>>from around the globe. It's the Cube presenting Cuban cloud brought to you by silicon angle. Welcome to the cubes event. Virtual event. Cuban Cloud. I'm John for your host. We're here talking to all the thought leaders getting all the stories around Cloud What's going on this year and next today, Tomorrow and the future. We gotta featured startup here. Jonah Clipper, who is the CEO and founder of Stack Hawks. Developing security software for developers to have them put security baked in from the beginning. Johnny, thanks for coming on and being featured. Start up here is part of our Cuban cloud. Thanks for joining. >>Thanks so much for having me, John. >>So one of our themes this year is obviously Cloud natives gone mainstream. The pandemic has shown that. You know, a lot of things have to be modern. Modern applications, the emerald all they talked about modern applications. Infrastructure is code. Reinvent, um is here. They're talking about the next gen enterprise. Their public cloud. Now you've got hybrid cloud. Now you've got multi cloud. But for developers, you just wanna be building security baked in and they don't care where the infrastructure is. So this is the big trend. Like to get your thoughts on that. But before we jump in, tell us about Stack Hawk What you guys do your founded in 2019. Tell us about your company and what Your mission is >>Awesome. Yeah, our mission is to put application security in the hands of software developers so that they can find and fix upset books before they deployed a production. And we do that through a dynamic application scanning capability. Uh, that's deployable via docker, so engineers can run it locally. They can run it in C I C. D. On every single PR or merge and find bugs in the process of delivering software rather than after it's been production. >>So everyone's talking about shift left, shift left for >>security. What does >>that mean? Uh, these days. And what if some of the hurdles that people are struggling with because all I hear is shift left shift left from, like I mean, what does What does that actually mean? Now, Can you take us through your >>view? Yes, and we use the phrase a lot, and I and I know it can feel a little confusing or overused. Probably. Um, When I think of shift left, I think of that Mobius that we all look at all of the time, Um, and how we deliver and, like, plan, write code, deliver software and then manage it. Monitor it right like that entire Dev ops workflow. And today, when we think about where security lives, it either is a blocker to deploying production. Or most commonly, it lives long after code has been deployed to production. And there's a security team constantly playing catch up, trying to ensure that the development team whose job is to deliver value to their customers quickly, right, deploy as fast as we can, as many great customer facing features, um there, then, looking at it months after software has been deployed and then hurrying and trying to assess where the bugs are. And, um, trying to get that information back to software developers so that they can fix those issues. Shifting left to me means software engineers are finding those bugs as their writing code or in the CIA CD pipeline long before code has been deployed to production. >>And so you guys attack that problem right there so they don't have to ship the code and then come back and fix it again. Or where we forgot what the hell is going on. That point in time some Q 18 gets it. Is that the kind of problem that that's out there? Is that the main pain point? >>Yeah, absolutely. I mean a lot of the way software, specifically software like ours and dynamic applications scanning works is a security team or a pen tester. Maybe, is assessing applications for security vulnerability these, um, veteran prod that's normally where these tools are run and they throw them back over the wall, you know, interrupting sprints and interrupting the developer workflow. So there's a ton of context switching, which is super expensive, and it's very disruptive to the business to not know about those issues before they're in prod. And they're also higher risk issues because they're in fraud s. So you have to be able to see a >>wrong flywheel. Basically, it's like you have a penetration test is okay. I want to do ship this app. Pen test comes back, okay? We gotta fix the bug, interrupts the cycle. They're not coding there in fire drill mode. And then it's a chaotic death spiral at that point, >>right? Or nothing gets done. God, how did >>you What was the vision? How did you get here? What? How did you start? The company's woke up one morning. Seven started a security company. And how did what was the journey? What got you here? >>Sure. Thanks. I've been building software for software engineers since 2010. So the first startup I worked for was very much about making it easy for software engineers to deploy and manage applications super efficiently on any cloud provider. And we did programmatic updates to those applications and could even move them from cloud to cloud. And so that was sort of cutting my teeth and technology and really understanding the developer experience. Then I was a VP of product at a company called Victor Ops. We were purchased by spunk in 2018. But that product was really about empowering software engineers to manage their own code in production. So instead of having a network operations center right who sat in front of screens and was waiting for something to go wrong and would then just end up dialing there, you know, just this middle man trying to dial to find the person who wrote the software so that they can fix it. We made that way more efficient and could just route issues to software engineers. And so that was a very dev ops focused company in terms of, um, improving meantime to know and meantime to resolve by putting up time in the hands of software engineers where it didn't used to live there before it lived in a more traditional operations type of role. But we deploy software way too quickly and way too frequently to production to assume that another human can just sit there and know how to fix it, because the problems aren't repeatable, right? So So I've been living in the space for a long time, and I would go to conferences and people would say, Well, I love for, you know, we have these digital transformation initiatives and I'm in the security team and I don't feel like I'm part of this. I don't know. I don't know how to insert myself in this process. And so I started doing a lot of research about, um, how we can shift this left. And I was actually doing some research about penetration testing at the time, Um, and found just a ton of opportunity, a ton of problems, right that exist with security and how we do it today. So I really think of this company as a Dev Ops first Company, and it just so happens to be that we're taking security, and we're making it, um, just part of the the application testing framework, right? We're testing for security bugs, just like we would test for any other kind of bucks. >>That's an awesome vision of other great great history there. And thanks for sharing that. I think one of the things that I think this ties into that we have been reporting aggressively on is the movement to Dev Stack Up, Dev, Ops Dev SEC Ops. And you know, just doing an interview with the guy who stood up space force and big space conversation and were essentially riffing on the idea that they have to get modern. It's government, but they got to do more commercial. They're using open source. But the key thing was everything. Software defined. And so, as you move into suffer defined, then they say we want security baked in from the beginning and This is the big kind of like sea level conversation. Bake it in from the beginning, but it's not that easy. And this is where I think it's interesting where you start to think, uh, Dev ops for security because security is broken. So this is a huge trend. It sounds easy to say it baked security in whether it's an i o T edge or multi cloud. There's >>a lot >>of work there. What should people understand when they hear that kind of platitude of? I just baked security and it's really easy. It's not. It's not trivial. What's your thoughts on >>that? It isn't trivial. And in my opinion, there aren't a lot of tools on the market that actually make that very easy. You know, there are some you've had sneak on this program and they're doing an excellent job, really speaking to the developer and being part of that modern software delivery workflow. Um, but because a lot of tools were built to run in production, it makes it really difficult to bake them in from the beginning. And so, you know, I think there are several goals here. One is you make the tooling work so that it works for the software engineer and their workflow. And and there's some different values that we have to consider when its foreign engineer versus when it's for a security person, right? Limit the noise, make it as easy as possible. Um, make sure that we only show the most critical things that are worth an engineer. Stopping what they're doing in terms of building business value and going back and fixing that bugs and then create a way to discuss in triage other issues later outside of the development. Workflow. So you really have to have a lot of empathy and