con in Detroit. So much collaboration going on. I assume most folks know a lot about TEKsystems who are watching, but just in case they don't, Brandon, give us the pitch. >> You bet. So full stack IT solutions firm, been in business for over 40 years, 80,000 global employees, really specializing in digital transformation, enterprise modernization services. We have partners in One Strategy, which is an an acquisition we made, but a well known premier partner in the Amazon partner ecosystem, as well as One North Interactive, who is our boutique brand, creative and digital strategy firm. So together, we really feel like we can bring full end-to-end solutions for digital and modernization initiatives. >> So, I saw some notes where TEKsystems are saying organizations need experienced AWS partners that are not afraid doing the dirty work of digital transformation, who really can advise and execute. Brandon, talk to us about how TEKsystems and AWS are working together to help customers on that journey which is nebulous of digital transformation. >> So, our real hallmark is the ability to scale. We partner with AWS in a lot of different ways. In fact, we just signed our strategic collaboration agreement. So, we're in the one percenter group in the whole partner network. >> Savanna: That's a pretty casual flex there. >> Not bad. >> I love that, top 1%, that no wonder you're wearing that partner pin so proud today. (speaking indistinctly) >> But we're working all the way on the advisory and working with their pro serve organization and then transforming that into large scale mass migration services, a lot of data modernization that Srini is an absolute expert in. I'm sure he can add some context too, but it's been a great partnership for many years now. >> In the keynote, Adam spent almost 52 minutes on data, right? So, it emphasizes how organizations are ready to take data to cloud and actually make meaningful insights and help their own customers come out of it by making meaningful decisions. So, we are glad to be part of this entire ecosystem. >> I love that you quantified how many minutes. >> I know. >> Talked about it, that was impressive. There's a little bit of data driven thinking going on here. >> I think so. >> Yeah. >> Well, we can't be at an event like this without talking about data for copious amounts of time, 52 minutes, has just used this morning. >> Right, absolutely. >> But every company these days has to be a data company. There's no choice to be successful, to thrive, to survive. I mean, even to thrive and grow, if it's a grocery store or your local gas station or what? You name it, that company has to be a data company. But the challenge of the data volume, the explosion in data is huge for organizations to really try to figure out and sift through what they have, where is all of it? How do we make sense of it? How do we act on it and get insights? That's a big challenge. How is TEKsystems helping customers tackle that challenge? >> Yeah, that's a great question because that's the whole fun of handling data. You need to ensure its meaning is first understood. So, we are not just dumping data into a storage place, but rather assign a meaningful context. In today's announcement, again, the data zone was unveiled to give meaning to data. And I think those are key concrete steps that we take to our customers as well with some good blueprints, methodical ways of approaching data and ultimately gaining business insights. >> And maybe I'll add just something real quick to that. The theme we're seeing and hearing a lot about is data monetization. So, technology companies have figured it out and used techniques to personalize things and get you ads, probably that you don't want half the time. But now all industries are really looking to do that. Looking at ways to open new revenue channels, looking at ways to drive a better customer experience, a better employee experience. We've got a ton of examples of that, Big Oil and Gas leveraging like well and machine data, coming in to be more efficient when they're pumping and moving commodities around. We work a lot in the medium entertainment space and so obviously, getting targeted ads to consumers during the right periods of TV or movies or et cetera. Especially with the advert on Netflix and all your streaming videos. So, it's been really interesting but we really see the future in leveraging data as one of your biggest corporate assets. >> Brilliant. >> So, I'm just curious on the ad thing, just real quick and I'll let you go, Lisa. So, do you still fall victim to falling for the advertising even though you know it's been strategically put there for you to consume in that moment? >> Most of the time. >> I mean, I think we all do. We're all, (indistinct), you're behind the curtain so to speak. >> The Amazon Truck shows up every day at my house, which is great, right? >> Hello again >> Same. >> But I think the power of it is you are giving the customer what they're looking for. >> That's it. >> And you know... >> Exactly. We have that expectation, we want it. >> 100%. >> We know that. >> Agree. >> We don't need to buy it. But technology has made it so easy to transact. That's like when developers started going to the cloud years ago, it was just, it was a swipe. It was so simple. Brandon, talk about the changes in cloud and cloud migration that TEKsystems has seen, particularly in the last couple of years as every company was rushing to go digital because they had to. >> So several years ago, we kind of pushed away that cloud first mentality to the side and we use more of a cloud smart kind of fashion, right? Does everything need to go to the cloud? No. Do applications, data, need to go to the cloud in a way that's modern and takes advantages of what the cloud can provide and all the new services that are being released this week and ongoing. So, the other thing we're seeing is initiatives that have traditionally been in the CTO, CIO organization aren't necessarily all that successful because we're seeing a complete misalignment between business goals and IT achievements, outcomes, et cetera. You can automate things, you can move it to the cloud, but if you didn't solve a core business problem or challenge, what'd you really do? >> Yeah, just to add on that, it's all about putting data and people together. And then how we can actually ensure the workforce is equally brought up to speed on these new technologies. That has been something that we have seen tremendous improvement in the last 24 months where customers are ready to take up new challenges and the end users are ready to learn something new and not just stick onto that status quo mindset. >> Where do you guys factor in to bringing in AWS in the customer's cloud journeys? What is that partnership like? >> We always first look for where the customer is in their cloud journey path and make sure we advise them with the right next steps. And AWS having its services across the spectrum makes it even easier for us to look at what business problem they're solving and then align it according to the process and technology so that at the end of the day, we want end user adoption. We don't want to build a fancy new gadget that no one uses. >> Just because you built it doesn't mean they'll come. And I think that's the classic engineering marketing dilemma as well as balance to healthy tension. I would say between both. You mentioned Srini, you mentioned workforce just a second ago. What sort of trends are you seeing in workforce development? >> Generally speaking, there are a lot of services now that can quantify your code for errors and then make sure that the code that you're pushing into production is well tested. So what we are trying to make sure is a healthy mix of trying to solve a business problem and asking the right questions. Like today, even in the keynote, it was all about how QuickSight, for example, has additional features now that tells why something happened. And that's the kind of mindset we want our end users to adopt. Not just restricting themselves to a reactive analytics, but rather ask the question why, why did it happen? Why did my sales go down? And I think those technologies and mindset shift is happening across the workforce. >> From a workforce development standpoint, we're seeing there's not enough workforce and the core skills of data, DevOps, standard cloud type work. So, we're actually an ATP advanced training partner, one of the few within the AWS network. So, we've developed programs like our Rising Talent Program that are allowing us to bring the workforce up to the skills that are necessary in this new world. So, it's a more build versus buy strategy because we're on talents real, though it may start to wane a little bit as we change the macroeconomic outlook in 2023, but it's still there. And we still believe that building those workforce and investing in your people is the right thing to do. >> It is, and I think there's a strong alignment there with AWS and their focus on that as well. I wanted to ask you, Brandon. >> Brandon: Absolutely. >> One of the things, so our boss, John Furrier, the co CEO of theCUBE, talked with Adam Selipsky just a week or maybe 10 days ago. He always gets an exclusive interview with the CEO of AWS before reinvent, and one of the things that Adam shared with him is that customers, CEOs and CIOs are not coming to Adam, to this head of AWS to talk about technology, they want to talk about transformation. He's talking about... >> The topic this year. >> Moving away from amorphous topic of digital transformation to business transformation. Are you seeing the same thing in your customer? >> 100%, and if you're not starting at the business level, these initiatives are going to fail. We see it all the time. Again, it's about that misalignment and there's no good answer to that. But digital, I think is amorphous to some degree. We play a lot with the One North partnership that I mentioned earlier, really focusing on that strategy element because consumer dollars are shrinking via inflation, via what we're heading into, and we have to create the best experience possible. We have to create an omnichannel experience to get our products or services to market. And if we're not looking at those as our core goals and we're looking at them as IT or technology challenges, we're not looking in the right place. >> Well, and businesses aren't going to be successful if they're looking at it in those siloed organizations. Data has to be democratizing and we've spent same data democratization for so long, but really, we're seeing that it has to be moving out into the lines of business because another thing Adam shared with John Furrier is that he sees and I'm curious what your thoughts are on this, the title of data analysts going away because everybody in different functions and different lines of business within an organization are going to have to be data analysts to some degree, to use data whether it's marketing, ops, sales, finance, are you seeing the same? >> That is true. I mean, at this point, we are all in the connected world, right? Every data point is connected in some form or shape to another data point. >> Savanna: There are many data points, just sitting here, yeah. >> Absolutely, so I think if you are strategizing, data needs to be right in the center of it. And then your business problems need to be addressed with reliable data. >> No, I mean, advertising, supply chain, marketing, they're all interconnected now, and we're looking at ways to bring a lot of that siloed data into one place so we can make use to it. It goes back to that monetization element of our data. >> That's a lot about context and situational awareness. We want what we want, when we want it, even before we knew we needed it then. I think I said that right. But you know, it's always more faster, quicker and then scaling things up. You see a lot of different customers across verticals, you have an absolutely massive team. Give us a sneak peek into 2023. What does the future hold? >> 2023 is again, to today's keynote, I'm bringing it back because it was a keynote filled with vision and limitless possibilities. And that's what we see. Right now, our customers, they are no longer scared to go and take the plunge into the cloud. And as Brandon said, it's all about being smart about those decisions. So, we are very excited that together with the partnership that we recently acquired and the services and the depth, along with the horizontal domain expertise, we can actually help customers make meaningful message out of their data points. And that keeps us really excited for next year. >> Love that, Brandon, what about you? >> I think the obvious one is DevOps and a focus on optimization, financially, security, et cetera, just for the changing times. The other one is, I still think that digital is going to continue to be a big push in 2023, namely making sure that experience is at its best, whether that's employee and combating the war on talent, keeping your people or opening new revenue streams, enhancing existing revenue streams. You got to keep working on that. >> We got to keep the people happy with the machines and the systems that we are building as we all know. But it's very nice, it's been a lot of human-centric focus and a lot of customer obsession here at the show. We know it's a big thing for you all, for Amazon, for pretty much everyone who sat here. Hopefully it is in general. Hopefully there's nobody who doesn't care about their community, we're not talking to them, if that's the case, we have a new challenge on theCUBE for the show, this year as we kind of prepped you for and can call it a bumper sticker, you can call it a 30 second sizzle reel. But this is sort of your Instagram moment, your TikTok, your thought of leadership highlight. What's the most important story coming out of the show? Srini, you've been quoting the keynotes very well, so, I'm going to you first on this one. >> I think overall, it's all about owning the change. In our TEKsystems culture, it's all about striving for excellence through serving others and owning the change. And so it makes me very excited that when we get that kind of keynote resonating the same message that we invite culturally, that's a big win-win for all the companies. >> It's all about the shared vision. A lot of people with similar vision in this room right now, in this room, like it's a room, it's a massive expo center, just to be clear, I'm sure everyone can see in the background. Brandon >> I would say partnership, continuing to enhance our strategic partnership with AWS, continuing to be our customers' partners in transformation. And bringing those two things together here has been a predominance of my time this week. And we'll continue throughout the week, but we're in it together with our customers and with AWS and looking forward to the future. >> Yeah, that's a beautiful note to end on there. Brandon, Srini, thank you both so much for being here with us. Fantastic to learn from your insights and to continue to emphasize on this theme of collaboration. We look forward to the next conversation with you. Thank all of you for tuning in wherever you happen to be hanging out and watching this fabulous live stream or the replay. We are here at AWS Reinvent 2022 in wonderful sunny Las Vegas, Nevada with Lisa Martin. My name is Savannah Peterson, we are theCUBE, the leading source for high tech coverage.

