>>Hello, everyone. Welcome to the cubes presentation of the AWS partner showcase. This is season one, episode two. I'm your host, John furry with the cube. I'm joined by two cube alumni as Andy Langston, SVP and GM at Veem and Sabina Joseph, the general manager of technology partners at AWS. We're here talking about speeding the innovation with AWS. Welcome to the show. >>Ready to meet you >>And good to see you, Andy again. >>Great to have you guys back on. I hope you guys are doing well. Great to see both of you Veem. Obviously we've been covering you guys for a long time. You got your VIMANA event coming up in person, which is great. Congrats on the continued success of the company and the product you guys have always been all in on AWS. We've been covering for many, many years. Andy, what's the innovation going on now at Veem? Lots of lots happening, lots going on. What's the new innovation. >>Well, I think, you know, clearly people are in, you know, when we talk to people they're interested in, in ransomware, so ransomware protection, we they're interested in a hybrid cloud hybrid. Um, you know, AWS in particular, we get a lot of interest there. Um, clearly modern data protection, uh, what we're doing in office 365, people are looking at all those things >>And what's the, the platform, uh, approach that you guys have with AWS. You guys have a broad range. It's not just the classic. I call it the green classic solution. That's also a good product. What's some of the new platform advantages you guys got going on with the cloud native with AWS. >>Well, you know, look we are, our strategy is to protect as many AWS services as possible, you know, and, and, you know, from the ECE to EBS, S3, RDS, uh, VMC, and many of the services that they're coming out with. And in many times they come to us and say, Hey, you know, these are important to us. We'd like you to, to support these. So clearly we're, um, we're focused on those, uh, Kubernetes workloads is, is a newer set of workloads on AWS. That we're a very interested, we made an acquisition and have a product called, uh, Kasten that we've been investing in and working with AWS with their, uh, uh, EKS anywhere. So very excited. >>Great. So being on the partnership, you guys, it's growing a lot's going on. Can you tell us more about how Veeam and abs AWS are jointly helping customers? >>Yeah. As, um, as both of, you know, right. Data is exploding. And, uh, that means, you know, we have to keep backing up this data and finding new ways to back up this data because people are stepping away from the traditional backup methods, tape libraries, secondary storage sites and things like that. And they're backing up data into the cloud. And we AWS offers a number of different storage services, data transfer methods and networking solutions, which provide unmatched your ability, reliability, security. And of course, uh, AWS and Veem have been partnering together enough for quite a number of years and the cost effective. And so you mentioned that Veem has on AWS really enables customers to have offsite storage solutions, providing that physical separation between their on premises, primary data, and also utilizing the pay as you go cloud economics. So we have a great collaboration and, you know, beam has a great solution on AWS and they're constantly innovating and providing capabilities for our customers. Just like Andy said, providing as many capabilities for our services to back up, >>Andy, the volume of data I'll say is always the story. Every year, the volume is tsunami of data. It's getting worse it's every day. Um, and as you got more cloud scale, you guys have been doing a lot integration. You guys always have, you have demanding customers, you have a lot of customers actually. So as you leverage Amazon for data protection, the security conversation is front and center these days. Can you give us an update on how you guys are doing, uh, the data protection security in the cloud with AWS? That's, that's, um, that's hot with your customers, >>You know, it's a great, it's a great comment. You know, you've talked about a lot of customers. Veem has over 400,000 customers now it's, it's truly extraordinary when you think about the size and scope and scale. And if you think, uh, my belief is a majority, almost all of them will tear up two and move their data up into the cloud at some point in our, in the next few years. And so we've just, I think we've described the surface and we're moving hack, you know, hundreds of petabytes or more per year up to the cloud at the same time when I make customer executive calls. It's kind of interesting. A lot of times you think they're going to want to talk about backup and disaster recovery. They want to talk about security. And when this first started happening, I thought, Hey, why don't you talk to your security vendor now? >>And what I realized was that data protection is front and center because of the, we just, we just published a study where a number jumped out at me, 71% of the thousands of people that responded said that they had already been a victim of, or had had a ransomware attack. It's a staggering number. And, um, so, you know, when we look at our relationship with Amazon and we look at the integration we've done around what we call cloud during that's moving, are moving data up to object storage. AWS has a capability called immutable data sets. And so that allows you affords you some great protection against ransomware as an example. And that's one of the areas that we're investing in very heavily. And by the way, our mutual customers are backing up and restoring with Veem and we're doing it on AWS and, and, uh, the data volumes are exploding, I think, because of that. Yeah. >>You know, it's interesting. And you made me have a throwback for, you know, 10 years ago, we used to talk about backup and recovery. And you know, the big thing back then was, was the conversation was don't think of backup as a, as a last minute thing, think of it at the front end, it