(upbeat music) (upbeat music) >> Hi everybody, welcome back to our coverage of the Cloud Native Security Con. I'm Dave Vellante, here in our Boston studio. We're connecting today with Palo Alto, with John Furrier and Lisa Martin. We're also live from the show floor in Seattle. But right now, I'm here with Andy Thurai who's from Constellation Research, friend of theCUBE, and we're going to discuss the intersection of AI and security, the potential of AI, the risks and the future. Andy, welcome, good to see you again. >> Good to be here again. >> Hey, so let's get into it, can you talk a little bit about, I know this is a passion of yours, the ethical considerations surrounding AI. I mean, it's front and center in the news, and you've got accountability, privacy, security, biases. Should we be worried about AI from a security perspective? >> Absolutely, man, you should be worried. See the problem is, people don't realize this, right? I mean, the ChatGPT being a new shiny object, it's all the craze that's about. But the problem is, most of the content that's produced either by ChatGPT or even by others, it's an access, no warranties, no accountability, no whatsoever. Particularly, if it is content, it's okay. But if it is something like a code that you use for example, one of their site projects that GitHub's co-pilot, which is actually, open AI + Microsoft + GitHub's combo, they allow you to produce code, AI writes code basically, right? But when you write code, problem with that is, it's not exactly stolen, but the models are created by using the GitHub code. Actually, they're getting sued for that, saying that, "You can't use our code". Actually there's a guy, Tim Davidson, I think he's named the professor, he actually demonstrated how AI produces exact copy of the code that he has written. So right now, it's a lot of security, accountability, privacy issues. Use it either to train or to learn. But in my view, it's not ready for enterprise grade yet. >> So, Brian Behlendorf today in his keynotes said he's really worried about ChatGPT being used to automate spearfishing. So I'm like, okay, so let's unpack that a little bit. Is the concern there that it just, the ChatGPT writes such compelling phishing content, it's going to increase the probability of somebody clicking on it, or are there other dimensions? >> It could, it's not necessarily just ChatGPT for that matter, right? AI can, actually, the hackers are using it to an extent already, can use to individualize content. For example, one of the things that you are able to easily identify when you're looking at the emails that are coming in, the phishing attack is, you look at some of the key elements in it, whether it's a human or even if it's an automated AI based system. They look at certain things and they say, "Okay, this is phishing". But if you were to read an email that looks exact copy of what I would've sent to you saying that, "Hey Dave, are you on for tomorrow? Or click on this link to do whatever. It could individualize the message. That's where the volume at scale to individual to masses, that can be done using AI, which is what scares me. >> Is there a flip side to AI? How is it being utilized to help cybersecurity? And maybe you could talk about some of the more successful examples of AI in security. Like, are there use cases or are there companies out there, Andy, that you find, I know you're close to a lot of firms that are leading in this area. You and I have talked about CrowdStrike, I know Palo Alto Network, so is there a positive side to this story? >> Yeah, I mean, absolutely right. Those are some of the good companies you mentioned, CrowdStrike, Palo Alto, Darktrace is another one that I closely follow, which is a good company as well, that they're using AI for security purposes. So, here's the thing, right, when people say, when they're using malware detection systems, most of the malware detection systems that are in today's security and malware systems, use some sort of a signature and pattern scanning in the malware. You know how many identified malwares are there today in the repository, in the library? More than a billion, a billion. So, if you are to check for every malware in your repository, that's not going to work. The pattern based recognition is not going to work. So, you got to figure out a different way of identification of pattern of usage, not just a signature in a malware, right? Or there are other areas you could use, things like the usage patterns. For example, if Andy is coming in to work at a certain time, you could combine a facial recognition saying, that should he be in here at that time, and should he be doing things, what he is supposed to be doing. There are a lot of things you could do using that, right? And the AIOps use cases, which is one of my favorite areas that I work, do a lot of work, right? That it has use cases for detecting things that are anomaly, that are not supposed to be done in a way that's supposed to be, reducing the noise so it can escalate only the things what you're supposed to. So, AIOps is a great use case to use in security areas which they're not using it to an extent yet. Incident management is another area. >> So, in your malware example, you're saying, okay, known malware, pretty much anybody can deal with that now. That's sort of yesterday's problem. >> The unknown is the problem. >> It's the unknown malware really trying to understand the patterns, and the patterns are going to change. It's not like you're saying a common signature 'cause they're going to use AI to change things up at scale. >> So, here's the problem, right? The malware writers are also using AI now, right? So, they're not going to write the old malware, send it to you. They are actually creating malware on the fly. It is possible entirely in today's world that they can create a malware, drop in your systems and it'll it look for the, let me get that name right. It's called, what are we using here? It's called the TTPs, Tactics, Techniques and procedures. It'll look for that to figure out, okay, am I doing the right pattern? And then malware can sense it saying that, okay, that's the one they're detecting. I'm going to change it on the fly. So, AI can code itself on the fly, rather malware can code itself on the fly, which is going to be hard to detect. >> Well, and when you talk about TTP, when you talk to folks like Kevin Mandia of Mandiant, recently purchased by Google or other of those, the ones that have the big observation space, they'll talk about the most malicious hacks that they see, involve lateral movement. So, that's obviously something that people are looking for, AI's looking for that. And of course, the hackers are going to try to mask that lateral movement, living off the land and other things. How do you see AI impacting the future of cyber? We talked about the risks and the good. One of the things that Brian Behlendorf also mentioned is that, he pointed out that in the early days of the internet, the protocols had an inherent element of trust involved. So, things like SMTP, they didn't have security built in. So, they built up a lot of technical debt. Do you see AI being able to help with that? What steps do you see being taken to ensure that AI based systems are secure? >> So, the major difference between the older systems and the newer systems is the older systems, sadly even today, a lot of them are rules-based. If it's a rules-based systems, you are dead in the water and not able, right? So, the AI-based systems can somewhat learn from the patterns as I was talking about, for example... >> When you say rules-based systems, you mean here's the policy, here's the rule, if it's not followed but then you're saying, AI will blow that away, >> AI will blow that away, you don't have to necessarily codify things saying that, okay, if this, then do this. You don't have to necessarily do that. AI can somewhat to an extent self-learn saying that, okay, if that doesn't happen, if this is not a pattern that I know which is supposed to happen, who should I escalate this to? Who does this system belong to? And the other thing, the AIOps use case we talked about, right, the anomalies. When an anomaly happens, then the system can closely look at, saying that, okay, this is not normal behavior or usage. Is that because system's being overused or is it because somebody's trying to access something, could look at the anomaly detection, anomaly prevention or even prediction to an extent. And that's where AI could be very useful. >> So, how about the developer angle? 'Cause CNCF, the event in Seattle is all around developers, how can AI be integrated? We did a lot of talk at the conference about shift-left, we talked about shift-left and protect right. Meaning, protect the run time. So, both are important, so what steps should be taken to ensure that the AI systems are being developed in a secure and ethically sound way? What's the role of developers in that regard? >> How long do you got? (Both laughing) I think it could go for base on that. So, here's the problem, right? Lot of these companies are trying to see, I mean, you might have seen that in the news that Buzzfeed is trying to hire all of the writers to create the thing that ChatGPT is creating, a lot of enterprises... >> How, they're going to fire their writers? >> Yeah, they replace the writers. >> It's like automated automated vehicles and automated Uber drivers. >> So, the problem is a lot of enterprises still haven't done that, at least the ones I'm speaking to, are thinking about saying, "Hey, you know what, can I replace my developers because they are so expensive? Can I replace them with AI generated code?" There are a few issues with that. One, AI generated code is based on some sort of a snippet of a code that has been already available. So, you get into copyright issues, that's issue number one, right? Issue number two, if AI creates code and if something were to go wrong, who's responsible for that? There's no accountability right now. Or you as a company that's creating a system that's responsible, or is it ChatGPT, Microsoft is responsible. >> Or is the developer? >> Or the developer. >> The individual developer might be. So, they're going to be cautious about that liability. >> Well, so one of the areas where I'm seeing a lot of enterprises using this is they are using it to teach developers to learn things. You know what, if you're to code, this is a good way to code. That area, it's okay because you are just teaching them. But if you are to put an actual production code, this is what I advise companies, look, if somebody's using even to create a code, whether with or without your permission, make sure that once the code is committed, you validate that the 100%, whether it's a code or a model, or even make sure that the data what you're feeding in it is completely out of bias or no bias, right? Because at the end of the day, it doesn't matter who, what, when did that, if you put out a service or a system out there, it is involving your company liability and system, and code in place. You're going to be screwed regardless of what, if something were to go wrong, you are the first person who's liable for it. >> Andy, when you think about the dangers of AI, and what keeps you up at night if you're a security professional AI and security professional. We talked about ChatGPT doing things, we don't even, the hackers are going to get creative. But what worries you the most when you think about this topic? >> A lot, a lot, right? Let's start off with an example, actually, I don't know if you had a chance to see that or not. The hackers used a bank of Hong Kong, used a defect mechanism to fool Bank of Hong Kong to transfer $35 million to a fake account, the money is gone, right? And the problem that is, what they did was, they interacted with a manager and they learned this executive who can control a big account and cloned his voice, and clone his patterns on how he calls and what he talks and the whole name he has, after learning that, they call the branch manager or bank manager and say, "Hey, you know what, hey, move this much money to whatever." So, that's one way of kind of phishing, kind of deep fake that can come. So, that's just one example. Imagine whether business is conducted by just using voice or phone calls itself. That's an area of concern if you were to do that. And imagine this became an uproar a few years back when deepfakes put out the video of Tom Cruise and others we talked about in the past, right? And Tom Cruise looked at the video, he said that he couldn't distinguish that he didn't do it. It is so close, that close, right? And they are doing things like they're using gems... >> Awesome Instagram account by the way, the guy's hilarious, right? >> So, they they're using a lot of this fake videos and fake stuff. As long as it's only for entertainment purposes, good. But imagine doing... >> That's right there but... >> But during the election season when people were to put out saying that, okay, this current president or ex-president, he said what? And the masses believe right now whatever they're seeing in TV, that's unfortunate thing. I mean, there's no fact checking involved, and you could change governments and elections using that, which is scary shit, right? >> When you think about 2016, that was when we really first saw, the weaponization of social, the heavy use of social and then 2020 was like, wow. >> To the next level. >> It was crazy. The polarization, 2024, would deepfakes... >> Could be the next level, yeah. >> I mean, it's just going to escalate. What about public policy? I want to pick your brain on this because I I've seen situations where the EU, for example, is going to restrict the ability to ship certain code if it's involved with critical infrastructure. So, let's say, example, you're running a nuclear facility and you've got the code that protects that facility, and it can be useful against some other malware that's outside of that country, but you're restricted from sending that for whatever reason, data sovereignty. Is public policy, is it aligned with the objectives in this new world? Or, I mean, normally they have to catch up. Is that going to be a problem in your view? >> It is because, when it comes to laws it's always miles behind when a new innovation happens. It's not just for AI, right? I mean, the same thing happened with IOT. Same thing happened with whatever else new emerging tech you have. The laws have to understand if there's an issue and they have to see a continued pattern of misuse of the technology, then they'll come up with that. Use in ways they are ahead of things. So, they put a lot of restrictions in place and about what AI can or cannot do, US is way behind on that, right? But California has done some things, for example, if you are talking to a chat bot, then you have to basically disclose that to the customer, saying that you're talking to a chat bot, not to a human. And that's just a very basic rule that they have in place. I mean, there are times that when a decision is made by the, problem is, AI is a black box now. The decision making is also a black box now, and we don't tell people. And the problem is if you tell people, you'll get sued immediately because every single time, we talked about that last time, there are cases involving AI making decisions, it gets thrown out the window all the time. If you can't substantiate that. So, the bottom line is that, yes, AI can assist and help you in making decisions but just use that as a assistant mechanism. A human has to be always in all the loop, right? >> Will AI help with, in your view, with supply chain, the software supply chain security or is it, it's always a balance, right? I mean, I feel like the attackers are more advanced in some ways, it's like they're on offense, let's say, right? So, when you're calling the plays, you know where you're going, the defense has to respond to it. So in that sense, the hackers have an advantage. So, what's the balance with software supply chain? Are the hackers have the advantage because they can use AI to accelerate their penetration of the software supply chain? Or will AI in your view be a good defensive mechanism? >> It could be but the problem is, the velocity and veracity of things can be done using AI, whether it's fishing, or malware, or other security and the vulnerability scanning the whole nine yards. It's scary because the hackers have a full advantage right now. And actually, I think ChatGPT recently put out two things. One is, it's able to direct the code if it is generated by ChatGPT. So basically, if you're trying to fake because a lot of schools were complaining about it, that's why they came up with the mechanism. So, if you're trying to create a fake, there's a mechanism for them to identify. But that's a step behind still, right? And the hackers are using things to their advantage. Actually ChatGPT made a rule, if you go there and read the terms and conditions, it's basically honor rule suggesting, you can't use this for certain purposes, to create a model where it creates a security threat, as that people are going to listen. So, if there's a way or mechanism to restrict hackers from using these technologies, that would be great. But I don't see that happening. So, know that these guys have an advantage, know that they're using AI, and you have to do things to be prepared. One thing I was mentioning about is, if somebody writes a code, if somebody commits a code right now, the problem is with the agile methodologies. If somebody writes a code, if they commit a code, you assume that's right and legit, you immediately push it out into production because need for speed is there, right? But if you continue to do that with the AI produced code, you're screwed. >> So, bottom line is, AI's going to speed us up in a security context or is it going to slow us down? >> Well, in the current version, the AI systems are flawed because even the ChatGPT, if you look at the the large language models, you look at the core piece of data that's available in the world as of today and then train them using that model, using the data, right? But people are forgetting that's based on today's data. The data changes on a second basis or on a minute basis. So, if I want to do something based on tomorrow or a day after, you have to retrain the models. So, the data already have a stale. So, that in itself is stale and the cost for retraining is going to be a problem too. So overall, AI is a good first step. Use that with a caution, is what I want to say. The system is flawed now, if you use it as is, you'll be screwed, it's dangerous. >> Andy, you got to go, thanks so much for coming in, appreciate it. >> Thanks for having me. >> You're very welcome, so we're going wall to wall with our coverage of the Cloud Native Security Con. I'm Dave Vellante in the Boston Studio, John Furrier, Lisa Martin and Palo Alto. We're going to be live on the show floor as well, bringing in keynote speakers and others on the ground. Keep it right there for more coverage on theCUBE. (upbeat music) (upbeat music) (upbeat music) (upbeat music)

>>Hey everyone, welcome to this event, HPE Compute Security. I'm your host, Lisa Martin. Kevin Dee joins me next Senior director, future Surfer Architecture at hpe. Kevin, it's great to have you back on the program. >>Thanks, Lisa. I'm glad to be here. >>One of the topics that we're gonna unpack in this segment is, is all about cybersecurity. And if we think of how dramatically the landscape has changed in the last couple of years, I was looking at some numbers that H P V E had provided. Cybercrime will reach 10.5 trillion by 2025. It's a couple years away. The average total cost of a data breach is now over 4 million, 15% year over year crime growth predicted over the next five years. It's no longer if we get hit, it's when it's how often. What's the severity? Talk to me about the current situation with the cybersecurity landscape that you're seeing. >>Yeah, I mean the, the numbers you're talking about are just staggering and then that's exactly what we're seeing and that's exactly what we're hearing from our customers is just absolutely key. Customers have too much to lose. The, the dollar cost is just, like I said, staggering. And, and here at HP we know we have a huge part to play, but we also know that we need partnerships across the industry to solve these problems. So we have partnered with, with our, our various partners to deliver these Gen 11 products. Whether we're talking about partners like a M D or partners like our Nick vendors, storage card vendors. We know we can't solve the problem alone. And we know this, the issue is huge. And like you said, the numbers are staggering. So we're really, we're really partnering with, with all the right players to ensure we have a secure solution so we can stay ahead of the bad guys to try to limit the, the attacks on our customers. >>Right. Limit the damage. What are some of the things that you've seen particularly change in the last 18 months or so? Anything that you can share with us that's eye-opening, more eye-opening than some of the stats we already shared? >>Well, there, there's been a massive number of attacks just in the last 12 months, but I wouldn't really say it's so much changed because the amount of attacks has been increasing dramatically over the years for many, many, many years. It's just a very lucrative area for the bad guys, whether it's ransomware or stealing personal data, whatever it is, it's there. There's unfortunately a lot of money to be made into it, made from it, and a lot of money to be lost by the good guys, the good guys being our customers. So it's not so much that it's changed, it's just that it's even accelerating faster. So the real change is, it's accelerating even faster because it's becoming even more lucrative. So we have to stay ahead of these bad guys. One of the statistics of Microsoft operating environments, the number of tax in the last year, up 50% year over year, that's a huge acceleration and we've gotta stay ahead of that. We have to make sure our customers don't get impacted to the level that these, these staggering number of attacks are. The, the bad guys are out there. We've gotta protect, protect our customers from the bad guys. >>Absolutely. The acceleration that you talked about is, it's, it's kind of frightening. It's very eye-opening. We do know that security, you know, we've talked about it for so long as a, as a a C-suite priority, a board level priority. We know that as some of the data that HPE e also sent over organizations are risking are, are listing cyber risks as a top five concern in their organization. IT budgets spend is going up where security is concerned. And so security security's on everyone's mind. In fact, the cube did, I guess in the middle part of last, I did a series on this really focusing on cybersecurity as a board issue and they went into how companies are structuring security teams changing their assumptions about the right security model, offense versus defense. But security's gone beyond the board, it's top of mind and it's on, it's in an integral part of every conversation. So my question for you is, when you're talking to customers, what are some of the key challenges that they're saying, Kevin, these are some of the things the landscape is accelerating, we know it's a matter of time. What are some of those challenges and that they're key pain points that they're coming to you to help solve? >>Yeah, at the highest level it's simply that security is incredibly important to them. We talked about the numbers. There's so much money to be lost that what they come to us and say, is security's important for us? What can you do to protect us? What can you do to prevent us from being one of those statistics? So at a high level, that's kind of what we're seeing at a, with a little more detail. We know that there's customers doing digital transformations. We know that there's customers going hybrid cloud, they've got a lot of initiatives on their own. They've gotta spend a lot of time and a lot of bandwidth tackling things that are important to their business. They just don't have the bandwidth to worry about yet. Another thing which is security. So we are doing everything we can and partnering with everyone we can to help solve those problems for customers. >>Cuz we're hearing, hey, this is huge, this is too big of a risk. How do you protect us? And by the way, we only have limited bandwidth, so what can we do? What we can do is make them assured that that platform is secure, that we're, we are creating a foundation for a very secure platform and that we've worked with our partners to secure all the pieces. So yes, they still have to worry about security, but there's pieces that we've taken care of that they don't have to worry about and there's capabilities that we've provided that they can use and we've made that easy so they can build su secure solutions on top of it. >>What are some of the things when you're in customer conversations, Kevin, that you talk about with customers in terms of what makes HPE E'S approach to security really unique? >>Well, I think a big thing is security is part of our, our dna. It's part of everything we do. Whether we're designing our own asics for our bmc, the ilo ASIC ILO six used on Gen 11, or whether it's our firmware stack, the ILO firmware, our our system, UFI firmware, all those pieces in everything we do. We're thinking about security. When we're building products in our factory, we're thinking about security. When we're think designing our supply chain, we're thinking about security. When we make requirements on our suppliers, we're driving security to be a key part of those components. So security is in our D N a security's top of mind. Security is something we think about in everything we do. We have to think like the bad guys, what could the bad guy take advantage of? What could the bad guy exploit? So we try to think like them so that we can protect our customers. >>And so security is something that that really is pervasive across all of our development organizations, our supply chain organizations, our factories, and our partners. So that's what we think is unique about HPE is because security is so important and there's a whole lot of pieces of our reliance servers that we do ourselves that many others don't do themselves. And since we do it ourselves, we can make sure that security's in the design from the start, that those pieces work together in a secure manner. So we think that gives us a, an advantage from a security standpoint. >>Security is very much intention based at HPE e I was reading in some notes, and you just did a great job of talking about this, that fundamental security approach, security is fundamental to defend against threats that are increasingly complex through what you also call an uncompromising focus to state-of-the-art security and in in innovations built into your D N A. And then organizations can protect their infrastructure, their workloads, their data from the bad guys. Talk to us briefly in our final few minutes here, Kevin, about fundamental uncompromising protected the value in it for me as an HPE customer. >>Yeah, when we talk about fundamental, we're talking about the those fundamental technologies that are part of our platform. Things like we've integrated TPMS and sorted them down in our platforms. We now have platform certificates as a standard part of the platform. We have I dev id and probably most importantly, our platforms continue to support what we really believe was a groundbreaking technology, Silicon Root of trust and what that's able to do. We have millions of lines of firmware code in our platforms and with Silicon Root of trust, we can authenticate all of those lines of firmware. Whether we're talking about the the ILO six firmware, our U E I firmware, our C P L D in the system, there's other pieces of firmware. We authenticate all those to make sure that not a single line of code, not a single bit has been changed by a bad guy, even if the bad guy has physical access to the platform. >>So that silicon route of trust technology is making sure that when that system boots off and that hands off to the operating system and then eventually the customer's application stack that it's starting with a solid foundation, that it's starting with a system that hasn't been compromised. And then we build other things into that silicon root of trust, such as the ability to do the scans and the authentications at runtime, the ability to automatically recover if we detect something has been compromised, we can automatically update that compromised piece of firmware to a good piece before we've run it because we never want to run firmware that's been compromised. So that's all part of that Silicon Root of Trust solution and that's a fundamental piece of the platform. And then when we talk about uncompromising, what we're really talking about there is how we don't compromise security. >>And one of the ways we do that is through an extension of our Silicon Root of trust with a capability called S Spdm. And this is a technology that we saw the need for, we saw the need to authenticate our option cards and the firmware in those option cards. Silicon Root Prota, Silicon Root Trust protects against many attacks, but one piece it didn't do is verify the actual option card firmware and the option cards. So we knew to solve that problem we would have to partner with others in the industry, our nick vendors, our storage controller vendors, our G vendors. So we worked with industry standards bodies and those other partners to design a capability that allows us to authenticate all of those devices. And we worked with those vendors to get the support both in their side and in our platform side so that now Silicon Rivers and trust has been extended to where we protect and we trust those option cards as well. >>So that's when, when what we're talking about with Uncompromising and with with Protect, what we're talking about there is our capabilities around protecting against, for example, supply chain attacks. We have our, our trusted supply chain solution, which allows us to guarantee that our server, when it leaves our factory, what the server is, when it leaves our factory, will be what it is when it arrives at the customer. And if a bad guy does anything in that transition, the transit from our factory to the customer, they'll be able to detect that. So we enable certain capabilities by default capability called server configuration lock, which can ensure that nothing in the server exchange, whether it's firmware, hardware, configurations, swapping out processors, whatever it is, we'll detect if a bad guy did any of that and the customer will know it before they deploy the system. That gets enabled by default. >>We have an intrusion detection technology option when you use by the, the trusted supply chain that is included by default. That lets you know, did anybody open that system up, even if the system's not plugged in, did somebody take the hood off and potentially do something malicious to it? We also enable a capability called U EFI secure Boot, which can go authenticate some of the drivers that are located on the option card itself. Those kind of capabilities. Also ilo high security mode gets enabled by default. So all these things are enabled in the platform to ensure that if it's attacked going from our factory to the customer, it will be detected and the customer won't deploy a system that's been maliciously attacked. So that's got >>It, >>How we protect the customer through those capabilities. >>Outstanding. You mentioned partners, my last question for you, we've got about a minute left, Kevin is bring AMD into the conversation, where do they fit in this >>AMD's an absolutely crucial partner. No one company even HP can do it all themselves. There's a lot of partnerships, there's a lot of synergies working with amd. We've been working with AMD for almost 20 years since we delivered our first AM MD base ProLiant back in 2004 H HP ProLiant, DL 5 85. So we've been working with them a long time. We work with them years ahead of when a processor is announced, we benefit each other. We look at their designs and help them make their designs better. They let us know about their technology so we can take advantage of it in our designs. So they have a lot of security capabilities, like their memory encryption technologies, their a MD secure processor, their secure encrypted virtualization, which is an absolutely unique and breakthrough technology to protect virtual machines and hypervisor environments and protect them from malicious hypervisors. So they have some really great capabilities that they've built into their processor, and we also take advantage of the capabilities they have and ensure those are used in our solutions and in securing the platform. So a really such >>A great, great partnership. Great synergies there. Kevin, thank you so much for joining me on the program, talking about compute security, what HPE is doing to ensure that security is fundamental, that it is unpromised and that your customers are protected end to end. We appreciate your insights, we appreciate your time. >>Thank you very much, Lisa. >>We've just had a great conversation with Kevin Depu. Now I get to talk with David Chang, data center solutions marketing lead at a md. David, welcome to the program. >>Thank, thank you. And thank you for having me. >>So one of the hot topics of conversation that we can't avoid is security. Talk to me about some of the things that AMD is seeing from the customer's perspective, why security is so important for businesses across industries. >>Yeah, sure. Yeah. Security is, is top of mind for, for almost every, every customer I'm talking to right now. You know, there's several key market drivers and, and trends, you know, in, out there today that's really needing a better and innovative solution for, for security, right? So, you know, the high cost of data breaches, for example, will cost enterprises in downtime of, of the data center. And that time is time that you're not making money, right? And potentially even leading to your, to the loss of customer confidence in your, in your cust in your company's offerings. So there's real costs that you, you know, our customers are facing every day not being prepared and not having proper security measures set up in the data center. In fact, according to to one report, over 400 high-tech threats are being introduced every minute. So every day, numerous new threats are popping up and they're just, you know, the, you know, the bad guys are just getting more and more sophisticated. So you have to take, you know, measures today and you have to protect yourself, you know, end to end with solutions like what a AM MD and HPE has to offer. >>Yeah, you talked about some of the costs there. They're exorbitant. I've seen recent figures about the average, you know, cost of data breacher ransomware is, is close to, is over $4 million, the cost of, of brand reputation you brought up. That's a great point because nobody wants to be the next headline and security, I'm sure in your experiences. It's a board level conversation. It's, it's absolutely table stakes for every organization. Let's talk a little bit about some of the specific things now that A M D and HPE E are doing. I know that you have a really solid focus on building security features into the EPIC processors. Talk to me a little bit about that focus and some of the great things that you're doing there. >>Yeah, so, you know, we partner with H P E for a long time now. I think it's almost 20 years that we've been in business together. And, and you know, we, we help, you know, we, we work together design in security features even before the silicons even, you know, even born. So, you know, we have a great relationship with, with, with all our partners, including hpe and you know, HPE has, you know, an end really great end to end security story and AMD fits really well into that. You know, if you kind of think about how security all started, you know, in, in the data center, you, you've had strategies around encryption of the, you know, the data in, in flight, the network security, you know, you know, VPNs and, and, and security on the NS. And, and even on the, on the hard drives, you know, data that's at rest. >>You know, encryption has, you know, security has been sort of part of that strategy for a a long time and really for, you know, for ages, nobody really thought about the, the actual data in use, which is, you know, the, the information that's being passed from the C P U to the, the, the memory and, and even in virtualized environments to the, the, the virtual machines that, that everybody uses now. So, you know, for a long time nobody really thought about that app, you know, that third leg of, of encryption. And so a d comes in and says, Hey, you know, this is things that as, as the bad guys are getting more sophisticated, you, you have to start worrying about that, right? And, you know, for example, you know, you know, think, think people think about memory, you know, being sort of, you know, non-persistent and you know, when after, you know, after a certain time, the, the, you know, the, the data in the memory kind of goes away, right? >>But that's not true anymore because even in in memory data now, you know, there's a lot of memory modules that still can retain data up to 90 minutes even after p power loss. And with something as simple as compressed, compressed air or, or liquid nitrogen, you can actually freeze memory dams now long enough to extract the data from that memory module for up, you know, up, up to two or three hours, right? So lo more than enough time to read valuable data and, and, and even encryption keys off of that memory module. So our, our world's getting more complex and you know, more, the more data out there, the more insatiable need for compute and storage. You know, data management is becoming all, all the more important, you know, to keep all of that going and secure, you know, and, and creating security for those threats. It becomes more and more important. And, and again, especially in virtualized environments where, you know, like hyperconverged infrastructure or vir virtual desktop memories, it's really hard to keep up with all those different attacks, all those different attack surfaces. >>It sounds like what you were just talking about is what AMD has been able to do is identify yet another vulnerability Yes. Another attack surface in memory to be able to, to plug that hole for organizations that didn't, weren't able to do that before. >>Yeah. And, you know, and, and we kind of started out with that belief that security needed to be scalable and, and able to adapt to, to changing environments. So, you know, we, we came up with, you know, the, you know, the, the philosophy or the design philosophy that we're gonna continue to build on those security features generational generations and stay ahead of those evolving attacks. You know, great example is in, in the third gen, you know, epic C P U, that family that we had, we actually created this feature called S E V S N P, which stands for SECURENESS Paging. And it's really all around this, this new attack where, you know, your, the, the, you know, it's basically hypervisor based attacks where people are, you know, the bad actors are writing in to the memory and writing in basically bad data to corrupt the mem, you know, to corrupt the data in the memory. So s e V S and P is, was put in place to help, you know, secure that, you know, before that became a problem. And, you know, you heard in the news just recently that that becoming a more and more, more of a bigger issue. And the great news is that we had that feature built in, you know, before that became a big problem. >>And now you're on the fourth gen, those epic crosses talk of those epic processes. Talk to me a little bit about some of the innovations that are now in fourth gen. >>Yeah, so in fourth gen we actually added, you know, on top of that. So we've, we've got, you know, the sec the, the base of our, our, what we call infinity guard is, is all around the secure boot. The, you know, the, the, the, the secure root of trust that, you know, that we, we work with HPE on the, the strong memory encryption and the S E V, which is the secure encrypted virtualization. And so remember those s s and p, you know, incap capabilities that I talked about earlier. We've actually, in the fourth gen added two x the number of sev v s and P guests for even higher number of confidential VMs to support even more customers than before. Right? We've also added more guest protection from simultaneous multi threading or S M T side channel attacks. And, you know, while it's not officially part of Infinity Guard, we've actually added more APEC acceleration, which greatly benefits the security of those confidential VMs with the larger number of VCPUs, which basically means that you can build larger VMs and still be secured. And then lastly, we actually added even stronger a e s encryption. So we went from 128 bit to 256 bit, which is now military grade encryption on top of that. And, you know, and, and that's really, you know, the de facto crypto cryptography that is used for most of the applications for, you know, customers like the US federal government and, and all, you know, the, is really an essential element for memory security and the H B C applications. And I always say if it's good enough for the US government, it's good enough for you. >>Exactly. Well, it's got to be, talk a little bit about how AMD is doing this together with HPE a little bit about the partnership as we round out our conversation. >>Sure, absolutely. So security is only as strong as the layer below it, right? So, you know, that's why modern security must be built in rather than, than, you know, bolted on or, or, or, you know, added after the fact, right? So HPE and a MD actually developed this layered approach for protecting critical data together, right? Through our leadership and, and security features and innovations, we really deliver a set of hardware based features that, that help decrease potential attack surfaces. With, with that holistic approach that, you know, that safeguards the critical information across system, you know, the, the entire system lifecycle. And we provide the confidence of built-in silicon authentication on the world's most secure industry standard servers. And with a 360 degree approach that brings high availability to critical workloads while helping to defend, you know, against internal and external threats. So things like h hp, root of silicon root of trust with the trusted supply chain, which, you know, obviously AMD's part of that supply chain combined with AMD's Infinity guard technology really helps provide that end-to-end data protection in today's business. >>And that is so critical for businesses in every industry. As you mentioned, the attackers are getting more and more sophisticated, the vulnerabilities are increasing. The ability to have a pa, a partnership like H P E and a MD to deliver that end-to-end data protection is table stakes for businesses. David, thank you so much for joining me on the program, really walking us through what am MD is doing, the the fourth gen epic processors and how you're working together with HPE to really enable security to be successfully accomplished by businesses across industries. We appreciate your insights. >>Well, thank you again for having me, and we appreciate the partnership with hpe. >>Well, you wanna thank you for watching our special program HPE Compute Security. I do have a call to action for you. Go ahead and visit hpe com slash security slash compute. Thanks for watching.

>> Announcer: TheCUBE presents Ignite '22, brought to you by Palo Alto Networks. >> Welcome back to Las Vegas. It's theCUBE covering Palo Alto Networks '22, from the MGM Grand, Lisa Martin with Dave Vellante. Dave, we are going to unpack in the next few minutes what we heard and saw at day one of Palo Alto Networks, Ignite. A lot of great conversations, some great guests on the program today. >> Yeah last event, CUBE event of the year. Probably last major tech event of the year. It's kind of an interesting choice of timing, two weeks after reInvent. But you know, this crowd is it's a lot of like network engineers, SecOps pros. There's not a lot of suits here. I think they were here yesterday, all the partners. >> Yeah. >> We talked to Carl Sunderland about, Hey, these, these guys want to know how do I grow my business? You know, so it was a lot of C level executives talking about their business, and how they partner with Palo Alto to grow. The crowd today is really, you know hardcore security professionals. >> Yeah. >> So we're hearing a story of consolidation. >> Yes. >> No surprise. We've talked about that and reported on it, you know, quite extensively. The one big takeaway, and I want, I came in, as you know, wanting to understand, okay, can you through m and a maintain, you know, build a suite of great, big portfolio and at the same time maintain best of breed? And the answer was consistent. We heard it from Nikesh, we heard it from Nir Zuk. The answer was you can't be best of breed without having that large portfolio, single data lake, you know? Single version of the truth, of there is such a thing. That was interesting, that in security, you have to have that visibility. I would imagine, that's true for a lot of things. Data, see what Snowflake and Databricks are both trying to do, now AWS. So to join, we heard that last week, so that was one of the big takeaways. What were your, some of your thoughts? >> Just impressed with the level of threat intelligence that Unit 42 has done. I mean, we had Wendy Whitmer on, and she was one of the alumni, great guest. The landscape has changed so dramatically. Every business, in any industry, nobody's safe. They have such great intelligence on what's going on with malware, with ransomware, with Smishing, that they're able to get, help organizations on their way to becoming cyber resilient. You know, we've been talking a lot about cyber resiliency lately. I always want to understand, well what does it mean? How do different organizations and customers define it? Can they actually really get there? And Wendy talked about yes, it is a journey, but organizations can achieve cyber resiliency. But they need to partner with Palo Alto Networks to be able to understand the landscape and ensure that they've got security established across their organization, as it's now growingly Multicloud. >> Yeah, she's a blonde-haired Wonder Woman, superhero. I always ask security pros that question. But you know, when you talk to people like Wendy Whitmore, Kevin Mandy is somebody else. And the people at AWS, or the big cloud companies, who are on the inside, looking at the threat intelligence. They have so much data, and they have so much knowledge. They can, they analyze, they could identify the fingerprints of nation states, different, you know, criminal organizations. And the the one thing, I think it was Wendy who said, maybe it was somebody else, I think it was Wendy, that they're they're tearing down and reforming, right? >> Yes. >> After they're discovered. Okay, they pack up and leave. They're like, you know, Oceans 11. >> Yep. >> Okay. And then they recruit them and bring them back in. So that was really fascinating. Nir Zuk, we'd never had him on theCUBE before. He was tremendous founder and and CTO of Palo Alto Networks, very opinionated. You know, very clear thinker, basically saying, look you're SOC is going to be run by AI >> Yeah. >> within the next five years. And machines are going to do things that humans can't do at scale, is really what he was saying. And then they're going to get better at that, and they're going to do other things that you have done well that they haven't done well, and then they're going to do well. And so, this is an interesting discussion about you know, I remember, you know we had an event with MIT. Eric Brynjolfsson and Andy McAfee, they wrote the book "Second Machine Age." And they made the point, machines have always replaced humans. This is the first time ever that machines are replacing humans in cognitive functions. So what does that mean? That means that humans have to rely on, you know, creativity. There's got to be new training, new thinking. So it's not like you're going to be out of a job, you're just going to be doing a different job. >> Right. I thought Nir Zuk did a great job of explaining that. We often hear people that are concerned with machines taking jobs. He did a great job of, and you did a great recap, of articulating the value that both bring, and the opportunities to the humans that the machines actually deliver as well. >> Yeah so, you know, we didn't, we didn't get deep into the products today. Tomorrow we're going to have a little bit more deep dive on products. We did, we had some partners on, AWS came on, talked about their ecosystem. BJ Jenkins so, you know, BJ Jenkins again I mean super senior executive. And if I were Nikesh, he's doing exactly what I would do. Putting him on a plane and saying, go meet with customers, go make rain, right? And that's what he's doing is, he's an individual who really knows how to interact with the C-suite, has driven value, you know, over the years. So they've got that angle goin', they're driving go to market. They've got the technology piece and they've, they got to build out the ecosystem. That I think is the big opportunity for them. You know, if they're going to double as a company, this ecosystem has to quadruple. >> Yeah, yeah. >> In my opinion. And I, we saw the same thing at CrowdStrike. We said the same thing about Service Now in 2013. And so, what's happened is the GSIs, the global system integrators start to get involved. They start to partner with them and then they get to get that flywheel effect. And then there's a supercloud, I think that, you know I think Nir Zuk said, Hey, we are basically building out that, he didn't use the term supercloud. But, we're building out that cross cloud capability. You don't need another stove pipe for the edge. You know, so they got on-prem, they got AWS, Azure, you said you have to, absolutely have to run on Microsoft. 'Cause I don't believe today, right? Today they run on, I heard somebody say they run on AWS and Google. >> Yeah. >> I haven't heard much about Microsoft. >> Right. >> Both AWS and Google are here. Microsoft, the bigger competitor in security, but Nir Zuk was unequivocal. Yes, of course you have to run, you got to run it on an Alibaba cloud. He didn't say that, but if you want to secure the China cloud, you got to run on Alibaba. >> Absolutely. >> And Oracle he said. Didn't mention IBM, but no reason they can't run on IBM's cloud. But unless IBM doesn't want 'em to. >> Well they're very customer focused and customer first. So it'll be interesting to see if customers take them in that direction. >> Well it's a good point, right? If customers say, Hey we want you running in this cloud, they will. And, but he did call out Oracle, which I thought was interesting. And so, Oracle's all about mission critical data, mission critical apps. So, you know, that's a good sign. You know, I mean there's so much opportunity in cyber, but so much confusion. You know, sneak had a raise today. It was a down round, no surprise there. But you know, these companies are going to start getting tight on cash, and you've seen layoffs, right? And so, I dunno who said it, I think it was Carl at the end said in a downturn, the strongest companies come out stronger. And that's generally, generally been the case. That kind of rich get richer. We see that in the last downturn? Yes and no, to a certain extent. It's still all about execution. I mean I think about EMC coming out of the last downturn. They did come out stronger and then they started to rocket, but then look what happened. They couldn't remain independent. They were just using m and a as a technique to hide the warts. You know so, what Nir Zuk said that was most interesting to me is when we acquire, we acquire with the intent of integrating. ServiceNow has a similar philosophy. I think that's why they've been somewhat successful. And Oracle, for sure, has had a similar philosophy. So, and that idea of shifting labor into vendor R and D has always been a winning formula. >> I think we heard that today. Excited for day two tomorrow. We've got some great conversations. We're going to be able to talk with some customers, the chief product officer is on. So we have more great content coming from our last live show over the year. Dave, it's been great co-hosting day one with you. Look forward to doing it tomorrow. >> Yeah, thanks for doing this. >> All right. >> All right. For Dave Vellante, I'm Lisa Martin. You've been watching theCUBE, the leader in live enterprise and emerging tech coverage. See you tomorrow. (gentle music fades)

Upbeat music plays >> Voice Over: TheCUBE presents Ignite 22, brought to you by Palo Alto Networks. >> Good morning everyone. Welcome to theCUBE. Lisa Martin here with Dave Vellante. We are live at Palo Alto Networks Ignite. This is the 10th annual Ignite. There's about 3,000 people here, excited to really see where this powerhouse organization is taking security. Dave, it's great to be here. Our first time covering Ignite. People are ready to be back. They.. and security is top. It's a board level conversation. >> It is the other Ignite, I like to call it cuz of course there's another big company has a conference name Ignite, so I'm really excited to be here. Palo Alto Networks, a company we've covered for a number of years, as we just wrote in our recent breaking analysis, we've called them the gold standard but it's not just our opinion, we've backed it up with data. The company's on track. We think to do close to 7 billion in revenue by 2023. That's double it's 2020 revenue. You can measure it with execution, market cap M and A prowess. I'm super excited to have the CEO here. >> We have the CEO here, Nikesh Arora joins us from Palo Alto Networks. Nikesh, great to have you on theCube. Thank you for joining us. >> Well thank you very much for having me Lisa and Dave >> Lisa: It was great to see your keynote this morning. You said that, you know fundamentally security is a data problem. Well these days every company has to be a data company. Grocery stores, gas stations, car dealers. How is Palo Alto networks making customers, these data companies, more secure? >> Well Lisa, you know, (coughs) I've only done cybersecurity for about four, four and a half years so when I came to the industry I was amazed to see how security is so reactive as opposed to proactive. We should be able to stop bad threats, right? as they're happening. But I think a lot of threats get through because we don't have the right infrastructure and the right tooling and right products in there. So I think we've been working hard for the last four and a half years to turn it around so we can have consistent data flow across an enterprise and then mine that data for threats and anomalous behavior and try and protect our customers. >> You know the problem, I wrote this, this weekend, the problem in cybersecurity is well understood, you put up that Optiv graph and it's like 8,000 companies >> Yes >> and I think you mentioned your keynote on average, you know 30 to 40 tools, maybe 50, at least 20, >> Yes. >> from the folks that I talked to. So, okay, great, but actually solving that problem is not trivial. To be a consolidator, I mean, everybody wants to consolidate tools. So in your three to four years and security as you well know, it's, you can't fake security. It's a really, really challenging topic. So when you joined Palo Alto Networks and you heard that strategy, I know you guys have been thinking about this for some time, what did you see as the challenges to actually executing on that and how is it that you've been able to sort of get through that knot hole. >> So Dave, you know, it's interesting if you look at the history of cybersecurity, I call them the flavor of the decade, a flare, you know a new threat vector gets created, very large market gets created, a solution comes through, people flock, you get four or five companies will chase that opportunity, and then they become leaders in that space whether it's firewalls or endpoints or identity. And then people stick to their swim lane. The problem is that's a very product centric approach to security. It's not a customer-centric approach. The customer wants a more secure enterprise. They don't want to solve 20 different solutions.. problems with 20 different point solutions. But that's kind of how the industry's grown up, and it's been impossible for a large security company in one category, to actually have a substantive presence in the next category. Now what we've been able to do in the last four and a half years is, you know, from our firewall base we had resources, we had intellectual capability from a security perspective and we had cash. So we used that to pay off our technical debt. We acquired a bunch of companies, we created capability. In the last three years, four years we've created three incremental businesses which are all on track to hit a billion dollars the next 12 to 18 months. >> Yeah, so it's interesting on Twitter last night we had a little conversation about acquirers and who was a good, who was not so good. It was, there was Oracle, they came up actually very high, they'd done pretty, pretty good Job, VMware was on the list, IBM, Cisco, ServiceNow. And if you look at IBM and Cisco's strategy, they tend to be very services heavy, >> Mm >> right? How is it that you have been able to, you mentioned get rid of your technical debt, you invested in that. I wonder if you could, was it the, the Cloud, even though a lot of the Cloud was your own Cloud, was that a difference in terms of your ability to integrate? Because so many companies have tried it in the past. Oracle I think has done a good job, but it took 'em 10 to 12 years, you know, to, to get there. What was the sort of secret sauce? Is it culture, is it just great engineering? >> Dave it's a.. thank you for that. I think, look, it's, it's a mix of everything. First and foremost, you know, there are certain categories we didn't play in so there was nothing to integrate. We built a capability in a category in automation. We didn't have a product, we acquired a company. It's a net new capability in instant response. We didn't have a capability. It was net new capability. So there was, there was, other than integrating culturally and into the organization into our core to market processes there was no technical integration needed. Most of our technical integration was needed in our Cloud platform, which we bought five or six companies, we integrated then we just bought one recently called cyber security as well, which is going to get integrated in the Cloud platform. >> Dave: Yeah. >> And the thing is like, the Cloud platform is net new in the industry. We.. nobody's created a Cloud security platform yet, so we're working hard to create it because we don't want to replicate the mistakes of the past, that were made in enterprise security, in Cloud security. So it's a combination of cultural integration it's a combination of technical integration. The two things we do differently I think, than most people in the industry is look, we have no pride of, you know of innovations. Like, if somebody else has done it, we respect it and we'll acquire it, but we always want to acquire number one or number two in their category. I don't want number three or four. There's three or four for a reason and there still leaves one or two out there to compete with. So we've always acquired one or two, one. And the second thing, which is as important is most of these companies are in the early stage of development. So it's very important for the founding team to be around. So we spend a lot of time making sure they stick around. We actually make our people work for them. My principle is, listen, if they beat us in the open market with all our resources and our people, then they deserve to run this as opposed to us. So most of our new product categories are run by founders of companies required. >> So a little bit of Jack Welch, a little bit of Franks Lubens is a, you know always deference to the founders. But go ahead Lisa. >> Speaking of cultural transformation, you were mentioning your keynote this morning, there's been a significant workforce transformation at Palo Alto Networks. >> Yeah >> Talk a little bit about that, cause that's a big challenge, for many organizations to achieve. Sounds like you've done it pretty well. >> Well you know, my old boss, Eric Schmidt, used to say, 'revenue solves all known problems'. Which kind of, you know, it is a part joking, part true, but you know as Dave mentioned, we've doubled or two and a half time the revenues in the last four and a half years. That allows you to grow, that allows you to increase headcount. So we've gone from four and a half thousand people to 14,000 people. Good news is that's 9,500 people are net new to the company. So you can hire a whole new set of people who have new skills, new capabilities and there's some attrition four and a half thousand, some part of that turns over in four and a half years, so we effectively have 80% net new people, and the people we have, who are there from before, are amazing because they've built a phenomenal firewall business. So it's kind of been right sized across the board. It's very hard to do this if you're not growing. So you got to focus on growing. >> Dave: It's like winning in sports. So speaking of firewalls, I got to ask you does self-driving cars need brakes? So if I got a shout out to my friend Zeus Cararvela so like that's his line about why you need firewalls, right? >> Nikesh: Yes. >> I mean you mentioned it in your keynote today. You said it's the number one question that you get. >> and I don't get it why P industry observers don't go back and say that's, this is ridiculous. The network traffic is doubling or tripling. (clears throat) In fact, I gave an interesting example. We shut down our data centers, as I said, we are all on Google Cloud and Amazon Cloud and then, you know our internal team comes in, we'd want a bigger firewall. I'm like, why do you want a bigger firewall? We shut down our data centers as well. The traffic coming in and out of our campus is doubled. We need a bigger firewall. So you still need a firewall even if you're in the Cloud. >> So I'm going to come back to >> Nikesh: (coughs) >> the M and A strategy. My question is, can you be both best of breed and develop a comprehensive suite number.. part one and part one A of that is do you even have to, because generally sweets win out over best of breed. But what, how do you, how do you respond? >> Well, you know, this is this age old debate and people get trapped in that, I think in my mind, and let me try and expand the analogy which I tried to do up in my keynote. You know, let's assume that Oracle, Microsoft, Dynamics and Salesforce did not exist, okay? And you were running a large company of 50,000 people and your job was to manage the customer process which easier to understand than security. And I said, okay, guess what? I have a quoting system and a lead system but the lead system doesn't talk to my coding system. So I get leads, but I don't know who those customers. And I write codes for a whole new set of customers and I have a customer database. Then when they come as purchase orders, I have a new database with all the customers who've bought something from me, and then when I go get them licensing I have a new database and when I go have customer support, I have a fifth database and there are customers in all five databases. You'll say Nikesh you're crazy, you should have one customer database, otherwise you're never going to be able to make this work. But security is the same problem. >> Dave: Mm I should.. I need consistency in data from suit to nuts. If it's in Cloud, if you're writing code, I need to understand the security flaws before they go into deployment, before they go into production. We for somehow ridiculously have bought security like IT. Now the difference between IT and security is, IT is required to talk to each other, so a Dell server and HP server work very similarly but a Palo Alto firewall and a Checkpoint firewall Fortnight firewall work formally differently. And then how that transitions into endpoints is a whole different ball game. So you need consistency in data, as Lisa was saying earlier, it's a data problem. You need consistency as you traverse to the enterprise. And that's why that's the number one need. Now, when you say best of breed, (coughs) best of breed, if it's fine, if it's a specific problem that you're trying to solve. But if you're trying to make sure that's the data flow that happens, you need both best of breed, you know, technology that stops things and need integration on data. So what we are trying to do is we're trying to give people best to breed solutions in the categories they want because otherwise they won't buy us. But we're also trying to make sure we stitch the data. >> But that definition of best of breed is a little bit of nuance than different in security is what I'm hearing because that consistency >> Nikesh: (coughs) Yes, >> across products. What about across Cloud? You mentioned Google and Amazon. >> Yeah so that's great question. >> Dave: Are you building the security super Cloud, I call it, above the Cloud? >> It's, it's not, it's, less so a super Cloud, It's more like Switzerland and I used to work at Google for 10 years, not a secret. And we used to sell advertising and we decided to go into pub into display ads or publishing, right. Now we had no publishing platform so we had to be good at everybody else's publishing platform >> Dave: Mm >> but we never were able to search ads for everybody else because we only focus on our own platform. So part of it is when the Cloud guys they're busy solving security for their Cloud. Google is not doing anything about Amazon Cloud or Microsoft Cloud, Microsoft's Azure, right? AWS is not doing anything about Google Cloud or Azure. So what we do is we don't have a Cloud. Our job in providing Cloud securities, be Switzerland make sure it works consistently across every Cloud. Now if you try to replicate what we offer Prisma Cloud, by using AWS, Azure and GCP, you'd have to first of all, have three panes of glass for all three of them. But even within them they have four panes of glass for the capabilities we offer. So you could end up with 12 different interfaces to manage a development process, we give you one. Now you tell me which is better. >> Dave: Sounds like a super Cloud to me Lisa (laughing) >> He's big on super Cloud >> Uber Cloud, there you >> Hey I like that, Uber Cloud. Well, so I want to understand Nikesh, what's realistic. You mentioned in your keynote Dave, brought it up that the average organization has 30 to 50 tools, security tools. >> Nikesh: Yes, yes >> On their network. What is realistic for from a consolidation perspective where Palo Alto can come in and say, let me make this consistent and simple for you. >> Well, I'll give you your own example, right? (clears throat) We're probably sub 10 substantively, right? There may be small things here and there we do. But on a substantive protecting the enterprise perspective you be should be down to eight or 10 vendors, and that is not perfect but it's a lot better than 50, >> Lisa: Right? >> because don't forget 50 tools means you have to have capability to understand what those 50 tools are doing. You have to have the capability to upgrade them on a constant basis, learn about their new capabilities. And I just can't imagine why customers have two sets of firewalls right. Now you got to learn both the files on how to deploy both them. That's silly because that's why we need 7 million more people. You need people to understand, so all these tools, who work for companies. If you had less tools, we need less people. >> Do you think, you know I wrote about this as well, that the security industry is anomalous and that the leader has, you know, single digit, low single digit >> Yes >> market shares. Do you think that you can change that? >> Well, you know, when I started that was exactly the observation I had Dave, which you highlighted in your article. We were the largest by revenue, by small margin. And we were one and half percent of the industry. Now we're closer to three, three to four percent and we're still at, you know, like you said, going to be around $7 billion. So I see a path for us to double from here and then double from there, and hopefully as we keep doubling and some point in time, you know, I'd like to get to double digits to start with. >> One of the things that I think has to happen is this has to grow dramatically, the ecosystem. I wonder if you could talk about the ecosystem and your strategy there. >> Well, you know, it's a matter of perspective. I think we have to get more penetrated in our largest customers. So we have, you know, 1800 of the top 2000 customers in the world are Palo Alto customers. But we're not fully penetrated with all our capabilities and the same customers set, so yes the ecosystem needs to grow, but the pandemic has taught us the ecosystem can grow wherever they are without having to come to Vegas. Which I don't think is a bad thing to be honest. So the ecosystem is growing. You are seeing new players come to the ecosystem. Five years ago you didn't see a lot of systems integrators and security. You didn't see security offshoots of telecom companies. You didn't see the Optivs, the WWTs, the (indistinct) of the world (coughs) make a concerted shift towards consolidation or services and all that is happening >> Dave: Mm >> as we speak today in the audience you will find people from Google, Amazon Microsoft are sitting in the audience. People from telecom companies are sitting in the audience. These people weren't there five years ago. So you are seeing >> Dave: Mm >> the ecosystem's adapting. They're, they want to be front and center of solving the customer's problem around security and they want to consolidate capability, they need. They don't want to go work with a hundred vendors because you know, it's like, it's hard. >> And the global system integrators are key. I always say they like to eat at the trough and there's a lot of money in security. >> Yes. >> Dave: (laughs) >> Well speaking of the ecosystem, you had Thomas Curry and Google Cloud CEO in your fireside chat in the keynote. Talk a little bit about how Google Cloud plus Palo Alto Networks, the Zero Trust Partnership and what it's enable customers to achieve. >> Lisa, that's a great question. (clears his throat) Thank you for bringing it up. Look, you know the, one of the most fundamental shifts that is happening is obviously the shift to the Cloud. Now when that shift fully, sort of, takes shape you will realize if your network has changed and you're delivering everything to the Cloud you need to go figure out how to bring the traffic to the Cloud. You don't have to bring it back to your data center you can bring it straight to the Cloud. So in that context, you know we use Google Cloud and Amazon Cloud, to be able to carry our traffic. We're going from a product company to a services company in addition, right? Cuz when we go from firewalls to SASE we're not carrying your traffic. When we carry our traffic, we need to make sure we have underlying capability which is world class. We think GCP and AWS and Azure run some of the biggest and best networks in the world. So our partnership with Google is such that we use their public Cloud, we sit on top of their Cloud, they give us increased enhanced functionality so that our customers SASE traffic gets delivered in priority anywhere in the world. They give us tooling to make sure that there's high reliability. So you know, we partner, they have Beyond Corp which is their version of Zero Trust which allows you to take unmanaged devices with browsers. We have SASE, which allows you to have managed devices. So the combination gives our collective customers the ability for Zero Trust. >> Do you feel like there has to be more collaboration within the ecosystem, the security, you know, landscape even amongst competitors? I mean I think about Google acquires Mandiant. You guys have Unit 42. Should and will, like, Wendy Whitmore and maybe they already are, Kevin Mandia talk more and share more data. If security's a data problem is all this data >> Nikesh: Yeah look I think the industry shares threat data, both in private organizations as well as public and private context, so that's not a problem. You know the challenge with too much collaboration in security is you never know. Like you know, the moment you start sharing your stuff at third parties, you go out of Secure Zone. >> Lisa: Mm >> Our biggest challenge is, you know, I can't trust a third party competitor partner product. I have to treat it with as much suspicion as anything else out there because the only way I can deliver Zero Trust is to not trust anything. So collaboration in Zero Trust are a bit of odds with each other. >> Sounds like another problem you can solve >> (laughs) >> Nikesh last question for you. >> Yes >> Favorite customer or example that you think really articulates the value of what Palo Alto was delivering? >> Look you know, it's a great question, Lisa. I had this seminal conversation with a customer and I explained all those things we were talking about and the customer said to me, great, okay so what do I need to do? I said, fun, you got to trust me because you know, we are on a journey, because in the past, customers have had to take the onus on themselves of integrating everything because they weren't sure a small startup will be independent, be bought by another cybersecurity company or a large cybersecurity company won't get gobbled up and split into pieces by private equity because every one of the cybersecurity companies have had a shelf life. So you know, our aspiration is to be the evergreen cybersecurity company. We will always be around and we will always tackle innovation and be on the front line. So the customer understood what we're doing. Over the last three years we've been working on a transformation journey with them. We're trying to bring them, or we have brought them along the path of Zero Trust and we're trying to work with them to deliver this notion of reducing their meantime to remediate from days to minutes. Now that's an outcome based approach that's a partnership based approach and we'd like, love to have more and more customers of that kind. I think we weren't ready to be honest as a company four and a half years ago, but I think today we're ready. Hence my keynote was called The Perfect Storm. I think we're at the right time in the industry with the right capabilities and the right ecosystem to be able to deliver what the industry needs. >> The perfect storm, partners, customers, investors, employees. Nikesh, it's been such a pleasure having you on theCUBE. Thank you for coming to talk to Dave and me right after your keynote. We appreciate that and we look forward to two days of great coverage from your executives, your customers, and your partners. Thank you. >> Well, thank you for having me, Lisa and Dave and thank you >> Dave: Pleasure >> for what you guys do for our industry. >> Our pleasure. For Nikesh Arora and Dave Vellante, I'm Lisa Martin, you're watching theCUBE live at MGM Grand Hotel in Las Vegas, Palo Alto Ignite 22. Stick around Dave and I will be joined by our next guest in just a minute. (cheerful music plays out)

>> Narrator: "TheCUBE" presents Ignite 22. Brought to you by Palo Alto Networks. >> Hey everyone. Welcome back to "TheCUBE's" live coverage of Palo Alto Network's Ignite 22 from the MGM Grand in beautiful Las Vegas. I am Lisa Martin here with Dave Vellante. Dave, we just had a great conversa- First of all, we got to hear the keynote, most of it. We also just had a great conversation with the CEO and chairman of Palo Alto Networks, Nikesh Arora. You know, this is a company that was founded back in 2005, he's been there four years, a lot has happened. A lot of growth, a lot of momentum in his tenure. You were saying in your breaking analysis, that they are on track to nearly double revenues from FY 20 to 23. Lots of momentum in this cloud security company. >> Yeah, I'd never met him before. I mean, I've been following a little bit. It's interesting, he came in as, sort of, a security outsider. You know, he joked today that he, the host, I forget the guy's name on the stage, what was his name? Hassan. Hassan, he said "He's the only guy in the room that knows less about security than I do." Because, normally, this is an industry that's steeped in deep expertise. He came in and I think is given a good compliment to the hardcore techies at Palo Alto Network. The company, it's really interesting. The company started out building their own data centers, they called it. Now they look back and call it cloud, but it was their own data centers, kind of like Salesforce did, it's kind of like ServiceNow. Because at the time, you really couldn't do it in the public cloud. The public cloud was a little too unknown. And so they needed that type of control. But Palo Alto's been amazing story since 2020, we wrote about this during the pandemic. So what they did, is they began to pivot to the the true cloud native public cloud, which is kind of immature still. They don't tell you that, but it's kind of still a little bit immature, but it's working. And when they were pivoting, it was around the same time, at Fortinet, who's a competitor there's like, I call 'em a poor man's Palo Alto, and Fortinet probably hates that, but it's kind of true. It's like a value play on a comprehensive platform, and you know Fortinet a little bit. And so, but what was happening is Fortinet was executing on its cloud strategy better than Palo Alto. And there was a real divergence in the valuations of these stocks. And we said at the time, we felt like Palo Alto, being the gold standard, would get through it. And they did. And what's happened is interesting, I wrote about this two weeks ago. If you go back to the pandemic, peak of the pandemic, or just before the peak, kind of in that tech bubble, if you will. Splunk's down 44% from that peak, Okta's down, sorry, not down 44%. 44% of the peak. Okta's 22% of their peak. CrowdStrike, 41%, Zscaler, 36%, Fortinet, 71%. Not so bad. Palo Altos maintained 93% of its peak value, right? So it's a combination of two things. One is, they didn't run up as much during the pandemic, and they're executing through their cloud strategy. And that's provided a sort of softer landing. And I think it's going to be interesting to see where they go from here. And you heard Nikesh, we're going to double, and then double again. So that's 7 billion, 14 billion, heading to 30 billion. >> Lisa: Yeah, yeah. He also talked about one of the things that he's done in his tenure here, as really a workforce transformation. And we talk all the time, it's not just technology and processes, it's people. They've also seemed to have done a pretty good job from a cultural transformation perspective, which is benefiting their customers. And they're also growing- The ecosystem, we talked a little bit about the ecosystem with Nikesh. We've got Google Cloud on, we've got AWS on the program today alone, talking about the partnerships. The ecosystem is expanding, as well. >> Have you ever met Nir Zuk? >> I have not, not yet. >> He's the founder and CTO. I haven't, we've never been on "theCUBE." He was supposed to come on one day down in New York City. Stu and I were going to interview him, and he cut out of the conference early, so we didn't interview him. But he's a very opinionated dude. And you're going to see, he's basically going to come on, and I mean, I hope he is as opinionated on "TheCUBE," but he'll talk about how the industry has screwed it up. And Nikesh sort of talked about that, it's a shiny new toy strategy. Oh, there's another one, here's another one. It's the best in that category. Okay, let's get, and that's how we've gotten to this point. I always use that Optive graphic, which shows the taxonomy, and shows hundreds and hundreds of suppliers in the industry. And again, it's true. Customers have 20, 30, sometimes 40 different tool sets. And so now it's going to be interesting to see. So I guess my point is, it starts at the top. The founder, he's an outspoken, smart, tough Israeli, who's like, "We're going to take this on." We're not afraid to be ambitious. And so, so to your point about people and the culture, it starts there. >> Absolutely. You know, one of the things that you've written about in your breaking analysis over the weekend, Nikesh talked about it, they want to be the consolidator. You see this as they're building out the security supercloud. Talk to me about that. What do you think? What is a security supercloud in your opinion? >> Yeah, so let me start with the consolidator. So Palo Alto obviously is executing on that strategy. CrowdStrike as well, wants to be a consolidator. I would say Zscaler wants to be a consolidator. I would say that Microsoft wants to be a consolidator, so does Cisco. So they're all coming at it from different angles. Cisco coming at it from network security, which is Palo Alto's wheelhouse, with their next gen firewalls, network security. What Palo Alto did was interesting, was they started out with kind of a hardware based firewall, but they didn't try to shove everything into it. They put the other function in there, their cloud. Zscaler. Zscaler is the one running around saying you don't need firewalls anymore. Just run everything through our cloud, our security cloud. I would think that as Zscaler expands its TAM, it's going to start to acquire, and do similar types of things. We'll see how that integrates. CrowdStrike is clearly executing on a similar portfolio strategy, but they're coming at it from endpoint, okay? They have to partner for network security. Cisco is this big and legacy, but they've done a really good job of acquiring and using services to hide some of that complexity. Microsoft is, you know, they probably hate me saying this, but it's the just good enough strategy. And that may have hurt CrowdStrike last quarter, because the SMB was a soft, we'll see. But to specifically answer your question, the opportunity, we think, is to build the security supercloud. What does that mean? That means to have a common security platform across all clouds. So irrespective of whether you're running an Amazon, whether you're running an on-prem, Google, or Azure, the security policies, and the edicts, and the way you secure your enterprise, look the same. There's a PaaS layer, super PaaS layer for developers, so that that the developers can secure their code in a common framework across cloud. So that essentially, Nikesh sort of balked at it, said, "No, no, no, we're not, we're not really building a super cloud." But essentially they kind of are headed in that direction, I think. Although, what I don't know, like CrowdStrike and Microsoft are big competitors. He mentioned AWS and Google. We run on AWS, Google, and in their own data centers. That sounds like they don't currently run a Microsoft. 'Cause Microsoft is much more competitive with the security ecosystem. They got Identity, so they compete with Okta. They got Endpoint, so they compete with CrowdStrike, and Palo Alto. So Microsoft's at war with everybody. So can you build a super cloud on top of the clouds, the hyperscalers, and not do Microsoft? I would say no. >> Right. >> But there's nothing stopping Palo Alto from running in the Microsoft cloud. I don't know if that's a strategy, we should ask them. >> Yeah. They've done a great job in our last few minutes, of really expanding their TAM in the last few years, particularly under Nikesh's leadership. What are some of the things that you heard this morning that you think, really they've done a great job of expanding that TAM. He talked a little bit about, I didn't write the number down, but he talked a little bit about the market opportunity there. What do you see them doing as being best of breed for organizations that have 30 to 50 tools and need to consolidate that? >> Well the market opportunity's enormous. >> Lisa: It is. >> I mean, we're talking about, well north of a hundred billion dollars, I mean 150, 180, depending on whose numerator you use. Gartner, IDC. Dave's, whatever, it's big. Okay, and they've got... Okay, they're headed towards 7 billion out of 180 billion, whatever, again, number you use. So they started with network security, they put most of the network function in the cloud. They moved to Endpoint, Sassy for the edge. They've done acquisitions, the Cortex acquisition, to really bring automated threat intelligence. They just bought Cider Security, which is sort of the shift left, code security, developer, assistance, if you will. That whole shift left, protect right. And so I think a lot of opportunities to continue to acquire best of breed. I liked what Nikesh said. Keep the founders on board, sell them on the mission. Let them help with that integration and putting forth the cultural aspects. And then, sort of, integrate in. So big opportunities, do they get into Endpoint and compete with Okta? I think Okta's probably the one sort of outlier. They want to be the consolidator of identity, right? And they'll probably partner with Okta, just like Okta partners with CrowdStrike. So I think that's part of the challenge of being the consolidator. You're probably not going to be the consolidator for everything, but maybe someday you'll see some kind of mega merger of these companies. CrowdStrike and Okta, or Palo Alto and Okta, or to take on Microsoft, which would be kind of cool to watch. >> That would be. We have a great lineup, Dave. Today and tomorrow, full days, two full days of cube coverage. You mentioned Nir Zuk, we already had the CEO on, founder and CTO. We've got the chief product officer coming on next. We've got chief transformation officer of customers, partners. We're going to have great conversations, and really understand how this organization is helping customers ultimately achieve their SecOps transformation, their digital transformation. And really moved the needle forward to becoming secure data companies. So I'm looking forward to the next two days. >> Yeah, and Wendy Whitmore is coming on. She heads Unit 42, which is, from what I could tell, it's pretty much the competitor to Mandiant, which Google just bought. We had Kevin Mandia on at September at the CrowdStrike event. So that's interesting. That's who I was poking Nikesh a little bit on industry collaboration. You're tight with Google, and then he had an interesting answer. He said "Hey, you start sharing data, you don't know where it's going to go." I think Snowflake could help with that problem, actually. >> Interesting. >> Yeah, little Snowflake and some of the announcements ar Reinvent with the data clean rooms. Data sharing, you know, trusted data. That's one of the other things we didn't talk about, is the real tension in between security and regulation. So the regulators in public policy saying you can't move the data out of the country. And you have to prove to me that you have a chain of custody. That when you say you deleted something, you have to show me that you not only deleted the file, then the data, but also the metadata. That's a really hard problem. So to my point, something that Palo Alto might be able to solve. >> It might be. It'll be an interesting conversation with Unit 42. And like we said, we have a great lineup of guests today and tomorrow with you, so stick around. Lisa Martin and Dave Vellante are covering Palo Alto Networks Ignite 22 for you. We look forward to seeing you in our next segment. Stick around. (light music)

>>Hey everyone, welcome to the cube. Lisa Martin here with Kevin Depu, senior Director Future Server Architecture at hpe. Kevin, it's great to have you on the program. You're gonna be breaking down everything that's exciting and compelling about Gen 11. How are you today? >>Thanks Lisa, and I'm doing great. >>Good, good, good. So let's talk about ProLiant Gen 11, the next generation of compute. I read some great stats on hpe.com. I saw that Gen 11 added 28 new world records while delivering up to 99% higher performance and 43% more energy efficiency than the previous version. That's amazing. Talk to me about Gen 11. What makes this update so compelling? >>Well, you talked about some of the stats regarding the performance and the power efficiency, and those are excellent. We partnered with amd, we've got excellent performance on these platforms. We have excellent power efficiency, but the advantage of this platform go beyond that. Today we're gonna talk a lot about cybersecurity and we've got a lot of security capabilities in these platforms. We've built on top of the security capabilities that we've had, generation over generation, we've got some new exciting capabilities we'll be talking about. So whether it's the performance, whether it's power efficient, whether it's security, all those capabilities are in this platform. Security is part of our dna. We put it into the design from the very beginning, and we've partnered with AMD to deliver what we think is a very compelling story. >>The security piece is absolutely critical. The to, we could have a, you know, an entire separate conversation on the cybersecurity landscape and the changes there. But one of the things I also noticed in the material on Gen 11 is that HPE says it's fundamental. What do you mean by that and what's new that makes it so fundamental? >>Well, by saying it's fundamental is security is a fundamental part of the platform. You need systems that are reliable. You need systems that have excellent performance. You need systems that are, have very good power efficiency, those things you talked about before, those are all very important to have a good server, but security's a part that's absolutely critical as well. So security is one of the fundamental capabilities of the platform. I had mentioned. We built on top of capabilities, capabilities like our silicon root of trust, which ensures that the firmware stack on these platforms is not compromised. Those are continuing this platform and have been expanded on. We have our trusted supply chain and we've expanded on that as well. We have a lot of security capabilities, our platform certificates, our IEB IDs. There's just a lot of security capabilities that are absolutely fundamental to these being a good solution because as we said, security is fundamental. It's an absolutely critical part of these platforms. >>Absolutely. For companies in every industry. I wanna talk a little bit about about one of the other things that HPE describes Gen 11 as as being uncompromising. And I wanted to understand what that means and what's the value add in it for customers? >>Yeah. Well, by uncompromising means we can't compromise on security. Security to what I said before, it's fundamental. It can't be promised. You have to have security be strong on these platforms. So one of the capabilities, which we're specifically talking about when we talk about Uncompromising is a capability called spdm. We've extended our silicon root of trust, which is one of our key technologies we've had since our Gen 10 platforms. We've extended that through something called spdm. We saw a problem in the industry with the ability to authenticate option cards and other devices in the system. Silicon Root of Trust verified many pieces of firmware in the platform, but one piece that it wasn't verifying was the option cards. And we needed, we knew we needed to solve this problem and we knew we couldn't do it a hundred percent on our own because we needed to work with our partners, whether it's a storage option card, a nick, or even devices in the future, we needed to make sure that we could verify that those were what they were meant to be. >>They weren't compromised, they weren't maliciously compromised and that we could authenticate them. So we worked with industry standards bodies to create the S P M specification. And what that allows us to do is authenticate the option cards in the systems. So that's one of our new capabilities that we've added in these platforms. So we've gone beyond securing all of the things that Silicon Real Trust secured in the past to extending that to the option cards and their firmware as well. So when we boot up one of these platforms, when we hand off to the OS and to the the customers software solution, they can be, they can rest assured that all the things that have run all that, that platform is not compromised. A bad guy has not gone in and changed things and that includes a bad guy with physical access to the platform. So that's why we have unpromised security in these platforms. >>Outstanding. That sounds like great work that's been done there and giving customers that piece of mind where security is concerned is table stakes for everybody across the organization. Kevin, you mentioned partners. I know HPE is extending protection to the partner ecosystem. I wanted to get a little bit more info on that from you. >>Yeah, we've worked with our option co card vendors, numerous partners across the industry to support spdm. We were the ones who kind of went to the, the industry standards bodies and said, we need to solve this problem. And we had agreement from everybody. Everybody agrees this is a problem that had to be solved. So, but to solve it, you've gotta have a partnership. We can't just do it on our own. There's a lot of things that we HPE can solve on our own. This is not one of them to be able to get a method that we could authenticate and trust the option cards in the system. We needed to work with our option card vendors. So that's something that we, we did. And we use also some capabilities that we work with some of our processor vendor partners as well. So working with partners across the industry, we were able to deliver spdm. >>So we know that option card, whether it's a storage card or a Nick Card or, or GPUs in the future, those, those may not be there from day one, but we know that those option cards are what they intended because you could do an attack where you compromise the option card, you compromise the firmware in that option card and option cards have the ability to read and write to memory using something called dma. And if those cards are running firmware that's being created by a bad guy, they can do a lot of, of very costly attacks. I mean we, there's a lot of statistics that showed just how, how costly cybersecurity attacks are. If option cards have been compromised, you can do some really bad things. So this is how we can trust those option cards. And we had to partner with those, those partners in the industry to both define the spec and both sides had to implement to that specification so that we could deliver the solution we're delivering. >>HPE is such a strong partner ecosystem. You did a great job of articulating the value in this for customers. From a security perspective, I know that you're also doing a lot of collaboration and work with amd. Talk to me a little bit about that and the value in it for your joint customers. >>Yeah, absolutely. AMD is a longstanding partner. We actually started working with AMD about 20 years ago when we delivered our first AMD opton based platform, the HP pro, HP Pliant, DL 5 85. So we've got a long engineering relationship with AMD and we've been making products with AMD since they introduced their epic generation processor in 2017. That's when AMD really upped the secure their security game. They created capabilities with their AMD secure processor, their secure encryption virtualization, their memory encryption technologies. And we work with AMD long before platforms actually release. So they come to us with their ideas, their designs, we collaborate with them on things we think are valuable when we see areas where they can do things better, we provide feedback. So we really have a partnership to make these processors better. And it's not something where we just work with them for a short amount of time and deliver a product. >>We're working with them for years before those products come out. So that partnership allows both parties to create better platforms cuz we understand what they're capable of, they understand what our needs are as a, as a server provider. And so we help them make their processors better and they help us make our products better. And that extends in all areas, whether it's performance, power, efficiency, but very importantly in what we're talking about here, security. So they have got an excellent security story with all of their technologies. Again, memory encryption. They, they've got some exceptional technologies there. All their secure encryption, virtualization to secure virtualized environments, those are all things that they excel at. And we take advantage of those in our designs. We make sure that those so work with our servers as part of a solution >>Sounds like a very deeply technically integrated and longstanding relationship that's really symbiotic for both sides. I wanted to get some information from you on HPE server security optimized service. Talk to me about what that is. How does that help HP help its customers get around some of those supply chain challenges that are persistent? >>Yeah, what that is is with our previous generation of products, we announced something called our HPE trusted supply chain and but that was focused on the US market with the solution for gen 11. We've expanded that to other markets. It's, it's available from factories other than the ones in our us it's available for shipping products to other geographies. So what that really was is taking the HPE trusted supply chain and expanding it to additional geographies throughout the world, which provides a big, big benefit for our non-US based customers. And what that is, is we're trying to make sure that the server that we ship out of our factories is indeed exactly what that customer is getting. So try to prevent any possibility of attack in the supply chain going from our factories to the customer. And if there is an attack, we can detect it and the customer knows about it. >>So they won't deploy a system that's been compromised cuz there, there have been high profile cases of supply chain attacks. We don't want to have that with our, our customers buying our Reliant products. So we do things like enable you I Secure Boot, which is an ability to authenticate the, what's called a u i option ROM driver on option cards. That's enabled by default. Normally that's not enabled by default. We enable our high security mode in our ILO product. We include our intrusion tech detection technology option, which is an optional feature, but it's their standard when you buy one of the boxes with this, this capability, this trusted supply chain capability. So there's a lot of capabilities that get enabled at the factory. We also enable server configuration lock, which allows a customer to detect, get a bad guy, modify anything in the platform when it transits from our factory to them. So what it allows a customer to do is get that platform and know that it is indeed what it is intended to be and that it hasn't been attacked and we've now expanded that to many geographies throughout the world. >>Excellent. So much more coverage across the world, which is so incredibly important. As cyber attacks continue to rise year over year, the the ransomware becomes a household word, the ransoms get even more expensive, especially considering the cybersecurity skills gap. I'm just wondering what are some of the, the ways in which everything that you've described with Gen 11 and the HPE partner ecosystem with A and B for example, how does that help customers to get around that security skills gap that is present? >>Well, the key thing there is we care about our customer security. So as I mentioned, security is in our dna. We do, we consider security in everything. We do every update to firm where we make, when we do the hardware design, whatever we're doing, we're always considering what could a bad guy do? What could a bad guy take advantage of and attempt to prevent it. And AMD does the same thing. You can look at all the technologies they have in their AMD processor. They're, they're making sure their processor is secure. We're making sure our platform is secure so the customer doesn't have to worry about it. So that's something the customer can trust us. They can trust the amd so they know that that's not the area where they, they have to expend their bandwidth. They can extend their bandwidth on the security on other parts of the, the solution versus knowing that the platform and the CPU is secure. >>And beyond that, we create features and capabilities that they can take advantage of in the, in the case of amd, a lot of their capabilities are things that the software stack and the OS can take advantage of. We have capabilities on the client side that the software and that they can take advantage of, whether it's server configuration lock or whatever. We try to create features that are easy for them to use to make their environments more secure. So we're making things that can trust the platform, they can trust the processor, they don't have to worry about that. And then we have features and capabilities that lets them solve some of the problems easier. So we're, we're trying to, to help them with that skills gap by making certain things easier and making certain things that they don't even have to worry about. >>Right. It sounds like allowing them to be much more strategic about the security skills that they do have. My last question for you, Kevin, is Gen 11 available now? Where can folks go to get their hands on it? >>So Gen 11 was announced earlier this month. The products will actually be shipping before the end of this year, before the end of 2022. And you can go to our website and find all about our compute security. So it all that information's available on our website. >>Awesome. Kevin, it's been a pleasure talking to you, unpacking Gen 11, the value in it, why security is fundamental to the uncompromising nature with which HPE and partners have really updated the system and the rest of world coverage that you guys are enabling. We appreciate your insights on your time, Kevin. >>Thank you very much, Lisa. Appreciate >>It. And we want to let you and the audience know, check out hpe.com/info/compute for more info on 11. Thanks for watching.

hi everybody welcome back to re invent 2022. this is thecube's exclusive coverage we're here at the satellite set it's up on the fifth floor of the Venetian Conference Center and this is part of the global startup program the AWS startup showcase series that we've been running all through last year and and into this year with AWS and featuring some of its its Global Partners Ed wallson series the CEO of chaos search many times Cube Alum and Kevin Miller there's also a cube Alum vice president GM of S3 at AWS guys good to see you again yeah great to see you Dave hi Kevin this is we call this our Super Bowl so this must be like your I don't know uh World Cup it's a pretty big event yeah it's the World Cup for sure yeah so a lot of S3 talk you know I mean that's what got us all started in 2006 so absolutely what's new in S3 yeah it's been a great show we've had a number of really interesting launches over the last few weeks and a few at the show as well so you know we've been really focused on helping customers that are running Mass scale data Lakes including you know whether it's structured or unstructured data we actually announced just a few just an hour ago I think it was a new capability to give customers cross-account access points for sharing data securely with other parts of the organization and that's something that we'd heard from customers is as they are growing and have more data sets and they're looking to to get more out of their data they are increasingly looking to enable multiple teams across their businesses to access those data sets securely and that's what we provide with cross-count access points we also launched yesterday our multi-region access point failover capabilities and so again this is where customers have data sets and they're using multiple regions for certain critical workloads they're now able to to use that to fail to control the failover between different regions in AWS and then one other launch I would just highlight is some improvements we made to storage lens which is our really a very novel and you need capability to help customers really understand what storage they have where who's accessing it when it's being accessed and we added a bunch of new metrics storage lens has been pretty exciting for a lot of customers in fact we looked at the data and saw that customers who have adopted storage lens typically within six months they saved more than six times what they had invested in turning storage lens on and certainly in this environment right now we have a lot of customers who are it's pretty top of mind they're looking for ways to optimize their their costs in the cloud and take some of those savings and be able to reinvest them in new innovation so pretty exciting with the storage lens launch I think what's interesting about S3 is that you know pre-cloud Object Store was this kind of a niche right and then of course you guys announced you know S3 in 2006 as I said and okay great you know cheap and deep storage simple get put now the conversations about how to enable value from from data absolutely analytics and it's just a whole new world and Ed you've talked many times I love the term yeah we built chaos search on the on the shoulders of giants right and so the under underlying that is S3 but the value that you can build on top of that has been key and I don't think we've talked about his shoulders and Giants but we've talked about how we literally you know we have a big Vision right so hard to kind of solve the challenge to analytics at scale we really focus on the you know the you know Big Data coming environment get analytics so we talk about the on the shoulders Giants obviously Isaac Newton's you know metaphor of I learned from everything before and we layer on top so really when you talk about all the things come from S3 like I just smile because like we picked it up naturally we went all in an S3 and this is where I think you're going Dave but everyone is so let's just cut the chase like so any of the data platforms you're using S3 is what you're building but we did it a little bit differently so at first people using a cold storage like you said and then they ETL it up into a different platforms for analytics of different sorts now people are using it closer they're doing caching layers and cashing out and they're that's where but that's where the attributes of a scale or reliability are what we did is we actually make S3 a database so literally we have no persistence outside that three and that kind of comes in so it's working really well with clients because most of the thing is we pick up all these attributes of scale reliability and it shows up in the clients environments and so when you launch all these new scalable things we just see it like our clients constantly comment like one of our biggest customers fintech in uh Europe they go to Black Friday again black Friday's not one days and they lose scale from what is it 58 terabytes a day and they're going up to 187 terabytes a day and we don't Flinch they say how do you do that well we built our platform on S3 as long as you can stream it to S3 so they're saying I can't overrun S3 and it's a natural play so it's it's really nice that but we take out those attributes but same thing that's why we're able to you know help clients get you know really you know Equifax is a good example maybe they're able to consolidate 12 their divisions on one platform we couldn't have done that without the scale and the performance of what you can get S3 but also they saved 90 I'm able to do that but that's really because the only persistence is S3 and what you guys are delivering but and then we really for focus on shoulders Giants we're doing on top of that innovating on top of your platforms and bringing that out so things like you know we have a unique data representation that makes it easy to ingest this data because it's kind of coming at you four v's of big data we allow you to do that make it performant on s3h so now you're doing hot analytics on S3 as if it's just a native database in memory but there's no memory SSC caching and then multi-model once you get it there don't move it leverage it in place so you know elasticsearch access you know Cabana grafana access or SQL access with your tools so we're seeing that constantly but we always talk about on the shoulders of giants but even this week I get comments from our customers like how did you do that and most of it is because we built on top of what you guys provided so it's really working out pretty well and you know we talk a lot about digital transformation of course we had the pleasure sitting down with Adam solipski prior John Furrier flew to Seattle sits down his annual one-on-one with the AWS CEO which is kind of cool yeah it was it's good it's like study for the test you know and uh and so but but one of the interesting things he said was you know we're one of our challenges going forward is is how do we go Beyond digital transformation into business transformation like okay well that's that's interesting I was talking to a customer today AWS customer and obviously others because they're 100 year old company and they're basically their business was they call them like the Uber for for servicing appliances when your Appliance breaks you got to get a person to serve it a service if it's out of warranty you know these guys do that so they got to basically have a you know a network of technicians yeah and they gotta deal with the customers no phone right so they had a completely you know that was a business transformation right they're becoming you know everybody says they're coming a software company but they're building it of course yeah right on the cloud so wonder if you guys could each talk about what's what you're seeing in terms of changing not only in the sort of I.T and the digital transformation but also the business transformation yeah I know I I 100 agree that I think business transformation is probably that one of the top themes I'm hearing from customers of all sizes right now even in this environment I think customers are looking for what can I do to drive top line or you know improve bottom line or just improve my customer experience and really you know sort of have that effect where I'm helping customers get more done and you know it is it is very tricky because to do that successfully the customers that are doing that successfully I think are really getting into the lines of businesses and figuring out you know it's probably a different skill set possibly a different culture different norms and practices and process and so it's it's a lot more than just a like you said a lot more than just the technology involved but when it you know we sort of liquidate it down into the data that's where absolutely we see that as a critical function for lines of businesses to become more comfortable first off knowing what data sets they have what data they they could access but possibly aren't today and then starting to tap into those data sources and then as as that progresses figuring out how to share and collaborate with data sets across a company to you know to correlate across those data sets and and drive more insights and then as all that's being done of course it's important to measure the results and be able to really see is this what what effect is this having and proving that effect and certainly I've seen plenty of customers be able to show you know this is a percentage increase in top or bottom line and uh so that pattern is playing out a lot and actually a lot of how we think about where we're going with S3 is related to how do we make it easier for customers to to do everything that I just described to have to understand what data they have to make it accessible and you know it's great to have such a great ecosystem of partners that are then building on top of that and innovating to help customers connect really directly with the businesses that they're running and driving those insights well and customers are hours today one of the things I loved that Adam said he said where Amazon is strategically very very patient but tactically we're really impatient and the customers out there like how are you going to help me increase Revenue how are you going to help me cut costs you know we were talking about how off off camera how you know software can actually help do that yeah it's deflationary I love the quote right so software's deflationary as costs come up how do you go drive it also free up the team and you nail it it's like okay everyone wants to save money but they're not putting off these projects in fact the digital transformation or the business it's actually moving forward but they're getting a little bit bigger but everyone's looking for creative ways to look at their architecture and it becomes larger larger we talked about a couple of those examples but like even like uh things like observability they want to give this tool set this data to all the developers all their sres same data to all the security team and then to do that they need to find a way an architect should do that scale and save money simultaneously so we see constantly people who are pairing us up with some of these larger firms like uh or like keep your data dog keep your Splunk use us to reduce the cost that one and one is actually cheaper than what you have but then they use it either to save money we're saving 50 to 80 hard dollars but more importantly to free up your team from the toil and then they they turn around and make that budget neutral and then allowed to get the same tools to more people across the org because they're sometimes constrained of getting the access to everyone explain that a little bit more let's say I got a Splunk or data dog I'm sifting through you know logs how exactly do you help so it's pretty simple I'll use dad dog example so let's say using data dog preservability so it's just your developers your sres managing environments all these platforms are really good at being a monitoring alerting type of tool what they're not necessarily great at is keeping the data for longer periods like the log data the bigger data that's where we're strong what you see is like a data dog let's say you're using it for a minister for to keep 30 days of logs which is not enough like let's say you're running environment you're finding that performance issue you kind of want to look to last quarter in last month in or maybe last Black Friday so 30 days is not enough but will charge you two eighty two dollars and eighty cents a gigabyte don't focus on just 280 and then if you just turn the knob and keep seven days but keep two years of data on us which is on S3 it goes down to 22 cents plus our list price of 80 cents goes to a dollar two compared to 280. so here's the thing what they're able to do is just turn a knob get more data we do an integration so you can go right from data dog or grafana directly into our platform so the user doesn't see it but they save money A lot of times they don't just save the money now they use that to go fund and get data dog to a lot more people make sense so it's a creativity they're looking at it and they're looking at tools we see the same thing with a grafana if you look at the whole grafana play which is hey you can't put it in one place but put Prometheus for metrics or traces we fit well with logs but they're using that to bring down their costs because a lot of this data just really bogs down these applications the alerting monitoring are good at small data they're not good at the big data which is what we're really good at and then the one and one is actually less than you paid for the one so it and it works pretty well so things are really unpredictable right now in the economy you know during the pandemic we've sort of lockdown and then the stock market went crazy we're like okay it's going to end it's going to end and then it looked like it was going to end and then it you know but last year it reinvented just just in that sweet spot before Omicron so we we tucked it in which which was awesome right it was a great great event we really really missed one physical reinvent you know which was very rare so that's cool but I've called it the slingshot economy it feels like you know you're driving down the highway and you got to hit the brakes and then all of a sudden you're going okay we're through it Oh no you're gonna hit the brakes again yeah so it's very very hard to predict and I was listening to jassy this morning he was talking about yeah consumers they're still spending but what they're doing is they're they're shopping for more features they might be you know buying a TV that's less expensive you know more value for the money so okay so hopefully the consumer spending will get us out of this but you don't really know you know and I don't yeah you know we don't seem to have the algorithms we've never been through something like this before so what are you guys seeing in terms of customer Behavior given that uncertainty well one thing I would highlight that I think particularly going back to what we were just talking about as far as business and digital transformation I think some customers are still appreciating the fact that where you know yesterday you may have had to to buy some Capital put out some capital and commit to something for a large upfront expenditure is that you know today the value of being able to experiment and scale up and then most importantly scale down and dynamically based on is the experiment working out am I seeing real value from it and doing that on a time scale of a day or a week or a few months that is so important right now because again it gets to I am looking for a ways to innovate and to drive Top Line growth but I I can't commit to a multi-year sort of uh set of costs to to do that so and I think plenty of customers are finding that even a few months of experimentation gives them some really valuable insight as far as is this going to be successful or not and so I think that again just of course with S3 and storage from day one we've been elastic pay for what you use if you're not using the storage you don't get charged for it and I think that particularly right now having the applications and the rest of the ecosystem around the storage and the data be able to scale up and scale down is is just ever more important and when people see that like typically they're looking to do more with it so if they find you usually find these little Department projects but they see a way to actually move faster and save money I think it is a mix of those two they're looking to expand it which can be a nightmare for sales Cycles because they take longer but people are looking well why don't you leverage this and go across division so we do see people trying to leverage it because they're still I don't think digital transformation is slowing down but a lot more to be honest a lot more approvals at this point for everything it is you know Adam and another great quote in his in his keynote he said if you want to save money the Cloud's a place to do it absolutely and I read an article recently and I was looking through and I said this is the first time you know AWS has ever seen a downturn because the cloud was too early back then I'm like you weren't paying attention in 2008 because that was the first major inflection point for cloud adoption where CFO said okay stop the capex we're going to Opex and you saw the cloud take off and then 2010 started this you know amazing cycle that we really haven't seen anything like it where they were doubling down in Investments and they were real hardcore investment it wasn't like 1998 99 was all just going out the door for no clear reason yeah so that Foundation is now in place and I think it makes a lot of sense and it could be here for for a while where people are saying Hey I want to optimize and I'm going to do that on the cloud yeah no I mean I've obviously I certainly agree with Adam's quote I think really that's been in aws's DNA from from day one right is that ability to scale costs with with the actual consumption and paying for what you use and I think that you know certainly moments like now are ones that can really motivate change in an organization in a way that might not have been as palatable when it just it didn't feel like it was as necessary yeah all right we got to go give you a last word uh I think it's been a great event I love all your announcements I think this is wonderful uh it's been a great show I love uh in fact how many people are here at reinvent north of 50 000. yeah I mean I feel like it was it's as big if not bigger than 2019. people have said ah 2019 was a record when you count out all the professors I don't know it feels it feels as big if not bigger so there's great energy yeah it's quite amazing and uh and we're thrilled to be part of it guys thanks for coming on thecube again really appreciate it face to face all right thank you for watching this is Dave vellante for the cube your leader in Enterprise and emerging Tech coverage we'll be right back foreign

(upbeat music) >> Okay, welcome back, everyone, it's CUBE's live coverage. I'm John Furrier, host of theCUBE here with Paul Gillen. Got a great guest coming up here, talking about cloud security, all things going on in the cloud. Paul, great day. How you doing? How you holding up? >> I'm about at the end of my, running on fumes, John. (John laughs) >> Let's bring it home. >> And we got another day coming up. >> Day three, let's bring it home, come on, let's go. Lot of energy. >> Lot of energy on the floor and certainly a lot of talk about security at this conference. Busy, busy market, lots of vendors. And one of the more notable ones, Cohesity, recently introduced a brand new suite, a brand new approach to security that combines data protection and security and backup. With us, to talk about that is Amith Nair, who is the Senior Vice president and General Manager of cloud at Cohesity. Welcome. >> Thank you very much. Thanks for having me, Paul and John. >> So tell us about DataHawk, your new product. >> Yeah, just to set a little bit of perspective on Cohesity, and how we think about DataHawk and security in general is, Cohesity is the leading solution for data security and management. And if you think about all the pillars that we provide in terms of solution around that data solutions, so we have data protection, data security, data access, data mobility and data insights. So the focus for us over the last many months was really to make our data security solutions really strong. So generally when customers think about security, they think about starting with security at the perimeter, on the edge. They think about firewalls, network layer, and so on and so forth. But in the end, what they're really trying to protect is the data that aligns to what they're really trying to save. Right? So DataHawk was formulated and built in order to help extend our existing solutions to provide additional security, layers of security, and also work with partners to enable doing that. Many months ago, we released this product called FortKnox, which is our cyber vaulting solution. One that customers really love and use today. >> It's an air gap solution, right? >> It's an air gap solution with forum capabilities, and so on. Extremely liked by customers, very well adopted, and we extended that to provide lots more data classification capabilities, and ransomware checks as well. So malware checks in the product itself in terms of what it is being backed up. And is there malware in the backed up data and so on? >> Maybe, we can talk about the evolution of ransomware, because ransomware is getting a lot more sophisticated. It used to start at the end point and then penetrate into the network. Increasingly, now, we're seeing it move into the backup, and actually corrupt backup files before moving into the production data. How is ransomware evolving? >> I mean, there's a ransomware attack that's happening right now as we speak, right? What is it? One in every 11 seconds or so on. And it's getting very, very sophisticated. And you're absolutely right, the target early on used to be the network, or the firewall and so on and so forth. Now, it is the backup. So you have to be very smart about how you protect your backup and if you do get attacked, which a lot of CSOs are starting to realize, it's not about just preventing. But it's also what do you do if it does happen? How can you be resilient in the case of an attack? How can you recover if something happens? And that's where we come in to play as well. >> What's some of the state of the art posture, security posture and cyber resilient techniques? Can you share your observations on what are some of the current state of the art positions? I mean, besides they buy everything, and they want everything, but we're looking at a cost reduction, slow down in the recession, customer's going to look at belt tightening. We heard that from Adam Celeste. Has that changed or enhanced the posture, and impact to the resiliency on the cyber side? >> Yeah, I think customers are getting really smart in terms of how they're adopting cloud. We saw a tremendous amount of growth from a cloud usage perspective, I think, over the last two years and through the pandemic. But now they're getting smart about, "How am I consuming that cloud?" Which is where the consumption's starting to slow down. But that does not mean they're not using cloud, right? And security from a cloud perspective is way different from the old world, which was very static. You're in a completely dynamic environment now. So everybody talks about zero trust security. You have to have that level of no trust, trust nothing, authenticate everything, in terms of how you approach what connects to your network, what services connect to your network and so on. And we follow the same approach, but we also believe that one solution cannot solve it. And which is why we had this announcement around our security advisory council, and security partnership and alliances, where we are providing data to additional solutions, or insights into other security solutions that will help the customer in the end. We talked about how some customers have anywhere between 50 to 70 vendors on their network for security. We want to reduce that noise and that clutter, especially when it comes to cost and expenses. Right? >> Awesome. I want to ask you a personal question if you don't mind. You're new, relatively new to Cohesity, SVP, Senior Vice President, General Manager of the cloud. Obviously, AWS, the biggest cloud, there's other clouds. What attracted you to Cohesity? What was the key thing that attracted you to this company to take a leadership role as this next wave comes in for cloud, and security and what Cohesity is doing? >> Yeah, there are a couple of reasons. Number one and most important was the maturity of the product and the quality of the product. Mohit Aron was our founder, you know, known as the grandfather or as the father of hyperconverge networking. >> He's a legend. >> He's a legend, right? >> (laughs) Just say it. >> And he's built a phenomenal set of technologies that really helps customers and that brings me to the second point, which is customers. We are a customer-obsessed company. And as I was talking to Mohit and Sanjay was our CEO, and Lynn was our CMO and others in the company, it was very evident to me that the core DNA of the company is really helping our customers be successful. Those two things put together. And the third thing, really, I am very culturally-obsessed when it comes to how organizations are run. We have a very strong culture in terms of how we treat employees, how we build the right set of products, and how we go to market. Right? Those three things put together, helped me really make a decision. Obviously, the leadership team within Cohesity was top notch as well. So every one of them that I spoke to had that same core belief system. That had helped a lot. >> Sanjay's a good friend of theCUBE, we've interviewed him many times with VMware. Paul, you know Sanjay's, he loves to get on cam. We hope to have him on tomorrow, if we can get him on the calendar. But you know, Sanjay told me one time, "I never missed a quarter." In his SAP, VMware, he's proud. We'll see, Paul, we're- >> Well, I'm going to hold him to that. >> We better not miss a quarter, I'm going to hold him to that. How's business? How's it, healthy? >> It's been great. We are seeing consistent demand for all of our products. As you can see, we continue to release new products into the market that customers are asking for. We are listening to what customers really want. Our roadmap is really based on two things, customer demand and market and where the market is growing. We have to stay on top of how the market is evolving based on the new challenges that customers are facing. Right? So markets, we are doing really good, company continues to grow and Sanjay has been fantastic in terms of driving that leadership. >> Yeah, he's a good driver. And again, he's Mr. Quarter for a reason, he's disciplined. >> (laughs) Very disciplined. >> Another reason, initiative, Cohesity's is the data security alliance. You put together a group of about a dozen security companies. Getting security companies to work with each other is always a challenge. How did you convince them to join with you? >> Well, one, we aligned on a mission. I mean, in the end, all the partners that we are talking about, they all care about what customers want. And we talked earlier about having that, you know, what is that single pane of glass when it comes to security? Is there one? Probably not. But if you can reduce the chatter, and the noise amongst all these companies, that helps. The other thing is they also understood our mission was really around the security, around data. We talked earlier about how security used to be very parameter or centric, but what you're really trying to save and secure is your data, which is your Queen Bee. And so a couple of months ago at our customer advisory council, I talked about moving and shifting the focus of security to be very data centric. And what we do in this partnership and alliance is a true integration. So there's a lot of engineering work that goes in, is us providing insights around the data to the security partners who can then leverage that to help customers be protected early on. Conversely, they can provide insights into an attack that's emanating possibly, to let us know that there's something happening, so we can lock up the data. So it's a bidirectional, symbiotic relationship between these partners and they all believe in that common cause of making sure the customers get protected. As we talked about earlier, lots of cyber attacks happening even as we speak, if we can collectively do something good in terms of making customers secure and successful, let's do it. >> So what will result from this alliance other than a press release? >> Customers will be successful, hopefully, not just protect customers from ransomware attacks, but also respond and recover if something does happen. We also announce our security council led by Kevin Mandia, and then we have some other big security advisors in that council as well. And that's been very helpful. So it's not just about the product itself, but it's also the collective experience of all these folks who can help and advise and coach CSOs, and other organizations on, what are the best practices? What are the things you're not really considering? What is the vision for you from an architecture standpoint? How is security threats starting to get more, and more mature? And how can you account for that? How can you reduce cost, to your point, right? How can you reduce cost when it comes to managing all these security solutions? >> No, there's no industry where working, it's more important for vendors to work together than in this one. >> Absolutely. I mean, especially for security, I don't think there's a one size fits all solution. So we have to work together. Right? >> What's your state of the union? You were at HashiCorp before you came here, you've been in the industry for a while, you've seen a few cycles of innovation. We're in a really weird time right now, because AWS wasn't really as powerful in 2008, when the last recession was hard too. They weren't really that big then. Now, they're a big part of the economic equation. So agility means fast speed. Can they help us get out of the pandemic? Customer's going to tighten their belts? Is there going to be a pullback? Is there tech spending? All these questions are looming. What are your customers seeing? What do you think is going to happen given the history? 'Cause I don't see the building stopping. I think you'll see more cloud, more savings. So is there fine-tuning solutions? What are customers thinking like now? >> I mean, if you think back to the last recession, the last major one, 2009, that's really about the time when you saw customers thinking about that whole digital transformation, because they started understanding that the way to connect with customers is through a digital engagement. Right? Now, as we've gone through a 10, 15 year period where there has been a lot of digital transformation, there's been a lot of investment in the cloud. Cloud is no longer seen with suspicion. Now, it's about getting smart on how to use it, how to build the right applications. Are there the right set of applications that need to stay in the cloud? And there might be others that need to stay on-prem. Right? I've talked to customers and CIOs who've mentioned to me in the past, that they would go a hundred percent in the cloud, and six months later they come back and they're like, "Nope, you're not going a hundred percent in the cloud. Maybe it's 10% or 15%." >> So they're moving. So what's your plan? You're the GM, you're in charge, you've got to take that next hill. Is it a tailwind, headwind? You've got to navigate the waters here, so to speak, mixed metaphors, but for the most part, you got a business opportunity. >> Absolutely. >> What's the outlook look like? What's your vision? What's the plan? >> Yeah. When it comes to cloud, there are certain things that are a common denominator. Right? One is how do you enable not just applications that are completely on cloud, but also that's on-prem? So for us, that hybrid movement is extremely important. But to create a single seamless UI and experience from an end-customer perspective. So for me, maintaining that and more at team, the R and D team at Cohesity have done a phenomenal job around that. For me, it's to maintain that, and then build additional workloads that make sense from a customer standpoint. There's a lot of investment customers are making. We also have to make sure that they're utilized correctly, and their stored, backed up data, recovered in a way that makes sense for them. And then if things do go south in terms of attacks or other issues, how can we help them get back up to speed, and make sure their business does not suffer? Right? So all of those combined, I think from a cloud perspective, it's the agility, the scalability, and the speed and swiftness that we can work with. >> Well, it sounds like he's ready for the Instagram Real Challenge, our new format on theCUBE. We're going to do a little segment where you can deliver a YouTube Short, Instagram Reel, TikTok or CUBE Gem. More of a thought leadership soundbite for 30 seconds around your view of why is cloud important right now. What's going on at this event that people should pay attention to? What's Cohesity doing? If you can put together a reel, a sizzle reel, or a thought leadership statement. What would that be? >> It would be that cloud is important for any business to be successful. And that's a given right now. I mean, digital transformation is an overused term, but the reality is it's here to stay. And it is the reason why everybody has a mobile phone. Half the people walking on the floor right now is looking at their phone and walking around. And that's your engagement method. So if you don't transform yourself to be able to connect with your end-user, your customer, you will not be successful. And Cohesity can help you by making sure that all of that data that you have, everything that you need in order to be successful to drive that engagement with your customers secure is backed up. No matter what, we will get you back up and running, and you will be successful. And we are in the success journey with you. >> Amith Nair, Senior Vice President, General Manager, Cohesity, the Cloud. Thanks for coming on theCUBE. For Paul Gillen, my co-host. I'm John Furrier here, live on the floor, wrapping up day two, few more segments, stay with us. We got a lot of action coming. We'll be right back with more after the short break. theCUBE, the leader in tech coverage. (bright music)

>>Well, hello everybody at John Wallace here on the Cube, and glad to have you along here for day two of our coverage here at AWS Reinvent 22. We're up in the global startup program, which is part of AWS's Startup Showcase, and I've got Kevin Farley with me. He is the director of Strategic Alliances with Maria Day db. And Kevin, good to see you this morning. Good to see you, John. Thanks for joining us. Thank >>You. >>Appreciate it. Yeah. First off, tell us about Maria db. Sure. Obviously data's your thing. Yep. But to share that with some folks at home who might not be familiar with your offering. >>Yeah. So Maria DB's been around as a corporate entity for 10 plus years, and we have a massive customer base. You know, there's a billion downloads from Docker Hub, 75% of the Fortune 500. We have an enormous sea of really happy users. But what we realize is that all of these users are really thinking about what do we, what does it mean to transform it? What does cloud modernization mean? And how do we build a strategy on something we really love to drive it into the cloud and take it to the future. So what we launched about two years ago, two and a half years ago, is Skye. It's our database as a service. It leverages all the best elements, what we provide on the enterprise platform. It marries to the AWS cloud, and it really provides the best of both worlds for our >>Customers. So in your thought then, what, what problem is that solving? >>I think what you see in the overall database market is that many people have been using what we would call legacy technology. There's been lots of sort of stratification and mixes of different database solutions. All of them come with some promise, and all of 'em come with a lot of compromise. So I think what the market is really looking for is something that can take what they know and love, can bring it to the cloud and can survive the port drive the performance and scale. That completely changes the landscape, especially as you think about what modern data needs look like, right? What people did 10 years ago with the exponential scale of data no longer works. And what they need is something that not only can really deliver against their core business values and their core business deliverables, but gets 'em to the future. How do we drive something new? How do we innovate? How do we change the game? And I think what we built with AWS really delivers what we call cloud scale. It's taking something that is the best technology, and I as a V can build, marrying it to, you know, Kubernetes layer, marrying it to global availability, thinking about having true global high availability across all of your environments and really delivering that to customers through an integrated partnership. >>Could we see this coming? I mean, because you know data, right? I mean, yeah, we, we, everybody talked about the tsunami of growth, you know, >>Back 10 >>Sure. 11 years ago. But, but maybe the headlights didn't go far enough or, or, but, but you could see that there was going to be crunch time. >>There's no doubt. And I think that this has been a, there's, there's been these sort of pocket solutions, right? So if you think at the entire no sequel world, right? People said, oh, I need scale, I can get it, but what do I have to give up asset compliance? So I have to change the way I think about what data is and how I, I can govern it. So there's been these things that deliver on half the promise, but there's never been something that comes together and really drives what we deliver through CIQ is something called expand. So distributed SQL really tied to the SQL Query language, having that asset data. So having everything you need without the compromise built on the cloud allows you to scale out and allows you to think about, I can actually do exponential layers of, of data, data modeling, data querying, complete read, write, driving that forward. And I think it gives us a whole nother dynamic that we can deliver on in a way that hasn't been before. And I think that's kind of the holy grail of what people are looking for is how am I building modern applications and how do I have a database in the cloud that's really gonna support >>It? You know, you talk about distributed, you know, sequel and, and I mean, there's a little mystery behind it, isn't there? Or at least maybe not mystery. There's a little, I guess, confusion or, or just misunderstanding. I mean, I, how, nail that down a little bit. I >>Would say the best way to say it, honestly, this is the great thing, is it people believe it's too good to be true. And I think what we see over and over >>Again, you know, what they say about that. >>But this is the great part is, you know, you know, we've just had two taste studies recently with aws, with HIT labs and Certified power, both on expand, both proof in the pudding. They did the POCs, they're like, oh my God, this works. If you watch the keynote yesterday, you know, Adam had a slide that was, you know, as big as the entire room and it highlighted Samsung and they said, you know, we're doing 80,000 requests per second. So the, you know, the story there is that AWS is able as, as an entity with their scale and their breadth to handle that kind of workload. But guess what that is? That's MariaDB expand underneath there driving all of that utilization. So it's already there, it's already married, it's already in the cloud, and now we're taking it to a completely different level with a fully managed database solution. Right? >>How impressive is that? Right? I mean, you would think that somebody out there who, I mean that that volume, that kind of capacity is, is mind blowing. >>I mean, to your kind of previous point, it's like one of those things, do I see what's coming and it's here, right? You know, it's, is it actually ever gonna be possible? And now we're showing that it really is on a daily basis for some of the biggest brands in the world. We're also seeing companies moving off not only transitioning from, you know, MariaDB or myse, but all of the big licensed, you know, conversions as well. So you think about Oracle DBS Bank is one of our biggest customers, one of the largest Oracle conversions in the world onto MariaDB. And now thinking about what is the promise of connecting that to the cloud? How do you take things that you're currently doing, OnPrem delivering a hybrid model that also then starts to say, Hey, here's my path to cloud modernization. Skye gives me that bridge. And then you take it one layer farther and you think about multi-cloud, right? That's one of the things that's critical that ISVs can really only deliver in a meaningful way, is how can we have a solution for a customer that we can take to any availability zone. We can have performance, proximity, cost, proximity. We're always able to have that total data dexterity across any environment we need and we can build on that for the future. >>So if, if we're talking about cloud database and there's so many good things going forward here. You're talking about easy use and scalability and all that. But as with ever have you talked about this, there's some push and there's some pull. Yeah. So, so what's the, what's the other side that's still, you know, you that you think has to be >>Addressed? And I think that's a great question. So there's, we see that there's poll, right? We've seen these deals, this pipeline growth, this, there's great adoption. But what I think we're still not at the point of massive hockey stick adoption is that customers still don't fully understand the capabilities distributed SQL and the power they can actually deliver. So the more we drive case studies, the more we drive POCs, the more we prove the model, I think you're gonna see just a massive adoption scale. And I also think customers are tired of doing lots of different things in lots of different pockets. So neither one of the key elements of Sky SQL is we can do both transactional and analytical data out of the same database driven by the same proxy. So what, instead of having DBAs and developers try to figure out, okay, I'm gonna pull from this database here. >>Yeah. That there, it's, it's this big spaghetti wire concept that is super expensive and super time intensive. So the ability to write modern applications and pull data from both pockets and really be able to have that as a seamless entity and deliver that to customers is massive. I mean, another part of the keynote yesterday was a new deliverable, like kind of no etl. Adam talked about Aurora and Redshift and the massive complexity of what used to exist for getting data back and forth. You also have to pay for two different databases. It's super expensive. So I think the idea that you can take the real focus of AWS and US is customer value. How do you deliver that next thing that changes the game? Always utilizes AWS delivers on that promise, but then takes a net new technology that really starts to think about how do we bring things together? How do we make it more simple? How do we make it more powerful? And how do we deliver more customer value as we go forward? >>But you know, if, if I'm, I'm still an on-prim guy, just pretend I'm not saying I am. Just pretend I just for the sake of the discussion here, it's like I just can't let it go. Yeah. Right. I, I still, you know, there's control, there's the known versus the unknown. The uncertain. Yeah. So twist my arm just a little bit more and get me over the hum. >>Well, first of all, you don't have to, right? And there's gonna be some industries and some verticals that will always have elements of their business that will be OnPrem. Guess what? We make the best based in the world. It can be MariaDB, but there's those that then say, these, these elements of our business are gonna be far more effective moving to the cloud. So we give you Skye, there's a natural symbiotic bridge between everything we do and how we deliver it. Where you can be hybrid and it's great. You can adopt the cloud as your business needs grow. And you can have multi-cloud. This is that, that idea that you can, can have your cake and eat it too, right? You can literally have all these elements of your business met without these big pressure to say, you gotta throw that away. You gotta move to this. It's really, how do you kind of gracefully adopt the cloud in a way that makes sense for your business? Where are you trying to drive your business? Is it time to value, right? Is it governance? Is it is there's different elements of what matters the most to individual businesses. You know, we wanna address those and we can address >>Those. So you're saying you don't have to dive >>In, you don't have to dive >>In. You, you can, you can go ankle deep, knee deep, whatever you wanna >>Do. Absolutely. And you know, some of the largest MariaDB users still have massive, massive on-prem implementations. And that's okay. But there's elements that are starting to fall behind. There's cost savings, there's things that they need to do in the cloud that they can't do. OnPrem. And that's where expand Skye really says, okay, here is your platform. Grow as you want to, migrate as you want to. And we're there every step along the way. We, we also provide a whole Sky DBA team. Some guys just say, I wanna get outta the database world at all. This is, this is expensive, it's costly and it's difficult to be an expert. So you can bring in our DBA team and they'll man and run, they'll, they'll run your entire environment. They'll optimize it, you know, they'll troubleshoot it, they'll bug fix, they'll do everything for you. So you can just say, I just wanna focus on building phenomenal applications for my customers. And the database game as we knew it is not something that I know I want to invest in anymore. Right. I wanna make that transition >>That makes that really, yeah. You know, I mean really attractive to a lot of people because you are, you talk about a lot of headache there. Yeah. So let's talk about AWS before Sure. I let you go just about that relationship. Okay. You've talked about the platform that it provides you and, and obviously the benefits, but just talk about how you've worked with AWS over the years Yep. And, and how you see that relationship allowing you to expand your services, no pun intended. >>For sure. So, I mean, I would start with the way we even contemplated architecture. You know, we worked with the satisfactory team. We made sure that the things that we built were optimized in their environment. You know, I think it was a lot of collaboration on how does this combined entity really make the most value for our customers? How does it make the most sense for our developers as we build it out? Then we work in the, in the global startup team. So the strategic element of who we are, not all startups are created equal, right? We have, right, we have 75% of the Fortune 100, we've got over a billion downloads. So, you know, we come in with promise. And the reason this partnership is so valuable and the reason there's so much investment going forward is cuz what really, what do the cloud guys care about? >>The very, very most, they want all of these mission critical, big workloads that are on prem to land in their cloud. What do we have a massive, massive TAM sitting out there, these customers that could go to aws. So we both see, like if we can deliver incredible value to that customer base, these big workloads will end up in aws. They'll use other AWS services. And as we scale and grow, you know, we have that platform that's already built for it. So I think that when you go back to like the tenants, the core principles of aws, the one that always stands out, the one that we always kind of lean back on is, are we delivering customer value? Is this the best thing for the customer? Because we do have some competition just like many other, other partners do, right? So there is Aurora and there is rds and there is times when that's a great service for a customer. But when people are really thinking about where do I need my database to go? Where do I really need to be set for the future growth? Where am I gonna get the kind of ROI I need going forward? That's where you can go, Hey, sky sql, expand distributed sql. This is the best game in town. It's built on aws and collectively, you know, we're gonna present that to a customer. I'm >>Sold. Done. >>I love it. Right? >>Maria db, check 'em out, they're on the show floor. Great traffic. I know at at the, at the booth. They're here at AWS Reinvent. So check 'em out. Maria db. Thanks >>Kevin. Hey, thanks John. Appreciate your >>Time. Appreciate Great. That was great. Right back with more, you're watching the cube, the leader in high tech coverage.

(upbeat music) >> Welcome back friends. It's theCUBE LIVE in Las Vegas at the Venetian Expo, covering the first full day of AWS re:Invent 2022. I'm Lisa Martin, and I have the privilege of working much of this week with Dave Vellante. >> Hey. Yeah, it's good to be with you Lisa. >> It's always good to be with you. Dave, this show is, I can't say enough about the energy. It just keeps multiplying as I've been out on the show floor for a few minutes here and there. We've been having great conversations about cloud migration, digital transformation, business transformation. You name it, we're talking about it. >> Yeah, and I got to say the soccer Christians are really happy. (Lisa laughing) >> Right? Because the USA made it through. So that's a lot of additional excitement. >> That's true. >> People were crowded around the TVs at lunchtime. >> They were, they were. >> So yeah, but back to data. >> Back to data. We have a couple of guests here. We're going to be talking a lot with customer challenges, how they're helping to overcome them. Please welcome Kevin Zawodzinski, VP of Sales Engineering at COMMVAULT. >> Thank you. >> And Paul Meighan, Director of Product Management at AWS. Guys, it's great to have you on the program. Thank you for joining us. >> Thanks for having us. >> Thanks for having us. >> Isn't it great to be back in person? >> Paul: It really is. >> Kevin: Hell, yeah. >> You cannot replicate this on virtual, you just can't. It's nice to see how excited people are to be back. There's been a ton of buzz on our program today about Adam's keynote this morning. Amazing. A lot of synergies with the direction, Paul, that AWS is going in and where we're seeing its ecosystem as well. Paul, first question for you. Talk about, you know, in the customer environment, we know AWS is very customer obsessed. Some of the main challenges customers are facing today is they really continue this business transformation, this digital transformation, and they move to cloud native apps. What are some of those challenges and how do you help them eradicate those? >> Well, I can tell you that the biggest contribution that we make is really by focusing on the fundamentals when it comes to running storage at scale, right? So Amazon S3 is unique, distributed architecture, you know, it really does deliver on those fundamentals of durability, availability, performance, security and it does it at virtually unlimited scale, right? I mean, you guys have talked to a lot of storage folks in the industry and anyone who's run an estate at scale knows that doing that and executing on those fundamentals day after day is just super hard, right? And so we come to work every day, we focus on the fundamentals, and that focus allows customers to spend their time thinking about innovation instead of on how to keep their data durably stored. >> Well, and you guys both came out of the storage world. >> Right. >> Yeah, yeah. >> It was a box world, (Kevin laughs) and it ain't no more. >> Kevin: That's right, absolutely. >> It's a service and a service of scale. >> Kevin: Yeah. So architecture matters, right? >> Yeah. >> Yeah. >> Paul, talk a little bit about, speaking of innovation, talk about the evolution of S3. It's been around for a while now. Everyone knows it, loves it, but how has AWS architected it to really help meet customers where they are? >> Paul: Right. >> Because we know, again, there's that customer first focus. You write the press release down the road, you then follow that. How is it evolving? >> Well, I can tell you that architecture matters a lot and the architecture of Amazon S3 is pretty unique, right? I think, you know, the most important thing to understand about the architecture of S3 is that it is truly a regional service. So we're laid out across a minimum of 3 Availability Zones, or AZs, which are physically separated and isolated and have a distance of miles between them to protect against local events like floods and fires and power interruption, stuff like that. And so when you give us an object, we distribute that data across that minimum of 3 Availability Zones and then within multiple devices within each AZ, right? And so what that means is that when you store data with us, your data is on storage that's able to tolerate the failure of multiple devices with no impact to the integrity of your data, which is super powerful. And then again, super hard to do when you're trying to roll your own. So that's sort of a, like an overview of the architecture. In terms of how we think about our roadmap, you know, 90% of our roadmap comes directly from what customers tell us matters, and that's a tenant of how we think about customer obsession at AWS and it really is how we drive a roadmap. >> Right, so speaking of customers Kevin, what are customers asking you guys- >> Yeah. >> for, how does it relate to what you're doing with S3? >> Yeah, it's a wonderful question and one that is actually really appropriate for us being at re:Invent, right? So we got, last three years we've had customers here with us on stage talking about it. First of all, 3 years ago we did a virtual session, unfortunately, but glad to be back as you mentioned, with Coca-Cola and theirs was about scale and scope and really about how can we protect hundreds of thousands of objects, petabyte to data, in a simple and secure way, right. Then last year we actually met with a ACT, Inc. as well and co-presented with them and really talked about how we could protect modern workloads and their modern workloads around whether it was Aurora or as well as EKS and how they continue to evolve as well. And, last but not least it's going to be, this year we're talking with Illinois State University as well about how they're going to continue to grow, adapt and really leverage AWS and ourselves to further their support of their teachers and their staff. So that is really helping us quite a bit to continue to move forward. And the things we're doing, again, with our customer base it's really around, focused on what's important to them, right? Customer obsession, how are we working with that? How are we making sure that we're listening to them? Again, working with AWS to understand how can we evolve together and really ultimately their journeys. As you heard, even with those 3 examples they're all very different, right? And that's the point, is that everybody's at a different point in the journey. They're at a different place from a modernization perspective. So we're helping them evolve, as they're helping us evolve as well, and transform with AWS. >> So very mature COMMVAULT stack, the S3 bucket and all the other capabilities. Paul, you just talked about coming together- >> Right. >> Dave: for your customers. >> Yeah, yeah, absolutely. And just, you know, we were talking the other day, Paul and I were talking the other day, it's been, you know, we've worked with AWS, with integration since 2009, right? So a long time, right? I mean, for some that may not seem like a long time ago, but it is, right? It's, you know, over a decade of time and we've really advanced that integration considerably as well. >> What are some of the things that, I don't know if you had a chance to see the keynote this morning? >> Yeah, a little bit. >> What are some of the things that there was, and in fact this is funny, funny data point for you on data. One of my previous guests told me that Adam Selipsky spent exactly 52 minutes talking about data this morning. 52 minutes. >> Okay. >> That there's a data point. But talk about some of the things that he talked about, the direction AWS is going in, obviously new era in the last year. Talk about what you heard and how you think that will evolve the COMMVAULT-AWS relationship. >> Yeah, I think part of that is about flexibility, as Paul mentioned too, architecture matters, right? So as we evolve and some of the things that we pride ourselves on is that we developed our systems and our software and everything else to not worry about what do I have to build to today but how do I continue to evolve with my customer base? And that's what AWS does, right? And continues to do. So that's really how we would see the data environment. It's really about that integration. As they grow, as they add more features we're going to add more features as well. And we're right there with them, right? So there's a lot of things that we also talk about, Paul and I talk about, around, you know, how do we, like Graviton3 was brought up today around some of the innovations around that. We're supporting that with Auto Scale right now, right? So we're right there releasing, right when AWS releasing, co-developing things when necessary as well. >> So let's talk about security a little bit. First of all, what is COMMVAULT, right? You're not a security company but you're an adjacency to security. It's sort of, we're rethinking security. >> Kevin: Yep. >> including data protection, not a bolt-on anymore. You guys both have a background in that world and I'm sure that resonates. >> Yeah. >> So what is the security play here? What role does COMMVAULT play? I think we know pretty well what role AWS plays, but love to hear, Paul, your thoughts as well on security. >> Yeah, I'll start I guess. >> Go on Paul. >> Okay. Yeah, so on the security side of things, there's a quite a few things. So again, on the development side of things, we do things like file anomaly detection, so seeing patterns in data. We talked a lot about analytics as well in the keynote this morning. We look at what is happening in the customer environment, if there's something odd or out of place that's happening, we can detect that and we'll notify people. And we've seen that, we have case studies about that. Other things we do are simple, simple but elegant. Is with our security dashboard. So we'll use our security dashboard to show best practices. Are they using Multi-Factor Authentication? Are you viewing password complexity? You know, things like that. And allows people to understand from a security landscape perspective, how do we layer in protection with their other systems around security. We don't profess to be the security company, or a security company, but we help, you know, obviously add in those additional layers. >> And obviously you're securing, you know, the S3 piece of it. >> Mmmhmm. >> You know, from your standpoint because building it in. >> That's right. And we can tell you that for us, security is job zero. And anyone at AWS will tell you that, and not only that but it will always be our top priority. Right from the infrastructure on down. We're very focused on our shared responsibility model where we handle security from the hypervisor, or host operating system level, down to the physical security of the facilities in which our services run and then it's our customer's responsibility to build secure applications, right. >> Yeah. And you talk about Graviton earlier, Nitro comes into play and how you're, sort of, fencing off, you know, the various components of the system from the operating system, the VMs, and then that is designed in and that's a new evolution that it comes as part of the package. >> Yeah, absolutely. >> Absolutely. >> Paul, talk a little bit about, you know, security, talking about that we had so many conversations this year alone about the threat landscape and how it's dramatically changing, it's top of mind for everybody. Huge rise in ransomware attacks. Ransomware is now, when are we going to get hit? How often? What's the damage going to be? Rather than, are we going to get hit? It's, unfortunately it's progressed in that direction. How does ensuring data security impact how you're planning the roadmap at AWS and how are partners involved in shaping that? >> Right, so like I said, you know, 90% of our roadmap comes from what customers tell us matters, right? And clearly this is an issue that matters very much to customers right now, right? And so, you know, we're certainly hearing that from customers, and COMMVAULT, and partners like COMMVAULT have a big role to play in helping customers to secure and protect their applications, right? And that's why it's so critical that we come together here at re:Invent and we have a bunch of time here at the show with the COMMVAULT technical folks to talk through what they're hearing from customers and what we're hearing. And we have a number of regular touch points throughout the year as well, right? And so what COMMVAULT gets from the relationship is, sort of, early access and feedback into our features and roadmap. And what we get out of it really is that feedback from that large number of customers who interface with Amazon S3 through COMMVAULT. Who are using S3 as a backup target behind COMMVAULT, right? And so, you know, that partnership really allows us to get close to those customers and understand what really matters to them. >> Are you doing joint engineering, or is it more just, hey here you go COMMVAULT, here's the tools available, go, go build. Can you address that? >> Yeah, no, absolutely. There's definitely joint engineering like even things around, you know, data migration and movement of data, we integrate really well and we talk a lot about, hey, what are you, like as Paul mentioned, what are you seeing out there? We actually, I just left a conversation about an hour ago where we're talking about, you know, where are we seeing placement of data and how does that matter to, do you put it on, you know, instant access, or do you put it on Glacier, you know, what should be the best practices? And we tell them, again, some of the telemetry data that we have around what do we see customers doing, what's the patterns of data? And then we feed that back in and we use that to create joint solutions as well. >> You know, I wonder if we could talk about cloud, you know, optimization of cloud costs for a minute. That's obviously a big discussion point in the hallways with customers. And on your earnings call you guys talked about specifically some customers and they specifically mentioned, for example, pushing storage to lower cost tiers. So you brought up Glacier just then. What are you seeing in the field in that regard? How are customers taking advantage of that? And where does COMMVAULT play in, sort of, helping make that decision? >> You want to take part one or you want me to take it? >> I can take part one. I can tell you that, you know, we're very focused on helping customers optimize costs, however necessary, right? And, you know, we introduced intelligent hearing here at the show in 2019 and since launch it's helped customers to reduce costs by over $750 million, right? So that's a real commitment to optimizing costs on behalf of customers. We also launched, you know, later in 2020, Glacier Deep Archive, which is the lowest cost storage in the cloud. So it's an important piece of the puzzle, is to provide those storage options that can allow customers to match the workloads that are, that need to be on folder storage to the appropriate store. >> Yeah, and so, you know, S3 is not this, you know, backup and recovery system, not an archiving system and, you know, in terms of, but you have that intelligence in your platform. 'Cause when I heard that from the earnings call I was like, okay, how do customers then go about deciding what they can, you know, when it's all good times, like yeah, who cares? You know, just go, go, go. But when you got to tighten the belt, how do you guys? >> Yeah, and that goes back to understanding the data pattern. So some of that is we have intelligence and artificial intelligence and everything else and machine learning within our, so we can detect those patterns, right? We understand the patterns, we learn from that and we help customers right size, right. So ultimately we do see a blend, right? As Paul mentioned, we see, you know, hey I'm not going to put everything on Glacier necessarily upfront. Maybe they are, it all depends on their workloads and patterns. So we use the data that we collect from the different customers that we have to share those best practices out and create, you know, the right templates, so to speak, in ways for people to apply it. >> Guys, great joint, you talked about the joint engineering, joint go to market, obviously a very strong synergistic partnership between the two. A lot of excitement. This is only day one, I can only imagine what's going to be coming the next couple of days. But I have one final question for you, but I have same question for both of you. You had the chance to create your own bumper sticker, so you get a shiny new car and for some reason you want to put a bumper sticker on it. About COMMVAULT, what would it say? >> Yeah, so for me I would say comprehensive, yet simple, right? So ultimately about giving you all the bells and whistles but if you want to be very simple we can help you in every shape and form. >> Paul, what's your bumper sticker say about AWS? >> I would say that AWS starts with the customer and works backwards from there. >> Great one. >> Excellent. Guys- >> Kevin: Well done. >> it's been a pleasure to have you on the program. Thank you- >> Kevin: Thank you. >> for sharing what's going on, the updates on the AWS-COMMVAULT partnership and what's in it for customers. We appreciate it. >> Dave: Thanks you guys. >> Thanks a lot. >> Thank you. >> All right. For our guests and Dave Vellante, I'm Lisa Martin. You're watching theCUBE, the leader in live enterprise and emerging tech coverage. (upbeat music)

>>Hello, wonderful humans and welcome back to The Cube's Thrilling live coverage of AWS Reinvent here in Las Vegas, Nevada. I'm joined by my fantastic co-host, John Farer. John, things are really ramping up in here. Day one. >>Yep, it's packed already. I heard 70,000 maybe attendees really this year. I just saw that on Twitter. Again, it continues to show that over the past 10 years we've been here, you're seeing some of the players that were here from the beginning growing up and getting bigger and stronger, becoming more platforms, not just point solutions. You're seeing new entrants coming in, new startups, and the innovation you start to see happening, it's really compelling to fun to watch. And our next segment, we have multi 10 time Cube alumni coming on and a first timer, so it should be great. We'll get into some of the innovation, >>Not only as this guest went on the cube 10 times, he also spoke at the first AWS reinvent, just like you were covering it here with Cube. But without further ado, please welcome Ronan and Kevin from NetApp. Thank you gentlemen, both for being here and for matching in your dark blue. How's the show going for you? Ronan, I'm gonna ask you first, you've been here since the beginning. How does it feel in 2022? >>First, it's amazing to see so many people, right? So many humans in one place, flesh and blood. And it's also amazing to see, it's such a celebration for people in the cloud, right? Like this is our, this is our event, the people in the cloud. I'm really, really happy to be here and be in the cube as well. >>Fantastic. It, it is a party, it's a cloud party. Yes. How are you feeling being here, Kevin? I'm >>Feeling great. I mean, going all the way back to the early days of Spot T, which was the start that eventually got acquired as Spot by NetApp. I mean this was, this was our big event. This is what we lived for. We've gone, I've gone from everything, one of the smaller booths out here on the floor all the way up to the, the huge booth that we have today. So we've kind of grown along with the AWS ecosystem and it's just a lot of fun to get here, see all the customers and talk to everybody. >>That's a lot of fun. Fun. That's the theme that we've been talking about. And we wrote a story about on, on Silicon Angle, more that growth from that getting in and getting bigger, not just an ISV or part of the startup showcase or ecosystem. The progression of the investment on how cloud has changed deliverables. You've been part of that wave. What's the biggest walk away, what's, and what's the most important thing going on now cuz it's not stopping. You got new interests coming in and the folks are rising with the tide and getting platforms built around their products. >>Yeah, I would say, you know, years ago is, is cloud in my decision path and now it's cloud is in my decision path. How much is it and how am I going to use it? And I think especially coming up over the next year, macroeconomic events and everything going on is how do I make my next dollar in the cloud go further than my last dollar? Because I know I'm gonna be there, I know I'm gonna be growing in the cloud, so how do I effectively use it to run my business going forward? >>All right, take a minute to explain Spot now part of NetApp. What's the story? What take us through for the folks that aren't familiar with the journey, where it's come from, where it's today? >>Sure. So SPOT is all about cloud optimization. We help all of our customers deploy scale and optimize their applications in the cloud. And what we do is everything from VMs to containers to any type of custom application you want to deploy, we analyze those applications, we find the best price point to run them, we right size them, we do the automation so your DevOps team doesn't have to do it. And we basically make the whole cloud serverless for you at the end of the day. So whatever you're doing in the cloud, we'll manage that for you from the lowest level of the stack all the way up to the highest level financials. >>Is this what you call the evolved cloud state? >>It is in the evolve clouds a little bit more, and Ronan can touch on that a little bit too. The Evolve clouds not only the public cloud but also the cloud that you're building OnPrem, right? A lot of big companies, it's not necessarily a hundred percent one way or the other. The Evolve cloud is which cloud am I on? Am I on an OnPrem cloud and a public cloud or am I on multiple public clouds in an OnPrem cloud? And I think Ronan, you probably have an opinion on that too. >>Yeah, and and I think what we are hearing from our customers is that many of them are in a situation where a lot of their data has been built for years on premises. They're accelerating their move to the cloud, some of them are accelerating, they're moving into multiple cloud and that situation of an on-prem that is becoming cloudy and cloudy all the time. And then accelerated cloud adoption. This is what the customers are calling the Evolve cloud and that's what we're trying to support them in that journey. >>How many customers are you supporting in this Evolve cloud? You made it seem like you can just turnkey this for everyone, which I am here >>For it. Yeah, just to be clear, I mean we have thousands of customers, right? Everything from your small startups, people just getting going with a few VMs all the way to people scaling to tens and thousands of VMs in the cloud or even beyond VM services and you know, tens of millions of spend a month. You know, people are putting a lot of investment into the cloud and we have all walks of life under our, you know, customer portfolio. >>You know, multi-cloud has been a big topic in the industry. We call it super cloud. Cause we think super cloud kind of more represents the destination to multi-cloud. I mean everyone has multiple clouds, but they're best of breed defaults. They're not by design in most cases, but we're starting to see traction towards that potential common level services fix to late. See, I still think we're on the performance game now, so I have to ask, ask you guys. Performance has becoming back in VO speeds and feeds back during the data center days. Well, I wouldn't wanna talk speeds and feeds of solutions and then cloud comes in. Now we're at the era of cloud where people are moving their workloads there. There's a lot more automation going on, A lot more, as you said, part of the decision. It is the path. Yeah. So they say, now I wanna run my workloads on the better, faster infrastructure. No developer wants to run their apps on the slower hardware. >>I think that's a tall up for you. Ronan go. >>I mean, I put out my story, no developer ever said, give me the slower software performance and and pay more fast, >>Fastest find too fastest. >>Speed feeds your back, >>Right? And and performance comes in different, in different parameters, right? They think it is come throughput, it comes through latency. And I think even a stronger word today is price performance, right? How much am I paying for the performance that that I need? NetApp is actually offering a very, very big advantage for customers on both the high end performance as well as in the dollar per performance. That is, that is needed. This is actually one of the key differentiator that Fsx for NetApp on top is an AWS storage based on the NetApp on top storage operating system. This is one of the biggest advantages it is offering. It is SAP certified, for example, where latency is the key, is the key item. It is offering new and fastest throughput available, but also leveraging some advanced features like tiering and so on, is offering unique competitive advantage in the dollar for performance specifically. >>And why, why is performance important now, in your opinion? Obviously besides the obvious of no one wants to run their stuff on the slower infrastructure, but why are some people so into it now? >>I think performance as a single parameter is, is definitely a key influencer of the user experience. None, none of us will, will compromise our our experience. The second part is performance is critical when scale is happening, right? And especially with the scale of data performance to handle massive amounts of data is is becoming more and more critical. The last thing that I'll emphasize is again is the dollar for performance. The more data you have, the more you need to handle, the more critical for you is to handle it in a cost effective way. This is kind of, that's kind of in the, in the, in the secret sauce of the success of every workload. >>There isn't a company or person here who's not thinking about doing more faster for cheaper. So you're certainly got your finger on the pulse With that, I wanna talk about a, a customer case study. A little birdie told me that a major US airline recently just had a mass of when we're where according to my notes response time and customer experience was improved by 17 x. Now that's the type of thing that cuts cost big time. Can one of you tell me a little bit more about that? >>Yeah, so I think we all flew here somehow, right? >>Exactly. It's airlines matter. Probably most folks listening, they're >>Doing very well right now. Yes, the >>Airlines and I think we all also needed to deal with changes in the flights with, with really enormous amount of complexity in managing a business like that. We actually rank and choose what, what airline to use among other things based on the level of service that they give us. And especially at the time of crunch, a lot of users are looking through a lot of data to try to optimize, >>Plus all of them who just work this holiday weekend sidebar >>E Exactly right. Can't even, and Thanksgiving is one of these crunch times that are in the middle of this. So 70 x improvement in performance means a loss seven >>Zero or >>17 1 7 1 7 x Right? >>Well, and especially when we're talking about it looks like 50,000, 50,000 messages per minute that this customer was processing. Yes. That that's a lot. That's almost a thousand messages a second. Wow. I think my math tees up there. Yeah. >>It does allow them to operate in the next level of scale and really increase their support for the customer. It also allows them to be more efficient when it comes to cost. Now they need less infrastructure to give better service across the board. The nice thing is that it didn't require them for a lot of work. Sometimes when the customers are doing their journey to the cloud, one of the things that kind of hold them back is like, is either the fear or, or maybe is the, the concern of how much effort will it take me to achieve the same performance or even a better performance in the cloud? They are a live example that not only can you achieve, you can actually exceed the performance that I have on premises and really give customer a better service >>Customer a better service. And reliability is extremely important there. 99.9%. 99% >>99. Yes. >>Yes. That second nine obviously being very important, especially when we're talking about the order of magnitude of, of data and, and actions being taken place. How much of a priority is, is reliability and security for y'all as a team? >>So reliability is a key item for, for everybody, especially in crunch times. But reliability goes beyond the nines. Specifically reliability goes into how simple it is for you to enable backup n dr, how protected are you against ransomware? This is where netup and, and including the fsx for NETUP on top richness of data management makes a huge difference. If you are able to make your copy undeletable, that is actually a game changer when it comes to, to data protection. And this is, this is something that in the past requires a lot of work, opening vaults and other things. Yeah. Now it becomes a very simple configuration that is attached to every net up on top storage, no matter where it is. >>We heard some news at VMware explorer this past fall. Early fall. You guys were there. We saw the Broadcom acquisition. Looks like it's gonna get finalized maybe sooner than later. Lot of, so a lot of speculation around VMware. Someone called the VMware like where is VMware as in where they now, nice pun it was, it was actually Nutanix people, they go at each other all the time. But Broadcom's gonna keep vse and that's where the bread and butter, that's the, that's the goose that lays the Golden eggs. Customers are there. How do you guys see your piece there with VMware cloud on AWS that integrates solution? You guys have a big part of that ecosystem. We've covered it for years. I mean we've been to every VM world now called explorer. You guys have a huge customer base with VMware customers. What's the, what's the outlook? >>Yeah, and, and I think the important part is that a big part of the enterprise workloads are running on VMware and they will continue to run on VMware in, in, in the future. And most of them will try to run in a hybrid mode if not moving completely to the cloud. The cloud give them unparallel scale, it give them DR and backup opportunities. It does a lot of goodness to that. The partnership that NetApp brings with both VMware as well ass as well as other cloud vendors is actually a game changer. Because the minute that you go to the cloud, things like DR and backup have a different economics connected to them. Suddenly you can do compute less dr definitely on backup you can actually achieve massive savings. NetApp is the only data store that is certified to run with VMware cloud. And that actually opens to the customer's huge opportunity for unparalleled data protection as well as real, real savings, hard savings. And customers that look today and they say, I'm gonna shrink my data center, I'm gonna focus on, on moving certain things to the cloud, DR and backup and especially DR and backup VMware might be one of the easiest, fastest things to take into the cloud. And the partnership betweens VMware and NetApp might actually give you >>And the ONAP is great solution. Fsx there? Yes. I think you guys got a real advantage here and I want to get into something that's kind of a gloom and doom. I don't have to go negative on this one, Savannah, but they me nervous John. But you know, if you look at the economic realities you got a lot of companies like that are in the back of a Druva, Netta, Druva, cohesive rub. Others, you know, they, you know, there's a, their generational cloud who breaks through. What's the unique thing? Because you know there's gonna be challenges in the economy and customers are gonna vote with their wallets and they start to see as they make these architectural decisions, you guys are in the middle of it. There's not, there may not be enough to go around and the musical chairs might stop or, or not, I'm not sure. But I feel like if there's gonna be a consolidation, what does that look like? What are customers thinking? Backup recovery, cloud. That's a unique thing. You mentioned economics, it's not, you can't take the old strategy and put it there from five, 10 years ago. What's different now? >>Yeah, I think when it comes to data protection, there is a real change in, in the technology landscape that opened the door for a lot of new vendors to come and offer. Should we expect consolidation? I think microeconomic outside and other things will probably drive some of that to happen. I think there is one more parameter, John, that I wanna mention in this context, which is simplicity. Many of the storage vendors, including us, including aws, you wanna make as much of the backup NDR at basically a simple checkbox that you choose together with your main workload. This is another key capabilities that is, that is being, bringing and changing the market, >>But it also needs to move up. So it's not only simplicity, it's also about moving to the applications that you use, use, and just having it baked in. It's not about you going out and finding a replication. It's like what Ronan said, we gotta make it simple and then we gotta bake it into what they use. So one of our most recent acquisitions of Insta Cluster allows us to provide our customers with open source databases and data streaming services. When those sit on top of on tap and they sit on top of spots, infrastructure optimization, you get all that for free through the database that you use. So you don't worry about it. Your database is replicated, it's highly available, and it's running at the best cost. That's where it's going. >>Awesome. >>You also recently purchased Cloud Checker as well. Yes. Do you just purchase wonderful things all the time? We >>Do. We do. We, >>I'm not >>The, if he walk and act around and then we find the best thing and then we, we break out the checkbook, no, but more seriously, it, it rounds out what customers need for the cloud. So a lot of our customers come from storage, but they need to operate the entire cloud around the storage that they have. Cloud Checker gives us that financial visibility across every single dollar that you spend in the cloud and also gives us a better go to market motion with our MSPs and our distributors than we had in the past. So we're really excited about what cloud checker can unlock for us in >>The future. Makes a lot of sense and congratulations on all the extremely exciting things going on. Our final and closing question for our guests on this year's show is we would love your, your Instagram hot take your 32nd hot take on the most important stories, messages, themes of AWS reinvent 2022. Ronan, I'm gonna start with you cause you have a smirk >>And you do it one day ahead of the keynotes, one day ahead with you. >>You can give us a little tease a little from you. >>I think that pandemic or no pandemic face to face or no face to face, the innovation in the cloud is, is actually breaking all records. And I think this year specifically, you will see a lot of focus on data and scale. I think that's, these are two amazing things that you'll see, I think doubling down. But I'm also anxious to see tomorrow, so I'll learn more about it. >>All right. We might have to chat with you a little bit after tomorrow. Is keynotes and whatnot coming up? What >>About you? I think you're gonna hear a lot about cost. How much are you spending? How far are your dollars going? How are you using the cloud to the best of your abilities? How, how efficient are you being with your dollars in the cloud? I think that's gonna be a huge topic. It's on everybody's mind. It's the macro economics situation right now. I think it's gonna be in every session of the keynote tomorrow. All >>Right, so every >>Session. Every session, >>A bulk thing. John, we're gonna have >>That. >>I'm with him. You know, all S in general, you >>Guys have, and go look up what I said. >>Yeah, >>We'll go back and look at, >>I'm gonna check on you >>On that. The record now states. There you go, Kevin. Thank both. Put it down so much. We hope that it's a stellar show for Spotify, my NetApp. Thank you. And that we have you 10 more times and more than just this once and yeah, I, I can't wait to see, well, I can't wait to hear when your predictions are accurate tomorrow and we get to learn a lot more. >>No, you gotta go to all the sessions down just to check his >>Math on that. Yeah, no, exactly. Now we have to do our homework just to call him out. Not that we're competitive or those types of people at all. John. No. On that note, thank you both for being here with us. John, thank you so much. Thank you all for tuning in from home. We are live from Las Vegas, Nevada here at AWS Reinvent with John Furrier. My name is Savannah Peterson. You're watching the Cube, the leader in high tech coverage.

>> From theCUBE Studios in Palo Alto and Boston, bringing you data-driven insights from theCUBE and ETR, this is Breaking Analysis with Dave Vellante. >> This past week we saw two of the Big 3 cloud providers present the latest update on their respective cloud visions, their business progress, their announcements and innovations. The content at these events had many overlapping themes, including modern cloud infrastructure at global scale, applying advanced machine intelligence, AKA AI, end-to-end data platforms, collaboration software. They talked a lot about the future of work automation. And they gave us a little taste, each company of the Metaverse Web 3.0 and much more. Despite these striking similarities, the differences between these two cloud platforms and that of AWS remains significant. With Microsoft leveraging its massive application software footprint to dominate virtually all markets and Google doing everything in its power to keep up with the frenetic pace of today's cloud innovation, which was set into motion a decade and a half ago by AWS. Hello and welcome to this week's Wikibon CUBE Insights, powered by ETR. In this Breaking Analysis, we unpack the immense amount of content presented by the CEOs of Microsoft and Google Cloud at Microsoft Ignite and Google Cloud Next. We'll also quantify with ETR survey data the relative position of these two cloud giants in four key sectors: cloud IaaS, BI analytics, data platforms and collaboration software. Now one thing was clear this past week, hybrid events are the thing. Google Cloud Next took place live over a 24-hour period in six cities around the world, with the main gathering in New York City. Microsoft Ignite, which normally is attended by 30,000 people, had a smaller event in Seattle, in person with a virtual audience around the world. AWS re:Invent, of course, is much different. Yes, there's a virtual component at re:Invent, but it's all about a big live audience gathering the week after Thanksgiving, in the first week of December in Las Vegas. Regardless, Satya Nadella keynote address was prerecorded. It was highly produced and substantive. It was visionary, energetic with a strong message that Azure was a platform to allow customers to build their digital businesses. Doing more with less, which was a key theme of his. Nadella covered a lot of ground, starting with infrastructure from the compute, highlighting a collaboration with Arm-based, Ampere processors. New block storage, 60 regions, 175,000 miles of fiber cables around the world. He presented a meaningful multi-cloud message with Azure Arc to support on-prem and edge workloads, as well as of course the public cloud. And talked about confidential computing at the infrastructure level, a theme we hear from all cloud vendors. He then went deeper into the end-to-end data platform that Microsoft is building from the core data stores to analytics, to governance and the myriad tooling Microsoft offers. AI was next with a big focus on automation, AI, training models. He showed demos of machines coding and fixing code and machines automatically creating designs for creative workers and how Power Automate, Microsoft's RPA tooling, would combine with Microsoft Syntex to understand documents and provide standard ways for organizations to communicate with those documents. There was of course a big focus on Azure as developer cloud platform with GitHub Copilot as a linchpin using AI to assist coders in low-code and no-code innovations that are coming down the pipe. And another giant theme was a workforce transformation and how Microsoft is using its heritage and collaboration and productivity software to move beyond what Nadella called productivity paranoia, i.e., are remote workers doing their jobs? In a world where collaboration is built into intelligent workflows, and he even showed a glimpse of the future with AI-powered avatars and partnerships with Meta and Cisco with Teams of all firms. And finally, security with a bevy of tools from identity, endpoint, governance, et cetera, stressing a suite of tools from a single provider, i.e., Microsoft. So a couple points here. One, Microsoft is following in the footsteps of AWS with silicon advancements and didn't really emphasize that trend much except for the Ampere announcement. But it's building out cloud infrastructure at a massive scale, there is no debate about that. Its plan on data is to try and provide a somewhat more abstracted and simplified solutions, which differs a little bit from AWS's approach of the right database tool, for example, for the right job. Microsoft's automation play appears to provide simple individual productivity tools, kind of a ground up approach and make it really easy for users to drive these bottoms up initiatives. We heard from UiPath that forward five last month, a little bit of a different approach of horizontal automation, end-to-end across platforms. So quite a different play there. Microsoft's angle on workforce transformation is visionary and will continue to solidify in our view its dominant position with Teams and Microsoft 365, and it will drive cloud infrastructure consumption by default. On security as well as a cloud player, it has to have world-class security, and Azure does. There's not a lot of debate about that, but the knock on Microsoft is Patch Tuesday becomes Hack Wednesday because Microsoft releases so many patches, it's got so much Swiss cheese in its legacy estate and patching frequently, it becomes a roadmap and a trigger for hackers. Hey, patch Tuesday, these are all the exploits that you can go after so you can act before the patches are implemented. And so it's really become a problem for users. As well Microsoft is competing with many of the best-of-breed platforms like CrowdStrike and Okta, which have market momentum and appear to be more attractive horizontal plays for customers outside of just the Microsoft cloud. But again, it's Microsoft. They make it easy and very inexpensive to adopt. Now, despite the outstanding presentation by Satya Nadella, there are a couple of statements that should raise eyebrows. Here are two of them. First, as he said, Azure is the only cloud that supports all organizations and all workloads from enterprises to startups, to highly regulated industries. I had a conversation with Sarbjeet Johal about this, to make sure I wasn't just missing something and we were both surprised, somewhat, by this claim. I mean most certainly AWS supports more certifications for example, and we would think it has a reasonable case to dispute that claim. And the other statement, Nadella made, Azure is the only cloud provider enabling highly regulated industries to bring their most sensitive applications to the cloud. Now, reasonable people can debate whether AWS is there yet, but very clearly Oracle and IBM would have something to say about that statement. Now maybe it's not just, would say, "Oh, they're not real clouds, you know, they're just going to hosting in the cloud if you will." But still, when it comes to mission-critical applications, you would think Oracle is really the the leader there. Oh, and Satya also mentioned the claim that the Edge browser, the Microsoft Edge browser, no questions asked, he said, is the best browser for business. And we could see some people having some questions about that. Like isn't Edge based on Chrome? Anyway, so we just had to question these statements and challenge Microsoft to defend them because to us it's a little bit of BS and makes one wonder what else in such as awesome keynote and it was awesome, it was hyperbole. Okay, moving on to Google Cloud Next. The keynote started with Sundar Pichai doing a virtual session, he was remote, stressing the importance of Google Cloud. He mentioned that Google Cloud from its Q2 earnings was on a $25-billion annual run rate. What he didn't mention is that it's also on a 3.6 billion annual operating loss run rate based on its first half performance. Just saying. And we'll dig into that issue a little bit more later in this episode. He also stressed that the investments that Google has made to support its core business and search, like its global network of 22 subsea cables to support things like, YouTube video, great performance obviously that we all rely on, those innovations there. Innovations in BigQuery to support its search business and its threat analysis that it's always had and its AI, it's always been an AI-first company, he's stressed, that they're all leveraged by the Google Cloud Platform, GCP. This is all true by the way. Google has absolutely awesome tech and the talk, as well as his talk, Pichai, but also Kurian's was forward thinking and laid out a vision of the future. But it didn't address in our view, and I talked to Sarbjeet Johal about this as well, today's challenges to the degree that Microsoft did and we expect AWS will at re:Invent this year, it was more out there, more forward thinking, what's possible in the future, somewhat less about today's problem, so I think it's resonates less with today's enterprise players. Thomas Kurian then took over from Sundar Pichai and did a really good job of highlighting customers, and I think he has to, right? He has to say, "Look, we are in this game. We have customers, 9 out of the top 10 media firms use Google Cloud. 8 out of the top 10 manufacturers. 9 out of the top 10 retailers. Same for telecom, same for healthcare. 8 out of the top 10 retail banks." He and Sundar specifically referenced a number of companies, customers, including Avery Dennison, Groupe Renault, H&M, John Hopkins, Prudential, Minna Bank out of Japan, ANZ bank and many, many others during the session. So you know, they had some proof points and you got to give 'em props for that. Now like Microsoft, Google talked about infrastructure, they referenced training processors and regions and compute optionality and storage and how new workloads were emerging, particularly data-driven workloads in AI that required new infrastructure. He explicitly highlighted partnerships within Nvidia and Intel. I didn't see anything on Arm, which somewhat surprised me 'cause I believe Google's working on that or at least has come following in AWS's suit if you will, but maybe that's why they're not mentioning it or maybe I got to do more research there, but let's park that for a minute. But again, as we've extensively discussed in Breaking Analysis in our view when it comes to compute, AWS via its Annapurna acquisition is well ahead of the pack in this area. Arm is making its way into the enterprise, but all three companies are heavily investing in infrastructure, which is great news for customers and the ecosystem. We'll come back to that. Data and AI go hand in hand, and there was no shortage of data talk. Google didn't mention Snowflake or Databricks specifically, but it did mention, by the way, it mentioned Mongo a couple of times, but it did mention Google's, quote, Open Data cloud. Now maybe Google has used that term before, but Snowflake has been marketing the data cloud concept for a couple of years now. So that struck as a shot across the bow to one of its partners and obviously competitor, Snowflake. At BigQuery is a main centerpiece of Google's data strategy. Kurian talked about how they can take any data from any source in any format from any cloud provider with BigQuery Omni and aggregate and understand it. And with the support of Apache Iceberg and Delta and Hudi coming in the future and its open Data Cloud Alliance, they talked a lot about that. So without specifically mentioning Snowflake or Databricks, Kurian co-opted a lot of messaging from these two players, such as life and tech. Kurian also talked about Google Workspace and how it's now at 8 million users up from 6 million just two years ago. There's a lot of discussion on developer optionality and several details on tools supported and the open mantra of Google. And finally on security, Google brought out Kevin Mandian, he's a CUBE alum, extremely impressive individual who's CEO of Mandiant, a leading security service provider and consultancy that Google recently acquired for around 5.3 billion. They talked about moving from a shared responsibility model to a shared fate model, which is again, it's kind of a shot across AWS's bow, kind of shared responsibility model. It's unclear that Google will pay the same penalty if a customer doesn't live up to its portion of the shared responsibility, but we can probably assume that the customer is still going to bear the brunt of the pain, nonetheless. Mandiant is really interesting because it's a services play and Google has stated that it is not a services company, it's going to give partners in the channel plenty of room to play. So we'll see what it does with Mandiant. But Mandiant is a very strong enterprise capability and in the single most important area security. So interesting acquisition by Google. Now as well, unlike Microsoft, Google is not competing with security leaders like Okta and CrowdStrike. Rather, it's partnering aggressively with those firms and prominently putting them forth. All right. Let's get into the ETR survey data and see how Microsoft and Google are positioned in four key markets that we've mentioned before, IaaS, BI analytics, database data platforms and collaboration software. First, let's look at the IaaS cloud. ETR is just about to release its October survey, so I cannot share the that data yet. I can only show July data, but we're going to give you some directional hints throughout this conversation. This chart shows net score or spending momentum on the vertical axis and overlap or presence in the data, i.e., how pervasive the platform is. That's on the horizontal axis. And we've inserted the Wikibon estimates of IaaS revenue for the companies, the Big 3. Actually the Big 4, we included Alibaba. So a couple of points in this somewhat busy data chart. First, Microsoft and AWS as always are dominant on both axes. The red dotted line there at 40% on the vertical axis. That represents a highly elevated spending velocity and all of the Big 3 are above the line. Now at the same time, GCP is well behind the two leaders on the horizontal axis and you can see that in the table insert as well in our revenue estimates. Now why is Azure bigger in the ETR survey when AWS is larger according to the Wikibon revenue estimates? And the answer is because Microsoft with products like 365 and Teams will often be considered by respondents in the survey as cloud by customers, so they fit into that ETR category. But in the insert data we're stripping out applications and SaaS from Microsoft and Google and we're only isolating on IaaS. The other point is when you take a look at the early October returns, you see downward pressure as signified by those dotted arrows on every name. The only exception was Dell, or Dell and IBM, which showing slightly improved momentum. So the survey data generally confirms what we know that AWS and Azure have a massive lead and strong momentum in the marketplace. But the real story is below the line. Unlike Google Cloud, which is on pace to lose well over 3 billion on an operating basis this year, AWS's operating profit is around $20 billion annually. Microsoft's Intelligent Cloud generated more than $30 billion in operating income last fiscal year. Let that sink in for a moment. Now again, that's not to say Google doesn't have traction, it does and Kurian gave some nice proof points and customer examples in his keynote presentation, but the data underscores the lead that Microsoft and AWS have on Google in cloud. And here's a breakdown of ETR's proprietary net score methodology, that vertical axis that we showed you in the previous chart. It asks customers, are you adopting the platform new? That's that lime green. Are you spending 6% or more? That's the forest green. Is you're spending flat? That's the gray. Is you're spending down 6% or worse? That's the pinkest color. Or are you replacing the platform, defecting? That's the bright red. You subtract the reds from the greens and you get a net score. Now one caveat here, which actually is really favorable from Microsoft, the Microsoft data that we're showing here is across the entire Microsoft portfolio. The other point is, this is July data, we'll have an update for you once ETR releases its October results. But we're talking about meaningful samples here, the ends. 620 for AWS over a thousand from Microsoft in more than 450 respondents in the survey for Google. So the real tell is replacements, that bright red. There is virtually no churn for AWS and Microsoft, but Google's churn is 5x, those two in the survey. Now 5% churn is not high, but you'd like to see three things for Google given it's smaller size. One is less churn, two is much, much higher adoption rates in the lime green. Three is a higher percentage of those spending more, the forest green. And four is a lower percentage of those spending less. And none of these conditions really applies here for Google. GCP is still not growing fast enough in our opinion, and doesn't have nearly the traction of the two leaders and that shows up in the survey data. All right, let's look at the next sector, BI analytics. Here we have that same XY dimension. Again, Microsoft dominating the picture. AWS very strong also in both axes. Tableau, very popular and respectable of course acquired by Salesforce on the vertical axis, still looking pretty good there. And again on the horizontal axis, big presence there for Tableau. And Google with Looker and its other platforms is also respectable, but it again, has some work to do. Now notice Streamlit, that's a recent Snowflake acquisition. It's strong in the vertical axis and because of Snowflake's go-to-market (indistinct), it's likely going to move to the right overtime. Grafana is also prominent in the Y axis, but a glimpse at the most recent survey data shows them slightly declining while Looker actually improves a bit. As does Cloudera, which we'll move up slightly. Again, Microsoft just blows you away, doesn't it? All right, now let's get into database and data platform. Same X Y dimensions, but now database and data warehouse. Snowflake as usual takes the top spot on the vertical axis and it is actually keeps moving to the right as well with again, Microsoft and AWS is dominant in the market, as is Oracle on the X axis, albeit it's got less spending velocity, but of course it's the database king. Google is well behind on the X axis but solidly above the 40% line on the vertical axis. Note that virtually all platforms will see pressure in the next survey due to the macro environment. Microsoft might even dip below the 40% line for the first time in a while. Lastly, let's look at the collaboration and productivity software market. This is such an important area for both Microsoft and Google. And just look at Microsoft with 365 and Teams up into the right. I mean just so impressive in ubiquitous. And we've highlighted Google. It's in the pack. It certainly is a nice base with 174 N, which I can tell you that N will rise in the next survey, which is an indication that more people are adopting. But given the investment and the tech behind it and all the AI and Google's resources, you'd really like to see Google in this space above the 40% line, given the importance of this market, of this collaboration area to Google's success and the degree to which they emphasize it in their pitch. And look, this brings up something that we've talked about before on Breaking Analysis. Google doesn't have a tech problem. This is a go-to-market and marketing challenge that Google faces and it's up against two go-to-market champs and Microsoft and AWS. And Google doesn't have the enterprise sales culture. It's trying, it's making progress, but it's like that racehorse that has all the potential in the world, but it's just missing some kind of key ingredient to put it over at the top. It's always coming in third, (chuckles) but we're watching and Google's obviously, making some investments as we shared with earlier. All right. Some final thoughts on what we learned this week and in this research: customers and partners should be thrilled that both Microsoft and Google along with AWS are spending so much money on innovation and building out global platforms. This is a gift to the industry and we should be thankful frankly because it's good for business, it's good for competitiveness and future innovation as a platform that can be built upon. Now we didn't talk much about multi-cloud, we haven't even mentioned supercloud, but both Microsoft and Google have a story that resonates with customers in cross cloud capabilities, unlike AWS at this time. But we never say never when it comes to AWS. They sometimes and oftentimes surprise you. One of the other things that Sarbjeet Johal and John Furrier and I have discussed is that each of the Big 3 is positioning to their respective strengths. AWS is the best IaaS. Microsoft is building out the kind of, quote, we-make-it-easy-for-you cloud, and Google is trying to be the open data cloud with its open-source chops and excellent tech. And that puts added pressure on Snowflake, doesn't it? You know, Thomas Kurian made some comments according to CRN, something to the effect that, we are the only company that can do the data cloud thing across clouds, which again, if I'm being honest is not really accurate. Now I haven't clarified these statements with Google and often things get misquoted, but there's little question that, as AWS has done in the past with Redshift, Google is taking a page out of Snowflake, Databricks as well. A big difference in the Big 3 is that AWS doesn't have this big emphasis on the up-the-stack collaboration software that both Microsoft and Google have, and that for Microsoft and Google will drive captive IaaS consumption. AWS obviously does some of that in database, a lot of that in database, but ISVs that compete with Microsoft and Google should have a greater affinity, one would think, to AWS for competitive reasons. and the same thing could be said in security, we would think because, as I mentioned before, Microsoft competes very directly with CrowdStrike and Okta and others. One of the big thing that Sarbjeet mentioned that I want to call out here, I'd love to have your opinion. AWS specifically, but also Microsoft with Azure have successfully created what Sarbjeet calls brand distance. AWS from the Amazon Retail, and even though AWS all the time talks about Amazon X and Amazon Y is in their product portfolio, but you don't really consider it part of the retail organization 'cause it's not. Azure, same thing, has created its own identity. And it seems that Google still struggles to do that. It's still very highly linked to the sort of core of Google. Now, maybe that's by design, but for enterprise customers, there's still some potential confusion with Google, what's its intentions? How long will they continue to lose money and invest? Are they going to pull the plug like they do on so many other tools? So you know, maybe some rethinking of the marketing there and the positioning. Now we didn't talk much about ecosystem, but it's vital for any cloud player, and Google again has some work to do relative to the leaders. Which brings us to supercloud. The ecosystem and end customers are now in a position this decade to digitally transform. And we're talking here about building out their own clouds, not by putting in and building data centers and installing racks of servers and storage devices, no. Rather to build value on top of the hyperscaler gift that has been presented. And that is a mega trend that we're watching closely in theCUBE community. While there's debate about the supercloud name and so forth, there little question in our minds that the next decade of cloud will not be like the last. All right, we're going to leave it there today. Many thanks to Sarbjeet Johal, and my business partner, John Furrier, for their input to today's episode. Thanks to Alex Myerson who's on production and manages the podcast and Ken Schiffman as well. Kristen Martin and Cheryl Knight helped get the word out on social media and in our newsletters. And Rob Hof is our editor in chief over at SiliconANGLE, who does some wonderful editing. And check out SiliconANGLE, a lot of coverage on Google Cloud Next and Microsoft Ignite. Remember, all these episodes are available as podcast wherever you listen. Just search Breaking Analysis podcast. I publish each week on wikibon.com and siliconangle.com. And you can always get in touch with me via email, david.vellante@siliconangle.com or you can DM me at dvellante or comment on my LinkedIn posts. And please do check out etr.ai, the best survey data in the enterprise tech business. This is Dave Vellante for the CUBE Insights, powered by ETR. Thanks for watching and we'll see you next time on Breaking Analysis. (gentle music)

>>The Cube presents UI Path Forward five. Brought to you by UI Path. >>Hi everybody. We're winding down. Day two, a forward five UI Path customer conference. This is the fourth time the Cube has been at a forward. Dave Nicholson, Dave Ante. Maureen Fleming is here. This is a program Vice President idc. She's got the data fresh survey data. We'd love to have the analyst on. And Kevin CRO is back on the cube. He's a partner for intelligent automation and digital. Upscaling is the operative word. Kevin, good to see you again, pwc. Good to see you. Thanks for coming on you guys. Yep. All right. We, we love idc. We love the data. You guys are all about it. So you've just completed a recent study. Tell us all about it. Who'd you survey? What was the objective? What'd you learn? >>Yeah, what we wanted to do was try to learn more about people who are adopting robotic process automation. So mainly large, you know, larger to midsize, enter midsize, large enterprises. And we wanted to figure out how many of them had a citizen developer program. And then we wanted to compare the difference between people who do not have that program and people who do, and what the difference is in terms of how, what kind of reach they have inside the enterprise, and also the different ways that, that they valued it. So the difference, so we asked the same questions of the, of these people without them knowing that we were actually looking for a citizen developer. And then we compared the results of that to see is it more valuable to have citizen developer and enterprise, or is it more valuable to have enterprise only? So what was the impact >>Global survey? >>It was North America. >>North America. Was it, was it we any kind of slice and dice in terms of industry or targets or you, >>We, we kept it across industry, cross industry. We're finding that RPA is adopting cross >>Industry way. Was it, was it UI path specific or more Any tech, Any automation, >>Any rpa. >>Okay. And top two or three findings. >>So one thing was, first off, the rapid growth rate in citizen, citizen developer programs grew 47% over a two year period. And so now for people who've adopted rpa, it's the majority there. They're, you know, it's a pervasive trend to >>See you're taking over, >>You know, right now the conclusion from that, and some other studies that I did that have similar conclusions is that we have to start learning to live with this idea that business users can learn how to develop. They are developing their driving value. And so now we just need to figure out how to build these sorts of programs accurately. And the other, the really key finding of it was that, that there was much more significant reach for people that were doing citizen developer plus enterprise automation, more reach, more processes touched, more employees impacted by it. And then on top of it, the, they rated the value, the people who had the combination rated the programs at a higher value across different measures. So effectively the, the combination is working out better than standalone top down automation. >>So Kevin, from what, what's your takeaway here? What does this mean to you and your customers? >>So I guess a, a couple things and just anecdotally, you know, building on what Marine found in the, in the survey, the concept of citizen development is a real concept and it's something that organizations are applying and trying to figure out how to apply at scale. The reason why they're doing it is twofold. One, early automation efforts struggled to get scale and they struggled to deliver value from a scale perspective. There were two major problems. The ability to identify the right opportunities and the ability to tackle a wide range of, from the little to the very large, often teams focus on the very large, but don't focus on the little, the little is important. The second part is thinking about how you create a better culture of innovation and actually drive identifying opportunities for the, the more, I'll call it technology professionals to focus on. And so, you know, there's been, you know, based on that big drive to say, okay, not how do we replace automation professionals with business users, you know, the random accountant, the random operations analyst. It's more around how do you actually engage them in innovation. And that in, in that engagement may involve actual hands on building of bots and technologies like UiPath or it might just involve generating ideas to get further engaged. >>So 47% growth. What's the catalyst for that kind of growth? Where's that come from? >>I scarcity? So, well there are a couple things. One is, you know, we all know about developer scarcity and it's strive to automate. You know, if you have an automation strategy in place, you wanna do this quickly and aggressively. But if you've got a shortage of, of people, you know, developers don't have enough, they're turning over. Then you go to, you go and figure out, well this is low code. And so why can't we train our business users who are the subject matter experts to do automation for themselves or their teams? So sort of think about this as the long tail, the things that that top down like enterprise, I think UiPath is calling it enterprise automation versus people automation. So, you know, so there's just different things that they work on as well. And there's also, you know, fearlessness on the part of a lot of people on the business side, they're not afraid of technology, they're not afraid of getting trained. >>And the other piece to me that made, like, I've covered this topic for a long time, and what I found originally when people started talking about citizen developers is that they, they were calling me and having inquiry about why these programs were failing. And when we would decompose the failure was because the ma their managers didn't give them any, they didn't put 'em in trading but wouldn't get, give 'em time to develop. And so they just could not, you know, they just were running into problems. And so with things that, things like PWC and what they're doing, they're sort of saying, here's the, here are the features of a program that matter, including being given time to develop and do that as part of your job. So >>Maureen, is there a minimum level size of organization that you find taking advantage of this? I mean, you know, where's the sweet spot for the value delivered from this kind of automation? >>Do you have an idea? Right. So we, we tended in some of the surveys, we tended to do like thousand employees up. So we were screening for that. But I also met with the, our, our analysts who covered smb, small midsize. She said that they've had that for a long time because they don't have these clear distinctions between IT and business. So then the question is, who are adopters of rpa, for example? And you know that that's still a little bit at, at, you know, the enterprise level, but, but citizen developer at it, it, it is SB is just a given concept. So, >>But is it, is there, is there an economy of scale that kicks in at a certain point? Have we been able to figure that out? I'm thinking of, I'm thinking of business process automation being such a competitive advantage that there becomes almost a divide because of smaller organization. Yes, they could go out and they can buy, they have access to the same software packages, but you have to build all of those processes. Yes. You have to develop those processes over time. So is there any sense for a divide possibly happening or what the, >>It's a really good question because they, you know, in a way people have to understand what a business process is, you know, and they need to understand what the technology can do. And so from that perspective, people who have thought leaders inside their organization and maybe have a chance to get out and look at broader topics might be more inclined to try this out and also identify directly as a problem. SMB also tends to try to buy package solutions. And you see larger enterprises say, well, you know, what we do is unique and so we should just sort of use horizontal technology and apply it at will where it's needed. And so for me that's kind of why we organize toward higher, you know, higher si, larger sizes. As it gets simplified, it's gonna go down into the SMB market though. >>So Kevin, when it comes to you guys, your client engagements, upscaling keeps, keep coming back to that word low code. Is it fundamental component of upscaling? Is it, is it, I don't say synonymous, but is it a prerequisite to have low code capabilities to scale? >>You know, from our perspective, I think the two biggest challenges with making this work, one is learning and development. How do you actually teach the skills in a way that allows people to apply them very quickly and give them the time to actually function right to the finding about managers not necessarily being supportive. And so you have to figure out, you know, what, you know, how do you actually create that right environment and give people the right tools? It's an area that we invested really heavily in from the PWC side with the, with the launch of our pro edge platform and really thinking about how to solve that. But then the problem that you're ultimately getting at once you solve the people equation is how do you get scale and how do you move quicker? And so the, you know, the, the, the, the biggest challenge is not should you let a, a business user build a bot. It's, you know, how do we actually build many bots, generate many ideas for the professional developers and actually create an ecosystem to move faster. Every client that we work with, it's all about, you know, how we're not moving fast enough. A COE cannot, you know, by itself automate an entire organization. And so, you know, the, you know, the, the this theme of scale really becomes, you know, the critical aspect of this >>Is the former other words, the the teaching and individual how to build a bot. Is that trivial or, or is that really not the big gate is what you're saying? It's, >>We don't think it's a big gate. I think the, you know, to the original question, I think the, the, the low code space is a ripe spot for this, you know, upskilling construct because you're not, you're not, you're, you're gauging with employees who don't have an undergraduate degree in computer science who are not IT professionals. And so giving someone, you know, a book on job and saying, go build an application's, probably not gonna be very productive. But with, with tools in the, in the low code space, be it RPA or be it other forms of lower code technology, you get people opportunity where they need to learn some technical concepts. You need to understand how the technology works and how basic programming techniques work, but you don't need to understand everything. And again, going back to the, the simple versus the complex, the goal here is not to turn people into professional developers. The goal is to get them engaged and, and create, you know, make them part of that company's digital transformation. >>But from what you just described, that's, to me it's basic logic skills. I mean you don't have to be, like I say, a assembly language programmer. Yeah. But you gotta understand and you gotta know the business process, right? I mean you have to be a domain expert. Yeah. >>But that, but that's the, that's the biggest advantage of this. You're engaging the people closest to the business process, right? You look at how most big IT projects failed was the same reason a lot of early automation efforts failed. You're creating, you know, a function that essentially lives in an ivory tower that's focused on, you know, where can I go out and find opportunities and automate. But you're not, those aren't the people that run the process day to day. Yeah, okay. You, you put it, you make those people that run the process day to day accountable, you're gonna get a different outcome >>And they'll lean in and get excited. Exactly. >>So where, where, where is that transition? I know it's easy to say, oh, you know, it's logic and people can do it, but what about having a bot whisperer in your, in your organization who's who, who literally says, you know, Maureen, I'm gonna come and sit with you on Friday and you're going to explain your frustrations to me and I'm gonna sit right next to you and I'm gonna code this bot for you and we're gonna test it and you're gonna tell me if it does what you want it to do. And Maureen doesn't need to understand how to move the widgets around and do anything. >>It's, you know, it's a great question cuz I think it's changing the nature of how you accelerate these efforts, right? I think you know, the, and if I go into early RPA days, the initial kind of thought process was let's just get a factory in here and build as many bots as possible. A lot of our client engagement today isn't always around our bot development services. It's around can you bring in coaches? Can you hold office hours? Exactly. We have an office hour construct, which I've never really had in my consulting career where we put, you know, I mean this obviously post covid when when people are in their offices, we put someone in a room and people can come by and get help. And I think having that, that coaching and mentoring construct is very helpful. What we've also seen, and I think it's a really critical success factor for clients to make this work, is thinking about how they pick a subset of their population and making them, you know, digital accelerators, digital champions, pick your word, not it professionals, peers who will actually get realtime dedicated. Right. And maybe a full time or a halftime job where that's exactly what they do. >>Maureen, we're out of time, but my last question for you is, when you do a survey like this, you know you have open ended sometimes and you analyze a survey, you take a bath in the data, write it up. There's always something that you wish you'd asked, which is great cuz then you could do it on the next one. What, was there anything in there that you wish you'd asked that you're gonna ask in the next one? Are you gonna explore in the next survey? >>Yeah. One of the things that I asked, one thing that I was glad I asked was, I, I, we, we spent time finding what were considered business side product champions or RPA champions and then we ask 'em what they did, how often they did, how much time they spent. But what I want, what I really, really wanna ask of my next survey, and I will, I've got a planned, is to find out how, how what percentage of population is involved with, with big a citizen developer and what activities are common and what are less common and you know, what their challenges are. So we'll be looking at a different kind of audience with this next >>Survey. Well, we'd love to have you back to talk about that. Just invite, Thank you very much. Come queue. Really appreciate it Kevin. Good to see you again. >>Good to see you. >>All right. And thank you for watching. Keep it right there. Dave Nicholson and Dave Ante. We're here wrapping up day two of UI path forward. Five live from the Venetian, all Las Vegas. Super right back.

>>We're back with the cube at Falcon 2022, Dave ante and Dave Nicholson. We're at the aria. We do of course, a lot of events in Las Vegas. It's the, it's the place to do events. Dave, I think is my sixth or seventh time here this year. At least. I don't know. I lose track. Jeff Swain is here. He's the vice president of global programs store and tech alliances at CrowdStrike. Jeff. Good to see you again. We saw each other at reinvent in July in Boston. >>Yes. Yeah, it was great to see you again, Dave, thank >>Very much. And we talked about making this happen so thrilled to be here at, at, at CrowdStrike Falcon. We're gonna talk today about the CrowdStrike XDR Alliance partners. First of all, what's XDR >>Well, I hope you were paying attention to George's George's keynote this morning. I guess. You know, the one thing we know is that if you ask 10, five people, what XDR is you'll get 10 answers. >>I like this answer a holistic approach to endpoint security. I, that was, >>It was good. Simple. >>That was a good one at black hat. So, but tell us about the XDR Alliance partners program. Give us the update there. >>Yeah, so I mean, we spoke about it reinforced, you know, the XDR program is really predicated on having a robust ecosystem of partners to help us share that telemetry across all of the different parts of our customers' environment. So we've done a lot of work over the last few weeks and trying to bolster that environment specifically, putting a lot of focus on firewall. You'll see that Cisco and fortunate have both joined the XD XDR Alliance. So we're working on that right now. A lot of customer demand for firewall data into the telemetry set. You know, obviously it's a very rich data environment. There's a lot of logs on firewalls. And so it drives a lot of, of, of information that we can, we can leverage. So we're continuing to grow that. And what we're doing is building out different content packs that support different use cases. So firewall is one CAS B is another emails another and we're building, building out the, the partner set right across the board. So it's, it's, it's been a, a great set of >>Activity. So it's it's partners that have data. Yep. There's probably some, you know, Joe Tuchi year old boss used to say that that overlap is better than gaps. So there's sometimes there's competition, but that's from a customer standpoint, overlap is, is better than gaps. So as gonna mention Cisco forte and there are a number of others, they've got data. Yes. And they're gonna pump it into your system, our platform, and you've got the, your platform. You've got the ability to ingest. You've got the cloud native architecture, you've got the analytics and you've got the near real time analysis capability. Right, right. >>Augmented by people as well, which is a really important part of our value proposition. You know, we, it's not just relying purely on AI, but we have a human, a human aspect to it as well to make sure we're getting extremely accurate responses. And then there's the final phase is the response phase. So being able to take action on a CASB, for example, when we have a known bad actor operating in the cloud is a really important, easy action for our customer to take. That's highly valuable. You're >>Talking about your threat hunting capability, right? >>So it's threat hunting and our Intel capability as well. We use all of that information as well as the telemetry to make sure we're making good, actionable >>Decisions, Intel being machine intelligence or, or human and machine >>Human and human and machine intelligence that we have. We have a whole business that's out there gathering Intel. I believe you think to Adam Myers who runs that business. And you know, that Intel is critical to making good decisions for our customers. >>So the X and XDR is extended, correct. Extending to things like firewalls. That's pretty obvious in the security space. Are there some less obvious data sources that you look to extend to at some point? >>Yeah, I think we're gonna continually go with where the customer demand is. And firewalls is one of the first and is very significant. Other one, you'll see that we're announcing support for Microsoft 365 as well as part of this, this announcement, but then we'll still grow out into the other areas. NDR is, you know, a specific area where we've already got a number of partners in that, in that space. And, and we'll grow that as we go. I think one of the really exciting additional elements is the, the OCS F announcement that we made at at, at, at, at reinforced, which also is a shared data scheme across a number of vendors as well. So talking to Mike's point, Microsoft ST's point this morning in his keynote, it's really about the industry getting together to do better job for our customers. And XDR is the platform to do that. And crowd strikes it way of doing it is the only really true, visible way for a customer to get their hands on all that information, make the decision, see the good from the bad and take the action. So I feel like we're really well placed to help our customers in >>That space. Well, Kevin mania referenced this too today, basically saying the industry's doing a better job of collaborations. I mean, sometimes I'm skeptical because we've certainly seen people try to, you know, commercialize private information, private reports. Yeah. But, but, but you're talking about, you know, some of your quasi competitors cooperatives, you know, actually partnering with you now. So that's a, that's a good indicator. Yeah. I want to step back a little bit, talk about the macro, the big conversation on wall street. Everybody wants to talk about the macro of course, for obvious reasons, we just published our breaking analysis, talking about you guys potentially being a generational company and sort of digging into that a little bit. We've seen, you know, cyber investments hold up a little bit better, both in terms of customer spending and of course the stock market better than tech broadly. Yeah. So in that case it would, it would suggest that cyber investments are somewhat non-discretionary. So, but that is my question are cyber investments non-discretionary if, if so, how, >>You know, I think George George calls that out directly in our analyst reports as well that, you know, we believe that cyber is a non-discretionary spend, but I, I actually think it's more than that. I think in this current macro or economic environment where CIOs and CSOs are being asked to sweat their assets for significantly longer period of time, that actually creates vulnerabilities because they have older kit, that's running for a longer period that they normally, you know, round out or churn out of their environment. They're not getting the investment to replace those laptops. They're not getting the, I placement to replace those servers. We have to sweat them for a little bit longer, longer, which means they need to be on top of the security posture of those devices. So that means that we need the best possible telemetry that we can get to protect those in the best possible way. So I actually think not only is it makes it non-discretionary, it actually increases the, the business case for, for, for taking on a, a cyber project. >>And I buy that. I buy that the business case is better potentially for cyber business case. And cyber is about, about risk reduction, right? It's about, it's about reducing expected loss. I, I, I, I, but the same time CISOs don't have an open wallet. They have to compete with other P and L managers. I also think the advantage for CrowdStrike I'm, I'm getting deeper into the architecture and beginning to understand the power of a lightweight agent that can do handle. I think you're up to 22 modules now, correct? Yes. I've got questions on how you keep that lightweight, but, but nonetheless, if you can consolidate the point tools, which is, you know, one of the biggest challenges that, that SecOps teams face that strengthens the ROI as well. >>Absolutely. And if you look at what George was saying this morning in the keynote, the combination of being able to provide tools, not only to the SecOps team, but the it ops team as well, being able to give the it ops team visibility on how many assets they have. I mean, these simple, these are simple questions that we should be able to answer. But often when we ask, you know, an operations leader, can you answer it? It sometimes it's hard for them. We actually have a lot of that information. So we are able to bring that into the platform. We're able to show them, we're able to show them where the assets are, where the vulnerabilities are against those assets and help it ops do a better job as well as SecOps. So the, the strength, the case strengthens, as you said, the CSO can also be talking to the it ops budget. >>The edge is getting more real. We're certainly hearing a lot about it now we're seeing a lot more and you kind of got the, the near edge, like the home Depot and the lows, you know, stores. Yeah. Okay. That I, I can get a better handle on, okay. How do I secure that? I've got some standards, but that's the far edge. It's, it's the, the OT yes. Piece of it. That's sort of the brave new world. What are you seeing there? How do you protect those far flowing estates? >>I think this gets back to the question of what's what's new or what's coming and where do we see the, the next set of workloads that we have to tackle? You know, when we came along first instance, we were really doing a lot of the on-prem on-prem and, and, and known cloud infrastructure suites. Then we started really tackling the broader crowd market with tools and technology to give visibility and control of the overall cloud environment. OT represents that next big addressable market for us, because there are so many questions around devices where they are, how old they are, what they're running. So visibility into the OT network is extremely, extremely important. And, you know, the, the wall that has existed again between the CISO and the OT environments coming down, we're seeing that's closer, closer alignment between the security on both those worlds. So the announcement that we've made around extending our Falcon discover product, to be able to receive and understand device information from the OT network and bring it into the same console as the, the it and the OT in the same console to give one cohesive picture of, of visibility of all of our devices is a major step forward for our customers and for, for the industry as well. >>And we see that being, being able to get the visibility will then lead us to a place of being able to build our AI models, build our response frameworks. So then we can go to a full EDR and then beyond that, there's, you know, all the other things that CrowdStrike do so well, but this is the first step to really the first step on control is visibility. And >>The OT guys are engineers. So they're obviously conscious of this stuff. It's, it's more it's again, you're extending that culture, isn't >>It? Yeah, yeah, yeah. Now when you're looking at threats, great, you want to do things to protect against those threats, but how much, how much of CrowdStrike's time is spent thinking about the friction that's involved in transactions? If I wanna go to the grocery store, think of me as an end point. If I wanna go to the grocery store, if I had to drive through three DUI checkpoints or car safety inspections. Yeah. Every time I went to the grocery store, I wouldn't be happy as an end point as an end user in this whole thing. Ideally, we'd be able just to be authenticated and then not have to worry about anything moving forward. Do you see that as your role, reducing friction 1%, >>That's again, one of the core tenants of, of, of why George founded the company. I mean, he tells the story of sitting on an airplane and seeing an executive who was also on the airplane, trying to boot their machine up and try and get an email out before the plane took off and watching the scanning happen, you know, old school virus scanning happening on the laptop and, and that executive not making it because, and he is like in this day and age, how can we be holding people back with that much friction in their day to day life? So that's one of the, again, founding principles of what we do at CrowdStrike was the security itself needs to support business growth, support, user growth, and actually get out of the way of how people do things. And we've seen progression along that lines. I think the zero trust work that we're doing right now really helps with that as well. >>Our integrations into other companies that play within the zero trust space makes that frictionless experience for the user, because yeah, we, we, we want to be there. We want to know everything that's happening, but we don't wanna see where we always want control points, but that's the value of the telemetry we take. We're taking all the data so we can see everything. And then we pick what we want to review rather than having to do the, the checkpoint approach of stop here. Now, let me see your credentials. Stop here. Let me see your credentials because we have a full field of, of knowledge and information on what the device is doing and what the user is doing. We're able to then do the trust with verify style approach. >>So coming back to the, to the edge in IOT, you know, bringing that zero trust concept to the, to the edge you've got, you've got it. And OT. Okay. So that's a new constituency, but you're consolidating that view. Your job gets harder. Doesn't it? So, so, so talk about how you resolve that. Do do the, do the concepts that you apply to traditional it endpoints apply at the edge. >>So first things we have to do is gain the visibility. And, and so the way in which we're doing that is effectively drawing information out from the OT environment at, by, by having a collector that's sitting there and bringing that into our console, which then will give us the ability to run our AI models and our other, you know, indications of attack or our indicators of misconfiguration into the model. So we can see whether something's good or bad whilst we're doing that. Obviously we're also working on building specific senses that will then sit in OT devices down, you know, one layer down from rather being collected and pulled and brought into the platform, being collected at the individual sensor level when we have that completed. And that requires a whole different ecosystem for us, it means that we have to engage with organizations like Rockwell and Siemens and Schneider, because they're the people who own the equipment, right? Yeah. And we have to certify with them to make sure that when we put technology onto their equipment, we're not going to cause any kind of critical failure that, you know, that could have genuine real world physical disastrous consequences. So we have to be super careful with how we build that, which we're we're in the process of >>Doing are the IOA signatures indicator as a tax. So I don't have to throw a dollar in the jar. Are the IOA signatures substantially similar at, at the edge, or >>I think we learn as we go, you know, first we have to gain the information and understand what good and bad looks like, what the kind of behaviors are there. But what we will see is that, you know, as someone's trying to, there's an actor, you know, making an attack, you know, will be able to see how they're affecting each of those endpoints individually, whether they're trying to take some form of control, whether they're switching them on and off in the edge and the far edge, it's a little bit more binary in terms of the kind of function of the device. It is the valve open or is the valve closed? It's is the production line running or is the production not line running, not running. So we need to be able to see that it's more about protecting the outcomes there as well. But again, you know, it's about first, we have to get the information. That's what this product will help us do, get it into the platform, get our teams over the top of it, learn more about what's going on there and then be able to take action. >>But the key point is the architecture will scale. And that's where the cloud native things comes >>Into. Yeah, it'll, it'll it'll scale. But to your, to your point about the lack of investment and infrastructure means older stuff means potentially wider gaps, bigger security holes, more opportunity for the security sector. Yep. I buy that. That makes sense. I think if it's a valid argument, when you, when you, when you know, we, we loosely talk about internet of things, edge, a lot of those things on the edge, there's probably a trillion dollars worth of a hundred year old garbage, and I'm only slightly exaggerating on the trillion and the a hundred years old, a lot of those critical devices that need to be sensed that are controlling our, our, our, our electrical grid. For example, a lot of those things need to be updated. So, so as you're pushing into that frontier, are you, you know, are, are you extending out developer kits and APIs to those people as they're developing those new things? Well, because some of the old stuff will never work. >>And that's what we're we're seeing is that there is a movement within the industrial control side of things to actually start, you know, doing this. Some, some simple things like removing the air gap from certain systems because you, now we can build a system around it. That's trustable and supportable. So now we can get access there over, over and over a network over the internet to, to, to kind of control a valve set that's down a pipeline or something like that. So there is, there is, there is willingness within the ecosystem, the, the IOT provider ecosystem to give us access to some of those, those controls, which, which wasn't there, which has led to some of some of these issues. Are we gonna be able to get to all of them? No, we're gonna have to make decisions based on customer demand, based on where the big, the big rock lie. And, and so we will continue to do that based on customer feedback on again, on what we see >>And the legacy air gaps in the OT worlds were by design for security reasons, or just sort of >>Mostly because there was no way to, to do before. Right. So it was, was like black >>Connectivity is >>So, so, so it was, people felt more comfortable sending an engineer route to the field truck roll. Yeah, yeah, yeah. To do it rather than expensive, rather. And, and exactly that, again, going back to our macro economic situation, you know, it's a very expensive way of managing and maintaining your fleet if you have to send someone to it every time. So there is a lot of there's, there's a lot of customer demand for change, and we're engaging in that change. And we want, we see a huge opportunity there >>Coming back to the X XDR Alliance, cuz that's kind of where we started. Where do you wanna see that go? What's your vision for that? >>So the Alliance itself has been fundamental in terms of now where we go with the overall platform. We are always constantly looking for customer feedback on where we go next on what additional elements to add that the Alliance members have been this fantastic time and effort in terms of engaging with us so that we can build in responses to their platforms, into, you know, into, into what we do. And they're seeing the value of it. I, I feel that over the next, you know, over the next two year period, we're gonna see those, our XDR Alliance and other XDR alliances growing out to get to each other and they will they'll touch each other. We will have to do it like the OSF project at AWS. And as that occurs, we're gonna be able to focus on customer outcomes, which is, you know, again, if you listen to George, you listen to Mike protecting the customers, the mission of CrowdStrike. So I think that's core to that, to, to that story. What we will see now is it's a great vehicle for us to give a structured approach to partnership. So we'll continue to invest in that. We've, we've got, we've got a pipeline of literally hundreds of, of partners who want to join. We've just gotta do that in a way that's consumable for us and consumable for the customer. >>Jeff Swain. Thanks so much for coming back in the cube. It's great to have you. Yeah. Thanks guys. Thank you. Okay. And thank you for watching Dave Nicholson and Dave ante. We'll be back right after this short break. You're watching the cube from Falcon 22 in Las Vegas, right back.

(intro music) >> Hi everybody. Dave Vellante, back with Day Two coverage, we're live at the ARIA Hotel in Las Vegas for fal.con '22. Several thousand people here today. The keynote was, it was a little light. I think people were out late last night, but the keynote was outstanding and it's still going on. We had to break early because we have to strike early today, but we're really excited to have Stephan Goldberg here, Vice President of Technology Alliances at Claroty. And we're going to talk about an extremely important topic, which is the internet of things, the edge, we talk about it a lot. We haven't covered securing the edge here at theCUBE this week. And so Stephan really excited to have you on. >> Thank you for having me. >> You're very welcome. Tell us more about Claroty, C-L-A-R-O-T-Y, a very interesting spelling, but what's it all about? >> Claroty is cybersecurity company that specializes in cyber physical systems, also known as operational technology systems and the extended internet of things. The difference between the traditional IoT and what what everyone calls an IoT in the cyber physical system is that an IoT device has anything connected on the network that traditionally cannot carry an agent, a security camera, a card reader. A cyber physical system is a system that has influence and operates in the physical world but is controlled from the cyberspace. An example would be a controller, a turbine, a robotic arm, or an MRI machine. >> Yeah, so those are really high-end systems, run, are looked after by engineers, not necessarily consumers. So what's what's happening in that world? I mean, we've talked a lot on theCUBE about the schism between OT and IT, they haven't really talked a lot, but in the last several years, they've started to talk more. You look at the ecosystem of IoT providers. I mean, it's companies like Hitachi and PTC and Siemens. I mean, it's the different names than we're used to in IT. What are the big trends that you're seeing the macro? >> So, first of all, traditionally, most manufacturers and environments that were heavy on operations, operational technology, they had the networks air-gapped, completely separated. You had your IT network for business administration, you had the OT network to actually build stuff. Today with emerging technologies and even modern switching architecture everything is being converged. You have the same physical infrastructure in terms of networking, that carries both networks. Sometimes a human error, sometimes a business logic that needs to interconnect these networks to transmit data from the OT side of the house, to the IT side of the house, exposes the OT environment to cyber threats. >> Was that air-gap by design or was it just that there wasn't connectivity? >> It was air-gap by design, due to security and operational reasons, and also ownership in these organizations. The IT-managed space was completely separate from the OT-managed space. So whoever built a network for the controllers to build a car, for example, was an automation engineer and the vendors, that have built these networks, were automation vendors, unlike the traditional Ciscos of the world, that we're specializing in IT. Today we're seeing the IT vendors on the OT side, and the OT vendors, they're worried about the IT side. >> But I mean, tradition, I mean, engineers are control freaks. No offense, but, I'm glad they are, I'm thankful for that. So there must have been some initial reticence to them connecting up these air-gap systems. They went wanted to make sure that they were secure, that they did it right, and presumably that's where you guys come in. What are the exposures and risks of these, of this critical infrastructure that we should be aware of? >> So you're completely right. And from an operational perspective let let's call it change control is very rigorous. So they did not want to go on the internet and just, we're seeing it with adoption of cloud technologies, for example. Cloud as in industry four ago, five ago, cloud as in cyber security. We all heard Amol's keynote from this morning talking about critical infrastructures and we'll touch upon our partnership in a second, but CrowdStrike, CrowdStrike being considered and deployed within these environments is a new thing. It's a new thing because the OT operation managers and the chief information security officers, they understand that air-gap is no longer a valid strategy. From a business perspective, these networks are already connected. We're seeing the trends of cyber attacks, IT cyber attacks, like not Patreon, I'm not talking about the Stoxnet, the targeted OT. I'm talking about WannaCry, EternalBlue, IT vulnerabilities that did not target OT, but due to the outdated and the specification of OT posture on the networks, they hit healthcare, they hit OT much harder than they did IT. >> Was Log4J, did that sleep into OT, or any IT that. >> So, absolutely. >> So Log4J right, which was so pervasive, like so many of these malwares. >> All these vulnerabilities that, it's a windows vulnerability, it has nothing to do with OT. But then when you stop and you say, hold on, my human machine interface workstation, although it has some proprietary software by Rockwell or Siemens running on it, what is the underlying operating system? Oh, hold on, it's Windows. We haven't updated that for like eight years. We were focused on updating the software but not the underlying operating system. The vulnerabilities exist to a greater extent on the OT side of the house because of the same characteristic of operational technology environments. >> So the brute force air-gap approach was no longer viable because the business imperative came in and said, no, we have to connect these systems to digitally transform, or advance our business, there's opportunities to monetize, whatever it was. The business laid that out as an imperative. So now OT engineers have to rethink how they secure it. So what are the steps that they're taking and how does Claroty help? Is there a sort of a playbook, a sequential playbook? >> Absolutely, so before we discussed the maturity curve of adopting an CPS security, or OT security technology, let's touch upon the characteristic of the space and what it led vendors like Claroty to build. So you have the rigorous chain control. You have the security in mind, operations, lowered the risk state of mind. That led vendors, likes of Claroty, to build a solution. And I'm talking about seven, eight years ago, to be passive, mostly passive or passive only to inspect network and to analyze network and focus on detection rather than taking action like response or preventative maintenance. >> Um-hmm. >> It made vendors to build on-prem solutions because of the cloud-averse state of mind of this industry. And because OT is very specific, it led vendors to focus only on OT devices, overlooking what we discussed as IoT, Unfortunately, besides HMI and PLC, the controller in the plant, you also have the security camera. So when you install an OT security solution I'm talking about the traditional ones, they traditionally overlook the security camera or anything that is not considered traditional OT. These three observations, although they were necessary in the beginning, you understand the shortcomings of it today. >> Um-hmm. >> So cloud-averse led to on-prem which leads to war security. It's like comparing CrowdStrike and one of its traditional competitors in the antivirus space. What CrowdStrike innovated is the SaaS first, cloud-native solution that is continuously being updated and provide the best in cloud security, right? And that is very much like what Claroty's building. We decided to go SaaS first and cloud-native solution. >> So, because of cloud-aversion, the industry shows somewhat outdated deployment models, on-prem, which limited scale and created greater diversity, more stovepipes, all the problems that we always talk about. Okay, and so is the answer to that, just becoming more cloud, having more of an affinity to cloud? That was a starting point, right. >> This is exactly it. Air-gap is perceived as secured, but you don't get updates and you don't really know what's going on in your network. If you have a Claroty or a crosswork installer, you have much higher probability detecting fast and responding fast. If you don't have it, you are just blind. You will be bridged, that's the. >> I was going to say, plus, air-gap, it's true, but people can get through air-gaps, too. I mean, it's harder, but Stoxnet. Yeah, look at Stoxnet right, oh, it's mopping the floor, boom, or however it happened, but so yeah. >> Correct. >> So, but the point being, you know, assume that breach, even though I know CrowdStrike thinks that the unstoppable breach is a myth, but you know, you talk to people like Kevin Mandia, it's like, we assume you're going to get breached, right? Let's make that assumption. Yeah, okay, and so that means you've got to have visibility into the network. So what are those steps that you would, what's that maturity model that you referenced before? >> So on top of these underlying principles, which is cloud-native, comprehensive, not OT only, but XIoT, and then bring that the verticalization and OT specificity. On top of that, you're exactly right. There is a maturity curve. You cannot boil the ocean, deploy protections, and change the environment within one day. It starts with discovering everything that is connected to your network. Everything from the traditional workstations to the cameras, and of course ending up with the cyber physical systems on the network. That discovery cannot be only a high level profile, it needs to be in depth to the level you need to know application versions of these devices. If you cannot tell the application version you cannot correlate it to a vulnerability, right? Just knowing that's an HMI or that's a PLC by Siemens is insufficient. You need to know the app version, then you can correlate to vulnerability, then you can correlate to risk. This is the next step, risk assessment. You need to put up a score basically, on each one of these devices. A vulnerability score, risk score, in order to prioritize action. >> Um-hmm. >> These two steps are discovery and thinking about the environment. The next two steps are taking action. After we have the prioritized devices discovered on your network, our approach is that you need to ladle in and deploy protections from a preventative perspective. Claroty delivers recommended policies in the form of access control lists or rules. >> Right. >> That can leverage existing infrastructure without touching a device without patching it, just to protect it. The next step would be detection and response. Once you have these policies deployed you also can leverage them to spot policy deviations. >> And that's where CrowdStrike comes in. So talk about how you guys partner with CrowdStrike, what that integration looks like and what the differentiation is. >> So actually the integration with CrowdStrike crosses the the entire customer journey. It starts with visibility. CrowdStrike and us exchange data on the asset level. With the announcement during FalCon, with Falcon Discover for IoT, we are really, really proud working on that with CrowdStrike. Traditionally CrowdStrike discovered and provided data about the IT assets. And we did the same thing with CPS and OT. Today with Falcon Discover for IoT, and us expanding to the XIoT space, both of us look at all devices but we can discover different things. When you merge these data sets you have an unparalleled visibility into any environment, and specifically OT. The integrations continue, and maybe the second spotlight I'll put, but without diminishing the other ones, is detection and response. It's the XDR Alliance. Claroty is very proud to be one of the first partners, XDR Alliance partners, for CrowdStrike, fitting in to the XDR, to CrowdStrike's XDR, the data that is needed to mitigate and respond and get more context about breaches in these OT environments, but also take action. Also trigger action, via Claroty and leverage Claroty's network-centric capabilities to respond. >> We hear a lot. We heard a lot in today's keynote note about the data, the importance of data, of the graph database. How unique is this Stephan, in the industry, in your view? >> The uniqueness of what exactly? >> Of this joint solution, if you will, this capability. >> I told my counterparts from CrowdStrike yesterday, the go-to market ones and the product management ones. If we are successful with Falcon Discover for IoT, and that product matures, as we plan for it to mature, it will change the industry, the OT security industry, for all of us. Not only for Claroty, for all players in this space. And this is why it's so important for us to stay coordinated and support this amazing company to enter this space and provide better security to organizations that really support our lives. >> We got to leave it there, but this is such an important topic. We're seeing in the war in Ukraine, there's a cyber component in the future of war. >> Yes. >> Today. And what do they do? They go after critical infrastructure. So protecting that critical infrastructure is so important, especially for a country like the United States, which has so much critical infrastructure and a lot to lose. So Stephan, thanks so much. >> Thank you. >> For the work that you're doing. It was great to have you on theCUBE. >> Thank you. >> All right, keep it right there. Dave Vellante for theCUBE. We'll be right back from fal.con '22. We're live from the ARIA in Las Vegas. (techno music)

>>All we're back. We're wrapping up day two at Falcon 22 from the area in Las Vegas, CrowdStrike CrowdStrike. The action is crazy. Second day, a keynotes. Sean Henry is back. He's the chief security officer at CrowdStrike. He did a keynote today. Sean. Good to see you. Thanks for coming >>Back. Good. See you, Dave. Thanks for having me. >>So, unfortunately, I wasn't able to see your keynote cuz I had to come do cube interviews. You interviewed Kimbo Walden from, from, you know, white house, right? >>National cyber security >>Director. We're gonna talk about that. We're gonna talk about Overwatch, your threat hunting report. I want to share the results with our audience, but start with your, well actually start with the event. We're now in day two, you've had a good chance to talk to customers and partners. What are, what are your observations? Yeah, >>It's first of all, it's been an amazing event over 2200 attendees here. It's really taking top three floors at the area hotel and we've got partners and customers, employees, and to see the excitement and the level of collaboration here is absolutely phenomenal. All these different organizations that are each have a piece of cyber security to see them coming together, all in support of how do you stop breaches? How do you work together to do it? It's really been absolutely phenomenal. You're >>Gonna love the collaboration. We kind of talked about this on our earlier segment is the industry has to do a better job and has been doing a better job. You know, I think you and Kevin laid that out pretty well. So tell me about the interview with the fireside chat with Kimba. What was that like? What topics came up? >>Yeah. Kimba is the principal, deputy national cyber security advisor. She's been there for just four months. She spent over 10 years at DHS, but she most recently came from the private sector in cybersecurity. So she's got that the experience as a private sector expert, as well as a public sector expert and to see her come together in that position. It was great. We talked a lot about some of the strategies the white house is looking to put forth in their new cybersecurity strategy. There was recently an executive order, right? That the, the president put forth that talks about a lot of the things that we're doing here. So for example, the executive order talks about a lot of the legacy type of capabilities being put to pasture and about the government embracing cloud, embracing threat, hunting, embracing EDR, embracing zero trust and identity protection. Those are all the things that the private sector has been moving towards over the last year or two. That's what this is all about here. But to see the white house put that out, that all government agencies will now be embracing that I think it puts them on a much shorter footing and it allows the government to be able to identify vulnerabilities before they get exploited. It allows them to much more quickly identify, have visibility and respond to, to threats. So the government in infrastructure will be safer. And it was really nice to hear her talk about that and about how the private sector can work with the government. >>So you know how this works, you know, having been in the bureau. But so it's the, these executive orders. A lot of times people think, oh, it's just symbolic. And there are a couple of aspects of it. One is president Biden really impressed upon the private sector to, you know, amp it up to, to really focus and do a better job. But also as you pointed out that executive order can adjudicate what government agencies must do must prioritize. So it's more than symbolic. It's actually taking action. Isn't >>It? Yeah. I, I, I think it, I think it's both. I think it's important for the government to lead in this area because while a, a large portion of infrastructure, major companies, they understand this, there is still a whole section of private sector organizations that don't understand this and to see the white house, roll it out. I think that's good leadership and that is symbolic. But then to your second point to mandate that government agencies do this, it really pushes those. That might be a bit reluctant. It pushes them forward. And I think this is the, the, the type of action that as it starts to roll out and people become more comfortable and they start to see the successes. They understand that they're becoming safer, that they're reducing risk. It really is kind of a self-fulfilling prophecy and we see things become much safer. Did, >>Did you guys talk about Ukraine? Was that, was that off limits or did that come up at all? >>It wasn't, it wasn't off limits, but we didn't talk about it because there are so many other things we were discussing. We were talking about this, the cyber security workforce, for example, and the huge gap in the number of people who have the expertise, the capability and the, and the opportunities to them to come into cyber security technology broadly, but then cyber security as a sub sub component of that. And some of the programs, they just had a big cyber workforce strategy. They invited a lot of people from the private sector to have this conversation about how do you focus on stem? How do you get younger people? How do you get women involved? So getting maybe perhaps to the untapped individuals that would step forward and be an important stop gap and an important component to this dearth of talent and it's absolutely needed. So that was, was one thing. There were a number of other things. Yeah. >>So I mean, pre pandemic, I thought the number was 350,000 open cybersecurity jobs. I heard a number yesterday just in the us. And you might have even told me this 7, 7 50. So it's doubled in just free to post isolation economy. I don't know what the stats are, but too big. Well, as a, as a CSO, how much can automation do to, to close that gap? You know, we were talking earlier on the cube about, you gotta keep the humans in the loop, you, you, the, the, the, the Nirvana of the machines will just take care of everything is just probably not gonna happen anytime in the near term, even midterm or long term, but, but, but how can automation play and help close that gap? So >>The, the automation piece is, is what allows this to scale. You know, if we had one company with a hundred endpoints and we had a couple of folks there, you could do it with humans. A lot of it when you're talking about hundreds of millions of endpoints spread around the globe, you're talking about literally trillions of events every week that are being identified, evaluated and determined whether they're malicious or not. You have to have automation and to have using the cloud, using AI, using machine learning, to sort through, and really look for the malicious needle in a stack of needle. So you've gotta get that fidelity, that fine tune review. And you can only do that with automation. What you gotta remember, Dave, is that there's a human being at the end of every one of these attacks. So we've got the bad guys, have humans there, they're using the technology to scale. We're using the technology to scale to detect them. But then when you get down to the really malicious activity, having human beings involved is gonna take it to another level and allow you to eradicate the adversaries from the environment. >>Okay. So they'll use machines to knock on the door when that door gets opened and they're in, and they're saying, okay, where do we go from here? And they're directing strategy. Absolutely. I, I spent, I think gave me a sta I, I wonder if I wrote it down correctly, 2 trillion events per day. Yeah. That you guys see is that I write that down. Right? >>You did. It changes just like the number of jobs. It changes when I started talking about this just a, a year and a half ago, it was a billion a day. And when you look at how it's multiplied exponentially, and that will continue because of the number of applications, because of the number of devices as that gets bigger, the number of events gets bigger. And that's one of the problems that we have here is the spread of the network. The vulnerability, the environment is getting bigger and bigger and bigger as it gets bigger, more opportunities for bad guys to exploit vulnerabilities. >>Yeah. And we, we were talking earlier about IOT and extending, you know, that, that threats surface as well, talk about the Overwatch threat hunting report. What is that? How, how often have you run it? And I'd love to get into some of the results. Yeah. >>So Overwatch is a service that we offer where we have 24 by seven threat hunters that are operating in our customer environments. They're hunting, looking for, looking for malicious activity, malicious behavior. And to the point you just made earlier, where we use automation to sort out and filter what is clearly bad. When an adversary does get what we call fingers on the keyboard. So they're in the box and now a human being, they get a hit on their automated attack. They get a hit that, Hey, we're in, it's kind of the equivalent of looking at the Bober while you're fishing. Yeah. When you see the barber move, then the fisherman jumps up from his nap and starts to reel it in similar. They jump on the keyboard fingers on the keyboard. Our Overwatch team is detecting them very, very quickly. So we found 77,000 potential intrusions this past year in 2021, up to the end of June one, one every seven minutes from those detections. >>When we saw these detections, we were able to identify unusual adversary behavior that we'd not necessar necessarily seen before we call it indicators of attack. What does that mean? It means we're seeing an adversary, taking a new action, using a new tactic. Our Overwatch team can take that from watching it to human beings. They take it, they give it to our, our engineering team and they can write detections, which now become automated, right? So you have, you have all the automation that filters out all the bad stuff. One gets through a bad guy, jumps up, he's on the keyboard. And now he's starting to execute commands on the system. Our team sees that pulls those commands out. They're unusual. We've not seen 'em before we give it to our engineering team. They write detections that now all become automated. So because of that, we stopped over with the 77,000 attacks that we identified. We stopped over a million new attacks that would've come in and exploited a network. So it really is kind of a big circle where you've got human beings and intelligence and technology, all working together to make the system smarter, to make the people smarter and make the customers safer. And you're >>Seeing new IAS pop up all the time, and you're able to identify those and, and codify 'em. Now you've announced at reinforced, I, I, in July in Boston, you announced the threat hunting service, which is also, I think, part of your you're the president as well of that services division, right? So how's that going? What >>What's happening there? What we announced. So we've the Overwatch team has been involved working in customer environments and working on the back end in our cloud for many years. What we've announced is this cloud hunting, where, because of the adoption of the cloud and the movement to the cloud of so many organizations, they're pushing data to the cloud, but we're seeing adversaries really ramp up their attacks against the cloud. So we're hunting in Google cloud in Microsoft Azure cloud in AWS, looking for anomalous behavior, very similar to what we do in customer environments, looking for anomalous behavior, looking for credential exploitation, looking for lateral movement. And we are having a great success there because as that target space increases, there's a much greater need for customers to ensure that it's protected. So >>The cloud obviously is very secure. You got some of the best experts in the planet inside of hyperscale companies. So, and whether it's physical security or logical security, they're obviously, you know, doing a good job is the weakness, the seams between where the cloud provider leaves off and the customer has to take over that shared responsibility model, you know, misconfiguring and S3 bucket is the, you know, the common one, but I'm so there like a zillion others, where's that weakness. Yeah. >>That, that's exactly right. We see, we see oftentimes the it piece enabling the cloud piece and there's a connectivity there, and there is a seam there. Sometimes we also see misconfiguration, and these are some of the things that our, our cloud hunters will find. They'll identify again, the equivalent of, of walking down the hallway and seeing a door that's unlocked, making sure it's locked before it gets exploited. So they may see active exploitation, which they're negating, but they also are able to help identify vulnerabilities prior to them getting exploited. And, you know, the ability for organizations to successfully manage their infrastructure is a really critical part of this. It's not always malicious actors. It's identifying where the infrastructure can be shored up, make it more resilient so that you can prevent some of these attacks from happening. I >>Heard, heard this week earlier, something I hadn't heard before, but it makes a lot of sense, you know, patch Tuesday means hack Wednesday. And, and so I, I presume that the, the companies releasing patches is like a signal to the bad guys that Hey, you know, free for all go because people aren't necessarily gonna patch. And then the solar winds customers are now circumspect about patches. The very patches that are supposed to protect us with the solar winds hack were the cause of the malware getting in and, you know, reforming, et cetera. So that's a complicated equation. Yeah. >>It, it certainly is a couple, couple parts there to unwind. First, when you, you think about patch Tuesday, there are adversaries often, not always that are already exploiting some of those vulnerabilities in the wild. So it's a zero day. It's not yet been patched in some cases hasn't yet been identified. So you've got people who are actively exploiting. It we've found zero days in the course of our threat hunting. We report them in a, in a, in a responsible way. We've gone to Microsoft. We've told them a couple times in the last few months that we found a zero day and give them an opportunity to patch that before anybody goes public with it, because absolutely right when it does go public, those that didn't know about it before recognize that there will be millions of devices depending on the, the vulnerability that are out there and exploitable. And they will absolutely, it will tell everybody that you can now go to this particular place. And there's an opportunity to gain access, to exploit privileges, depending on the criticality of the patch. >>I, I don't, I, I don't, I'm sorry to generalize, but I wanna ask you about the hacker mindset. Let's say that what you just described a narrow set of hackers knows that there's an unpatched, you know, vulnerability, and they're making money off of that. Will they keep that to themselves? Will they share that with other folks in the net? Will they sell that information? Or is it, is it one of those? It depends. It, >>I was just gonna say, it depends you, you beat me to it. It absolutely depends. All of, all of the above would be the answer. We certainly see organ now a nation state for example, would absolutely keep that to themselves. Yeah. Right. Their goal is very different from an organized crime group, which might sell access. And we see them all the time in the underground selling access. That's how they make money nation states. They want to keep a zero day to themselves. It's something they're able to exploit in some cases for months or years, that that, that vulnerability goes undetected. But a nation state is aware of it and exploiting it. It's a, it's a dangerous game. And it just, I think, exemplifies the importance of ensuring that you're doing everything you can to patch in a timely matter. Well, >>Sean, we appreciate the work that you've done in your previous role and continuing to advance education, knowledge and protection in our industry. Thank you for coming on >>You. Thank you for having me. This is a fantastic event. Really appreciate you being here and helping to educate folks. Yeah. >>You guys do do a great job. Awesome. Set that you built and look forward to future events with you guys. My >>Friends. Thanks so much, Dave. Yeah. Thank >>You. Bye now. All right. Appreciate it. All right, keep it right there. We're gonna wrap up in a moment. Live from Falcon 22. You're watching the cube.