>>law from Las Vegas. It's the Q covering a ws re invent 2019. Brought to you by Amazon Web service is and in along with its ecosystem partners. >>Okay, Welcome back, everyone. Cube coverage. Las Vegas live action. It was re invent 2019 3rd day of a massive show where our seventh year of the eight years of Abel documenting the history and the rise in the changing landscape of the business. I'm John for Bruce. To Minutemen, my co host. Our next guest Bill McGee, senior vice president, general manager of the Hybrid Cloud Security group within Trend Micro. So, this company, those guys now lead executive of the Cloud Hybrid. I have rid Cloud Security hybrid in there looking cute. >>And I've been to every reinvent, every single one. >>Congratulations. Thank you. >>Thank you. Nice to be >>here. So, eight years, what's changed in your mind? Real quick. >>Uh, wow. The Yeah, certainly. The amount of a dot Uh, the amount of adoption is now massive mainstream. You don't have the question. Should I go to the cloud? It's all about how and how much. Probably the biggest change we've seen is how it's really being embraced all around the world where a global company we saw initially a US on Australia type focused you K. Now it's all over the place and it's really relevant everywhere, >>you know, at least from my standpoint. And I have enough friends of mine in the security industry. When we first started coming to show, I mean security was here. Security is not only is so front and center in the discussion of cloud that they had all show for it here, so you know, it gives the 2019 view of security inside that the broader hybrid cloud discussion here, a re >>investor. Let me tell you a couple of things, kind of what we're seeing within our customer base and then what matters from a security perspective. So we see, you know, some organizations doing cloud migration moving. We're close to the cloud of various forms. Had a couple of meetings yesterday. One was college evacuating their data center. The other one was celebrating that two weeks ago they closed their data center, So that's a big step. Windows and Lennox workloads moving to the cloud and really changing existing security controls toe work better in the cloud. But certainly what a lot of these cloud builders are here for is, you know, developing cloud native applications. Originally back 78 years ago, that was on top of what's now seem like pretty simple. Service is like s three E. C two. I've got containers and server lists and other platforms that that people are using. And then the last thing. A lot of companies are establishing a cloud centre of excellence, and they're trying to optimize the use of the cloud. They still have compliance requirements that they need to achieve. So these are what we see happening and really the challenge for the customer. How do we secure all this? How do we secure the aggressive, aggressive cloud Native application development? How do we help a customer achieve compliance easily from a cloud centre of excellence? So that's where we see us fitting. And we made a big announcement a couple of weeks ago about a new platform that we've created. I would love to talk to >>love that. Let's dig into that. But first we were at reinforces Amazons First security, Carver's David Locked and I were talking about cloud security was on Prem security and then what's happening here and had a conversation with someone who was close to the C I. A. Can't say his or her name. And they said Cloud has changed the game for them because they're cost line was pretty much flat. But the demand for missions were squirrels going scaling. So we're seeing that same dynamic. You were referring to it earlier that costs and data centers is kind of flat. But the demand for application new stuff's happened, so there's a real increased her demand for APS. Sure, this is the real driver, how people are flexing and deploying technology. So the security becomes really the built in conversation, cracked comment on that dynamic. And what do you recommend? Well, so here's a couple >>of things we've seen, Really? You know, again, we've been doing private security for about a decade, and really it was primarily focused on one service of eight of us, which is easy to now that's a pretty darn big service and widely used within their customer base. There's no 170 service's, I think is the most recent number. So the developers are embracing all these new service is we acquired a new capability in October. Company called Cloud Conformity, based in Sydney, Australia, very focused on AWS, analyzes implementations against the eight of US well-architected framework. So the first step we see for customers is you gotta get visibility into use of the cloud for the security team. What service is air being used, then? Can you set up a set of security guard rails to allow those service is to be used in a secure manner. Then we help our customers turn to more detailed, specialized protection of easy to or containers or server list. So that's what we've recognized ourselves. We had to create a very modest version of what Amazon has created themselves, which is a platform that allows builders to connect to and choose what security service is they want. >>Road is your service bases and all the service's air. You guys now pick and choose the wall. Yeah, there's a main ones. What does highlight? So >>there's Yeah, I'll give you the ones where we provide a very large breath of protection. So in the what we're calling Cloud one conformity service. So that's this technology we acquired a couple months ago. It cuts across about 70 service is right now and gives you visibility of potential security configuration errors that you have in your environment now if it's in a deaf team, maybe not such a big deal. But if it's in production, that is a big deal. Even better, you can scan your cloud formacion templates on the way to being live. Then we have a set of specialized protection that you know will run on a workload and protect it protected containerized environment. A library that can sit within a server lis application. That's kind of how we look at it. All right, >>So, Bill, one of things of going to the more and more cloud for customers is that there's that shared responsibility. Modern. We know that security is everyone's responsibility. It needs to be built in from the ground up. How are your customers doing with that shift? And are they understanding what they need to do? There have been some pretty visible, like a weight. I really had to configure that. I've thought about that Amazons trying to close the gap on song. But for some of those, >>we've seen a big positive change over the years. Initially I would say that there was what I would call a naive perception that the cloud with magic and it was perfectly secure and that I don't have to worry about it, right. Amazon data did the industry a real favor by establishing the shared responsibility model and making crystal clear what they've got covered that you don't need to worry about anymore as a customer. And then what are the capabilities you still need? Toe worry about? They've delivered a set of security tools that help their customers, and then they rely on partners like us. Thio deliver a set of more in depth tools. Thio, you know, specialized market. >>You actually used a word that we've been talking about a lot this week. Naive. Yeah. So we said, there's, you know, the one letter difference between being cloud native meeting Cloud naive there. Yeah. What does it mean to be cloud native in the security world? >>Well, I would say what allows you to be so first, the most important thing in every customer's mind. I don't care how good the security capabilities you're helping with me with. If you're going to slow down the improvements that I've just made to my development lifecycle. I'm not interested. So that is the most important thing is, are you able to inject your security technology and allow the customer to deliver at the rate that they're currently or continuing to improve? That is by far the most important thing. Then it's our your controls, fitting into an environment in a way that that are as easy as possible for the customer. One part that's been very critical for us. We've been a lead adopter of the AWS marketplace, allowing customers too procure security technology easily. They don't actually have to talk to us to buy our product. That's pretty revolutionary >>about the number of breaches that I'm going on, What's changed with you guys over the year because new vectors air coming out at this more surface area. Obviously, it's been discussed. What's changed most in your I'll >>tell you what we're worried about and what we expect to see, although I would say the evidence. It's early, uh, the reality in our traditional data centers. They were so porous at runtime in terms of the infrastructure and vulnerabilities that it was relatively easy for Attackers to get in the cloud has actually improved the level of security because of automation, less configuration errors. Unfortunately, what we expect his Attackers >>to move to. >>The developers moved to the depth pipeline, injecting code not a run time, but injecting it earlier in the life cycle. We've seen evidence of container images up on Dr Hub getting infected and then developers just pulling in without thinking about it. That's where Attackers are going to move to the depth pipeline. And we need to move some of our security technology to the dead pipeline toe, help customers defend themselves. >>What about International Geo Geo issues around compliance. How is that changing the game or slowing it down? Or I'm sailing it or you talk about that dynamic with regions? Are you >>sure you know us is the most innovative market and the most risk taking market, and therefore people moved to the cloud quite bravely over this over this decade. Some of the markets So, for example, were Japanese headquarters company. In general, Japanese companies, you know, really taken to a lot of considerations before they make that type of big bet. But now we're seeing it. We're seeing auto manufacturers embrace the cloud. So I think those it was a struggle for us in the early days. How regional the adoption of Cloud was. That's not the case anymore. It's really a relevant conversation in every one of our markets. >>Bill. Thank you for coming on the Cuban Sharing your insights Hybrid Cloud Security Got to ask you to end the segment. Yeah, What is going on for you This year? I'll see hybrids in your title. Operating models. Cloud center, gravity clouds going to the edge or data center. Just operate model. What's on your mind this year? What are you trying to do? Accomplish what you excited >>about? What? We're really excited about what this product announcement we made, called Cloud One. And what Cloud one is, is a set of Security Service's, which customers can access through common common access common building infrastructure, common cloud account management and choose what to use. You know, Andy put it pretty well in his keynote where you know he talked about He doesn't think of aws, a Swiss Army knife. He thinks of it as a specialized set of tools that builders get to adopt. We want to create a set of security tools in a similar way where customers can choose which of these specialized security service is that they want to adopt >>Bill. Great pleasure to meet you and have this conversation pro and then security area entrepreneur sold his company to Trend Micro. This is the hybrid world. It's all about the cloud operating model. So about agility and getting things done with application developers. This cube bringing all the data from reinvent stables for more coverage after this short break.

(gentle upbeat music) >> Hello, everyone, welcome to theCUBE's coverage of International Women's Day. I'm John Furrier host here in Palo Alto, California. theCUBE's second year covering International Women's Day. It's been a great celebration of all the smart leaders in the world who are making a difference from all kinds of backgrounds, from technology to business and everything in between. Today we've got a great guest, Dominique Bastos, who's the senior Vice President of Cloud at Persistent Systems, formerly with AWS. That's where we first met at re:Invent. Dominique, great to have you on the program here for International Women's Day. Thanks for coming on. >> Thank you John, for having me back on theCUBE. This is an honor, especially given the theme. >> Well, I'm excited to have you on, I consider you one of those typecast personas where you've kind of done a lot of things. You're powerful, you've got great business acumen you're technical, and we're in a world where, you know the world's coming completely digital and 50% of the world is women, 51%, some say. So you got mostly male dominated industry and you have a dual engineering background and that's super impressive as well. Again, technical world, male dominated you're in there in the mix. What inspires you to get these engineering degrees? >> I think even it was more so shifted towards males. When I had the inspiration to go to engineering school I was accused as a young girl of being a tomboy and fiddling around with all my brother's toys versus focusing on my dolls and other kind of stereotypical toys that you would give a girl. I really had a curiosity for building, a curiosity for just breaking things apart and putting them back together. I was very lucky in that my I guess you call it primary school, maybe middle school, had a program for, it was like electronics, that was the class electronics. So building circuit boards and things like that. And I really enjoyed that aspect of building. I think it was more actually going into engineering school. Picking that as a discipline was a little bit, my mom's reaction to when I announced that I wanted to do engineering which was, "No, that's for boys." >> Really. >> And that really, you know, I think she, it came from a good place in trying to protect me from what she has experienced herself in terms of how women are received in those spaces. So I kind of shrugged it off and thought "Okay, well I'm definitely now going to do this." >> (laughs) If I was told not to, you're going to do it. >> I was told not to, that's all I needed to hear. And also, I think my passion was to design cars and I figured if I enroll in an industrial engineering program I could focus on ergonomic design and ultimately, you know have a career doing something that I'm passionate about. So yeah, so my inspiration was kind of a little bit of don't do this, a lot of curiosity. I'm also a very analytical person. I've been, and I don't know what the science is around left right brain to be honest, but been told that I'm a very much a logical person versus a feeler. So I don't know if that's good or bad. >> Straight shooter. What were your engineering degrees if you don't mind sharing? >> So I did industrial engineering and so I did a dual degree, industrial engineering and robotics. At the time it was like a manufacturing robotics program. It was very, very cool because we got to, I mean now looking back, the evolution of robotics is just insane. But you, you know, programmed a robotic arm to pick things up. I actually crashed the Civil Engineering School's Concrete Canoe Building Competition where you literally have to design a concrete canoe and do all the load testing and the strength testing of the materials and basically then, you know you go against other universities to race the canoe in a body of water. We did that at, in Alabama and in Georgia. So I was lucky to experience that two times. It was a lot of fun. >> But you knew, so you knew, deep down, you were technical you had a nerd vibe you were geeking out on math, tech, robotics. What happened next? I mean, what were some of the challenges you faced? How did you progress forward? Did you have any blockers and roadblocks in front of you and how did you handle those? >> Yeah, I mean I had, I had a very eye-opening experience with, in my freshman year of engineering school. I kind of went in gung-ho with zero hesitation, all the confidence in the world, 'cause I was always a very big nerd academically, I hate admitting this but myself and somebody else got most intellectual, voted by the students in high school. It's like, you don't want to be voted most intellectual when you're in high school. >> Now it's a big deal. (laughs) >> Yeah, you want to be voted like popular or anything like that? No, I was a nerd, but in engineering school, it's a, it was very humbling. That whole confidence that I had. I experienced prof, ooh, I don't want to name the school. Everybody can google it though, but, so anyway so I had experience with some professors that actually looked at me and said, "You're in the wrong program. This is difficult." I, and I think I've shared this before in other forums where, you know, my thermodynamic teacher basically told me "Cheerleading's down the hall," and it it was a very shocking thing to hear because it really made me wonder like, what am I up against here? Is this what it's going to be like going forward? And I decided not to pay attention to that. I think at the moment when you hear something like that you just, you absorb it and you also don't know how to react. And I decided immediately to just walk right past him and sit down front center in the class. In my head I was cursing him, of course, 'cause I mean, let's be real. And I was like, I'm going to show this bleep bleep. And proceeded to basically set the curve class crushed it and was back to be the teacher's assistant. So I think that was one. >> But you became his teacher assistant after, or another one? >> Yeah, I gave him a mini speech. I said, do not do this. You, you could, you could have broken me and if you would've done this to somebody who wasn't as steadfast in her goals or whatever, I was really focused like I'm doing this, I would've backed out potentially and said, you know this isn't something I want to experience on the daily. So I think that was actually a good experience because it gave me an opportunity to understand what I was up against but also double down in how I was going to deal with it. >> Nice to slay the misogynistic teachers who typecast people. Now you had a very technical career but also you had a great career at AWS on the business side you've handled 'em all of the big accounts, I won't say the names, but like we're talking about monster accounts, sales and now basically it's not really selling, you're managing a big account, it's like a big business. It's a business development thing. Technical to business transition, how do you handle that? Was that something you were natural for? Obviously you, you stared down the naysayers out of the gate in college and then in business, did that continue and how did you drive through that? >> So I think even when I was coming out of university I knew that I wanted to have a balance between the engineering program and business. A lot of my colleagues went on to do their PEs so continue to get their masters basically in engineering or their PhDs in engineering. I didn't really have an interest for that. I did international business and finance as my MBA because I wanted to explore the ability of taking what I had learned in engineering school and applying it to building businesses. I mean, at the time I didn't have it in my head that I would want to do startups but I definitely knew that I wanted to get a feel for what are they learning in business school that I missed out in engineering school. So I think that helped me when I transitioned, well when I applied, I was asked to come apply at AWS and I kind of went, no I'm going to, the DNA is going to be rejected. >> You thought, you thought you'd be rejected from AWS. >> I thought I'd be, yeah, because I have very much a startup founder kind of disruptive personality. And to me, when I first saw AWS at the stage early 2016 I saw it as a corporation. Even though from a techie standpoint, I was like, these people are insane. This is amazing what they're building. But I didn't know what the cultural vibe would feel like. I had been with GE at the beginning of my career for almost three years. So I kind of equated AWS Amazon to GE given the size because in between, I had done startups. So when I went to AWS I think initially, and I do have to kind of shout out, you know Todd Weatherby basically was the worldwide leader for ProServe and it was being built, he built it and I went into ProServe to help from that standpoint. >> John: ProServe, Professional services >> Professional services, right. To help these big enterprise customers. And specifically my first customer was an amazing experience in taking, basically the company revolves around strategic selling, right? It's not like you take a salesperson with a conventional schooling that salespeople would have and plug them into AWS in 2016. It was very much a consultative strategic approach. And for me, having a technical background and loving to solve problems for customers, working with the team, I would say, it was a dream team that I joined. And also the ability to come to the table with a technical background, knowing how to interact with senior executives to help them envision where they want to go, and then to bring a team along with you to make that happen. I mean, that was like magical for me. I loved that experience. >> So you like the culture, I mean, Andy Jassy, I've interviewed many times, always talked about builders and been a builder mentality. You mentioned that earlier at the top of this interview you've always building things, curious and you mentioned potentially your confidence might have been shaken. So you, you had the confidence. So being a builder, you know, being curious and having confidence seems to be what your superpower is. A lot of people talk about the confidence angle. How important is that and how important is that for encouraging more women to get into tech? Because I still hear that all the time. Not that they don't have confidence, but there's so many signals that potentially could shake confidence in industry >> Yeah, that's actually a really good point that you're making. A lot of signals that women get could shake their confidence and that needs to be, I mean, it's easy to say that it should be innate. I mean that's kind of like textbook, "Oh it has to come from within." Of course it does. But also, you know, we need to understand that in a population where 50% of the population is women but only 7% of the positions in tech, and I don't know the most current number in tech leadership, is women, and probably a smaller percentage in the C-suite. When you're looking at a woman who's wanting to go up the trajectory in a tech company and then there's a subconscious understanding that there's a limit to how far you'll go, your confidence, you know, in even subconsciously gets shaken a little bit because despite your best efforts, you're already seeing the cap. I would say that we need to coach girls to speak confidently to navigate conflict versus running away from it, to own your own success and be secure in what you bring to the table. And then I think a very important thing is to celebrate each other and the wins that we see for women in tech, in the industry. >> That's awesome. What's, the, in your opinion, the, you look at that, the challenges for this next generation women, and women in general, what are some of the challenges for them and that they need to overcome today? I mean, obviously the world's changed for the better. Still not there. I mean the numbers one in four women, Rachel Thornton came on, former CMO of AWS, she's at MessageBird now. They had a study where only one in four women go to the executive board level. And so there's still, still numbers are bad and then the numbers still got to get up, up big time. That's, and the industry's working on that, but it's changed. But today, what are some of the challenges for this current generation and the next generation of women and how can we and the industry meet, we being us, women in the industry, be strong role models for them? >> Well, I think the challenge is one of how many women are there in the pipeline and what are we doing to retain them and how are we offering up the opportunities to fill. As you know, as Rachel said and I haven't had an opportunity to see her, in how are we giving them this opportunity to take up those seats in the C-suite right, in these leadership roles. And I think this is a little bit exacerbated with the pandemic in that, you know when everything shut down when people were going back to deal with family and work at the same time, for better or for worse the brunt of it fell on probably, you know the maternal type caregiver within the family unit. You know, I've been, I raised my daughter alone and for me, even without the pandemic it was a struggle constantly to balance the risk that I was willing to take to show up for those positions versus investing even more of that time raising a child, right? Nevermind the unconscious bias or cultural kind of expectations that you get from the male counterparts where there's zero understanding of what a mom might go through at home to then show up to a meeting, you know fully fresh and ready to kind of spit out some wisdom. It's like, you know, your kid just freaking lost their whatever and you know, they, so you have to sort a bunch of things out. I think the challenge that women are still facing and will we have to keep working at it is making sure that there's a good pipeline. A good amount of young ladies of people taking interest in tech. And then as they're, you know, going through the funnel at stages in their career, we're providing the mentoring we're, there's representation, right? To what they're aspiring to. We're celebrating their interest in the field, right? And, and I think also we're doing things to retain them, because again, the pandemic affected everybody. I think women specifically and I don't know the statistics but I was reading something about this were the ones to tend to kind of pull it back and say well now I need to be home with, you know you name how many kids and pets and the aging parents, people that got sick to take on that position. In addition to the career aspirations that they might have. We need to make it easier basically. >> I think that's a great call out and I appreciate you bringing that up about family and being a single mom. And by the way, you're savage warrior to doing that. It's amazing. You got to, I know you have a daughter in computer science at Stanford, I want to get to that in a second. But that empathy and I mentioned Rachel Thornton, who's the CMO MessageBird and former CMO of AWS. Her thing right now to your point is mentoring and sponsorship is very key. And her company and the video that's on the site here people should look at that and reference that. They talk a lot about that empathy of people's situation whether it's a single mom, family life, men and women but mainly women because they're the ones who people aren't having a lot of empathy for in that situation, as you called it out. This is huge. And I think remote work has opened up this whole aperture of everyone has to have a view into how people are coming to the table at work. So, you know, props are bringing that up, and I recommend everyone look at check out Rachel Thornton. So how do you balance that, that home life and talk about your daughter's journey because sounds like she's nerding out at Stanford 'cause you know Stanford's called Nerd Nation, that's their motto, so you must be proud. >> I am so proud, I'm so proud. And I will say, I have to admit, because I did encounter so many obstacles and so many hurdles in my journey, it's almost like I forgot that I should set that aside and not worry about my daughter. My hope for her was for her to kind of be artistic and a painter or go into something more lighthearted and fun because I just wanted to think, I guess my mom had the same idea, right? She, always been very driven. She, I want to say that I got very lucky that she picked me to be her mom. Biologically I'm her mom, but I told her she was like a little star that fell from the sky and I, and ended up with me. I think for me, balancing being a single mom and a career where I'm leading and mentoring and making big decisions that affect people's lives as well. You have to take the best of everything you get from each of those roles. And I think that the best way is play to your strengths, right? So having been kind of a nerd and very organized person and all about, you know, systems for effectiveness, I mean, industrial engineering, parenting for me was, I'm going to make it sound super annoying and horrible, but (laughs) >> It's funny, you know, Dave Vellante and I when we started SiliconANGLE and theCUBE years ago, one of the things we were all like sports lovers. So we liked sports and we are like we looked at the people in tech as tech athletes and except there's no men and women teams, it's one team. It's all one thing. So, you know, I consider you a tech athlete you're hard charging strong and professional and smart and beautiful and brilliant, all those good things. >> Thank you. >> Now this game is changing and okay, and you've done startups, and you've done corporate jobs, now you're in a new role. What's the current tech landscape from a, you know I won't say athletic per standpoint but as people who are smart. You have all kinds of different skill sets. You have the startup warriors, you have the folks who like to be in the middle of the corporate world grow up through corporate, climb the corporate ladder. You have investors, you have, you know, creatives. What have you enjoyed most and where do you see all the action? >> I mean, I think what I've enjoyed the most has been being able to bring all of the things that I feel I'm strong at and bring it together to apply that to whatever the problem is at hand, right? So kind of like, you know if you look at a renaissance man who can kind of pop in anywhere and, oh, he's good at, you know sports and he's good at reading and, or she's good at this or, take all of those strengths and somehow bring them together to deal with the issue at hand, versus breaking up your mindset into this is textbook what I learned and this is how business should be done and I'm going to draw these hard lines between personal life and work life, or between how you do selling and how you do engineering. So I think my, the thing that I loved, really loved about AWS was a lot of leaders saw something in me that I potentially didn't see, which was, yeah you might be great at running that big account but we need help over here doing go to market for a new product launch and boom, there you go. Now I'm in a different org helping solve that problem and getting something launched. And I think if you don't box yourself in to I'm only good at this, or, you know put a label on yourself as being the rockstar in that. It leaves room for opportunities to present themselves but also it leaves room within your own mind to see yourself as somebody capable of doing anything. Right, I don't know if I answered the question accurately. >> No, that's good, no, that's awesome. I love the sharing, Yeah, great, great share there. Question is, what do you see, what do you currently during now you're building a business of Persistent for the cloud, obviously AWS and Persistent's a leader global system integrator around the world, thousands and thousands of customers from what we know and been reporting on theCUBE, what's next for you? Where do you see yourself going? Obviously you're going to knock this out of the park. Where do you see yourself as you kind of look at the continuing journey of your mission, personal, professional what's on your mind? Where do you see yourself going next? >> Well, I think, you know, again, going back to not boxing yourself in. This role is an amazing one where I have an opportunity to take all the pieces of my career in tech and apply them to building a business within a business. And that involves all the goodness of coaching and mentoring and strategizing. And I'm loving it. I'm loving the opportunity to work with such great leaders. Persistent itself is very, very good at providing opportunities, very diverse opportunities. We just had a huge Semicolon; Hackathon. Some of the winners were females. The turnout was amazing in the CTO's office. We have very strong women leading the charge for innovation. I think to answer your question about the future and where I may see myself going next, I think now that my job, well they say the job is never done. But now that Chloe's kind of settled into Stanford and kind of doing her own thing, I have always had a passion to continue leading in a way that brings me to, into the fold a lot more. So maybe, you know, maybe in a VC firm partner mode or another, you know CEO role in a startup, or my own startup. I mean, I never, I don't know right now I'm super happy but you never know, you know where your drive might go. And I also want to be able to very deliberately be in a role where I can continue to mentor and support up and coming women in tech. >> Well, you got the smarts but you got really the building mentality, the curiosity and the confidence really sets you up nicely. Dominique great story, great inspiration. You're a role model for many women, young girls out there and women in tech and in celebration. It's a great day and thank you for sharing that story and all the good nuggets there. Appreciate you coming on theCUBE, and it's been my pleasure. Thanks for coming on. >> Thank you, John. Thank you so much for having me. >> Okay, theCUBE's coverage of International Women's Day. I'm John Furrier, host of theCUBE here in Palo Alto getting all the content, check out the other interviews some amazing stories, lessons learned, and some, you know some funny stories and some serious stories. So have some fun and enjoy the rest of the videos here for International Women's Days, thanks for watching. (gentle inspirational music)

(gentle music) >> Hello, and welcome to theCUBE's coverage of International Women's Day. I'm John Furrier, host of theCUBE. I've got a great guest here, CUBE alumni and very impressive, inspiring, Rachel Mushahwar Skaff, who's a managing director and general manager at AWS. Rachel, great to see you. Thanks for coming on. >> Thank you so much. It's always a pleasure to be here. You all make such a tremendous impact with reporting out what's happening in the tech space, and frankly, investing in topics like this, so thank you. >> It's our pleasure. Your career has been really impressive. You worked at Intel for almost a decade, and that company is very tech, very focused on Moore's law, cadence of technology power in the industry. Now at AWS, powering next-generation cloud. What inspired you to get into tech? How did you get here and how have you approached your career journey, because it's quite a track record? >> Wow, how long do we have? (Rachel and John laugh) >> John: We can go as long as you want. (laughs) It's great. >> You know, all joking aside, I think at the end of the day, it's about this simple statement. If you don't get goosebumps every single morning that you're waking up to do your job, it's not good enough. And that's a bit about how I've made all of the different career transitions that I have. You know, everything from building out data centers around the world, to leading network and engineering teams, to leading applications teams, to going and working for, you know, the largest semiconductor in the world, and now at AWS, every single one of those opportunities gave me goosebumps. And I was really focused on how do I surround myself with humans that are better than I am, smarter than I am, companies that plan in decades, but live in moments, companies that invest in their employees and create like artists? And frankly, for me, being part of a company where people know that life is finite, but they want to make an infinite impact, that's a bit about my career journey in a nutshell. >> Yeah. What's interesting is that, you know, over the years, a lot's changed, and a theme that we're hearing from leaders now that are heading up large teams and running companies, they have, you know, they have 20-plus years of experience under their belt and they look back and they say, "Wow, "things have changed and it's changing faster now, "hopefully faster to get change." But they all talk about confidence and they talk about curiosity and building. When did you know that this was going to be something that you got the goosebumps? And were there blockers in your way and how did you handle that? (Rachel laughs) >> There's always blockers in our way, and I think a lot of people don't actually talk about the blockers. I think they make it sound like, hey, I had this plan from day one, and every decision I've made has been perfect. And for me, I'll tell you, right, there are moments in your life that mark a differentiation and those moments that you realize nothing will be the same. And time is kind of divided into two parts, right, before this moment and after this moment. And that's everything from, before I had kids, that's a pretty big moment in people's lives, to after I had kids, and how do you work through some of those opportunities? Before I got married, before I got divorced. Before I went to this company, after I left this company. And I think the key for all of those is just having an insatiable curiosity around how do you continue to do better, create better and make better? And I'll tell you, those blockers, they exist. Coming back from maternity leave, hard. Coming back from a medical leave, hard. Coming back from caring for a sick parent or a sick friend, hard. But all of those things start to help craft who you are as a human being, not as a leader, but as a human being, and allows you to have some empathy with the people that you surround yourself with, right? And for me, it's, (sighs) you can think about these blockers in one of two ways. You can think about it as, you know, every single time that you're tempted to react in the same way to a blocker, you can be a prisoner of your past, or you can change how you react and be a pioneer of the future. It's not a blocker when you think about it in those terms. >> Mindset matters, and that's really a great point. You brought up something that's interesting, I want to bring this up. Some of the challenges in different stages of our lives. You know, one thing that's come out of this set of interviews, this, of day and in conversations is, that I haven't heard before, is the result of COVID, working at home brought empathy about people's personal lives to the table. That came up in a couple interviews. What's your reaction to that? Because that highlights that we're human, to your point of view. >> It does. It does. And I'm so thankful that you don't ask about balance because that is a pet peeve of mine, because there is no such thing as balance. If you're in perfect balance, you are not moving and you're not changing. But when you think about, you know, the impact of COVID and how the world has changed since that, it has allowed all of us to really think about, you know, what do we want to do versus what do we have to do? And I think so many times, in both our professional lives and our personal lives, we get caught up in doing what we think we have to do to get ahead versus taking a step back and saying, "Hey, what do I want to do? "And how do I become a, you know, "a better human?" And many times, John, I'm asked, "Hey, "how do you define success or achievement?" And, you know, my answer is really, for me, the greatest results that I've achieved, both personally and professionally, is when I eliminate the word success and balance from my vocabulary, and replace them with two words: What's my contribution and what's my impact? Those things make a difference, regardless of gender. And I'll tell you, none of it is easy, ever. I think all of us have been broken, we've been stretched, we've been burnt out. But I also think what we have to talk about as leaders in the industry is how we've also found endurance and resilience. And when we felt unsteady, we've continued to go forward, right? When we can't decide, the best answer is do what's uncomfortable. And all of those things really stemmed from a part of what happened with COVID. >> Yeah, yeah, I love the uncomfortable and the balance highlight. You mentioned being off balance. That means you're growing, you're not standing still. I want to get your thoughts on this because one thing that has come out again this year, and last year as well, is having a team with you when you do it. So if you're off balance and you're going to stretch, if you have a good team with you, that's where people help each other. Not just pick them up, but like maybe get 'em back on track again. So, but if you're solo, you fall, (laughs) you fall harder. So what's your reaction to that? 'Cause this has come up, and this comes up in team building, workforce formation, goal setting, contribution. What's your reaction to that? >> So my reaction to that that is pretty simple. Nobody gets there on their own at all, right? Passion and ambition can only take you so far. You've got to have people and teams that are supporting you. And here's the funny thing about people, and frankly, about being a leader that I think is really important: People don't follow for you. People follow for who you help them become. Think about that for a second. And when you think about all the amazing things that companies and teams are able to do, it's because of those people. And it's because you have leaders that are out there, inspiring them to take what they believe is impossible and turn it into the possible. That's the power of teams. >> Can you give an example of your approach on how you do that? How do you build your teams? How do you grow them? How do you lead them effectively and also make 'em inclusive, diverse and equitable? >> Whew. I'll give you a great example of some work that we're doing at AWS. This year at re:Invent, for the first time in its history, we've launched an initiative with theCUBE called Women of the Cloud. And part of Women of the Cloud is highlighting the business impact that so many of our partners, our customers and our employees have had on the social, on the economic and on the financials of many companies. They just haven't had the opportunity to tell their story. And at Amazon, right, it is absolutely integral to us to highlight those examples and continue to extend that ethos to our partners and our customers. And I think one of the things that I shared with you at re:Invent was, you know, as U2's Bono put it, (John laughs) "We'll build it better than we did before "and we are the people "that we've been waiting for." So if we're not out there, advocating and highlighting all the amazing things that other women are doing in the ecosystem, who will? >> Well, I've got to say, I want to give you props for that program. Not only was it groundbreaking, it's still running strong. And I saw some things on LinkedIn that were really impressive in its network effect. And I met at least half a dozen new people I never would have met before through some of that content interaction and engagement. And this is like the power of the current world. I mean, getting the voices out there creates momentum. And it's good for Amazon. It's not just personal brand building for my next job or whatever, you know, reason. It's sharing and it's attracting others, and it's causing people to connect and meet each other in that world. So it's still going strong. (laughs) And this program we did last year was part of Rachel Thornton, who's now at MessageBird, and Mary Camarata. They were the sponsors for this International Women's Day. They're not there anymore, so we decided we're going to do it again because the impact is so significant. We had the Amazon Education group on. It's amazing and it's free, and we've got to get the word out. I mean, talk about leveling up fast. You get in and you get trained and get certified, and there's a zillion jobs out (laughs) there in cloud, right, and partners. So this kind of leadership is really important. What was the key learnings that you've taken away and how do you extend this opportunity to nurture the talent out there in the field? Because when you throw the content out there from great leaders and practitioners and developers, it attracts other people. >> It does. It does. So look, I think there's two types of people, people that are focused on being and people who are focused on doing. And let me give you an example, right? When we think about labels of, hey, Rachel's a female executive who launched Women of the Cloud, that label really limits me. I'd rather just be a great executive. Or, hey, there's a great entrepreneur. Let's not be a great entrepreneur. Just go build something and sell it. And that's part of this whole Women of the cloud, is I don't want people focused on what their label is. I want people sharing their stories about what they're doing, and that's where the lasting impact happens, right? I think about something that my grandmother used to tell me, and she used to tell me, "Rachel, how successful "you are, doesn't matter. "The lasting impact that you have "is your legacy in this very finite time "that you have on Earth. "Leave a legacy." And that's what Women of the Cloud is about. So that people can start to say, "Oh, geez, "I didn't know that that was possible. "I didn't think about my career in that way." And, you know, all of those different types of stories that you're hearing out there. >> And I want to highlight something you said. We had another Amazonian on the program for this day earlier and she coined a term, 'cause inside Amazon, you have common language. One of them is bar raising. Raise the bar, that's an Amazonian (Rachel laughs) term. It means contribute and improve and raise the bar of capability. She said, "Bar raising is gender neutral. "The bar is a bar." And I'm like, wow, that was amazing. Now, that means your contribution angle there highlights that. What's the biggest challenge to get that mindset set in culture, in these- >> Oh. >> 'Cause it's that simple, contribution is neutral. >> It absolutely is neutral, but it's like I said earlier, I think so many times, people are focused on success and being a great leader versus what's the contribution I'm making and how am I doing as a leader, you know? And when it comes to a lot of the leadership principles that Amazon has, including bar raising, which means insisting on the highest standards, and then those standards continue to raise every single time. And what that is all about is having all of our employees figure out, how do I get better every single day, right? That's what it's about. It's not about being better than the peer next to you. It's about how do I become a better leader, a better human being than I was yesterday? >> Awesome. >> You know, I read this really cute quote and I think it really resonates. "You meditate to upgrade your software "and you work out to upgrade your hardware." And while it's important that we're all ourselves at work, we can't deny that a lot of times, ourselves still need that meditation or that workout. >> Well, I hope I don't have any zero days in my software out there, so, but I'm going to definitely work on that. I love that quote. I'm going to use that. Thank you very much. That was awesome. I got to ask you, I know you're really passionate about, and we've talked about this, around, so you're a great leader but you're also focused on what's behind you in the generation, pipelining women leaders, okay? Seats at the table, mentoring and sponsorship. What can we do to build a strong pipeline of leaders in technology and business? And where do you see the biggest opportunity to nurture the talent in these fields? >> Hmm, you know, that's great, great question. And, you know, I just read a "Forbes" article by another Amazonian, Tanuja Randery, who talked about, you know, some really interesting stats. And one of the stats that she shared was, you know, by 2030, less than 25% of tech specialists will be female, less than 25%. That's only a 6% growth from where we are in 2023, so in seven years. That's alarming. So we've really got to figure out what are the kinds of things that we're going to go do from an Amazon perspective to impact that? And one of the obvious starting points is showcasing tech careers to girls and young women, and talking openly about what a technology career looks like. So specifically at Amazon, we've got an AWS Git IT program that helps schools and educators bring in tech role models to show them what potential careers look like in tech. I think that's one great way that we can help build the pipeline, but once we get the pipeline, we also have to figure out how we don't let that pipeline leak. Meaning how do we keep women and, you know, young women on their tech career? And I think big part of that, John, is really talking about how hard it is, but it's also greater than you can ever imagine. And letting them see executives that are very authentic and will talk about, geez, you know, the challenges of COVID were a time of crisis and accelerated change, and here's what it meant to me personally and here's what we were able to solve professionally. These younger generations are all about social impact, they're about economic impact and they're about financial impact. And if we're not talking about all three of those, both from how AWS is leading from the front, but how its executives are also taking that into their personal lives, they're not going to want to go into tech. >> Yeah, and I think one of the things you mentioned there about getting people that get IT, good call out there, but also, Amazon's going to train 30 million people, put hundreds of millions of dollars into education. And not only are they making it easier to get in to get trained, but once you're in, even savvy folks that are in there still have to accelerate. And there's more ways to level up, more things are happening, but there's a big trend around people changing careers either in their late 20s, early 30s, or even those moments you talk about, where it's before and after, even later in the careers, 40s, 50s. Leaders like, well, good experience, good training, who were in another discipline who re-skilled. So you have, you know, more certifications coming in. So there's still other pivot points in the pipeline. It's not just down here. And that, I find that interesting. Are you seeing that same leadership opportunities coming in where someone can come into tech older? >> Absolutely. You know, we've got some amazing programs, like Amazon Returnity, that really focuses on how do we get other, you know, how do we get women that have taken some time off of work to get back into the workforce? And here's the other thing about switching careers. If I look back on my career, I started out as a civil engineer, heavy highway construction. And now I lead a sales team at the largest cloud company in the world. And there were, you know, twists and turns around there. I've always focused on how do we change and how do we continue to evolve? So it's not just focused on, you know, young women in the pipeline. It's focused on all gender and all diverse types throughout their career, and making sure that we're providing an inclusive environment for them to bring in their unique skillsets. >> Yeah, a building has good steel. It's well structured. Roads have great foundations. You know, you got the builder in you there. >> Yes. >> So I have to ask you, what's on your mind as a tech athlete, as an executive at AWS? You know, you got your huge team, big goals, the economy's got a little bit of a headwind, but still, cloud's transforming, edge is exploding. What's your outlook as you look out in the tech landscape these days and how are you thinking about it? What your plans? Can you share a little bit about what's on your mind? >> Sure. So, geez, there's so many trends that are top of mind right now. Everything from zero trust to artificial intelligence to security. We have more access to data now than ever before. So the opportunities are limitless when we think about how we can apply technology to solve some really difficult customer problems, right? Innovation sometimes feels like it's happening at a rapid pace. And I also say, you know, there are years when nothing happens, and then there's years when centuries happen. And I feel like we're kind of in those years where centuries are happening. Cloud technologies are refining sports as we know them now. There's a surge of innovation in smart energy. Everyone's supply chain is looking to transform. Custom silicon is going mainstream. And frankly, AWS's customers and partners are expecting us to come to them with a point of view on trends and on opportunities. And that's what differentiates us. (John laughs) That's what gives me goosebumps- >> I was just going to ask you that. Does that give you goosebumps? How could you not love technology with that excitement? I mean, AI, throw in AI, too. I just talked to Swami, who heads up the AI and database, and we just talked about the past 24 months, the change. And that is a century moment happening. The large language models, computer vision, more compute. Compute's booming than ever before. Who thought that was going to happen, is still happening? Massive change. So, I mean, if you're in tech, how can you not love tech? >> I know, even if you're not in tech, I think you've got to start to love tech because it gives you access to things you've never had before. And frankly, right, change is the only constant. And if you don't like change, you're going to like being irrelevant even less than you like change. So we've got to be nimble, we've got to adapt. And here's the great thing, once we figure it out, it changes all over again. And it's not something that's easy for any of us to operate. It's hard, right? It's hard learning new technology, it's hard figuring out what do I do next? But here's the secret. I think it's hard because we're doing it right. It's not hard because we're doing it wrong. It's just hard to be human and it's hard to figure out how we apply all this different technology in a way that positively impacts us, you know, economically, financially, environmentally and socially. >> And everyone's different, too. So you got to live those (mumbles). I want to get one more question in before we, my last question, which is about you and your impact. When you talk to your team, your sales, you got a large sales team, North America. And Tanuja, who you mentioned, is in EMEA, we're going to speak with her as well. You guys lead the front lines, helping customers, but also delivering the revenue to the company, which has been fantastic, by the way. So what's your message to the troops and the team out there? When you say, "Take that hill," like what is the motivational pitch, in a few sentences? What's the main North Star message in today's marketplace when you're doing that big team meeting? >> I don't know if it's just limited to a team meeting. I think this is a universal message, and the universal message for me is find your edge, whatever that may be. Whether it is the edge of what you know about artificial intelligence and neural networks or it's the edge of how do we migrate our applications to the cloud more quickly. Or it's the edge of, oh, my gosh, how do I be a better parent and still be great at work, right? Find your edge, and then sharpen it. Go to the brink of what you think is possible, and then force yourself to jump. Get involved. The world is run by the people that show up, professionally and personally. (John laughs) So show up and get started. >> Yeah as Steve Jobs once said, "The future "that everyone looks at was created "by people no smarter than you." And I love that quote. That's really there. Final question for you. I know we're tight on time, but I want to get this in. When you think about your impact on your company, AWS, and the industry, what's something you want people to remember? >> Oh, geez. I think what I want people to remember the most is it's not about what you've said, and this is a Maya Angelou quote. "It's not about what you've said to people "or what you've done, "it's about how you've made them feel." And we can all think back on leaders or we can all think back on personal moments in our lives where we felt like we belonged, where we felt like we did something amazing, where we felt loved. And those are the moments that sit with us for the rest of our lives. I want people to remember how they felt when they were part of something bigger. I want people to belong. It shouldn't be uncommon to talk about feelings at work. So I want people to feel. >> Rachel, thank you for your time. I know you're really busy and we stretched you a little bit there. Thank you so much for contributing to this wonderful day of great leaders sharing their stories. And you're an inspiration. Thanks for everything you do. We appreciate you. >> Thank you. And let's go do some more Women of the Cloud videos. >> We (laughs) got more coming. Bring those stories on. Back up the story truck. We're ready to go. Thanks so much. >> That's good. >> Thank you. >> Okay, this is theCUBE's coverage of International Women's Day. It's not just going to be March 8th. That's the big celebration day. It's going to be every quarter, more stories coming. Stay tuned at siliconangle.com and thecube.net here, with bringing all the stories. I'm John Furrier, your host. Thanks for watching. (gentle music)