was always kind of an afterthought and a, of the it decision makers. And you mentioned that security comment about call your security vendor. It's almost the scripts has flipped backup and recovery is the security solution. And so it's not, it's not an afterthought. This is 10 years ago. It was the primary message. It's the primary thought. So when you talk about automated tiering, that's kind of a networking thing. It's like, policy-based hearing. I mean, I mean, if you go back 10 years and we're talking, policy-based hearing, you were like, what? So this is a really different dynamic. And I want you guys to comment because this is the, this is the market right now. This is with the flip, the script has flipped. >>Yeah. Sabina. What do you, what, what do you from y'all's perspective kind of in, in your technology, partnerships, storage vendors, Veem security, what, what do you w what do you see? >>Well, I think that there is an interplay here because I think customers are looking at various ways, right? When I look at those five cybersecurity framework, right? First is identifying what you need to protect, protecting it. And then that's a very important step of, out of those five steps is recovery, right? How do you get your business back to normal? But you cannot do that if you are not protecting and backing up your data. And that's where our partnership comes in. Right? So I believe that all of those five stages in the NIST cybersecurity framework kind of go together and be in place nicely into the very critical phase of recovery. Would you agree, Andy? >>I would. You know, and, and I look at, um, you know, when you're doing a recovery and your gut, your secure backups and AWS, it's, it's like your last line of defense, you know, beam and AWS deliver a mutable backups and has three tiers through S3 object lock integration. And I think that's, that's pretty much, you know, even if a ransomware attack is successful, we can, we can ensure that the backup data hadn't been changed and encrypted or deleted. And, uh, that's pretty exciting, you know, for customers and prospects, they're really worried about this. And I think the teamwork and the, the, the partnership between the two companies to build a solution like this is pretty awesome. >>Yeah. Let me, let me just double, double click on that for a second. You mentioned it got a lot of customers. Ransomware does not discriminate with the size of the company. It could be, it could be a hospital school. It could be a big company. Ransomware is bad, and we see that, and it's a great conversation. And how do you take that solution out to the customers? You got hundreds of thousands of customers. So Sabine, I guess the question is, how is this 80 of us in Veem work together? There's this channel first concept you guys are talking about, tell us about how you guys work together, because there's millions of customers who want this, and you guys actually have hundreds of thousands of customers that Veem, how do you get the customers to leverage that, the relationship and what can you bring to them? >>Yeah, I'll give you like four numbers, right? So AWS has millions of customers and we have, um, hundred thousand partners across 150 countries. Now Veem has, as Andy mentioned, right, has over 400,000 customers and 35,000 partners worldwide. So somewhere in these four numbers, we all intersect both of us intersect both on those customers and also on those partners. And one of the initiatives that my team is heavily focused on is triangulating between the partners that Veeam has. We have, and also our technology partnership. And how can we provide value to our customers by bringing together these partners together with AWS Veeam and Veeam is a V it's a hundred percent channel driven business, and they know how to do this. That is why we are heavily partnered with them to see what we can do for our customers through our mutual partner. >>And he wants you to weigh in here, you know, the channel business, it's gotta be easy, it's got to add value. And I got to wrap services around it. That's what partners love. Well, how does this work? How does that work? >>Well, I, I think to extend beyond what, what did take, what Sabina had said is, you know, we have kind of been subsetted. Our partners are the ones that, that do business with AWS and, and which is a exploding number of partners. And so they have a relationship database. We have a relationship at S and we have this solution set that have, are of interest to our customers through these partners. And AWS has customers through these partners. And so a lot of times we'll share, um, information and customers, uh, information on, around, um, how we can kind of go to these customers who are both AWS customers and Veem customers and market, this joint solution protect them from ransomware. >>And how's it been going so far? What's your, what's your assessment? >>It's been fantastic. I think the, I think one of the, the, the real proof points is that we've moved, uh, over a half a petabyte of data, you know, uh, recently up into their cloud. And, uh, you know, that says that people not only are using the solution, but they're, uh, they're actually delivering on it. >>Well, why got you here, Andy, I want to ask you for the, all the people watching the customers, what's the biggest change that's happening in this market right now. Again, I love this shift that we're seeing backup and recovery. Isn't a point solution anymore. It's the solution it's baked in, and everyone's talking about this, it's integrated in, it's not, it's, it's totally front and center. What's the big change that customers should be thinking about now as they move forward. And, uh, obviously ransomware is still front and center. That's not going away anytime soon. What's the big thing to focus on for customers? >>Well, I think, you know, I always say, you know, listen to the customer and focus on what their specific needs are, right? You can assume, obviously in the business war and everybody, everybody