(upbeat music) >> Hey everyone. Welcome to theCube's presentation of the AWS Startup Showcase. This is season two, episode four of our ongoing series featuring exciting startups in the AWS ecosystem. This theme is cyber security, detecting and protecting against threats. I'm your host, Lisa Martin and I'm pleased to be joined by Raghu Nadakumara the senior director of solutions marketing at Illumio. We're going to be talking about all things, cybersecurity, Raghu. it's great to have you on the program >> Lisa, it's fantastic to be here and the lovely to have the opportunity. Thank you >> Absolutely. So, so much changing in the threat landscape. We're seeing threat actors are booming, new threats customers having to solve really hard security problems across their organization. On-prem in the cloud, hybrid multi-cloud, et cetera. Talk to me about some of the ways in which Illumio is helping customers to address those massive challenges. >> Sure. I think like it's a sort of to pair off what you said to begin with. You said so much has changed, but equally and Kim Jetta made this point last week in her keynote at Black Hat and Chris Krebs former director of CISA also kind of reiterated this, so much has changed yet so much hasn't changed. And really from sort of Illumio's perspective the way we look at this is that as we are moving to a sort of a world of ever increasing connectivity I kind of almost pair off digital transformation which pretty much every organization talks about. They've got a digital transformation program. I really pair that off with what does that mean? It really means hyper connectivity because you've got your data center connecting into workloads, running in the cloud with users and user devices everywhere with a plethora of other connected devices. So we've got this massive hyper connected web. Well, what does that lead to? It leads to a massively increasing mushrooming attack surface. So from a threat actor perspective, just the the size of the opportunity is so much larger these days. But the problem then from a from a defender's perspective is that how do you even understand your, this complex very hybrid attack surface? So what we lack is the ability to get that consistent visibility of our actual exposure across the board, but, and then the ability to then deploy a consistent security control set across that estate to be able to manage that attack service and reduce that exposure risk. And these two problems, the challenge of consistent visibility and the challenge of consistent security from an Illumio perspective, we believe we solve both of those with our zero trust segmentation platform. So we are really looking at helping organizations helping our customers be resilient to the threats of today and the threats of tomorrow by giving them that consistent visibility and that consistent security through zero trust segmentation. >> Let's unpack zero trust segmentation. You know, when we look at some of the stats on ransom where it's been a while that it's a matter of when, not if for organizations so getting that visibility and consistent security policies across the estate, as you say is critical for businesses in every organization. How does zero trust segmentation, first of all define it and then tell us how that helps. >> Oh, happily. It's kind of one my favorite subjects to talk about. Right. So let start with zero trust segmentation and kind of, sort of to put it into a context that's probably more easy to understand, right? Is that we see sort of zero trust segmentation as being founded on two pillars, right? The first is an assumed breach mindset and I'll come onto what we mean by that in a second. And the second paired with that and what we see is kind of the natural progression from that is then the use of least privileged policies to go and control and protect your estate. So what does assume breach mean? Well, assume breach is really that approach that says work on the assumption that bad event that malicious actor, that anomalous action that unexpected behavior, and that could be intentional and the result of a malicious action or it could be completely unintentional. Think of that sort of someone, a misconfiguration in an application, for example, right? All of these things are essentially unexpected anomalous event. So start from that assumption that that's either happened or it's going to happen at some point, right? So when you make that assumption, right, and that assumption that that is happening on your internal network. So remember right. Assume that that thing is already happening on your internal network, not it's on outside of the perimeter and it's got to still find its way in. No, it's really about assuming that that initial sort of thing to get onto the network and some anomalous event has already happened. If you started from that premise then how would you design your security controls? Well, the natural reaction to that is, well if that's going to happen what I need to ensure is that the impact of that is as limited as possible is as restricted as possible. So how do I ensure that that is as limited as possible? Well, it's by ensuring that any access into the rest of my environment, the rest of the infrastructure and that could be that hybrid infrastructure, private cloud, public cloud, et cetera is built on a least privileged access model. And that way I can ensure that even if I have a compromise in one part of my environment or potentially there could be compromises in different parts of my environment that they're not going to impact the rest of the whole. So I'm containing the impact of that. And as a result I'm protecting the rest of the infrastructure and able to maintain my resilience for longer. So that's how zero trust segmentation, well, that's what zero trust segmentation is and how it delivers better security for an organization. >> So preventing that lateral spread is really critical especially as we've seen in the last couple of years this acceleration of cloud adoption, cloud migration for customers that are in transit, if you will, CTS why is it so fundamental? >> Well, I think you expressed it brilliantly, right? That if you look at any sort of malicious attack, right? Whether it's ransomware, whether it's an advanced attacker like APT style attack over the last sort of decade, right? A common part, a common tactic, those attackers used in order to proliferate and in order to move to either spread that attack as far and wide as possible in the case of ransomware or in the case of a very targeted attack to go and find that trophy target. One of the key tactics they leverage is lateral movement. So from a defender's perspective if you are able to better detect and ideally better prevent upfront that lateral movement and limit you are, you are defending yourself. You are proactively defending yourself from this threat. So what does that mean then from the perspective of organizations that are moving into cloud? So organizations that are say on that journey to transition into AWS, right? Whether from a right, I'm going all in an AWS and ultimately leaving my private data center behind or sort of more likely where my applications now in this hybrid deployment model where I have some on-prem some in the cloud. So there it's even more important because we know that things that are deployed in the cloud can very easily sort of get exposed to the internet. Right? We've seen that with a number of sort of different customers of cloud where a misconfigured security group suddenly gives access to all resources from the internet, right? Or gives access on high risk ports that you didn't want to have that you didn't want to be able to access. So here, zero trust segmentation is so important because if you come back to the fundamentals of it, it's around consistent visibility and consistent security policy. So what do we provide? Well, from an Illumio perspective and through our zero trust segmentation platform we ensure that as your application, as your key resources, as they transition from your private data center into the cloud, you can have exactly the same visibility and exactly the same granularity of visibility over those interactions between your resources as they move into the cloud. And the most important thing here is that it's not in cloud. We realize it's not just about adopting compute. It's not just infrastructure as a service organizations are now adopting the the more cloud native services whether that's managed databases or containers or serverless, et cetera, right. But all of these make up part of that new application and all of those need be included in that visibility, right? So visibility, isn't just about what your computer's doing where you've got this OS that you can manage but it's really about any component that is interacting as part of your organization as part of your applications. So we provide visibility across that and as it moves so that, that sort of, that granularity of visibility the ability to see those dependencies between applications we provide that consistently. And then naturally we then allow you to con consistently apply security policy as this application moves. So as you transition from on-prem where you have controls where you have your lateral movement controls your segmentation controls, and as you move resources into the cloud we allow you to maintain that security posture as you move into cloud, but not just that doesn't just stop there. So we spoke at the top about how least privileged is fundamental to zero trust from a policy perspective what we give you the ability to do give our customers the ability to do as they move into AWS is compare what they have configured on their security groups. So they way they think they've got the right security posture, we compare that to what the actual usage around those resources is. And we provide them recommendations to better secure those security groups. So essentially always tending them towards a more secure con configuration, such that they can maintain that least privileged access over the, around their critical resources. So this is the way our technology helps our customers move and migrate safely and securely from on-prem into AWS. >> That's a great description, very thorough in how you're talking about the benefits to organizations. You know, as we think about cloud adoption migration, cybersecurity these are clearly C-suite conversations. Are you seeing things like zero trust segmentation rise up to the C-suite and maybe even beyond to the board? Is this from a security perspective, a board level issue? >> Oh, absolutely. And, and Chris Krebs, former director of CISA last week set security must absolutely be a board level topic. It's not something that needs to be sort of in the weeds of IT or just sort of under the purview of what the chief security is doing. It needs to a board level issue. And what we see is while sort of talking about let's say zero trust segmentation or zero trust is very much a security function. What it typically ladders up to at the boardroom level is tying it into operational resilience, right? Because I think organizations now it's not just about the ability, given that sort of attacks are proliferating. And particularly the threat around ransomware is so high that the use of ransomware, not just as a way to steal data and extract money, but also ransomware as essentially a way to disrupt operations. And that is now what the concern is at that board level. Is that how is this attack going to impact me from a from a productivity perspective from an availability perspective, and depending on the type of organization, if it's, for example a financial organization there their worry is around their reputation because ultimately organizations are unable to trust that financial organization. We very quickly see that we have sort of that run on the bank, where customers, counterparties et cetera, quickly want to take their business elsewhere. If it's a manufacturing or healthcare provider, their concern is can we deliver our critical services? For example, healthcare can we deliver patient services? Manufacturing, can we continue to produce whatever it is we manufacture, even in the case of being under attack? So at the board level they're thinking about it from the perspective of resilience and operational resilience, and that then translates into cyber resilience when it comes to talking about where does zero trust segmentation fit in? Zero trust segmentation enables cyber resilience which ultimately enables operational resilience. So this is how we see it laddering up to boardroom issues. >> Got it. And of course, you know when you were talking about brand reputation, brand damage you think nobody wants to be the next headline where a breach is occurring. We've seen too many of those and we probably will see many more. So Raghu, when you're in customer conversations what are say the top three differentiators that you share with customers versus like CSPM tools what are those key core Illumio differentiators? >> Yeah. So like sort of CSPM tools, right? They're very focusing on assessing posture and sort of reporting on compliance in comparison to a baseline. So for example, it's okay here is what I think the security configuration should be. And here is how I'm actually configured in AWS. Here is the diff and here is where I'm out of compliance, right? That that's typically what, what CSPM products do, right? And there is a very important place for them in any organization's tool set. Now, what they don't do and where we provide the differentiation is that they're not set up to sort of monitor around lateral movement, right? They're not about providing you with that view about how your resources are interacting each other. They're not about providing guidance as to whether a security reconfiguration could be enhanced and could be tightened up. They also don't give you the view particularly around is this even relevant, right? And that that's really where we come in because the the visibility allows you to understand how resources are interacting with each other. That then allows you to determine whether those interactions are required or not. That then allows you to define a least privileged policy that controls access between these resources. But it also kind of as this sort of the feedback loop goes on is to ensure that least privileged policy is always tending towards what you actually need, right? So it's from what I think I need to what you actually need based on, based on usage. So this is how we differentiate what we do from what a CSPM type of technology does, right? We're always about providing visibility and maintaining least privileged access between your resources >> How many different security tools are you seeing that organizations have in place today? Those prospects that are coming to Illumio saying we've got challenges, we understand the threat landscape. The malicious actors are very incentivized, but what are the security tools in place and is Illumio able to replace, like, reduce that number replace some of those tools. So that simplification happens in this growingly complex environment. >> Yeah, I think that's a really good question. And I think that the answer to that is really, actually not so much about not necessarily about reducing though, of course, right. Organizations always, if they can reduce tools and replace one tool that does one thing with a tool that does multiple things, it's, it's always a it's always a benefit, but the the way we see it is that what is the value that we provide that complements existing tooling that an organization already has, right. Because what we think is important is that any technology that you bring in, shouldn't be just sit on its own island where it's value is kind of isolated from the value you are getting from everything else, right. It should be part of it should be able to be part of a sort of integrated ecosystem of complimentary technologies, right. And we believe that what we do firmly fits in to that type of technology ecosystem, right. So we in, so for example, to to give you examples, right, we enhance your asset discovery piece by providing a, the visibility that allows you to get the understanding of all your interactions. Why is that important? Because you can use that data to ensure that what you think is labeled or tagged in a particular way is in fact, that asset, right. And we benefit from that because we benefit from the asset information to allow us to build security policy that map those dependencies. We provide value to your detection and response capabilities, because we have that visibility around lateral movement. We are able to be reactive in terms of containing an attack. We can be used to proactively limit sort of pathways such that let's say things like common ransomware can't leverage things like open RDP and open SMB ports to spread. We can go and inform things like service maps. So if your organization is sort of heavily invested in like service mapping and feeding that back into sort of your IT tool sets. So ITSM tool sets, et cetera, right. We can provide data into that to enhance that particular experience. So there is lots of value beyond sort of what our own product value proposition is that we bring into your existing technology ecosystem. Which is why we think we kind of add value into any deployment over and beyond just sort of the things that we do around visibility and consistent security. >> Yeah. What you were just describing. So well with the first thought coming to my mind was value-add. There's a lot of synergy there. Synergies between other technologies. You mentioned that complimentary nature, that seems like a huge value impact for organizations across any industry. Last question from a go to market perspective where can prospects go to learn more? This is available in the AWS marketplace, but talk to us about where they can go to learn more. >> Yeah, sure, so you can, so if you're an AWS customer, right, you can purchase Illumio straight from the AWS marketplace. Just go and find it under sort of security products in, I think it's infrastructure software. So you can go and find that. You can obviously reach out to your AWS account team if you want sort of further information around Illumio and how to secure that through AWS. And of course you can come along to illumio.com where we have a whole raft of information about what we do, how we do it, the benefits that we provide to our customers and how it ladders up to some of the key sort of boardroom issues, right. Around whether it's around transformation or resilience or ransomware containment. So come along to our website and and find out all those things. And we're here to help >> Awesome Raghu. What a great conversation around such an important topic, cybersecurity, detecting and protecting against threats that we know is is an evolving landscape. We appreciate all of your insights. Great explanations into what Illumio is doing there. How you're helping organizations and where they can go to find more. Thank you so much for joining me today. >> It's been absolute, absolute pleasure, Lisa. Thank you very much for having me. >> All right. For Raghu Nadkumara. I'm Lisa Martin. We want to thank you for watching this episode of the AWS Startup Showcase. We'll see you soon. (soft music)

>>Live from Orlando, Florida. It's the cube covering Microsoft ignite brought to you by Cohesity. >>Good afternoon everyone and welcome back to the cubes live coverage of Microsoft ignite. We are wrapping up three days of wall to wall coverage. Back to back interviews. I'm your host Rebecca Knight, alongside my cohost Stu Miniman. We have saved the best for last. We have BJ Jenkins, president and CEO of Barracuda networks. Thank you so much for coming on the cube. Feel a lot of pressure on internet. It's going to be great. Why don't you start by Barracuda. I think of that heartsong tell our viewers a little bit about, about your business, what you do. >>Yeah. Um, Barracuda is a company focused in the security industry, primarily on email security and network and application security. Uh, we have over 220,000 customers, uh, since we were founded a little over 15 years ago. And um, you know, we have a passion for making our customers secure and safe and being able to run their business. And we're a great partner in Microsoft, so, uh, they really help us drive our business. >>Yeah. So, so much to catch up, PJ, since it's been many years since you've been on the program, you were new in the role, but let's start with that Microsoft relationship here. We've been spending all week talking through all of the various environments. Talk about a little bit about your joint customers, the relationship and what's happening there. >>Yeah. I joined Barracuda seven years ago. Yesterday was my anniversary. And um, when I came into Barracuda, it was primarily at the time focused on a kind of small and midsize businesses. And most of those businesses ran Microsoft exchange or ran some form of Microsoft applications. And really that was the start of our partnership, realizing how important Microsoft was and it's grown. We were the first, uh, security company to put our firewalls in Azure. And that was over five years ago. And I think being first with a partner like Microsoft who is really at that point trying to catch up with Amazon and you know, Satya was, we're starting to drive the business in that direction. Uh, it gave us a unique vantage point in the partnership and it's grown from there. We were, uh, the Azure partner the year in 2016, uh, across their business. Um, we do joint development with them. We do joint go to market activities. And when you look around and you see 30,000 customers here, it's a, it's a good, good place to focus for a company like ourselves. >>Yeah. Well the, the, the changes in Microsoft business has had a ripple effect in the ecosystem, not only the launch of Azure, but I mean a big push office three 65 you talk about there's gotta be a difference between I'm rolling out exchange servers and well, it's all in the cloud. We know that customers still need to think sick as strong about security when they go to SAS Deere. If your customers figured that out yet. >>Yeah. I think, um, the trends that played out on prom play out in the cloud, um, how am I gonna secure my applications? How am I going to secure my data, my network? Um, and then the individuals that are using that cause at the end of the day, the individuals tend to be the weakest link in the security chain. And, um, you know, Mike, what I like is Microsoft has done a really good job improving their security posture, the base level that they provide to their customers every single day improves. And our job is to innovate on top of that and make them even safer. And, um, Microsoft's position in the industry too has been one where they want to be a ecosystem. They want to partner with third parties to help their customers move from on prem into Azure. And they know they're not gonna be able to do it on their own. >>So they've upped their game. We've got to up our game and we do it jointly, which is the nice thing. I, I joke with people. When I was at EMC and I used to go to Redmond, I'd go with battle armor on because there was not gonna be a fun meeting, uh, who's going to be, how Microsoft was going to hurt our business. And now I go to Redmond and you're embraced as a partner. They want to understand what customers and partners are thinking. They jointly plan with you. It's a completely different tone and tenor, which has been nice for us. >>So it is a scary world out there. And as we know that the threat environment is changing, hackers are becoming more sophisticated. I wonder if you could just set the scene for our viewers and just talk about security challenges in general and then we'll get into the specifics of the new solutions that you've announced here. >>Yeah, it's, threats come from everywhere and I think it's hard to boil it down and make it simple at times. But one of the stories I tell, uh, investors and customers about how fast the world is changing, uh, when I came on board, CEO's are obviously targets for hackers and the types of phishing mails I would get at that point. Um, and they would be very obvious. I've gone by BJ my entire life. On the website it says William Jenkins. And so the phishing emails would come in and say, you know, today fog, no, Hey, can you wire money here, William? Right. And so there was just base level intelligence. Nowadays they use LinkedIn, they use fee, they create social graphs. They study your communication forms, they look, they know how you're organized and they target the people. It will have, I always signed my emails past comma, BJ, the best fishing males have that in there. >>They've discovered that they've incorporated that they, so the, just the level of intelligence, the sophistication of what hackers do today, uh, has exponentially changed. And, you know, we're fortunate you can, we have more computing power. We have more artificial intelligence that we can apply to stop them. But the game just keeps getting escalated. And it's a, it's why the security industry has been strong. It's why there's so many companies out there. We've got to keep getting better. Um, but it's, it's a scary world. It's, it's, you know, you can never, never rest and never think you're ahead. You always gotta keep attacking it. >>So BJ, you had a number of announcements. Barracuda did, not nearly as many as Microsoft did, but give us the highlights if you would. >>Yeah. Um, so a number number of things announced here. Uh, first we're part of, uh, Misa, the Microsoft intelligence security association. So we're proud, proud to be a part of that. At launch. Um, we announced, uh, the cloud application platform security platform and the big announcement for us around that was our launch of as a service, uh, that's run on Azure. And, uh, we've always had a strong application approach. We've got integrated, um, detection, DDoSs uh, the O OS top 20 are all in Kurt corporate into our platform. What we've done is really leveraged Microsoft scale to run a very easy, simple to deploy a web application security platform, uh, that takes advantage of Microsoft scale and resiliency and brings that to our customers. Uh, we did a study, you know, only 10% of the websites in the world today are protected. So 90% of the web sites and web applications in the world today run on protected. >>We think this is a great way to go out and, um, help protect more of those. And then finally, um, you know, we announced Microsoft announced their V land solution and we have done joint development with them. We'll continue to innovate here, but we announced obviously our solution that we'll run, uh, with Microsoft's B when we're the only ones who can provide a customer really with multiple lengths run on Microsoft backbone, they can really run their data center. Now the corporate data center out of Azure, uh, we give them traffic prioritization, fail over resiliency that customers need when they're making those types of decisions. So there was more than that, but that was a lot of good stuff for us. We're excited about it. >>What does the recent announcement that Microsoft has won the Jetta contract, does that have any impact on Barracuda's business? Is that, >>well, I think anytime Microsoft wins business, it's a good thing because we're partnering with them. That contract is so big and, uh, has a lot of different elements and, and certainly security is a part of it. So we think there's aspects where we can play. I did hear, I think, um, Oracle was suing and I think AWS, so this may have a lot of legs before it becomes real. But it, I, you know, I think it continues to show that customers want to utilize, um, the scale breadth and depth of solutions that the cloud companies are bringing. And, you know, we view that as opportunity because security is an important element to making that work for those customers. >>So PJ, one to put aside the Microsoft stuff for a second here, since last we talk barracudas gone private and the security industry feels like it just growing so fast. You know, every week we're getting approached by new startups, heavy investment and the like, give us a little bit about your position has a CIO and CEO in this space. Uh, and you know, the love, a little bit of a note. We know it happened a few years back now, but going private when so many companies have, >>yeah, they're, you know, obviously there's a lot of funded companies in the security market. You know, we were in, uh, we had been public for, for four years. Um, a company that's been around 15 years where we were a profitable security company to, we were unique. We weren't, uh, the high flyer growth, but we were growing, you know, kind of, uh, low double digits with profitability, but there were investments that needed to be made in the business. Uh, we were running our transaction system on code, the founder wrote. Um, so there were investments we really needed to make to go from, you know, the 400, 500 million Mark to 1 billion mark. And so going private with a partner like Thoma Bravo, um, who really understands this industry has allowed us to reset the strategy and focus on, uh, the highest growth areas for us, which are email and network and application security. >>Um, they've helped us, we've invested over 20 million in internal systems, um, modern systems, Salesforce, NetSuite, uh, that we think give us the foundational elements to scale to $1 billion. And, um, you know, they combine that with operational expertise that they bring in to help us get more customers to the 220,000. Uh, one of the other interesting things for us too is, um, well we have 220,000 customers. We have 50 of the fortune 100. We have 250 of the fortune 1000 and as the movement, as, as customers have move to cloud, our solutions have become more relevant for customers of scale. And so they've given us the backing really to make that transition into that. So I liked not having to go on public conference calls every quarter. That's been a really nice thing. Um, but they've been a great partner for us. So we've, I think what you can think of us as we focused on areas that we think are the highest priority to our customers. >>Yeah, PJ, it also, we talked about there's so many startups in this space out there. The profile security keeps getting raised. Pat Gelsinger, VMware, you know, pounding the table saying that security needs to do over the, he just purchased black Boston based company that was public. You know, I talked to my friends that had been deep in the security industry and they scoff a little bit about, you know, we've been doing this for a long time. Barracuda is a company that has been around for quite a number of years. How's the industry doing? What do we need to do better? And how do you look at that landscape? >>Yeah, I, you know, I love pats energy and vigor, but there's no silver bullet that's gonna solve every problem out there. I do think, uh, where the industry is getting better is one on sharing information. You can see alliances, associations that have been formed. Um, you know, even with the cloud providers, we're actively sharing information and sharing of that information. We'll make more robust solutions first. Um, second you're seeing vendors go more towards platform where they're offering a larger, so the, the quality of solutions are getting better. And I do think there's consolidation happening where there, there are going to be certain segments of the market where you don't need 15 solutions. You really need, you know, one not from a particular player. So I think you'll see more, uh, consolidation occur around that. And you know, certainly that's been a trend we've been on in terms of integrating our solutions, making them easier to deploy and use for the customers. And then, you know, I think the last part of this is regulation is really a, it's still behind, but it's finally catching up and there's an interest in it. And I think in partnership with the industry, we can get our customers in a better position, a better security posture. So, you know, I, um, there will be consolidation over over time. Uh, you know, I've seen a map, I think there's 3000 security companies in all different segments that won't last forever. And, uh, it'll get easier for customers over time, is my belief. >>So with regulation, do you want to work in partnership with regulators? I mean, how do you, to help them understand the industry first of all and understand the dangers and the risks? I mean, how do you see the future of regulation for this industry? >>First of all, there's a large education process for legislators in general. You have to look no further than when Mark Zuckerberg got questioned by Congress. And the questions he were getting asked were not the best questions. Um, but you do have people who understand this industry and you can look at regulations like GDPR. You know, California's coming out data privacy law now and they're never perfect, but they're good foundational elements to start. And they're helping customers, um, get more aware of what they have to do to be secure and they're helping us explain to customers the things you can do to be in a better security posture. And so there's a continuum around this. We're in the early days, I, there's still a lot of education that has to go on, but when you see, >>start getting passed, it's a good step in the right direction. And by my estimation, BJ, we did save the best for last. Thank you so much for coming on the cube. That was terrific. Sorry it took so long. I'm Rebecca and I first two minutes and that wraps up three days of coverage at Microsoft ignite at the cube. Thank you so much for tuning in and we will see you next time.

>>From New York city. It's the cube covering. Welcome to the new edge brought to you by systems. >>Hey, welcome back everybody. Jeff, Rick here with the cube. We are in Manhattan at the top of Goldman Sachs. It is a great view if you ever get an opportunity to come up here, I think 43 floors over the Hudson you could see forever. But this is the cloud events. So the clouds are here and we're excited to be here is the Penn Penn Sandow launch in the name of the event is welcome to the new edge, which is a pretty interesting play. We hear a lot about edge but we haven't really heard of that company really focusing on the edge as their primary go to market activity and really thinking about the edge first. So we're excited to have the cofounder cube Olam and many time guests a Sony Gian Deni. She's the co founder and chief business officer. So many great to see you. Good to see you too. >>And our hosts here at Goldman Sachs is uh, Josh Matthews. He's a managing director of technology at Goldman. Josh. Great to see you. You too. And thank you and thanks for hosting us. Nice. A nice place to come to work every day. So great conversation today. Congratulations on the launch of the company over two years in stealth mode. Talk a little bit about that. What is it like to be in stealth mode for so long and you guys raised big money, you've got a big team, you're doing heavy duty technology. What's it been like to finally open up the curtains and tell everybody what you've been? >>It's clearly very interesting and exciting. Normally it's taken me nine months to deliver a baby this time it's been two and a half years of being instilled while we have been getting ready for this baby to come out. So it's phenomenally exciting that too to be sharing the stage with our customers and our investors and our strategic partners. >>Yeah, I thought it was pretty interesting that you're launching with customers and when you really told the story on stage of how early you engaged with Josh and his team, um, first I want to get your kinda your perspective. Why were you doing that so early and what did that ultimately do with some of the design decisions that you guys made? And then we'll come back to Josh as to, you know, his participation. >>So I think whenever you conduct technology transitions, having a sense from customers that have the ability to look out two to three years is very important because when you're capturing market transitions, doing it with customer inputs is far more relevant than going about it alone. Uh, the other key thing about this architectural shift is that it allows the flexibility for every customer to go take pieces of how they want to bring the cloud architectures and bring it into their environment. So understanding that use case and understanding the compelling reasons of what problems both technological and business can be solving and having that perspective into the product definition and the design and the influence that customers like Josh you've had is why we are sitting here and talking about them in production. Uh, as opposed to, yeah, we're thinking about where we are. We are looking at it from a proof of concept perspective. Right. >>And Josh, your, your perspective, you said earlier today that, you know, as long as a sign is involved, you're, you're, uh, you're happy to jump in and see what she's been working on. So how, >>you know, how did you get involved, how did they reach out to you and, and what is it like working on, you know, technology so early in its development that you get to actually have some serious influence? Well, it's an amazing opportunity, um, to get exactly what you want, um, exactly what you know is going to solve problems for the business here. Um, you know, and the other thing is, you know, we've worked with this team, uh, through almost every spinning. Uh, I think it was a little young for the, maybe the first one. Um, but, uh, otherwise this team has worked with them through at least 15 years or more. So we knew the track record for execution and then for us on this product, I mean, it was an opportunity because it's truly a startup. Um, you know, Sony and the team brought us in. >>Uh, we kind of just put out problems on the table that we were trying to solve and then, you know, they came up with the product and the idea and we were able to put together, you know, yeah, these are our priority one, two, three that we want to go for. And you know, we've just been developing alongside them. So both software and, you know, driving what the feature set is. Right. So what were some of those problems guys? Price seemed like forever ago when you started this conversation, but as you kind of looked forward a couple of years back that you could see that were coming, that you needed addressed. You know, it's funny, we started with kind of like, well we think containerization is going to be explosive and, and you know, really everything's on virtual machines or bare metal, mostly virtual machines. So one, you know, as containers come out, how do we track them, secure them, um, how do we even secure, uh, you know, the virtual machines and our environment cause they're, you know, over almost a quarter million of them. >>The idea of being able to put, um, network policy, that's I would say incorruptible, not actually on the server, but at, you know, that's why we use firewalls, right? So solving that security problem was number one. The other one was being able to have the telemetry to see what's happening, what's changing, um, and troubleshoot at, you know, at the network layer from every single server. Again, it's all about scale. Like things were just scaling and the throughput's going up, traditional methods of being able to see what's on your network. You can't look in the middle, it just can't keep up. It's just speeds and feeds. So being able to push those things to the edge. And then lastly, it really happened more, um, through the process here. But about a year and a half ago, um, we began segmenting our network the same way a 5g provider does with a technology called segment routing. >>And we just said, that's kind of our follow on technologies to, you know, put the network in the server and put this segment routing capability all the way out at the edge. So, you know, some things we foresaw and other things we've just developed. You know, it's been, it's been two and a half years. So, um, it's been a great partnership and you know, I think more, more features will come. Well Sony, you and the team, but it's been talked about all day long, have have a history of multiple times that you've kind of brought these big transformational technologies. Um, head what, what did you guys see a couple of years back and kind of this progression, you saw this opportunity >>to do something a little bit different than you've done in the past, which is actually go out, raise, raise around and uh, and do a real startup. What was the opportunity that you saw this? >>So we saw a number of challenges and opportunities. At the same time, we, we clearly saw that, uh, the cloud architectures that have been built by the leaders, like the incumbents like AWS today have a lot of the intelligence that is being pushed into their, their respective compute platforms. Uh, and we also noticed that at the same time, while that was what was needed to build the first generation of the cloud, the new age applications, and even as gardener has predicted that 75% of all enterprise data and applications will be processed at the edge by 2025. If that happens, then you need that intelligence at the edge. You need the ability to go do it where the action is, which is at the edge. And very consistently we found that the architectures, including scale out storage, we're also driving the need for this intelligence to be on in a scale-out manner. >>So if you're going to scale out computing, you need the services to be going hand in hand with that scale. Our computer architecture for the enterprises so they can simplify their architectures and bring the cloud models that have only existed in the cloud world, into their own data centers and their own private clouds. So there were these technology transitions we saw were coming down the pike. It's easier said now in 2019 it wasn't so simple in 2017 because we had to look at these multiple technology transitions. And surprisingly, when we call those things out, as we were shaping the company's strategy, getting validation of the use cases from customers like Josh was pivotally important because it was for the validating that this would be the direction that the enterprises and the cloud customers would be taking. So the reason you start with a vision, you start with looking at where the technology transitions are going to be occurring and getting the customers that are looking farther out validated plays a very important role so that you can go and focus on the biggest problems that you need to go and solve. Right, right. >>It just seems like the, the, the big problem, um, for most layman's is, is the old one, which, why networking exists in the first place, which is do you bring the data to the compute or do you bring the compute to the data? And now as you said, in kind of this hyper distributed world, um, that's not really a viable answer either one, right? Because the two are blended and have to be together so that you don't necessarily have to move one to the other or the other back the other direction. So, and then the second piece that you talked about over and over in your, in your presentation with security and you know, everybody talks about security all the time. Everybody gets hacked every day. Um, and there's this constant theme that security has to be baked in, you know, kind of throughout the process as opposed to kind of bolted on at the end. You guys took that approach from day, just speak >>it into the architecture. Yes. That was crucially important because when you are trying to address the needs of the enterprise, particularly in regulated markets like financial services, you want to be in a position where you have thought about it and baked it into the platform ground up. Uh, and so when we are building the program of a process, so we had the opportunity to go put the right elements on it. In order to make it tamper proof, we had to go think about encrypting all the traffic and communication between our policy manager and the distributed services platforms at the edge. We also then took it a step further to say, now if there were to be a bad actor that were to attack from an operating system vulnerability perspective, how do we ensure that we can contain that bad actor as opposed to being propagated over the infrastructure? So those elements are things you cannot bolt on at design time, or when you need to go put those into the design day one, right. Only on top of that foundation, then can you build a very secure set of services, whether it's encryption, whether it's distributed via services, so on and so forth. >>Uh, and Josh, I'm curious on your take as we've seen kind of software defined everything, uh, slowly take over as opposed to, you know, kind of single purpose machines or single purpose appliances, et cetera. Yep. Really a different opportunity for you to control. Um, but also to see a lot of talk today about, about policy management. A lot of talk about, um, observability and as you said now even segmentation of the networks, like you segment the nodes and you segment everything else. You know, how, how do you see this kind of software defined everything continuing to evolve and what does it enable you to do that you can't do with just a static device? I mean, the approach we took, um, we started like, you know, years ago, about six years ago was saying we can get computers, uh, deployed for our applications. No problem. Uh, and you know, at, at on demand and in our internal cloud, now we can do it as a hybrid cloud solution. >>One of the biggest problems we had in software defined was how do you put security policy, firewall policy, um, with that compute and in, you know, our industry, there's lots of segmentation for material nonpublic information. Um, compliance, you know, it could be internet facing, B2B facing. Uh, we do that today. We program various firewall vendors automatically. Uh, we allow our application developers to create, um, these policies and push them through as code and then program the firewall. What we were really looking to do here is distribute that. So we F day one in getting pen Sandow into production was to use our uh, our firewall system. It's called pinnacle. We, um, we programmed from pinnacle directly into the Penn Songdo Venice manager via API and then it, you know, uses its inventory systems to push those things out. So for us, software defined has been around, I like to call it the store front, but for the developer it's network policy, it's load balancing. >>Um, and, and that's really what they see. Those are the big products on the net. Everything else is just packet forwarding to them. So we wanted with pen Sandow at least starting with security to have that bar set day one and then get, you know, all the benefits of scale, throughput and having the policies close to the, on the edge. You know, we're back to talking about the edge. We want to right there with the, with the deployment, with the workload or the application. And that's, that's what we're doing right off the bat. Yeah. What are the things you mentioned in your talk was w is, you know, kind of in the theme of atomic computing, right? You want to get smaller and smaller units so that you can apply and redeploy based on wherever the workload is and in the change. And you said you've now been able to, you know, basically take things out of dedicated, you know, kind of a dedicated space, dedicated line and dedicated job so that you can now put them in a more virtualized situation. >>Exactly. Grab more resources as you need them. Well, you'd think the architecture, I mean even just theater of the mind is just, you're saying, I'm going to put this specific thing that I have to secure behind these firewalls. So it's one cabinet of computers or a hundred it's still behind a set of firewalls. It's a very North, South, you know, get in and get out here. You're talking about having that same level of security and I think that's novel, right? There hasn't been, if you look at virtual firewalls or you know, IP tables on Linux, I mean it's corruptible. It's, it's, it can be attacked on the computer. And once it's, you know, once you've been attacked in that, that that attack vector has been, you know, hit your, your compromised. This is a separate management plane. Um, you know, separate control plane. The server doesn't see it. >>That security is provided. It's at scale, it's East, West. The more computers that have the pen Sandow, you know, architecture inside of them, the, you know, the wider you can go, right. And then the North South goes away. I'm just curious to get your perspective. Um, as you know, everyone is a technology company. At the same time, technology budgets are going down, people are hard to hire. Uh, your data is growing exponentially and everything's a security threat. Yes. So as you get up in the morning, get ready to drive to work and you're drinking your coffee, I mean, how do you, you know, kind of communicate to make sure to senior management knows kind of what your objectives are in this, this kind of ongoing challenge to do more with less. And it, even though it's an increasingly strategic place or is it actually is what the company does now, it just happens to wrap it around your plane services or financial services or travel or whatever. >>Uh, I think your eye, and I had said it to John before, um, it has to come from that budget has to come from somewhere. So I think a combination of, of one that's less, well, I'll say the one that's easier to quantify is you're going to take budget from say appliance manufacturer and move it to a distributed edge and you're going to hopefully save some money while you do it. Um, you're going to do it at scale. You're gonna do it at, you know, high throughput and the security is the same or better. So that's, that's one, that's one place to take capital from. The other one is to say, can I use the next computer? Yes. Because I don't have to deploy these other new computers behind this stack of firewalls. Is there agility there? Is there efficiency, um, on my buying less servers and using, you know, more of what I have and doing it, you know, able to deploy faster. >>And it's harder to quantify. I think if you could, you know, over time, see I bought 20% less server, uh, capacity or, you know, x86 capacity, that's a savings. And the other one that's very hard to quantify, but it's always nice to have the development community. And we've had it recently where they say, Hey, this took me a month to deploy instead of a year. Um, and you know, the purchase cycles, uh, you know, for procurement and deployment, they're long, you know, in enterprise you want them to be quick, but they're really not. So all of those things add up. And that's the story. You know, I would tell, you know, any manager, right? Yeah, >>yeah. I think, you know, the old historic way that utilization rates were just so, so, so, so low between CPU and memory, everything else. Cause if nothing else, because to get another box, you know, could take a long time. Yeah. Well, final, final question for you, Tony. You talked about architectures and being locked into architectures and you and you talked about you guys are already looking forward, you know, to kind of your next rev, your next release, kind of your next step forwards. What, where do you see kind of the direction, don't give away any secrets, but um, you know, kind of where you guys going. What are your priorities now that you've launched? You got a little bit more money in the bank. >>Well, our biggest priorities will be to focus on customer success is to make sure that the customer journey is indeed replicable at scale, is to enable the partner's success. Uh, so in addition to Goldman Sachs, the ability to go and replicate it across the federated markets, whether it's global financial services, healthcare, federal, and partnering with each B enterprise so that they can on their platform, amplify the value of this architecture, not just on the compute platforms but on, in other areas. And the third one clearly is for our cloud customers is to make sure that they are in a position to build a world class cloud architecture on top of which then they can build their own, deliver their own services, their own secret sauces, uh, so that they can Excel at whatever that cloud is. Whether it's to become the leading edge platform as a service customer, whether it is to be the leading edge of software's a service platform customer. So it's all about the execution as a, as you heard in that room. And that's fundamentally what we're going to strive to be, is to be a great execution machine and keep our heads down and focused on making our customers and our partners very successful. >>Well, certainly, congratulations again to you and the team on the launch today. And Josh, thank you for hosting this terrific event and being an early customer. Yeah. Yeah. Happy to be. Alright. I'm Jetta. Sone. Josh, we're the topic. Goldman Sachs at the Penn Sandow the new welcome to the new edge. Thanks for watching. We'll see you next time.