(upbeat music) >> Hello, everyone. Welcome to theCUBE's special presentation of International Women's Day. I'm John Furrier, host of theCUBE. Jenni Troutman is here, Director of Products and Services, and Training and Certification at AWS, and Heather Ruden, Director of Education Programs, Training and Certification. Thanks for coming on theCUBE and for the International Women's Day special program. >> Thanks so much for having us. >> So, I'll just get it out of the way. I'm a big fan of what you guys do. I've been shouting at the top of my lungs, "It's free. Get cloud training and you'll have a six figure job." Pretty much. I'm over amplifying. But this is really a big opportunity in the industry, education and the skills gap, and the skill velocities that's changing. New roles are coming on around cloud native, cloud native operators, cybersecurity. There's so much excitement going on around the industry, and all these open positions, and they need new talent. So you can't get a degree for some of these things. So, nope, it doesn't matter what school you went to, everyone's kind of level. This is a really big deal. So, Heather, share with us your thoughts as well on this topic. Jenni, you too. Like, where are you guys at? 'Cause this is a big opportunity for women and anyone to level up in the industry. >> Absolutely. So I'll jump in and then I'll hand it over to Jenni. We're your dream team here. We can talk about both sides of this. So I run a set of programs here at AWS that are really intended to help build the next generation of cloud builders. And we do that with a variety of programs, whether it is targeting young learners from kind of 12 and up. We have AWS GetIT that is designed to get women ambassadors or women mentors in front of girls 12 to 14 and get them curious about a career in STEM. We also have a program that is all digital online. It's available in 11 languages. It's got hundreds of courses. That's called AWS Educate that is designed to do exactly what you just talked about, expose the opportunities and start building cloud skills for learners at age 13 and up. They can go online and register with an email and start learning. We want them to understand not only what the opportunity is for them, but the ways that they can help influence and bring more diversity and more inclusion and into the cloud technology space, and just keep building all those amazing builders that we need here for our customers and partners. And those are the programs that I manage, but Jenni also has an amazing program, a set of programs. And so I'll hand it over to her as you get into the professional side of this things. >> So Jenni, you're on the product side. You've got the keys to the kingdom on all the materials and shaping it. What's your view on this? 'Cause this is a huge opportunity and it's always changing. What's the latest and greatest? >> It is a massive opportunity and to give you a sense, there was a study in '21 where IT executives said that talent availability is the biggest challenge to emerging tech adoption. 64% of IT executives said that up from only 4% the year before. So the challenge is growing really fast, which for everyone that's ready to go out there and learn and try something new is a massive opportunity. And that's really why I'm here. We provide all kinds of learning experiences for people across different cloud technologies to be able to not only gain the knowledge around cloud, but also the confidence to be able to build in the cloud. And so we look across different learner levels, different roles, different opportunities, and we provide those experiences where people can actually get hands-on in a totally risk-free environment and practice building in the cloud so they can go and be ready to get their certifications, their AWS certifications, give them the credentials to be able to show an employer they can do it, and then go out and get these jobs. It's really exciting. And we go kind of end to end from the very beginning. What is cloud? I want to know what it is all the way through to I can prove that I can build in the cloud and I'm ready for a job. >> So Jenni, you nailed that confidence word. I think I want to double click on that. And Heather, you talked about you're the dream team. You guys, you're the go to market, you bring this to the marketplace. Jenni, you get the products. This is the key, but to me the the international women days angle is, is that what I hear over and over again is that, "It's too technical. I'm not qualified." It can be scary. We had a guest on who has two double E degrees in robotics and aerospace and she's hard charging. She almost lost her confidence twice she said in her career. But she was hard charging. It can get scary, but also the ability to level up fast is just as good. So if you can break through that confidence and keep the curiosity and be a builder, talk about that dynamic 'cause you guys are in the middle of it, you're in the industry, how do you handle that? 'Cause I think that's a big thing that comes up over and over again. And confidence is not just women, it's men too. But women can always, that comes up as a theme. >> It is. It is a big challenge. I mean, I've struggled with it personally and I mentor a lot of women and that is the number one challenge that is holding women back from really being able to advance is the confidence to step out there and show what they can do. And what I love about some of the products we've put out recently is we have AWS Skill Builder. You can go online, you can get all kinds of free core training and if you want to go deeper, you can go deeper. And there's a lot of different options on there. But what it does is not only gives you that based knowledge, but you can actually go in. We have something called AWS Labs. You can go in and you can actually practice on the AWS console with the services that people are using in their jobs every day without any risk of doing something that is going to blow up in your face. You're not going to suddenly get this big AWS bill. You're not going to break something that's out there running. You just go in. It's your own little environment that gets wiped when you're done and you can practice. And there's lots of different ways to learn as well. So if you go in there and you're watching a video and to your point you're like, "Oh my gosh, this is too technical. I can't understand it. I don't know what I'm going to go do." You can go another route. There's something called AWS Cloud Quest. It's a game. You go in and it's like you're gaming and it walks you through. You're actually in a virtual world. You're walking through and it's telling you, "Hey, go build this and if you need help, here's hints and here's tips." And it continues to build on itself. So you're learning and you're applying practical skills and it's at your own pace. You don't have to watch somebody else talking that is going at a pace that maybe accelerates beyond what you're ready. You can do it at your own pace, you can redo it, you can try it again until you feel confident that you know it and you're really ready to move on to the next thing. Personally, I find that hugely valuable. I go in and do these myself and I sit there and I have a lot of engineers on my team, very smart people. And I have my own imposter syndrome. I get nervous to go talk to them. Like, are they going to think I'm totally lost? And so I go in and I learn some of this myself by experiment. And then I feel like, okay, now I can go ask them some intelligent questions and they're not going to be like, "Oh gosh, my leader is totally unaware of what we're doing." And so I think that we all struggle with confidence. I think everybody does, but I see it especially in women as I mentor them. And that's what I encourage them to do is go and on your own time, practice a bit, get a little bit of experience and once you feel like you can throw a couple words out there that you know what they mean and suddenly other people look at you like, "Oh, she knows what she's talking about." And you can kind of get past that feeling. >> Well Jenni, you nailed it. Heather, she just mentioned she's in the job and she's going and she's still leveling up. That's the end when you're in, but it's also the barriers to entry are lowering. You guys are doing a good job of getting people in, but also growing fast too. So there's two dynamics at play here. How do people do this? What's the playbook? Because I think that's really key, easy to get in. And then once you're in, you can level up fast at your own pace to ride the wave. And then there's new stuff coming. I mean, every re:Invent there's 5,000 announcements. So it's like zillion new things and AI taught now. >> re:Invent is a perfect example of that ongoing imposter syndrome or confidence check for all of us. I think something that that Jenni said too is we really try and meet learners where they are and make sure that we have the support, whether it's accessibility requirements or we have the content that is built for the age that we're talking to, or we have a workforce development program called re/Start that is for people that have very little tech experience and really want to talk about a career in cloud, but they need a little bit more handholding. They need a combination of instructor-led and digital. But then we have AWS educators, I mentioned. If you want to be more self-directed, all of these tools are intended to work well together and to be complimentary and to take you on a journey as a learner. And the more skills you have, the more you increase your knowledge, the more you can take on more. But meeting folks where they are with a variety of programs, tools, languages, and accessibility really helps ensure that we can do that for learners throughout the world. >> That's awesome. Let's get into it. Let's get into the roadmaps of people and their personas. And you guys can share the programs that you have and where people could fit in. 'Cause this comes up a lot when I talk to folks. There's the young person who's I'm a gamer or whatever, I want to get a job. I'm in high school or an elementary or I want to tinker around or I'm in college or I'm learning, I'm an entry level kind of entry. Then you have the re-skilling. I'm going to change my careers, I'm kind of bored, I want to do something compelling. How do I get into the cloud game? And then the advanced re-skill is I want to get into cyber and AI and then there's other. Could you break down? Did I get that right or did I miss anything? And then what's available for those kind of lanes? So those persona lanes? >> Well, let's see, I could start with maybe the high schooler stuff and then we can bring Jenni in as well. I would say a great place to start for anyone is aws.amazon.com/training. That's going to give them the full suite of options that they could take on. If you're in high school, you can go onto AWS Educate. All you need is an email. And if you're 13 years and older, you can start exploring the types of jobs that are available in the cloud and you could start taking some introductory classes. You can do some of those labs in a safe environment that Jenni mentioned. That's a great place to start. If you are in an environment where you have an educator that is willing to go on this with you, this journey with you, we have this AWS GetIT program that is, again, educator-led. So it's an afterschool or it's an a program where we match mentors and students up with cloud professionals and they do some real-time experimentation. They build an app, they work on things together, and do a presentation at the end. The other thing I would say too is that if you are in a university, I would double check and see if the AWS Academy curriculum is already in your university. And if so, explore some of those classes there. We have instructor-led, educator-ready. course curriculum that we've designed that help people get to those certifications and get closer to those jobs and as well as hopefully then lead people right into skill builder and all the things that Jenni talked about to help them as they start out in a professional environment. >> So is the GetIT, is that an instructor-led that the person has to find someone for? Or is this available for them? >> It is through teachers. It's through educators. We are in, we've reached over 19,000 students. We're available in eight countries. There are ways for educators to lead this, but we want to make sure that we are helping the kids be successful and giving them an educator environment to do that. If they want to do it on their own, then they can absolutely go through AWS Educate or even and to explore where they want to get started. >> So what about someone who's educated in their middle of their career, might want to switch from being a biologist to a cloud cybersecurity guru or a cloud native operator? >> Yeah, so in that case, AWS re/Start is one of the great program for them to explore. We run that program with collaborating organizations in 160 cities in 80 countries throughout the world. That is a multi-week cohort-based program where we do take folks through a very clear path towards certification and job skilling that will help them get into those opportunities. Over 98% of the cohorts, the graduates of those cohorts get an interview and are hopefully on their path to getting a job. So that really has global reach. The partnership with collaborating organizations helps us ensure that we find communities that are often unreached by cloud skills training and we really work to keep a diverse focus on those cohorts and bring those folks into the cloud. >> Okay. Jenni, you've got the Skill Builder action here. What's going on on your side? Because you must have to manage all the change. I mean, AI is hot right now. I'm sure you're cranking away on curriculum and content for SageMaker, large language models, computer vision, cybersecurity. >> We do. There are a lot of options. >> How is your world? Tell us about what people can take out of way from your side. >> Yeah. So a great way to think about it is if they're already out in the workforce or they're entering the workforce, but they are technical, have technical skills is what are the roles that are interesting in the technologies that are interesting. Because the way we put out our training and our certifications is aligned to paths. So if you're look interested in a specific role. If you're interested in architecting a cloud environment or in security as you mentioned, and you want to go deep in security, there are AWS certifications that give you that. If you achieve them, they're very difficult. But if you work to them and achieve them, they give you the credential that you can take to an employer and say, "Look, I can do this job." And they are in very high demand. In fact that's where if you look at some of the publications that have come out, they talk about, what are people making if they have different certifications? What are the most in-demand certifications that are out there? And those are what help people get jobs. And so you identify what is that role or that technology area I want to learn. And then you have multiple options for how you build those skills depending on how you want to learn. And again, that's really our focus, is on providing experiences based on how people learn and making it accessible to them. 'Cause not everybody wants to learn in the same way. And so there is AWS Skill Builder where people can go learn on their own that is really great particularly for people who maybe are already working and have to learn in the evenings, on the weekends. People who like to learn at their own pace, who just want to be hands-on, but are self-starters. And they can get those whole learning plans through there all the way aligned to the certification and then they can go get their certification. There's also classroom training. So a lot of people maybe want to do continuous learning through an online, but want to go really deep with an expert in the room and maybe have a more focused period of time if they can go for a couple days. And so they can do classroom training. We provide a lot of classroom training. We have partners all over the globe who provide classroom training. And so there's that and what we find to be the most powerful is when you couple the two. If you can really get deep, you have an expert, you can ask questions, but first before you go do that, you get some of that foundational that you've kind of learned on your own. And then after you go back and reinforce, you go back online, you try out things that maybe you learned in the classroom, but you didn't quite, you hadn't used it enough yet to quite know how to do it. Now you can go back and actually use it, experiment and play around. And so we really encourage that kind of, figure out what are some areas you're interested in, go learn it and then go get a job and continue to learn because then once you learn that first area, you start to build confidence in it. Suddenly other areas become interesting. 'Cause as you said, cloud is changing fast. And once you learn a space, first of all you have to keep going back to stay up on it as it changes. But you quickly find that there are other areas that are really interesting too. >> I've observed that the training side, it's just like cloud itself, it's very agile. You can get hands-on quickly, you don't need to take a class, and then get in weeks later. You're in it like it's real time. So you're immersed in gamification and all kinds of ways to funnel into the either advanced tracks and certification. So you guys do a great job and I want to give you props for that and a shout out. The question I have for you guys is can you scope the opportunity for these certifications and opportunities for women in particular? What are some of the top jobs pulling down? Scope out the opportunity because I think when people hear that they really fall out of their chair, they go, "Wow, I didn't know I could make $200,000 doing cybersecurity." Well, yeah or maybe more. I just made the number, I don't actually know, but like I know people do make that much in cyber, but there are huge financial opportunities with certifications and education. Can you scope that order of magnitude? Can you share any data? >> Yeah, so in the US they certainly are. Certifications on average aligned to six digit type jobs. And if you go out and do a search, there are research studies out there that are refreshed every year that say what are the top IT industry certifications and how much money do they make? And the reason I don't put a number out there is because it's constantly changing and in fact it keeps going up, >> It's going up, not going down. >> But I would encourage people to do that quick search. What are the top IT industry certifications. Again, based on the country you're in, it makes a difference. But if you're US, there's a lot of data out there for the US and then there is some for other countries as well around how much on average people make. >> Do you list like the higher level certifications, stack rank them in terms of order? Like say, I'm a type A personnel, I want to climb Mount Everest, I want to get the highest level certification. How do I know that? Is it like laddered up or is like how do you guys present that? >> Yeah, so we have different types of certifications. There is a foundational, which we call the cloud practitioner. That one is more about just showing that you know something about cloud. It's not aligned to a specific job role. But then we have what we call associate level certifications, which are aligned to roles. So there's the solutions architect, cloud developer, so developer operations. And so you can tell by the role and associate is kind of that next level. And then the roles often have a professional level, which is even more advanced. And basically that's saying you're kind of an Uber expert at that point. And then there are technology specialties, which are less about a specific role, although some would argue a security technology specialty might align very well to a security role, but they're more about showing the technology. And so typically, it goes foundational, advanced, professional, and then the specialties are more on the side. They're not aligned, but they're deep. They're deep within that area. >> So you can go dig and pick your deep dive and jump into where you're comfortable. Heather, talk about the commitment in terms of dollars. I know Amazon's flaunted some numbers like 30 million or something, people they want to have trained, hundreds of millions of dollars in investment. This is key, obviously, more people trained on cloud, more operators, more cloud usage, obviously. I see the business connection. What's the women relationship to the numbers? Or what the experience is? How do you guys see that? Obviously International Women's Day, get the confidence, got the curiosity. You're a builder, you're in. It's that easy. >> It doesn't always feel that way, I'm sure to everybody, but we'd like to think that it is. Amazon and AWS do invest hundreds of millions of dollars in free training every year that is accessible to everyone out there. I think that sometimes the hardest obstacles to get overcome are getting started and we try and make it as easy as possible to get started with the tools that we've talked about already today. We run into plenty of cohorts of women as part of our re/Start program that are really grateful for the opportunity to see something, see a new way of thinking, see a new opportunity for them. We don't necessarily break out our funding by women versus men. We want to make sure that we are open and diverse for everybody to come in and get the training that they need to. But we definitely want to make sure that we are accessible and available to women and all genders outside of the US and inside the US. >> Well, I know the number's a lot lower than they should be and that's obviously why we're promoting this heavily. There's a lot more interest I see in tech. So digital transformation is gender neutral. I mean, it's like the world eats software and uses software, uses the cloud. So it has to get 50/50 in my opinion. So you guys do a great job. Now that we're done kind of promoting Amazon, which I wanted to do 'cause I think it's super important. Let's talk about you guys. What got you guys involved in tech? What was the inspiration and share some stories about your experiences and advice for folks watching? >> So I've always been in traditionally male dominated roles. I actually started in aviation and then moved to tech. And what I found was I got a mentor early on, a woman who was senior to me and who was kind of who I saw as the smartest person out there. She was incredibly smart, she was incredibly kind, and she was always lifting women up. And I kind of latched onto her and followed her around and she was such an amazing mentor. She brought me from throughout tech, from company to company, job to job, was always positioning me in front of other people as the go-to person. And I realized, "Wow, I want to be like her." And so that's been my focus as well in tech is you can be deeply technical in tech or you can be not deeply technical and be in tech and you can be successful both ways, but the way you're going to be most successful is if you find other people, build them up and help put them out in front. And so I personally love to mentor women and to put them in places where they can feel comfortable being out in front of people. And that's really been my career. I have tried to model her approach as much as I can. >> That's a really interesting observation. It's the pattern we've been seeing in all these interviews for the past two years of doing the International Women's Day is that networking, mentoring and sponsorship are one thing. So it's all one thing. It's not just mentoring. It's like people think, "Oh, just mentoring. What does that mean? Advice?" No, it's sponsorship, it's lifting people up, creating a keiretsu, creating networks. Really important. Heather, what's your experience? >> Yeah, I'm sort of the example of somebody who never thought they'd be in tech, but I happened to graduate from college in the Silicon Valley in the early nineties and next thing you know, it's more than a couple years later and I'm deeply in tech and I think it when we were having the conversation about confidence and willingness to learn and try that really spoke to me as well. I think I had to get out of my own way sometimes and just be willing to not be the smartest person in the room and just be willing to ask a lot of questions. And with every opportunity to ask questions, I think somebody, I ended up with good mentors, male and female, that saw the willingness to ask questions and the willingness to be humble in my approach to learning. And that really helped. I'm also very aware that nobody's journey is the same and I need to create an environment on my team and I need to be a role model within AWS and Amazon for allowing people to show up in the way that they're going to be most successful. And sometimes that will mean giving them learning opportunities. Sometimes that will be hooking them up with a mentor. Sometimes that will be giving them the freedom to do what they need for their family or their personal life. And modeling that behavior regardless of gender has always been how I choose to show up and what I ask my leaders to do. And the more we can do that, I've seen the team been able to grow and flourish in that way and support our entire team. >> I love that story. You also have a great leader, Maureen Lonergan, who I've met many conversations with, but also it starts at the top. Andy Jassy who can come across, he's kind of technical, he's dirty, he's a builder mentality. He has first principles and you're bringing up this first principles concept and whether that's passing it forward, what you've learned, having first principles helps in an organization. Can you guys talk about what that's like at your company? 'Cause everyone's different. And sometimes whether, and I sometimes I worry about what I say, but I also have my first principles. So talk about how principles matter in how you guys interface with others and letting people be their authentic self. >> Yeah, I'll jump in Jenni and then you can. The Amazon leadership principles are super important to how we interact with each other and it really does provide a set of guidelines for how we work with each other and how we work for our customers and with our partners. But most of all it gives us a common language and a common set of expectations. And I will be honest, they're not always easy. When you come from an environment that tends to be less open to feedback and less open to direct conversations than you find at Amazon, it could take a while to get used to that, but for me at least, it was extremely empowering to have those tools and those principles as guidance for how to operate and to gain the confidence in using them. I've also been able to participate in hundreds and hundreds of interviews in the time that I've been here as part of an interview team of bar raisers. I think that really helps us understand whether or not folks are going to be successful at AWS and at Amazon and helps them understand if they're going to be able to be successful. >> Bar raising is an Amazon term and it's gender neutral, right Jenni? >> It is gender neutral. >> Bar is a bar, it raises. >> That's right. And it's funny, we say that our culture here is peculiar. And when I started, I had been in consulting for several years, so I worked with a lot of different companies in tech and so I thought I'd seen everything and I came here and I went, "Hmm." I see what they mean by peculiar. It is very different environment. >> In the fullness of time, it'll all work out. >> That's right, that's right. Well and it's funny because when you first started, it's a lot to figure out to how to operate in an environment where people do use a 16 leadership principles. I've worked at a lot of companies with three or four core values and nobody can state those. We could state all 16 leadership principles and we use them in our regular everyday dialogue. That is an awkward thing when you first come to have people saying, "Oh, I'm going to use bias for action in this situation and I'm going to go move fast. And they're actually used in everyday conversations. But after a couple years suddenly you realize, "Oh, I'm doing that." And maybe even sometimes at the dinner table I'm doing that, which can get to be a bit much. But it creates an environment where we can all be different. We can all think differently. We can all have different ways of doing things, but we have a common overall approach to what we're trying to achieve. And that's really, it gives us a good framework for that. >> Jenni, it's great insight. Heather, thank you so much for sharing your stories. We're going to do this not once a year. We're going to continue this Women in Tech program every quarter. We'll check in with you guys and find out what's new. And thank you for what you do. We appreciate that getting the word out and really is an opportunity for everyone with education and cloud and it's only going to get more opportunities at the edge in AI and so much more tech. Thank you for coming on the program. >> Thank you for having us. >> Thanks, John. >> Thank you. That's the International Women's Day segment here with leaders from AWS. I'm John Furrier. Thanks for watching. (upbeat musiC)