has a backup solution. And, uh, so you're not trying to create a market there, but like I said, you know, people are very focused on security. They're focused on cost, they're focus on skillset or lack of skill sets, right? I mean, we have a shortage of skills in the industry. So we try to make our products easy to use. We try to work with our partners, putting AWS to deliver the best solution we can for our customers. And, uh, you know, I think we have the broadest invest, you know, ransomware protection, uh, and recovery in the storage space. And so we're very focused on that, leveraging all of our technologies across the platforms, physical, virtual Kubernetes, uh, type environments. >>And you have this and you get the beam on event coming up and that's going to be good in person. Right. That's a confirmed, >>It's a, it's a, it's a hybrid yet. In-person and virtual. >>Awesome. Great to see you guys in person. So being a, for the folks, watching the Amazon partnerships, as you guys scale up these, these partnerships and take it the next level, what's your, what's your closing comment. Yes. >>Yeah. I also want to say, write something that I should mention, right. We miss also invested in AWS marketplace. So it's not just the direct consulting partners and the partners that I mentioned, the a hundred thousand and 35,000, right. They, customers can also purchase beam on AWS marketplace through consulting partner, private offers. And that's why Viva's embraced many of these aspects to try to help our customers and continue to grow that 400,000 customer base, which is a pretty phenomenal number. >>Yeah. I've always been impressed with beam's customer base and they've got a very loyal base as well. I point that out and give props to the VM team. Andy closing comments for you, the V natives relationship, how would you summarize that? >>I'd say it's fantastic. You know, years ago it started as just a normal technology partnership. You know, now we're an advanced technology partner with storage competency, numerous programs like APN, uh, customer engagement. We're a marketplace seller. And I would say that it's not only that, but, but customers can take advantages of their, um, EDP with AWS to purchase on the marketplace and get credits against that. And our partners can as well. That's a, that's a very important thing because we're seeing more and more interest in that today. Uh, we're a public sector partner with them. We're an ISV accelerate SAS revenue recognition program. We're, we're, uh, I think we're checking a lot of boxes, but really taking advantage of it. The last thing I would say is, uh, I've known Sabina for quite a few years now. And I think it's the people relationships in the two companies that make this work. >>We have a lot of people, a lot smarter than me on the, on the speeds and feeds here. But at the end of the day, um, Sabina has a team of people that work with us on a, on a, almost a daily basis to solve customer problems. Right. We get people calling in all the time. How do I make Veem work on AWS? How do I get AWS solutions to work with theme? And our job is to make it as easy as possible because we both believe, uh, that customers, they say customer first. I always say, customer always are always right, but, but, but, but you know, at the end of the day, that's what makes this >>Yeah. Customer is always right. Customer obsession, working backwards from the customer fucking customer first Sabina. This is really interesting. This is a good point. I just come quick, go back to you real quick. This integration of relationships and also cloud technology integration is a big theme this year, post re-invent. Your thoughts >>Absolutely means, um, uh, to be candid. Uh, one of the goals that me and my team take is how do we bring technology partners together to add more value to our customers in end to end solutions, along with technology partners and consulting partners. So that is a huge focus for us because we need to do that in order to scale, not just for each other, but also for our customers and bring that, bring together meaningful, comprehensive end to end solutions. >>That's awesome. Andy, great to see you. We'll see at Veem on as well, coming up for the Veem show and your conference. You've been conference hybrid conference in person and virtual and digital to be in a great to see you again. Thanks for sharing all the great updates. And this is the season two. It's all about the data and the innovations with AWS. I'm John for your host of the cube season one episode, two of the AWS partner showcase. Thanks for watching.

>>welcome to our session on security titled Securing Your Cloud. Everywhere With Me is Brian Langston, senior solutions engineer from Miranda's, who leads security initiatives from Renta's most security conscious customers. Our topic today is security, and we're setting the bar high by talking in some depth about the requirements of the most highly regulated industries. So, Brian four Regulated industries What do you perceive as the benefits of evolution from classic infra za service to container orchestration? >>Yeah, the adoption of container orchestration has given rise to five key benefits. The first is accountability. Think about the evolution of Dev ops and the security focused version of that team. Deb. SEC ops. These two competencies have emerged to provide, among other things, accountability for the processes they oversee. The outputs that they enable. The second benefit is audit ability. Logging has always been around, but the pervasiveness of logging data within container or container environments allows for the definition of audit trails in new and interesting ways. The third area is transparency organizations that have well developed container orchestration pipelines are much more likely to have a higher degree of transparency in their processes. This helps development teams move faster. It helped operations teams operations teams identify and resolve issues easier and help simplify the