>> 10, nine, eight, (clears throat) four, three. >> Good afternoon, fellow cloud nerds and welcome back to AWS Reinvent 2022. We are live here from fabulous Las Vegas, Nevada. My name is Savannah Peterson, joined by Lisa Martin. So excited to be here Lisa, it's my first reinvent. >> Is it really? >> Yeah. >> I think it's only like my fourth or fifth. >> Only your fourth or fifth. >> Only. >> You're such a pro here. >> There's some serious veterans here in attendance that have been to all 11. >> I love that. >> Yeah. Wow, go them. I know, maybe we'll be at that level sooner. >> One day we will. >> Are you enjoying the show so far? >> Absolutely, it is. I cannot believe how many people are here. We've had 70,000 and we're only seeing what's at the foundation Expo Hall, not at the other hotel. So, I can only imagine. >> I mean, there's a world outside of this. >> Yes, and there's sunlight. There's actual sunlight outside of this room. >> Nobel idea. Well, Lisa, I'm very excited to be sitting here next to you and to welcome our fabulous guests, from TEKsystems, we have Brandon and Srini. Thank you so much for being here. How is the show going for you gentlemen so far? >> It's great. Lot of new insights and the customers are going to love what AWS is releasing in this reinvent. >> There is such a community here, and I love that vibe. It's similar to what we had at Cloud Native con in Detroit. So much collaboration going on. I assume most folks know a lot about TEKsystems who are watching, but just in case they don't, Brandon, give us the pitch. >> You bet. So full stack IT solutions firm, been in business for over 40 years, 80,000 global employees, really specializing in digital transformation, enterprise modernization services. We have partners in One Strategy, which is an an acquisition we made, but a well known premier partner in the Amazon partner ecosystem, as well as One North Interactive, who is our boutique brand, creative and digital strategy firm. So together, we really feel like we can bring full end-to-end solutions for digital and modernization initiatives. >> So, I saw some notes where TEKsystems are saying organizations need experienced AWS partners that are not afraid doing the dirty work of digital transformation, who really can advise and execute. Brandon, talk to us about how TEKsystems and AWS are working together to help customers on that journey which is nebulous of digital transformation. >> So, our real hallmark is the ability to scale. We partner with AWS in a lot of different ways. In fact, we just signed our strategic collaboration agreement. So, we're in the one percenter group in the whole partner network. >> Savanna: That's a pretty casual flex there. >> Not bad. >> I love that, top 1%, that no wonder you're wearing that partner pin so proud today. (speaking indistinctly) >> But we're working all the way on the advisory and working with their pro serve organization and then transforming that into large scale mass migration services, a lot of data modernization that Srini is an absolute expert in. I'm sure he can add some context too, but it's been a great partnership for many years now. >> In the keynote, Adam spent almost 52 minutes on data, right? So, it emphasizes how organizations are ready to take data to cloud and actually make meaningful insights and help their own customers come out of it by making meaningful decisions. So, we are glad to be part of this entire ecosystem. >> I love that you quantified how many minutes. >> I know. >> Talked about it, that was impressive. There's a little bit of data driven thinking going on here. >> I think so. >> Yeah. >> Well, we can't be at an event like this without talking about data for copious amounts of time, 52 minutes, has just used this morning. >> Right, absolutely. >> But every company these days has to be a data company. There's no choice to be successful, to thrive, to survive. I mean, even to thrive and grow, if it's a grocery store or your local gas station or what? You name it, that company has to be a data company. But the challenge of the data volume, the explosion in data is huge for organizations to really try to figure out and sift through what they have, where is all of it? How do we make sense of it? How do we act on it and get insights? That's a big challenge. How is TEKsystems helping customers tackle that challenge? >> Yeah, that's a great question because that's the whole fun of handling data. You need to ensure its meaning is first understood. So, we are not just dumping data into a storage place, but rather assign a meaningful context. In today's announcement, again, the data zone was unveiled to give meaning to data. And I think those are key concrete steps that we take to our customers as well with some good blueprints, methodical ways of approaching data and ultimately gaining business insights. >> And maybe I'll add just something real quick to that. The theme we're seeing and hearing a lot about is data monetization. So, technology companies have figured it out and used techniques to personalize things and get you ads, probably that you don't want half the time. But now all industries are really looking to do that. Looking at ways to open new revenue channels, looking at ways to drive a better customer experience, a better employee experience. We've got a ton of examples of that, Big Oil and Gas leveraging like well and machine data, coming in to be more efficient when they're pumping and moving commodities around. We work a lot in the medium entertainment space and so obviously, getting targeted ads to consumers during the right periods of TV or movies or et cetera. Especially with the advert on Netflix and all your streaming videos. So, it's been really interesting but we really see the future in leveraging data as one of your biggest corporate assets. >> Brilliant. >> So, I'm just curious on the ad thing, just real quick and I'll let you go, Lisa. So, do you still fall victim to falling for the advertising even though you know it's been strategically put there for you to consume in that moment? >> Most of the time. >> I mean, I think we all do. We're all, (indistinct), you're behind the curtain so to speak. >> The Amazon Truck shows up every day at my house, which is great, right? >> Hello again >> Same. >> But I think the power of it is you are giving the customer what they're looking for. >> That's it. >> And you know... >> Exactly. We have that expectation, we want it. >> 100%. >> We know that. >> Agree. >> We don't need to buy it. But technology has made it so easy to transact. That's like when developers started going to the cloud years ago, it was just, it was a swipe. It was so simple. Brandon, talk about the changes in cloud and cloud migration that TEKsystems has seen, particularly in the last couple of years as every company was rushing to go digital because they had to. >> So several years ago, we kind of pushed away that cloud first mentality to the side and we use more of a cloud smart kind of fashion, right? Does everything need to go to the cloud? No. Do applications, data, need to go to the cloud in a way that's modern and takes advantages of what the cloud can provide and all the new services that are being released this week and ongoing. So, the other thing we're seeing is initiatives that have traditionally been in the CTO, CIO organization aren't necessarily all that successful because we're seeing a complete misalignment between business goals and IT achievements, outcomes, et cetera. You can automate things, you can move it to the cloud, but if you didn't solve a core business problem or challenge, what'd you really do? >> Yeah, just to add on that, it's all about putting data and people together. And then how we can actually ensure the workforce is equally brought up to speed on these new technologies. That has been something that we have seen tremendous improvement in the last 24 months where customers are ready to take up new challenges and the end users are ready to learn something new and not just stick onto that status quo mindset. >> Where do you guys factor in to bringing in AWS in the customer's cloud journeys? What is that partnership like? >> We always first look for where the customer is in their cloud journey path and make sure we advise them with the right next steps. And AWS having its services across the spectrum makes it even easier for us to look at what business problem they're solving and then align it according to the process and technology so that at the end of the day, we want end user adoption. We don't want to build a fancy new gadget that no one uses. >> Just because you built it doesn't mean they'll come. And I think that's the classic engineering marketing dilemma as well as balance to healthy tension. I would say between both. You mentioned Srini, you mentioned workforce just a second ago. What sort of trends are you seeing in workforce development? >> Generally speaking, there are a lot of services now that can quantify your code for errors and then make sure that the code that you're pushing into production is well tested. So what we are trying to make sure is a healthy mix of trying to solve a business problem and asking the right questions. Like today, even in the keynote, it was all about how QuickSight, for example, has additional features now that tells why something happened. And that's the kind of mindset we want our end users to adopt. Not just restricting themselves to a reactive analytics, but rather ask the question why, why did it happen? Why did my sales go down? And I think those technologies and mindset shift is happening across the workforce. >> From a workforce development standpoint, we're seeing there's not enough workforce and the core skills of data, DevOps, standard cloud type work. So, we're actually an ATP advanced training partner, one of the few within the AWS network. So, we've developed programs like our Rising Talent Program that are allowing us to bring the workforce up to the skills that are necessary in this new world. So, it's a more build versus buy strategy because we're on talents real, though it may start to wane a little bit as we change the macroeconomic outlook in 2023, but it's still there. And we still believe that building those workforce and investing in your people is the right thing to do. >> It is, and I think there's a strong alignment there with AWS and their focus on that as well. I wanted to ask you, Brandon. >> Brandon: Absolutely. >> One of the things, so our boss, John Furrier, the co CEO of theCUBE, talked with Adam Selipsky just a week or maybe 10 days ago. He always gets an exclusive interview with the CEO of AWS before reinvent, and one of the things that Adam shared with him is that customers, CEOs and CIOs are not coming to Adam, to this head of AWS to talk about technology, they want to talk about transformation. He's talking about... >> The topic this year. >> Moving away from amorphous topic of digital transformation to business transformation. Are you seeing the same thing in your customer? >> 100%, and if you're not starting at the business level, these initiatives are going to fail. We see it all the time. Again, it's about that misalignment and there's no good answer to that. But digital, I think is amorphous to some degree. We play a lot with the One North partnership that I mentioned earlier, really focusing on that strategy element because consumer dollars are shrinking via inflation, via what we're heading into, and we have to create the best experience possible. We have to create an omnichannel experience to get our products or services to market. And if we're not looking at those as our core goals and we're looking at them as IT or technology challenges, we're not looking in the right place. >> Well, and businesses aren't going to be successful if they're looking at it in those siloed organizations. Data has to be democratizing and we've spent same data democratization for so long, but really, we're seeing that it has to be moving out into the lines of business because another thing Adam shared with John Furrier is that he sees and I'm curious what your thoughts are on this, the title of data analysts going away because everybody in different functions and different lines of business within an organization are going to have to be data analysts to some degree, to use data whether it's marketing, ops, sales, finance, are you seeing the same? >> That is true. I mean, at this point, we are all in the connected world, right? Every data point is connected in some form or shape to another data point. >> Savanna: There are many data points, just sitting here, yeah. >> Absolutely, so I think if you are strategizing, data needs to be right in the center of it. And then your business problems need to be addressed with reliable data. >> No, I mean, advertising, supply chain, marketing, they're all interconnected now, and we're looking at ways to bring a lot of that siloed data into one place so we can make use to it. It goes back to that monetization element of our data. >> That's a lot about context and situational awareness. We want what we want, when we want it, even before we knew we needed it then. I think I said that right. But you know, it's always more faster, quicker and then scaling things up. You see a lot of different customers across verticals, you have an absolutely massive team. Give us a sneak peek into 2023. What does the future hold? >> 2023 is again, to today's keynote, I'm bringing it back because it was a keynote filled with vision and limitless possibilities. And that's what we see. Right now, our customers, they are no longer scared to go and take the plunge into the cloud. And as Brandon said, it's all about being smart about those decisions. So, we are very excited that together with the partnership that we recently acquired and the services and the depth, along with the horizontal domain expertise, we can actually help customers make meaningful message out of their data points. And that keeps us really excited for next year. >> Love that, Brandon, what about you? >> I think the obvious one is DevOps and a focus on optimization, financially, security, et cetera, just for the changing times. The other one is, I still think that digital is going to continue to be a big push in 2023, namely making sure that experience is at its best, whether that's employee and combating the war on talent, keeping your people or opening new revenue streams, enhancing existing revenue streams. You got to keep working on that. >> We got to keep the people happy with the machines and the systems that we are building as we all know. But it's very nice, it's been a lot of human-centric focus and a lot of customer obsession here at the show. We know it's a big thing for you all, for Amazon, for pretty much everyone who sat here. Hopefully it is in general. Hopefully there's nobody who doesn't care about their community, we're not talking to them, if that's the case, we have a new challenge on theCUBE for the show, this year as we kind of prepped you for and can call it a bumper sticker, you can call it a 30 second sizzle reel. But this is sort of your Instagram moment, your TikTok, your thought of leadership highlight. What's the most important story coming out of the show? Srini, you've been quoting the keynotes very well, so, I'm going to you first on this one. >> I think overall, it's all about owning the change. In our TEKsystems culture, it's all about striving for excellence through serving others and owning the change. And so it makes me very excited that when we get that kind of keynote resonating the same message that we invite culturally, that's a big win-win for all the companies. >> It's all about the shared vision. A lot of people with similar vision in this room right now, in this room, like it's a room, it's a massive expo center, just to be clear, I'm sure everyone can see in the background. Brandon >> I would say partnership, continuing to enhance our strategic partnership with AWS, continuing to be our customers' partners in transformation. And bringing those two things together here has been a predominance of my time this week. And we'll continue throughout the week, but we're in it together with our customers and with AWS and looking forward to the future. >> Yeah, that's a beautiful note to end on there. Brandon, Srini, thank you both so much for being here with us. Fantastic to learn from your insights and to continue to emphasize on this theme of collaboration. We look forward to the next conversation with you. Thank all of you for tuning in wherever you happen to be hanging out and watching this fabulous live stream or the replay. We are here at AWS Reinvent 2022 in wonderful sunny Las Vegas, Nevada with Lisa Martin. My name is Savannah Peterson, we are theCUBE, the leading source for high tech coverage.