(bright music) >> Hello, everyone. Welcome to theCUBE special presentation of International Women's Day. I'm John Furrier, host of theCUBE. This is a global special open program we're doing every year. We're going to continue it every quarter. We're going to do more and more content, getting the voices out there and celebrating the diversity. And I'm excited to have an amazing guest here, LaDavia Drane, who's the head of Global Inclusion Diversity & Equity at AWS. LaDavia, we tried to get you in on AWS re:Invent, and you were super busy. So much going on. The industry has seen the light. They're seeing everything going on, and the numbers are up, but still not there, and getting better. This is your passion, our passion, a shared passion. Tell us about your situation, your career, how you got into it. What's your story? >> Yeah. Well, John, first of all, thank you so much for having me. I'm glad that we finally got this opportunity to speak. How did I get into this work? Wow, you know, I'm doing the work that I love to do, number one. It's always been my passion to be a voice for the voiceless, to create a seat at the table for folks that may not be welcome to certain tables. And so, it's been something that's been kind of the theme of my entire professional career. I started off as a lawyer, went to Capitol Hill, was able to do some work with members of Congress, both women members of Congress, but also, minority members of Congress in the US Congress. And then, that just morphed into what I think has become a career for me in inclusion, diversity, and equity. I decided to join Amazon because I could tell that it's a company that was ready to take it to the next level in this space. And sure enough, that's been my experience here. So now, I'm in it, I'm in it with two feet, doing great work. And yeah, yeah, it's almost a full circle moment for me. >> It's really an interesting background. You have a background in public policy. You mentioned Capitol Hill. That's awesome. DC kind of moves slow, but it's a complicated machinery there. Obviously, as you know, navigating that, Amazon grew significantly. We've been at every re:Invent with theCUBE since 2013, like just one year. I watched Amazon grow, and they've become very fast and also complicated, like, I won't say like Capitol, 'cause that's very slow, but Amazon's complicated. AWS is in the realm of powering a generation of public policy. We had the JEDI contract controversy, all kinds of new emerging challenges. This pivot to tech was great timing because one, (laughs) Amazon needed it because they were growing so fast in a male dominated world, but also, their business is having real impact on the public. >> That's right, that's right. And when you say the public, I'll just call it out. I think that there's a full spectrum of diversity and we work backwards from our customers, and our customers are diverse. And so, I really do believe, I agree that I came to the right place at the right time. And yeah, we move fast and we're also moving fast in this space of making sure that both internally and externally, we're doing the things that we need to do in order to reach a diverse population. >> You know, I've noticed how Amazon's changed from the culture, male dominated culture. Let's face it, it was. And now, I've seen over the past five years, specifically go back five, is kind of in my mental model, just the growth of female leaders, it's been impressive. And there was some controversy. They were criticized publicly for this. And we said a few things as well in those, like around 2014. How is Amazon ensuring and continuing to get the female employees feel represented and empowered? What's going on there? What programs do you have? Because it's not just doing it, it's continuing it, right? And 'cause there is a lot more to do. I mean, the half (laughs) the products are digital now for everybody. It's not just one population. (laughs) Everyone uses digital products. What is Amazon doing now to keep it going? >> Well, I'll tell you, John, it's important for me to note that while we've made great progress, there's still more that can be done. I am very happy to be able to report that we have big women leaders. We have leaders running huge parts of our business, which includes storage, customer experience, industries and business development. And yes, we have all types of programs. And I should say that, instead of calling it programs, I'm going to call it strategic initiatives, right? We are very thoughtful about how we engage our women. And not only how we hire, attract women, but how we retain our women. We do that through engagement, groups like our affinity groups. So Women at Amazon is an affinity group. Women in finance, women in engineering. Just recently, I helped our Black employee network women's group launch, BEN Women. And so you have these communities of women who come together, support and mentor one another. We have what we call Amazon Circles. And so these are safe spaces where women can come together and can have conversations, where we are able to connect mentors and sponsors. And we're seeing that it's making all the difference in the world for our women. And we see that through what we call Connections. We have an inclusion sentiment tracker. So we're able to ask questions every single day and we get a response from our employees and we can see how are our women feeling, how are they feeling included at work? Are they feeling as though they can be who they are authentically at Amazon? And so, again, there's more work that needs to be done. But I will say that as I look at the data, as I'm talking to engaging women, I really do believe that we're on the right path. >> LaDavia, talk about the urgent needs of the women that you're hearing from the Circles. That's a great program. The affinity circles, the groups are great. Now, you have the groups, what are you hearing? What are the needs of the women? >> So, John, I'll just go a little bit into what's becoming a conversation around equity. So, initially I think we talked a lot about equality, right? We wanted everyone to have fair access to the same things. But now, women are looking for equity. We're talking about not just leveling the playing field, which is equality, but don't give me the same as you give everyone else. Instead, recognize that I may have different circumstances, I may have different needs. And give me what I need, right? Give me what I need, not just the same as everyone else. And so, I love seeing women evolve in this way, and being very specific about what they need more than, or what's different than what a man may have in the same situation because their circumstances are not always the same and we should treat them as such. >> Yeah, I think that's a great equity point. I interviewed a woman here, ex-Amazonian, she's now a GSI, Global System Integrator. She's a single mom. And she said remote work brought her equity because people on her team realized that she was a single mom. And it wasn't the, how do you balance life, it was her reality. And what happened was, she had more empathy with the team because of the new work environment. So, I think this is an important point to call out, that equity, because that really makes things smoother in terms of the interactions, not the assumptions, you have to be, you know, always the same as a man. So, how does that go? What's the current... How would you characterize the progress in that area right now? >> I believe that employers are just getting better at this. It's just like you said, with the hybrid being the norm now, you have an employer who is looking at people differently based on what they need. And it's not a problem, it's not an issue that a single mother says, "Well, I need to be able to leave by 5:00 PM." I think that employers now, and Amazon is right there along with other employers, are starting just to evolve that muscle of meeting the needs. People don't have to feel different. You don't have to feel as though there's some kind of of special circumstance for me. Instead, it's something that we, as employers, we're asking for. And we want to meet those needs that are different in some situations. >> I know you guys do a lot of support of women outside of AWS, and I had a story I recorded for the program. This woman, she talked about how she was a nerd from day one. She's a tomboy. They called her a tomboy, but she always loved robotics. And she ended up getting dual engineering degrees. And she talked about how she didn't run away and there was many signals to her not to go. And she powered through, at that time, and during her generation, that was tough. And she was successful. How are you guys taking the education to STEM, to women, at young ages? Because we don't want to turn people away from tech if they have the natural affinity towards it. And not everyone is going to be, as, you know, (laughs) strong, if you will. And she was a bulldog, she was great. She's just like, "I'm going for it. I love it so much." But not everyone's like that. So, this is an educational thing. How do you expose technology, STEM for instance, and making it more accessible, no stigma, all that stuff? I mean, I think we've come a long way, but still. >> What I love about women is we don't just focus on ourselves. We do a very good job of thinking about the generation that's coming after us. And so, I think you will see that very clearly with our women Amazonians. I'll talk about three different examples of ways that Amazonian women in particular, and there are men that are helping out, but I'll talk about the women in particular that are leading in this area. On my team, in the Inclusion, Diversity & Equity team, we have a program that we run in Ghana where we meet basic STEM needs for a afterschool program. So we've taken this small program, and we've turned their summer camp into this immersion, where girls and boys, we do focus on the girls, can come and be completely immersed in STEM. And when we provide the technology that they need, so that they'll be able to have access to this whole new world of STEM. Another program which is run out of our AWS In Communities team, called AWS Girls' Tech Day. All across the world where we have data centers, we're running these Girls' Tech Day. They're basically designed to educate, empower and inspire girls to pursue a career in tech. Really, really exciting. I was at the Girls' Tech Day here recently in Columbus, Ohio, and I got to tell you, it was the highlight of my year. And then I'll talk a little bit about one more, it's called AWS GetIT, and it's been around for a while. So this is a program, again, it's a global program, it's actually across 13 countries. And it allows girls to explore cloud technology, in particular, and to use it to solve real world problems. Those are just three examples. There are many more. There are actually women Amazonians that create these opportunities off the side of their desk in they're local communities. We, in Inclusion, Diversity & Equity, we fund programs so that women can do this work, this STEM work in their own local communities. But those are just three examples of some of the things that our Amazonians are doing to bring girls along, to make sure that the next generation is set up and that the next generation knows that STEM is accessible for girls. >> I'm a huge believer. I think that's amazing. That's great inspiration. We need more of that. It's awesome. And why wouldn't we spread it around? I want to get to the equity piece, that's the theme for this year's IWD. But before that, getting that segment, I want to ask you about your title, and the choice of words and the sequence. Okay, Global Inclusion, Diversity, Equity. Not diversity only. Inclusion is first. We've had this debate on theCUBE many years now, a few years back, it started with, "Inclusion is before diversity," "No, diversity before inclusion, equity." And so there's always been a debate (laughs) around the choice of words and their order. What's your opinion? What's your reaction to that? Is it by design? And does inclusion come before diversity, or am I just reading it to it? >> Inclusion doesn't necessarily come before diversity. (John laughs) It doesn't necessarily come before equity. Equity isn't last, but we do lead with inclusion in AWS. And that is very important to us, right? And thank you for giving me the opportunity to talk a little bit about it. We lead with inclusion because we want to make sure that every single one of our builders know that they have a place in this work. And so it's important that we don't only focus on hiring, right? Diversity, even though there are many, many different levels and spectrums to diversity. Inclusion, if you start there, I believe that it's what it takes to make sure that you have a workplace where everyone knows you're included here, you belong here, we want you to stay here. And so, it helps as we go after diversity. And we want all types of people to be a part of our workforce, but we want you to stay. And inclusion is the thing. It's the thing that I believe makes sure that people stay because they feel included. So we lead with inclusion. Doesn't mean that we put diversity or equity second or third, but we are proud to lead with inclusion. >> Great description. That was fabulous. Totally agree. Double click, thumbs up. Now let's get into the theme. Embracing equity, 'cause this is a term, it's in quotes. What does that mean to you? You mentioned it earlier, I love it. What does embrace equity mean? >> Yeah. You know, I do believe that when people think about equity, especially non-women think about equity, it's kind of scary. It's, "Am I going to give away what I have right now to make space for someone else?" But that's not what equity means. And so I think that it's first important that we just educate ourselves about what equity really is. It doesn't mean that someone's going to take your spot, right? It doesn't mean that the pie, let's use that analogy, gets smaller. The pie gets bigger, right? >> John: Mm-hmm. >> And everyone is able to have their piece of the pie. And so, I do believe that I love that IWD, International Women's Day is leading with embracing equity because we're going to the heart of the matter when we go to equity, we're going to the place where most people feel most challenged, and challenging people to think about equity and what it means and how they can contribute to equity and thus, embrace equity. >> Yeah, I love it. And the advice that you have for tech professionals out there on this, how do you advise other groups? 'Cause you guys are doing a lot of great work. Other organizations are catching up. What would be your advice to folks who are working on this equity challenge to reach gender equity and other equitable strategic initiatives? And everyone's working on this. Sustainability and equity are two big projects we're seeing in every single company right now. >> Yeah, yeah. I will say that I believe that AWS has proven that equity and going after equity does work. Embracing equity does work. One example I would point to is our AWS Impact Accelerator program. I mean, we provide 30 million for early stage startups led by women, Black founders, Latino founders, LGBTQ+ founders, to help them scale their business. That's equity. That's giving them what they need. >> John: Yeah. >> What they need is they need access to capital. And so, what I'd say to companies who are looking at going into the space of equity, I would say embrace it. Embrace it. Look at examples of what companies like AWS is doing around it and embrace it because I do believe that the tech industry will be better when we're comfortable with embracing equity and creating strategic initiatives so that we could expand equity and make it something that's just, it's just normal. It's the normal course of business. It's what we do. It's what we expect of ourselves and our employees. >> LaDavia, you're amazing. Thank you for spending the time. My final couple questions really more around you. Capitol Hill, DC, Amazon Global Head of Inclusion, Diversity & Equity, as you look at making change, being a change agent, being a leader, is really kind of similar, right? You've got DC, it's hard to make change there, but if you do it, it works, right? (laughs) If you don't, you're on the side of the road. So, as you're in your job now, what are you most excited about? What's on your agenda? What's your focus? >> Yeah, so I'm most excited about the potential of what we can get done, not just for builders that are currently in our seats, but for builders in the future. I tend to focus on that little girl. I don't know her, I don't know where she lives. I don't know how old she is now, but she's somewhere in the world, and I want her to grow up and for there to be no question that she has access to AWS, that she can be an employee at AWS. And so, that's where I tend to center, I center on the future. I try to build now, for what's to come, to make sure that this place is accessible for that little girl. >> You know, I've always been saying for a long time, the software is eating the world, now you got digital transformation, business transformation. And that's not a male only, or certain category, it's everybody. And so, software that's being built, and the systems that are being built, have to have first principles. Andy Jassy is very strong on this. He's been publicly saying, when trying to get pinned down about certain books in the bookstore that might offend another group. And he's like, "Look, we have first principles. First principles is a big part of leading." What's your reaction to that? How would you talk to another professional and say, "Hey," you know this, "How do I make the right call? Am I doing the wrong thing here? And I might say the wrong thing here." And is it first principles based? What's the guardrails? How do you keep that in check? How would you advise someone as they go forward and lean in to drive some of the change that we're talking about today? >> Yeah, I think as leaders, we have to trust ourselves. And Andy actually, is a great example. When I came in as head of ID&E for AWS, he was our CEO here at AWS. And I saw how he authentically spoke from his heart about these issues. And it just aligned with who he is personally, his own personal principles. And I do believe that leaders should be free to do just that. Not to be scripted, but to lead with their principles. And so, I think Andy's actually a great example. I believe that I am the professional in this space at this company that I am today because of the example that Andy set. >> Yeah, you guys do a great job, LaDavia. What's next for you? >> What's next. >> World tour, you traveling around? What's on your plate these days? Share a little bit about what you're currently working on. >> Yeah, so you know, at Amazon, we're always diving deep. We're always diving deep, we're looking for root cause, working very hard to look around corners, and trying to build now for what's to come in the future. And so I'll continue to do that. Of course, we're always planning and working towards re:Invent, so hopefully, John, I'll see you at re:Invent this December. But we have some great things happening throughout the year, and we'll continue to... I think it's really important, as opposed to looking to do new things, to just continue to flex the same muscles and to show that we can be very, very focused and intentional about doing the same things over and over each year to just become better and better at this work in this space, and to show our employees that we're committed for the long haul. So of course, there'll be new things on the horizon, but what I can say, especially to Amazonians, is we're going to continue to stay focused, and continue to get at this issue, and doing this issue of inclusion, diversity and equity, and continue to do the things that work and make sure that our culture evolves at the same time. >> LaDavia, thank you so much. I'll give you the final word. Just share some of the big projects you guys are working on so people can know about them, your strategic initiatives. Take a minute to plug some of the major projects and things that are going on that people either know about or should know about, or need to know about. Take a minute to share some of the big things you guys got going on, or most of the things. >> So, one big thing that I would like to focus on, focus my time on, is what we call our Innovation Fund. This is actually how we scale our work and we meet the community's needs by providing micro grants to our employees so our employees can go out into the world and sponsor all types of different activities, create activities in their local communities, or throughout the regions. And so, that's probably one thing that I would like to focus on just because number one, it's our employees, it's how we scale this work, and it's how we meet our community's needs in a very global way. And so, thank you John, for the opportunity to talk a bit about what we're up to here at Amazon Web Services. But it's just important to me, that I end with our employees because for me, that's what's most important. And they're doing some awesome work through our Innovation Fund. >> Inclusion makes the workplace great. Empowerment, with that kind of program, is amazing. LaDavia Drane, thank you so much. Head of Global Inclusion and Diversity & Equity at AWS. This is International Women's Day. I'm John Furrier with theCUBE. Thanks for watching and stay with us for more great interviews and people and what they're working on. Thanks for watching. (bright music)

(gentle synth music) (music ends) >> Welcome back to Supercloud 2, an open industry collaboration between technologists, consultants, analysts, and of course practitioners to help shape the future of cloud. At this event, one of the key areas we're exploring is the intersection of cloud and data. And how building value on top of hyperscale clouds and across clouds is evolving, a concept of course we call "Supercloud". And we're pleased to welcome our friends from Enterprise Technology research, Erik Bradley and Darren Brabham. Guys, thanks for joining us, great to see you. we love to bring the data into these conversations. >> Thank you for having us, Dave, I appreciate it. >> Yeah, thanks. >> You bet. And so, let me do the setup on what is Supercloud. It's a concept that we've floated, Before re:Invent 2021, based on the idea that cloud infrastructure is becoming ubiquitous, incredibly powerful, but there's a lack of standards across the big three clouds. That creates friction. So we defined over the period of time, you know, better part of a year, a set of essential elements, deployment models for so-called supercloud, which create this common experience for specific cloud services that, of course, again, span multiple clouds and even on-premise data. So Erik, with that as background, I wonder if you could add your general thoughts on the term supercloud, maybe play proxy for the CIO community, 'cause you do these round tables, you talk to these guys all the time, you gather a lot of amazing information from senior IT DMs that compliment your survey. So what are your thoughts on the term and the concept? >> Yeah, sure. I'll even go back to last year when you and I did our predictions panel, right? And we threw it out there. And to your point, you know, there's some haters. Anytime you throw out a new term, "Is it marketing buzz? Is it worth it? Why are you even doing it?" But you know, from my own perspective, and then also speaking to the IT DMs that we interview on a regular basis, this is just a natural evolution. It's something that's inevitable in enterprise tech, right? The internet was not built for what it has become. It was never intended to be the underlying infrastructure of our daily lives and work. The cloud also was not built to be what it's become. But where we're at now is, we have to figure out what the cloud is and what it needs to be to be scalable, resilient, secure, and have the governance wrapped around it. And to me that's what supercloud is. It's a way to define operantly, what the next generation, the continued iteration and evolution of the cloud and what its needs to be. And that's what the supercloud means to me. And what depends, if you want to call it metacloud, supercloud, it doesn't matter. The point is that we're trying to define the next layer, the next future of work, which is inevitable in enterprise tech. Now, from the IT DM perspective, I have two interesting call outs. One is from basically a senior developer IT architecture and DevSecOps who says he uses the term all the time. And the reason he uses the term, is that because multi-cloud has a stigma attached to it, when he is talking to his business executives. (David chuckles) the stigma is because it's complex and it's expensive. So he switched to supercloud to better explain to his business executives and his CFO and his CIO what he's trying to do. And we can get into more later about what it means to him. But the inverse of that, of course, is a good CSO friend of mine for a very large enterprise says the concern with Supercloud is the reduction of complexity. And I'll explain, he believes anything that takes the requirement of specific expertise out of the equation, even a little bit, as a CSO worries him. So as you said, David, always two sides to the coin, but I do believe supercloud is a relevant term, and it is necessary because the cloud is continuing to be defined. >> You know, that's really interesting too, 'cause you know, Darren, we use Snowflake a lot as an example, sort of early supercloud, and you think from a security standpoint, we've always pushed Amazon and, "Are you ever going to kind of abstract the complexity away from all these primitives?" and their position has always been, "Look, if we produce these primitives, and offer these primitives, we we can move as the market moves. When you abstract, then it becomes harder to peel the layers." But Darren, from a data standpoint, like I say, we use Snowflake a lot. I think of like Tim Burners-Lee when Web 2.0 came out, he said, "Well this is what the internet was always supposed to be." So in a way, you know, supercloud is maybe what multi-cloud was supposed to be. But I mean, you think about data sharing, Darren, across clouds, it's always been a challenge. Snowflake always, you know, obviously trying to solve that problem, as are others. But what are your thoughts on the concept? >> Yeah, I think the concept fits, right? It is reflective of, it's a paradigm shift, right? Things, as a pendulum have swung back and forth between needing to piece together a bunch of different tools that have specific unique use cases and they're best in breed in what they do. And then focusing on the duct tape that holds 'em all together and all the engineering complexity and skill, it shifted from that end of the pendulum all the way back to, "Let's streamline this, let's simplify it. Maybe we have budget crunches and we need to consolidate tools or eliminate tools." And so then you kind of see this back and forth over time. And with data and analytics for instance, a lot of organizations were trying to bring the data closer to the business. That's where we saw self-service analytics coming in. And tools like Snowflake, what they did was they helped point to different databases, they helped unify data, and organize it in a single place that was, you know, in a sense neutral, away from a single cloud vendor or a single database, and allowed the business to kind of be more flexible in how it brought stuff together and provided it out to the business units. So Snowflake was an example of one of those times where we pulled back from the granular, multiple points of the spear, back to a simple way to do things. And I think Snowflake has continued to kind of keep that mantle to a degree, and we see other tools trying to do that, but that's all it is. It's a paradigm shift back to this kind of meta abstraction layer that kind of simplifies what is the reality, that you need a complex multi-use case, multi-region way of doing business. And it sort of reflects the reality of that. >> And you know, to me it's a spectrum. As part of Supercloud 2, we're talking to a number of of practitioners, Ionis Pharmaceuticals, US West, we got Walmart. And it's a spectrum, right? In some cases the practitioner's saying, "You know, the way I solve multi-cloud complexity is mono-cloud, I just do one cloud." (laughs) Others like Walmart are saying, "Hey, you know, we actually are building an abstraction layer ourselves, take advantage of it." So my general question to both of you is, is this a concept, is the lack of standards across clouds, you know, really a problem, you know, or is supercloud a solution looking for a problem? Or do you hear from practitioners that "No, this is really an issue, we have to bring together a set of standards to sort of unify our cloud estates." >> Allow me to answer that at a higher level, and then we're going to hand it over to Dr. Brabham because he is a little bit more detailed on the realtime streaming analytics use cases, which I think is where we're going to get to. But to answer that question, it really depends on the size and the complexity of your business. At the very large enterprise, Dave, Yes, a hundred percent. This needs to happen. There is complexity, there is not only complexity in the compute and actually deploying the applications, but the governance and the security around them. But for lower end or, you know, business use cases, and for smaller businesses, it's a little less necessary. You certainly don't need to have all of these. Some of the things that come into mind from the interviews that Darren and I have done are, you know, financial services, if you're doing real-time trading, anything that has real-time data metrics involved in your transactions, is going to be necessary. And another use case that we hear about is in online travel agencies. So I think it is very relevant, the complexity does need to be solved, and I'll allow Darren to explain a little bit more about how that's used from an analytics perspective. >> Yeah, go for it. >> Yeah, exactly. I mean, I think any modern, you know, multinational company that's going to have a footprint in the US and Europe, in China, or works in different areas like manufacturing, where you're probably going to have on-prem instances that will stay on-prem forever, for various performance reasons. You have these complicated governance and security and regulatory issues. So inherently, I think, large multinational companies and or companies that are in certain areas like finance or in, you know, online e-commerce, or things that need real-time data, they inherently are going to have a very complex environment that's going to need to be managed in some kind of cleaner way. You know, they're looking for one door to open, one pane of glass to look at, one thing to do to manage these multi points. And, streaming's a good example of that. I mean, not every organization has a real-time streaming use case, and may not ever, but a lot of organizations do, a lot of industries do. And so there's this need to use, you know, they want to use open-source tools, they want to use Apache Kafka for instance. They want to use different megacloud vendors offerings, like Google Pub/Sub or you know, Amazon Kinesis Firehose. They have all these different pieces they want to use for different use cases at different stages of maturity or proof of concept, you name it. They're going to have to have this complexity. And I think that's why we're seeing this need, to have sort of this supercloud concept, to juggle all this, to wrangle all of it. 'Cause the reality is, it's complex and you have to simplify it somehow. >> Great, thanks you guys. All right, let's bring up the graphic, and take a look. Anybody who follows the breaking analysis, which is co-branded with ETR Cube Insights powered by ETR, knows we like to bring data to the table. ETR does amazing survey work every quarter, 1200 plus 1500 practitioners that that answer a number of questions. The vertical axis here is net score, which is ETR's proprietary methodology, which is a measure of spending momentum, spending velocity. And the horizontal axis here is overlap, but it's the presence pervasiveness, and the dataset, the ends, that table insert on the bottom right shows you how the dots are plotted, the net score and then the ends in the survey. And what we've done is we've plotted a bunch of the so-called supercloud suspects, let's start in the upper right, the cloud platforms. Without these hyperscale clouds, you can't have a supercloud. And as always, Azure and AWS, up and to the right, it's amazing we're talking about, you know, 80 plus billion dollar company in AWS. Azure's business is, if you just look at the IaaS is in the 50 billion range, I mean it's just amazing to me the net scores here. Anything above 40% we consider highly elevated. And you got Azure and you got Snowflake, Databricks, HashiCorp, we'll get to them. And you got AWS, you know, right up there at that size, it's quite amazing. With really big ends as well, you know, 700 plus ends in the survey. So, you know, kind of half the survey actually has these platforms. So my question to you guys is, what are you seeing in terms of cloud adoption within the big three cloud players? I wonder if you could could comment, maybe Erik, you could start. >> Yeah, sure. Now we're talking data, now I'm happy. So yeah, we'll get into some of it. Right now, the January, 2023 TSIS is approaching 1500 survey respondents. One caveat, it's not closed yet, it will close on Friday, but with an end that big we are over statistically significant. We also recently did a cloud survey, and there's a couple of key points on that I want to get into before we get into individual vendors. What we're seeing here, is that annual spend on cloud infrastructure is expected to grow at almost a 70% CAGR over the next three years. The percentage of those workloads for cloud infrastructure are expected to grow over 70% as three years as well. And as you mentioned, Azure and AWS are still dominant. However, we're seeing some share shift spreading around a little bit. Now to get into the individual vendors you mentioned about, yes, Azure is still number one, AWS is number two. What we're seeing, which is incredibly interesting, CloudFlare is number three. It's actually beating GCP. That's the first time we've seen it. What I do want to state, is this is on net score only, which is our measure of spending intentions. When you talk about actual pervasion in the enterprise, it's not even close. But from a spending velocity intention point of view, CloudFlare is now number three above GCP, and even Salesforce is creeping up to be at GCPs level. So what we're seeing here, is a continued domination by Azure and AWS, but some of these other players that maybe might fit into your moniker. And I definitely want to talk about CloudFlare more in a bit, but I'm going to stop there. But what we're seeing is some of these other players that fit into your Supercloud moniker, are starting to creep up, Dave. >> Yeah, I just want to clarify. So as you also know, we track IaaS and PaaS revenue and we try to extract, so AWS reports in its quarterly earnings, you know, they're just IaaS and PaaS, they don't have a SaaS play, a little bit maybe, whereas Microsoft and Google include their applications and so we extract those out and if you do that, AWS is bigger, but in the surveys, you know, customers, they see cloud, SaaS to them as cloud. So that's one of the reasons why you see, you know, Microsoft as larger in pervasion. If you bring up that survey again, Alex, the survey results, you see them further to the right and they have higher spending momentum, which is consistent with what you see in the earnings calls. Now, interesting about CloudFlare because the CEO of CloudFlare actually, and CloudFlare itself uses the term supercloud basically saying, "Hey, we're building a new type of internet." So what are your thoughts? Do you have additional information on CloudFlare, Erik that you want to share? I mean, you've seen them pop up. I mean this is a really interesting company that is pretty forward thinking and vocal about how it's disrupting the industry. >> Sure, we've been tracking 'em for a long time, and even from the disruption of just a traditional CDN where they took down Akamai and what they're doing. But for me, the definition of a true supercloud provider can't just be one instance. You have to have multiple. So it's not just the cloud, it's networking aspect on top of it, it's also security. And to me, CloudFlare is the only one that has all of it. That they actually have the ability to offer all of those things. Whereas you look at some of the other names, they're still piggybacking on the infrastructure or platform as a service of the hyperscalers. CloudFlare does not need to, they actually have the cloud, the networking, and the security all themselves. So to me that lends credibility to their own internal usage of that moniker Supercloud. And also, again, just what we're seeing right here that their net score is now creeping above AGCP really does state it. And then just one real last thing, one of the other things we do in our surveys is we track adoption and replacement reasoning. And when you look at Cloudflare's adoption rate, which is extremely high, it's based on technical capabilities, the breadth of their feature set, it's also based on what we call the ability to avoid stack alignment. So those are again, really supporting reasons that makes CloudFlare a top candidate for your moniker of supercloud. >> And they've also announced an object store (chuckles) and a database. So, you know, that's going to be, it takes a while as you well know, to get database adoption going, but you know, they're ambitious and going for it. All right, let's bring the chart back up, and I want to focus Darren in on the ecosystem now, and really, we've identified Snowflake and Databricks, it's always fun to talk about those guys, and there are a number of other, you know, data platforms out there, but we use those too as really proxies for leaders. We got a bunch of the backup guys, the data protection folks, Rubric, Cohesity, and Veeam. They're sort of in a cluster, although Rubric, you know, ahead of those guys in terms of spending momentum. And then VMware, Tanzu and Red Hat as sort of the cross cloud platform. But I want to focus, Darren, on the data piece of it. We're seeing a lot of activity around data sharing, governed data sharing. Databricks is using Delta Sharing as their sort of place, Snowflakes is sort of this walled garden like the app store. What are your thoughts on, you know, in the context of Supercloud, cross cloud capabilities for the data platforms? >> Yeah, good question. You know, I think Databricks is an interesting player because they sort of have made some interesting moves, with their Data Lakehouse technology. So they're trying to kind of complicate, or not complicate, they're trying to take away the complications of, you know, the downsides of data warehousing and data lakes, and trying to find that middle ground, where you have the benefits of a managed, governed, you know, data warehouse environment, but you have sort of the lower cost, you know, capability of a data lake. And so, you know, Databricks has become really attractive, especially by data scientists, right? We've been tracking them in the AI machine learning sector for quite some time here at ETR, attractive for a data scientist because it looks and acts like a lake, but can have some managed capabilities like a warehouse. So it's kind of the best of both worlds. So in some ways I think you've seen sort of a data science driver for the adoption of Databricks that has now become a little bit more mainstream across the business. Snowflake, maybe the other direction, you know, it's a cloud data warehouse that you know, is starting to expand its capabilities and add on new things like Streamlit is a good example in the analytics space, with apps. So you see these tools starting to branch and creep out a bit, but they offer that sort of neutrality, right? We heard one IT decision maker we recently interviewed that referred to Snowflake and Databricks as the quote unquote Switzerland of what they do. And so there's this desirability from an organization to find these tools that can solve the complex multi-headed use-case of data and analytics, which every business unit needs in different ways. And figure out a way to do that, an elegant way that's governed and centrally managed, that federated kind of best of both worlds that you get by bringing the data close to the business while having a central governed instance. So these tools are incredibly powerful and I think there's only going to be room for growth, for those two especially. I think they're going to expand and do different things and maybe, you know, join forces with others and a lot of the power of what they do well is trying to define these connections and find these partnerships with other vendors, and try to be seen as the nice add-on to your existing environment that plays nicely with everyone. So I think that's where those two tools are going, but they certainly fit this sort of label of, you know, trying to be that supercloud neutral, you know, layer that unites everything. >> Yeah, and if you bring the graphic back up, please, there's obviously big data plays in each of the cloud platforms, you know, Microsoft, big database player, AWS is, you know, 11, 12, 15, data stores. And of course, you know, BigQuery and other, you know, data platforms within Google. But you know, I'm not sure the big cloud guys are going to go hard after so-called supercloud, cross-cloud services. Although, we see Oracle getting in bed with Microsoft and Azure, with a database service that is cross-cloud, certainly Google with Anthos and you know, you never say never with with AWS. I guess what I would say guys, and I'll I'll leave you with this is that, you know, just like all players today are cloud players, I feel like anybody in the business or most companies are going to be so-called supercloud players. In other words, they're going to have a cross-cloud strategy, they're going to try to build connections if they're coming from on-prem like a Dell or an HPE, you know, or Pure or you know, many of these other companies, Cohesity is another one. They're going to try to connect to their on-premise states, of course, and create a consistent experience. It's natural that they're going to have sort of some consistency across clouds. You know, the big question is, what's that spectrum look like? I think on the one hand you're going to have some, you know, maybe some rudimentary, you know, instances of supercloud or maybe they just run on the individual clouds versus where Snowflake and others and even beyond that are trying to go with a single global instance, basically building out what I would think of as their own cloud, and importantly their own ecosystem. I'll give you guys the last thought. Maybe you could each give us, you know, closing thoughts. Maybe Darren, you could start and Erik, you could bring us home on just this entire topic, the future of cloud and data. >> Yeah, I mean I think, you know, two points to make on that is, this question of these, I guess what we'll call legacy on-prem players. These, mega vendors that have been around a long time, have big on-prem footprints and a lot of people have them for that reason. I think it's foolish to assume that a company, especially a large, mature, multinational company that's been around a long time, it's foolish to think that they can just uproot and leave on-premises entirely full scale. There will almost always be an on-prem footprint from any company that was not, you know, natively born in the cloud after 2010, right? I just don't think that's reasonable anytime soon. I think there's some industries that need on-prem, things like, you know, industrial manufacturing and so on. So I don't think on-prem is going away, and I think vendors that are going to, you know, go very cloud forward, very big on the cloud, if they neglect having at least decent connectors to on-prem legacy vendors, they're going to miss out. So I think that's something that these players need to keep in mind is that they continue to reach back to some of these players that have big footprints on-prem, and make sure that those integrations are seamless and work well, or else their customers will always have a multi-cloud or hybrid experience. And then I think a second point here about the future is, you know, we talk about the three big, you know, cloud providers, the Google, Microsoft, AWS as sort of the opposite of, or different from this new supercloud paradigm that's emerging. But I want to kind of point out that, they will always try to make a play to become that and I think, you know, we'll certainly see someone like Microsoft trying to expand their licensing and expand how they play in order to become that super cloud provider for folks. So also don't want to downplay them. I think you're going to see those three big players continue to move, and take over what players like CloudFlare are doing and try to, you know, cut them off before they get too big. So, keep an eye on them as well. >> Great points, I mean, I think you're right, the first point, if you're Dell, HPE, Cisco, IBM, your strategy should be to make your on-premise state as cloud-like as possible and you know, make those differences as minimal as possible. And you know, if you're a customer, then the business case is going to be low for you to move off of that. And I think you're right. I think the cloud guys, if this is a real problem, the cloud guys are going to play in there, and they're going to make some money at it. Erik, bring us home please. >> Yeah, I'm going to revert back to our data and this on the macro side. So to kind of support this concept of a supercloud right now, you know Dave, you and I know, we check overall spending and what we're seeing right now is total year spent is expected to only be 4.6%. We ended 2022 at 5% even though it began at almost eight and a half. So this is clearly declining and in that environment, we're seeing the top two strategies to reduce spend are actually vendor consolidation with 36% of our respondents saying they're actively seeking a way to reduce their number of vendors, and consolidate into one. That's obviously supporting a supercloud type of play. Number two is reducing excess cloud resources. So when I look at both of those combined, with a drop in the overall spending reduction, I think you're on the right thread here, Dave. You know, the overall macro view that we're seeing in the data supports this happening. And if I can real quick, couple of names we did not touch on that I do think deserve to be in this conversation, one is HashiCorp. HashiCorp is the number one player in our infrastructure sector, with a 56% net score. It does multiple things within infrastructure and it is completely agnostic to your environment. And if we're also speaking about something that's just a singular feature, we would look at Rubric for data, backup, storage, recovery. They're not going to offer you your full cloud or your networking of course, but if you are looking for your backup, recovery, and storage Rubric, also number one in that sector with a 53% net score. Two other names that deserve to be in this conversation as we watch it move and evolve. >> Great, thank you for bringing that up. Yeah, we had both of those guys in the chart and I failed to focus in on HashiCorp. And clearly a Supercloud enabler. All right guys, we got to go. Thank you so much for joining us, appreciate it. Let's keep this conversation going. >> Always enjoy talking to you Dave, thanks. >> Yeah, thanks for having us. >> All right, keep it right there for more content from Supercloud 2. This is Dave Valente for John Ferg and the entire Cube team. We'll be right back. (gentle synth music) (music fades)

(upbeat electronic music) >> Hello everyone, welcome to this CUBE conversation here from the studios in the CUBE in Palo Alto, California. I'm John Furrier, your host. We're featuring a startup, Astronomer. Astronomer.io is the URL, check it out. And we're going to have a great conversation around one of the most important topics hitting the industry, and that is the future of machine learning and AI, and the data that powers it underneath it. There's a lot of things that need to get done, and we're excited to have some of the co-founders of Astronomer here. Viraj Parekh, who is co-founder of Astronomer, and Paola Peraza Calderon, another co-founder, both with Astronomer. Thanks for coming on. First of all, how many co-founders do you guys have? >> You know, I think the answer's around six or seven. I forget the exact, but there's really been a lot of people around the table who've worked very hard to get this company to the point that it's at. We have long ways to go, right? But there's been a lot of people involved that have been absolutely necessary for the path we've been on so far. >> Thanks for that, Viraj, appreciate that. The first question I want to get out on the table, and then we'll get into some of the details, is take a minute to explain what you guys are doing. How did you guys get here? Obviously, multiple co-founders, sounds like a great project. The timing couldn't have been better. ChatGPT has essentially done so much public relations for the AI industry to kind of highlight this shift that's happening. It's real, we've been chronicalizing, take a minute to explain what you guys do. >> Yeah, sure, we can get started. So, yeah, when Viraj and I joined Astronomer in 2017, we really wanted to build a business around data, and we were using an open source project called Apache Airflow that we were just using sort of as customers ourselves. And over time, we realized that there was actually a market for companies who use Apache Airflow, which is a data pipeline management tool, which we'll get into, and that running Airflow is actually quite challenging, and that there's a big opportunity for us to create a set of commercial products and an opportunity to grow that open source community and actually build a company around that. So the crux of what we do is help companies run data pipelines with Apache Airflow. And certainly we've grown in our ambitions beyond that, but that's sort of the crux of what we do for folks. >> You know, data orchestration, data management has always been a big item in the old classic data infrastructure. But with AI, you're seeing a lot more emphasis on scale, tuning, training. Data orchestration is the center of the value proposition, when you're looking at coordinating resources, it's one of the most important things. Can you guys explain what data orchestration entails? What does it mean? Take us through the definition of what data orchestration entails. >> Yeah, for sure. I can take this one, and Viraj, feel free to jump in. So if you google data orchestration, here's what you're going to get. You're going to get something that says, "Data orchestration is the automated process" "for organizing silo data from numerous" "data storage points, standardizing it," "and making it accessible and prepared for data analysis." And you say, "Okay, but what does that actually mean," right, and so let's give sort of an an example. So let's say you're a business and you have sort of the following basic asks of your data team, right? Okay, give me a dashboard in Sigma, for example, for the number of customers or monthly active users, and then make sure that that gets updated on an hourly basis. And then number two, a consistent list of active customers that I have in HubSpot so that I can send them a monthly product newsletter, right? Two very basic asks for all sorts of companies and organizations. And when that data team, which has data engineers, data scientists, ML engineers, data analysts get that request, they're looking at an ecosystem of data sources that can help them get there, right? And that includes application databases, for example, that actually have in product user behavior and third party APIs from tools that the company uses that also has different attributes and qualities of those customers or users. And that data team needs to use tools like Fivetran to ingest data, a data warehouse, like Snowflake or Databricks to actually store that data and do analysis on top of it, a tool like DBT to do transformations and make sure that data is standardized in the way that it needs to be, a tool like Hightouch for reverse ETL. I mean, we could go on and on. There's so many partners of ours in this industry that are doing really, really exciting and critical things for those data movements. And the whole point here is that data teams have this plethora of tooling that they use to both ingest the right data and come up with the right interfaces to transform and interact with that data. And data orchestration, in our view, is really the heartbeat of all of those processes, right? And tangibly the unit of data orchestration is a data pipeline, a set of tasks or jobs that each do something with data over time and eventually run that on a schedule to make sure that those things are happening continuously as time moves on and the company advances. And so, for us, we're building a business around Apache Airflow, which is a workflow management tool that allows you to author, run, and monitor data pipelines. And so when we talk about data orchestration, we talk about sort of two things. One is that crux of data pipelines that, like I said, connect that large ecosystem of data tooling in your company. But number two, it's not just that data pipeline that needs to run every day, right? And Viraj will probably touch on this as we talk more about Astronomer and our value prop on top of Airflow. But then it's all the things that you need to actually run data and production and make sure that it's trustworthy, right? So it's actually not just that you're running things on a schedule, but it's also things like CICD tooling, secure secrets management, user permissions, monitoring, data lineage, documentation, things that enable other personas in your data team to actually use those tools. So long-winded way of saying that it's the heartbeat, we think, of of the data ecosystem, and certainly goes beyond scheduling, but again, data pipelines are really at the center of it. >> One of the things that jumped out, Viraj, if you can get into this, I'd like to hear more about how you guys look at all those little tools that are out. You mentioned a variety of things. You look at the data infrastructure, it's not just one stack. You've got an analytic stack, you've got a realtime stack, you've got a data lake stack, you got an AI stack potentially. I mean you have these stacks now emerging in the data world that are fundamental, that were once served by either a full package, old school software, and then a bunch of point solution. You mentioned Fivetran there, I would say in the analytics stack. Then you got S3, they're on the data lake stack. So all these things are kind of munged together. >> Yeah. >> How do you guys fit into that world? You make it easier, or like, what's the deal? >> Great question, right? And you know, I think that one of the biggest things we've found in working with customers over the last however many years is that if a data team is using a bunch of tools to get what they need done, and the number of tools they're using is growing exponentially and they're kind of roping things together here and there, that's actually a sign of a productive team, not a bad thing, right? It's because that team is moving fast. They have needs that are very specific to them, and they're trying to make something that's exactly tailored to their business. So a lot of times what we find is that customers have some sort of base layer, right? That's kind of like, it might be they're running most of the things in AWS, right? And then on top of that, they'll be using some of the things AWS offers, things like SageMaker, Redshift, whatever, but they also might need things that their cloud can't provide. Something like Fivetran, or Hightouch, those are other tools. And where data orchestration really shines, and something that we've had the pleasure of helping our customers build, is how do you take all those requirements, all those different tools and whip them together into something that fulfills a business need? So that somebody can read a dashboard and trust the number that it says, or somebody can make sure that the right emails go out to their customers. And Airflow serves as this amazing kind of glue between that data stack, right? It's to make it so that for any use case, be it ELT pipelines, or machine learning, or whatever, you need different things to do them, and Airflow helps tie them together in a way that's really specific for a individual business' needs. >> Take a step back and share the journey of what you guys went through as a company startup. So you mentioned Apache, open source. I was just having an interview with a VC, we were talking about foundational models. You got a lot of proprietary and open source development going on. It's almost the iPhone/Android moment in this whole generative space and foundational side. This is kind of important, the open source piece of it. Can you share how you guys started? And I can imagine your customers probably have their hair on fire and are probably building stuff on their own. Are you guys helping them? Take us through, 'cause you guys are on the front end of a big, big wave, and that is to make sense of the chaos, rain it in. Take us through your journey and why this is important. >> Yeah, Paola, I can take a crack at this, then I'll kind of hand it over to you to fill in whatever I miss in details. But you know, like Paola is saying, the heart of our company is open source, because we started using Airflow as an end user and started to say like, "Hey wait a second," "more and more people need this." Airflow, for background, started at Airbnb, and they were actually using that as a foundation for their whole data stack. Kind of how they made it so that they could give you recommendations, and predictions, and all of the processes that needed orchestrated. Airbnb created Airflow, gave it away to the public, and then fast forward a couple years and we're building a company around it, and we're really excited about that. >> That's a beautiful thing. That's exactly why open source is so great. >> Yeah, yeah. And for us, it's really been about watching the community and our customers take these problems, find a solution to those problems, standardize those solutions, and then building on top of that, right? So we're reaching to a point where a lot of our earlier customers who started to just using Airflow to get the base of their BI stack down and their reporting in their ELP infrastructure, they've solved that problem and now they're moving on to things like doing machine learning with their data, because now that they've built that foundation, all the connective tissue for their data arriving on time and being orchestrated correctly is happening, they can build a layer on top of that. And it's just been really, really exciting kind of watching what customers do once they're empowered to pick all the tools that they need, tie them together in the way they need to, and really deliver real value to their business. >> Can you share some of the use cases of these customers? Because I think that's where you're starting to see the innovation. What are some of the companies that you're working with, what are they doing? >> Viraj, I'll let you take that one too. (group laughs) >> So you know, a lot of it is... It goes across the gamut, right? Because it doesn't matter what you are, what you're doing with data, it needs to be orchestrated. So there's a lot of customers using us for their ETL and ELT reporting, right? Just getting data from other disparate sources into one place and then building on top of that. Be it building dashboards, answering questions for the business, building other data products and so on and so forth. From there, these use cases evolve a lot. You do see folks doing things like fraud detection, because Airflow's orchestrating how transactions go, transactions get analyzed. They do things like analyzing marketing spend to see where your highest ROI is. And then you kind of can't not talk about all of the machine learning that goes on, right? Where customers are taking data about their own customers, kind of analyze and aggregating that at scale, and trying to automate decision making processes. So it goes from your most basic, what we call data plumbing, right? Just to make sure data's moving as needed, all the ways to your more exciting expansive use cases around automated decision making and machine learning. >> And I'd say, I mean, I'd say that's one of the things that I think gets me most excited about our future, is how critical Airflow is to all of those processes, and I think when you know a tool is valuable is when something goes wrong and one of those critical processes doesn't work. And we know that our system is so mission critical to answering basic questions about your business and the growth of your company for so many organizations that we work with. So it's, I think, one of the things that gets Viraj and I and the rest of our company up every single morning is knowing how important the work that we do for all of those use cases across industries, across company sizes, and it's really quite energizing. >> It was such a big focus this year at AWS re:Invent, the role of data. And I think one of the things that's exciting about the open AI and all the movement towards large language models is that you can integrate data into these models from outside. So you're starting to see the integration easier to deal with. Still a lot of plumbing issues. So a lot of things happening. So I have to ask you guys, what is the state of the data orchestration area? Is it ready for disruption? Has it already been disrupted? Would you categorize it as a new first inning kind of opportunity, or what's the state of the data orchestration area right now? Both technically and from a business model standpoint. How would you guys describe that state of the market? >> Yeah, I mean, I think in a lot of ways, in some ways I think we're category creating. Schedulers have been around for a long time. I released a data presentation sort of on the evolution of going from something like Kron, which I think was built in like the 1970s out of Carnegie Mellon. And that's a long time ago, that's 50 years ago. So sort of like the basic need to schedule and do something with your data on a schedule is not a new concept. But to our point earlier, I think everything that you need around your ecosystem, first of all, the number of data tools and developer tooling that has come out industry has 5X'd over the last 10 years. And so obviously as that ecosystem grows, and grows, and grows, and grows, the need for orchestration only increases. And I think, as Astronomer, I think we... And we work with so many different types of companies, companies that have been around for 50 years, and companies that got started not even 12 months ago. And so I think for us it's trying to, in a ways, category create and adjust sort of what we sell and the value that we can provide for companies all across that journey. There are folks who are just getting started with orchestration, and then there's folks who have such advanced use case, 'cause they're hitting sort of a ceiling and only want to go up from there. And so I think we, as a company, care about both ends of that spectrum, and certainly want to build and continue building products for companies of all sorts, regardless of where they are on the maturity curve of data orchestration. >> That's a really good point, Paola. And I think the other thing to really take into account is it's the companies themselves, but also individuals who have to do their jobs. If you rewind the clock like 5 or 10 years ago, data engineers would be the ones responsible for orchestrating data through their org. But when we look at our customers today, it's not just data engineers anymore. There's data analysts who sit a lot closer to the business, and the data scientists who want to automate things around their models. So this idea that orchestration is this new category is right on the money. And what we're finding is the need for it is spreading to all parts of the data team, naturally where Airflow's emerged as an open source standard and we're hoping to take things to the next level. >> That's awesome. We've been up saying that the data market's kind of like the SRE with servers, right? You're going to need one person to deal with a lot of data, and that's data engineering, and then you're got to have the practitioners, the democratization. Clearly that's coming in what you're seeing. So I have to ask, how do you guys fit in from a value proposition standpoint? What's the pitch that you have to customers, or is it more inbound coming into you guys? Are you guys doing a lot of outreach, customer engagements? I'm sure they're getting a lot of great requirements from customers. What's the current value proposition? How do you guys engage? >> Yeah, I mean, there's so many... Sorry, Viraj, you can jump in. So there's so many companies using Airflow, right? So the baseline is that the open source project that is Airflow that came out of Airbnb, over five years ago at this point, has grown exponentially in users and continues to grow. And so the folks that we sell to primarily are folks who are already committed to using Apache Airflow, need data orchestration in their organization, and just want to do it better, want to do it more efficiently, want to do it without managing that infrastructure. And so our baseline proposition is for those organizations. Now to Viraj's point, obviously I think our ambitions go beyond that, both in terms of the personas that we addressed and going beyond that data engineer, but really it's to start at the baseline, as we continue to grow our our company, it's really making sure that we're adding value to folks using Airflow and help them do so in a better way, in a larger way, in a more efficient way, and that's really the crux of who we sell to. And so to answer your question on, we get a lot of inbound because they're... >> You have a built in audience. (laughs) >> The world that use it. Those are the folks who we talk to and come to our website and chat with us and get value from our content. I mean, the power of the opensource community is really just so, so big, and I think that's also one of the things that makes this job fun. >> And you guys are in a great position. Viraj, you can comment a little, get your reaction. There's been a big successful business model to starting a company around these big projects for a lot of reasons. One is open source is continuing to be great, but there's also supply chain challenges in there. There's also we want to continue more innovation and more code and keeping it free and and flowing. And then there's the commercialization of productizing it, operationalizing it. This is a huge new dynamic, I mean, in the past 5 or so years, 10 years, it's been happening all on CNCF from other areas like Apache, Linux Foundation, they're all implementing this. This is a huge opportunity for entrepreneurs to do this. >> Yeah, yeah. Open source is always going to be core to what we do, because we wouldn't exist without the open source community around us. They are huge in numbers. Oftentimes they're nameless people who are working on making something better in a way that everybody benefits from it. But open source is really hard, especially if you're a company whose core competency is running a business, right? Maybe you're running an e-commerce business, or maybe you're running, I don't know, some sort of like, any sort of business, especially if you're a company running a business, you don't really want to spend your time figuring out how to run open source software. You just want to use it, you want to use the best of it, you want to use the community around it, you want to be able to google something and get answers for it, you want the benefits of open source. You don't have the time or the resources to invest in becoming an expert in open source, right? And I think that dynamic is really what's given companies like us an ability to kind of form businesses around that in the sense that we'll make it so people get the best of both worlds. You'll get this vast open ecosystem that you can build on top of, that you can benefit from, that you can learn from. But you won't have to spend your time doing undifferentiated heavy lifting. You can do things that are just specific to your business. >> It's always been great to see that business model evolve. We used a debate 10 years ago, can there be another Red Hat? And we said, not really the same, but there'll be a lot of little ones that'll grow up to be big soon. Great stuff. Final question, can you guys share the history of the company? The milestones of Astromer's journey in data orchestration? >> Yeah, we could. So yeah, I mean, I think, so Viraj and I have obviously been at Astronomer along with our other founding team and leadership folks for over five years now. And it's been such an incredible journey of learning, of hiring really amazing people, solving, again, mission critical problems for so many types of organizations. We've had some funding that has allowed us to invest in the team that we have and in the software that we have, and that's been really phenomenal. And so that investment, I think, keeps us confident, even despite these sort of macroeconomic conditions that we're finding ourselves in. And so honestly, the milestones for us are focusing on our product, focusing on our customers over the next year, focusing on that market for us that we know can get valuable out of what we do, and making developers' lives better, and growing the open source community and making sure that everything that we're doing makes it easier for folks to get started, to contribute to the project and to feel a part of the community that we're cultivating here. >> You guys raised a little bit of money. How much have you guys raised? >> Don't know what the total is, but it's in the ballpark over $200 million. It feels good to... >> A little bit of capital. Got a little bit of cap to work with there. Great success. I know as a Series C Financing, you guys have been down. So you're up and running, what's next? What are you guys looking to do? What's the big horizon look like for you from a vision standpoint, more hiring, more product, what is some of the key things you're looking at doing? >> Yeah, it's really a little of all of the above, right? Kind of one of the best and worst things about working at earlier stage startups is there's always so much to do and you often have to just kind of figure out a way to get everything done. But really investing our product over the next, at least over the course of our company lifetime. And there's a lot of ways we want to make it more accessible to users, easier to get started with, easier to use, kind of on all areas there. And really, we really want to do more for the community, right, like I was saying, we wouldn't be anything without the large open source community around us. And we want to figure out ways to give back more in more creative ways, in more code driven ways, in more kind of events and everything else that we can keep those folks galvanized and just keep them happy using Airflow. >> Paola, any final words as we close out? >> No, I mean, I'm super excited. I think we'll keep growing the team this year. We've got a couple of offices in the the US, which we're excited about, and a fully global team that will only continue to grow. So Viraj and I are both here in New York, and we're excited to be engaging with our coworkers in person finally, after years of not doing so. We've got a bustling office in San Francisco as well. So growing those teams and continuing to hire all over the world, and really focusing on our product and the open source community is where our heads are at this year. So, excited. >> Congratulations. 200 million in funding, plus. Good runway, put that money in the bank, squirrel it away. It's a good time to kind of get some good interest on it, but still grow. Congratulations on all the work you guys do. We appreciate you and the open source community does, and good luck with the venture, continue to be successful, and we'll see you at the Startup Showcase. >> Thank you. >> Yeah, thanks so much, John. Appreciate it. >> Okay, that's the CUBE Conversation featuring astronomer.io, that's the website. Astronomer is doing well. Multiple rounds of funding, over 200 million in funding. Open source continues to lead the way in innovation. Great business model, good solution for the next gen cloud scale data operations, data stacks that are emerging. I'm John Furrier, your host, thanks for watching. (soft upbeat music)

(soft music) >> Hello everyone, welcome to this Cube conversation here from the studios of theCube in Palo Alto, California. John Furrier, your host. We're featuring a startup, Astronomer, astronomer.io is the url. Check it out. And we're going to have a great conversation around one of the most important topics hitting the industry, and that is the future of machine learning and AI and the data that powers it underneath it. There's a lot of things that need to get done, and we're excited to have some of the co-founders of Astronomer here. Viraj Parekh, who is co-founder and Paola Peraza Calderon, another co-founder, both with Astronomer. Thanks for coming on. First of all, how many co-founders do you guys have? >> You know, I think the answer's around six or seven. I forget the exact, but there's really been a lot of people around the table, who've worked very hard to get this company to the point that it's at. And we have long ways to go, right? But there's been a lot of people involved that are, have been absolutely necessary for the path we've been on so far. >> Thanks for that, Viraj, appreciate that. The first question I want to get out on the table, and then we'll get into some of the details, is take a minute to explain what you guys are doing. How did you guys get here? Obviously, multiple co-founders sounds like a great project. The timing couldn't have been better. ChatGPT has essentially done so much public relations for the AI industry. Kind of highlight this shift that's happening. It's real. We've been chronologicalizing, take a minute to explain what you guys do. >> Yeah, sure. We can get started. So yeah, when Astronomer, when Viraj and I joined Astronomer in 2017, we really wanted to build a business around data and we were using an open source project called Apache Airflow, that we were just using sort of as customers ourselves. And over time, we realized that there was actually a market for companies who use Apache Airflow, which is a data pipeline management tool, which we'll get into. And that running Airflow is actually quite challenging and that there's a lot of, a big opportunity for us to create a set of commercial products and opportunity to grow that open source community and actually build a company around that. So the crux of what we do is help companies run data pipelines with Apache Airflow. And certainly we've grown in our ambitions beyond that, but that's sort of the crux of what we do for folks. >> You know, data orchestration, data management has always been a big item, you know, in the old classic data infrastructure. But with AI you're seeing a lot more emphasis on scale, tuning, training. You know, data orchestration is the center of the value proposition when you're looking at coordinating resources, it's one of the most important things. Could you guys explain what data orchestration entails? What does it mean? Take us through the definition of what data orchestration entails. >> Yeah, for sure. I can take this one and Viraj feel free to jump in. So if you google data orchestration, you know, here's what you're going to get. You're going to get something that says, data orchestration is the automated process for organizing silo data from numerous data storage points to organizing it and making it accessible and prepared for data analysis. And you say, okay, but what does that actually mean, right? And so let's give sort of an example. So let's say you're a business and you have sort of the following basic asks of your data team, right? Hey, give me a dashboard in Sigma, for example, for the number of customers or monthly active users and then make sure that that gets updated on an hourly basis. And then number two, a consistent list of active customers that I have in HubSpot so that I can send them a monthly product newsletter, right? Two very basic asks for all sorts of companies and organizations. And when that data team, which has data engineers, data scientists, ML engineers, data analysts get that request, they're looking at an ecosystem of data sources that can help them get there, right? And that includes application databases, for example, that actually have end product user behavior and third party APIs from tools that the company uses that also has different attributes and qualities of those customers or users. And that data team needs to use tools like Fivetran, to ingest data, a data warehouse like Snowflake or Databricks to actually store that data and do analysis on top of it, a tool like DBT to do transformations and make sure that that data is standardized in the way that it needs to be, a tool like Hightouch for reverse ETL. I mean, we could go on and on. There's so many partners of ours in this industry that are doing really, really exciting and critical things for those data movements. And the whole point here is that, you know, data teams have this plethora of tooling that they use to both ingest the right data and come up with the right interfaces to transform and interact with that data. And data orchestration in our view is really the heartbeat of all of those processes, right? And tangibly the unit of data orchestration, you know, is a data pipeline, a set of tasks or jobs that each do something with data over time and eventually run that on a schedule to make sure that those things are happening continuously as time moves on. And, you know, the company advances. And so, you know, for us, we're building a business around Apache Airflow, which is a workflow management tool that allows you to author, run and monitor data pipelines. And so when we talk about data orchestration, we talk about sort of two things. One is that crux of data pipelines that, like I said, connect that large ecosystem of data tooling in your company. But number two, it's not just that data pipeline that needs to run every day, right? And Viraj will probably touch on this as we talk more about Astronomer and our value prop on top of Airflow. But then it's all the things that you need to actually run data and production and make sure that it's trustworthy, right? So it's actually not just that you're running things on a schedule, but it's also things like CI/CD tooling, right? Secure secrets management, user permissions, monitoring, data lineage, documentation, things that enable other personas in your data team to actually use those tools. So long-winded way of saying that, it's the heartbeat that we think of the data ecosystem and certainly goes beyond scheduling, but again, data pipelines are really at the center of it. >> You know, one of the things that jumped out Viraj, if you can get into this, I'd like to hear more about how you guys look at all those little tools that are out there. You mentioned a variety of things. You know, if you look at the data infrastructure, it's not just one stack. You've got an analytic stack, you've got a realtime stack, you've got a data lake stack, you got an AI stack potentially. I mean you have these stacks now emerging in the data world that are >> Yeah. - >> fundamental, but we're once served by either a full package, old school software, and then a bunch of point solution. You mentioned Fivetran there, I would say in the analytics stack. Then you got, you know, S3, they're on the data lake stack. So all these things are kind of munged together. >> Yeah. >> How do you guys fit into that world? You make it easier or like, what's the deal? >> Great question, right? And you know, I think that one of the biggest things we've found in working with customers over, you know, the last however many years, is that like if a data team is using a bunch of tools to get what they need done and the number of tools they're using is growing exponentially and they're kind of roping things together here and there, that's actually a sign of a productive team, not a bad thing, right? It's because that team is moving fast. They have needs that are very specific to them and they're trying to make something that's exactly tailored to their business. So a lot of times what we find is that customers have like some sort of base layer, right? That's kind of like, you know, it might be they're running most of the things in AWS, right? And then on top of that, they'll be using some of the things AWS offers, you know, things like SageMaker, Redshift, whatever. But they also might need things that their Cloud can't provide, you know, something like Fivetran or Hightouch or anything of those other tools and where data orchestration really shines, right? And something that we've had the pleasure of helping our customers build, is how do you take all those requirements, all those different tools and whip them together into something that fulfills a business need, right? Something that makes it so that somebody can read a dashboard and trust the number that it says or somebody can make sure that the right emails go out to their customers. And Airflow serves as this amazing kind of glue between that data stack, right? It's to make it so that for any use case, be it ELT pipelines or machine learning or whatever, you need different things to do them and Airflow helps tie them together in a way that's really specific for a individual business's needs. >> Take a step back and share the journey of what your guys went through as a company startup. So you mentioned Apache open source, you know, we were just, I was just having an interview with the VC, we were talking about foundational models. You got a lot of proprietary and open source development going on. It's almost the iPhone, Android moment in this whole generative space and foundational side. This is kind of important, the open source piece of it. Can you share how you guys started? And I can imagine your customers probably have their hair on fire and are probably building stuff on their own. How do you guys, are you guys helping them? Take us through, 'cuz you guys are on the front end of a big, big wave and that is to make sense of the chaos, reigning it in. Take us through your journey and why this is important. >> Yeah Paola, I can take a crack at this and then I'll kind of hand it over to you to fill in whatever I miss in details. But you know, like Paola is saying, the heart of our company is open source because we started using Airflow as an end user and started to say like, "Hey wait a second". Like more and more people need this. Airflow, for background, started at Airbnb and they were actually using that as the foundation for their whole data stack. Kind of how they made it so that they could give you recommendations and predictions and all of the processes that need to be or needed to be orchestrated. Airbnb created Airflow, gave it away to the public and then, you know, fast forward a couple years and you know, we're building a company around it and we're really excited about that. >> That's a beautiful thing. That's exactly why open source is so great. >> Yeah, yeah. And for us it's really been about like watching the community and our customers take these problems, find solution to those problems, build standardized solutions, and then building on top of that, right? So we're reaching to a point where a lot of our earlier customers who started to just using Airflow to get the base of their BI stack down and their reporting and their ELP infrastructure, you know, they've solved that problem and now they're moving onto things like doing machine learning with their data, right? Because now that they've built that foundation, all the connective tissue for their data arriving on time and being orchestrated correctly is happening, they can build the layer on top of that. And it's just been really, really exciting kind of watching what customers do once they're empowered to pick all the tools that they need, tie them together in the way they need to, and really deliver real value to their business. >> Can you share some of the use cases of these customers? Because I think that's where you're starting to see the innovation. What are some of the companies that you're working with, what are they doing? >> Raj, I'll let you take that one too. (all laughing) >> Yeah. (all laughing) So you know, a lot of it is, it goes across the gamut, right? Because all doesn't matter what you are, what you're doing with data, it needs to be orchestrated. So there's a lot of customers using us for their ETL and ELT reporting, right? Just getting data from all the disparate sources into one place and then building on top of that, be it building dashboards, answering questions for the business, building other data products and so on and so forth. From there, these use cases evolve a lot. You do see folks doing things like fraud detection because Airflow's orchestrating how transactions go. Transactions get analyzed, they do things like analyzing marketing spend to see where your highest ROI is. And then, you know, you kind of can't not talk about all of the machine learning that goes on, right? Where customers are taking data about their own customers kind of analyze and aggregating that at scale and trying to automate decision making processes. So it goes from your most basic, what we call like data plumbing, right? Just to make sure data's moving as needed. All the ways to your more exciting and sexy use cases around like automated decision making and machine learning. >> And I'd say, I mean, I'd say that's one of the things that I think gets me most excited about our future is how critical Airflow is to all of those processes, you know? And I think when, you know, you know a tool is valuable is when something goes wrong and one of those critical processes doesn't work. And we know that our system is so mission critical to answering basic, you know, questions about your business and the growth of your company for so many organizations that we work with. So it's, I think one of the things that gets Viraj and I, and the rest of our company up every single morning, is knowing how important the work that we do for all of those use cases across industries, across company sizes. And it's really quite energizing. >> It was such a big focus this year at AWS re:Invent, the role of data. And I think one of the things that's exciting about the open AI and all the movement towards large language models, is that you can integrate data into these models, right? From outside, right? So you're starting to see the integration easier to deal with, still a lot of plumbing issues. So a lot of things happening. So I have to ask you guys, what is the state of the data orchestration area? Is it ready for disruption? Is it already been disrupted? Would you categorize it as a new first inning kind of opportunity or what's the state of the data orchestration area right now? Both, you know, technically and from a business model standpoint, how would you guys describe that state of the market? >> Yeah, I mean I think, I think in a lot of ways we're, in some ways I think we're categoric rating, you know, schedulers have been around for a long time. I recently did a presentation sort of on the evolution of going from, you know, something like KRON, which I think was built in like the 1970s out of Carnegie Mellon. And you know, that's a long time ago. That's 50 years ago. So it's sort of like the basic need to schedule and do something with your data on a schedule is not a new concept. But to our point earlier, I think everything that you need around your ecosystem, first of all, the number of data tools and developer tooling that has come out the industry has, you know, has some 5X over the last 10 years. And so obviously as that ecosystem grows and grows and grows and grows, the need for orchestration only increases. And I think, you know, as Astronomer, I think we, and there's, we work with so many different types of companies, companies that have been around for 50 years and companies that got started, you know, not even 12 months ago. And so I think for us, it's trying to always category create and adjust sort of what we sell and the value that we can provide for companies all across that journey. There are folks who are just getting started with orchestration and then there's folks who have such advanced use case 'cuz they're hitting sort of a ceiling and only want to go up from there. And so I think we as a company, care about both ends of that spectrum and certainly have want to build and continue building products for companies of all sorts, regardless of where they are on the maturity curve of data orchestration. >> That's a really good point Paola. And I think the other thing to really take into account is it's the companies themselves, but also individuals who have to do their jobs. You know, if you rewind the clock like five or 10 years ago, data engineers would be the ones responsible for orchestrating data through their org. But when we look at our customers today, it's not just data engineers anymore. There's data analysts who sit a lot closer to the business and the data scientists who want to automate things around their models. So this idea that orchestration is this new category is spot on, is right on the money. And what we're finding is it's spreading, the need for it, is spreading to all parts of the data team naturally where Airflows have emerged as an open source standard and we're hoping to take things to the next level. >> That's awesome. You know, we've been up saying that the data market's kind of like the SRE with servers, right? You're going to need one person to deal with a lot of data and that's data engineering and then you're going to have the practitioners, the democratization. Clearly that's coming in what you're seeing. So I got to ask, how do you guys fit in from a value proposition standpoint? What's the pitch that you have to customers or is it more inbound coming into you guys? Are you guys doing a lot of outreach, customer engagements? I'm sure they're getting a lot of great requirements from customers. What's the current value proposition? How do you guys engage? >> Yeah, I mean we've, there's so many, there's so many. Sorry Raj, you can jump in. - >> It's okay. So there's so many companies using Airflow, right? So our, the baseline is that the open source project that is Airflow that was, that came out of Airbnb, you know, over five years ago at this point, has grown exponentially in users and continues to grow. And so the folks that we sell to primarily are folks who are already committed to using Apache Airflow, need data orchestration in the organization and just want to do it better, want to do it more efficiently, want to do it without managing that infrastructure. And so our baseline proposition is for those organizations. Now to Raj's point, obviously I think our ambitions go beyond that, both in terms of the personas that we addressed and going beyond that data engineer, but really it's for, to start at the baseline. You know, as we continue to grow our company, it's really making sure that we're adding value to folks using Airflow and help them do so in a better way, in a larger way and a more efficient way. And that's really the crux of who we sell to. And so to answer your question on, we actually, we get a lot of inbound because they're are so many - >> A built-in audience. >> In the world that use it, that those are the folks who we talk to and come to our website and chat with us and get value from our content. I mean the power of the open source community is really just so, so big. And I think that's also one of the things that makes this job fun, so. >> And you guys are in a great position, Viraj, you can comment, to get your reaction. There's been a big successful business model to starting a company around these big projects for a lot of reasons. One is open source is continuing to be great, but there's also supply chain challenges in there. There's also, you know, we want to continue more innovation and more code and keeping it free and and flowing. And then there's the commercialization of product-izing it, operationalizing it. This is a huge new dynamic. I mean, in the past, you know, five or so years, 10 years, it's been happening all on CNCF from other areas like Apache, Linux Foundation, they're all implementing this. This is a huge opportunity for entrepreneurs to do this. >> Yeah, yeah. Open source is always going to be core to what we do because, you know, we wouldn't exist without the open source community around us. They are huge in numbers. Oftentimes they're nameless people who are working on making something better in a way that everybody benefits from it. But open source is really hard, especially if you're a company whose core competency is running a business, right? Maybe you're running e-commerce business or maybe you're running, I don't know, some sort of like any sort of business, especially if you're a company running a business, you don't really want to spend your time figuring out how to run open source software. You just want to use it, you want to use the best of it, you want to use the community around it. You want to take, you want to be able to google something and get answers for it. You want the benefits of open source. You don't want to have, you don't have the time or the resources to invest in becoming an expert in open source, right? And I think that dynamic is really what's given companies like us an ability to kind of form businesses around that, in the sense that we'll make it so people get the best of both worlds. You'll get this vast open ecosystem that you can build on top of, you can benefit from, that you can learn from, but you won't have to spend your time doing undifferentiated heavy lifting. You can do things that are just specific to your business. >> It's always been great to see that business model evolved. We used to debate 10 years ago, can there be another red hat? And we said, not really the same, but there'll be a lot of little ones that'll grow up to be big soon. Great stuff. Final question, can you guys share the history of the company, the milestones of the Astronomer's journey in data orchestration? >> Yeah, we could. So yeah, I mean, I think, so Raj and I have obviously been at astronomer along with our other founding team and leadership folks, for over five years now. And it's been such an incredible journey of learning, of hiring really amazing people. Solving again, mission critical problems for so many types of organizations. You know, we've had some funding that has allowed us to invest in the team that we have and in the software that we have. And that's been really phenomenal. And so that investment, I think, keeps us confident even despite these sort of macroeconomic conditions that we're finding ourselves in. And so honestly, the milestones for us are focusing on our product, focusing on our customers over the next year, focusing on that market for us, that we know can get value out of what we do. And making developers' lives better and growing the open source community, you know, and making sure that everything that we're doing makes it easier for folks to get started to contribute to the project and to feel a part of the community that we're cultivating here. >> You guys raised a little bit of money. How much have you guys raised? >> I forget what the total is, but it's in the ballpark of 200, over $200 million. So it feels good - >> A little bit of capital. Got a little bit of cash to work with there. Great success. I know it's a Series C financing, you guys been down, so you're up and running. What's next? What are you guys looking to do? What's the big horizon look like for you? And from a vision standpoint, more hiring, more product, what is some of the key things you're looking at doing? >> Yeah, it's really a little of all of the above, right? Like, kind of one of the best and worst things about working at earlier stage startups is there's always so much to do and you often have to just kind of figure out a way to get everything done, but really invest in our product over the next, at least the next, over the course of our company lifetime. And there's a lot of ways we wanting to just make it more accessible to users, easier to get started with, easier to use all kind of on all areas there. And really, we really want to do more for the community, right? Like I was saying, we wouldn't be anything without the large open source community around us. And we want to figure out ways to give back more in more creative ways, in more code driven ways and more kind of events and everything else that we can do to keep those folks galvanized and just keeping them happy using Airflow. >> Paola, any final words as we close out? >> No, I mean, I'm super excited. You know, I think we'll keep growing the team this year. We've got a couple of offices in the US which we're excited about, and a fully global team that will only continue to grow. So Viraj and I are both here in New York and we're excited to be engaging with our coworkers in person. Finally, after years of not doing so, we've got a bustling office in San Francisco as well. So growing those teams and continuing to hire all over the world and really focusing on our product and the open source community is where our heads are at this year, so. >> Congratulations. - >> Excited. 200 million in funding plus good runway. Put that money in the bank, squirrel it away. You know, it's good to kind of get some good interest on it, but still grow. Congratulations on all the work you guys do. We appreciate you and the open sourced community does and good luck with the venture. Continue to be successful and we'll see you at the Startup Showcase. >> Thank you. - >> Yeah, thanks so much, John. Appreciate it. - >> It's theCube conversation, featuring astronomer.io, that's the website. Astronomer is doing well. Multiple rounds of funding, over 200 million in funding. Open source continues to lead the way in innovation. Great business model. Good solution for the next gen, Cloud, scale, data operations, data stacks that are emerging. I'm John Furrier, your host. Thanks for watching. (soft music)

(upbeat music) >> Hello everyone, welcome back to theCUBE's coverage of Cloud Native SecurityCon North America 2023. Obviously, CUBE's coverage with our CUBE Center Report. We're not there on the ground, but we have folks and our CUBE Alumni there. We have entrepreneurs there. Of course, we want to be there in person, but we're remote. We've got Ben Hirschberg, CTO and Co-Founder of Armo, a cloud native security startup, well positioned in this industry. He's there in Seattle. Ben, thank you for coming on and sharing what's going on with theCUBE. >> Yeah, it's great to be here, John. >> So we had written on you guys up on SiliconANGLE. Congratulations on your momentum and traction. But let's first get into what's going on there on the ground? What are some of the key trends? What's the most important story being told there? What is the vibe? What's the most important story right now? >> So I think, I would like to start here with the I think the most important thing was that I think the event is very successful. Usually, the Cloud Native Security Day usually was part of KubeCon in the previous years and now it became its own conference of its own and really kudos to all the organizers who brought this up in, actually in a short time. And it wasn't really clear how many people will turn up, but at the end, we see a really nice turn up and really great talks and keynotes around here. I think that one of the biggest trends, which haven't started like in this conference, but already we're talking for a while is supply chain. Supply chain is security. I think it's, right now, the biggest trend in the talks, in the keynotes. And I think that we start to see companies, big companies, who are adopting themselves into this direction. There is a clear industry need. There is a clear problem and I think that the cloud native security teams are coming up with tooling around it. I think for right now we see more tools than adoption, but the adoption is always following the tooling. And I think it already proves itself. So we have just a very interesting talk this morning about the OpenSSL vulnerability, which was I think around Halloween, which came out and everyone thought that it's going to be a critical issue for the whole cloud native and internet infrastructure and at the end it turned out to be a lesser problem, but the reason why I think it was understood that to be a lesser problem real soon was that because people started to use (indistinct) store software composition information in the environment so security teams could look into, look up in their systems okay, what, where they're using OpenSSL, which version they are using. It became really soon real clear that this version is not adopted by a wide array of software out there so the tech surface is relatively small and I think it already proved itself that the direction if everyone is talking about. >> Yeah, we agree, we're very bullish on this move from the Cloud Native Foundation CNCF that do the security conference. Amazon Web Services has re:Invent. That's their big show, but they also have re:Inforce, the security show, so clearly they work together. I like the decoupling, very cohesive. But you guys have Kubescape of Kubernetes security. Talk about the conversations that are there and that you're hearing around why there's different event what's different around KubeCon and CloudNativeCon than this Cloud Native SecurityCon. It's not called KubeSucSecCon, it's called Cloud Native SecurityCon. What's the difference? Are people confused? Is it clear? What's the difference between the two shows? What are you hearing? >> So I think that, you know, there is a good question. Okay, where is Cloud Native Computing Foundation came from? Obviously everyone knows that it was somewhat coupled with the adoption of Kubernetes. It was a clear understanding in the industry that there are different efforts where the industry needs to come together without looking be very vendor-specific and try to sort out a lot of issues in order to enable adoption and bring great value and I think that the main difference here between KubeCon and the Cloud Native Security Conference is really the focus, and not just on Kubernetes, but the whole ecosystem behind that. The way we are delivering software, the way we are monitoring software, and all where Kubernetes is only just, you know, maybe the biggest clog in the system, but, you know, just one of the others and it gives great overview of what you have in the whole ecosystem. >> Yeah, I think it's a good call. I would add that what I'm hearing too is that security is so critical to the business model of every company. It's so mainstream. The hackers have a great business model. They make money, their costs are lower than the revenue. So the business of hacking in breaches, ransomware all over the place is so successful that they're playing offense, everyone's playing defense, so it's about time we can get focus to really be faster and more nimble and agile on solving some of these security challenges in open source. So I think that to me is a great focus and so I give total props to the CNC. I call it the event operating system. You got the security group over here decoupled from the main kernel, but they work together. Good call and so this brings back up to some of the things that are going on so I have to ask you, as your startup as a CTO, you guys have the Kubescape platform, how do you guys fit into the landscape and what's different from your tools for Kubernetes environments versus what's out there? >> So I think that our journey is really interesting in the solution space because I think that our mode really tries to understand where security can meet the actual adoption because as you just said, somehow we have to sort out together how security is going to be automated and integrated in its best way. So Kubescape project started as a Kubernetes security posture tool. Just, you know, when people are really early in their adoption of Kubernetes systems, they want to understand whether the installation is is secure, whether the basic configurations are look okay, and giving them instant feedback on that, both in live systems and in the CICD, this is where Kubescape came from. We started as an open source project because we are big believers of open source, of the power of open source security, and I can, you know I think maybe this is my first interview when I can say that Kubescape was accepted to be a CNCF Sandbox project so Armo was actually donating the project to the CNCF, I think, which is a huge milestone and a great way to further the adoption of Kubernetes security and from now on we want to see where the users in Armo and Kubescape project want to see where the users are going, their Kubernetes security journey and help them to automatize, help them to to implement security more fast in the way the developers are using it working. >> Okay, if you don't mind, I want to just get clarification. What's the difference between the Armo platform and Kubescape because you have Kubescape Sandbox project and Armo platform. Could you talk about the differences and interaction? >> Sure, Kubescape is an open source project and Armo platform is actually a managed platform which runs Kubescape in the cloud for you because Kubescape is part, it has several parts. One part is, which is running inside the Kubernetes cluster in the CICD processes of the user, and there is another part which we call the backend where the results are stored and can be analyzed further. So Armo platform gives you managed way to run the backend, but I can tell you that backend is also, will be available within a month or two also for everyone to install on their premises as well, because again, we are an open source company and we are, we want to enable users, so the difference is that Armo platform is a managed platform behind Kubescape. >> How does Kubescape differ from closed proprietary sourced solutions? >> So I can tell you that there are closed proprietary solutions which are very good security solutions, but I think that the main difference, if I had to pick beyond the very specific technicalities is the worldview. The way we see that our user is not the CISO. Our user is not necessarily the security team. From our perspective, the user is the DevOps and the developers who are working on the Kubernetes cluster day to day and we want to enable them to improve their security. So actually our approach is more developer-friendly, if I would need to define it very shortly. >> What does this risk calculation score you guys have in Kubscape? That's come up and we cover that in our story. Can you explain to the folks how that fits in? Is it Kubescape is the platform and what's the benefit, what's the purpose? >> So the risk calculation is actually a score we are giving to clusters in order for the users to understand where they are standing in the general population, how they are faring against a perfect hardened cluster. It is based on the number of different tests we are making. And I don't want to go into, you know, the very specifics of the mathematical functions, but in general it takes into account how many functions are failing, security tests are failing inside your cluster. How many nodes you are having, how many workloads are having, and creating this number which enables you to understand where you are standing in the global, in the world. >> What's the customer value that you guys pitching? What's the pitch for the Armo platform? When you go and talk to a customer, are they like, "We need you." Do they come to you? Is it word of mouth? You guys have a strategy? What's the pitch? What's so appealing to the customers? Why are they enthusiastic about you guys? >> So John, I can tell you, maybe it's not so easy to to say the words, but I nearly 20 years in the industry and though I've been always around cyber and the defense industry and I can tell you that I never had this journey where before where I could say that the the customers are coming to us and not we are pitching to customers. Simply because people want to, this is very easy tool, very very easy to use, very understandable and it very helps the engineers to improve security posture. And they're coming to us and they're saying, "Well, awesome, okay, how we can like use it. Do you have a graphical interface?" And we are pointing them to the Armor platform and they are falling in love and coming to us even more and we can tell you that we have a big number of active users behind the platform itself. >> You know, one of the things that comes up every time at KubeCon and Cloud NativeCon when we're there, and we'll be in Amsterdam, so folks watching, you know, we'll see onsite, developer productivity is like the number one thing everyone talks about and security is so important. It's become by default a blocker or anchor or a drag on productivity. This is big, the things that you're mentioning, easy to use, engineering supporting it, developer adoption, you know we've always said on theCUBE, developers will be the de facto standards bodies by their choices 'cause developers make all the decisions. So if I can go faster and I can have security kind of programmed in, I'm not shifting left, it's just I'm just having security kind of in there. That's the dream state. Is that what you guys are trying to do here? Because that's the nirvana, everyone wants to do that. >> Yeah, I think your definition is like perfect because really we had like this, for a very long time we had this world where we decoupled security teams from developers and even for sometimes from engineering at all and I think for multiple reasons, we are more seeing a big convergence. Security teams are becoming part of the engineering and the engineering becoming part of the security and as you're saying, okay, the day-to-day world of developers are becoming very tangled up in the good way with security, so the think about it that today, one of my developers at Armo is creating a pull request. He's already, code is already scanned by security scanners for to test for different security problems. It's already, you know, before he already gets feedback on his first time where he's sharing his code and if there is an issue, he already can solve it and this is just solving issues much faster, much cheaper, and also you asked me about, you know, the wipe in the conference and we know no one can deny the current economic wipe we have and this also relates to security teams and security teams has to be much more efficient. And one of the things that everyone is talking, okay, we need more automation, we need more, better tooling and I think we are really fitting into this. >> Yeah, and I talked to venture capitalists yesterday and today, an angel investor. Best time for startup is right now and again, open source is driving a lot of value. Ben, it's been great to have you on and sharing with us what's going on on the ground there as well as talking about some of the traction you have. Just final question, how old's the company? How much funding do you have? Where you guys located? Put a plug in for the company. You guys looking to hire? Tell us about the company. Were you guys located? How much capital do you have? >> So, okay, the company's here for three years. We've passed a round last March with Tiger and Hyperwise capitals. We are located, most of the company's located today in Israel in Tel Aviv, but we have like great team also in Ukraine and also great guys are in Europe and right now also Craig Box joined us as an open source VP and he's like right now located in New Zealand, so we are a really global team, which I think it's really helps us to strengthen ourselves. >> Yeah, and I think this is the entrepreneurial equation for the future. It's really great to see that global. We heard that in Priyanka Sharma's keynote. It's a global culture, global community. >> Right. >> And so really, really props you guys. Congratulations on Armo and thanks for coming on theCUBE and sharing insights and expertise and also what's happening on the ground. Appreciate it, Ben, thanks for coming on. >> Thank you, John. >> Okay, cheers. Okay, this is CUB coverage here of the Cloud Native SecurityCon in North America 2023. I'm John Furrier for Lisa Martin, Dave Vellante. We're back with more of wrap up of the event after this short break. (gentle upbeat music)

(rousing music) >> Hello everyone. Welcome back to "theCUBE's" day one coverage of Cloud Native Security Con 23. This is going to be an exciting panel. I've got three great guests. I'm Lisa Martin, you know our esteemed analysts, John Furrier, and Dave Vellante well. And we're excited to welcome to "theCUBE" for the first time, Yves Sandfort, the CEO of Comdivision Group, who's coming to us from Germany. As you know, Cloud Native Security Con is a global event. Everyone welcome Yves, great to have you in particular. Welcome to "theCUBE." >> Great to be here. >> Thank you for inviting me. >> Yves, tell us a little bit, before we dig into really wanting to understand your perspectives on the event and get Dave and John's feedback as well, tell us a little bit about you. >> So yeah, talking about me, or talking about Comdivision real quick. We are in the business for over 27 years already. We started as a SaaS company, then became more like an architecture and, and Cloud Native company over the last few years. But what's interesting is, and I think that's, that's, that's really interesting when we look at our industry. It hasn't really, the requirements haven't really changed over the years. It's still security. We still have to figure out how we deal with security. We still have to figure out how we deal with compliance and everything else. And I think therefore, it's more and more important that we take these items more seriously. Also, based on the fact that when we look at it, how development and other things happen nowadays, it's, it's, everybody says it's like open source. It's great because everybody can look into the code. We, I think the last few years have shown us enough example that that's not necessarily solving all the issues, but it's also code and development has changed rapidly when we look at the Cloud Native approach, where it's far more about gluing the pieces together, versus the development pieces. When I was actually doing software development 25 years ago, and had to basically build my code because I didn't have that much internet access for it. So it has evolved, but even back then we had to deal with security and everything. >> Right. The focus on security is, is incredibly important, and the focus keeps growing as you mentioned. This is, guys, and I want to get your perspectives on this. We're going to start with John. This is the first time Cloud Native Security Con is its own event being extracted from, and amplified from KubeCon. John, I want to understand from your perspective, break down the event, what you see, what you've heard, and Cloud Native Security in general. What does this mean to companies? What does it mean to customers? Is this a reality? >> Well, I think that's the topic we want to discuss, and I think Yves background, you see the VMware certification, I love that. Because what VMware did with virtualization, was abstract that from server virtualization, kind of really changed the game on things, and you start to see Cloud Native kind of go that next level of how companies will be operating their business, not just digital transformation, as digital transformation goes to completion, it's total business transformation where IT is everywhere. And so you're starting to see the trends where, "Okay, that's happening." Now you're starting to see, that's Cloud Native Con, or KubeCon, AWS re:Invent, or whatever show, or whatever way you want to look at it. But in, in the past decade, past five years, security has always been front and center as almost a separate thing, and, in and of itself, but the same thing. So you're starting to see the breakout of security conversations around how to make things work. So a lot of operational conversations around what used to be DevOps makes infrastructure as code, and that was great, that fueled that. Then DevSecOps came. So the Cloud Native next level, is more application development at scale, developers driving the standards with developer first thinking, shifting left, I get all that. But down in the lower ends of the stack, you got real operational issues. DNS we've heard in the keynote, we heard about the Colonel, the Lennox Colonel. Things that need to be managed and taken care of at a security level. These are like, seem like in the weeds, but you're starting to see that happen. And the other thing that I think's real about Cloud Native Security Con that's going to be interesting to watch, is Amazon has pretty much canceled all their re:Invent like shows except for two; Re:Invent, which is their annual conference, and Re:Inforce, which is dedicated to securities. So Cloud Native, Linux, the Linux Foundation has now breaking out Cloud Native Con and KubeCon, and now Cloud Native Security Con. They can't call it KubeCon because it's not Kubernetes, but it's like security focus. I think this is the beginning of starting to see this new developer driving, developers driving the standards, and it has it implications, what used to be called IT ops, and that's like the VMwares of the world. You saw all the stuff that was not at developer focus, but more ops, becoming much more in the application. So I think, I think it's real. The question is where does it go? How fast does it develop? So to me, I think it's a real trend, and it's worthy of a breakout, but it's not yet clear of where the landing zone is for people to start doing it, how they get started, what are the best practices. Machine learning's going to be a big part of this. So to me it's totally cool, but I'm not yet seeing the beachhead. So that's kind of my take. >> Dave, our inventor and host of breaking analysis, what's your take? >> So when you, I think when you zoom out, there's some, there's a big macro change that's been going on. I think when you look back, let's say 10, 12 years ago, the, the need for speed far trumped the, the, the security aspect, the governance, the data privacy. It was like, "Yeah, the risks, they're not that great compared to our opportunity." That has completely changed because the risks are now so much higher. And so what's happening, I think there's a, there's a major effort amongst CIOs and CISOs to try to make security not a blocker because it use to be, it still is. "Okay, I got this great initiative." Eh, give it to the SecOps pros, and let them take it for a while before we can go to market. And so a huge challenge now is to simplify, automate, AI comes in, the whole supply chain security, so the, so the companies can not be facing so much friction. And that is non-trivial. I don't think we're anywhere close there, but I think the goal is by, within the next several years, we're going to be in a position, that security, we heard today, is, wasn't designed in to the initial internet protocols. It was bolted on. And so increasingly, the fundamental architecture of the internet, the Cloud, et cetera, is, is seeing designed in security, and, and that is an imperative, or else business is going to come to a grinding halt. >> Right. It's no longer, the bolt no longer works. Yves, what's your perspective on Cloud Native Security, where it stands today? What's in it for customers, whether we're talking about banks, or hospitals, or retailers, what do you think? >> I think when we, when we look at security in the, in the modern world, is we need to as, as Dave mentioned, we need to rethink how we apply it. Very often, security in the past has been always bolted on in the end. If we continue to do that, it'll become more and more difficult, because as companies evolve, and as companies want to bring products and software to market in a much faster and faster way, it's getting more and more difficult if we bolt on the security process at the end. It's like, developers build something and then someone checks security. That's not going to work any longer. Especially if we also consider now the changes in the industry. We had Stack Overflow over the last 10 years. If I would've had Stack Overflow 15, 20, what, 25 years ago when I was a developer, it would've changed a hell lot. Looking at it now, and looking at it what we had in the last few weeks, it's like where nearly all of my team members say is like finally I don't need any script kiddies anymore because I can't go to (indistinct) who writes the code for me. Which is on one end great, because it enables us to solve certain problems in a much higher pace. But the challenge with that is, if the people who just copy and past that code, don't understand the implications of that code, we have a much higher risk continuously. And what people thought was, is challenging with Stack Overflow. Imagine that something in one of these AI engines, is actually going ballistic, and it creates holes in nearly every one of these applications. And trust me, there will be enough developers who are going to use these tools to develop codes, the same as students in university are going to take this to write their essays and everything else. And so it's really important that every developer team basically has a security person within their team, and not a security at the end. So we build something, we check it, go through QA, and then it goes to security. Security needs to be at the forefront. And I think that's where we see Cloud Native Security Con, where we see AWS. I saw it during re:Invent already where they said is like, we have reinforced next year. I think this becomes more and more of a topic, and I think companies, as much as it is become a norm that you have a firewall and everything else, it needs to become a norm that when you are doing software development, and every development team needs to have a security person on that needs to be trained. >> I love that chat comment Dave, 'cause you and I were talking about this. And I think that is going to be the issue. Do we need security chat for the chat bot? And there's like a, like a recursive model there. The biases are built in. I think, and I think our interview with the Palo Alto Network's co-founder, Dave, when he talked about zero trust as a structured way to start things, but he was referencing that with Cloud, there's a chance to rethink or do a do-over in security. So, I think this is kind of to me, where this is all going. And I think you asked Pat Gelsinger what, year 2013, 2014, can, is security a do over? I think we're in that do over time. >> He said yes. >> He said yes. (laughing) He was right. But yeah, eight years later... But this is, how do you, zero trust gives you some structure, but how do you organize and redo security? Because to me, I think that's what's happening here. >> And John you heard, Zuk at Palo Alto Network said, "Yeah, the, the words security and architecture, they don't go together historically." And so it is a total, total retake. >> Well is that because there's too many tools out there and- >> Yeah. For sure. >> Yeah, well, first of all, a lot of hardware. And then yeah, a lot of tools. You even see IIOT and industry 40, you see IOT security coming up as another stove pipe, and that's not the right approach. And, and so- >> Well let me, let me ask you a question Dave, and Yves, if you don't mind. 'Cause I was just riffing on this yesterday about this. In the ML space, you're seeing the ML models, you're seeing proprietary models versus open source. Is security going to go down this proprietary security methods and open source? Because that's interesting, because the CNCF is run by the the Linux Foundation. So you can almost maybe see a model where there's more proprietary security methods than open source. Or is it, is that a non-issue? >> I would, I would, let me, if I, if I jump in here first, I think the last, especially last five or 10 years have clearly shown the, the whole and, and I invested early on in the, in the end 90s in several open source startups in the Bay area. So, I'm well behind the whole open source idea and, and mid (indistinct) and others back then several times. But the point is, I think what we have seen is open source is not in general, more secure or less secure, because code is too complex nowadays. You have millions of lines of code, and it's not that either one way or the other is going to solve it. The ways I think we are going to look at it is more is what's the role to market, because only because something is open source doesn't necessarily mean it's going to be available for everyone. And the same for proprietary source from that perspective, even though everybody mixes licensing and payments and all that all the time, but it doesn't necessarily have anything to do with it. But I think as we are going through it, and when we also look at the industry, security industry over the last 10 plus years has been primarily hardware focused. And a lot of these vendors have done a good business out of selling hardware boxes, putting software on top of it. Whereas in reality, those were still X86 standard boxes in the end. So it was not that we had specific security ethics or anything like that in there anymore. And so overall, the question of the market is going to change. And as we are looking into Cloud Native, think about someone like an AWS, do you really envision them to have a hardware box of every supplier in their data center, and that in every availability zone in every region? Same for Microsoft, same for Google, etc? So we need to have new ways on how we can apply security. And that applies both on the backend services, but also on the front end side. >> And if I, and if I could chime in, I think the, the good, I think the answer is, is, is no and yes. And what I mean by that is if you take, antivirus and known malware, I mean pretty much anybody today can, can solve that problem, it's the unknown malware. So I think the yes part of the answer is yes, it's, it's going to be proprietary, but in the sense we're going to use open source tooling, and then apply that in a proprietary way with, with specific algorithms and unique architectures that are going to solve problems. For example, XDR with, with unknown malware. So, and that's the, that's the hard part. As somebody said, I think this morning at the keynote, it's, it's all the stuff that, that the SecOps team couldn't find. That's the really hard part. >> (laughs) Well the question will be will, is the new IP, the ability to feed ChatGPT some magical spelled insertion query string that does the job, that's unique, that might be the new IP, the the question to ask. >> Well, that's what the hackers are going to do. And I, they're on offense. (John laughs) And the offense knows what play is coming. So, they're going to start. >> So guys, let's take this conversation up a level. I want to get your perspectives on what's in this for me as a customer? We know security is a board level conversation. We talk about this all the time. We also know that they're based on, I think David, was the conversations that you and I had, with Palo Alto Networks at Ignite in December. There's a, there's a lack of alignment between the executives and the board from a security perspective. When we talk about Cloud Native Security, we all talked about the value in that, what's in it for customers? I want to get your perspectives on should this be a board level conversation, and if so, how do you advise organizations, whether it is a hospital, or a bank, or an organization that is really affected by things like ransomware? How should they be thinking about this from an organizational perspective? >> Well, I'll start first, because we had this conversation during our Super Cloud event last month, and this comes up a lot. And this is, the CEO board level. Yes it is a board level conversation for security, as is application development as in terms of transforming their business to be competitive, not to be on the wrong side of history with this wave coming. So I think that's more of a management. But the issue is, they tell their people, "Go do it." And they're like, 'cause they get sold on the idea of, "Hey, won't you transform your business, and everything's going to be data driven, and machine learning's going to power your apps, get new customers, be profitable." "Oh, sign me up for that." When you have to implement this, it's really hard. And I think the core issue is, where are companies in their life cycle of the ability to execute and architect this thing properly as Dave said, Nick Zuk said, "You can't have architecture and security, you need platforms." So, I think the re-platforming, and the re-factoring of business is a big factor, and that's got to get down into the, the organizational shifts and the people to do it. So are there skills? Do I do a managed service? How do I architect it? Are there more services? Are there developers doing applications that are going to be more agile? So, this is not an easy thing. And to move a business from IT operations that is proven, to be positioned for this enablement, is just really difficult. And it's expensive. And if you screw it up, you could be, could be on the wrong side of things. So, to me, that's the big issue is, you sell the dream and then you got to implement it. And that's really difficult. >> Yves, give us your perspective on, based on John's comments, how do organizations shift so dramatically? There's a cultural element there as well, but there's also organizations that are, have competitive competitors in the rear view mirror, and there's time to waste. What are your thoughts on that? >> I think that's exactly the point. It's like, as an organization, you need to take the decision between the time, the risk, and all the other elements we have into this game. Because you can try to achieve 100% security, but that's exactly the same as trying to, to protect gold or anything else 100%. It's most likely not going to be from a risk perspective anyway sensible. And that's the same from a corporational perspective. When you look at building new internet services, or IOT services, or any kind of new shopping experience or whatever else, you need to balance out between the risks and the advantages out of it. And you also need to be accepting that you potentially on the way make mistakes, but then it's more important than ever that you are able to quickly fix any mistakes, and to adjust to anything what's happening in the market. Because as we are building all these new Cloud Native applications, and build up all these skill sets, one of the big scenarios is we are far more depending on individual building blocks. These building blocks come out of open source communities, which have a much different way. When we look back in software development, back then we had application servers from Oracle, Web Logic, whatsoever, they had a release cycles of every three to six months. As now we have to deal with open source, where sometimes release cycles are on a four week schedule, in between security patches. So you need to be much faster in adopting that, checking that, implementing that, getting things to work. So there is a security stretch from that perspective. There is a speech stretch on the other thing companies have to deal with, and on the other side it's always a measurement between the risk, and the security you can afford. Because reality is, you will not be 100% protected no matter what you do. So, you need to balance out what you as an organization can actually build on. But I think, coming back also to the point, it's on the bot level nowadays. It's like nearly every discussion we have with companies nowadays as they move into the Cloud, especially also here in Europe where for the last five years, it was always, it's like "It's data privacy." Data privacy is no longer, I mean, yes, for certain people, it's still the point, but for many more people it's like, "How protected is my data?" "What do we do in case of ransomware attack?" "What do we do in case of a denial of service?" All of these things become more vulnerable, where in the past you were discussing these things with a becking page, or, or like a stock exchange. They were, it's like, "What the hell is going to happen if we have a denial of service?" Now all of the sudden, this now affects nearly everyone in their storefronts and everything else, because everything is depending on it. >> Yeah, I think you're right on. You think about how cultural change occurs, it's bottom ups or, bottom up, top down or middle out. And what, what's happened with security is the people in the security team cared about it, they were the, everybody said, "Oh, it's their problem." And then it just did an end run to the board, kind of mid, early last decade. And then the board sort of pushed that down. And the line of business is realizing, "Holy cow. My business, my EBIT can be dramatically affected by this, so I care." Now it's this whole house, cultural team sport. I know it's sort of a, a cliche, but it, it's true. Everybody actually is beginning to care about security because the risks are now so high, and it's going to affect not only the bottom line of the company, the bottom line of the business, their job, it's, it's, it's virtually everywhere. It's a huge cultural shift that we're seeing. >> And that's a big challenge for organizations in any industry. And Yves, you talked about ransomware service. Every industry across the globe is vulnerable to this. But how can, maybe John, we'll start with you. How can Cloud Native Security help organizations if they're able to embrace it, operationally, culturally, dial down some of the vulnerabilities that just seem to keep growing? >> Well, I mean that's the big question. The breaches are, are critical. The governances also could be a way that anchors down growth. So I think the balance between the governance compliance piece of it is key, but making the developers faster and more productive is the key to me. And I think having the security paradigm where they're not blockers, as Dave said, is critical. So I love the whole shift left, but now that we have more data focused initiatives around how that, you can use data to understand the security issues, I think data and security are together, and I think there's a going to be a data operating system model emerging, where data and security will be almost one thing. And that will be set up by the security teams, and the data teams together. And that will feed guardrails into the developer environment. So the developer should feel no pain at all in doing this. So I think the best practice will end up being what we're seeing with supply chain, security, with making sure code's verified. And you're going to see the container, security side completely address has been, and KubeCon, we just, I asked Scott Johnson, the CEO of Docker, and I asked him directly, "Are you guys all tight on container security?" He said, yes, but other people are suggesting that's not true. There's a lot of issues with the container security. So, there's all kinds of areas where there's holes. So Cloud Native is cool on one hand, and very relevant, but if it's not shored up, it's going to be a problem. But I, so I think that's where the action will be, at the developer pipeline, in the containers, and the data. So, that will be very relevant, and if companies nail that, they'll be faster, they'll have better apps, and that'll be the differentiator. And again, if they don't on this next wave, they're going to be driftwood. >> Dave, how do they prevent becoming driftwood? >> Well, I think Cloud has had a huge impact. And a Cloud's by no means a panacea, but let's face it, it's dramatically improved a lot of companies security posture. Now there's still that shared responsibility. Even though an S3 bucket is encrypted, it's still your responsibility to make sure that it doesn't get decrypted by somebody who has access to it. So there are things like that, but to Yve's earlier point, that can be, that's done through software now, it's done through best practices. Those best practices can be shared. So the way you, you don't become driftwood, is you start to, you step back, rethink that security architecture as we were talking about earlier, take advantage of the Cloud, take advantage of Cloud Native, and all the, the rapid pace of innovation that's occurring there, and you don't use, it's called before, The audit is the last line of defense. That's no longer a check box item. "Oh yeah, we're in compliance." It's, this is a business imperative, and because we're going to reduce our expected loss and reduce our business risk. That's part of the business case today. >> Yeah. >> It's a huge, critically important part of the business case. Yves, question for you. If you're in an elevator with a CEO, a CFO, and a CISO, and they're talking about security and Cloud Native Security, what's your value proposition to them on a, on a say a 32nd elevator ride? >> Difficult story. I think at the moment, the most important part is, we need to get people to work together, and we need to train people to work more much better together. I think that's the overall most important part for all of these solutions, because in the end, security is always a person issue. If, we can have the best tools in the industry, as long as we don't get all of these teams to work together, then we have a problem. If the security team is always seen as the end of the solution to fix everything, that's not going to work because they always are the bad guys in the game. And so we need to bring the teams together. And once we have the teams work together, I think we have a far better track on, on maintaining security. >> John and Dave, I want to get your perspectives on what Yves just said. In all the experience that the two of you have as industry analysts here on "theCUBE," Wikibon, Siliconangle Media. How do you advise organizations to get those teams together? As Eve said, that alignment is critical, but John, we'll start with you, then Dave go to you. What's your advice for organizations that need to align those teams and really don't have a lot of time to wait to do it? >> (chuckling) That's a great question. I think, I think that's everyone pays hundreds of thousands of millions of dollars to get that advice from these consultants, organizations out there doing the transformations. But I think it comes down to personnel and commitment. I think if there's a C-level commitment to the effort, you'll see the institutional structure change. So you can see really getting behind it with their, with their wallet and their, and their support of either getting more personnel to support and assist, or manage services, or giving the power to the teams to execute and doing it in a way that, that's, that's well known and best practices. Start small, build out the pilots, build the platform, and then start getting it right. And I think that's the key. Not the magic wand, the old model of rolling out stuff in, in six month cycles. It's really, get the proof points, double down and change the culture, but also execute and have real metrics. And changing the architecture, like having more penetration tests as a service. Doing pen tests is like a joke now. So that doesn't make any sense. You got to have that built in almost every day, and every minute. So, these kinds of new techniques have to be implemented and have to be tried. So that's why these communities are growing. That's why I like what open source has been doing, and I like the open source as the place to have these conversations, because that's where the action will be for new stuff. And I think people will implement open source like they did before, but with different ways, better testing, better supply chain on the software side, verifying code. So, I see open source actually getting a tailwind from this, not a headwind. So, I'm bullish on the open source piece here on, on all levels, machine learning- >> Lisa, my answer is intramural sports. And it's 'cause I think it's cultural. And what I mean by that, is you take your your best and brightest security, and this is what frankly, a lot of CISOs do, an examples is Lena Smart, MongoDB. Take your best and brightest security pros, make them captains of the intramural teams, and pair them up with pods of individuals across the organization, which is most people who don't know anything about security, and put them together, so that they can, they, so that the folks that understand security can, can realize how little people know, what, what, what, how, what the worst practices that are out there in the reverse, how they can cross pollinate. And they do that on a regular basis, I know at Mongo and other companies. And that kind of cultural assimilation is a starting point for how you get security awareness up to your question around making it a team sport. >> Absolutely critical. Yves, I want to kind of wrap things with you. We've got a couple of minutes left. When you're really looking at the Cloud Native community, the growth of it, we talked about earlier in the program, Cloud Native Security Con being now extracted and elevated out of KubeCon, what are your thoughts on the groundswell that this community is generating around Cloud Native Security, the benefits that organizations will achieve from it? >> I think overall, when we have these securities conferences, or these security arms a bit spread out and separated out of the main conference, it helps to a certain degree, because especially in the security space, when you look at at other like black hat or white hat conferences and things like that in the past, although they were not focused on Cloud Native, a lot of these security folks didn't feel well taken care of in any of the other conferences because they were always these, it's like they are always blocking us, they're always making us problems, and all these kinds of things. Now that we really take the Cloud Native piece and the security piece together, or like AWS does it with re:Inforce, I think we will see more and more that people understand is that security is a permanent topic we need to cover, but we need to bring different people together, because security also has compliance and a lot of other components in there. So we will see at these conferences moving forward, also a different audience. It's not going to be only the Cloud Native developers. And if I see some of these security audiences, I can't really imagine them to really be at KubeCon because there is too much other things going on. And you couldn't really see much of that at re:Invent because re:Invent by itself has become a complete monster of a conference. It covers too many topics. And so having this very, very important security piece separated, also gives the opportunity, I think, that we can bring in the security people, but also have the type of board level discussions potentially, between the leaders of the industry, to also discuss on how we can evolve, how we can make things better, and how, how we can actually, yeah, evolve our industry for it. Because let's face it, that threat is not going to go away. It's, it's a business. And one of the last security conferences I was on, on the ransomware part, it was one of the topics someone said is like, "Look, currently on average, it takes a hacker group roughly around they said 15 to 20 K to break into a company, and they on average make 100K. It's a business, let's face it. And it's a business we don't like. And ethically, it's no discussion that this is not good, but that's something which is happening. People are making money with it. And as long as that's going to go on, and we have enough countries where these people can hide, it's going to stay and survive. And so, with that being said, it's important for us to really build an industry around this. But I also think it's good that we have separate conferences. In the past we had more the RSA conference, which tried to cover all of these areas. But that is not really fitting Cloud Native and everything else. So I think it's good that we have these new opportunities, the Cloud Native one, but also what AWS brings up for someone. >> Yves, you just nailed it. It just comes down to simple math. It's a fraction. Revenue over cost. And if you could increase the hacker's cost, increase the denominator, their ROI will go down. And that is the game. >> Great point, Dave. What I'm hearing guys, and we can talk about technology for days and days. I know all of you. But there's, there's a big component that, that the elevation of Cloud Native Security, on its own as standalone is critical, as is the people component. You guys all talked about that. We talked about the cultural change necessary for that. Hopefully what we're seeing with Cloud Native Security Con 23, this first event is going to give us more insight over the next couple of days, and the next months or so, as to how this elevation, and how the people can come together to really help organizations from a math perspective as, as Dave talked about, really dial down the risks there, understand more of the vulnerabilities so that ransomware as a service is not as lucrative as it is today. Guys, so much appreciate your time, really breaking down Cloud Native Security, the value in it from different perspectives, and what your thoughts are on where it's going. Thanks so much for your time. >> All right. Thanks. >> Thanks, Lisa. >> Thank you. >> Thanks, Yves. >> All right. For my guests, I'm Lisa Martin. You're watching theCUBE's day one coverage of Cloud Native Security Con 23. Thanks for watching. (rousing music)

(upbeat music) >> Hello, everyone, from Palo Alto, Lisa Martin here. This is The Cube's coverage of CloudNativeSecurityCon, the inaugural event. I'm here with John Furrier in studio. In Boston, Dave Vellante joins us, and our guest, Liz Rice, one of our alumni, is joining us from Seattle. Great to have everyone here. Liz is the Chief Open Source officer at Isovalent. She's also the Emeritus Chair Technical Oversight Committee at CNCF, and a co-chair of this new event. Everyone, welcome Liz. Great to have you back on theCUBE. Thanks so much for joining us today. >> Thanks so much for having me, pleasure. >> So CloudNativeSecurityCon. This is the inaugural event, Liz, this used to be part of KubeCon, it's now its own event in its first year. Talk to us about the importance of having it as its own event from a security perspective, what's going on? Give us your opinions there. >> Yeah, I think security was becoming so- at such an important part of the conversation at KubeCon, CloudNativeCon, and the TAG security, who were organizing the co-located Cloud Native Security Day which then turned into a two day event. They were doing this amazing job, and there was so much content and so much activity and so much interest that it made sense to say "Actually this could stand alone as a dedicated event and really dedicate, you know, all the time and resources of running a full conference, just thinking about cloud native security." And I think that's proven to be true. There's plenty of really interesting talks that we're going to see. Things like a capture the flag. There's all sorts of really good things going on this week. >> Liz, great to see you, and Dave, great to see you in Boston Lisa, great intro. Liz, you've been a CUBE alumni. You've been a great contributor to our program, and being part of our team, kind of extracting that signal from the CNCF cloud native world KubeCon. This event really kind of to me is a watershed moment, because it highlights not only security as a standalone discussion event, but it's also synergistic with KubeCon. And, as co-chair, take us through the thought process on the sessions, the experts, it's got a practitioner vibe there. So we heard from Priyanka early on, bottoms up, developer first. You know KubeCon's shift left was big momentum. This seems to be a breakout of very focused security. Can you share the rationale and the thoughts behind how this is emerging, and how you see this developing? I know it's kind of a small event, kind of testing the waters it seems, but this is really a directional shift. Can you share your thoughts? >> Yeah I'm just, there's just so many different angles that you can consider security. You know, we are seeing a lot of conversations about supply chain security, but there's also runtime security. I'm really excited about eBPF tooling. There's also this opportunity to talk about how do we educate people about security, and how do security practitioners get involved in cloud native, and how do cloud native folks learn about the security concepts that they need to keep their deployments secure. So there's lots of different groups of people who I think maybe at a KubeCon, KubeCon is so wide, it's such a diverse range of topics. If you really just want to focus in, drill down on what do I need to do to run Kubernetes and cloud native applications securely, let's have a really focused event, and just drill down into all the different aspects of that. And I think that's great. It brings the right people together, the practitioners, the experts, the vendors to, you know, everyone can be here, and we can find each other at a smaller event. We are not spread out amongst the thousands of people that would attend a KubeCon. >> It's interesting, Dave, you know, when we were talking, you know, we're going to bring you in real quick, because AWS, which I think is the bellweather for, you know, cloud computing, has now two main shows, AWS re:Invent and re:Inforce. Security, again, broken out there. you see the classic security events, RSA, Black Hat, you know, those are the, kind of, the industry kind of mainstream security, very wide. But you're starting to see the cloud native developer first with both security and cloud native, kind of, really growing so fast. This is a major trend for a lot of the ecosystem >> You know, and you hear, when you mention those other conferences, John you hear a lot about, you know, shift left. There's a little bit of lip service there, and you, we heard today way more than lip service. I mean deep practitioner level conversations, and of course the runtime as well. Liz, you spent a lot of time obviously in your keynote on eBPF, and I wonder if you could share with the audience, you know, why you're so excited about that. What makes it a more effective tool compared to other traditional methods? I mean, it sounds like it simplifies things. You talked about instrumenting nodes versus workloads. Can you explain that a little bit more detail? >> Yeah, so with eBPF programs, we can load programs dynamically into the kernel, and we can attach them to all kinds of different events that could be happening anywhere on that virtual machine. And if you have the right knowledge about where to hook into, you can observe network events, you can observe file access events, you can observe pretty much anything that's interesting from a security perspective. And because eBPF programs are living in the kernel, there's only one kernel shared amongst all of the applications that are running on that particular machine. So you don't- you no longer have to instrument each individual application, or each individual pod. There's no more need to inject sidecars. We can apply eBPF based tooling on a per node basis, which just makes things operationally more straightforward, but it's also extremely performant. We can hook these programs into events that typically very lightweight, small programs, kind of, emitting an event, making a decision about whether to drop a packet, making a decision about whether to allow file access, things of that nature. There's super fast, there's no need to transition between kernel space and user space, which is usually quite a costly operation from performance perspective. So eBPF makes it really, you know, it's taking the security tooling, and other forms of tooling, networking and observability. We can take these tools into the kernel, and it's really efficient there. >> So Liz- >> So, if I may, one, just one quick follow up. You gave kind of a space age example (laughs) in your keynote. When, do you think a year from now we'll be able to see, sort of, real world examples in in action? How far away are we? >> Well, some of that is already pretty widely deployed. I mean, in my keynote I was talking about Cilium. Cilium is adopted by hundreds of really big scale deployments. You know, the users file is full of household names who've been using cilium. And as part of that they will be using network policies. And I showed some visualizations this morning of network policy, but again, network policy has been around, pretty much since the early days of Kubernetes. It can be quite fiddly to get it right, but there are plenty of people who are using it at scale today. And then we were also looking at some runtime security detections, seeing things like, in my example, exfiltrating the plans to the Death Star, you know, looking for suspicious executables. And again, that's a little bit, it's a bit newer, but we do have people running that in production today, proving that it really does work, and that eBPF is a scalable technology. It's, I've been fascinated by eBPF for years, and it's really amazing to see it being used in the real world now. >> So Liz, you're a maintainer on the Cilium project. Talk about the use of eBPF in the Cilium project. How is it contributing to cloud native security, and really helping to change the dials on that from an efficiency, from a performance perspective, as well as a, what's in it for me as a business perspective? >> So Cilium is probably best known as a networking plugin for Kubernetes. It, when you are running Kubernetes, you have to make a decision about some networking plugin that you're going to use. And Cilium is, it's an incubating project in the CNCF. It's the most mature of the different CNIs that's in the CNCF at the moment. As I say, very widely deployed. And right from day one, it was based on eBPF. And in fact some of the people who contribute to the eBPF platform within the kernel, are also working on the Cilium project. They've been kind of developed hand in hand for the last six, seven years. So really being able to bring some of that networking capability, it required changes in the kernel that have been put in place several years ago, so that now we can build these amazing tools for Kubernetes operators. So we are using eBPF to make the networking stack for Kubernetes and cloud native really efficient. We can bypass some of the parts of the network stack that aren't necessarily required in a cloud native deployment. We can use it to make these incredibly fast decisions about network policy. And we also have a sub-project called Tetragon, which is a newer part of the Cilium family which uses eBPF to observe these runtime events. The things like people opening a file, or changing the permissions on a file, or making a socket connection. All of these things that as a security engineer you are interested in. Who is running executables who is making network connections, who's accessing files, all of these operations are things that we can observe with Cilium Tetragon. >> I mean it's exciting. We've chatted in the past about that eBPF extended Berkeley Packet Filter, which is about the Linux kernel. And I bring that up Liz, because I think this is the trend I'm trying to understand with this event. It's, I hear bottoms up developer, developer first. It feels like it's an under the hood, infrastructure, security geek fest for practitioners, because Brian, in his keynote, mentioned BIND in reference the late Dan Kaminsky, who was, obviously found that error in BIND at the, in DNS. He mentioned DNS. There's a lot of things that's evolving at the silicone, kernel, kind of root levels of our infrastructure. This seems to be a major shift in focus and rightfully so. Is that something that you guys talk about, or is that coincidence, or am I just overthinking this point in terms of how nerdy it's getting in terms of the importance of, you know, getting down to the low level aspects of protecting everything. And as we heard also the quote was no software secure. (Liz chuckles) So that's up and down the stack of the, kind of the old model. What's your thoughts and reaction to that? >> Yeah, I mean I think a lot of folks who get into security really are interested in these kind of details. You know, you see write-ups of exploits and they, you know, they're quite often really involved, and really require understanding these very deep detailed technical levels. So a lot of us can really geek out about the details of that. The flip side of that is that as an application developer, you know, as- if you are working for a bank, working for a media company, you're writing applications, you shouldn't have to be worried about what's happening at the kernel level. This might be kind of geeky interesting stuff, but really, operationally, it should be taken care of for you. You've got your work cut out building business value in applications. So I think there's this interesting, kind of dual track going on almost, if you like, of the people who really want to get involved in those nitty gritty details, and understand how the underlying, you know, kernel level exploits maybe working. But then how do we make that really easy for people who are running clusters to, I mean like you said, nothing is ever secure, but trying to make things as secure as they can be easily, and make things visual, make things accessible, make things, make it easy to check whether or not you are compliant with whatever regulations you need to be compliant with. That kind of focus on making things usable for the platform team, for the application developers who deliver apps on the platform, that's the important (indistinct)- >> I noticed that the word expert was mentioned, I mentioned earlier with Priyanka. Was there a rationale on the 72 sessions, was there thinking around it or was it kind of like, these are urgent areas, they're obvious low hanging fruit. Was there, take us through the selection process of, or was it just, let's get 72 sessions going to get this (Liz laughs) thing moving? >> No, we did think quite carefully about how we wanted to, what the different focus areas we wanted to include. So we wanted to make sure that we were including things like governance and compliance, and that we talk about not just supply chain, which is clearly a very hot topic at the moment, but also to talk about, you know, threat detection, runtime security. And also really importantly, we wanted to have space to talk about education, to talk about how people can get involved. Because maybe when we talk about all these details, and we get really technical, maybe that's, you know, a bit scary for people who are new into the cloud native security space. We want to make sure that there are tracks and content that are accessible for newcomers to get involved. 'Cause, you know, given time they'll be just as excited about diving into those kind of kernel level details. But everybody needs a place to start, and we wanted to make sure there were conversations about how to get started in security, how to educate other members of your team in your organization about security. So hopefully there's something for everyone. >> That education piece- >> Liz, what's the- >> Oh sorry, Dave. >> What the buzz on on AI? We heard Dan talk about, you know, chatGPT, using it to automate spear phishing. There's always been this tension between security and speed to market, but CISOs are saying, "Hey we're going to a zero trust architecture and that's helping us move faster." Will, in your, is the talk on the floor, AI is going to slow us down a little bit until we figure it out? Or is it actually going to be used as an offensive defensive tool if I can use that angle? >> Yeah, I think all of the above. I actually had an interesting chat this morning. I was talking with Andy Martin from Control Plane, and we were talking about the risk of AI generated code that attempts to replicate what open source libraries already do. So rather than using an existing open source package, an organization might think, "Well, I'll just have my own version, and I'll have an AI write it for me." And I don't, you know, I'm not a lawyer so I dunno what the intellectual property implications of this will be, but imagine companies are just going, "Well you know, write me an SSL library." And that seems terrifying from a security perspective, 'cause there could be all sorts of very slightly different AI generated libraries that pick up the same vulnerabilities that exist in open source code. So, I think we're going to go through a pretty interesting period of vulnerabilities being found in AI generated code that look familiar, and we'll be thinking "Haven't we seen these vulnerabilities before? Yeah, we did, but they were previously in handcrafted code and now we'll see the same things being generated by AI." I mean, in the same way that if you look at an AI generated picture and it's got I don't know, extra fingers, or, you know, extra ears or something that, (Dave laughs) AI does make mistakes. >> So Liz, you talked about the education, the enablement, the 72 sessions, the importance of CloudNativeSecurityCon being its own event this year. What are your hopes and dreams for the practitioners to be able to learn from this event? How do you see the event as really supporting the growth, the development of the cloud native security community as a whole? >> Yeah, I think it's really important that we think of it as a Cloud Native Security community. You know, there are lots of interesting sort of hacker community security related community. Cloud native has been very community focused for a long time, and we really saw, particularly through the tag, the security tag, that there was this growing group of people who were, really wanted to work at that intersection between security and cloud native. And yeah, I think things are going really well this week so far, So I hope this is, you know, the first of many additions of this conference. I think it will also be interesting to see how the balance between a smaller, more focused event, compared to the giant KubeCon and cloud native cons. I, you know, I think there's space for both things, but whether or not there will be other smaller focus areas that want to stand alone and justify being able to stand alone as their own separate conferences, it speaks to the growth of cloud native in general that this is worthwhile doing. >> Yeah. >> It is, and what also speaks to, it reminds me of our tagline here at theCUBE, being able to extract the signal from the noise. Having this event as a standalone, being able to extract the value in it from a security perspective, that those practitioners and the community at large is going to be able to glean from these conversations is something that will be important, that we'll be keeping our eyes on. >> Absolutely. Makes sense for me, yes. >> Yeah, and I think, you know, one of the things, Lisa, that I want to get in, and if you don't mind asking Dave his thoughts, because he just did a breaking analysis on the security landscape. And Dave, you know, as Liz talking about some of these root level things, we talk about silicon advances, powering machine learning, we've been covering a lot of that. You've been covering the general security industry. We got RSA coming up reinforced with AWS, and as you see the cloud native developer first, really driving the standards of the super cloud, the multicloud, you're starting to see a lot more application focus around latency and kind of controlling that, These abstraction layer's starting to see a lot more growth. What's your take, Dave, on what Liz and- is talking about because, you know, you're analyzing the horses on the track, and there's sometimes the old guard security folks, and you got open source continuing to kick butt. And even on the ML side, we've been covering some of these foundation models, you're seeing a real technical growth in open source at all levels and, you know, you still got some proprietary machine learning stuff going on, but security's integrating all that. What's your take and your- what's your breaking analysis on the security piece here? >> I mean, to me the two biggest problems in cyber are just the lack of talent. I mean, it's just really hard to find super, you know, deep expertise and get it quickly. And I think the second is it's just, it's so many tools to deal with. And so the architecture of security is just this mosaic and a mess. That's why I'm excited about initiatives like eBPF because it does simplify things, and developers are being asked to do a lot. And I think one of the other things that's emerging is when you- when we talk about Industry 4.0, and IIoT, you- I'm seeing a lot of tools that are dedicated just to that, you know, slice of the world. And I don't think that's the right approach. I think that there needs to be a more comprehensive view. We're seeing, you know, zero trust architectures come together, and it's going to take some time, but I think that you're going to definitely see, you know, some rethinking of how to architect security. It's a game of whack-a-mole, but I think the industry is just- the technology industry is doing a really really good job of, you know, working hard to solve these problems. And I think the answer is not just another bespoke tool, it's a broader thinking around architectures and consolidating some of those tools, you know, with an end game of really addressing the problem in a more comprehensive fashion. >> Liz, in the last minute or so we have your thoughts on how automation and scale are driving some of these forcing functions around, you know, taking away the toil and the muck around developers, who just want stuff to be code, right? So infrastructure as code. Is that the dynamic here? Is this kind of like new, or is it kind of the same game, different kind of thing? (chuckles) 'Cause you're seeing a lot more machine learning, a lot more automation going on. What's, is that having an impact? What's your thoughts? >> Automation is one of the kind of fundamental underpinnings of cloud native. You know, we're expecting infrastructure to be written as code, We're expecting the platform to be defined in yaml essentially. You know, we are expecting the Kubernetes and surrounding tools to self-heal and to automatically scale and to do things like automated security. If we think about supply chain, you know, automated dependency scanning, think about runtime. Network policy is automated firewalling, if you like, for a cloud native era. So, I think it's all about making that platform predictable. Automation gives us some level of predictability, even if the underlying hardware changes or the scale changes, so that the application developers have something consistent and standardized that they can write to. And you know, at the end of the day, it's all about the business applications that run on top of this infrastructure >> Business applications and the business outcomes. Liz, we so appreciate your time talking to us about this inaugural event, CloudNativeSecurityCon 23. The value in it for those practitioners, all of the content that's going to be discussed and learned, and the growth of the community. Thank you so much, Liz, for sharing your insights with us today. >> Thanks for having me. >> For Liz Rice, John Furrier and Dave Vellante, I'm Lisa Martin. You're watching the Cube's coverage of CloudNativeSecurityCon 23. (electronic music)