observation and certification of security operations by security organizations. Next is quality. Several decades ago, Toyota revolutionized the manufacturing industry when they implemented the philosophy of continuous improvement. Included within that philosophy was this dependency and trust in the process as the process was improved so that the quality of the output Similarly, the refinement of the process of container orchestration yields ah, higher quality output. The four things have mentioned ultimately points to a natural outcome, which is speed when you don't have to spend so much time wondering who does what or who did what. When you have the clear visibility to your processes and because you can continuously improve the quality of your work, you aren't wasting time in a process that produces defects or spending time and wasteful rework phases. You can move much faster than we've seen this to be the case with our customers. >>So what is it specifically about? Container orchestration that gives these benefits, I guess. I guess I'm really asking why are these benefits emerging now around these technologies? What's enabling them, >>right? So I think it boils down to four things related to the orchestration pipelines that are also critical components. Two successful security programs for our customers and related industry. The first one is policy. One of the core concepts and container orchestration is this idea of declaring what you want to happen or declaring the way you want things done? One place where declarations air made our policies. So as long as we can define what we want to happen, it's much easier to do complementary activities like enforcement, which is our second enabler. Um, tools that allow you to define a policy typically have a way to enforce that policy. Where this isn't the case, you need to have a way of enforcing and validating the policies objectives. Miranda's tools allow custom policies to be written and also enforce those policies. The third enabler is the idea of a baseline. Having a well documented set of policies and processes allows you to establish a baseline. Um, it allows you to know what's normal. Having a baseline allows you to measure against it as a way of evaluating whether or not you're achieving your objectives with container orchestration. The fourth enabler of benefits is continuous assessment, which is about measuring constantly back to what I said a few minutes ago. With the toilet away measuring constantly helps you see whether your processes and your target and state are being delivered as your output deviates from that baseline, your adjustments can be made more quickly. So these four concepts, I think, could really make or break your compliance status. >>It's a really way interesting way of thinking about compliance. I had thought previously back compliance, mostly as a as a matter of legally declaring and then trying to do something. But at this point, we have methods beyond legal boilerplate for asserting what we wanna happen, as you say, and and this is actually opening up new ways to detect, deviation and and enforce failure to comply. That's really exciting. Um, so you've you've touched on the benefits of container orchestration here, and you've provided some thoughts on what the drivers on enablers are. So what does Miranda's fit in all this? How does how are we helping enable these benefits, >>right? Well, our goal and more antis is ultimately to make the world's most compliant distribution. We we understand what our customers need, and we have developed our product around those needs, and I could describe a few key security aspects about our product. Um, so Miranda's promotes this idea of building and enabling a secure software supply chain. The simplified version of that that pertains directly to our product follows a build ship run model. So at the build stage is doctor trusted registry. This is where images are stored following numerous security best practices. Image scanning is an optional but highly recommended feature to enable within D T R. Image tags can be regularly pruned so that you have the most current validated images available to your developers. And the second or middle stage is the ship stage, where Miranda's enforces policies that also follow industry best practices, as well as custom image promotion policies that our customers can write and align to their own internal security requirements. The third and final stages to run stage. And at this stage, we're talking about the engine itself. Docker Engine Enterprise is the Onley container, run time with 51 40 dash to cryptography and has many other security features built in communications across the cluster across the container platform are all secure by default. So this build ship stage model is one way of how our products help support this idea of a secure supply chain. There are other aspects of the security supply chain that arm or customer specific that I won't go into. But that's kind of how we could help our product. The second big area eso I just touched on the secure supply chain. The second big area is in a Stig certification. Um, a stick is basically an implementation or configuration guide, but it's published by the U. S government for products used by the US government. It's not exclusive to them, but for customers that value security highly, especially in a regulated industry, will understand the significance and value that the Stig certification brings. So in achieving the certification, we've demonstrated compliance or alignment with a very rigid set of guidelines. Our fifth validation, the cryptography and the Stig certification our third party at two stations that our product is secure, whether you're using our product as a government customer, whether you're a customer in a regulated industry or something else, >>I did not understand what the Stig really Waas. It's helpful because this is not something that I think people in the industry by and large talk about. I suspect because these things are hard to get