(upbeat music) >> Welcome back to Vegas. Lisa Martin and Dave Vellante here with theCUBE live on the Venetian Expo Hall Floor, talking all things AWS re:Invent 2022. This is the first full day of coverage. It is jam-packed here. People are back. They are ready to hear all the new innovations from AWS. Dave, how does it feel to be back yet again in Vegas? >> Yeah, Vegas. I think it's my 10th time in Vegas this year. So, whatever. >> This year alone. You must have a favorite steak restaurant then. >> There are several. The restaurants in Vegas are actually really good. >> You know? >> They are good. >> They used to be terrible. But I'll tell you. My favorite? The place that closed. >> Oh! >> Yeah, closed. In between where we are in the Wynn and the Venetian. Anyway. >> Was it CUT? >> No, I forget what the name was. >> Something else, okay. >> It was like a Greek sort of steak place. Anyway. >> Now, I'm hungry. >> We were at Pure Accelerate a couple years ago. >> Yes, we were. >> When they announced Cloud Block Store. >> That's right. >> Pure was the first- >> In Austin. >> To do that. >> Yup. >> And then they made the acquisition of Portworx which was pretty prescient given that containers have been going through the roof. >> Yeah. >> So I'm sort of excited to have these guys on and talk about that. >> We're going to unpack all of this. We've got one of our alumni back with us, Venkat Ramakrishna, VP of Product, Portworx by Pure Storage. And Dan Kogan joins us for the first time, VP of Product Management and Product Marketing, FlashArray at Pure Storage. Guys, welcome to the program. >> Thank you. >> Hey, guys. >> Dan: Thanks for having us. >> Do you have a favorite steak restaurant in Vegas? Dave said there's a lot of good choices. >> There's a lot of good steak restaurants here. >> I like SDK. >> Yeah, that's a good one. >> That's the good one. >> That's a good one. >> Which one? >> SDK. >> SDK. >> Where's that? >> It's, I think, in Cosmopolitan. >> Ooh. >> Yeah. >> Oh, yeah, yeah, yeah. >> It's pretty good, yeah. >> There's one of the Western too that's pretty. >> I'm an Herbs and Rye guy. Have you ever been there? >> No. >> No. >> Herbs and Rye is off strip, but it's fantastic. It's kind of like a locals joint. >> I have to dig through all of this great stuff today and then check that out. Talk to me. This is our first day, obviously. First main day. I want to get both of your perspectives. Dan, we'll start with you since you're closest to me. How are you finding this year's event so far? Obviously, tons of people. >> Busy. >> Busy, yeah. >> Yeah, it is. It is old times. Bigger, right? Last re:Invent I was at was 2019 right before everything shut down and it's probably half the size of this which is a different trend than I feel like most other tech conferences have gone where they've come back, but a little bit smaller. re:Invent seems to be the IT show. >> It really does. Venkat, are you finding the same? In terms of what you're experiencing so far on day one of the events? >> Yeah, I mean... There's tremendous excitement. Overall, I think it's good to be back. Very good crowd, great turnout, lot of excitement around some of the new offerings we've announced. The booth traffic has been pretty good. And just the quality of the conversations, the customer meetings, have been really good. There's very interesting use cases shaping up and customers really looking to solve real large scale problems. Yeah, it's been a phenomenal first day. >> Venkat, talk a little bit about, and then we'll get to you Dan as well, the relationship that Portworx by Pure Storage has with AWS. Maybe some joint customers. >> Yeah, so we... Definitely, we have been a partner of AWS for quite some time, right? Earlier this year, we signed what is called a strategic investment letter with AWS where we kind of put some joint effort together like to better integrate our products. Plus, kind of get in front of our customers more together and educate them on how going to how they can deploy and build vision critical apps on EKS and EKS anywhere and Outpost. So that partnership has grown a lot over the last year. We have a lot of significant mutual customer wins together both on the public cloud on EKS as well as on EKS anywhere, right? And there are some exciting use cases around Edge and Edge deployments and different levels of Edge as well with EKS anywhere. And there are pretty good wins on the Outpost as well. So that partnership I think is kind of like growing across not just... We started off with the one product line. Now our Portworx backup as a service is also available on EKS and along with the Portworx Data Services. So, it is also expanded across the product lanes as well. >> And then Dan, you want to elaborate a bit on AWS Plus Pure? >> Yeah, it's for kind of what we'll call the core Pure business or the traditional Pure business. As Dave mentioned, Cloud Block Store is kind of where things started and we're seeing that move and evolve from predominantly being a DR site and kind of story into now more and more production applications being lifted and shifted and running now natively in AWS honor storage software. And then we have a new product called Pure Fusion which is our storage as code automation product essentially. It takes you from moving and managing of individual arrays, now obfuscates a fleet level allows you to build a very cloud-like backend and consume storage as code. Very, very similar to how you do with AWS, with an EBS. That product is built in AWS. So it's a SaaS product built in AWS, really allowing you to turn your traditional Pure storage into an AWS-like experience. >> Lisa: Got it. >> What changed with Cloud Block Store? 'Cause if I recall, am I right that you basically did it on S3 originally? >> S3 is a big... It's a number of components. >> And you had a high performance EC2 instances. >> Dan: Yup, that's right. >> On top of lower cost object store. Is that still the case? >> That's still the architecture. Yeah, at least for AWS. It's a different architecture in Azure where we leverage their disc storage more. But in AWS were just based on essentially that backend. >> And then what's the experience when you go from, say, on-prem to AWS to sort of a cross cloud? >> Yeah, very, very simple. It's our replication technology built in. So our sync rep, our async rep, our active cluster technology is essentially allowing you to move the data really, really seamlessly there and then again back to Fusion, now being that kind of master control plan. You can have availability zones, running Cloud Block Store instances in AWS. You can be running your own availability zones in your data centers wherever those may happen to be, and that's kind of a unification layer across it all. >> It looks the same to the customer. >> To the customer, at the end of the day, it's... What the customer sees is the purity operating system. We have FlashArray proprietary hardware on premises. We have AWS's hardware that we run it on here. But to the customer, it's just the FlashArray. >> That's a data super cloud actually. Yeah, it's a data super cloud. >> I'd agree. >> It spans multiple clouds- >> Multiple clouds on premises. >> It extracts all the complexity of the underlying muck and the primitives and presents a common experience. >> Yeah, and it's the same APIs, same management console. >> Dave: Yeah, awesome. >> Everything's the same. >> See? It's real. It's a thing, On containers, I have a question. So we're in this environment, everybody wants to be more efficient, what's happening with containers? Is there... The intersection of containers and serverless, right? You think about all the things you have to do to run containers in VMs, configure everything, configure the memory, et cetera, and then serverless simplifies all that. I guess Knative in between or I guess Fargate. What are you seeing with customers between stateless apps, stateful apps, and how it all relates to containers? >> That's a great question, right? I think that one of the things that what we are seeing is that as people run more and more workloads in the cloud, right? There's this huge movement towards being the ability to bring these applications to run anywhere, right? Not just in one public cloud, but in the data centers and sometimes the Edge clouds. So there's a lot of portability requirements for the applications, right? I mean, yesterday morning I was having breakfast with a customer who is a big AWS customer but has to go into an on-prem air gap deployment for one of their large customers and is kind of re-platforming some other apps into containers in Kubernetes because it makes it so much easier for them to deploy. So there is no longer the debate of, is it stateless versus it stateful, it's pretty much all applications are moving to containers, right? And in that, you see people are building on Kubernetes and containers is because they wanted multicloud portability for their applications. Now the other big aspect is cost, right? You can significantly run... You know, like lower cost by running with Kubernetes and Portworx and by on the public cloud or on a private cloud, right? Because it lets you get more out of your infrastructure. You're not all provisioning your infrastructure. You are like just deploying the just-enough infrastructure for your application to run with Kubernetes and scale it dynamically as your application load scales. So, customers are better able to manage costs. >> Does serverless play in here though? Right? Because if I'm running serverless, I'm not paying for the compute the whole time. >> Yeah. >> Right? But then stateless and stateful come into play. >> Serverless has a place, but it is more for like quick event-driven decision. >> Dave: The stateless apps. >> You know, stuff that needs to happen. The serverless has a place, but majority of the applications have need compute and more compute to run because there's like a ton of processing you have to do, you're serving a whole bunch of users, you're serving up media, right? Those are not typically good serverless apps, right? The several less apps do definitely have a place. There's a whole bunch of minor code snippets or events you need to process every now and then to make some decisions. In that, yeah, you see serverless. But majority of the apps are still requiring a lot of compute and scaling the compute and scaling storage requirements at a time. >> So what Venkat was talking about is cost. That is probably our biggest tailwind from a cloud adoption standpoint. I think initially for on-premises vendors like Pure Storage or historically on-premises vendors, the move to the cloud was a concern, right? In that we're getting out the data center business, we're going all in on the cloud, what are you going to do? That's kind of why we got ahead of that with Cloud Block Store. But as customers have matured in their adoption of cloud and actually moved more applications, they're becoming much more aware of the costs. And so anywhere you can help them save money seems to drive adoption. So they see that on the Kubernetes side, on our side, just by adding in things that we do really well: Data reduction, thin provisioning, low cost snaps. Those kind of things, massive cost savings. And so it's actually brought a lot of customers who thought they weren't going to be using our storage moving forward back into the fold. >> Dave: Got it. >> So cost saving is great, huge business outcomes potentially for customers. But what are some of the barriers that you're helping customers to overcome on the storage side and also in terms of moving applications to Kubernetes? What are some of those barriers that you could help us? >> Yeah, I mean, I can answer it simply from a core FlashArray side, it's enabling migration of applications without having to refactor them entirely, right? That's Kubernetes side is when they think about changing their applications and building them, we'll call quote unquote more cloud native, but there are a lot of customers that can't or won't or just aren't doing that, but they want to run those applications in the cloud. So the movement is easier back to your data super cloud kind of comment, and then also eliminating this high cost associated with it. >> I'm kind of not a huge fan of the whole repatriation narrative. You know, you look at the numbers and it's like, "Yeah, there's something going on." But the one use case that looks like it's actually valid is, "I'm going to test in the cloud and I'm going to deploy on-prem." Now, I dunno if that's even called repatriation, but I'm looking to help the repatriation narrative because- >> Venkat: I think it's- >> But that's a real thing, right? >> Yeah, it's more than repatriation, right? It's more about the ability to run your app, right? It's not just even test, right? I mean, you're going to have different kinds of governance and compliance and regulatory requirements have to run your apps in different kinds of cloud environments, right? There are certain... Certain regions may not have all of the compliance and regulatory requirements implemented in that cloud provider, right? So when you run with Kubernetes and containers, I mean, you kind of do the transformation. So now you can take that app and run an infrastructure that allows you to deliver under those requirements as well, right? So that portability is the major driver than repatriation. >> And you would do that for latency reasons? >> For latency, yeah. >> Or data sovereign? >> Data sovereignty. >> Data sovereignty. >> Control. >> I mean, yeah. Availability of your application and data just in that region, right? >> Okay, so if the capability is not there in the cloud region, you come in and say, "Hey, we can do that on-prem or in a colo and get you what you need to comply to your EDX." >> Yeah, or potentially moves to a different cloud provider. It's just a lot more control that you're providing on customer at the end of the day. >> What's that move like? I mean, now you're moving data and everybody's going to complain about egress fees. >> Well, you shouldn't be... I think it's more of a one-time move. You're probably not going to be moving data between cloud providers regularly. But if for whatever reasons you decide that I'm going to stop running in X Cloud and I'm going to move to this cloud, what's the most seamless way to do? >> So a customer might say, "Okay, that's certification's not going to be available in this region or gov cloud or whatever for a year, I need this now." >> Yeah, or various commercial. Whatever it might be. >> "And I'm going to make the call now, one-way door, and I'm going to keep it on-prem." And then worry about it down the road. Okay, makes sense. >> Dan, I got to talk to you about the sustainability element there because it's increasingly becoming a priority for organizations in every industry where they need to work with companies that really have established sustainability programs. What are some of the factors that you talk with customers about as they have choice in all FlashArray between Pure and competitors where sustainability- >> Yeah, I mean we've leaned very heavily into that from a marketing standpoint recently because it has become so top of mind for so many customers. But at the end of the day, sustainability was built into the core of the Purity operating system in FlashArray back before it was FlashArray, right? In our early generation of products. The things that drive that sustainability of high density, high data reduction, small footprint, we needed to build that for Pure to exist as a company. And we are maybe kind of the last all-flash vendor standing that came ground up all-flash, not just the disc vendor that's refactored, right? And so that's sort of engineering from the ground up that's deeply, deeply into our software as a huge sustainability payout now. And we see that and that message is really, really resonating with customers. >> I haven't thought about that in a while. You actually are. I don't think there's any other... Nobody else made it through the knothole. And you guys hit escape velocity and then some. >> So we hit escape velocity and it hasn't slowed down, right? Earnings will be tomorrow, but the last many quarters have been pretty good. >> Yeah, we follow you pretty closely. I mean, there was one little thing in the pandemic and then boom! It's just kept cranking since, so. >> So at the end of the day though, right? We needed that level to be economically viable as a flash bender going against disc. And now that's really paying off in a sustainability equation as well because we consume so much less footprint, power cooling, all those factors. >> And there's been some headwinds with none pricing up until recently too that you've kind of blown right through. You know, you dealt with the supply issues and- >> Yeah, 'cause the overall... One, we've been, again, one of the few vendors that's been able to navigate supply really well. We've had no major delays in disruptions, but the TCO argument's real. Like at the end of the day, when you look at the cost of running on Pure, it's very, very compelling. >> Adam Selipsky made the statement, "If you're looking to tighten your belt, the cloud is the place to do it." Yeah, okay. It might be that, but... Maybe. >> Maybe, but you can... So again, we are seeing cloud customers that are traditional Pure data center customers that a few years ago said, "We're moving these applications into the cloud. You know, it's been great working with you. We love Pure. We'll have some on-prem footprint, but most of everything we're going to do is in the cloud." Those customers are coming back to us to keep running in the cloud. Because again, when you start to factor in things like thin provisioning, data reduction, those don't exist in the cloud. >> So, it's not repatriation. >> It's not repatriation. >> It's we want Pure in the cloud. >> Correct. We want your software. So that's why we built CBS, and we're seeing that come all the way through. >> There's another cost savings is on the... You know, with what we are doing with Kubernetes and containers and Portworx Data Services, right? So when we run Portworx Data Services, typically customers spend a lot of money in running the cloud managed services, right? Where there is obviously a sprawl of those, right? And then they end up spending a lot of item costs. So when we move that, like when they run their data, like when they move their databases to Portworx Data Services on Kubernetes, because of all of the other cost savings we deliver plus the licensing costs are a lot lower, we deliver 5X to 10X savings to our customers. >> Lisa: Significant. >> You know, significant savings on cloud as well. >> The operational things he's talking about, too. My Fusion engineering team is one of his largest customers from Portworx Data Services. Because we don't have DBAs on that team, it's just developers. But they need databases. They need to run those databases. We turn to PDS. >> This is why he pays my bills. >> And that's why you guys have to come back 'cause we're out of time, but I do have one final question for each of you. Same question. We'll start with you Dan, the Venkat we'll go to you. Billboard. Billboard or a bumper sticker. We'll say they're going to put a billboard on Castor Street in Mountain View near the headquarters about Pure, what does it say? >> The best container for containers. (Dave and Lisa laugh) >> Venkat, Portworx, what's your bumper sticker? >> Well, I would just have one big billboard that goes and says, "Got PX?" With the question mark, right? And let people start thinking about, "What is PX?" >> I love that. >> Dave: Got Portworx, beautiful. >> You've got a side career in marketing, I can tell. >> I think they moved him out of the engineering. >> Ah, I see. We really appreciate you joining us on the program this afternoon talking about Pure, Portworx, AWS. Really compelling stories about how you're helping customers just really make big decisions and save considerable costs. We appreciate your insights. >> Awesome. Great. Thanks for having us. >> Thanks, guys. >> Thank you. >> For our guests and for Dave Vellante, I'm Lisa Martin. You're watching theCUBE, the leader in live enterprise and emerging tech coverage. (upbeat music)

>>Hey guys, welcome back to the Cube's coverage of IFS Unleashed in Miami. I'm Lisa Martin. Been here half a day so far, having great conversations. It is so great to be back on the show floor and I'm getting that sentiment from the IFS execs, their customers, their partners, and the ecosystem. I'm pleased to welcome Kathy Hall as my next guest, the SVP of experience at ifs. Kathy, welcome to the program. >>Thank you. >>Love talking about the customer experience. Talk to me, but the employee experience is equally important because they're like this, but talk to me about your role as the SVP of experience and what that entails. >>Yeah, so I'm really, really fortunate at IFS to be SVP across experience. So I do a lot of work with the r and d team, but I also have a role that spans sales consulting support so I can really get involved in any part of the organization to enable us to deliver moments of service. So I'm really, really fortunate. I've got such a broad remit and really work on everything from the user experience and what the product looks like, feels like, how it interacts, how it moves, how we put our partner, the technologies in there, everything to their customer experience. So how people find it if they have to engage with support or what it's like in presales. And we are really trying to wrap that up into a total experience so that we bring all of those parts together and really productize our experience so that every customer gets a fantastic experience and the best moments of service. So yeah, it's like a short job title and it's a really kind of big role. It's fantastic. >>It is. It's very, it's very encompassing. You have so much visibility across the entire organization that impacts the customer in many different ways. I can't only imagine that having that visibility in that role really helps to create not only a great customer experience but a, a great experience for the employees. And those two things I always think of them as like this, like inextricably linked. >>Yeah, exactly. And we've done a lot over the last couple of years of really trying to make sure we've got the data so we understand both from a product point of view and a service point of view, what our users and our customers think about that moment of service. Where the friction points are, you know, what's really good and, and we can use that to coach our employees to celebrate success, to give people kudos for the fantastic work they do. And that really enables us to create a hype around the customer within, within ifs. And just last week we were celebrating CX day and we did a whole week and had our own sort of internal hashtag of CX days every day. And that was fantastic to really galvanize that spirit of those ifss, you know, Team Purple, really being at the forefront of how we deliver that, that customer experience. And it's fantastic for our customers, but it's also brilliant for our people because it's motivating and, and it empowers people to, to be able to do a great job, which is what we all want to do. >>Absolutely. Employees need to be empowered because if that's not there, then the customer experience inextricably linked will suffer. Talk to me a little bit about the evolution of the role. Has it been something that's been the, a focus of ifs? Cuz there's, you guys have so many unique differentiators for, for a company that isn't widely known, but talk to me about how that came about going, you know, what we need to be able to take to really look at the customer experience through many different lenses, take their feedback and really deliver a product experience that is seamless so that they can deliver those moments of service. >>Yeah, exactly. And I think, you know, when, when Darren took over a ceo, we've been on this really kind of passionate journey to bring service to our customers, bring value to our customers, you know, we really value is at the heart of, of everything for our customers. And, and so it's our ethos too. And so we've, we've sort of woven this value into everything that we do with that focus on the customer. So my role started off sort of more in the come in and then try and understand it from a very product point of view, but in today's kind of world products and service lines emerging things need to be unified. You know, if you go back 20 years a product was built and it got shipped out and somebody picks it up and they implemented it and then there was a support and there were sort of these walls in between, but now of course it is a cloud company and those walls don't exist anymore. >>Product features are coming out regularly. The code sort of flows through the system out to customers. The way that we service has to be different. And so we're thinking all the time, how do we get that to be a seamless process and how do we enable, for example, data within a customer system to identify opportunities to create more value for that customer using technology like AI for example, and then being able to highlight that value back. But then maybe you say to the presales person, okay, this is the precise demonstration and capability that the customer needs to see because this is what the, the system's telling us is the business case. And that then flows through to the scope and it enables us to, to deliver that value. So it's really changing the way that we think about these things and unifying together that product and that service into this kind of bigger total experience and this end to end experience. >>So we're really looking at what are all the friction points along our journeys with the customers, How does it stop them getting value? How do we prioritize that value and, and therefore how do we reimagine an end to end experience? So as that thinking's evolved, my role's also evolved from being quite product centric to being very much across the organization. And I'm lucky I come from a commercial and operational background, so I've got a vast amount of experience in delivering these types of solutions. So that's really helped as well because I'm able to see that that full end to end and, and I've got a, you know, brilliant team of people and, and it comes back to the point where we said before, the people ifs are so engaged to want to deliver value, to want to deliver the moments of service that, that it's kind of easy, you know, just got to kind of focus people in the right way and, and the s comes together. >>That's nice to hear. And that's actually the vibe and the sentiment that we're getting from this. You know, talking about the end to end experience. It's so critical because people used to tolerate fragmented experiences. We don't anymore. One of the things that went away, I think or is in massively short supply during Covid and may not come back as patience and tolerance, right? So being able to deliver that end to end experience to your customers through what you're doing internally is critical for differentiation, for competitive advantage, and of course for your customers to be successful with their customers. >>Yeah, and there's so many parts of that that you could un pick. We, we could spend hours talking about it and as consumers our expectations are huge and we carry those expectations into the workplace. And in the same way, you know, at IFS we want our team to be motivated and, you know, proud and excited about the moments of service they're delivering. Our customers want the same thing from their teams and that also means they want a system where it's easy to train, easy to use, you can pick up, it looks great, you know, it gives users love ifs and it kind of gives them a tool that helps 'em get the job done, doesn't stand in their way. So, you know, all the kind of things we think about internally and how we're measuring customer experience also translates and resonates with our customers. Everything we think about how, you know, our people need to be empowered to deliver a customer experience. That's the same messages that, you know, we hear back time and time again from our customers. So there's so many parallels and we're really able to work with our customers to kind of do both at the same time, which is fantastic. >>Talk about measurement. What are some of the key indicators of success cus success in in from an experienced lens internally and with your customers? >>Yeah, so I mean there's all the obvious ones about, you know, MPS and CSAT and customer effort score. We also put a lot of value into the qualitative feedback. So we use customer A avail, which is an IFS product to collect data on our own moments of service. And you know, the numbers are great and they tell a story, but I also get really sucked into reading the comments back from the customers and there's kind of text analytics and sentiment analytics and for me that's becoming the more powerful kind of piece of data to look at because a story conveys much more than a simple number and it's also something that goes global as well. You know, different countries score in different ways. There's different kind of, you know, there's a lot of gaming that can go on with a score. It can be quite difficult to really interpret, but a but a story and understanding the sentiment behind that customer, that's gold. And if you can put those together and have a way of on scale being able to interpret that analysis, which we can do, you know, that becomes something quite special. So for me it's about a shift to understanding more of those stories as well as keeping, you know, the kind of traditional, traditional measures across the, the learning across the journey points, >>Right? The, the value, I always think the value of the voice of the customer is probably invaluable to organizations because it's honest. >>It absolutely it's honest. And I think once you've got those stories and you've got those metrics and then you're looking at your operational metrics, so what does that mean then in terms of, you know, recur revenue and what does that mean in terms of margins and the costs? And being able to put those three things together so that you couldn't understand the levers that you've got and the, and the results of those levers, that becomes really powerful. And that's really what's driving our, our customers for, for them to deliver in their moments of service as well, which ties back into when we're working within customers and engaging with customers and looking at that value story, doing the value assessments more able to use the, the evidence from industry and previous customers and, and the data sources available to help them also project, you know, an operational efficiency here will have this c CX benefit but actually also has this value benefit >>Oh, a value back to the business. I mean a a good experience is transformative. Yeah, >>Really powerful. >>Any industry. >>Yeah. Yeah. It's, it's so powerful and you know, that really resonates with our customers and that's what they're trying to, to achieve all the time. And so when they're looking at IFS cloud in particular, they're looking at how, you know, the, the software can help them achieve those moments of service and perfect those moments of service and all the technology that comes into play that can enable people to improve those moments of service at the same time as getting those operational benefits. And that enables organizations to then invest more in the customer experience, more advocacy and, and really, you know, feels growth. There's, there's no denying that now you have to have that experience and, and at your point before the expectation from as others consumers, we won't tolerate a bad experience anymore, which is a good thing. >>It is. We, we've all had met plenty of those throughout the last two and a half years. Last question for you, you, what are some of the things that are next for experience at ifs? I know you mentioned before we went live that you started during the pandemic, so you go, go get to meet your team finally, but what are some of the things that excite you about the momentum that you guys are carrying through the rest of the second half? >>Yeah, so our focus now is really bringing the component parts together. So we have several tools across our whole experience that leverage from our IFFs cloud platform in order to deliver those moments of service to our customers. But those tools have grown up in different areas of the business because there's been a specific need in that area of the business. So tools at the pre-sale stage, tools that enable us to deliver scope, more frictionlessly tools that enable us to, to identify and capture value. The next stage is bringing those all together. So this week I announced our vision for experience and the experience hub and that really being a place where you get that thread of value throughout the whole experience where everything is tied into one place and it makes it really frictionless for our customers to get the value from ifs. >>And that's critical. You guys have north of 10,000 customers, it's only growing. Kathy, thank you so much for joining me on the program, talking about the end to end experience that IFS delivers internally and externally to its customers. We appreciate your insights. >>Thank you for having >>Me. My pleasure. For Kathy Hall, I'm Lisa Martin, you're watching The Cube live on the show floor of IFS Unleashed from Miami. Stick around. My next guest joins me in just a minute. I have been in the software and technology industry for over 12 years now, so I've had the.

>>The Cube Presents UI Path Forward five. Brought to you by UI Path. >>Welcome back to the Cube's Coverage of Forward five UI Path Customer event. This is the fourth forward that we've been at. We started in Miami, had some great events. It's all about the customer stories. Dave Valante with Dave Nicholson, Flow Yees here. She's the director of engineering and development at dsu and Kate Hall is to her right. And Kate is the director of Automation Solutions at dsu. Ladies, welcome to the Cube. Thanks so much. Thanks >>You to >>Be here. Tell us about dsu. You guys are huge company, but but give us the focus. >>Yeah, absolutely. Dentsu, it's one of the largest advertising networks out there. One of the largest in the world with over 66,000 employees and we're operating in a hundred plus countries. We're really proud to serve 95% of the Fortune 100 companies. Household names like Microsoft Factor and Gamble. If you seen the Super Bowls ads last year, Larry, Larry Davids ads for the crypto brand. That's a hilarious one for anyone who haven't seen it. So we're just really proud to be here and we really respect the creatives of our company. >>That was the best commercial, the Super Bowl by far. For sure. I, I said at the top of saying that Dave and I were talking UI pass, a cool company. You guys kinda look like cool people. You got cool jobs. Tell, tell us about your respective roles. What do you guys do? Yeah, >>Absolutely, absolutely. Well, I'm the director of engineering and automation, so what I really do is to implement the automation operating model and connecting developers across five continents together, making sure that we're delivering and deploying automation projects up to our best standards setting by the operating model. So it's a really, really great job. And when we get to see all these brilliant minds across the world >>And, And Kate, what's your role? Yeah, >>And the Automation Solutions vertical that I head up, the focus is really on converting business requirements into technical designs for flows, developers to deliver. So making sure that we are managing our pipeline, sourcing the right ideas, prioritizing them according to the business businesses objectives and making sure that we route them to the right place. So is it, does it need to be an automation first? Do we need to optimize the process? Does this make sense for citizen developers or do we need to bring in the professional resources on flow's >>Team? So you're bilingual, you speak, you're like the translator, you speak geek and wall, right? Is that fair? Okay. So take me back to the, let's, let's do a little mini case study here. How did you guys get started? I'm always interested, was this a top down? Is, is is top down required to be successful? Cuz it does feel like you can have bottom up bottoms up with rpa, but, but how did you guys get started? What was the journey like? >>Yeah, we started back in 2017, very traditional top down approach. So we delivered a couple POCs working directly with UiPath. You know, going back those five years, delivered those really highly scalable top down solutions that drove hundreds of thousands of hours of ROI for the business. However, as people kind of began to embrace automation and they learned that this is something that they could, that could help them, it's not something that they should be afraid of to take away their jobs. You know, DSU is a young company with a lot of young, young creatives. They wanna make their lives better. So we were absolutely inundated with all of these use cases of, hey I, I need a bot to do this. I need a bot to do that i's gonna save me, you know, 10 hours a week. It's gonna save my team a hundred hours a month, et cetera, et cetera. All of these smaller use cases that were gonna be hugely impactful for the individuals, their teams, even in entire department, but didn't have that scalable ROI for us to put professional development resources against it. So starting in 2020 we really introduced the citizen development program to put the power into those people's hands so that they could create their own solutions. And that was really just a snowball effect to tackle it from the bottom up as well as the top down. >>So a lot of young people, Dave, they not not threatened by robots that racing it. So >>They've grown up with the technology, they know that they can order an Uber from their phone, right? Why am I, you know, sitting here at MITs typing data from Excel into a program that might be older than some of our youngest employees. >>Yeah. Now, now the way you described it, correct me if I'm wrong, the way you described it, it sounds like there's sort of a gating function though. You're not just putting these tools in the hands of people sitting, especially creatives who are there to create. You're not saying, Oh you want things automated, here are the tools. Go ahead. Automated. We'll we, for those of you who want to learn how to use the tools, we'll have you automate that there. Did I hear that right? You're, you're sort of making decisions about what things will be developed even by citizen developers. >>Let me, Do you wanna talk to them about governance? Yeah, absolutely. >>Yeah, so I think we started out with assistant development program, obviously the huge success, right? Last year we're also here at the Cubes. We're very happy to be back again. But I think a lot, a lot had changed and we've grown a lot since last year. One, I have the joy being a part of this team. And then the other thing is that we really expanded and implemented an automation operating model that I mentioned briefly just earlier. So what that enabled us to do is to unite developers from five continents together organically and we're now able to tap into their talent at a global scale. So we are really using this operating model to grow our automation practice in a scalable and also controlled manner. Okay. What I mean by that is that these developer originally were sitting in 18 plus markets, right? There's not much communication collaboration between them. >>And then we went in and bridged them together. What happened is that originally they were only delivering projects and use cases within their region and sometimes these use cases could be very, very much, you know, small scale and not really maximizing their talent. What we are now able to do is tap into a global automation pipeline. So we connecting these highly skilled people to the pipeline elsewhere, the use cases elsewhere that might not be within their regions because one of our focus, a lot of change I mentioned, right? One thing that will never change with our team, it's used automation to elevate people's potential. Now it's really a win-win situation cuz we are connecting the use cases from different pipelines. So the business is happy cuz we are delivering these high scalable solutions. We also utilizing these developers and they're happy because their skills are being maximized and then at the same time growing our automation program. So then that way the citizen development program so that the lower complexities projects are being delivered at a local level and we are able to innovate at a local level. >>I, I have so many questions flow based on what you just said. It's blowing my mind >>Here. It's a whole cycle. >>So let me start with how do you, you know, one of the, one of the concerns I had initially with RPA, cuz just you're talking about some very narrow use cases and your goal is to expand that to realize the potential of each individual, right? But early days I saw a lot of what I call paving the cow path, taking a process that was not a great process and then automating it, right? And that was limiting the potential. So how do you guys prioritize which processes to focus on and maybe which processes should be rethought, >>Right? Exactly. A lot of time when we do automation, right, we talk about innovations and all that stuff, but innovation doesn't happen with the same people sitting in the same room doing the same thing. So what we are doing now, able to connect all these people, different developers from different groups, we really bring the diversity together. That's diversity D diverse diversity in the mindset, diversity in the skill. So what are we really able to do and we see how we tackle this problem is to, and that's a problem for a lot of business out there is the short-termism. So there's something, what we do is that we take two approaches. One, before we, you know, for example, when we used to receive a use case, right? Maybe it's for the China market involving a specific tool and we just go right into development and start coding and all that good stuff, which is great. >>But what we do with this automation framework, which we think it's a really great service for any company out there that want to grow and mature their automation practice, it's to take a step back, think about, okay, so the China market would be beneficial from this automation. Can we also look at the Philippine market? Can we also look at the Thailand market? Because we also know that they have similar processes and similar auto tools that they use. So we are really able to make our automation in a more meaningful way by scaling a project just beyond one market. Now it's impacting the entire region and benefiting people in the entire region. That is what we say, you know, putting automation for good and then that's what we talked about at dsu, Teaming without limits. And that's a, so >>By taking, we wanna make sure that we're really like taking a step back, connecting all of the dots, building the one thing the right way, the first time. Exactly. And what's really integral into being able to have that transparency, that visibility is that now we're all working on the same platform. So you know, Brian spoke to you last year about our migration into automation cloud, having everything that single pipeline in the cloud. Anybody at DSU can often join the automation community and get access to automation hub, see what's out there, submit their own ideas, use the launchpad to go and take training. Yeah. And get started on their own automation journey as a citizen developer and you know, see the different paths that are available to them from that one central space. >>So by taking us a breath, stepping back, pausing just a bit, the business impact at the tail end is much, much higher. Now you start in 2017 really before you UI path made it's big enterprise play, it acquired process gold, you know, cloud elements now most recently referenced some others. How much of what you guys are, are, are doing is platform versus kind of the initial sort of robot installation? Yeah, >>I mean platforms power people and that's what we're here to do as the global automation team. Whether it's powering the citizen developers, the professional developers, anybody who's interacting with our automations at dsu, we wanna make sure that we're connecting the docs for them on a platform basis so that developers can develop and they don't need to develop those simple use cases that could be done by a citizen developer. You know, they're super smart technical people, they wanna do the cool shit with the new stuff. They wanna branch into, you know, using AI center and doing document understanding. That's, you know, the nature of human curiosity. Citizen developers, they're thrilled that we're making an investment to upscale them, to give them a new capability so that they can automate their own work. And they don't, they, they're the process experts. They don't need to spend a month talking to us when they could spend that time taking the training, learning how to create something themselves. >>How, how much sort of use case runway when you guys step back and look at your business, do you see a limit to the use cases? I mean where are you, if you had on a spectrum of, you know, maturity, how much more opportunity is there for DSU to automate? >>There's so much I think the, you feel >>Like it's limitless? >>No, I absolutely feel like it's limitless because there one thing, it's, there's the use cases and I think it's all about connecting the talent and making sure that something we do really, you know, making sure that we deliver these use cases, invest the time in our people so we make sure our professional developers part of our team spending 10 to 20% of the time to do learning and development because only limitless if our people are getting the latest and the greatest technology and we want to invest the time and we see this as an investment in the people making sure that we deliver the promise of putting people first. And the second thing, it's also investment in our company's growth. And that's a long term goal. And overcoming just focusing on things our short term. So that is something we really focus to do. And not only the use cases we are doing what we are doing as an operating model for automation. That is also something that we really value because then this is a kind of a playbook and a success model for many companies out there to grow their automation practice. So that's another angle that we are also focusing >>On. Well that, that's a relief because you guys are both seem really cool and, and I'm sitting here thinking they don't realize they're working themselves out of a job once they get everything automated, what are they gonna do? Right? But, but so, so it sounds like it's a never ending process, but because you guys are, are such a large global organization, it seems like you might have a luxury of being able to benchmark automations from one region and then benchmark them against other regions that aren't using that automation to be able to see very, very quickly not only realize ROI really quickly from the region where it's been implemented, but to be able to compare it to almost a control. Is that, is that part of your process? Yeah, >>Absolutely. Because we are such a global brand and with the automation, automation operating model, what we are able to do, not only focusing on the talent and the people, but also focusing on the infrastructure. So for example, right, maybe there's a first use case developing in Argentina and they have never done these automation before. And when they go to their security team and asking for an Okta bypass service account and the security team Argentina, like we never heard of automation, we don't know what UiPath is, why would I give you a service account for good reason, right? They're doing their job right. But what we able to do with automation model, it's to establish trust between the developers and the security team. So now we have a set up standing infrastructure that we are ready to go whenever an automation's ready to deploy and we're able to get the set up standing infrastructure because we have the governance to make sure the quality would delivered and making sure anything that we deployed, automation that we deploy are developed and governed by the best practice. So that's how we able to kind of get this automation expand globally in a very control and scalable manner because the people that we have build a relationship with. What are >>The governors to how fast you can adopt? Is it just expertise or bandwidth of that expertise or what's the bottleneck? >>Yeah, >>If >>You wanna talk more about, >>So in terms of the pipeline, we really wanna make sure that we are taking that step back and instead of just going, let's develop, develop, develop, here are the requirements like get started and go, we've prove the value of automation at Densu. We wanna make sure we are taking that step back and observing the pipeline. And it's, it's up to us to work with the business to really establish their priorities and the priorities. It's a, it's a big global organization. There might be different priorities in APAC than there are in EM for a good reason. APAC may not be adopted on the same, you know, e r P system for example. So they might have those smaller scale ROI use cases, but that's where we wanna work with them to identify, you know, maybe this is a legitimate need, the ROI is not there, let's upscale some citizen developers so that they can start, you know, working for themselves and get those results faster for those simpler use cases. >>Does, does the funding come from the line of business or IT or a combination? I mean there are obviously budget constraints are very concerned about the macro and the recession. You guys have some global brands, you know, as, as things ebb and flow in the economy, you're competing with other budgets. But where are the budgets coming from inside of dsu? Is it the business, is it the tech >>Group? Yeah, we really consider our automation group is the cause of doing business because we are here connecting people with bridging people together and really elevating. And the reason why we structure it that way, it's people, we do automation at dsu not to reduce head count, not to, you know, not, not just those matrix number that we measure, but really it's to giving time back to the people, giving time back to our business. So then that way they can focus on their wellbeing and that way they can focus on the work-life balance, right? So that's what we say. We are forced for good and by using automation for good as one really great example. So I think because of this agenda and because DSU do prioritize people, you know, so that's why we're getting the funding, we're getting the budget and we are seeing as a cause of doing business. So then we can get these time back using innovation to make people more fulfilling and applying automation in meaningful ways. >>Kate and Flo, congratulations. Your energy is palpable and really great success, wonderful story. Really appreciate you sharing. Thank you so >>Much for having us today. >>You're very welcome. All keep it right there. Dave Nicholson and Dave Ante. We're live from UI path forward at five from Las Vegas. We're in the Venetian Consent Convention Center. Will be right back, right for the short break.

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

>>Welcome back everyone to the Cube and Horizon three.ai special presentation. I'm John Furrier, host of the Cube. We with Chris Hill, Sector head for strategic accounts and federal@horizonthree.ai. Great innovative company. Chris, great to see you. Thanks for coming on the Cube. >>Yeah, like I said, you know, great to meet you John. Long time listener. First time call. So excited to be here with >>You guys. Yeah, we were talking before camera. You had Splunk back in 2013 and I think 2012 was our first splunk.com. Yep. And boy man, you know, talk about being in the right place at the right time. Now we're at another inflection point and Splunk continues to be relevant and continuing to have that data driving security and that interplay. And your ceo, former CTO of Splunk as well at Horizons Neha, who's been on before. Really innovative product you guys have, but you know, Yeah, don't wait for a brief to find out if you're locking the right data. This is the topic of this thread. Splunk is very much part of this new international expansion announcement with you guys. Tell us what are some of the challenges that you see where this is relevant for the Splunk and the Horizon AI as you guys expand Node zero out internationally? >>Yeah, well so across, so you know, my role within Splunk was working with our most strategic accounts. And so I look back to 2013 and I think about the sales process like working with, with our small customers. You know, it was, it was still very siloed back then. Like I was selling to an IT team that was either using us for IT operations. We generally would always even say, yeah, although we do security, we weren't really designed for it. We're a log management tool. And you know, we, and I'm sure you remember back then John, we were like sort of stepping into the security space and in the public sector domain that I was in, you know, security was 70% of what we did. When I look back to sort of the transformation that I was, was witnessing in that digital transformation, you know when I, you look at like 2019 to today, you look at how the IT team and the security teams are, have been forced to break down those barriers that they used to sort of be silo away, would not communicate one, you know, the security guys would be like, Oh this is my BA box it, you're not allowed in today. >>You can't get away with that. And I think that the value that we bring to, you know, and of course Splunk has been a huge leader in that space and continues to do innovation across the board. But I think what we've we're seeing in the space that I was talking with Patrick Kauflin, the SVP of security markets about this, is that, you know, what we've been able to do with Splunk is build a purpose built solution that allows Splunk to eat more data. So Splunk itself, as you well know, it's an ingest engine, right? So the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it, but without data it doesn't do anything, right? So how do you drive and how do you bring more data in? And most importantly from a customer perspective, how do you bring the right data in? >>And so if you think about what node zero and what we're doing in a Horizon three is that, sure we do pen testing, but because we're an autonomous pen testing tool, we do it continuously. So this whole thought of being like, Oh, crud like my customers, Oh yeah, we got a pen test coming up, it's gonna be six weeks. The wait. Oh yeah. You know, and everyone's gonna sit on their hands, Call me back in two months, Chris, we'll talk to you then. Right? Not, not a real efficient way to test your environment and shoot, we, we saw that with Uber this week. Right? You know, and that's a case where we could have helped. >>Well just real quick, explain the Uber thing cause it was a contractor. Just give a quick highlight of what happened so you can connect the >>Dots. Yeah, no problem. So there it was, I think it was one of those, you know, games where they would try and test an environment. And what the pen tester did was he kept on calling them MFA guys being like, I need to reset my password re to set my password. And eventually the customer service guy said, Okay, I'm resetting it. Once he had reset and bypassed the multifactor authentication, he then was able to get in and get access to the domain area that he was in or the, not the domain, but he was able to gain access to a partial part of the network. He then paralleled over to what would I assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains. And so within minutes they had access. And that's the sort of stuff that we do under, you know, a lot of these tools. >>Like not, and I'm not, you know, you think about the cacophony of tools that are out there in a CTA orchestra architecture, right? I'm gonna get like a Zscaler, I'm gonna have Okta, I'm gonna have a Splunk, I'm gonna do this sore system. I mean, I don't mean to name names, we're gonna have crowd strike or, or Sentinel one in there. It's just, it's a cacophony of things that don't work together. They weren't designed work together. And so we have seen so many times in our business through our customer support and just working with customers when we do their pen test, that there will be 5,000 servers out there. Three are misconfigured. Those three misconfigurations will create the open door. Cause remember the hacker only needs to be right once, the defender needs to be right all the time. And that's the challenge. And so that's why I'm really passionate about what we're doing here at Horizon three. I see this my digital transformation, migration and security going on, which we're at the tip of the sp, it's why I joined say Hall coming on this journey and just super excited about where the path's going and super excited about the relationship with Splunk. I get into more details on some of the specifics of that. But you know, >>I mean, well you're nailing, I mean we've been doing a lot of things around super cloud and this next gen environment, we're calling it NextGen. You're really seeing DevOps, obviously Dev SecOps has, has already won the IT role has moved to the developer shift left as an indicator of that. It's one of the many examples, higher velocity code software supply chain. You hear these things. That means that it is now in the developer hands, it is replaced by the new ops, data ops teams and security where there's a lot of horizontal thinking. To your point about access, there's no more perimeter. So >>That there is no perimeter. >>Huge. A hundred percent right, is really right on. I don't think it's one time, you know, to get in there. Once you're in, then you can hang out, move around, move laterally. Big problem. Okay, so we get that. Now, the challenges for these teams as they are transitioning organizationally, how do they figure out what to do? Okay, this is the next step. They already have Splunk, so now they're kind of in transition while protecting for a hundred percent ratio of success. So how would you look at that and describe the challenges? What do they do? What is, what are the teams facing with their data and what's next? What do they, what do they, what action do they take? >>So let's do some vernacular that folks will know. So if I think about dev sec ops, right? We both know what that means, that I'm gonna build security into the app, but no one really talks about SEC DevOps, right? How am I building security around the perimeter of what's going inside my ecosystem and what are they doing? And so if you think about what we're able to do with somebody like Splunk is we could pen test the entire environment from soup to nuts, right? So I'm gonna test the end points through to it. So I'm gonna look for misconfigurations, I'm gonna, and I'm gonna look for credential exposed credentials. You know, I'm gonna look for anything I can in the environment. Again, I'm gonna do it at at light speed. And, and what we're, what we're doing for that SEC dev space is to, you know, did you detect that we were in your environment? >>So did we alert Splunk or the SIM that there's someone in the environment laterally moving around? Did they, more importantly, did they log us into their environment? And when did they detect that log to trigger that log? Did they alert on us? And then finally, most importantly, for every CSO out there is gonna be did they stop us? And so that's how we, we, we do this in, I think you, when speaking with Stay Hall, before, you know, we've come up with this boils U Loop, but we call it fine fix verify. So what we do is we go in is we act as the attacker, right? We act in a production environment. So we're not gonna be, we're a passive attacker, but we will go in un credentialed UN agents. But we have to assume, have an assumed breach model, which means we're gonna put a Docker container in your environment and then we're going to fingerprint the environment. >>So we're gonna go out and do an asset survey. Now that's something that's not something that Splunk does super well, you know, so can Splunk see all the assets, do the same assets marry up? We're gonna log all that data and think then put load that into the Splunk sim or the smoke logging tools just to have it in enterprise, right? That's an immediate future ad that they've got. And then we've got the fix. So once we've completed our pen test, we are then gonna generate a report and we could talk about about these in a little bit later. But the reports will show an executive summary the assets that we found, which would be your asset discovery aspect of that, a fixed report. And the fixed report I think is probably the most important one. It will go down and identify what we did, how we did it, and then how to fix that. >>And then from that, the pen tester or the organization should fix those. Then they go back and run another test. And then they validate through like a change detection environment to see, hey, did those fixes taste, play take place? And you know, SNA Hall, when he was the CTO of JS o, he shared with me a number of times about, he's like, Man, there would be 15 more items on next week's punch sheet that we didn't know about. And it's, and it has to do with how we, you know, how they were prioritizing the CVEs and whatnot because they would take all CVS was critical or non-critical. And it's like we are able to create context in that environment that feeds better information into Splunk and whatnot. That >>Was a lot. That brings, that brings up the, the efficiency for Splunk specifically. The teams out there. By the way, the burnout thing is real. I mean, this whole, I just finished my list and I got 15 more or whatever the list just can, keeps, keeps growing. How did Node zero specifically help Splunk teams be more efficient? Now that's the question I want to get at, because this seems like a very scalable way for Splunk customers and teams, service teams to be more efficient. So the question is, how does Node zero help make Splunk specifically their service teams be more efficient? >>So to, so today in our early interactions with building Splunk customers, what we've seen are five things, and I'll start with sort of identifying the blind spots, right? So kind of what I just talked about with you. Did we detect, did we log, did we alert? Did they stop node zero, right? And so I would, I put that at, you know, a a a more layman's third grade term. And if I was gonna beat a fifth grader at this game would be, we can be the sparring partner for a Splunk enterprise customer, a Splunk essentials customer, someone using Splunk soar, or even just an enterprise Splunk customer that may be a small shop with three people and, and just wants to know where am I exposed. So by creating and generating these reports and then having the API that actually generates the dashboard, they can take all of these events that we've logged and log them in. >>And then where that then comes in is number two is how do we prioritize those logs, right? So how do we create visibility to logs that are, have critical impacts? And again, as I mentioned earlier, not all CVEs are high impact regard and also not all are low, right? So if you daisy chain a bunch of low CVEs together, boom, I've got a mission critical AP CVE that needs to be fixed now, such as a credential moving to an NT box that's got a text file with a bunch of passwords on it, that would be very bad. And then third would be verifying that you have all of the hosts. So one of the things that Splunk's not particularly great at, and they, they themselves, they don't do asset discovery. So do what assets do we see and what are they logging from that? And then for, from, for every event that they are able to identify the, one of the cool things that we can do is actually create this low-code, no-code environment. >>So they could let, you know, float customers can use Splunk. So to actually triage events and prioritize that events or where they're being routed within it to optimize the SOX team time to market or time to triage any given event. Obviously reducing mtr. And then finally, I think one of the neatest things that we'll be seeing us develop is our ability to build glass tables. So behind me you'll see one of our triage events and how we build a lock Lockheed Martin kill chain on that with a glass table, which is very familiar to this Splunk community. We're going to have the ability, not too distant future to allow people to search, observe on those IOCs. And if people aren't familiar with an ioc, it's an incident of compromise. So that's a vector that we want to drill into. And of course who's better at drilling in into data and Splunk. >>Yeah, this is a critical, this is awesome synergy there. I mean I can see a Splunk customer going, Man, this just gives me so much more capability. Action actionability. And also real understanding, and I think this is what I wanna dig into, if you don't mind understanding that critical impact, okay. Is kind of where I see this coming. I got the data, data ingest now data's data. But the question is what not to log, You know, where are things misconfigured? These are critical questions. So can you talk about what it means to understand critical impact? >>Yeah, so I think, you know, going back to those things that I just spoke about, a lot of those CVEs where you'll see low, low, low and then you daisy chain together and you're suddenly like, oh, this is high now. But then to your other impact of like if you're a, if you're a a Splunk customer, you know, and I had, I had several of them, I had one customer that, you know, terabytes of McAfee data being brought in and it was like, all right, there's a lot of other data that you probably also wanna bring, but they could only afford, wanted to do certain data sets because that's, and they didn't know how to prioritize or filter those data sets. And so we provide that opportunity to say, Hey, these are the critical ones to bring in. But there's also the ones that you don't necessarily need to bring in because low CVE in this case really does mean low cve. >>Like an ILO server would be one that, that's the print server where the, your admin credentials are on, on like a, a printer. And so there will be credentials on that. That's something that a hacker might go in to look at. So although the CVE on it is low, if you daisy chain was something that's able to get into that, you might say, ah, that's high. And we would then potentially rank it giving our AI logic to say that's a moderate. So put it on the scale and we prioritize though, versus a, a vulner review scanner's just gonna give you a bunch of CVEs and good luck. >>And translating that if I, if I can and tell me if I'm wrong, that kind of speaks to that whole lateral movement. That's it. Challenge, right? Print server, great example, look stupid low end, who's gonna wanna deal with the print server? Oh, but it's connected into a critical system. There's a path. Is that kind of what you're getting at? >>Yeah, I used daisy chain. I think that's from the community they came from. But it's, it's just a lateral movement. It's exactly what they're doing. And those low level, low critical lateral movements is where the hackers are getting in. Right? So that's what the beauty thing about the, the Uber example is that who would've thought, you know, I've got my multifactor authentication going in a human made a mistake. We can't, we can't not expect humans to make mistakes. Were fall, were fallible, right? Yeah. The reality is is once they were in the environment, they could have protected themselves by running enough pen tests to know that they had certain exposed credentials that would've stopped the breach. Yeah. And they did not, had not done that in their environment. And I'm not poking. Yeah, >>They put it's interesting trend though. I mean it's obvious if sometimes those low end items are also not protected well. So it's easy to get at from a hacker standpoint, but also the people in charge of them can be fished easily or spear fished because they're not paying attention. Cause they don't have to. No one ever told them, Hey, be careful of what you collect. >>Yeah. For the community that I came from, John, that's exactly how they, they would meet you at a, an international event introduce themselves as a graduate student. These are national actor states. Would you mind reviewing my thesis on such and such? And I was at Adobe at the time though I was working on this and start off, you get the pdf, they opened the PDF and whoever that customer was launches, and I don't know if you remember back in like 2002, 2008 time frame, there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it. And John, that's >>Or LinkedIn. Hey I wanna get a joke, we wanna hire you double the salary. Oh I'm gonna click on that for sure. You know? Yeah, >>Right. Exactly. Yeah. The one thing I would say to you is like when we look at like sort of, you know, cuz I think we did 10,000 pen test last year is it's probably over that now, you know, we have these sort of top 10 ways that we think then fine people coming into the environment. The funniest thing is that only one of them is a, a CVE related vulnerability. Like, you know, you guys know what they are, right? So it's it, but it's, it's like 2% of the attacks are occurring through the CVEs, but yet there's all that attention spent to that. Yeah. And very little attention spent to this pen testing side. Yeah. Which is sort of this continuous threat, you know, monitoring space and, and, and this vulnerability space where I think we play such an important role and I'm so excited to be a part of the tip of the spear on this one. >>Yeah. I'm old enough to know the movie sneakers, which I love as a, you know, watching that movie, you know, professional hackers are testing, testing, always testing the environment. I love this. I gotta ask you, as we kind of wrap up here, Chris, if you don't mind the benefits to team professional services from this alliance, big news Splunk and you guys work well together. We see that clearly. What are, what other benefits do professional services teams see from the Splunk and Horizon three AI alliance? >>So if you're a, I think for, from our, our, from both of our partners as we bring these guys together and many of them already are the same partner, right? Is that first off, the licensing model is probably one of the key areas that we really excel at. So if you're an end user, you can buy for the enterprise by the enter of IP addresses you're using. But if you're a partner working with this, there's solution ways that you can go in and we'll license as to MSPs and what that business model on our MSPs looks like. But the unique thing that we do here is this c plus license. And so the Consulting Plus license allows like a, somebody a small to midsize to some very large, you know, Fortune 100, you know, consulting firms uses by buying into a license called Consulting Plus where they can have unlimited access to as many ips as they want. >>But you can only run one test at a time. And as you can imagine when we're going and hacking passwords and checking hashes and decrypting hashes, that can take a while. So, but for the right customer, it's, it's a perfect tool. And so I I'm so excited about our ability to go to market with our partners so that we underhand to sell, understand how not to just sell too or not tell just to sell through, but we know how to sell with them as a good vendor partner. I think that that's one thing that we've done a really good job building bringing into market. >>Yeah. I think also the Splunk has had great success how they've enabled partners and professional services. Absolutely. They've, you know, the services that layer on top of Splunk are multifold tons of great benefits. So you guys vector right into that ride, that wave with >>Friction. And, and the cool thing is that in, you know, in one of our reports, which could be totally customized with someone else's logo, we're going to generate, you know, so I, I used to work at another organization, it wasn't Splunk, but we, we did, you know, pen testing as a, as a for, for customers and my pen testers would come on site, they, they do the engagement and they would leave. And then another really, someone would be, oh shoot, we got another sector that was breached and they'd call you back, you know, four weeks later. And so by August our entire pen testings teams would be sold out and it would be like, wow. And in March maybe, and they'd like, No, no, no, I gotta breach now. And, and, and then when they do go in, they go through, do the pen test and they hand over a PDF and they pat you on the back and say, there's where your problems are, you need to fix it. And the reality is, is that what we're gonna generate completely autonomously with no human interaction is we're gonna go and find all the permutations that anything we found and the fix for those permutations and then once you fixed everything, you just go back and run another pen test. Yeah. It's, you know, for what people pay for one pen test, they could have a tool that does that. Every, every pat patch on Tuesday pen test on Wednesday, you know, triage throughout the week, >>Green, yellow, red. I wanted to see colors show me green, green is good, right? Not red. >>And once CIO doesn't want, who doesn't want that dashboard, right? It's, it's, it is exactly it. And we can help bring, I think that, you know, I'm really excited about helping drive this with the Splunk team cuz they get that, they understand that it's the green, yellow, red dashboard and, and how do we help them find more green so that the other guys are >>In Yeah. And get in the data and do the right thing and be efficient with how you use the data, Know what to look at. So many things to pay attention to, you know, the combination of both and then, then go to market strategy. Real brilliant. Congratulations Chris. Thanks for coming on and sharing this news with the detail around this Splunk in action around the alliance. Thanks for sharing, >>John. My pleasure. Thanks. Look forward to seeing you soon. >>All right, great. We'll follow up and do another segment on DevOps and IT and security teams as the new new ops, but, and Super cloud, a bunch of other stuff. So thanks for coming on. And our next segment, the CEO of Verizon, three AA, will break down all the new news for us here on the cube. You're watching the cube, the leader in high tech enterprise coverage.