(upbeat music) >> Hello, this is Dave Valente with theCUBE, and one of the most gratifying aspects of my role as a host of "theCUBE TV" is I get to cover a wide range of topics. And quite often, we're able to bring to our program a level of expertise that allows us to more deeply explore and unpack some of the topics that we cover throughout the year. And one of our favorite topics, of course, is data. Now, in 2021, after being in isolation for the better part of two years, a group of industry analysts met up at AWS re:Invent and started a collaboration to look at the trends in data and predict what some likely outcomes will be for the coming year. And it resulted in a very popular session that we had last year focused on the future of data management. And I'm very excited and pleased to tell you that the 2023 edition of that predictions episode is back, and with me are five outstanding market analyst, Sanjeev Mohan of SanjMo, Tony Baer of dbInsight, Carl Olofson from IDC, Dave Menninger from Ventana Research, and Doug Henschen, VP and Principal Analyst at Constellation Research. Now, what is it that we're calling you, guys? A data pack like the rat pack? No, no, no, no, that's not it. It's the data crowd, the data crowd, and the crowd includes some of the best minds in the data analyst community. They'll discuss how data management is evolving and what listeners should prepare for in 2023. Guys, welcome back. Great to see you. >> Good to be here. >> Thank you. >> Thanks, Dave. (Tony and Dave faintly speaks) >> All right, before we get into 2023 predictions, we thought it'd be good to do a look back at how we did in 2022 and give a transparent assessment of those predictions. So, let's get right into it. We're going to bring these up here, the predictions from 2022, they're color-coded red, yellow, and green to signify the degree of accuracy. And I'm pleased to report there's no red. Well, maybe some of you will want to debate that grading system. But as always, we want to be open, so you can decide for yourselves. So, we're going to ask each analyst to review their 2022 prediction and explain their rating and what evidence they have that led them to their conclusion. So, Sanjeev, please kick it off. Your prediction was data governance becomes key. I know that's going to knock you guys over, but elaborate, because you had more detail when you double click on that. >> Yeah, absolutely. Thank you so much, Dave, for having us on the show today. And we self-graded ourselves. I could have very easily made my prediction from last year green, but I mentioned why I left it as yellow. I totally fully believe that data governance was in a renaissance in 2022. And why do I say that? You have to look no further than AWS launching its own data catalog called DataZone. Before that, mid-year, we saw Unity Catalog from Databricks went GA. So, overall, I saw there was tremendous movement. When you see these big players launching a new data catalog, you know that they want to be in this space. And this space is highly critical to everything that I feel we will talk about in today's call. Also, if you look at established players, I spoke at Collibra's conference, data.world, work closely with Alation, Informatica, a bunch of other companies, they all added tremendous new capabilities. So, it did become key. The reason I left it as yellow is because I had made a prediction that Collibra would go IPO, and it did not. And I don't think anyone is going IPO right now. The market is really, really down, the funding in VC IPO market. But other than that, data governance had a banner year in 2022. >> Yeah. Well, thank you for that. And of course, you saw data clean rooms being announced at AWS re:Invent, so more evidence. And I like how the fact that you included in your predictions some things that were binary, so you dinged yourself there. So, good job. Okay, Tony Baer, you're up next. Data mesh hits reality check. As you see here, you've given yourself a bright green thumbs up. (Tony laughing) Okay. Let's hear why you feel that was the case. What do you mean by reality check? >> Okay. Thanks, Dave, for having us back again. This is something I just wrote and just tried to get away from, and this just a topic just won't go away. I did speak with a number of folks, early adopters and non-adopters during the year. And I did find that basically that it pretty much validated what I was expecting, which was that there was a lot more, this has now become a front burner issue. And if I had any doubt in my mind, the evidence I would point to is what was originally intended to be a throwaway post on LinkedIn, which I just quickly scribbled down the night before leaving for re:Invent. I was packing at the time, and for some reason, I was doing Google search on data mesh. And I happened to have tripped across this ridiculous article, I will not say where, because it doesn't deserve any publicity, about the eight (Dave laughing) best data mesh software companies of 2022. (Tony laughing) One of my predictions was that you'd see data mesh washing. And I just quickly just hopped on that maybe three sentences and wrote it at about a couple minutes saying this is hogwash, essentially. (laughs) And that just reun... And then, I left for re:Invent. And the next night, when I got into my Vegas hotel room, I clicked on my computer. I saw a 15,000 hits on that post, which was the most hits of any single post I put all year. And the responses were wildly pro and con. So, it pretty much validates my expectation in that data mesh really did hit a lot more scrutiny over this past year. >> Yeah, thank you for that. I remember that article. I remember rolling my eyes when I saw it, and then I recently, (Tony laughing) I talked to Walmart and they actually invoked Martin Fowler and they said that they're working through their data mesh. So, it takes a really lot of thought, and it really, as we've talked about, is really as much an organizational construct. You're not buying data mesh >> Bingo. >> to your point. Okay. Thank you, Tony. Carl Olofson, here we go. You've graded yourself a yellow in the prediction of graph databases. Take off. Please elaborate. >> Yeah, sure. So, I realized in looking at the prediction that it seemed to imply that graph databases could be a major factor in the data world in 2022, which obviously didn't become the case. It was an error on my part in that I should have said it in the right context. It's really a three to five-year time period that graph databases will really become significant, because they still need accepted methodologies that can be applied in a business context as well as proper tools in order for people to be able to use them seriously. But I stand by the idea that it is taking off, because for one thing, Neo4j, which is the leading independent graph database provider, had a very good year. And also, we're seeing interesting developments in terms of things like AWS with Neptune and with Oracle providing graph support in Oracle database this past year. Those things are, as I said, growing gradually. There are other companies like TigerGraph and so forth, that deserve watching as well. But as far as becoming mainstream, it's going to be a few years before we get all the elements together to make that happen. Like any new technology, you have to create an environment in which ordinary people without a whole ton of technical training can actually apply the technology to solve business problems. >> Yeah, thank you for that. These specialized databases, graph databases, time series databases, you see them embedded into mainstream data platforms, but there's a place for these specialized databases, I would suspect we're going to see new types of databases emerge with all this cloud sprawl that we have and maybe to the edge. >> Well, part of it is that it's not as specialized as you might think it. You can apply graphs to great many workloads and use cases. It's just that people have yet to fully explore and discover what those are. >> Yeah. >> And so, it's going to be a process. (laughs) >> All right, Dave Menninger, streaming data permeates the landscape. You gave yourself a yellow. Why? >> Well, I couldn't think of a appropriate combination of yellow and green. Maybe I should have used chartreuse, (Dave laughing) but I was probably a little hard on myself making it yellow. This is another type of specialized data processing like Carl was talking about graph databases is a stream processing, and nearly every data platform offers streaming capabilities now. Often, it's based on Kafka. If you look at Confluent, their revenues have grown at more than 50%, continue to grow at more than 50% a year. They're expected to do more than half a billion dollars in revenue this year. But the thing that hasn't happened yet, and to be honest, they didn't necessarily expect it to happen in one year, is that streaming hasn't become the default way in which we deal with data. It's still a sidecar to data at rest. And I do expect that we'll continue to see streaming become more and more mainstream. I do expect perhaps in the five-year timeframe that we will first deal with data as streaming and then at rest, but the worlds are starting to merge. And we even see some vendors bringing products to market, such as K2View, Hazelcast, and RisingWave Labs. So, in addition to all those core data platform vendors adding these capabilities, there are new vendors approaching this market as well. >> I like the tough grading system, and it's not trivial. And when you talk to practitioners doing this stuff, there's still some complications in the data pipeline. And so, but I think, you're right, it probably was a yellow plus. Doug Henschen, data lakehouses will emerge as dominant. When you talk to people about lakehouses, practitioners, they all use that term. They certainly use the term data lake, but now, they're using lakehouse more and more. What's your thoughts on here? Why the green? What's your evidence there? >> Well, I think, I was accurate. I spoke about it specifically as something that vendors would be pursuing. And we saw yet more lakehouse advocacy in 2022. Google introduced its BigLake service alongside BigQuery. Salesforce introduced Genie, which is really a lakehouse architecture. And it was a safe prediction to say vendors are going to be pursuing this in that AWS, Cloudera, Databricks, Microsoft, Oracle, SAP, Salesforce now, IBM, all advocate this idea of a single platform for all of your data. Now, the trend was also supported in 2023, in that we saw a big embrace of Apache Iceberg in 2022. That's a structured table format. It's used with these lakehouse platforms. It's open, so it ensures portability and it also ensures performance. And that's a structured table that helps with the warehouse side performance. But among those announcements, Snowflake, Google, Cloud Era, SAP, Salesforce, IBM, all embraced Iceberg. But keep in mind, again, I'm talking about this as something that vendors are pursuing as their approach. So, they're advocating end users. It's very cutting edge. I'd say the top, leading edge, 5% of of companies have really embraced the lakehouse. I think, we're now seeing the fast followers, the next 20 to 25% of firms embracing this idea and embracing a lakehouse architecture. I recall Christian Kleinerman at the big Snowflake event last summer, making the announcement about Iceberg, and he asked for a show of hands for any of you in the audience at the keynote, have you heard of Iceberg? And just a smattering of hands went up. So, the vendors are ahead of the curve. They're pushing this trend, and we're now seeing a little bit more mainstream uptake. >> Good. Doug, I was there. It was you, me, and I think, two other hands were up. That was just humorous. (Doug laughing) All right, well, so I liked the fact that we had some yellow and some green. When you think about these things, there's the prediction itself. Did it come true or not? There are the sub predictions that you guys make, and of course, the degree of difficulty. So, thank you for that open assessment. All right, let's get into the 2023 predictions. Let's bring up the predictions. Sanjeev, you're going first. You've got a prediction around unified metadata. What's the prediction, please? >> So, my prediction is that metadata space is currently a mess. It needs to get unified. There are too many use cases of metadata, which are being addressed by disparate systems. For example, data quality has become really big in the last couple of years, data observability, the whole catalog space is actually, people don't like to use the word data catalog anymore, because data catalog sounds like it's a catalog, a museum, if you may, of metadata that you go and admire. So, what I'm saying is that in 2023, we will see that metadata will become the driving force behind things like data ops, things like orchestration of tasks using metadata, not rules. Not saying that if this fails, then do this, if this succeeds, go do that. But it's like getting to the metadata level, and then making a decision as to what to orchestrate, what to automate, how to do data quality check, data observability. So, this space is starting to gel, and I see there'll be more maturation in the metadata space. Even security privacy, some of these topics, which are handled separately. And I'm just talking about data security and data privacy. I'm not talking about infrastructure security. These also need to merge into a unified metadata management piece with some knowledge graph, semantic layer on top, so you can do analytics on it. So, it's no longer something that sits on the side, it's limited in its scope. It is actually the very engine, the very glue that is going to connect data producers and consumers. >> Great. Thank you for that. Doug. Doug Henschen, any thoughts on what Sanjeev just said? Do you agree? Do you disagree? >> Well, I agree with many aspects of what he says. I think, there's a huge opportunity for consolidation and streamlining of these as aspects of governance. Last year, Sanjeev, you said something like, we'll see more people using catalogs than BI. And I have to disagree. I don't think this is a category that's headed for mainstream adoption. It's a behind the scenes activity for the wonky few, or better yet, companies want machine learning and automation to take care of these messy details. We've seen these waves of management technologies, some of the latest data observability, customer data platform, but they failed to sweep away all the earlier investments in data quality and master data management. So, yes, I hope the latest tech offers, glimmers that there's going to be a better, cleaner way of addressing these things. But to my mind, the business leaders, including the CIO, only want to spend as much time and effort and money and resources on these sorts of things to avoid getting breached, ending up in headlines, getting fired or going to jail. So, vendors bring on the ML and AI smarts and the automation of these sorts of activities. >> So, if I may say something, the reason why we have this dichotomy between data catalog and the BI vendors is because data catalogs are very soon, not going to be standalone products, in my opinion. They're going to get embedded. So, when you use a BI tool, you'll actually use the catalog to find out what is it that you want to do, whether you are looking for data or you're looking for an existing dashboard. So, the catalog becomes embedded into the BI tool. >> Hey, Dave Menninger, sometimes you have some data in your back pocket. Do you have any stats (chuckles) on this topic? >> No, I'm glad you asked, because I'm going to... Now, data catalogs are something that's interesting. Sanjeev made a statement that data catalogs are falling out of favor. I don't care what you call them. They're valuable to organizations. Our research shows that organizations that have adequate data catalog technologies are three times more likely to express satisfaction with their analytics for just the reasons that Sanjeev was talking about. You can find what you want, you know you're getting the right information, you know whether or not it's trusted. So, those are good things. So, we expect to see the capabilities, whether it's embedded or separate. We expect to see those capabilities continue to permeate the market. >> And a lot of those catalogs are driven now by machine learning and things. So, they're learning from those patterns of usage by people when people use the data. (airy laughs) >> All right. Okay. Thank you, guys. All right. Let's move on to the next one. Tony Bear, let's bring up the predictions. You got something in here about the modern data stack. We need to rethink it. Is the modern data stack getting long at the tooth? Is it not so modern anymore? >> I think, in a way, it's got almost too modern. It's gotten too, I don't know if it's being long in the tooth, but it is getting long. The modern data stack, it's traditionally been defined as basically you have the data platform, which would be the operational database and the data warehouse. And in between, you have all the tools that are necessary to essentially get that data from the operational realm or the streaming realm for that matter into basically the data warehouse, or as we might be seeing more and more, the data lakehouse. And I think, what's important here is that, or I think, we have seen a lot of progress, and this would be in the cloud, is with the SaaS services. And especially you see that in the modern data stack, which is like all these players, not just the MongoDBs or the Oracles or the Amazons have their database platforms. You see they have the Informatica's, and all the other players there in Fivetrans have their own SaaS services. And within those SaaS services, you get a certain degree of simplicity, which is it takes all the housekeeping off the shoulders of the customers. That's a good thing. The problem is that what we're getting to unfortunately is what I would call lots of islands of simplicity, which means that it leads it (Dave laughing) to the customer to have to integrate or put all that stuff together. It's a complex tool chain. And so, what we really need to think about here, we have too many pieces. And going back to the discussion of catalogs, it's like we have so many catalogs out there, which one do we use? 'Cause chances are of most organizations do not rely on a single catalog at this point. What I'm calling on all the data providers or all the SaaS service providers, is to literally get it together and essentially make this modern data stack less of a stack, make it more of a blending of an end-to-end solution. And that can come in a number of different ways. Part of it is that we're data platform providers have been adding services that are adjacent. And there's some very good examples of this. We've seen progress over the past year or so. For instance, MongoDB integrating search. It's a very common, I guess, sort of tool that basically, that the applications that are developed on MongoDB use, so MongoDB then built it into the database rather than requiring an extra elastic search or open search stack. Amazon just... AWS just did the zero-ETL, which is a first step towards simplifying the process from going from Aurora to Redshift. You've seen same thing with Google, BigQuery integrating basically streaming pipelines. And you're seeing also a lot of movement in database machine learning. So, there's some good moves in this direction. I expect to see more than this year. Part of it's from basically the SaaS platform is adding some functionality. But I also see more importantly, because you're never going to get... This is like asking your data team and your developers, herding cats to standardizing the same tool. In most organizations, that is not going to happen. So, take a look at the most popular combinations of tools and start to come up with some pre-built integrations and pre-built orchestrations, and offer some promotional pricing, maybe not quite two for, but in other words, get two products for the price of two services or for the price of one and a half. I see a lot of potential for this. And it's to me, if the class was to simplify things, this is the next logical step and I expect to see more of this here. >> Yeah, and you see in Oracle, MySQL heat wave, yet another example of eliminating that ETL. Carl Olofson, today, if you think about the data stack and the application stack, they're largely separate. Do you have any thoughts on how that's going to play out? Does that play into this prediction? What do you think? >> Well, I think, that the... I really like Tony's phrase, islands of simplification. It really says (Tony chuckles) what's going on here, which is that all these different vendors you ask about, about how these stacks work. All these different vendors have their own stack vision. And you can... One application group is going to use one, and another application group is going to use another. And some people will say, let's go to, like you go to a Informatica conference and they say, we should be the center of your universe, but you can't connect everything in your universe to Informatica, so you need to use other things. So, the challenge is how do we make those things work together? As Tony has said, and I totally agree, we're never going to get to the point where people standardize on one organizing system. So, the alternative is to have metadata that can be shared amongst those systems and protocols that allow those systems to coordinate their operations. This is standard stuff. It's not easy. But the motive for the vendors is that they can become more active critical players in the enterprise. And of course, the motive for the customer is that things will run better and more completely. So, I've been looking at this in terms of two kinds of metadata. One is the meaning metadata, which says what data can be put together. The other is the operational metadata, which says basically where did it come from? Who created it? What's its current state? What's the security level? Et cetera, et cetera, et cetera. The good news is the operational stuff can actually be done automatically, whereas the meaning stuff requires some human intervention. And as we've already heard from, was it Doug, I think, people are disinclined to put a lot of definition into meaning metadata. So, that may be the harder one, but coordination is key. This problem has been with us forever, but with the addition of new data sources, with streaming data with data in different formats, the whole thing has, it's been like what a customer of mine used to say, "I understand your product can make my system run faster, but right now I just feel I'm putting my problems on roller skates. (chuckles) I don't need that to accelerate what's already not working." >> Excellent. Okay, Carl, let's stay with you. I remember in the early days of the big data movement, Hadoop movement, NoSQL was the big thing. And I remember Amr Awadallah said to us in theCUBE that SQL is the killer app for big data. So, your prediction here, if we bring that up is SQL is back. Please elaborate. >> Yeah. So, of course, some people would say, well, it never left. Actually, that's probably closer to true, but in the perception of the marketplace, there's been all this noise about alternative ways of storing, retrieving data, whether it's in key value stores or document databases and so forth. We're getting a lot of messaging that for a while had persuaded people that, oh, we're not going to do analytics in SQL anymore. We're going to use Spark for everything, except that only a handful of people know how to use Spark. Oh, well, that's a problem. Well, how about, and for ordinary conventional business analytics, Spark is like an over-engineered solution to the problem. SQL works just great. What's happened in the past couple years, and what's going to continue to happen is that SQL is insinuating itself into everything we're seeing. We're seeing all the major data lake providers offering SQL support, whether it's Databricks or... And of course, Snowflake is loving this, because that is what they do, and their success is certainly points to the success of SQL, even MongoDB. And we were all, I think, at the MongoDB conference where on one day, we hear SQL is dead. They're not teaching SQL in schools anymore, and this kind of thing. And then, a couple days later at the same conference, they announced we're adding a new analytic capability-based on SQL. But didn't you just say SQL is dead? So, the reality is that SQL is better understood than most other methods of certainly of retrieving and finding data in a data collection, no matter whether it happens to be relational or non-relational. And even in systems that are very non-relational, such as graph and document databases, their query languages are being built or extended to resemble SQL, because SQL is something people understand. >> Now, you remember when we were in high school and you had had to take the... Your debating in the class and you were forced to take one side and defend it. So, I was was at a Vertica conference one time up on stage with Curt Monash, and I had to take the NoSQL, the world is changing paradigm shift. And so just to be controversial, I said to him, Curt Monash, I said, who really needs acid compliance anyway? Tony Baer. And so, (chuckles) of course, his head exploded, but what are your thoughts (guests laughing) on all this? >> Well, my first thought is congratulations, Dave, for surviving being up on stage with Curt Monash. >> Amen. (group laughing) >> I definitely would concur with Carl. We actually are definitely seeing a SQL renaissance and if there's any proof of the pudding here, I see lakehouse is being icing on the cake. As Doug had predicted last year, now, (clears throat) for the record, I think, Doug was about a year ahead of time in his predictions that this year is really the year that I see (clears throat) the lakehouse ecosystems really firming up. You saw the first shots last year. But anyway, on this, data lakes will not go away. I've actually, I'm on the home stretch of doing a market, a landscape on the lakehouse. And lakehouse will not replace data lakes in terms of that. There is the need for those, data scientists who do know Python, who knows Spark, to go in there and basically do their thing without all the restrictions or the constraints of a pre-built, pre-designed table structure. I get that. Same thing for developing models. But on the other hand, there is huge need. Basically, (clears throat) maybe MongoDB was saying that we're not teaching SQL anymore. Well, maybe we have an oversupply of SQL developers. Well, I'm being facetious there, but there is a huge skills based in SQL. Analytics have been built on SQL. They came with lakehouse and why this really helps to fuel a SQL revival is that the core need in the data lake, what brought on the lakehouse was not so much SQL, it was a need for acid. And what was the best way to do it? It was through a relational table structure. So, the whole idea of acid in the lakehouse was not to turn it into a transaction database, but to make the data trusted, secure, and more granularly governed, where you could govern down to column and row level, which you really could not do in a data lake or a file system. So, while lakehouse can be queried in a manner, you can go in there with Python or whatever, it's built on a relational table structure. And so, for that end, for those types of data lakes, it becomes the end state. You cannot bypass that table structure as I learned the hard way during my research. So, the bottom line I'd say here is that lakehouse is proof that we're starting to see the revenge of the SQL nerds. (Dave chuckles) >> Excellent. Okay, let's bring up back up the predictions. Dave Menninger, this one's really thought-provoking and interesting. We're hearing things like data as code, new data applications, machines actually generating plans with no human involvement. And your prediction is the definition of data is expanding. What do you mean by that? >> So, I think, for too long, we've thought about data as the, I would say facts that we collect the readings off of devices and things like that, but data on its own is really insufficient. Organizations need to manipulate that data and examine derivatives of the data to really understand what's happening in their organization, why has it happened, and to project what might happen in the future. And my comment is that these data derivatives need to be supported and managed just like the data needs to be managed. We can't treat this as entirely separate. Think about all the governance discussions we've had. Think about the metadata discussions we've had. If you separate these things, now you've got more moving parts. We're talking about simplicity and simplifying the stack. So, if these things are treated separately, it creates much more complexity. I also think it creates a little bit of a myopic view on the part of the IT organizations that are acquiring these technologies. They need to think more broadly. So, for instance, metrics. Metric stores are becoming much more common part of the tooling that's part of a data platform. Similarly, feature stores are gaining traction. So, those are designed to promote the reuse and consistency across the AI and ML initiatives. The elements that are used in developing an AI or ML model. And let me go back to metrics and just clarify what I mean by that. So, any type of formula involving the data points. I'm distinguishing metrics from features that are used in AI and ML models. And the data platforms themselves are increasingly managing the models as an element of data. So, just like figuring out how to calculate a metric. Well, if you're going to have the features associated with an AI and ML model, you probably need to be managing the model that's associated with those features. The other element where I see expansion is around external data. Organizations for decades have been focused on the data that they generate within their own organization. We see more and more of these platforms acquiring and publishing data to external third-party sources, whether they're within some sort of a partner ecosystem or whether it's a commercial distribution of that information. And our research shows that when organizations use external data, they derive even more benefits from the various analyses that they're conducting. And the last great frontier in my opinion on this expanding world of data is the world of driver-based planning. Very few of the major data platform providers provide these capabilities today. These are the types of things you would do in a spreadsheet. And we all know the issues associated with spreadsheets. They're hard to govern, they're error-prone. And so, if we can take that type of analysis, collecting the occupancy of a rental property, the projected rise in rental rates, the fluctuations perhaps in occupancy, the interest rates associated with financing that property, we can project forward. And that's a very common thing to do. What the income might look like from that property income, the expenses, we can plan and purchase things appropriately. So, I think, we need this broader purview and I'm beginning to see some of those things happen. And the evidence today I would say, is more focused around the metric stores and the feature stores starting to see vendors offer those capabilities. And we're starting to see the ML ops elements of managing the AI and ML models find their way closer to the data platforms as well. >> Very interesting. When I hear metrics, I think of KPIs, I think of data apps, orchestrate people and places and things to optimize around a set of KPIs. It sounds like a metadata challenge more... Somebody once predicted they'll have more metadata than data. Carl, what are your thoughts on this prediction? >> Yeah, I think that what Dave is describing as data derivatives is in a way, another word for what I was calling operational metadata, which not about the data itself, but how it's used, where it came from, what the rules are governing it, and that kind of thing. If you have a rich enough set of those things, then not only can you do a model of how well your vacation property rental may do in terms of income, but also how well your application that's measuring that is doing for you. In other words, how many times have I used it, how much data have I used and what is the relationship between the data that I've used and the benefits that I've derived from using it? Well, we don't have ways of doing that. What's interesting to me is that folks in the content world are way ahead of us here, because they have always tracked their content using these kinds of attributes. Where did it come from? When was it created, when was it modified? Who modified it? And so on and so forth. We need to do more of that with the structure data that we have, so that we can track what it's used. And also, it tells us how well we're doing with it. Is it really benefiting us? Are we being efficient? Are there improvements in processes that we need to consider? Because maybe data gets created and then it isn't used or it gets used, but it gets altered in some way that actually misleads people. (laughs) So, we need the mechanisms to be able to do that. So, I would say that that's... And I'd say that it's true that we need that stuff. I think, that starting to expand is probably the right way to put it. It's going to be expanding for some time. I think, we're still a distance from having all that stuff really working together. >> Maybe we should say it's gestating. (Dave and Carl laughing) >> Sorry, if I may- >> Sanjeev, yeah, I was going to say this... Sanjeev, please comment. This sounds to me like it supports Zhamak Dehghani's principles, but please. >> Absolutely. So, whether we call it data mesh or not, I'm not getting into that conversation, (Dave chuckles) but data (audio breaking) (Tony laughing) everything that I'm hearing what Dave is saying, Carl, this is the year when data products will start to take off. I'm not saying they'll become mainstream. They may take a couple of years to become so, but this is data products, all this thing about vacation rentals and how is it doing, that data is coming from different sources. I'm packaging it into our data product. And to Carl's point, there's a whole operational metadata associated with it. The idea is for organizations to see things like developer productivity, how many releases am I doing of this? What data products are most popular? I'm actually in right now in the process of formulating this concept that just like we had data catalogs, we are very soon going to be requiring data products catalog. So, I can discover these data products. I'm not just creating data products left, right, and center. I need to know, do they already exist? What is the usage? If no one is using a data product, maybe I want to retire and save cost. But this is a data product. Now, there's a associated thing that is also getting debated quite a bit called data contracts. And a data contract to me is literally just formalization of all these aspects of a product. How do you use it? What is the SLA on it, what is the quality that I am prescribing? So, data product, in my opinion, shifts the conversation to the consumers or to the business people. Up to this point when, Dave, you're talking about data and all of data discovery curation is a very data producer-centric. So, I think, we'll see a shift more into the consumer space. >> Yeah. Dave, can I just jump in there just very quickly there, which is that what Sanjeev has been saying there, this is really central to what Zhamak has been talking about. It's basically about making, one, data products are about the lifecycle management of data. Metadata is just elemental to that. And essentially, one of the things that she calls for is making data products discoverable. That's exactly what Sanjeev was talking about. >> By the way, did everyone just no notice how Sanjeev just snuck in another prediction there? So, we've got- >> Yeah. (group laughing) >> But you- >> Can we also say that he snuck in, I think, the term that we'll remember today, which is metadata museums. >> Yeah, but- >> Yeah. >> And also comment to, Tony, to your last year's prediction, you're really talking about it's not something that you're going to buy from a vendor. >> No. >> It's very specific >> Mm-hmm. >> to an organization, their own data product. So, touche on that one. Okay, last prediction. Let's bring them up. Doug Henschen, BI analytics is headed to embedding. What does that mean? >> Well, we all know that conventional BI dashboarding reporting is really commoditized from a vendor perspective. It never enjoyed truly mainstream adoption. Always that 25% of employees are really using these things. I'm seeing rising interest in embedding concise analytics at the point of decision or better still, using analytics as triggers for automation and workflows, and not even necessitating human interaction with visualizations, for example, if we have confidence in the analytics. So, leading companies are pushing for next generation applications, part of this low-code, no-code movement we've seen. And they want to build that decision support right into the app. So, the analytic is right there. Leading enterprise apps vendors, Salesforce, SAP, Microsoft, Oracle, they're all building smart apps with the analytics predictions, even recommendations built into these applications. And I think, the progressive BI analytics vendors are supporting this idea of driving insight to action, not necessarily necessitating humans interacting with it if there's confidence. So, we want prediction, we want embedding, we want automation. This low-code, no-code development movement is very important to bringing the analytics to where people are doing their work. We got to move beyond the, what I call swivel chair integration, between where people do their work and going off to separate reports and dashboards, and having to interpret and analyze before you can go back and do take action. >> And Dave Menninger, today, if you want, analytics or you want to absorb what's happening in the business, you typically got to go ask an expert, and then wait. So, what are your thoughts on Doug's prediction? >> I'm in total agreement with Doug. I'm going to say that collectively... So, how did we get here? I'm going to say collectively as an industry, we made a mistake. We made BI and analytics separate from the operational systems. Now, okay, it wasn't really a mistake. We were limited by the technology available at the time. Decades ago, we had to separate these two systems, so that the analytics didn't impact the operations. You don't want the operations preventing you from being able to do a transaction. But we've gone beyond that now. We can bring these two systems and worlds together and organizations recognize that need to change. As Doug said, the majority of the workforce and the majority of organizations doesn't have access to analytics. That's wrong. (chuckles) We've got to change that. And one of the ways that's going to change is with embedded analytics. 2/3 of organizations recognize that embedded analytics are important and it even ranks higher in importance than AI and ML in those organizations. So, it's interesting. This is a really important topic to the organizations that are consuming these technologies. The good news is it works. Organizations that have embraced embedded analytics are more comfortable with self-service than those that have not, as opposed to turning somebody loose, in the wild with the data. They're given a guided path to the data. And the research shows that 65% of organizations that have adopted embedded analytics are comfortable with self-service compared with just 40% of organizations that are turning people loose in an ad hoc way with the data. So, totally behind Doug's predictions. >> Can I just break in with something here, a comment on what Dave said about what Doug said, which (laughs) is that I totally agree with what you said about embedded analytics. And at IDC, we made a prediction in our future intelligence, future of intelligence service three years ago that this was going to happen. And the thing that we're waiting for is for developers to build... You have to write the applications to work that way. It just doesn't happen automagically. Developers have to write applications that reference analytic data and apply it while they're running. And that could involve simple things like complex queries against the live data, which is through something that I've been calling analytic transaction processing. Or it could be through something more sophisticated that involves AI operations as Doug has been suggesting, where the result is enacted pretty much automatically unless the scores are too low and you need to have a human being look at it. So, I think that that is definitely something we've been watching for. I'm not sure how soon it will come, because it seems to take a long time for people to change their thinking. But I think, as Dave was saying, once they do and they apply these principles in their application development, the rewards are great. >> Yeah, this is very much, I would say, very consistent with what we were talking about, I was talking about before, about basically rethinking the modern data stack and going into more of an end-to-end solution solution. I think, that what we're talking about clearly here is operational analytics. There'll still be a need for your data scientists to go offline just in their data lakes to do all that very exploratory and that deep modeling. But clearly, it just makes sense to bring operational analytics into where people work into their workspace and further flatten that modern data stack. >> But with all this metadata and all this intelligence, we're talking about injecting AI into applications, it does seem like we're entering a new era of not only data, but new era of apps. Today, most applications are about filling forms out or codifying processes and require a human input. And it seems like there's enough data now and enough intelligence in the system that the system can actually pull data from, whether it's the transaction system, e-commerce, the supply chain, ERP, and actually do something with that data without human involvement, present it to humans. Do you guys see this as a new frontier? >> I think, that's certainly- >> Very much so, but it's going to take a while, as Carl said. You have to design it, you have to get the prediction into the system, you have to get the analytics at the point of decision has to be relevant to that decision point. >> And I also recall basically a lot of the ERP vendors back like 10 years ago, we're promising that. And the fact that we're still looking at the promises shows just how difficult, how much of a challenge it is to get to what Doug's saying. >> One element that could be applied in this case is (indistinct) architecture. If applications are developed that are event-driven rather than following the script or sequence that some programmer or designer had preconceived, then you'll have much more flexible applications. You can inject decisions at various points using this technology much more easily. It's a completely different way of writing applications. And it actually involves a lot more data, which is why we should all like it. (laughs) But in the end (Tony laughing) it's more stable, it's easier to manage, easier to maintain, and it's actually more efficient, which is the result of an MIT study from about 10 years ago, and still, we are not seeing this come to fruition in most business applications. >> And do you think it's going to require a new type of data platform database? Today, data's all far-flung. We see that's all over the clouds and at the edge. Today, you cache- >> We need a super cloud. >> You cache that data, you're throwing into memory. I mentioned, MySQL heat wave. There are other examples where it's a brute force approach, but maybe we need new ways of laying data out on disk and new database architectures, and just when we thought we had it all figured out. >> Well, without referring to disk, which to my mind, is almost like talking about cave painting. I think, that (Dave laughing) all the things that have been mentioned by all of us today are elements of what I'm talking about. In other words, the whole improvement of the data mesh, the improvement of metadata across the board and improvement of the ability to track data and judge its freshness the way we judge the freshness of a melon or something like that, to determine whether we can still use it. Is it still good? That kind of thing. Bringing together data from multiple sources dynamically and real-time requires all the things we've been talking about. All the predictions that we've talked about today add up to elements that can make this happen. >> Well, guys, it's always tremendous to get these wonderful minds together and get your insights, and I love how it shapes the outcome here of the predictions, and let's see how we did. We're going to leave it there. I want to thank Sanjeev, Tony, Carl, David, and Doug. Really appreciate the collaboration and thought that you guys put into these sessions. Really, thank you. >> Thank you. >> Thanks, Dave. >> Thank you for having us. >> Thanks. >> Thank you. >> All right, this is Dave Valente for theCUBE, signing off for now. Follow these guys on social media. Look for coverage on siliconangle.com, theCUBE.net. Thank you for watching. (upbeat music)

(upbeat music) >> Welcome back to Supercloud 2, which is an open industry collaboration between technologists, consultants, analysts, and of course, practitioners, to help shape the future of cloud. And at this event, one of the key areas we're exploring is the intersection of cloud and data, and how building value on top of hyperscale clouds and across clouds is evolving, a concept we call supercloud. And we're pleased to welcome Harvir Singh, who's the chief data architect and global head of data at Western Union. Harvir, it's good to see you again. Thanks for coming on the program. >> Thanks, David, it's always a pleasure to talk to you. >> So many things stand out from when we first met, and one of the most gripping for me was when you said to me, "When data moves, money moves." And that's the world we live in today, and really have for a long time. Money has moved as bits, and when it has to move, we want it to move quickly, securely, and in a governed manner. And the pressure to do so is only growing. So tell us how that trend is evolved over the past decade in the context of your industry generally, and Western Union, specifically. Look, I always say to people that we are probably the first ones to introduce digital currency around the world because, hey, somebody around the world needs money, we move data to make that happen. That trend has actually accelerated quite a bit. If you look at the last 10 years, and you look at all these payment companies, digital companies, credit card companies that have evolved, majority of them are working on the same principle. When data moves, money moves. When data is stale, the money goes away, right? I think that trend is continuing, and it's not just the trend is in this space, it's also continuing in other spaces, specifically around, you know, acquisition of customers, communication with customers. It's all becoming digital, and it's, at the end of the day, it's all data being moved from one place or another. At the end of the day, you're not seeing the customer, but you're looking at, you know, the data that he's consuming, and you're making actionable items on it, and be able to respond to what they need. So I think 10 years, it's really, really evolved. >> Hmm, you operate, Western Union operates in more than 200 countries, and you you have what I would call a pseudo federated organization. You're trying to standardize wherever possible on the infrastructure, and you're curating the tooling and doing the heavy lifting in the data stack, which of course lessens the burden on the developers and the line of business consumers, so my question is, in operating in 200 countries, how do you deal with all the diversity of laws and regulations across those regions? I know you're heavily involved in AWS, but AWS isn't everywhere, you still have some on-prem infrastructure. Can you paint a picture of, you know, what that looks like? >> Yeah, a few years ago , we were primarily mostly on-prem, and one of the biggest pain points has been managing that infrastructure around the world in those countries. Yes, we operate in 200 countries, but we don't have infrastructure in 200 countries, but we do have agent locations in 200 countries. United Nations says we only have like 183 are countries, but there are countries which, you know, declare themselves countries, and we are there as well because somebody wants to send money there, right? Somebody has an agent location down there as well. So that infrastructure is obviously very hard to manage and maintain. We have to comply by numerous laws, you know. And the last few years, specifically with GDPR, CCPA, data localization laws in different countries, it's been a challenge, right? And one of the things that we did a few years ago, we decided that we want to be in the business of helping our customers move money faster, security, and with complete trust in us. We don't want to be able to, we don't want to be in the business of managing infrastructure. And that's one of the reasons we started to, you know, migrate and move our journey to the cloud. AWS, obviously chosen first because of its, you know, first in the game, has more locations, and more data centers around the world where we operate. But we still have, you know, existing infrastructure, which is in some countries, which is still localized because AWS hasn't reached there, or we don't have a comparable provider there. We still manage those. And we have to comply by those laws. Our data privacy and our data localization tech stack is pretty good, I would say. We manage our data very well, we manage our customer data very well, but it comes with a lot of complexity. You know, we get a lot of requests from European Union, we get a lot of requests from Asia Pacific every pretty much on a weekly basis to explain, you know, how we are taking controls and putting measures in place to make sure that the data is secured and is in the right place. So it's a complex environment. We do have exposure to other clouds as well, like Google and Azure. And as much as we would love to be completely, you know, very, very hybrid kind of an organization, it's still at a stage where we are still very heavily focused on AWS yet, but at some point, you know, we would love to see a world which is not reliant on a single provider, but it's more a little bit more democratized, you know, as and when what I want to use, I should be able to use, and pay-per-use. And the concept started like that, but it's obviously it's now, again, there are like three big players in the market, and, you know, they're doing their own thing. Would love to see them come collaborate at some point. >> Yeah, wouldn't we all. I want to double-click on the whole multi-cloud strategy, but if I understand it correctly, and in a perfect world, everything on-premises would be in the cloud is, first of all, is that a correct statement? Is that nirvana for you or not necessarily? >> I would say it is nirvana for us, but I would also put a caveat, is it's very tricky because from a regulatory perspective, we are a regulated entity in many countries. The regulators would want to see some control if something happens with a relationship with AWS in one country, or with Google in another country, and it keeps happening, right? For example, Russia was a good example where we had to switch things off. We should be able to do that. But if let's say somewhere in Asia, this country decides that they don't want to partner with AWS, and majority of our stuff is on AWS, where do I go from there? So we have to have some level of confidence in our own infrastructure, so we do maintain some to be able to fail back into and move things it needs to be. So it's a tricky question. Yes, it's nirvana state that I don't have to manage infrastructure, but I think it's far less practical than it said. We will still own something that we call it our own where we have complete control, being a financial entity. >> And so do you try to, I'm sure you do, standardize between all the different on-premise, and in this case, the AWS cloud or maybe even other clouds. How do you do that? Do you work with, you know, different vendors at the various places of the stack to try to do that? Some of the vendors, you know, like a Snowflake is only in the cloud. You know, others, you know, whether it's whatever, analytics, or storage, or database, might be hybrid. What's your strategy with regard to creating as common an experience as possible between your on-prem and your clouds? >> You asked a question which I asked when I joined as well, right? Which question, this is one of the most important questions is how soon when I fail back, if I need to fail back? And how quickly can I, because not everything that is sitting on the cloud is comparable to on-prem or is backward compatible. And the reason I say backward compatible is, you know, there are, our on-prem cloud is obviously behind. We haven't taken enough time to kind of put it to a state where, because we started to migrate and now we have access to infrastructure on the cloud, most of the new things are being built there. But for critical application, I would say we have chronology that could be used to move back if need to be. So, you know, technologies like Couchbase, technologies like PostgreSQL, technologies like Db2, et cetera. We still have and maintain a fairly large portion of it on-prem where critical applications could potentially be serviced. We'll give you one example. We use Neo4j very heavily for our AML use cases. And that's an important one because if Neo4j on the cloud goes down, and it's happened in the past, again, even with three clusters, having all three clusters going down with a DR, we still need some accessibility of that because that's one of the biggest, you know, fraud and risk application it supports. So we do still maintain some comparable technology. Snowflake is an odd one. It's obviously there is none on-prem. But then, you know, Snowflake, I also feel it's more analytical based technology, not a transactional-based technology, at least in our ecosystem. So for me to replicate that, yes, it'll probably take time, but I can live with that. But my business will not stop because our transactional applications can potentially move over if need to. >> Yeah, and of course, you know, all these big market cap companies, so the Snowflake or Databricks, which is not public yet, but they've got big aspirations. And so, you know, we've seen things like Snowflake do a deal with Dell for on-prem object store. I think they do the same thing with Pure. And so over time, you see, Mongo, you know, extending its estate. And so over time all these things are coming together. I want to step out of this conversation for a second. I just ask you, given the current macroeconomic climate, what are the priorities? You know, obviously, people are, CIOs are tapping the breaks on spending, we've reported on that, but what is it? Is it security? Is it analytics? Is it modernization of the on-prem stack, which you were saying a little bit behind. Where are the priorities today given the economic headwinds? >> So the most important priority right now is growing the business, I would say. It's a different, I know this is more, this is not a very techy or a tech answer that, you know, you would expect, but it's growing the business. We want to acquire more customers and be able to service them as best needed. So the majority of our investment is going in the space where tech can support that initiative. During our earnings call, we released the new pillars of our organization where we will focus on, you know, omnichannel digital experience, and then one experience for customer, whether it's retail, whether it's digital. We want to open up our own experience stores, et cetera. So we are investing in technology where it's going to support those pillars. But the spend is in a way that we are obviously taking away from the things that do not support those. So it's, I would say it's flat for us. We are not like in heavily investing or aggressively increasing our tech budget, but it's more like, hey, switch this off because it doesn't make us money, but now switch this on because this is going to support what we can do with money, right? So that's kind of where we are heading towards. So it's not not driven by technology, but it's driven by business and how it supports our customers and our ability to compete in the market. >> You know, I think Harvir, that's consistent with what we heard in some other work that we've done, our ETR partner who does these types of surveys. We're hearing the same thing, is that, you know, we might not be spending on modernizing our on-prem stack. Yeah, we want to get to the cloud at some point and modernize that. But if it supports revenue, you know, we'll invest in that, and get the, you know, instant ROI. I want to ask you about, you know, this concept of supercloud, this abstracted layer of value on top of hyperscale infrastructure, and maybe on-prem. But we were talking about the integration, for instance, between Snowflake and Salesforce, where you got different data sources and you were explaining that you had great interest in being able to, you know, have a kind of, I'll say seamless, sorry, I know it's an overused word, but integration between the data sources and those two different platforms. Can you explain that and why that's attractive to you? >> Yeah, I'm a big supporter of action where the data is, right? Because the minute you start to move, things are already lost in translation. The time is lost, you can't get to it fast enough. So if, for example, for us, Snowflake, Salesforce, is our actionable platform where we action, we send marketing campaigns, we send customer communication via SMS, in app, as well as via email. Now, we would like to be able to interact with our customers pretty much on a, I would say near real time, but the concept of real time doesn't work well with me because I always feel that if you're observing something, it's not real time, it's already happened. But how soon can I react? That's the question. And given that I have to move that data all the way from our, let's say, engagement platforms like Adobe, and particles of the world into Snowflake first, and then do my modeling in some way, and be able to then put it back into Salesforce, it takes time. Yes, you know, I can do it in a few hours, but that few hours makes a lot of difference. Somebody sitting on my website, you know, couldn't find something, walked away, how soon do you think he will lose interest? Three hours, four hours, he'll probably gone, he will never come back. I think if I can react to that as fast as possible without too much data movement, I think that's a lot of good benefit that this kind of integration will bring. Yes, I can potentially take data directly into Salesforce, but I then now have two copies of data, which is, again, something that I'm not a big (indistinct) of. Let's keep the source of the data simple, clean, and a single source. I think this kind of integration will help a lot if the actions can be brought very close to where the data resides. >> Thank you for that. And so, you know, it's funny, we sometimes try to define real time as before you lose the customer, so that's kind of real time. But I want to come back to this idea of governed data sharing. You mentioned some other clouds, a little bit of Azure, a little bit of Google. In a world where, let's say you go more aggressively, and we know that for instance, if you want to use Google's AI tools, you got to use BigQuery. You know, today, anyway, they're not sort of so friendly with Snowflake, maybe different for the AWS, maybe Microsoft's going to be different as well. But in an ideal world, what I'm hearing is you want to keep the data in place. You don't want to move the data. Moving data is expensive, making copies is badness. It's expensive, and it's also, you know, changes the state, right? So you got governance issues. So this idea of supercloud is that you can leave the data in place and actually have a common experience across clouds. Let's just say, let's assume for a minute Google kind of wakes up, my words, not yours, and says, "Hey, maybe, you know what, partnering with a Snowflake or a Databricks is better for our business. It's better for the customers," how would that affect your business and the value that you can bring to your customers? >> Again, I would say that would be the nirvana state that, you know, we want to get to. Because I would say not everyone's perfect. They have great engineers and great products that they're developing, but that's where they compete as well, right? I would like to use the best of breed as much as possible. And I've been a person who has done this in the past as well. I've used, you know, tools to integrate. And the reason why this integration has worked is primarily because sometimes you do pick the best thing for that job. And Google's AI products are definitely doing really well, but, you know, that accessibility, if it's a problem, then I really can't depend on them, right? I would love to move some of that down there, but they have to make it possible for us. Azure is doing really, really good at investing, so I think they're a little bit more and more closer to getting to that state, and I know seeking our attention than Google at this point of time. But I think there will be a revelation moment because more and more people that I talk to like myself, they're also talking about the same thing. I'd like to be able to use Google's AdSense, I would like to be able to use Google's advertising platform, but you know what? I already have all this data, why do I need to move it? Can't they just go and access it? That question will keep haunting them (indistinct). >> You know, I think, obviously, Microsoft has always known, you know, understood ecosystems. I mean, AWS is nailing it, when you go to re:Invent, it's all about the ecosystem. And they think they realized they can make a lot more money, you know, together, than trying to have, and Google's got to figure that out. I think Google thinks, "All right, hey, we got to have the best tech." And that tech, they do have the great tech, and that's our competitive advantage. They got to wake up to the ecosystem and what's happening in the field and the go-to-market. I want to ask you about how you see data and cloud evolving in the future. You mentioned that things that are driving revenue are the priorities, and maybe you're already doing this today, but my question is, do you see a day when companies like yours are increasingly offering data and software services? You've been around for a long time as a company, you've got, you know, first party data, you've got proprietary knowledge, and maybe tooling that you've developed, and you're becoming more, you're already a technology company. Do you see someday pointing that at customers, or again, maybe you're doing it already, or is that not practical in your view? >> So data monetization has always been on the charts. The reason why it hasn't seen the light is regulatory pressure at this point of time. We are partnering up with certain agencies, again, you know, some pilots are happening to see the value of that and be able to offer that. But I think, you know, eventually, we'll get to a state where our, because we are trying to build accessible financial services, we will be in a state that we will be offering those to partners, which could then extended to their customers as well. So we are definitely exploring that. We are definitely exploring how to enrich our data with other data, and be able to complete a super set of data that can be used. Because frankly speaking, the data that we have is very interesting. We have trends of people migrating, we have trends of people migrating within the US, right? So if a new, let's say there's a new, like, I'll give you an example. Let's say New York City, I can tell you, at any given point of time, with my data, what is, you know, a dominant population in that area from migrant perspective. And if I see a change in that data, I can tell you where that is moving towards. I think it's going to be very interesting. We're a little bit, obviously, sometimes, you know, you're scared of sharing too much detail because there's too much data. So, but at the end of the day, I think at some point, we'll get to a state where we are confident that the data can be used for good. One simple example is, you know, pharmacies. They would love to get, you know, we've been talking to CVS and we are talking to Walgreens, and trying to figure out, if they would get access to this kind of data demographic information, what could they do be better? Because, you know, from a gene pool perspective, there are diseases and stuff that are very prevalent in one community versus the other. We could probably equip them with this information to be able to better, you know, let's say, staff their pharmacies or keep better inventory of products that could be used for the population in that area. Similarly, the likes of Walmarts and Krogers, they would like to have more, let's say, ethnic products in their aisles, right? How do you enable that? That data is primarily, I think we are the biggest source of that data. So we do take pride in it, but you know, with caution, we are obviously exploring that as well. >> My last question for you, Harvir, is I'm going to ask you to do a thought exercise. So in that vein, that whole monetization piece, imagine that now, Harvir, you are running a P&L that is going to monetize that data. And my question to you is a there's a business vector and a technology vector. So from a business standpoint, the more distribution channels you have, the better. So running on AWS cloud, partnering with Microsoft, partnering with Google, going to market with them, going to give you more revenue. Okay, so there's a motivation for multi-cloud or supercloud. That's indisputable. But from a technical standpoint, is there an advantage to running on multiple clouds or is that a disadvantage for you? >> It's, I would say it's a disadvantage because if my data is distributed, I have to combine it at some place. So the very first step that we had taken was obviously we brought in Snowflake. The reason, we wanted our analytical data and we want our historical data in the same place. So we are already there and ready to share. And we are actually participating in the data share, but in a private setting at the moment. So we are technically enabled to share, unless there is a significant, I would say, upside to moving that data to another cloud. I don't see any reason because I can enable anyone to come and get it from Snowflake. It's already enabled for us. >> Yeah, or if somehow, magically, several years down the road, some standard developed so you don't have to move the data. Maybe there's a new, Mogli is talking about a new data architecture, and, you know, that's probably years away, but, Harvir, you're an awesome guest. I love having you on, and really appreciate you participating in the program. >> I appreciate it. Thank you, and good luck (indistinct) >> Ah, thank you very much. This is Dave Vellante for John Furrier and the entire Cube community. Keep it right there for more great coverage from Supercloud 2. (uplifting music)

hi everybody welcome back to re invent 2022. this is thecube's exclusive coverage we're here at the satellite set it's up on the fifth floor of the Venetian Conference Center and this is part of the global startup program the AWS startup showcase series that we've been running all through last year and and into this year with AWS and featuring some of its its Global Partners Ed wallson series the CEO of chaos search many times Cube Alum and Kevin Miller there's also a cube Alum vice president GM of S3 at AWS guys good to see you again yeah great to see you Dave hi Kevin this is we call this our Super Bowl so this must be like your I don't know uh World Cup it's a pretty big event yeah it's the World Cup for sure yeah so a lot of S3 talk you know I mean that's what got us all started in 2006 so absolutely what's new in S3 yeah it's been a great show we've had a number of really interesting launches over the last few weeks and a few at the show as well so you know we've been really focused on helping customers that are running Mass scale data Lakes including you know whether it's structured or unstructured data we actually announced just a few just an hour ago I think it was a new capability to give customers cross-account access points for sharing data securely with other parts of the organization and that's something that we'd heard from customers is as they are growing and have more data sets and they're looking to to get more out of their data they are increasingly looking to enable multiple teams across their businesses to access those data sets securely and that's what we provide with cross-count access points we also launched yesterday our multi-region access point failover capabilities and so again this is where customers have data sets and they're using multiple regions for certain critical workloads they're now able to to use that to fail to control the failover between different regions in AWS and then one other launch I would just highlight is some improvements we made to storage lens which is our really a very novel and you need capability to help customers really understand what storage they have where who's accessing it when it's being accessed and we added a bunch of new metrics storage lens has been pretty exciting for a lot of customers in fact we looked at the data and saw that customers who have adopted storage lens typically within six months they saved more than six times what they had invested in turning storage lens on and certainly in this environment right now we have a lot of customers who are it's pretty top of mind they're looking for ways to optimize their their costs in the cloud and take some of those savings and be able to reinvest them in new innovation so pretty exciting with the storage lens launch I think what's interesting about S3 is that you know pre-cloud Object Store was this kind of a niche right and then of course you guys announced you know S3 in 2006 as I said and okay great you know cheap and deep storage simple get put now the conversations about how to enable value from from data absolutely analytics and it's just a whole new world and Ed you've talked many times I love the term yeah we built chaos search on the on the shoulders of giants right and so the under underlying that is S3 but the value that you can build on top of that has been key and I don't think we've talked about his shoulders and Giants but we've talked about how we literally you know we have a big Vision right so hard to kind of solve the challenge to analytics at scale we really focus on the you know the you know Big Data coming environment get analytics so we talk about the on the shoulders Giants obviously Isaac Newton's you know metaphor of I learned from everything before and we layer on top so really when you talk about all the things come from S3 like I just smile because like we picked it up naturally we went all in an S3 and this is where I think you're going Dave but everyone is so let's just cut the chase like so any of the data platforms you're using S3 is what you're building but we did it a little bit differently so at first people using a cold storage like you said and then they ETL it up into a different platforms for analytics of different sorts now people are using it closer they're doing caching layers and cashing out and they're that's where but that's where the attributes of a scale or reliability are what we did is we actually make S3 a database so literally we have no persistence outside that three and that kind of comes in so it's working really well with clients because most of the thing is we pick up all these attributes of scale reliability and it shows up in the clients environments and so when you launch all these new scalable things we just see it like our clients constantly comment like one of our biggest customers fintech in uh Europe they go to Black Friday again black Friday's not one days and they lose scale from what is it 58 terabytes a day and they're going up to 187 terabytes a day and we don't Flinch they say how do you do that well we built our platform on S3 as long as you can stream it to S3 so they're saying I can't overrun S3 and it's a natural play so it's it's really nice that but we take out those attributes but same thing that's why we're able to you know help clients get you know really you know Equifax is a good example maybe they're able to consolidate 12 their divisions on one platform we couldn't have done that without the scale and the performance of what you can get S3 but also they saved 90 I'm able to do that but that's really because the only persistence is S3 and what you guys are delivering but and then we really for focus on shoulders Giants we're doing on top of that innovating on top of your platforms and bringing that out so things like you know we have a unique data representation that makes it easy to ingest this data because it's kind of coming at you four v's of big data we allow you to do that make it performant on s3h so now you're doing hot analytics on S3 as if it's just a native database in memory but there's no memory SSC caching and then multi-model once you get it there don't move it leverage it in place so you know elasticsearch access you know Cabana grafana access or SQL access with your tools so we're seeing that constantly but we always talk about on the shoulders of giants but even this week I get comments from our customers like how did you do that and most of it is because we built on top of what you guys provided so it's really working out pretty well and you know we talk a lot about digital transformation of course we had the pleasure sitting down with Adam solipski prior John Furrier flew to Seattle sits down his annual one-on-one with the AWS CEO which is kind of cool yeah it was it's good it's like study for the test you know and uh and so but but one of the interesting things he said was you know we're one of our challenges going forward is is how do we go Beyond digital transformation into business transformation like okay well that's that's interesting I was talking to a customer today AWS customer and obviously others because they're 100 year old company and they're basically their business was they call them like the Uber for for servicing appliances when your Appliance breaks you got to get a person to serve it a service if it's out of warranty you know these guys do that so they got to basically have a you know a network of technicians yeah and they gotta deal with the customers no phone right so they had a completely you know that was a business transformation right they're becoming you know everybody says they're coming a software company but they're building it of course yeah right on the cloud so wonder if you guys could each talk about what's what you're seeing in terms of changing not only in the sort of I.T and the digital transformation but also the business transformation yeah I know I I 100 agree that I think business transformation is probably that one of the top themes I'm hearing from customers of all sizes right now even in this environment I think customers are looking for what can I do to drive top line or you know improve bottom line or just improve my customer experience and really you know sort of have that effect where I'm helping customers get more done and you know it is it is very tricky because to do that successfully the customers that are doing that successfully I think are really getting into the lines of businesses and figuring out you know it's probably a different skill set possibly a different culture different norms and practices and process and so it's it's a lot more than just a like you said a lot more than just the technology involved but when it you know we sort of liquidate it down into the data that's where absolutely we see that as a critical function for lines of businesses to become more comfortable first off knowing what data sets they have what data they they could access but possibly aren't today and then starting to tap into those data sources and then as as that progresses figuring out how to share and collaborate with data sets across a company to you know to correlate across those data sets and and drive more insights and then as all that's being done of course it's important to measure the results and be able to really see is this what what effect is this having and proving that effect and certainly I've seen plenty of customers be able to show you know this is a percentage increase in top or bottom line and uh so that pattern is playing out a lot and actually a lot of how we think about where we're going with S3 is related to how do we make it easier for customers to to do everything that I just described to have to understand what data they have to make it accessible and you know it's great to have such a great ecosystem of partners that are then building on top of that and innovating to help customers connect really directly with the businesses that they're running and driving those insights well and customers are hours today one of the things I loved that Adam said he said where Amazon is strategically very very patient but tactically we're really impatient and the customers out there like how are you going to help me increase Revenue how are you going to help me cut costs you know we were talking about how off off camera how you know software can actually help do that yeah it's deflationary I love the quote right so software's deflationary as costs come up how do you go drive it also free up the team and you nail it it's like okay everyone wants to save money but they're not putting off these projects in fact the digital transformation or the business it's actually moving forward but they're getting a little bit bigger but everyone's looking for creative ways to look at their architecture and it becomes larger larger we talked about a couple of those examples but like even like uh things like observability they want to give this tool set this data to all the developers all their sres same data to all the security team and then to do that they need to find a way an architect should do that scale and save money simultaneously so we see constantly people who are pairing us up with some of these larger firms like uh or like keep your data dog keep your Splunk use us to reduce the cost that one and one is actually cheaper than what you have but then they use it either to save money we're saving 50 to 80 hard dollars but more importantly to free up your team from the toil and then they they turn around and make that budget neutral and then allowed to get the same tools to more people across the org because they're sometimes constrained of getting the access to everyone explain that a little bit more let's say I got a Splunk or data dog I'm sifting through you know logs how exactly do you help so it's pretty simple I'll use dad dog example so let's say using data dog preservability so it's just your developers your sres managing environments all these platforms are really good at being a monitoring alerting type of tool what they're not necessarily great at is keeping the data for longer periods like the log data the bigger data that's where we're strong what you see is like a data dog let's say you're using it for a minister for to keep 30 days of logs which is not enough like let's say you're running environment you're finding that performance issue you kind of want to look to last quarter in last month in or maybe last Black Friday so 30 days is not enough but will charge you two eighty two dollars and eighty cents a gigabyte don't focus on just 280 and then if you just turn the knob and keep seven days but keep two years of data on us which is on S3 it goes down to 22 cents plus our list price of 80 cents goes to a dollar two compared to 280. so here's the thing what they're able to do is just turn a knob get more data we do an integration so you can go right from data dog or grafana directly into our platform so the user doesn't see it but they save money A lot of times they don't just save the money now they use that to go fund and get data dog to a lot more people make sense so it's a creativity they're looking at it and they're looking at tools we see the same thing with a grafana if you look at the whole grafana play which is hey you can't put it in one place but put Prometheus for metrics or traces we fit well with logs but they're using that to bring down their costs because a lot of this data just really bogs down these applications the alerting monitoring are good at small data they're not good at the big data which is what we're really good at and then the one and one is actually less than you paid for the one so it and it works pretty well so things are really unpredictable right now in the economy you know during the pandemic we've sort of lockdown and then the stock market went crazy we're like okay it's going to end it's going to end and then it looked like it was going to end and then it you know but last year it reinvented just just in that sweet spot before Omicron so we we tucked it in which which was awesome right it was a great great event we really really missed one physical reinvent you know which was very rare so that's cool but I've called it the slingshot economy it feels like you know you're driving down the highway and you got to hit the brakes and then all of a sudden you're going okay we're through it Oh no you're gonna hit the brakes again yeah so it's very very hard to predict and I was listening to jassy this morning he was talking about yeah consumers they're still spending but what they're doing is they're they're shopping for more features they might be you know buying a TV that's less expensive you know more value for the money so okay so hopefully the consumer spending will get us out of this but you don't really know you know and I don't yeah you know we don't seem to have the algorithms we've never been through something like this before so what are you guys seeing in terms of customer Behavior given that uncertainty well one thing I would highlight that I think particularly going back to what we were just talking about as far as business and digital transformation I think some customers are still appreciating the fact that where you know yesterday you may have had to to buy some Capital put out some capital and commit to something for a large upfront expenditure is that you know today the value of being able to experiment and scale up and then most importantly scale down and dynamically based on is the experiment working out am I seeing real value from it and doing that on a time scale of a day or a week or a few months that is so important right now because again it gets to I am looking for a ways to innovate and to drive Top Line growth but I I can't commit to a multi-year sort of uh set of costs to to do that so and I think plenty of customers are finding that even a few months of experimentation gives them some really valuable insight as far as is this going to be successful or not and so I think that again just of course with S3 and storage from day one we've been elastic pay for what you use if you're not using the storage you don't get charged for it and I think that particularly right now having the applications and the rest of the ecosystem around the storage and the data be able to scale up and scale down is is just ever more important and when people see that like typically they're looking to do more with it so if they find you usually find these little Department projects but they see a way to actually move faster and save money I think it is a mix of those two they're looking to expand it which can be a nightmare for sales Cycles because they take longer but people are looking well why don't you leverage this and go across division so we do see people trying to leverage it because they're still I don't think digital transformation is slowing down but a lot more to be honest a lot more approvals at this point for everything it is you know Adam and another great quote in his in his keynote he said if you want to save money the Cloud's a place to do it absolutely and I read an article recently and I was looking through and I said this is the first time you know AWS has ever seen a downturn because the cloud was too early back then I'm like you weren't paying attention in 2008 because that was the first major inflection point for cloud adoption where CFO said okay stop the capex we're going to Opex and you saw the cloud take off and then 2010 started this you know amazing cycle that we really haven't seen anything like it where they were doubling down in Investments and they were real hardcore investment it wasn't like 1998 99 was all just going out the door for no clear reason yeah so that Foundation is now in place and I think it makes a lot of sense and it could be here for for a while where people are saying Hey I want to optimize and I'm going to do that on the cloud yeah no I mean I've obviously I certainly agree with Adam's quote I think really that's been in aws's DNA from from day one right is that ability to scale costs with with the actual consumption and paying for what you use and I think that you know certainly moments like now are ones that can really motivate change in an organization in a way that might not have been as palatable when it just it didn't feel like it was as necessary yeah all right we got to go give you a last word uh I think it's been a great event I love all your announcements I think this is wonderful uh it's been a great show I love uh in fact how many people are here at reinvent north of 50 000. yeah I mean I feel like it was it's as big if not bigger than 2019. people have said ah 2019 was a record when you count out all the professors I don't know it feels it feels as big if not bigger so there's great energy yeah it's quite amazing and uh and we're thrilled to be part of it guys thanks for coming on thecube again really appreciate it face to face all right thank you for watching this is Dave vellante for the cube your leader in Enterprise and emerging Tech coverage we'll be right back foreign

>>Epic set for us. Fantastic crew here at the Cube. We're so grateful to everyone on the team. My co-hosts are absolute beasts, and thank you for always tuning into the cube because of you. It's why we're here at AWS. Reinvent in fabulous Las Vegas.

>>The Cube is live with three different stages here at aws Reinvent in fabulous Las Vegas, Nevada, and wow, is it just buzzing in here? It is absolutely overwhelming, but also thrilling to be here in Las Vegas.

(bright music) >> Hello everyone. Welcome to theCUBE's coverage of AWS re:Invent 22. I'm John Furrier, host of theCUBE. Got some great coverage here talking about software supply chain and sustainability in the cloud. We've got a great conversation. Gunnar Hellekson, vice president and general manager at Red Hat Enterprise Linux and Business Unit of Red Hat. Thanks for coming on. And Adnan Ijaz, director of product management of commercial software services, AWS. Gentlemen, thanks for joining me today. >> It's a pleasure. (Adnan speaks indistinctly) >> You know, the hottest topic coming out of Cloud Native developer communities is slide chain software sustainability. This is a huge issue. As open source continues to power away and fund and grow this next generation modern development environment, you know, supply chain, you know, sustainability is a huge discussion because you got to check things out, what's in the code. Okay, open source is great, but now we got to commercialize it. This is the topic, Gunnar, let's get in with you. What are you seeing here and what's some of the things that you're seeing around the sustainability piece of it? Because, you know, containers, Kubernetes, we're seeing that that run time really dominate this new abstraction layer, cloud scale. What's your thoughts? >> Yeah, so I, it's interesting that the, you know, so Red Hat's been doing this for 20 years, right? Making open source safe to consume in the enterprise. And there was a time when in order to do that you needed to have a long term life cycle and you needed to be very good at remediating security vulnerabilities. And that was kind of, that was the bar that you had to climb over. Nowadays with the number of vulnerabilities coming through, what people are most worried about is, kind of, the providence of the software and making sure that it has been vetted and it's been safe, and that things that you get from your vendor should be more secure than things that you've just downloaded off of GitHub, for example. Right? And that's a place where Red Hat's very comfortable living, right? Because we've been doing it for 20 years. I think there's another aspect to this supply chain question as well, especially with the pandemic. You know, we've got these supply chains have been jammed up. The actual physical supply chains have been jammed up. And the two of these issues actually come together, right? Because as we go through the pandemic, we've got these digital transformation efforts, which are in large part, people creating software in order to manage better their physical supply chain problems. And so as part of that digital transformation, you have another supply chain problem, which is the software supply chain problem, right? And so these two things kind of merge on these as people are trying to improve the performance of transportation systems, logistics, et cetera. Ultimately, it all boils down to, both supply chain problems actually boil down to a software problem. It's very interesting. >> Well, that is interesting. I want to just follow up on that real quick if you don't mind. Because if you think about the convergence of the software and physical world, you know, that's, you know, IOT and also hybridcloud kind of plays into that at scale, this opens up more surface area for attacks, especially when you're under a lot of pressure. This is where, you know, you have a service area on the physical side and you have constraints there. And obviously the pandemic causes problems. But now you've got the software side. How are you guys handling that? Can you just share a little bit more of how you guys looking at that with Red Hat? What's the customer challenge? Obviously, you know, skills gaps is one, but, like, that's a convergence at the same time more security problems. >> Yeah, yeah, that's right. And certainly the volume of, if we just look at security vulnerabilities themselves, just the volume of security vulnerabilities has gone up considerably as more people begin using the software. And as the software becomes more important to, kind of, critical infrastructure. More eyeballs around it and so we're uncovering more problems, which is kind of, that's okay, that's how the world works. And so certainly the number of remediations required every year has gone up. But also the customer expectations, as I mentioned before, the customer expectations have changed, right? People want to be able to show to their auditors and to their regulators that no, in fact, I can show the providence of the software that I'm using. I didn't just download something random off the internet. I actually have like, you know, adults paying attention to how the software gets put together. And it's still, honestly, it's still very early days. I think as an industry, I think we're very good at managing, identifying remediating vulnerabilities in the aggregate. We're pretty good at that. I think things are less clear when we talk about, kind of, the management of that supply chain, proving the providence, and creating a resilient supply chain for software. We have lots of tools, but we don't really have lots of shared expectations. And so it's going to be interesting over the next few years, I think we're going to have more rules are going to come out. I see NIST has already published some of them. And as these new rules come out, the whole industry is going to have to kind of pull together and really rally around some of this shared understanding so we can all have shared expectations and we can all speak the same language when we're talking about this problem. >> That's awesome. Adnan, Amazon web service is obviously the largest cloud platform out there. You know, the pandemic, even post pandemic, some of these supply chain issues, whether it's physical or software, you're also an outlet for that. So if someone can't buy hardware or something physical, they can always get to the cloud. You guys have great network compute and whatnot and you got thousands of ISVs across the globe. How are you helping customers with this supply chain problem? Because whether it's, you know, I need to get in my networking gears and delay, I'm going to go to the cloud and get help there. Or whether it's knowing the workloads and what's going on inside them with respect to open source. 'Cause you've got open source, which is kind of an external forcing function. You've got AWS and you got, you know, physical compute stores, networking, et cetera. How are you guys helping customers with the supply chain challenge, which could be an opportunity? >> Yeah, thanks John. I think there are multiple layers to that. At the most basic level, we are helping customers by abstracting away all these data center constructs that they would have to worry about if they were running their own data centers. They would have to figure out how the networking gear, you talk about, you know, having the right compute, right physical hardware. So by moving to the cloud, at least they're delegating that problem to AWS and letting us manage and making sure that we have an instance available for them whenever they want it. And if they want to scale it, the capacity is there for them to use. Now then, so we kind of give them space to work on the second part of the problem, which is building their own supply chain solutions. And we work with all kinds of customers here at AWS from all different industry segments, automotive, retail, manufacturing. And you know, you see the complexity of the supply chain with all those moving pieces, like hundreds and thousands of moving pieces, it's very daunting. And then on the other hand, customers need more better services. So you need to move fast. So you need to build your agility in the supply chain itself. And that is where, you know, Red Hat and AWS come together. Where we can enable customers to build their supply chain solutions on platforms like Red Hat Enterprise Linux RHEL or Red Hat OpenShift on AWS, we call it ROSA. And the benefit there is that you can actually use the services that are relevant for the supply chain solutions like Amazon managed blockchain, you know, SageMaker. So you can actually build predictive analytics, you can improve forecasting, you can make sure that you have solutions that help you identify where you can cut costs. And so those are some of the ways we're helping customers, you know, figure out how they actually want to deal with the supply chain challenges that we're running into in today's world. >> Yeah, and you know, you mentioned sustainability outside of software sustainability, you know, as people move to the cloud, we've reported on SiliconANGLE here in theCUBE, that it's better to have the sustainability with the cloud because then the data centers aren't using all that energy too. So there's also all kinds of sustainability advantages. Gunnar, because this is kind of how your relationship with Amazon's expanded. You mentioned ROSA, which is Red Hat, you know, on OpenShift, on AWS. This is interesting because one of the biggest discussions is skills gap, but we were also talking about the fact that the humans are a huge part of the talent value. In other words, the humans still need to be involved. And having that relationship with managed services and Red Hat, this piece becomes one of those things that's not talked about much, which is the talent is increasing in value, the humans, and now you got managed services on the cloud. So we'll look at scale and human interaction. Can you share, you know, how you guys are working together on this piece? 'Cause this is interesting, 'cause this kind of brings up the relationship of that operator or developer. >> Yeah, yeah. So I think there's, so I think about this in a few dimensions. First is that it's difficult to find a customer who is not talking about automation at some level right now. And obviously you can automate the processes and the physical infrastructure that you already have, that's using tools like Ansible, right? But I think that combining it with the elasticity of a solution like AWS, so you combine the automation with kind of elastic and converting a lot of the capital expenses into operating expenses, that's a great way actually to save labor, right? So instead of like racking hard drives, you can have somebody do something a little more like, you know, more valuable work, right? And so, okay, but that gives you a platform. And then what do you do with that platform? You know, if you've got your systems automated and you've got this kind of elastic infrastructure underneath you, what you do on top of it is really interesting. So a great example of this is the collaboration that we had with running the RHEL workstation on AWS. So you might think, like, well why would anybody want to run a workstation on a cloud? That doesn't make a whole lot of sense. Unless you consider how complex it is to set up, if you have, the use case here is like industrial workstations, right? So it's animators, people doing computational fluid dynamics, things like this. So these are industries that are extremely data heavy. Workstations have very large hardware requirements, often with accelerated GPUs and things like this. That is an extremely expensive thing to install on-premise anywhere. And if the pandemic taught us anything, it's if you have a bunch of very expensive talent and they all have to work from home, it is very difficult to go provide them with, you know, several tens of thousands of dollars worth of workstation equipment. And so combine the RHEL workstation with the AWS infrastructure and now all that workstation computational infrastructure is available on demand and available right next to the considerable amount of data that they're analyzing or animating or working on. So it's a really interesting, it was actually, this is an idea that was actually born with the pandemic. >> Yeah. >> And it's kind of a combination of everything that we're talking about, right? It's the supply chain challenges of the customer, it's the lack of talent, making sure that people are being put to their best and highest use. And it's also having this kind of elastic, I think, OpEx heavy infrastructure as opposed to a CapEx heavy infrastructure. >> That's a great example. I think that illustrates to me what I love about cloud right now is that you can put stuff in the cloud and then flex what you need, when you need it, in the cloud rather than either ingress or egress of data. You just get more versatility around the workload needs, whether it's more compute or more storage or other high level services. This is kind of where this next gen cloud is going. This is where customers want to go once their workloads are up and running. How do you simplify all this and how do you guys look at this from a joint customer perspective? Because that example I think will be something that all companies will be working on, which is put it in the cloud and flex to whatever the workload needs and put it closer to the compute. I want to put it there. If I want to leverage more storage and networking, well, I'll do that too. It's not one thing, it's got to flex around. How are you guys simplifying this? >> Yeah, I think, so, I'll give my point of view and then I'm very curious to hear what Adnan has to say about it. But I think about it in a few dimensions, right? So there is a technically, like, any solution that Adnan's team and my team want to put together needs to be kind of technically coherent, right? Things need to work well together. But that's not even most of the job. Most of the job is actually ensuring an operational consistency and operational simplicity, so that everything is, the day-to-day operations of these things kind of work well together. And then also, all the way to things like support and even acquisition, right? Making sure that all the contracts work together, right? It's a really... So when Adnan and I think about places of working together, it's very rare that we're just looking at a technical collaboration. It's actually a holistic collaboration across support, acquisition, as well as all the engineering that we have to do. >> Adnan, your view on how you're simplifying it with Red Hat for your joint customers making collaborations? >> Yeah, Gunnar covered it well. I think the benefit here is that Red Hat has been the leading Linux distribution provider. So they have a lot of experience. AWS has been the leading cloud provider. So we have both our own points of view, our own learning from our respective set of customers. So the way we try to simplify and bring these things together is working closely. In fact, I sometimes joke internally that if you see Gunnar and my team talking to each other on a call, you cannot really tell who belongs to which team. Because we're always figuring out, okay, how do we simplify discount experience? How do we simplify programs? How do we simplify go to market? How do we simplify the product pieces? So it's really bringing our learning and share our perspective to the table and then really figure out how do we actually help customers make progress. ROSA that we talked about is a great example of that, you know, together we figured out, hey, there is a need for customers to have this capability in AWS and we went out and built it. So those are just some of the examples in how both teams are working together to simplify the experience, make it complete, make it more coherent. >> Great, that's awesome. Next question is really around how you help organizations with the sustainability piece, how to support them simplifying it. But first, before we get into that, what is the core problem around this sustainability discussion we're talking about here, supply chain sustainability, what is the core challenge? Can you both share your thoughts on what that problem is and what the solution looks like and then we can get into advice? >> Yeah. Well from my point of view, it's, I think, you know, one of the lessons of the last three years is every organization is kind of taking a careful look at how resilient it is, or I should say, every organization learned exactly how resilient it was, right? And that comes from both the physical challenges and the logistics challenges that everyone had, the talent challenges you mentioned earlier. And of course the software challenges, you know, as everyone kind of embarks on this digital transformation journey that we've all been talking about. And I think, so I really frame it as resilience, right? And resilience at bottom is really about ensuring that you have options and that you have choices. The more choices you have, the more options you have, the more resilient you and your organization is going to be. And so I know that's how I approach the market. I'm pretty sure that's how Adnan is approaching the market, is ensuring that we are providing as many options as possible to customers so that they can assemble the right pieces to create a solution that works for their particular set of challenges or their unique set of challenges and unique context. Adnan, does that sound about right to you? >> Yeah, I think you covered it well. I can speak to another aspect of sustainability, which is becoming increasingly top of mind for our customers. Like, how do they build products and services and solutions and whether it's supply chain or anything else which is sustainable, which is for the long term good of the planet. And I think that is where we have also been very intentional and focused in how we design our data center, how we actually build our cooling system so that those are energy efficient. You know, we are on track to power all our operations with renewable energy by 2025, which is five years ahead of our initial commitment. And perhaps the most obvious example of all of this is our work with ARM processors, Graviton3, where, you know, we are building our own chip to make sure that we are designing energy efficiency into the process. And you know, the ARM Graviton3 processor chips, they are about 60% more energy efficient compared to some of the CD6 comparable. So all those things that also we are working on in making sure that whatever our customers build on our platform is long term sustainable. So that's another dimension of how we are working that into our platform. >> That's awesome. This is a great conversation. You know, the supply chain is on both sides, physical and software. You're starting to see them come together in great conversations. And certainly moving workloads to the cloud and running them more efficiently will help on the sustainability side, in my opinion. Of course, you guys talked about that and we've covered it. But now you start getting into how to refactor, and this is a big conversation we've been having lately is as you not just lift and shift, but replatform it and refactor, customers are seeing great advantages on this. So I have to ask you guys, how are you helping customers and organizations support sustainability and simplify the complex environment that has a lot of potential integrations? Obviously API's help of course, but that's the kind of baseline. What's the advice that you give customers? 'Cause you know, it can look complex and it becomes complex, but there's an answer here. What's your thoughts? >> Yeah, I think, so whenever I get questions like this from customers, the first thing I guide them to is, we talked earlier about this notion of consistency and how important that is. One way to solve the problem is to create an entirely new operational model, an entirely new acquisition model, and an entirely new stack of technologies in order to be more sustainable. That is probably not in the cards for most folks. What they want to do is have their existing estate and they're trying to introduce sustainability into the work that they are already doing. They don't need to build another silo in order to create sustainability, right? And so there has to be some common threads, there has to be some common platforms across the existing estate and your more sustainable estate, right? And so things like Red Hat Enterprise Linux, which can provide this kind of common, not just a technical substrate, but a common operational substrate on which you can build these solutions. If you have a common platform on which you are building solutions, whether it's RHEL or whether it's OpenShift or any of our other platforms, that creates options for you underneath. So that in some cases maybe you need to run things on-premises, some things you need to run in the cloud, but you don't have to profoundly change how you work when you're moving from one place to another. >> Adnan, what's your thoughts on the simplification? >> Yeah, I mean, when you talk about replatforming and refactoring, it is a daunting undertaking, you know, especially in today's fast paced world. But the good news is you don't have to do it by yourself. Customers don't have to do it on their own. You know, together AWS and Red Hat, we have our rich partner ecosystem, you know, AWS has over 100,000 partners that can help you take that journey, the transformation journey. And within AWS and working with our partners like Red Hat, we make sure that we have- In my mind, there are really three big pillars that you have to have to make sure that customers can successfully re-platform, refactor their applications to the modern cloud architecture. You need to have the rich set of services and tools that meet their different scenarios, different use cases. Because no one size fits all. You have to have the right programs because sometimes customers need those incentives, they need those, you know, that help in the first step. And last but not least, they need training. So all of that, we try to cover that as we work with our customers, work with our partners. And that is where, you know, together we try to help customers take that step, which is a challenging step to take. >> Yeah, you know, it's great to talk to you guys, both leaders in your field. Obviously Red Hats, I remember the days back when I was provisioning and loading OSs on hardware with CDs, if you remember those days, Gunnar. But now with the high level services, if you look at this year's reinvent, and this is kind of my final question for the segment is, that we'll get your reaction to, last year we talked about higher level service. I sat down with Adam Saleski, we talked about that. If you look at what's happened this year, you're starting to see people talk about their environment as their cloud. So Amazon has the gift of the CapEx, all that investment and people can operate on top of it. They're calling that environment their cloud. Okay? For the first time we're seeing this new dynamic where it's like they have a cloud, but Amazon's the CapEx, they're operating. So, you're starting to see the operational visibility, Gunnar, around how to operate this environment. And it's not hybrid, this, that, it's just, it's cloud. This is kind of an inflection point. Do you guys agree with that or have a reaction to that statement? Because I think this is, kind of, the next gen supercloud-like capability. We're going, we're building the cloud. It's now an environment. It's not talking about private cloud, this cloud, it's all cloud. What's your reaction? >> Yeah, I think, well, I think it's very natural. I mean, we use words like hybridcloud, multicloud, I guess supercloud is what the kids are saying now, right? It's all describing the same phenomena, right? Which is being able to take advantage of lots of different infrastructure options, but still having something that creates some commonality among them so that you can manage them effectively, right? So that you can have, kind of, uniform compliance across your estate. So that you can have, kind of, you can make the best use of your talent across the estate. I mean this is, it's a very natural thing. >> John: They're calling it cloud, the estate is the cloud. >> Yeah. So yeah, so fine, if it means that we no longer have to argue about what's multicloud and what's hybridcloud, I think that's great. Let's just call it cloud. >> Adnan, what's your reaction, 'cause this is kind of the next gen benefits of higher level services combined with amazing, you know, compute and resource at the infrastructure level. What's your view on that? >> Yeah, I think the construct of a unified environment makes sense for customers who have all these use cases which require, like for instance, if you are doing some edge computing and you're running WS outpost or you know, wavelength and these things. So, and it is fair for customer to think that, hey, this is one environment, same set of tooling that they want to build that works across all their different environments. That is why we work with partners like Red Hat so that customers who are running Red Hat Enterprise Linux on-premises and who are running in AWS get the same level of support, get the same level of security features, all of that. So from that sense, it actually makes sense for us to build these capabilities in a way that customers don't have to worry about, okay, now I'm actually in the AWS data center versus I'm running outpost on-premises. It is all one. They just use the same set of CLI, command line APIs and all of that. So in that sense it actually helps customers have that unification so that consistency of experience helps their workforce and be more productive versus figuring out, okay, what do I do, which tool I use where? >> Adnan, you just nailed it. This is about supply chain sustainability, moving the workloads into a cloud environment. You mentioned wavelength, this conversation's going to continue. We haven't even talked about the edge yet. This is something that's going to be all about operating these workloads at scale and all with the cloud services. So thanks for sharing that and we'll pick up that edge piece later. But for re:Invent right now, this is really the key conversation. How to make the sustained supply chain work in a complex environment, making it simpler. And so thanks you for sharing your insights here on theCUBE. >> Thanks, thanks for having us. >> Okay, this is theCUBE's coverage of AWS re:Invent 22. I'm John Furrier, your host. Thanks for watching. (bright music)