and time consuming to get s so they don't tend to bubble up to the top of marketing speak the way glitzy new features do that may or may not >>be secure. >>The, uh so then moving on, how has container orchestration changed? How your customers approach compliance assessment and reporting. >>Yeah, This has been an interesting experience and observation as we've worked with some of our customers in these areas. Eso I'll call out three areas. One is the integration of assessment tooling into the overall development process. The second is assessment frequency and then the third is how results are being reported, which includes what data is needed to go into the reporting. There are very likely others that could be addressed. But those are three things that I have noticed personally and working with customers. >>What do you mean exactly? By integration of assessment tooling. >>Yeah. So our customers all generally have some form of a development pipeline and process eso with various third party and open source tools that can be inserted at various phases of the pipeline to do things like status static source would analysis or host scanning or image scanning and other activities. What's not very well established in some cases is how everything fits within the overall pipeline framework. Eso fit too many customers, ends up having a conversation with us about what commands need should be run with what permissions? Where in the environment should things run? How does code get there that does this scanning? Where does the day to go? Once the out once the scan is done and how will I consume it? Thies Real things where we can help our customers understand? Um, you know what? Integration? What? Integration of assessment. Tooling really means. >>It is fascinating to hear this on, baby. We can come back to it at the end. But what I'm picking out of this Ah, this the way you speak about this and this conversation is this kind of re emergence of these Japanese innovations in product productivity in in factory floor productivity. Um, like, just in time delivery and the, you know, the Toyota Miracle and, uh, and that kind of stuff. Fundamentally, it's someone Yesterday, Anders Wahlgren from cloud bees, of course. The C I. C D expert told me, um, that one of the things he likes to tell his, uh consult ease and customers is to put a GoPro on the head of your code and figure out where it's going and how it's spending its time, which is very reminiscent of these 19 fifties time and motion studies, isn't it that that that people, you know pioneered accelerating the factory floor in the industrial America of the mid century? The idea that we should be coming back around to this and doing it at light speed with code now is quite fascinating. >>Yeah, it's funny how many of those same principles are really transferrable from 50 60 70 years ago to today. Yeah, quite fascinating. >>So getting back to what you were just talking about integrating, assessment, tooling, it sounds like that's very challenging. And you mentioned assessment frequency and and reporting. What is it about those areas that that's required? Adaptation >>Eso eso assessment frequency? Um, you know, in legacy environments, if we think about what those look like not too long ago, uh, compliance assessment used to be relatively infrequent activity in the form of some kind of an audit, whether it be a friendly peer review or intercompany audit. Formal third party assessments, whatever. In many cases, these were big, lengthy reviews full of interview questions, Um, it's requests for information, periods of data collection and then the actual review itself. One of the big drawbacks to this lengthy engagement is an infrequent engagement is that vulnerabilities would sometimes go unnoticed or unmitigated until these reviews at it. But in this era of container orchestration, with the decomposition of everything in the software supply chain and with clearer visibility of the various inputs to the build life cycle, our customers can now focus on what tooling and processes can be assembled together in the form of a pipeline that allows constant inspection of a continuous flow of code from start to finish. And they're asking how our product can integrate into their pipeline into their Q A frameworks to help simplify this continuous assessment framework. Eso that's that kind of addresses the frequency, uh, challenge now regarding reporting, our customers have had to reevaluate how results are being reported and the data that's needed in the reporting. The root of this change is in the fact that security has multiple stakeholder groups and I'll just focus on two of them. One is development, and their primary focus, if you think about it, is really about finding and fixing defects. That's all they're focused on, really, is there is there pushing code? The other group, though, is the Security Project Management Office, or PMO. This group is interested in what security controls are at risk due to those defects. So the data that you need for these two stakeholder groups is very different. But because it's also related, it requires a different approach to how the data is expressed, formatted and ultimately integrated with sometimes different data sources to be able to appease both use cases. >>Mhm. So how does Miranda's help improve the rate of compliance assessment? Aziz? Well, as this question of the need for differential data presentation, >>right, So we've developed on exposed a P I S that helped report the compliance status of our product as it's implemented in our customers on environment. So through these AP eyes, we express the data and industry standard formats using plastic out Oscar is a relatively new project out of the mist organization. It's really all about standardizing a set of standards instead of formats that expresses control information. So in this way our customers can get machine and human readable information related to compliance, and that data can then be massaged into other tools or downstream processes