>>Hey everyone. Welcome to the Cube's presentation of the AWS startup showcase. Season two, episode four, I'm your host. Lisa Martin. This topic is cybersecurity detect and protect against threats. Very excited to welcome a Cub alumni back to the program. SNA hall, autonomy, the co-founder and CEO of horizon three joins me SNA hall. It's great to have you back in the studio. >>Likewise, thanks for the invite. >>Tell us a little bit about horizon three. What is it that you guys do you we're founded in 2019? Got a really interesting group of folks with interesting backgrounds, but talk to the audience about what it is that you guys are aiming to do. >>Sure. So maybe back to the problem we were trying to solve. So my background, I was a engineer by trade. I was a CIO at G capital CTO at Splunk and helped, helped grows scale that company and then took a break from industry to serve within the department of defense. And in every one of my jobs where I had cyber security in my responsibility, I suffered from the same problem. I had no idea I was secure or that we were fixing the right vulnerabilities or logging the right data in Splunk or that our tools and processes and people worked together well until the bad guys had showed up. And by then it was too late. And what I wanted to do was proactively verify my security posture, make sure that my security tools were actually effective, that my people knew how to respond to a breach before the bad guys were there. And so this whole idea of continuously verifying my security posture through security testing and pen testing became a, a passion project of mine for over a decade. And I, through my time in the DOD found the right group of an early people that had offensive cyber experience that had defensive cyber experience that knew how to build and ship and, and deliver software at scale. And we came together at the end of 2019 to start horizon three. >>Talk to me about the current threat landscape. We've seen so much change in flux in the last couple of years globally. We've seen, you know, the threat actors are just getting more and more sophisticated as is the different types of attacks. What are you seeing kind of horizontally across the threat landscape? >>Yeah. The biggest thing is attackers don't have to hack in using zero days. Like you see in the movies. Often they're able to just log in with valid credentials that they've collected through some mechanism. As an example, if I wanted to compromise a large organization, say United airlines, one of the things that an attacker's gonna go off and do is go to LinkedIn and find all of the employees that work at United airlines. Now you've got, say 7,000 pilots of those pilots. You're gonna figure out quickly that their use varie and passwords or their use varie@leastarefirstnamelastinitialatunited.com. Cool. Now I have 7,000 potential logins and all it takes is one of them to reuse a compromise password for their corporate email. And now you've got an initial user in the system and most likely that initial user has local admin on their laptops. And from there, an attacker can dump credentials and find a path to becoming a domain administrator. >>And what happens oftentimes is security tools. Don't detect this because it looks like valid behavior in the organization. And this is pretty common. This idea of collecting information on an organization or a topic or target using open source intelligence, using a mix of credentialed spraying and kinda low priority or low severity exploitations or misconfigurations to get in. And then from there systematically dumping credentials, reusing those credentials and finding a path towards compromise and almost less than 2% of, of CVEs are actually used in exploits. Most of the time attackers chain together misconfigurations bad product defaults. And so really the threat landscape is attackers don't hack in. They log in and organizations have to focus on getting the basics right and fundamentals right first, before they layer on some magic, easy button that is some security AI tools hoping that that's gonna save their day. And that's what we found systemically across the board. >>So you're finding that across the board, probably pan industry, that, that a lot of companies need to go back to basics. We talk about that a lot when we're talking about security, why do you think that >>Is? I think it's because one, most organizations are barely treading water. When you look at the early rapid adopters of horizon threes, pen testing, product, autonomous pen testing, the early adopters tended to be teams where the it team and the security team were the same person and they were barely treading water. And the hardest part of my job as a CIO was deciding what not to fix because the bottleneck in the security processes, the actual capacity to fix problems. And so fiercely prioritizing issues becomes really important, but the, the tools and the processes don't focus on prioritizing what's exploitable, they prioritize, you know, by some arbitrary score from some arbitrary vulnerability scanner. And so we have as a fundamental breakdown of the small group of folks with the expertise to fix problems, tend to be the most overworked and tend to have the most noise to need to sift through. So they don't even have time to get to the basics. They're just barely treading water doing their day jobs. And they're often sacrificing their nights and weekends. All of us at horizon three were practitioners at one point in our career, we've all been called in on the weekend. So that's why, what we did was fiercely focus on helping customers and users fix problems that truly matter, and allowing them to quickly retack and verify that the problems were truly fixed. >>So when it comes to today's threat landscape, what is it that organizations across the board should really be focused on? >>I think systemically what we see are bad password or credential policies, least access, privileged management type processes, not being well implemented. The domain user tends to be the local admin on the box, no ability to understand what is a valid login versus a, a malicious login. Those are some of the basics that we see systemically. And if you layer that with, it's very easy to say misconfigure vCenter, or misconfigure a piece of Cisco gear, or you're not gonna be installing monitoring and OB observa security observability tools on that. HP integrated lights out server. And so on. What you'll find is that you've got people overworked that don't have the capacity to fix. You have the fundamentals or the basics, not, not well implemented. And you have a whole bunch of blind spots in your security posture, and defenders have to be right. Every time attackers only have to be right once. And so what we have is this asymmetric fight where attackers are very likely to get in. And we see this on the news all the time. >>So, and, and nobody of course wants to be the next headline. Right? Talk to me a little bit about autonomous pen testing as a service, what you guys are delivering and what makes it unique and different than other tools that have been out there as, as you're saying that clearly have >>Gaps. Yeah. So first and foremost was the approach we took in building our product. What we set up front was our primary users should be it administrators, network, engineers, and P. And that, that it intern who in three clicks should have the power of a 20 year pen testing expert. So the whole idea was empower and enable all of the fixers to find, fix in verify their security weaknesses continuously. That was the design goal. Most other security products are designed for security people, but we already know they're they're task saturated. They've got way too many tools under the belt. So first and foremost, we wanted to empower the fixers to fix problems. That truly matter, the second part was we wanted to do that without having to install credentialed agents all over the place or writing your own custom attack scripts, or having to do a bunch of configurations and make sure that it's safe to run against production systems so that you could, you could test your entire attack surface your on-prem, your cloud, your external perimeter. >>And this is where AWS comes in to be very important, especially hybrid customers where you've got a portion of your infrastructure on AWS, a portion on-prem and you use horizon three to be able to attack your complete attack surface. So we can start on Preem and we will find, say the AWS credentials file that was mistakenly saved on a, a share drive, and then reuse that to become admin in the cloud. AWS didn't do anything wrong. The cloud team didn't do anything wrong. A developer happened to share a password or save a password file locally. That's how attackers get in. So we can start from on-prem and show how we can compromise the cloud, start from the cloud and, and, and show how we can compromise. On-prem start from the outside and break in. And we're able to show that complete attack surface at scale for hybrid customers. >>So showing that complete attack surface sort of from the eyes of the attacker, >>That's exactly right, because while blue teams or the defenders have a very specific view of their environment, you have to look at yourself through the eyes of the attacker to understand what are your blind spots? What do do they see that you don't see? And it's actually a discipline that is well entrenched within military culture. And that's also important for us as the company. We're about a third of horizon, three served in us special operations or the intelligence community with the United States, and then do OD writ large. And a lot of that red team mindset view yourself through the eyes of the attacker and this idea of training. Like you fight in building muscle memories. So you know how to react to the real incident when it occurs is just ingrained in how we operate. And we disseminate that culture through all of our customers as well. >>And, and at this point in time, it's, every business needs to assume an attacker's gonna get in >>That's right. There are way too many doors and windows in the organization. Attackers are going to get in, whether it's a single customer that reused their Netflix password for their corporate email, a patch that didn't get applied properly, or a new zero day that just gets published a piece of Cisco software that was misconfigured, you know, not by anything more than it's easy to misconfigure. These complex pieces of technology attackers are going to get in. And what we want to understand as customers is once they're in, what could they do? Could they get to my crown Jewel's data and systems? Could they borrow and prepare for a much more complicated attack down the road? If you assume breach, now you wanna understand what can they get to, how quickly can you detect that breach and what are your ways to stifle their ability to achieve their objectives. And culturally, we would need a shift from talking about how secure I am to how defensible are we. Security is kind of a state, a point in time, state of your organization, defense ability is how quickly you can adapt to the attacker to stifle their ability to achieve their objective >>As things are changing >>Constantly. That's exactly right. >>Yeah. Talk to me about a typical customer engagement. If there's, you mentioned folks treading water, obviously there's the huge cybersecurity skills gap that we've been talking about for a long time. Now that's another factor there, but when you're in customer conversations, who were you talking to? What typically are, what are they coming to you for help? >>Yeah. One big thing is you're not gonna win and, and win a customer by taking 'em out to steak dinners. Not anymore. The way we focus on, on our go to market and our sales motion is cultivating champions. At the end of the proof of concept, our internal measure of successes is that person willing to get a horizon three tattoo. And you do that, not through state dinners, not through cool swag, not through marketing, but by letting your results do the talking. Now, part of those results should not require professional services or consulting it. The whole experience should be self-service frictionless and insightful. And that really is how we've designed the product and designed the entire sales motion. So a prospect will learn or discover about us, whether it's through LinkedIn, through social, through the website, but often because one of their friends or colleagues heard about us saw our result and is advocating on our behalf. >>When we're not in the room from there, they're gonna be able to self-service just log to our product through their LinkedIn ID, their Google ID. They can engage with a salesperson if they want to, they can run a pen test right there on the spot against their home, without any interaction with a sales rep, let those results do the talking, use that as a starting point to engage in a, in a more complicated proof of value. And the whole idea is we don't charge for these. We let our results do the talking. And at the end, after they've run us to find problems they've gone off and fixed those issues. And they've rerun us to verify that what they've fixed was properly fixed, then they're hooked. And we have a hundred percent technical win rate with our prospects when they hit that fine fix verify cycle, which is awesome. And then we get the tattoo for them, at least give them the template. And then we're off to the races >>That it sounds like you're making the process more simple. There's so much complexity behind it, but allowing users to be able to actually test it out themselves in a, in a simplified way is huge. Allowing them to really focus on becoming defensible. >>That's exactly right. And you know, the value is we're all, especially now in security, there's so much hype and so much noise. There's a lot more time being spent, self discovering and researching technologies before you engage in a commercial discussion. And so what we try to do is optimize that entire buying experience around enabling people to discover and research and learn the other part, right. Remember is offensive cyber and ethical hacking. And so on is very mysterious and magical to most defenders. It's such a complicated topic with many nuance tools that they don't have the time to understand or learn. And so if you surface the complexity of all those attacker tools, you're gonna overwhelm a person that is already overwhelmed. So we needed the, the experience to be incredibly simple and, and optimize that fine fix verify aha moment. And once again, be frictionless and be insightful, >>Frictionless and insightful. Excellent. Talk to me about results. You mentioned results. We, we love talking about outcomes. When a customer goes through the, the POC POB that you talked about, what are some of the results that they see that hook them? >>Yeah. The biggest thing is what attackers do today is they will find a low from machine one, plus a low from machine two equals compromised domain. What they're doing is they're chaining together issues across multiple parts of your system or your organization to hone your environment. What attackers don't do is find a critical vulnerability and exploit that single machine it's always a chain is always, always multiple steps in the attack. And so the entire product and experience in actually our underlying tech is around attack pads. Here is the path, the attack path an attacker could have taken. You know, that node zero, our product took here is the proof of exploitation for every step along the way. So, you know, this isn't a false positive, in fact, you can copy and paste the attacker command from the product and rerun it yourself and see it for yourself. >>And then here is exactly what you have to go fix and why it's important to fix. So that path proof impact and fix action is what the entire experience is focused on. And that is the results doing the talking, because remember, these folks are already overwhelmed. They're dealing with a lot of false positives. And if you tell them you've got another critical to fix their immediate reaction is Nope. I don't believe you. This is a false positive. I've seen this plenty of times. That's not important. So you have to in your product experience in sales process and adoption process immediately cut through that defensive or that reflex and its path proof impact. Here's exactly what you fix here are the exact steps to fix it. And then you're off to the races. What I learned at Splunk was you win hearts and minds of your users through amazing experience, product experience, amazing documentation, yes, and a vibrant community of champions. Those are the three ingredients of success, and we've really made that the core of the product. So we win on our documentation. We win on the product experience and we've cultivated pretty awesome community. >>Talk to me about some of those champions. Is there a customer story that you think really articulates the value of no zero and what it is that, that you are doing? Yeah. >>I'll tell you a couple. Actually, I just gave this talk at black hat on war stories from running 10,000 pen tests. And I'll try to be gentle on the vendors that were involved here, but the reality is you gotta be honest and authentic. So a customer, a healthcare organization ran a pen test and they were using a very well known, managed security services provider as their, as their security operations team. And so they initiate the pen test and they were, they wanted to audit their response time of their MSSP. So they run the pen test and we're in and out. The whole pen test runs two hours or less. And in those two hours, the pen test compromises, the domain gets access to a bunch of sensitive data. Laterally, maneuvers rips the entire entire environment apart. It took seven hours for the MSSP to send an email notification to the it director that said, Hey, we think something's suspicious is wow. Seven hours. That's >>A long time >>We were in and out in two, seven hours for notification. And the issue with that healthcare company was they thought they had hired the right MSSP, but they had no way to audit their performance. And so we gave them the, the details and the ammunition to get services credits to hold them accountable and also have a conversation of switching to somebody else. >>That accountability is key, especially when we're talking about the, the threat landscape and how it's evolving day to day. That's >>Exactly right. Accountability of your suppliers or, or your security vendors, accountability of your people and your processes, and not having to wait for the bad guys to show up, to test your posture. That's, what's really important. Another story is interesting. This customer did everything right. It was a banking customer, large environment, and they had Ford net installed as their, as their EDR type platform. And they, they initiate us as a pen test and we're able to get code execution on one of their machines. And from there laterally maneuver to become a domain administrator, which insecurity is a really big deal. So they came back and said, this is absolutely not possible. Ford net should have stopped that from occurring. And it turned out because we showed the path and the proof and the impact Forder net was misconfigured on three machines out of 5,000. And they had no idea. Wow. So it's one of those you wanna don't trust that your tools are working. Don't trust your processes. Verify them, show me we're secure today. Show me we're secured tomorrow. And then show me again, we're secure next week, because my environment's constantly changing. And the, and the adversary always has a vote, >>Right? The, the constant change in flux is, is huge challenge for organizations, but those results clearly speak for themselves. You, you talked about the speed in terms of time, how quickly can a customer deploy your technology, identify and remedy problems in their environment. >>Yeah. You know, this fine fix verify aha moment. If you will. So traditionally a customer would have to maybe run one or two pen tests a year and then they'd go off and fix things. They have no capacity to test them cuz they don't have the internal attack expertise. So they'd wait for the next pen test and figure out that they were still exploitable. Usually this year's pen test results look identical the last years that isn't sustainable. So our customers shift from running one or two pen tests a year to 40 pen tests a month. And they're in this constant loop of finding, fixing and verifying all of the weaknesses in their infrastructure. Remember there's infrastructure, pen testing, which is what we are really good at. And then there's application level pen testing that humans are much better at solving. Okay. So we focus on the infrastructure side, especially at scale, but can you imagine so 40 pen tests a month, they run from the perimeter, the inside from a specific subnet from work from home machines, from the cloud. And they're running these pen tests from many different perspectives to understand what does the attacker see from each of these locations in their organization and how do they systemically fix those issues? And what they look at is how many critical problems were found, how quickly were they fixed? How often do they reoccur? And that third metric is important because you might fix something. But if it shows up again next week, because you've got bad automation, you're not gonna you're in a rat race. So you wanna look at that reoccurrence rate also >>The recurrence rate. What are you most excited about as obviously the threat landscape continues to evolve, but what are you most excited about for the company and what it is that you're able to help organizations across industries achieve in such tumultuous times? Yeah. You >>Know, one of the coolest things is back because I was a customer for many of these products, I, I despised threat intelligence products. I despised them because they were basically generic blog posts maybe delivered as a, as a, as a data feed to my Splunk environment or something. But they're always really generic. Like you may have a problem here. And as a result, they weren't very actionable. So one of the really cool things that we do, it's just part of the product is this concept of, of flares flares that we shoot up. And the idea is not to be, to cause angst or anxiety or panic, but rather we look at threat intelligence and then because all, all the insights we have from your pen test results, we connect those two together and say your VMware horizon instance at this IP is exploitable. You need to fix it as fast as possible or as very likely to be exploited. >>And here is the threat intelligence and in the news from CSUN elsewhere, that shows why it's important. So I think what is really cool is we're able to take together threat intelligence out in the wild combined with very precise understanding of your environment, to give you very accurate and actionable starting points for what you need to go fix or test or verify. And when we do that, what we see is almost like, imagine this ball bouncing, that is the first drop of the ball. And then that drives the first major pen test. And then they'll run all these subsequent pen tests to continue to find and fix and verify. And so what we see is this tremendous amount of AC excitement from customers that we're actually giving them accurate, detailed information to take advantage of, and we're not causing panic and we're not causing alert, fatigue as a result. >>That's incredibly important in this type of environment. Last question for you. If, if autonomous pen testing is obviously critical and has tremendous amount of potential for organizations, but it's not, it's only part of the equation. What's the larger vision. >>Yeah. You know, we are not a pen testing company and that's something we decided upfront. Pen testing is a sensor. It collects and understands a tremendous amount of data for your attack surface. So the natural next thing is to analyze the pen test results over time, to start to give you a more accurate understanding of your governance risk and compliance posture. So now what happens is we are able to allow customers to go run 40 pen tests a month. And that kind of becomes the, the initial land or flagship product. But then from there we're able to upsell or increase value to our customers and start to compete and take out companies like security scorecard or risk IQ and other companies like that, where there tended to be. I was a user of all those tools, a lot of garbage in garbage out, okay, where you can't fill out a spreadsheet and get an accurate understanding of your risk posture. You need to look at your detailed pen, test results over time and use that to accurately understand what are your hotspots, what's your recurrence rate and so on. And being able to tell that story to your auditors, to your regulators, to the board. And actually it gives you a much more accurate way to show return on investment of your security spend also, which >>Is huge. So where can customers and, and those that are interested go to learn more. >>So horizon three.ai is the website. That's a great starting point. We tend to very much rely on social channels. So LinkedIn in particular to really get our stories out there. So finding us on LinkedIn is probably the next best thing to go do. And we're always at the major trade shows and events also. >>Excellent SNA. It's been a pleasure talking to you about horizon three. What it is that you guys are doing, why and the greater vision we appreciate your insights and your time. >>Thank you, likewise. >>All right. For my guest. I'm Lisa Martin. We wanna thank you for watching the AWS startup showcase. We'll see you next time.

(bright music) >> You know, there's a lot of negative press around the technology industry these days. The tech lash is somewhat understandable, people are struggling and yet the tech industry is booming, creating incredible wealth for a relatively select group of people. I get it. But the reality is, that the technology industry has guided us through the pandemic, allowing us to work remotely, securing our employees, keeping goods and services flowing, and using data and analytics to track COVID and accelerate the development of vaccines. And many in the tech industry are passionate about giving back and applying their talents to solve real world problems. I'll give you an example. After accidents, cancer is the number one cause of death among young people. In the middle of the 20th century, the survival rate for kids with cancer was 0.0%. Today, it's above 85%. Cancer in kids is much different than in adults. The types of cancer, the diagnoses, the treatments, they vary. Different types of research are required to attack the problem. And that takes money. And one of the people here in Boston and beyond that's using his talents, his creativity, his network, and yeah, his wealth, to attack this problem, is my friend, Chris Lynch, entrepreneur, investor, and philanthropist. Chris, awesome to see ya. Welcome back to theCUBE my friend. >> Thanks, Dave. It's great to be here. >> So, listen, this personal story of yours, how'd you get into, where's the passion come from for kids with cancer? >> Dave, it's actually related to one of my startup endeavors. When you're starting, bootstrapping your company, you're typically staying at people's homes to save money. >> Sleeping on couches. Yeah. >> Yeah, yeah. Pretty much. And for the years of these startups, I've developed relationships with families all over the world, 'cause I've literally lived with them for periods of time until the companies got to points where we didn't have to do that. And there was a family in Seattle that I used to stay with, and they had a son that was a similar age to one of mine and he ultimately passed of cancer. And I stayed with the family, and I stayed with them a few times while they were going through this, and I was touched, I was inspired by their courage, how positive they were. I was thinking in my own circumstance, how could I, I would just hate the world. And in these families, I stay there, they call me Uncle Chris. And I was having dinner at the family home and I was looking at the boy, and I excused myself, went to the bathroom and I started sobbing, and he knocks on the door, comes in and says, "Uncle Chris, it's okay. My dad tells me you can do anything. Just do whatever you can so that other kids don't have what I have." You know and... >> Wow. Wow. And I can see the emotion that you're feeling right now, bringing us back to that moment. >> Well. Yeah. >> It's unbelievable. All right, so you got Tech Tackles Cancer. Is this your latest venture? I think the last one was 2018. It's coming back, took a break 'cause of COVID, and this is going to go down on the 21st at The Sinclair in Harvard Square. Bring a bunch of people in. We got a number of people who have signed up to, actually you're one of them, of course, but to sing karaoke, raise a bunch of dough, and then there's like a little contest, right? So... (he chuckles) Alex, bring up that slide. I got to show the audience who we got here. And this is, Chris, this is your competition. So, here you go. We got, Steve Duplessie, right? That's a great picture, Steve. Thanks for doing this, right. Nathan Hall, who's at Pure Storage. Steiny, Ken Steinhardt, from INFINIDAT. And you got George Hope at HPE. And Joe Lemay, who's an inventor, he's the CEO of Rocketbook. Any of these guys worry you? >> I'm going to sleep easy tonight. (Dave laughs) >> So, how did you get into rock and roll? You wrote a blog one time. You quoted Nietzsche saying that life without music would be a mistake. Rock and roll. Rock on. How'd you get into rock and what's your passion there? >> Well, I always loved rock and roll but I had someone that was staying with us who was a student at BU, and he went to his semester abroad, he went to the UK. And he came back with all this punk rock music, the Sex Pistols and all this stuff. And I heard it and it just triggered something in me. And then I didn't want to do anything but play music and try to be a musician, and my grades and everything else suffered as a result. But music's always inspired me, the creativity, the boldness. A lot of things that I think I apply to my startup life. >> How could people help? Let's say they want to get involved. I mean, obviously, they can attend the event, they donate. What should people do? They could sing? >> Yeah. So they can certainly sponsor the event. There are a number of sponsorship opportunities. They can participate. They can volunteer for the event. It is an all-volunteer organization. Every dollar that we raise goes to the charities that we've listed. And we handle everything else through a lot of arm twisting and whatnot. >> Great. So it's June 24th, sorry, June 21st, at The Sinclair, which is right in Harvard Square. So it's live band karaoke, right? >> Correct. >> I've seen some of the, we're going to share a little clip there. And so, it's a call to action to all you rock and roll technology gods out there. You know, we showed you the five folks plus Chris who were doing it, and so we're dying to see you up there again, you must be really excited about it. >> I am, I am. I'm going to be much better than last time. >> Okay. Well, so just on that note we'll close with a little taste of what's in store for June 21st. We'll see you there. ♪ Now my loneliness ♪ ♪ Is killing me now ♪ ♪ You know I still believe ♪ ♪ Midnight, midnight to six ♪ ♪ Midnight, midnight to six ♪ ♪ Midnight, midnight to six ♪ ♪ Believe in things that you don't understand ♪ ♪ then you're su... ♪ (bright music)

(upbeat music) >> On June 21st in Cambridge mass at the Sinclair in Harvard Square, Tech Tackles Cancer is back after a COVID hiatus with live band karaoke and some local tech celebrities raising money for a great cause. The Cube is a media sponsor of the event and Josh Epstein, local marketing exec and one of the events organizers is here to tell us more. Josh, good to see you, welcome. >> Good to be here, Dave. >> So tell us about this event. What's going on? What are the logistics? How's that all work? >> Yeah, we're super excited. So as you said, June 21st at the Sinclair in Harvard Square, Sinclair, if you haven't been there is just the great old school rock club. So we'll be there from 6:00 to 10:00. We will have live band karaoke. So the main event and kind of the primary fundraising approach here is that we have some celebrity technology rock gods these featured performers like Chris Lynch who was the founder of Tech Tackles Cancer, who are are raising money from basically now, up until June 21st. Then at the event, their fundraising will culminate with them singing a live song backed by a live band. And the awards will be given out to the most money raised, the best performance and the best stage presence. So it will be a lot of fun. >> So the fundraising format is I sign up to sing do the karaoke with a live band which is a little bit different. And then I raise as much dough as possible. So obviously that's competitive. >> It's competitive, I think that we ask for a minimum of $10,000 targeted for each of the fundraisers but knowing these guys, knowing guys like Chris Lynch, they don't like to lose. So the bet here is that people are going to go out, they're going to hit their network and they are going to look to kind of raise the most money. So we anticipate this to be a great event with a lot of money raised and a lot of fun. >> So we have a graphic from Alex. If you could bring that up of the people who have signed up for this already. We got Steve Duplessie, founder of of ESG, senior analyst. They sold their company to Tech Target, which is awesome. Congratulations to those guys and thank you for stepping up. George Hope, who heads partner sales for HPE, Joe Lemay of Rocketbook Nathan Hall from Pure Storage, system engineering guy and of course, Steiny, Ken Steinhardt from Infinidat. He was at EMC, he's the field CTO now. He's going to be up there singing. So of course, Chris. >> Absolutely, these are just the early entrance here. So we just started really working our networks. And obviously, I'm a Boston tech guy kind of working the storage networks, the networking networks and kind of the other folks that are around. So as we come out of stealth here in April and start really recruiting, we anticipate having probably 10 to 15 of these featured performers, really fundraising performers that we'll sing. And then we're also obviously soliciting broader donations from anyone who wants to come to the event or just give to the cause and the corporate sponsorships as well. >> All right, so you got corporate sponsorships. You can sing, you can donate you can be there just to support it. That's fantastic and the awards, how's that work? >> Yeah, so we're excited. So first off, most money raised wins an award. So we'll have a leaderboard on the website, we'll be able to kind of track who's raised what, at the event, we're going to have some celebrity judges that will be actually voting for their favorites and then have a crowdsource component as well. So we'll introduce what that mechanism is. But as people, either at the events or a watching in streamed live on LinkedIn live, we'll actually vote for their favorite performance as well as their their pick for best stage presence which we know in rock and roll is half the battle. >> Now this cause has raised a bunch of, I think last time, you guys did this, it was probably a quarter million or close to it and you support multiple causes. What causes are you supporting? >> Sure, yeah, actually I think since they founded the event several years ago they raised over $2 million. This year for this format where we're looking, we can really up our game here but this year we're supporting two really great causes that are both focused on pediatric cancer. The first is St. Batrick's that is really committed to raising funds for research to really help stamp out pediatric cancer really. The approach to researching cures and treatments to pediatric cancer is very different from regular adult cancer. So St. Batrick's does a great job of picking those research projects that really target in on those pediatric cancer causes. And then the second is one mission. And one mission really outlooks to help make pediatric cancer patients that are spending time in the hospital, making their time less stressful, less painful, less sad, less boring. And so they do a lot of fundraising and contributions targeting children's hospitals, really around the country for those pediatric cancer floors. >> Josh, amazing cause. Thanks so much for coming onto the Cube and explaining all that. >> Great, thanks David. >> All right, June 21st, go to ttcfund.org, Tech Tackles Cancer fund, ttcffund.org for more information and you can donate. We'll see you there. (soft music)

(upbeat music) >> Okay, we're here talking about how you can better understand and manage the risks associated with the digital supply chain. How in this day and age where software comes from so many different places and sources throughout the ecosystem, how can organizations manage the risks associated with our dependence on software? And with me now are two great guests, Andrea Hall, who is a specialist solution architect and project manager for security and compliance at Red Hat. She's going to focus on public sector. And Andrew Block who's a distinguished architect at Red Hat Consulting, folks welcome. >> Welcome >> Thank you. Thanks for having us. >> You're very welcome. Andrea, let's start with you. Let's talk about regulations. What exists today that we should be aware of that organizations should be paying attention to? >> Oh sure, so the thing that comes to mind first being in the US is the presidential executive order on cybersecurity that came out a few months ago. Organizations are really paying attention to that. And in the US, it's having a ripple effect with policy, but we're also seeing policy considerations pop up in other countries, Australia and England. The supply chain is a big focus right now, of course, but we see these changes coming down the road as more and more government organizations are trying to secure their critical infrastructure. >> Is there kind of a leadership, or probably in other words, is somebody saying seeing what the UK does and say, okay, we're going to follow that template? Or is it just a variety and a mish mash with no sort of consolidation? How is that sort of playing out? >> I see a lot of organizations kind of basing their requirements on (indistinct) However, each organization has its own nuances. Each agency has its own nuances to how it wants them implemented. >> Andrew, maybe you could chime in here. What are you seeing when you talk to customers that are tuned into this issue? >> You know, as Andrea had just mentioned having that north star in terms of regulations is so fundamentally great for them because many of them especially in regulate industries, look to these regulations on how they apply their own policies. So at least it has some guidance on how to move forward because as we all know the secure software supply chain is getting news every day and how they react to it is something that I know all their leaders are asking themselves, especially those IT leaders. >> Andrea, when I talk to practitioners, sometimes they're frustrated. They understand they have to comply. They know new regulations are coming out, but sometimes it's hard for them to keep up. It would be helpful if you're sitting across the table from somebody who's frustrated and they ask you, what are your expectations? What are the trends in regulations? How do you see the current regulations evolving to specifically accommodate the digital supply chain and the security exposures and corollary requirements there? >> We see a lot of organizations struggling in the sense of trying to understand what the policy actually wants. Definitions are still a little bit vague, but implementation is also difficult because sometimes organizations will add more tools to their toolkit, adding a layer of complexity there. Really automation has to be pulled in. That's key to implementing this instead of adding more workload and more burden to your folks. It's really important for these organizations to pull stakeholders in the organization together. So the IT leaders bring together the developers, the security operations sit at the same table, talk about whether or not what needs to be implemented or what's proposed to be implemented, will affect the mission or in any way or disrupt operations. It's important for everybody to be on the same page so it doesn't slow anything down as you're trying to roll it out. >> And one of the things here is that we're seeing a lot of change with these new regulations and with a lot of organizations, any type of change is scary. And that is one area that they're looking for guidance not only in the tooling, but also how they apply it in the organization. >> I'll add on. >> Please. >> I'll add onto that and say, organizations really need to take into account the people side of things too. People need to understand what the impact is to the organization, so that they don't try to find the loopholes, they're buying into what needs to be done. They understand the why behind it. You for example, if you walk into your house, you normally close the door behind you. Security needs to be seen as that, as well, that's the culture and it's the habit. And it's ingrained in the fabric of the organization to live this way, not just implement the tools to do it. >> Right, and the number of doors you have in your infrastructure are a lot more than just a couple. Andrew mentioned sort of guidance and governments are obviously taking a more active role. I mean, sometimes I'm a cynic. I mean, the president Biden signs an executive order, but swipe of a pen doesn't really give us enough to go on. Do you think Andrea, that we're going to see new guidance from governments in the very near future? What are you expecting? >> I expect to see more conversations happening. I know that agencies who developed the policies are pulling together stakeholders and getting input. But I do see in the not too distant future, that mandates will be rolling out, yes. >> Well, so Andrew of course, Andrea, if you have a thought on this as well, but how do you see organizations dealing with adopting these new policies. >> Slowly, don't boil the ocean is one thing I tell a lot to every one of them, because a lot of these tooling, a lot of these concepts are foreign to them, brand new. How they adopt those and how they implement them, needs to be done in a very agile fashion, very slow and prescriptive. Go ahead and try to find one area of improvement and go ahead and work upon it and build upon it. Because not only does that normally make your organization more successful and secure, but also helps your organization just from a more out standpoint. One thing that you need to emphasize is that don't blame anyone. 'Cause a lot of times when you're going through this, you're reassessing your own supply chain. You might find where you could see improvements that need to be done. Don't blame things that may have occurred in the past. See how you can benefit from these lessons learned in the future. >> It's interesting you say that the blame game, I mean it used to be that failure meant you get fired and that's obviously has changed. As many have said, you know you're going to have incidents. It's how you respond to those incidents. What you learn from them. Do you have Andrew, any insights from specifically working with customers on securing their software supply chain? What can you tell us about what leading practitioners are doing today? >> They're going in and not only assessing what their software components consist of. Using tools like an SBOM, a software bill of materials, understand where all the components of their ecosystem and their lineage comes from. We're hearing almost every single day, new vulnerabilities that are being introduced in various software packages. By having that understanding of what is in your ecosystem, you can then better understand how to mitigate those concerns moving forward. >> Andrea, Andrew was just saying, one of the things is you don't just dive in. You've got to be careful. There's going to be ripple effects is what I'm inferring, but at the same time, there's a mandate to move quickly. Are there things that could accelerate the adoption of regulation or even the creation of regulations and that guidance in your view? What could accelerate this? >> As far as accelerating it goes, I think it's having those conversations proactively with the stakeholders in your organization and understanding the environment like Andrew said. Go ahead and get that baseline. And just know that whatever changes you make are maybe going to be audited down the road, because as we were moving towards this kind of third-party verification, that you're actually implementing things in order to do business with another organization. The importance of that, if organizations see that gravity to this, I think they will try to speed things up. I think that if organizations and the people in those organizations understand that why, that I talked about earlier and they understand how things like solar winds or things like the oil disruption that happened earlier this year. The personal effect to cyber events will help your organization move forward. Again, everybody's bought into the concept, everybody's working towards the same goals and they understand that why behind it. >> In addition to that, having tooling available, that makes it easy for them. You have a lot of individuals who this is all foreign, providing that base level tooling that aligns to a lot of the regulations that might be applicable within their real realm and their domain, makes it easier for them to start to complying and taking less burden off of them to be able to be successful. >> So it's a hard problem because Andrew, how do you deal with sort of the comment more tools, okay. But I look at that the Optiv map, if you've seen that. It makes your eyes cross. You've got so many tools, so much fragmentation, you're introducing new tools. Can automation help that? Is there hope for consolidation of that tools portfolio? >> Right now, this space is very emerging. It's very emerging, it's very fluid to be honest, 'cause there is actually mandates only a year or two old. But as they come over the course of time, however, I do see these types of tooling starting to consolidate where right now it seems like every vendor has a tool that tries to address this. It's being able to have the people work together, have more regulations that will come out that will allow us to start to redefine and solidify on certain tools like ISO standards. There are certain ones that I mentioned on as balance previously, there's now a ISO standard on SBOM there wasn't previously. So as more and more of these regulations come out, it makes it easier to provide that recommended set of tooling that organizations can start leveraging instead of vendor A, vendor B. >> Andrea, I said this before I was a cynic, but will give you the last word, give us some hope. I mean, obviously public policy is very important. A partnership between governments and industry, both the practitioners, the organizations that are buying these tools, as well as the technology industry got to work together in an ecosystem. Give us some hope. >> The hope I think will come from realizing that as you're doing this, as you are implementing these changes, you're in a sense trying to prevent those future incidents from happening. There's some assurance that you're doing everything that you can do here. It's a situation, it can be daunting, I'll put it that way. It can be really daunting for organizations, but just know that organizations like Red Hat are doing what we can to help you down the road. >> And really it's just continuing this whole shifting left mentality. The top of supply chain is just one component, but the introducing dev sec ops security at the beginning, that really will make the organizations become successful because this is not just a technology problem, It's a people issue as well. And being able to kind of package them all up together will help organizations as a whole. >> Yeah, so that's a really important point. You hear that term shift left. For years, people say, hey, you can't just bolt security on, as an afterthought, that's problematic. And that's the answer to that problem, right? Is shifting left meaning designing it in at the point of code, infrastructure as code, dev sec ops. That's where it starts, right? >> Exactly, being able to have security at the forefront and then have everything afterwards. Propagate from your security mindset. >> Excellent, okay, Andrea, Andrew, thanks so much for coming to the program today. >> Thank you for having us. >> Very welcome, thanks for watching. This is Dave Vellante for The Cube. Your a global leader in enterprise tech coverage. (soft music)