understanding for how software is built and how software engineers behave, I think, in order to get this right. So it's not easy. Um, but we're here and other tools air here. Thio support companies in doing that. >>What's the competitive strategy for you guys going forward? Because there's a big sea change. Now I see an inflection point. Obviously, Cove it highlights. It's not the main reason, but Cloud native has proven it's now gone mainstream kubernetes. You're seeing the big movement there. You're seeing scale be a huge issue. Software defined operations are now being discussed. So I think it's It's a simple moment for this kind of solution. How are you guys going to compete? What's what's the winning strategy? How are you guys gonna compete to win? >>Yeah, so there's two pieces to that one is getting the technology right and making sure that it is a product that developers love. And we put a ton of effort into that because when a software engineer says, Hey, I'd love to use the security product, right? CSOs around the world are going to be like, Yes, please. Did a software engineer just ask me, You have the security product. Thank you, Right. We're here to make it so easy for them and get the tech right. And then the other piece, in terms of being competitive, is the business model. There were something like, I don't You would know better than me, but I think the data point I last saw was like 1300 venture backed security companies since 2012 focused on selling to see SOS and Fortune 2000 companies. It is a mess. It's so noisy, nobody can figure out what anybody actually does. What we have done is said no, we're going to take a modern business model approach to security. So you know, it's a SAS platform that makes it super easy for a software engineer or anybody on the team to try and buy the software. So 14 day trial. You don't have to talk to anybody if you don't want Thio Awesome support to make sure that people can get on boarded and with our on boarding flow, we've seen that our customers go from signing up to first successful scan of their platform or whatever app they chose to scan in a knave ridge of about 10 minutes. The fastest is eight, right? So it's about delivering value to our customers really quickly. And there aren't many companies insecurity on the market today. That do that? >>You know, you mentioned pen test earlier. I I hear that word. Nice shit. And, like, pen test penetration test, as it's called, um, Sock reports. I mean, these are things that are kind of like I got to do that again. I know these people are doing things that are gonna be automated, but one of the things that cloud native has proven as be killer app is integrations because when you build a modern app, it has to integrate with someone else. So there you need these kind of pen tests. You gotta have this kind of code review. And as code, um, is part of, say, a purpose built device where it's an I o T. Edge updates have toe happen. So you need mawr automation. You need more scale around both updating software to, ah, purpose built device or for integration. What's your thoughts in reaction to that? Because this is a riel software challenge from a customer standpoint, because there are too many tools out there and every see so that I talk to says, I just want to get rid of half the tools consolidate down around my clouds that I'm working through my environment and b'more developer oriented, not just purchasing stuff. So you have all this going on? What's your reaction to that? You got the you know, the integration and you've got the software updates on purpose built devices. >>Yeah, I mean, we I make a joke a little bit. That security land is like, you know, acronyms. Dio there are so many types of security that you could choose to implement. And they all have a home and different use cases that are certainly valuable toe organizations. Um, what we like to focus on and what we think is interesting and dynamic application scanning is because it's been hard toe automate dynamic application for especially for modern applications. I think a lot of companies have ignored theon pertuan ity Thio really invest in this capability and what's cool about dynamic. And you were mentioning pen testing. Is that because it's actively attacking your app? It when you get a successful test, it's like a It's like a successful negative test. It's that the test executed, which means that bug is present in your code. And so there's a lot less false positives than in other types of scanning or assessment technologies. Not to say there isn't a home for them. There's a lot of we could we could spend a whole hour kind of breaking down all the different types of bugs that the different tools confined. Um, but we think that if you want to get started developer first, you know there's a lot of great technologies. Pick a couple or one right pick stack hawk pick, sneak and just get started and put it in your developer workflow. So integrations are super important. Um, we have integrations with every C I C. D provider, making it easy to scan your code on every merge or release. And then we also have workflow integrations for software engineers associated with where they want to be doing work and how they want to be interrupted or told about an issue. So, you know, we're very early to market, but right out of the gate, we made sure that we had a slack integration so that scans are running. Or as we're finding new things, it's populating in a specific slack channel for those engineers who work on that part of the app and you're a integration right. If we find issues, we can quickly make tickets and route them and make sure that the right people are working on those issues. Eso That's how I think about sort of the integration piece and just getting started. It's like you can't tackle the whole like every accurate, um, at once like pick something that helps you get started and then continue to build out your program, as you have success. >>A lot of these tools can they get in the hands of developers, and then you kind of win their trust by having functionality. Uh, certainly a winning strategy we've seen. You know, Splunk, you mentioned where you worked for Data Dog and very other tools out there just get started easily. If it's good, it will be used. So I love that strategy. Question. I wanna ask you mentioned Dr earlier. Um, they got a real popular environment, but that speaks to the open source area. How do you see the role of open source playing with you guys? Is that gonna be part of your community outreach? Does the feed into the product? Could you share your vision on how stack hawks engaging and playing an open source? >>Yeah, absolutely. Um So when we started this company, my co founders and I, we sat down and said here, What are the problems? Okay, the world doesn't need a better scanner, right? If you walk the floor of, ah, security, uh, conference. It's like our tool finds a million things and someone else is. My tool finds a million and five things. Right, And that's how they're competing on value. It's really about making it easy to use and put in the pipeline. So we decided not to roll. Our own scanner were based on an open source capability called Zap the Set Attack Proxy. Uh, it is the most the world's most downloaded application scanner. And, uh, actually we just hired the founder of Zap to join the Stack Hawk team, and we're really excited to continue to invest in the open source community. There is a ton of opportunity to grow and sort of galvanize that community. And then the work that we do with our customers and the feedback that we get about the bugs we find if there, ah, false positive or this one's commonly risk accepted, we can go back to the community, which were already doing and saying, Hey, ditch this rule, Nobody likes it or we need to improve this test. Um, so it's a really nice relationship that we have, and we are looking forward to continuing to grow that >>great stuff. You guys are hot. Start of love. The software on security angle again def sec. Cox is gonna be It's gonna be really popular. Can you talk about some of the customer success is What's the What's the feedback from customers? Can you share some of the use cases that you guys are participating in where you're winning? You mentioned developers love it and try It can just give us a couple of use cases and examples. >>Yeah. Ah, few things. Um ah, lot of our customers are already selling on the notion. Like before we even went to G A right. They told all of their customers that they scan for security bugs with every single release. So in really critical, uh, industry is like fintech, right. It's really important that their customers trust that they're taking security seriously, which everybody says they dio. But they show it to their customers by saying here, every single deploy I can show you if there were any new security bugs released with that deploy. So that's really awesome. Other things We've heard our, uh, people being able to deploy really quickly thio the Salesforce marketplace, right? Like if they have toe have a scan to prove that that they can sell on Salesforce, they do that really rapidly. Eso all of that's going really well with our customers. >>How would I wanna How would I be a customer if I was interested in, um, using Stack Hawks say we have some software we wanna stand up, and, uh, it's super grade. And so Amazon Microsoft Marketplace Stairs Force They'll have requirements or say I want to do a deal with an integration they don't want. They want to make sure there's no nothing wrong with the code. This seems to be a common use case. How doe I if I was a customer, get involved or just download software? Um, what's the What's the procurement? What's the consumption side of it looked like, >>Yeah, you just go to Stockholm dot com and you create an account. If you'd like to get started that way so you can have a 14 day free trial. We have extremely extensive documentation, so it's really easy to get set up that way. You should have some familiarity. Or grab a software engineer who has familiarity with a couple of things. So one is how to use Docker, right? So Docker is, ah, deployment mechanism for the scanner. We do that so you can run it anywhere that you would like to, and we don't have to do things like pierce firewalls or other protective measures that you've instrumented on your production environment. You just run it, um, wherever you like in your system. So locally, C I c d So docker is an important thing to understand the way we configure our scanner is through a, um, a file. So if you are getting a scan today, either your security team is doing it or you have a pen tester doing it. Um, the whole like getting ready for that engagement takes a lot of time because the people who are running the tests don't know how the software was built. So the way we think about this is, just ask them. So you just fill out a Yamil file with parameters that tell the scanner what to dio tell it how to authenticate and not log out. Um, feed us an A p. I speak if you want, so weaken super efficiently, scan your app and you can be up and running really quickly, and then that's it. You can work with our team at any time if you need help, and then we have a really efficient procurement process >>in my experience some of the pen tests of firms out there, is it? It's like the house keeping seal of approval. You get it once and then you gotta go back again. Software change, new things come in. And it's like, Wait a minute, what's the new pen test? And then you to write a check or engaged to have enough meeting? I mean, this is the problem. I mean, too many meetings. Do you >>guys solve that problem? Do >>you solve that problem? >>We solve a piece of that problem. So I think you know, part of how I talk about our company is this idea that we live in a world where we deploy software every single day. Yet it seems reasonable that once a year or twice a year, we go get a pen test where human runs readily available, open source software on our product and gives us a like, quite literal. Pdf of issues on. It's like this is so intellectually dishonest, like we deploy all of the time. So here's the thing. Pen tests are important and everybody should do them. But that should not be the introduction to these issues that are also easy to automate and find in your system. So the way we think about how we work with pen testers is, um, run, stack hawk or zapped right in an automated fashion on your system, and then give that, give the configuration and give the most recent results to your pen tester and say, Go find the hard stuff. You shouldn't be cutting checks for $30,000 to a pen tester or something that you could easily meet in your flare up. Klein. You could write the checks for finding finding the hard stuff that's much more difficult to automate. >>I totally agree. Final question. Business model Once I get in, is it a service software and services? A monthly fee? How do you guys make money? >>Yep, it is software as a service, it is. A monthly fee were early to market. So I'm not going to pretend that we have perfectly cracked the pricing. Um, but the way that we think about this is this is a team product for software engineers and for, you know, informed constituents, right? You want a product person in the product. You want a security person in the product? Um, and we also want to incent you to scan your APS And the most modern fashion, which is scanning the smallest amount of http that lives in your app, like in a micro services architecture because it makes a lot easier, is easy to isolate the problems where they live and to fix those issues really quickly. So we bundle team and for a UPS and then we scale within, uh, companies as they add more team. So pen users. 10 APS is 3 99 a month. And as you add software engineers and more applications, we scale within your company that way. >>Awesome. So if you're successful, you pay more, but doesn't matter. You already succeeded, and that's the benefit of by As you go Great stuff. Final question. One more thing. Your vision of the future. What are the biggest challenges you see in the next 24 months? Plus beyond, um, that you're trying to attack? That's a preferred future that you see evolving. What's the vision? >>Yeah, you've touched on this a couple of times in this interview with uh being remote, and the way that we need to build software already has been modernizing, and I feel like every company has a digital transformation initiative, but it has toe happen faster. And along with that, we have to figure out how Thio protect and secure these Moderna Gail. The most important thing that we do the hearts and minds of our support engineers and make it really easy for them to use security capabilities and then continue to growth in the organization. And that's not an easy thing tied off. It's easy change, a different way of being security. But I think we have to get their, uh, in order to prepare the security, uh, in these rapidly deployed and developed applications that our customers expect. >>Awesome. Jodi Clippers, CEO and founder of Stack Hawk. Thank you for coming on. I really appreciate it. Thanks for spending the time featured Startup is part of our Cuban cloud. I'm Sean for your host with silicon angle to Cube. Thanks for watching

>>live from Atlanta, Georgia. It's the Q covering Answerable Fest 2019. Brought to you by Red Hat. >>Welcome back. This is the Cubes Live coverage of anti professed 2019 here in Atlanta. Georgia Instrument in my co host is John Ferrier and happy to welcome to the program the first time guest pile sing. Who's a principal solutions engineer with F five? Of course. Five's a partner of Anti Bowl In the keynote this morning when they were laying out You know how to use all of these pieces? Oh, I need a load balancer. Great. Here. Here's five to the rescue. So tell us a little bit about you know your role inside F five and kind of fights activities here at the show. >>Sure. Sure. Uh, so thank you for the introduction. Yeah, My name is our piloting principal solution. Ngo S O. I work a lot with different alliance partners and answerable being one of them. Of course, s O. I develop technical integrated joint solutions with answerable. You know, we've had a great, great working relationship with the answerable. They've been absolutely wonderful to work with on at this summit. We have various activities We had a workshop at the contributor summit. We had a session yesterday. We have another workshop on Thursday. So we're really busy, you know, the boots being flowing. And so far, it's been an awesome experience. >>The other people of the show here, they really dig into what they're doing. Ah, you know, even on the bus ride to the party last night, people are talking about their configurations at lunchtime. Everybody is talking about it. Bring us inside a little bit, you know? So is the new collections what people are asking you about? Are there other deployment ways? You know, what are some of the things that are bringing people to talk to >>people That kind of talking, you know, on a broad spectrum, you know, there's some people are just starting out with answerable. They just want to know, you know, how do I write a play book with their 500? Get it running? Others are a little more advanced, you know, Let's get into rules, you know? What are we doing with rules? And then now collections is coming on top of mine. You know how you guys doing with collections, So of course we are in lockstep. You know, we have the first collections out. We're gonna bundle playbooks and a lot of work flows and rules that gonna be someone. It's gonna be easy for customers to just download used these work clothes out of the box and get started with that five. But we've had, you know, different use cases, different questions around Day zero deployment was his data management. Bliss is monitoring was back of resource. All sorts of questions >>in one of the things that's come up is, you know, hit the low hanging fruit and then go to the ant, worked close in tow and is more of a kind of the bigger opportunities. But, you know, we've been talking about Dev Ops two for 10 years, and this to me has always been like the area that's been ripe for Dev ops, configuration management, a lot of the plumbing. But now that it's 10 years later starting to see this glue layer, this integration layer come out and the ecosystem of partners is growing very rapidly for answerable. And so there's been a very nice evolution. This is kind of a nice add on to great community great customers for these guys. What's the integration like as you work with answerable? Because as more people come on and share and connect in, what's it take? What are some of the challenges? What some of the things that you guys need to do our partners need to do with danceable, >>Right? So contributing is, you know, it's been a little slow, I would say, because firstly, they got a kind of lawn answerable and they gotta learn. You know what sensible galaxy. How can I walk around it? And then there's the networking piece, right? How do I now make it work with F five? You know, is this role good enough? Should I be contributing or not? So we're working closely with, you know, Ned, ops engineers as well as the world changes to kind of say, you know, whatever you think is a good work, so is good enough to go there. So, you know, get your role uploaded on galaxy and, you know, show us what you're doing. It doesn't have to be the best, but just get it out there so way have a lot of workshops. You know, we also have this training on F. I called Super Netapp, which is kind of targeting that walked in that office. Engineers. So we're trying to educate people so that everybody is on board with with us. >>One of the conversation we've been having a lot this week has been about the collaboration between teams and historically that's been a challenge for networking. It's alright. Networking going to sit in the corner, tell me what you need. Oh, wait, You need those things changes. Nope, I'm not gonna do it for you are, you know. Okay, wait, get me a budget in 12 months and we'll get back to you. So, uh, how are things changing? Are they changing enough in your customers environments? >>That's a good question. So it is changing, but it's changing slowly. There's still a lot of silos like nettles. Guys are doing their stuff there. Watch guys are doing their self. But with automation is it's kind of hang in together because, you know, the network's engineers have their domain expertise, develops have tails. But, you know, we were able to get them in the same room because we don't get five and then we don't automation and and then they connect. They're like, Oh, you guys are doing what we've already done So it's happening, But it's so, but it's definitely drops that develops. You don't think this is >>the chairman? We've been covered. A lot of we've had a lot of events. We've talked about programmable infrastructure. Infrastructures code is kind of in the butt when you start getting into the networking side, because very interesting when you can program things, this is a nice future. Head room for Enterprises As their app start to think about micro service is what you're taking on the program ability of networking. How do you guys see that? What's your view? >>So program ability In the networking space, it's it's catching up like just five. As a company, we started with just rest a P. I called. Now we're going to moving to answerable to F eyes. Also coming out with this AP I call declared a baby I we have this F ai automation tow chain where we're kind of abstracting more and more off how much user needs to know about the device but be able to configure it really easily. So we're definitely moving towards that and I see other other networking when there's also kind off moving towards that program ability for sure. >>Did you have any specific customer stories you might be able to share? Understand. You might not be able to give the name of the company, but it's always helps to illustrate. >>Yeah, sure, definitely. So we had one customer who, you know, they had an older or not told a different load balancer. And they want to know my great order, the Air five. So they had a lot of firewall rules and, you know, a lot of policies that they wanted to move over. So they used to have these maintenance windows and move on application at a time, eh? So they started, came across sensible, started using answerable, and they were able to migrate like 5 to 10 applications for maintenance window. And they will, you know, they loved it. They've been using answerable. They've been great providence. Or what goes into our modules, you know, really helping us guiding us as well as to what they need. So they were a great, you know, customer story. Another customer we had was you know, we get a lot of use cases for if I that we want to be able to change an application or the network without incurring any downtime, you know, fail overs, it could be as simple as as broader Sze between data centers or, you know, something simple. But what this company did want to shift between fellow between data centers, they got into answerable, they were able to do it in minutes was his hours and, you know they loved it. >>I got to ask you about a Zen engineer. You think about the data center cloud we get that that's been around that workings been great, getting better as five G and I o. T Edge kind of comes into the picture how routing and networking works with compute and edge devices start to be an opportunity for these kinds of automation. How do you guys view that's future state of EJ and and as the surface area of the network gets larger and the edges really part of the equation now his need for automation great need for seeing observe abilities. Super hot area with micro service is now you got automation kind of Ah, nice area. Expand on. What's your thoughts on beyond the data center >>so beyond the data center. So f five is indifferent clouds right to donate ws as your g c p It's out there. We also have like you know, we've recently collaborated with not collaborated. You know, engine ex has become a part of their five. So, you know, we're out there on definitely with I od and you know, no one date us and the specific that there is a boom off applications and you know, we wantto not be a hindrance to anyone who's trying to automate applications anywhere. So ah, goal is also at five is everywhere and anywhere and securing abs, making them available >>and securities 200 big driver of automation. >>I'm glad you brought up in genetic. So you know, we've been very familiar seeing Engine X at a lot of the cloud shows how Zenger next kind of changing the conversation you're having with customers. >>So having a lot of conversations with develops engineers about an genetics, you know, some of them are already using it in the day to day activity, and, you know, they don't want to see how a five and engine excite gonna gonna come together And you know what kind of solutions we can offer. So if I were working on that strategy, But you know, definitely that there is a link between us and engine aches, and customers are happy to know that. You know, we're kind of now on the same pot, So if they're in the cloud on from, you know, they can choose which one they want, but they're going to get the same support and backing off. Five. >>Great. We're getting towards the end of answerable fests. Give us what you want. Kind of some of the key takeaways. People tohave about five here at the show. >>Sure. You know, if you haven't started automating at five Invincible. My key takeaways, you know, get started. It's really simple. We have sessions now. We have a workshop on those. They look that up a great resource for us. It's just answerable dot com slash five. We have great resources. Um, are answerable. Models are supported, were certified by that had answerable. So, you know, just dive in and start automating >>pale, saying Thank you so much for the update. Really appreciate it. And congratulations on the progress. >>Thank you so much. >>for John, for your arms to minimum, getting towards the end of two days water wall coverage here. Thanks, as always for watching the Cube.

>> from our studios in the heart of Silicon Valley, Palo Alto, California. It is a cute conversation. >> Everyone. Welcome to this Special Cube conversation here at the Palo Alto Cube Studios. I'm John for a host of Cuba here. Moritz man is the head of the product management team at Open Systems A G. Great to see you again. Thanks for coming in. >> Hey, John. Thanks for having me. >> So last time we spoke, you had your event in Las Vegas. You guys are launching. You have a new headquarters here in Silicon Valley. Opened up this past spring. Congratulations. Thank you. >> Yeah, it's a great, great venue to start, and we set foot on the Silicon Valley ground. So to make our way to >> I know you've been super busy with the new building and rolling out, expanding heavily here in the Valley. But you guys were in the hottest area that we're covering Security Cloud security on premise, security. The combination of both has been the number one conversation pretty much in the cloud world right now. Honestly, besides a normal cloud, native cloud I t hybrid versus multi cloud out. See, that continues to be the discussion I think there's no more debate around multi cloud in hybrid public clouds. Great people gonna still keep their enterprises. But the security equation still is changing this new requirements. What's the latest that you guys are seeing with respect to security? >> Yeah. So, John, what we see is actually that cloud adoption had happens at different speeds. So you have usually the infrastructure of the service. Adoption would happens in a quite controlled way because there's a lift in shift. Do you have your old data center? You you take it and you transferred into azure I W S O G C P. But then there's also uncontrolled at option, which is in the SAS space. And I think this is where a lot off data risk occur, especially the wake off GDP are on where we see that this adoption happens. Maurin a sometimes control, but sometimes in a very uncontrolled way, >> explain that the uncontrolled and controlled expansion of of how security and multi cloud and cloud is going because this interesting control means this this plan's to do stuff uncontrolled means it's just by other forces explain uncontrolled versus controls >> eso controlled specifically means the IittIe team takes as a project plan and aches servers and workloads and moves them in a controlled fashion or in a dedicated project to the cloud. But what happened in the business world of business I t is actually did use those share content at any time with any device at any at any time and in all locations. So this is called the Mobile Enterprise on the Cloud First Enterprise. So it means that the classical security perimeter and the controls in that are my past, actually, by the path of least resistance or the shortest path >> available. And this is the classic case. People use Dropbox with some, you know, personal things. They're at home, they're at work, a p I based software. That's what you're getting at the >> and the issue of this is that that the data that has bean, like contained an pera meters where, you know, as it Caesar, where your data is. This has bean deployed too many edge devices, too many mobile devices, and it's get it gets shared, a nun controlled way. >> We'll get a couple talk tracks would like to drill down on that, because I think this is the trend. We're seeing a pea eye's dominant. The perimeter on the infrastructure has gone away. It's only getting bigger and larger. You got I, O. T and T Edge just and the networks are controlled and also owned by different people. So the packets of moving on it that's crazy so that that's the reality. First, talk track is the security challenge. What is the security challenge? How does a customer figure out what to do from an architectural standpoint when they're dealing with hybrid and multi cloud? So first of >> all, um, customers or BC enterprises try need to re think their infrastructure infrastructure centric view off the architecture's. So the architecture that had been built around data send us needs to become hybrid and multi cloud aware. So that means they need to define a new way off a perimeter, which is in cloud but also in the covering. Still the old, so to say, legacy hyper data center set up, which has the data still in the old data center and at the same time, they need to open up and become the cloud themselves, so to say, and but still draw a perimeter around their data and they users and not and their applications and not so much anymore around the physical infrastructure. >> So taking, changing their view of what a security product is, Is that really what you're getting at? >> Yeah, So the issues with the product point solution was that they fixed a certain part off off a tactile issue. So if you take a firewall in itself, firewall back then it was like a entry door to a big building, and you could could decide who comes out goes in. Now. If the the kind of the walls of the building are vanishing or arm or more FIC, you need to come over the more integrated concept. So having these stacked appliance and stacked security solutions trying to work together and chain them doesn't work anymore. So we think and we see that, >> Why is that? Why doesn't it work? Because in >> the end, it's it's it's hardly two to operate them. Each of those points solutions have their own end off life. They have their own life cycle. They have their own AP eyes. They have their own TCO, as all that needs to be covered. And then there's the human aspect where you have the knowledge pools around >> those technologies. So as an enterprise you have to content to continuously keep the very scar security experts to maintain content continues the depreciating assets running right, >> and they're also in it. We weren't built for tying into a holistic kind of platform. >> Yeah, What we see is that that enterprises now realize we have data centers and it's not accepted reality that you can abstracted with the cloud. So you have You don't own your own servers and buildings anymore. So you have a PAX model to subscribe to Cloud Service is and we think that this has to happen to security to so shift from cap ex to our pecs and the same way also for operational matters >> securities. The service is a crepe is a small I want to ask you on that front you mentioned mobile users. How do you secure the mobile uses when they use cloud collaboration? Because this is really what uses expect, and they want How do you secure it? >> So be secured by by actually monitoring the data where it actually gravitates, and this is usually in the cloud. So we enforce the data that is in transit through, ah, proxies and gators towards the cloud from the endpoint devices, but also then looking by AP eyes in the cloud themselves to look for threats, data leakage and also sandbox. Certain activities that happened. There >> are the next talk talk I want to get into is the expansion to hybrid and multi cloud so that you guys do from a product standpoint, solution for your customers. But in general, this is in the industry conversation as well. How how do you look at this from a software standpoint? Because, you know, we've heard Pat Gelsinger of'em were talking about somewhere to find Data Center S d n. Everything's now software based. You talk about the premiere goes away. You guys were kind of bring up a different approaches. A software perimeter? Yeah, what is the challenge for expanding to multi cloud and hybrid cloud? >> So So the challenge for enterprise and customers we talked to is that they have to run their old business. Gardner once called it by motile business, and it's still adopting not one cloud, but we see in our surveys. And this is also what market research confirms is that customers end up with 2 to 3 loud vendors. So there were will be one or two platforms that will be the primary to their major majority of applications and data gravity. But they will end up and become much more flexible with have running AWS, the old Davis Center. But it was the G, C, P and Azure, or Ali Baba glowed even side by side, right tow cover the different speeds at what their own and the price runs. And >> so I gotta ask you about Cloud Needed was one of the things that you're bringing up that just jumps in my head. And when I got to ask, because this is what I see is a potential challenge. It might be a current challenges when you have kubernetes growing such a rapid rate. You see the level of service is coming online much higher rate. So okay, people, mobile users, they're using the drop boxes, the boxes and using all these FBI service's. But that's just those wraps. As a hundreds and thousands of micro service is being stood up and Tauron down in there, you guys are taking, I think, an approach of putting a perimeter software premieres around these kinds of things, but they get turned on enough. How do you know what's clean? It's all done automatically, so this is becoming a challenge. So is this what you guys mean when you say software perimeter that you guys could just put security around things at any time? Is that explain this? >> Yeah, So? So if you talk about the service match so really mashing cloudy but native functions, I think it's still in the face where it's, I would say, chaos chaotic when you have specific projects that are being ramped up them down. So we draw a perimeter in that specific contact. So let's say you have You're ramping up a lot off cloud a function AWS. We can build a pyramid around this kind off containment and look especially for threats in the activity locks off. The different component is containers, but from from a design perspective, this needs to be, uh, we need to think off the future because if you look at Mike soft on AWS strategy, those containers will eventually move Also back to the edge. Eso were in preparing that to support those models also cover. Bring these functions closer back again to the edge on We call that not any longer the when, ej but it will become a cloud at at actually. So it's not an extension of the land that comes to the data. It's actually the data and the applications coming back to the user and much closer. >> Yeah. I mean, in that case, you could define the on premises environment has an edge, big edge, because this is all about moving, were close and data around. This is what the new normal is. Yeah, So okay, I gotta ask the next question, which is okay, If that's true, that means that kubernetes becomes a critical part of all this. And containers. How do you guys play with that at all? >> So we play with us by by actually looking at data coming from that at the moment. We're looking at this from a from a data transit perspective. We But we will further Maur integrate into their eighties AP eyes and actually become part off the C I C D. Process that building then actually big become a security function in approval and rolling out a cannery to certain service mesh. And we can say, Well, this is safe for this is unsafe This is, I think, the eventual goal to get there. But But for now, it's It's really about tracking the locks of each of those containers and actually having a parent her and segmentation around this service mash cloud. So to say, >> I think you guys got a good thing going on when you talk about this new concept that's of softer to find perimeter. You can almost map that to anything you get. Really think everything has its own little perimeter workload. Could be moving around still in these three secure. So I gotta ask on the next talk Trek is this leads into hybrid cloud. This is the hottest topic. Hybrid cloud to me is the same as multi cloud. Just kind of get together a little bit different. But hybrid cloud means you're operating both on premises and in the cloud. This is becoming a channel most si si SOS Chief admission Security officers. I don't want to fork their teams and have multiple people coding different stacks. They don't want the vendor lock in, and so you're seeing a lot of people pulling back on premises building their own stacks, deploying in the cloud and having a seamless operation. What is your definition of hybrid? Where do you see hybrid going? And how important is it? Have a hybrid strategy. >> So I think the key successfactors of a hybrid strategy is that standards standardization is a big topic. So we think that a service platform that to secure that like the SD when secure service platform rebuilt, needs to be standardized on operational level, but also from a baseline security and detection level. And this means that if you run and create your own work, those on Prem you need to have the same security and standard security and deployment standard for the clout and have the seamless security primary perimeter and level off security no matter where these these deployments are. And the second factor of this is actually how do you ensure a secure data transfer between those different workloads? And this is where S T win comes into play, which acts as a fabric together with when backbone, where we connect all those pieces together in a secure fashion >> where it's great to have you on the Q and sharing your insight on the industry. Let's get into your company. Open systems. You guys provide an integrated solution for Dev Ops and Secure Service and Security Platform. Take a minute to talk about the innovations that you guys were doing because you guys talk a lot about Casby. Talk a lot about integrated esti when but first define what Casby is for. The audience doesn't know what Casby is. C. A S B. It's kicked around all of the security conscious of your new to security. It's an acronym that you should pay attention to so defined casby and talk about your solution. >> Eso casby isn't theory. Aviation means cloud access security we broker. So it's actually becoming this centralized orchestrator that that allows and defines access based on a trust level. So saying, um, first of all, it's between networks saying I have a mobile workforce accessing SAS or I s applications. Can't be it in the middle to provide security and visibility about Where's my data moving? Where's married? Where do I have exposure off off GDP, our compliance or P C. I or he power risks And where is it exposed to, Which is a big deal on it's kind of the lowest level to start with, But then it goes further by. You can use the Casby to actually pull in data that that is about I s were close to toe identified data that's being addressed and stored. So are there any incidentally, a shared data artifacts that are actually critical to the business? And are they shared with extra resource is and then going one step further, where we then have a complete zero trust access model where we say we know exactly who can talkto which application at any time on give access to. But as everything this needs to be is in embedded in an evolution >> and the benefit ultimately goes to the SAS applications toe, have security built in. >> That's the first thing that you need to tackle. Nowadays, it's get your sass, cloud security or policy enforced on, but without disrupting service on business on to actually empower business and not to block and keep out the business >> can make us the classic application developer challenge, which is? They love to co they love the build applications, and what cloud did with Dev Ops was abstracted away the infrastructure so that they didn't have to do all this configuration. Sister. Right? APs You guys air enabling that for security? >> Exactly. Yeah. So coming back to this multi protein product cloud would, which is not keeping up anymore with the current reality and needs of a business. So we took the approach and compared death ops with a great service platform. So we have engineers building the platform. That's Integrated Security Service Platform, which promotes Esti Wen managed Detection response and Caspi Service is in one on the one platform which is tightly integrated. But in the in the customer focus that we provide them on or Pecs model, which is pretty, very predictable, very transparent in their security posture. Make that a scalable platform to operate and expand their business on. >> And that's great. Congratulations. I wanna go back for the final point here to round up the interview for the I T. Folks watching or, um, folks who have to implement multi cloud and hybrid cloud they're sitting there could be a cloud architect that could be an I T. Operations or 90 pro. They think multi cloud this in hybrid club. This is the environment. They have to get their arms around. How? What >> should they >> be thinking about? Around multi cloud and hybrid cloud. What is it, really? What's the reality now? What >> should they be considering for evaluation? What are some of the key things that that should be on their mind when they're dealing with hybrid cloud and all the opportunity around it? >> So I think they're they're like, four key pieces. Oneness. Um, they think they still have to start to think strategic. So what? It's a platform and a partner That helps them to plan ahead for the next 3 to 5 years in a way that they can really focus on what their business needs are. This is the scalability aspect. Secondly, it's a do. We have a network on security, our architecture that allows me to grow confidently and go down different venues to to actually adopt multi clouds without worrying about the security implication behind it. Too much, uh, and to implement it. And third is have this baseline and have this standardized security posture around wherever the data is moving, being at Mobil's being it SAS or being on Prem and in clouds workloads, the fourth pieces again, reading, thinking off where did you spend most of my time? Where do I create? Create value by by defining this framework so it really can create a benefit and value for the enterprise? Because if you do it not right your not right. You will have a way. You will end up with a an architecture that will break the business and not accelerated. >> Or it's made head of product that open systems here inside the Cube studios. Um, great job. Must love your job. You got the keys. A lot of pressure. Security being a product. Head of product for security companies. A lot of pressure before we wrap up. Just give a quick plug for the company. You guys hiring you have a new office space here in Redwood City. Looks beautiful. Give a quick shared play for the company. >> Yeah. So open systems the great company to work with. We're expanding in the U. S. On also, Amy, uh, with all the work force. So we're hiring. So go on our website. We have a lot off open positions, exciting challenges in a growth or into workspace. Andi. Yeah. As you said, security at the moment, it's one of the hottest areas to be in, especially with all the fundamental changes happening in the enterprise and architecture. I d landscape. So yeah, >> and clouds securing specifically. Not just in point. The normal stuff that people used to classify as hot as hot as Hades could be right now. But thanks for coming on. Strong insights. I'm jumping with Cuba here in Palo Alto with more Morris Man is the head of product management for open systems. Thanks for watching.

>> Live from Barcelona, Spain. It's the queue covering Sisqo, Live Europe. Brought to you by Cisco and its ecosystem partners. >> Welcome back, Everyone Live here in Barcelona, Spain's two Cubes Coverage of Sisqo Live Europe. Twenty nineteen. I'm John Foreal echoes David Lock. Our next guest is Liz Santoni, senior vice president general manager of the Eye Okay Group at Cisco, formerly is part of the engineering team Cube Alumni. Great to see you again. Thanks for coming >> on. Great to be here, >> so you're >> just good to see you guys. >> You're in the centre. A lot of news. I ot of the network redefining networking on stage. We heard that talk about your role in the organization of Sisko and the product that you now have and what's going on here. >> So run R I O T business group similar to what we do with the end data center off that it has the engineering team product management team. We build products solutions that includes hardware, software, silicon. Take him out to market. Really an eye. OT It's about, you know, the technology conversation comes second. It's like, What can you deliver in terms of use, case and business outcomes that comes first, and it's more about what technology can enable that. So the conversations we have with customers are around. How can he really solve my kind of real problems? Everything from one a girl, my top line? I want to get closer to my customers because the closer I get to my customers, I know them better. So obviously can turn around and grow my top line. And I want to optimize everything from internal process to external process because just improves my bottom line at the end >> of the day. So you a lot of news happening here around your team. But first talk about redefining networking in context to your part, because edge of the network has always been what is, you know the edge of the network. Now it's extending further. I. O. T. Is one of those things that people are looking at a digit digitization standpoint, turning on Mohr intelligence with the factory floor or other areas. How how are how is I ot changing and what is it today? >> So you gave an example of, you know, digitizing something like a factory floor, right? So let's talk about that. So what customers in the factory floor want to do. They've already automated a number of this factory floors, but what they want to do is get more efficient. They want better eo. They want better quality. They want to bring security all the way down to the plant floor because the more and more you connect things, the more you just expanded your threat surface out pretty significantly so they want to bring security down to the plant floor. Because the's are environments that are not brand new, they have brown feel equipment there, green field equipment. They want to be able to have control of where what device gets in the network. With things like device profiling, they want to be able to do things like create zones so that they could do that with things like network segmentation. So when and if an attack does happen, they can contain the attack as much as possible. All right now what you need in terms ofthe a factory floor, automation, security, to be able to scale tohave that flexibility That's no different than what you have in the Enterprise already. I mean, we've been working with our idea and enterprise customers for years, and, you know, they it's about automation and security. It's about simplicity. Why not extend that out? The talent that it has, the capability that has it really is a connective tissue, that you're extending your network from that carpeted space, or you're clean space into outside of the office or into the non carpeted space. So it's perfect in terms of saying it's about extending the network into the nontraditional space that probably it doesn't go into today. >> Well, right. And it's a new constituency, right? So how are you sort of forging new relationships, new partnerships? What is described, what that's like with operations technology? >> I mean, that Cisco. We have great partnerships with the Tea organisation. I mean, we've got more than eight hundred forty thousand customers and our sales teams are product. Teams do a good job in terms of listening to customers. We're talking more and more to the line of business. We're talking more and more to the operational teams >> because of the end of >> the day. I want to be candid. You know, going to a manufacturing floor. I've never run a plan. Floor right? There are not very many people in the team who conceived in a plant manager before they know they're processes. They're concerned about twenty four seven operation. Hey, I want to be in compliance with the fire marshal, physical safety of my workers. We come in with that. I p knowledge that security knowledge that they need it's a partnership. I mean, people talk about, you know, t convergence. Usually convergence means that somebody's going to lose their job. This is Maura Night, an OT partnership, and most of these digitization efforts usually come in for the CEO level. Laura Chief Digitization Officer. We've got good relationships there already. Second part is Sister has been in this. We're quite some time. Our team's already have relationships at the plant level at the grid level operator level. You know, in the in the oil and gas area what we need to build more and more of that because building more and more that is really understanding. What business problems are they looking to solve? Then we can bring the technology to it. >> Liz, what's that in the Enable Menu? Mission Partnership? That's a good point. People, you know, someone wins, someone loses. The partnership is you're enabling your bringing new capability into the physical world, from wind wind farms to whatever What is the enablement look like? What are some of the things that happen when you guys come into these environments that are being redefined and reimagined? Or for the first time, >> Yeah, I would say, you know, I use what our customers said this morning and what he said was, it has the skills that I >> need, all right. >> They have the eyepiece skills. They have a security seals. These are all the things that I need. I want my guys to focus on kind of business processes around things that they know best. And so we're working with a CZ part of what we're putting this extended enterprise extending in ten based networking to the i o T edge means ight. Hee already knows our tools are capabilities. We're now saying we can extend that Let's go out, figure out what those use cases are together. This is why we're working with the not just the working with our channel partners as well. Who can enable these implementations on i o t implementations work? Well, >> part of >> this is also a constant, you know learning from each other. We learned from the operational teams is that hey, you can start a proof of concept really well, but he can really take it to deployment unless you address things around the complexity, the scale and the security. That's where we can come in and help. >> And you can't just throw your switches and routers over the fence. And so okay, here you go. You have to develop specific solutions for this world, right? And when you talk about that a little bit, absolutely. So >> if you look at the networking industrial networking portfolio that we have, it's built on the same catalysts, itis our wireless, a peace, our firewall. But they're more customized for this non carpeted space, right? You've got to take into consideration that these air not sitting in a controlled environment, so we test them for temperature, for shock, for vibration. But it's also built on the same software. So we're talking about the same software platform. You get the same automation features you get, the same analytics features. It's managed by DNA center. So even though we're customizing the hardware for this environment, the software platform that you get is pretty much the same, so it can come in and manage both those environments. But it also needs an understanding of what, What's the operational team looking to solve for? >> Because I want to ask you about the psychology of the buyer in this market because OT there run stuff that's just turn it on. But in the light ball, make it work. Well, I got to deploy something, so they're kind of expectations might be different. Can you share what the expectations are for the kind of experience that they wanna have with Tech? >> I used a utility is a great example and our customer from energy. I think, explain this really well, this is thing that we learned from our customers, right? I haven't been in a substation. I've been in a data center multiple times, but I haven't been in a substation. So when they're talking about automating substation, we work with customers. We've been doing this over the last ten years. We've been working with that energy team for the last two years. They taught us, really, how they secure and managing these environments. You're not going to find a CC in this environment, So when you want to send somebody out to like sixty thousand substations and you want to check on Hey, do do I still have VPN connectivity? They're not going to be able to troubleshoot it. What we did is based on the customer's ask, put a green light on there and led that shines green. All the technician does is look at it and says it's okay. If not, they called back in terms of trouble shooting it. It was just a simple example of where it's. It's different in terms of how they secure and manage on the talent that they have is different than what's in the space. So you've got to make sure that your products also cover what the operational teams need because you're not dealing with the C. C A. Or the I P experts, >> a classic market fit product market fit for what they're expecting correct led to kick around with green light. I mean, >> you know, everybody goes that such an easy thing inside was >> not that perceptive to us. >> What's the biggest thing you've learned as you move from Cisco Engineering out to the new frontier on the edge here? What? What are the learnings that you've seen actually growing mark early. It's only going to get larger, more complicated, more automation. Morey, I'm or things. What's your learning? What have you seen so far? That's the takeaway. >> So I'll see, you know, be I'm still an Cisco Engineering. The reason we're in Coyote is that a secure and reliable network that it's the foundation of any eye. Ot deployment, right? You can go out and best buy the best sensor by the best application by the best middle where. But if you don't have that foundation that's secure and reliable, those, Iet projects are not going to take off. So it's pretty simple. Everyone's network is thie enabler of their business outcome, and that's why we're in it. So this is really about extending that network out, but at the same time, understanding. What are we looking to solve for, right? So in many cases we worked with third party party hers because some of them know these domains much better than we do. But we know the AIP wear the eye patch and the security experts, and we bring that to the table better than anybody else. >> And over the top, definite showing here for the second year that we've covered it here in definite zone, that when you have that secure network that's programmable really cool things and develop on top of it. That's what great opportunity >> this is. I'm super excited that we now have an i o. T. Definite in. You know, it's part of our entire Cisco. Definite half a million developers. You know, Suzy, we and team done a fabulous job. There's more and more developers going to be starting to develop at the I o. T edge at the edge of the network. Right. So when you look at that is our platforms today with dioxin saw on top of it. Make this a software platform that developers Khun can actually build applications to. It's really about, you know, that we're ready. Highest fees and developers unleashing those applications at the i o. T edge. And with Susie making that, you know, available in terms of the tools, the resource is the sand box that you can get. It's like we expect to see more and more developers building those applications at the >> edge. We gotta talk about your announcements, right? Oh, >> yeah. Exciting set >> of hard news. >> So we launch for things today as part of Extending Ibn or in ten based networking to the I. O. T. S. The first one is we've got three new Cisco validated design. So think of a validated design as enabling our customers to actually accelerate their deployments. So our engineering teams try to mimic a CZ muchas possible a customer's environment. And they do this pre integration, pre testing of our products, third party products and we actually put him out by industry. So we have three new ones out there for manufacturing, for utilities and for mode and mobile assets. That's one. The second one is we're launching two new hardware platforms on next generation catalysts Industrial Ethernet switch. It's got modularity of interfaces, and it's got nine expansion packs. The idea is making as flexible as possible for a customer's deployment, because these boxes might sit in an environment not just for three years, like in a campus, they could sit there for five for seven for ten years. So, as you know, they are adding on giving them that flexibility that concave a bit based system and just change the expansion modules. We also launch on next generation industrial router. Actually, is the industries probably first and only full six capable industrial router, and it's got again flexibility of interfaces. We have lt. We have fiber. We have copper. You want deal? Lt. You can actually slap an expansion pack right on top of it. When five G comes in, you just take the Lt Munch a lot. You put five G, so it's five G ready >> engines on there >> and it's based on Io Exit us sexy. It's managed by DNA center and its edge enabled. So they run dialects. You, Khun, build your applications and load him on so >> you can >> build them. Third >> parties have peace here. >> The definite pieces. That third one is where we now have, you know, and I OT developer center in the definite zone. So with all the tools that are available, it enables developers and IAS peas, too. Actually, we build on top of Io Axe today. In fact, we actually have more than a couple of three examples that are already doing that. And the fourth thing is we depend on a large ecosystem of channel partners, So we've launched an Io ti specialization training program to enable them to actually help our customers implementation go faster. So those are the four things that we brought together. The key thing for us was designing these for scale flexibility and security >> capabilities available today. Is that right? >> Absolutely. In fact, if you go in worshipping in two weeks and you can see them at the innovation showcase, it's actually very cool. >> I was going to mention you brought ecosystem. Glad you brought that. I was gonna ask about how that's developing. I could only imagine new sets of names coming out of the industry in terms of building on these coyotes since his demand for Io ti. It's an emerging market in terms of newness, with a lot of head room. So what's ecosystem look like? Missouri patterns and Aya's vsv ours as they take the shape of the classic ecosystem? Or is it a new set of characters? Or what's the makeup of the >> island's ecosystem, >> I would say is in many ways, if you've been in the eye ot world for sometime, you'll say, You know, it's not like there's a whole new set of characters. Yes, you have more cloud players in there, you You probably have more s eyes in there. But it's been like the distributor's Arvin there. The machine builders thie ot platforms. These folks have been doing this for a long time. It's more around. How do you partner and where do you monetize? We know where you know the value we bring in we rely on. We work very closely with this OT partners machine builders s eyes the cloud partners to go to market and deliver this. You're right. The market's going to evolve because the whole new conversation is around. Data. What do I collect? What do I computer the edge? Where do I go around it to? Should I take it to my own premises? Data centers. Should I take it to the cloud who gets control over the data? How do I make sure that I have control over the data as a customer and I have control over who gets to see it? So I think this will be a revolving conversation. This is something we're enabling with one of our Connecticut platforms, which are not launch. It's already launched in terms of enabling customers to have control over the data and managed to bring >> all the portfolio of Cisco Security Analytics management to the table that puts anything in the world that has power and connectivity to be a device to connect into its system. This is the way it's just I mean, how obvious going Beat commits a huge >> I'm grateful that it's great that you think it's obvious. That's exactly what we're trying to tell our customers. >> How to do is >> about extending >> the way >> we do. It's the playbook, right? Each business has its own unique. There's no general purpose. Coyote is their correct pretty much custom because, um, well, thanks for coming on this. Appreciate it when I ask you one final question. You know, I was really impressed with Karen. Had a great session on wall kind of session yesterday. Impact with women. We interviewed you a Grace offered twenty fifteen. Cisco's doing amazing work. You take a minute to talk about some of the things that Cisco's doing around women in computing. Women in stem. Just great momentum, great success story, great leadership. >> I would say Look at her leadership at Chuck's level, and I think that's a great example in terms of He brings people on, depending on what they can, what they bring to the table, right? They just happened to be a lot of women out there. And the reality is I work for a company that believes in inclusion, whether it's gender race, different experiences, different a different thoughts, different perspective because that's what truly in terms of you can bring in the culture that drives that innovation. I've been sponsoring our women in science and engineering, for I can't remember the last for five years. It's a community that continues to grow, and and the reality is we don't sit in there and talk about, you know, what was me and all the things they're happening. What we talk about is, What are the cool new technologies that are out there? How do I get my hands on him? And yeah, there we talk about some things where women are little reticent and shy to do so. What we learn from other people's experiences, many time the guy's air very interested. So what? You sit them there and talking to said, Trust me, it's not like a whining and moaning section. It's more in terms of where we learned from each other >> years talking and sharing ideas, >> absolute >> innovation and building things. >> And we've got, you know, you look we look around that's a great set of women leaders throughout the company. At every single level at every function. It's ah, it's It's great to be there. We continue to sponsor Grace offer. We have some of the biggest presence at Grace Offer. We do so many other things like connected women within the company. It's just a I would say fabulous place to be. >> You guys do a lot of great things for society. Great company, great leadership. Thank you for doing all that's phenomenal. We love covering it, too. So we'll be affect cloud now today in Silicon Valley. Women in data science at Stanford and among them the >> greatest passion of our things. Straight here. >> Thanks for coming on this. The Cube live coverage here in Barcelona. Francisco Live twenty eighteen back with more. After the short break, I'm jump area with evil Aunt. Be right back