that our customers might have. And what I mean by downstream processes is if you're a development team and you have the inspection tools, the process is to gather findings defects related to your code. A downstream process might be the ticketing system with the era that might log a formal defect or that finding. But it all starts with having a common, standard way of expressing thes scan output. And the findings such that both development teams and and the security PMO groups can both benefit from the data. So essentially we've been following this philosophy of transparency, insecurity. What we mean by that is security isn't or should not be a black box of information on Lee, accessible and consumable by security professionals. Assessment is happening proactively in our product, and it's happening automatically. We're bringing security out of obscurity by exposing the aspects of our product that ultimately have a bearing on your compliance status and then making that information available to you in very user friendly ways. >>It's fascinating. Uh uh. I have been excited about Oscar's since, uh, since first hearing about it, Um, it seems extraordinarily important to have what is, in effect, a ah query capability. Um, that that let's that that lets different people for different reasons formalize and ask questions of a system that is constantly in flux, very, very powerful. So regarding security, what do you see is the basic requirements for container infrastructure and tools for use in production by the industries that you are working with, >>right? So obviously, you know, the tools and infrastructure is going to vary widely across customers. But Thio generalize it. I would refer back to the concept I mentioned earlier of a secure software supply chain. There are several guiding principles behind us that are worth mentioning. The first is toe have a strategy for ensuring code quality. What this means is being able to do static source code analysis, static source code analysis tools are largely language specific, so there may be a few different tools that you'll need to have to be able to manage that, um, second point is to have a framework for doing regular testing or even slightly more formal security assessments. There are plenty of tools that can help get a company started doing this. Some of these tools are scanning engines like open ESCAP that's also a product of n'est open. ESCAP can use CS benchmarks as inputs, and these tools do a very good job of summarizing and visualizing output, um, along the same family or idea of CS benchmarks. There's many, many benchmarks that are published. And if you look at your own container environment, um, there are very likely to be many benchmarks that can form the core platform, the building blocks of your container environment. There's benchmarks for being too, for kubernetes, for Dr and and it's always growing. In fact, Mirante is, uh, editing the benchmark for container D, so that will be a formal CSCE benchmark coming up very shortly. Um, next item would be defining security policies that line with your organization's requirements. There are a lot of things that come out of box that comes standard that comes default in various products, including ours, but we also give you through our product. The ability to write your own policies that align with your own organization's requirements, uh, minimizing your tax surface. It's another key area. What that means is only deploying what's necessary. Pretty common sense. But sometimes it's overlooked. What this means is really enabling required ports and services and nothing more. Um, and it's related to this concept of least privilege, which is the next thing I would suggest focusing on these privileges related to minimizing your tax service. It's, uh, it's about only allowing permissions to those people or groups that excuse me that are absolutely necessary. Um, within the container environment, you'll likely have heard this deny all approach. This denial approach is recommended here, which means deny everything first and then explicitly allow only what you need. Eso. That's a very common, uh uh, common thing that sometimes overlooked in some of our customer environments. Andi, finally, the idea of defense and death, which is about minimizing your plast radius by implementing multiple layers of defense that also are in line with your own risk management strategy. Eso following these basic principles, adapting them to your own use cases and requirements, uh, in our experience with our customers, they could go a long way and having a secure software supply chain. >>Thank you very much, Brian. That was pretty eye opening. Um, and I had the privilege of listening to it from the perspective of someone who has been working behind the scenes on the launch pad 2020 event. So I'd like to use that privilege to recommend that our listeners, if you're interested in this stuff certainly if you work within one of these regulated industries in a development role, um, that you may want to check out, which will be easy for you to do today, since everything is available once it's been presented. Matt Bentley's live presentation on secure Supply Chain, where he demonstrates one possible example of a secure supply chain that permits image. Signing him, Scanning on content Trust. Um, you may want to check out the session that I conducted with Andres Falcon at Cloud Bees who talks about thes um, these industrial efficiency factory floor time and motion models for for assessing where software is in order to understand what policies can and should be applied to it. Um, and you will probably want to frequent the tutorial sessions in that track, uh, to see about how Dr Enterprise Container Cloud implements many of these concentric security policies. Um, in order to provide, you know, as you say, defense in depth. There's a lot going on in there, and, uh, and it's ah, fascinating Thio to see it all expressed. Brian. Thanks again. This has been really, really educational. >>My pleasure. