[Music] from the cube studios in Palo Alto in Boston it's the cube covering the IBM thing brought to you by IBM hello everybody this is state velocity of the cube and you're watching our wall-to-wall coverage of the IBM think digital experience at Justin Youngblood is here he's the vice president of IBM security Justin good to see you again thanks for coming on hey Dave good to be here thank you so look let's get right into it I mean we're here remote I wish we were you know for face-to-face and in Moscow II but things have changed dramatically there's a massive shift to work from home that's you know obviously kovat 19 has tightened the need for security but let's start with some of the things that you're seeing how you're responding the to secure those remote workers and let's get into some of the trends that you're seeing in the security space yeah absolutely some major trends and there is a big response around Cove at night 19 right now and and first of all you know what we tell all of our employees our clients our partners the entire ecosystem is number one priority stay safe and healthy of course even at IBM right now we have over 95% of IBM erse who are working from home we've seen that trend across our clients and partners as well and basically three themes keep popping up as it relates to security in Kovan 19 the first is clients are asking us to help them secure their remote workforce we have a number of tools technologies and services to help them do that the second is detecting and responding to accelerating threats amidst Cova 19 the threat actors are more active than ever they're driving some targeted attacks and phishing campaigns and our clients are asking us for help on that front and then the third is virtually extending security teams and operations and we've got a set of services managed services and and remote employees who can actually work with our clients and help them with their security operation centers and anything they need from a security program yeah I mean when you talk to CISOs they'll tell you look we you know our biggest problem is a lack of talent and we have all these fragmented tools and then now you throw kovat 19 at them and it's okay now overnight blank and secure the remote workforce so talk a little bit about this notion of platforms I've said often the security marketplace is very fragmented that accentuates the skills issue is you got to learn all these different tools and this is integration issues talk about platforms and how that might help solve this problem absolutely security platforms are on the rise do you see a lot of security platforms being announced by vendors today the problem statements are very clear oh as enterprises have moved along on their journey to cloud and digital transformation they now have workloads applications data users spread across multiple cloud environments every enterprise is using multiple clouds today so the problem statements become very clear for security security leaders have too many security tools they have too much data and they don't have enough people right so too many security tools that lack interoperability the average Enterprise has anywhere from 50 to 80 different security point products that don't talk to each other but trying to solve a security problem to pinpoint an issue actually takes looking at multiple screens too much data that comes without insights trying to stitch together all of this disparate data across a fragmented security landscape is very complex and it allows threats to be missed and then not enough people the shortage in cybersecurity is well documented over 2 million unfilled jobs today and that number continues to grow so enter security platforms that are that are on the value proposition of cleaning up this mess in November last year we announced the cloud pack for security that's IBM security platform and it has some some attributes that are powerful compelling we're seeing a lot of traction with client well you mentioned two things that really caught my attention the detection and the response because you know you're gonna get infiltrated everybody gets infiltrated and you know you've seen the stats it takes you know whatever 250 300 days before you can even detect it and then and then responses is critical so so talk about the cloud pack for security you know there are other platforms out there what makes yours different yeah are basically traditional security is broken we have a vision of modern security at centers on the cloud pack for security we set out two years ago with the concept of a next-generation platform it's a security control plane that works across hybrid multi cloud environments it connects all your security data and tools with a common platform that includes IBM and security tools and cloud platforms so whether you're using a sim like Q radar or Splunk endpoint detection systems like carbon black or CrowdStrike and any of the IBM any of the cloud platforms including IBM AWS or Azure it connects all of those and brings the insights together we work with over 50 enterprises and service providers help us co-create this solution and the attributes are its multi cloud capable but for security is multi cloud capable it can bring all the insights together from across these hybrid multi cloud environment it's open it's built and based on open standards and open technologies it's simple and it's composable in the sense that it has the ability to integrate with IBM and third-party technologies and add more capabilities over time what we see from other security platforms in the industry is they they basically approached the problem saying mr. customer bring all your data to our cloud will run the analytics on it and then provide you the insights what's different with cloud pack for security is we take the analytics to the data customers don't need to move their data from all the disparate sources where it exists we take the analytics to the data and bring those insights back to a common console or the or the security leaders and security analysts to take action on why you preaching to the choir now because well first of all you've got the the integration matrix and you've got the resources obviously I mean you mentioned a couple of really prominent and you know some hot products right now and this is the challenge right best to breathe versus fully integrated suite and what you're saying if I understand it correctly is we're not asking you to make that trade-off if you want to use you know of some tool go for it we're gonna integrate with that and give you the control and then the second piece is bringing that analytics capability to the data cuz that's the other thing you really don't want to move your data you the Einstein written move as much data as you have to but no more right absolutely this is a this is a team sport security is a team sport and that's where open technologies are so important the ability with an open API to integrate with any IBM or third-party technology this is not a rip and replace strategy clients can't afford to do that they want to work within their existing security tools but they need a common platform for bring it all together so we talked about the ability to gain complete insights across your hybrid multi cloud environment the ability to act faster with a set of playbooks and automation that basically runs security run books once a once an incident is detected to automatically go about about the fix and then third is the ability to run anywhere cloud pack for security like all of the IBM cloud packs is built on kubernetes and Red Hat openshift so it can be deployed on-premise or on the public cloud of the customers choosing complete choice and flexibility in that deployment I mean another key point you just made is automation and you talked earlier about that skills gap and the unfilled jobs automation is really the way certainly a way and probably a the most important way to close that gap I want to ask you about open could you think about you know security and networks and you know opens almost antithetical to secure I want close but you mean open in a different context and what if we could talk about that and maybe break down the key aspects of open as you defined it we've seen open technologies open standards open source be adopted across technology domains think of operating systems and Linux think of application development think of the management domain and kubernetes which now has a community of over 4,000 developers behind it it's more than any single vendor could put behind it so it's so open technologies really provide a force multiplier for any any industry security has been a laggard in adopting open standards and open source code so last year 2019 October time frame IBM partnered with McAfee and dozens of other vendors and launching the open Cyber Security Alliance focused on open standards that promote interoperability across security tools focused on open source code which we've adopted into an underpin the cloud pack I beams cloth pack for security focused on threat intelligence and analytics and ultimately sharing best practices and let me talk about run books this really comes down to the automated play books that customers need to run in response to a security threat or incident that's become really important automating actions to help security operations teams be more productive so all of those capabilities in total sum up what we're talking about with open technology for security and it underpins our IBM cloud pack for security solution well I've always felt that Open was part of the answer and like you said the industry was slowly to adopt adversary is highly capable he-she they're very well-funded do you think our industry is ready for this open approach we're absolutely ready for the open approach we see customers responding extremely positively to the cloud pack for security and the fact that it is built on open technologies many enterprises come to us and say they want that future proofing of their investments they want to know that what they purchased will interoperate with their existing environments without a rip rip and replace and the only way to get there is through open standards and open technology so it's it's already being well received and we're gonna see it grow just like it has any other technology domains operating systems application development management etc now is the time for security while Justin you're operating in one of the most important aspects of the IT value chain thank you for keeping us safe stay safe down there in Austin and thanks for coming on the queue thank you Dave good to be here take care and thank you for watching everybody watching the cubes coverage of IBM sync 2020 ibm's digital production keep it right there we're right back right after this short break [Music] you

>> Announcer: Live from Las Vegas, it's theCUBE. Covering InterConnect 2017. Brought to you by IBM. >> Okay, welcome back everyone, we are live here at the Mandalay Bay for exclusive CUBE three-day coverage of IBM InterConnect 2017, I'm John Furrier with my co-host, Dave Vellante for all three days, we're on day three, winding down, great show, our next guest is Justin Youngblood, VP of Hybrid Cloud Management with IBM, welcome to theCUBE. >> Thank you for having me. >> Great to have you on, because a lot of the talk, obviously, cloud, we could blockchain, but a lot of under-the-hood production workload stuff still needs to manage with all this stuff. You guys had an announcement on day one on the cloud automation management. Big part of the keynote, so it was kind of a primetime spot. Can you share us, well, why'd you get that great slot, how did you get the great slot, and what's the impact? >> Well, it really all starts with what's happening in the market, and the team's been working hard inside of IBM, we announced IBM Cloud Automation Manager, it was elevated to a tier-one offering, very strategic space for IBM in multi-cloud management. What we know is, every enterprise is now moving towards multi-cloud environments, cloud adoption is well into its maturity, and really, it's 71% of enterprises have three or more clouds, and they need to manage those clouds with a common management platform, and that's what cloud-- >> And it's big paying point too, it's one of those non-sexy items like blockchain, it's like, AI and blockchain took the headlines, but a lot of the blocking and tackling is going on in hybrid right now, so you see that orchestration piece between multi-cloud, little things like latency, security, workload migration, this is what you guys are doing, bringing the IT operations to a modern level, is that kind of the main thing? >> That's exactly right, and there're really two entry points to this, because on the one hand, it is that IT team, when you think of the modern enterprise, every modern enterprise is trying to move faster, trying to get applications out faster, trying to better engage with their customers, essentially trying to digitally transform, be the disruptor instead of the disrupted, and often, they'll look at their IT team and say, "You're not keeping up, you're too slow," so this is an automation and orchestration tool that allows the IT teams to rapidly deploy applications and infrastructure to the line of business and to their devops teams. >> Well, that's the thing, you got developers, not just IT, you got developers and the line of business who have a financial stakeholder, the top line revenue, to make it happen, and you got the movement to true private cloud happening. What's different now for you guys with automation? What's the key unique thing in this announcement that makes it go to the next level? >> Several things there, but no solution is complete from IBM these days without cognitive, and so bringing in those cognitive services and insights to analyze and help optimize the performance of workloads on any cloud environment, and also really to provide an advisor role, prescriptive guidance and recommendations on where to place workloads to optimize performance, cost, compliance right within company policy and security and regulatory environments. >> So we had Mohammed Farooq on earlier, and he was talking about cloud brokerage services, and I wonder, as you enter this market, if you're starting to see different KPIs emerge, the traditional IT operations KPIs, okay, the light on the server's on, it's uptime, planned downtime, unplanned downtime, percentage of my backups that fail, whatever it is, are there new KPIs emerging as people become cloud brokers? >> Yeah, absolutely, and Mohammed's a good friend, we're both Austenites, right, in the same building. >> Dave: Another Austenite! Austin's dominating theCUBE this week! >> We talk regularly, and really, we see a nice synergy because the cloud brokerage tool, which is brokering across the application readiness assessments of putting workloads onto the cloud and then planning and cost analysis and so on, and then the orchestration of actually deploying those workloads, so there's a nice synergy, and then, really, the third leg of the stool in my mind then plays into service management, and having the integration across all those pieces is really important, so being both cloud agnostic for multi-cloud environments, but then also having an open API, an ecosystem that you can enable and plug in with existing tools. >> Now, there was a period of time where IT was almost afraid of automation, but then this cloud thing sweeps over them, are we past that now? >> We are past that, and it's a great point, because sometimes, IT can be afraid of automation, 'cause they can think, "That's threatening my job." But we've got client success stories where we're running our cloud orchestration and hybrid cloud management solutions at massive scale, literally saving dozens of full-time equivalent hours, and what we're finding is these enterprisers saying, "Finally! "Now I can get to the innovation "and the transformative projects "that are on the strategic agenda "rather than working within manual IT processes," so it's really been a win-win. >> And when you talk about that average stat, the average enterprise has, you said three clouds? >> Three or more clouds, 71% of enterprises have three or more clouds. >> Are you excluding SaaS in that number? 'Cause-- >> Excluding SaaS, because you think about-- >> Dave: Alright, so that's infrastructure clouds, right? >> Absolutely, private clouds, public clouds, and a lot of departmental clouds or shadow IT where different cloud services are being consumed even if the IT team may not be managing it. >> So that brings the question, then, where does SaaS play, if I'm a cloud broker, and I've got these corporate edicts, and I've got these KPIs around running the business and transforming the business. How do I apply those edicts to SaaS, and can you help me do that? Is that futures, or is that just sort of a separate island? >> Yeah, it's a little bit futures right now, many times with the cloud management platforms in particular, these tools are used to automate the deployment of the infrastructure, and what's unique in our solution is the full stack application and even the day two operations, but the SaaS applications are tending to come in through a slightly different channel now, over time, I think what we're going to see is all applications, whether they're delivered by the IT team, or from the cloud, need to come into a common-- >> And should CIOs be worried about that? Because each SaaS provider has different infrastructure, some of the different availability profiles, different definitions, different SLAs, that's a whole 'nother problem area to be attacked, I guess. >> No, it is a concern, just the application sprawl, infrastructure sprawls, cloud sprawl, and this is why I think any time we're entering into a new industry, we're going to see that expanse and then back to a convergence, and honestly, I presented with Dave Bartoletti from Forrester this week, and a lot of his insights and things that he writes about and what I spoke about, and what my team did in our sessions was the need for a common management platform because of that sprawl, it's reining in the chaos. >> What are some of your favorite examples, customer case, the early wins? >> Yeah, so a great case study is that Swiss Re, large global insurance company, 60 global offices, this is a company that uses our cloud orchestrator solution with business process manager, their environment includes WebSphere, but also Microsoft Active Directory, ServiceNow, Puppet, et cetera. When they came and used our solution to, really, to automate the deployment of applications to put applications and IT as a service into a self-service catalog for their line of business and development users, at the end of the day, they have automated 45,000 processes executed each month, and literally dozens of offerings into the service catalog now. >> So the IT service management business has been evolving very rapidly, cloud has impacted that, the on-premise ratios are going to probably shift a little bit, but not radically, but then again, the use cases for public cloud are going to be dependent upon the workload, so that's kind of well-defined and discussed. The question I have for you is, from a customer standpoint, the number one competition we're having, and we're seeing, digitally at least, on Twitter and theCUBE is, what does enterprise readiness mean? So I'm an enterprise, and I want to go to the cloud. I have to then evaluate which cloud is best for which workload, but then I also have to put it through the prism of readiness, their table stakes, do they have the table stakes? >> Yeah, absolutely. >> Google's got some great machine learning, but the SLAs might not match up, or Amazon's got some great Kinesis for analytics, but I can't run my other thing on that. That's comes up a readiness problem. >> It is a readiness, and I would say, there is no single cloud that is purpose-built for all workloads, and a lot of the messages you heard here at InterConnect this week, even from Ginni Rometty herself, where IBM has the enterprise-ready cloud, and a lot of data points to back that up, including every enterprise that's going to be cognitive, and the way we think about that is cloud and cognitive are two sides of the same coin, a famous quote also from Ginni. But now we're getting into trusted networks and Hyperledger and blockchain, I don't want to get too far offtrack, but it's some-- >> But they'll all bent the change on the disruption side, on the innovation side, and honestly impact some of the blocking and tackling table stakes. >> The blocking and tackling, so that gets down to some of the regulatory concerns and other pieces, which is why we've invested now to have 51 data centers around the world, because of data locality and security concerns that companies have, so there's a lot-- >> Well, I love her line, she's the best, I got to say, very memorable, enterprise strong, made me think of the whole Boston strong thing instilled in my head, 'cause, being from that area. Enterprise strong, data first, cognitive to the core, those are the three pillars, you can unpack that in every different way, so you guys have to bring that into your offering, so I get the enterprise strong. Data first, how are you guys using the cognitive piece, specifically, in this? Data first, is that an architectural thing? And then where's the cognitive piece fit in? >> Yeah, perfect, so as we architected this solution, it was really important to us to put cognitive at the core. And really, two use cases, primarily, the first is around, as companies go deploying their applications and workloads on the cloud, every application is going to have its downtimes, its slowdowns, its outages, and that impacts end user experience, that's why it matters, it can impact revenue or NPS scores for the company. So the first is a cognitive operations capability, and you can think of that analytics moving from log analytics to quickly pinpoint the root cause of issues, up through predictive analytics to prevent an outage or an issue before it impacts your end users, ultimately into the cognitive domain, which is a true machine learning, and the capabilities that we're working on on our labs now, and that we demonstrated this week at InterConnect, we actually have a chat ops interface for the IT operator to come and interact with a cognitive system that's part of Cloud Automation Manager, and get prescriptive guidance and confidence levels-- >> Going to be a voice-activated Watson, basically, in the future. "Hey, move to cloud nine!" >> So that's the differentiation, right, if I were to push you on that, it's trust, everybody's going to say they have cloud, but like you said, it's a multi-cloud world, and it's the cognitive piece, is that right? It's really the trust and the cognitive piece. >> The cognitive piece is absolutely the number one piece of differentiation that no one has. >> Because a lot of big enterprise hardware and software companies are going to say, "You trust us," people do trust us, that's how they got to be multi billion dollar companies, but talk a little bit more about the differentiation with respect to cognitive. >> Yeah, so that's one aspect of it, and that's just cognitive operations management, and even that is that one level of value. Where I think there's additional value is getting into really letting Watson, and cognitive services, become an advisor to your business, so imagine your smartest IT operator in the business, if Watson can learn from that person, Sally or Jeff, whoever it is, learn from that, and help every IT operator in your business always make the best decision as smart as the smartest subject matter expert is in IT operations, and so this is the learning aspect of cognitive, and in that advisor role now, all of a sudden, a cognitive chat ops interface can begin to provide prescriptive guidance when there's an outage. Or imagine an application or workload going down, and Watson taking automatic action to redeploy the workload on a different cloud that has not been impacted, no interruption of service to the end user, and then come back and say, now let's pinpoint the root cause of the problem and fix that, but I've already address the main point, so-- >> And what's key about that is it's a learning machine model, so you have the domain expertise of the specific use cases, it's not trying to use some sort of vocabulary and map that on through an infrastructure environment or software environment. >> Very plain language, natural language understanding, and it's really, really powerful capability. >> Alright, so the question is, how do customers get access to this, Bluemix storage, is there IBM.com, what's the vehicles for getting this in the hands of customers? >> The easiest way is at IBM.biz/tryibmCAM, so if you go there, it'll take you right into our Bluemix service, and customers can get started right away, we have a free addition that allows customers to get started with the-- >> I know this is a tough personal question, but I'll ask anyway, no one likes to pick who their favorite child is, but what's most exciting about the product from your standpoint, looking at the success of the announcement, obviously, primetime on the keynote, congratulations, but what's the one thing that you get most excited about the product? >> Yeah, the most exciting thing is, it's all about the application. It's all about the application and digital transformation, so, certainly, the cognitive piece, and we've talked about that, but I want to highlight one other thing, which is, we in IBM are providing pre-built automation content from the infrastructure up through full-stack applications and getting into the day two operations, the monitoring, the backup, et cetera, we can orchestrate that end-to-end, unlike anyone in the industry. >> End-to-end is the key word. This is now big part of the architecture. End-to-end cross vendor. >> Exactly. >> And opensource. >> Yep. >> That's kind of the big-- >> Dave: That's what you call automation packs? >> These are the cloud automation packs, exactly, in the past, we called them patterns, we're moving to an open-pattern technology base, and we call 'em cloud automation packs. And I'll just say more about that, we're going to make them available in a marketplace, in the IBM cloud marketplace so clients can come, learn about, discover, try, and buy these automation-- >> Alright, so here's the hard question for you. Well, might be easy for you, hard for me, but as you go end-to-end, which is totally the right way, I believe, that's what everyone wants, end-to-end, but you're crossing horizontal and vertical specialty across multiple vendors, and new things coming, so now 5G comes enables autonomous vehicles, now you got smart cities, now you got Watson trying to learn new environments that I've never seen before in IT. How do you guys prepare for that, what are you guys doing to get out in front of that next wave? >> Yeah, so in the past, I think a lot of applications, and even management tools have been built as monolithic applications. With the Cloud Automation Manager, we built it from the ground up, it's cloud-native, microservices-based, just like a lot of applications out there in the enterprise are bring run, that allows us to be much more composable and flexible than we've ever been in the past, and we augment that with a set of open APIs to integrate with clients' existing tools, you heard me mention the example of integrating with ServiceNow, of course, we can integrate with UrbanCode or other devops tools, APM and monitoring tools, et cetera. >> That's the key, integration is the new table stake. >> That is the new table stake. >> Justin Youngblood, thanks for coming on theCUBE, great, congratulations on the success of your launch, and good luck with the adoption, and we'll see ya out in the marketplace, thanks for coming on theCUBE, Justin, the VP of Cloud Management inside theCUBE, more cloud action, more data action, more predictive content here on theCUBE, more great interviews coming, stay with us, I'm John Furrier with Dave Vellante, we'll be right back.

>> Announcer: Live from Las Vegas, it's theCUBE, covering InterConnect 2017. Brought to you by IBM. >> Hey, welcome back, everyone. Here live at the Mandalay Bay in Las Vegas for theCUBE's three-day exclusive coverage of IBM InterConnect 2017. I'm John Furrier. My co-host, Dave Vellante. Our next guest here is Greg Pepper, head of cloud security architects at Check Point Software Technologies. >> You got it. Good afternoon, gentlemen. >> Welcome, welcome to theCUBE. So, security obviously is big. You're seeing compel all the networks, every company out there is buying security, so there's been a security sprawl. But now you guys have a stock that's trading at a very high, 52-week high. Congratulations. >> Yeah, thank you. You know, some people forget about us. We've been doing this for 24 years, we've been the leaders in this industry for over two decades, but sometimes, we're the best kept secret in the industry. >> Unleash some of those secrets here. I know you guys probably can't go into too much secret sauce as a public company, but what's the software secret? Obviously, relationship with IBM is part of why you're here, but what's the Check Point secret sauce right now? >> I think first and foremost, we've built upon a legacy for the last 20 years. We didn't just acquire technology through acquisition, duct tape and paper clips and call it an architecture for our customers. We've built upon a consistent common platform building on our core strengths. I think the second thing that really differentiates us from some of the other guys you mentioned is our commitment and focus to security first. We are a security company end to end, and everything we do is built off of those tenets. And especially with the growth in security in the data center, its migration to cloud, the industry has kind of come back around to software, and though for a while we delivered hardware appliance to customers, 'cause it was the preferred consumption model, when customers go to the cloud, whether it's SoftLayer, Azure, Amazon, Google, and others, we don't have hardware to bring with you, so you need a software defined security strategy to play in the cloud today. >> What is that software defined security strategy? What's the hottest product that you guys have that's working best? >> Everything we have built on our core competencies of management and the gateways themselves. But these days, it's not enough to just be a firewall vendor, so advanced threat prevention, the ability to both prevent and detect malware from getting on the network, rather than just alerting you that something bad happened. We're providing additional access controls with data awareness. I don't need to plug into the network to tell you people are going to YouTube, Netflix, but what's the information about your organization that's being posted out there? Those are the interesting things that we can help differentiate and alert customers to what's going on. >> So, the perimeter's, with the cloud, all these APIs, microservices coming down the pike with cloud, that's the challenge. I mean, this whole idea of being data and software focused. How do you guys play in that world, and what's this focus there? >> The biggest change is moving away from the traditional management architecture to one that's driven by code. These days especially in the cloud to be agile with dev-ops, you have to have security be able to be deployed, programmed, managed, and monitored all through an API, and this is something over the last few years we've enhanced our products to enable automatic deployment in the cloud providers, automatic management, and also integration with people like IBM QRadar in a highly automated way. >> The big discussion in the last couple years in security has been, hey, it's not enough just to dig a moat around the castle. The queen wants to leave her castle, so we've got to, security's got to be everywhere, it's got to follow the data, and also response is another major focus of discussion, we've got to shift spending there. How has that impacted, first of all, you buy that, second of all, how has that impacted your business and your strategy? >> We definitely do agree, which is why as part of our end to end security strategy, the laptops, the desktops, the mobile devices is an area of increased focus for us. Where really just having the traditional perimeter alone is not adequate. The second thing we started to talk about is the ability to move into the cloud. A lot of the competitive solutions out there don't play as well in the cloud because they're dependent on proprietary hardware. If you're a vendor that has custom ASICs, well, you don't have those ASICs when you go to the cloud. Whereas for us, our software defined security strategy, when we go to Amazon, Azure, SoftLayer, and other cloud providers, 100% of our core capabilities moves along with us. >> Talk that through the value proposition and the customer impact. So, it's more flexibility. Is it lower cost, is it speed, is it better response? >> I believe the primary driver for cloud adoption is agility, not always cost savings, although in some cases that is the case. However, the ability to grow and shrink on demand. In the past, our traditional enterprise customers would consume technology for their max resources. If I'm a large department store, I need to be able to handle Black Friday. Well, that's one week a year that you need that peak utilization. That ability to scale up and scale down is one of the major things driving people to the cloud. Well, security has to have the same model. We have to be able to automatically deploy, scale up for those large-scale events, but then also come back down to an average run-time use to help customers save money. >> How about analytics? How does that play into the security business? >> Yeah, I mean look, the whole reason we exist is to give interesting information for technology to be able to chew on, and the ability to provide the forensic auditing accounting for access controls and for our threat prevention, whether it's on the perimeter, in the cloud, in the core, on mobile and end-point devices, there's a reason after 20 years we've been the lead in the industry is 'cause we provide the best forensics data and integration with all the major leading SIM vendors out there. >> Yeah, the 20-year stair with Check Point. Obviously, the company's evolved a lot since then. Talk about the relationship with IBM, obviously we're here at IBM InterConnect, what are you guys doing with IBM? >> IBM's one of our best partners for over the last two decades. For over 18 years now, they've been a customer, a reseller, and a managed services security partner, so there's multiple organization within IBM that have relationship with Check Point to help secure the corporate assets, customer projects in our managed data centers, or even just purely security managed services. One of the exciting projects that we've been working on that was demonstrated at the security booth was an automated security deployment for the hybrid cloud, where the IBM team worked with us to help take security, automatically roll it out into Amazon and Azure, but also bring it into their MSS environment, their managed security services with zero touch, and they're able to provision, have it managed, monitored, and ready to rock and roll in less than 30 seconds. >> And they were doing that all in software? >> Greg: 100% in software, 100% in code with no human intervention. >> So take us through some of those use cases going forward. As you go talk to customers with IBM or on your own, you write on a lot of white board, I can imagine, so what are some of the white board conversations you're having, 'cause security architecture's one of these, kind of a moving train right now. What are some of the patterns you're seeing right now? >> First and foremost, there's a lot of cloud novice, this is new for all of us. So in the walk-jog-run mentality, we all need to come up with the basic terminology and fundamentals so we can have a more advanced conversation. Once we provide the basic knowledge transfer, the second step is how can you help me lift this legacy application and move it to a cloud-centric application, yet still give me the same levels of security and visibility, 'cause I can't go to the board and tell 'em, "Oh, we screwed up. "We moved to the cloud, and now our apps are not secure." As a matter of fact, for our largest customers, the most critical applications will not move to the cloud unless they have a clearly defined security strategy in place. >> So you lay out those parameters up front, then you kind of walk through it, I'd say crawl, walk, run, then jog. >> Greg: Absolutely. >> However you had it, but I mean, lot of people are kind of crawling, but now also, multi-cloud's a big theme here. So now, you're looking at multiple clouds, and some workloads might make sense for cloud one, two, or three depending on the workloads, but some stay on prem. >> 100%. >> And now you got the true private cloud trend where I'm going to have a cloud-like environment on prem. That's cool, development environment looks the same as the cloud, but I got multiple clouds. How do you guys deal with the multi-cloud and this idea of being consistent on prem and on cloud? >> First and foremost, being a software defined gateway, we have this unique capabilities that's the same on premise, Amazon, Azure, Google, SoftLayer, and others as well. Since we're not dependent upon hardware, we have consistent capabilities across all the clouds. The second thing I want to add is from a management perspective, we've built, excuse me, tight integrations with all the data center and cloud providers, so we're able to trust Amazon, VMware, Cisco, OpenStack, Google, and others and real-time integrate their applications and objects and metadata into our security policies, further tightening the integration and automation capabilities between those cloud providers. >> So, you're actively working with all the clouds to integrate in tightly to manage the security. You become the Switzerland for-- >> Look, we were the first of the major security vendors to both be in Amazon and Azure. We were the first achieve Amazon security competency. We were the first to support basic things like clustering and scale set support, which has been a very common deployment in the cloud as well. We've been in this cloud game for the last seven or eight years now, or as I like to joke, we've cloud up-times longer than some of my competitors have been in business. >> Microsoft was actually down on the cloud. We published a report today on siliconangle.com. Three cloud vendors down in a week. I'll give Amazon a little week there, but it's still, you're still going to see some these bumps in the road, but security, you can't have bumps, you got to be rock solid. >> The thing with today in cloud, whether it's the application, the servers, the storage and securities, you have to anticipate for that total failure situation. Heaven forbid, what happens if an east region went down? Case in point, when Amazon had their storage outage, Netflix was not interrupted at all. Now, other organizations that were only deployed in a single region, we were impacted. This is where, I think from an application architecture, one, we have to think beyond single region, single cloud provider. We have to anticipate the total catastrophic failure and how does our business continuity and disaster recovery work. And then, security has to be an integral portion of that. We can't bolt it on after the fact, it's got to be part of the foundation. >> Greg, great point. And by having software, gives you so much flexibility, I love that hybrid cloud example, but I want to get your thoughts on what you said earlier about lift and shift. That seems to be the parlance of the generation. It used to be rip and replace on the enterprise side, but that's not as easy as it is. To your point, you can't just throw it to the cloud, you might have some gaps. As people look to lift and shift, which I always say is be careful, you got to have some concerns. How do you advise your customers when you say, "Hey, we're lifting and shifting to the cloud." >> For those people, I say don't bother. Right, if I'm going to move the same applications and same products and processes from my private data center to the cloud, why bother? If we're not taking advantage of the agility, elasticity, automation, and all the benefits that clouds has to offer, companies should be building new cloud-ready applications for the cloud. We should not just be lifting our legacy applications and like for like moving them to the cloud, 'cause we're not going to get the benefit in return on investment. >> And it's risky, too, by the way. I would agree with you. So, net new applications, no brainer. If the cloud's available, why not? >> Absolutely. >> Let's go back to the workload. Some clouds have better, like analytics use case is a great cloud, just throw IOT data into Amazon or Azure or Office 365 is Azure, and Amazon gets Kinesis, good stuff, and you've got Bluemix over here. You're starting to see that swim lanes of the different vendors. How do you view the differentiation between the vendors, and how do you advise customers? "Hey Greg, I don't know which cloud to go to. "What's your advice?" >> First and foremost, there's pros and cons to everyone's offering. >> It's kind of like Red Sox, Yankees, you know. It's like trying to-- >> Well, let's stop right there, Yankees for sure. >> Dave: You think? >> Absolutely. >> Dave: You really think? >> Well, maybe not in 2017, but-- >> Who's the Yankees, Microsoft or AWS? >> Microsoft probably the Yankees right now. Then again, from my perspective as a Red Sox fan, I'd say it's a tough call. >> (muttering) is the Yankee-killer. Anywhere, let's... >> Alright, go back. >> We digress. >> What I was I going to make a comment of is look for the adjunct services behind the basics, beyond the basic storage, compute and networking services that everybody has as kind of table stakes. For example, if you're someone who's a very heavy Microsoft Office 365 SharePoint user, you're using their business application suite, well, probably migration to Azure is a more natural transition, right. People who are similarly in the Google environment and using the Google suite of applications, it's a benefit to moving the applications there. And to be honest, people who are purely just into the raw compute horsepower and probably the most mature and largest cloud platform, well, Amazon has probably got a five-year head start on the rest of the guys. So, we try not to sit here and determine which of the three clouds is better, 'cause for us, we play in all of them, and our security footprint has to be consistent across all of them. I'll share with you an anecdotal use case from one of my retail customers is building a commerce platform in AWS. But all the corporate applications are moving to Azure, and separately now, they're looking at Google for other global applications as well. So for them, they're going to be in all three cloud providers, just with different applications finding more natural homes. >> Justin Youngblood was just on. He said, the IBM data said 70% of all organizations, or 70% of the organizations have three or more clouds, infrastructure clouds, right. >> I would believe that. >> Back to the security, I mean, the market's booming. In a way, it's unfortunate that the market's booming is 'cause it's such a huge problem that doesn't end. It's great for you. Each year, we look back at last year and say, okay, we feel more secure, and we don't. So, what's happening in the market? Are we finally going to get a handle on sort of how to deal with this, or is it just always going to be this good guy, bad guy, leap-frogging sort of endless loop? >> The big change these days are the bad guys are pros. This is their full-time job, they're very well funded, trained, and able. >> Dave: And they only have to succeed once. >> And remember, the cost of defense is exponentially higher than the cost of offense. So what it costs my banks and hospitals to secure their environment is 10 to 100-fold over what it costs the bad guys, either in the U.S. or some other nation-state, to attack those environments. I think the biggest challenge that most of our customers face, to be honest, is technology saturation. They've bought every product known to mankind. As I like to joke, for every threat, there's an app for that, and most of our customers have bought all three of them. But then they struggle operationally with the technology, and this is more of a people and a process issue than it is a product issue. There's a lot of great technology out there, ours and other vendors as well, but if it's not implemented and maintained properly, those potentially represent the weakest links. >> And there's new threats emerging, ransomware, for instance, is to your point they're overmanned, and the cost to even compare, or defend against that, but they're already hacked. They'll pay the ransom in bit coin to get their stuff back. >> And look, it's cheaper, quicker, and faster to maybe just whack the system and try and do some forensics clean-up than deploy a next generation end-point to try and detect and mitigate against ransomware, disk encryption, or other bots that may get on the end-points themselves. >> But I almost feel like the mitigation, I mean, you've got to have perimeter security, obviously, and continue to invest in that, but I feel like you're never going to stop somebody from penetrating your organization. What's the status on average, the company's penetrated for 200 and whatever end days before they know? 220, 250, whatever number you want. There's got to be more investment in remediating, responding, managing that complexity. And so, I guess the answer to my earlier question was, well, not any time soon. We're going to have to continue to invest in new approaches, new methodologies to deal with this inundation of data, which isn't going to subside. >> Well, but part of it too is in the past, most of the security controls that companies invested in, they put at the perimeter. So, they're overprotecting on the perimeter, but now, the attacks are coming in through the side door. Spearfishing attempts >> Dave: Or internally. >> They're coming in from laptops or mobile devices that leave the organization and come back in, and since most customers lack internal segmentation, a very small infection becomes a very big problem very quickly. So, a lot of customers now are trying to figure out how do I take what I've done in the perimeter and treat my data center, my campus as untrusted, segment and silo and create smaller fault-isolation domains so that heaven forbid there is a breach or an outbreak, it's contained to a smaller subzone, rather than, look at the Target situation, which came in from an HVAC vendor, moved into a payment system, and then exfiltrated millions of credit card records. >> And, or, and not or, but, and techniques to allow the response to focus on the things that matter, and like you said, organizations, CCOS, are inundated with technology, and they don't know necessarily which threats to go deal with. They've got so much data, and to the extent that they can narrow down those high value threats, that's going to help solve the problem. That's why I was asking the question about analytics before. >> That's where I think the partnership with IBM is so important for us, right, 'cause both what they do with Watson and big data analytics and QRadar as well, it's one thing to just create a bunch of alerts, but for most customers, that's a lot of noise. Give me the interesting bits of information. I don't care about these 10 million alerts over the last week. What are the most critical things that my team needs to address right now? And those are the things that collectively IBM and Check Point help. >> How about the competitive landscape? And you guys are kickin' butt, you're well over a billion, what, $1.7 billion company, roughly? >> A little more, but yeah. >> A little more than that, almost a $20 billion market cap, which you said earlier, John, stocks almost at an all-time high, so obviously compete with Palo Alto. Do you compete with HPE, with ArcSight a little bit? I mean, that acquistion, they sort of, that's-- >> They jettisoned some of their core products that were competitive, like TippingPoint. They've kept some of their ArcSight and other big data analytics, the drive service and storage and services out there. But they're as much a partner as they are a competitor. >> Dave: They are? Okay. >> I mean, I would say the usual competitive suspects, some of the guys you mentioned, some of the big route switch vendors like a Cisco or a Juniper out there. Actually, we're in the end-point mobile space as well, which brings in the Symantec and McAfee and Kaspersky. >> And so, right, okay, so what's your big differentiation? >> I think first and foremost is that we have an enterprise management solution that goes from the mobile to the end-point to the cloud to the network. We do it all through a singular console. We have the most scalable security platform in the marketplace today, and to be honest, we have the best security solution out there, both in terms of the effectiveness as well as the manageability. >> Dave: And you're profitable and you're growing. I'm going to throw that in. >> Greg: We've been profitable since day one. >> Greg, thanks for coming onto theCUBE. We really appreciate, give you the final word on the segment as the outlook going forward. Obviously, all the cloud vendors, you work with them all, all trying to be enterprise-ready. >> Yes. >> And they're all, we're the enterprise cloud. Amazon's now the enterprise cloud, Google was flaunting it at Google Next, they got some work to do. IBM certainly is in the enterprise, Oracle's in the enterprise, Microsoft's in the enterprise. Enterprise readiness and the next few years as security evolves, what are the key table stakes that the cloud guys need to continue to work on, continue to invest in, continue to innovate? >> I think the first thing, and this is across all technology, not just cloud, is that interoperability is the new best of breed. All of our customers are going to have a couple of trusted partners. No one enterprise is single-vendor end to end. But we have to be able to play nicely in the sandox. So, whether it's working with Cisco or McAfee or Microsoft or Symantec, if I don't work well with the other investments my companies and customers have invested in, they're not going to have me around for very long. >> And that's the truth. And multi-cloud, and workloads will fit best, 'cause the SaaS also defines some of these big cloud vendors as well. Microsoft SaaS is Office 365, if you have Microsoft, that's going to be some things for ya. Greg, thanks so much, appreciate it. Great commentary with Check Point Software Technologies, talking security, head of architecture here. Greg Pepper, thanks for joining us. This is theCUBE, more live coverage here, day three coverage from theCUBE after this short break. (electronic keyboard music)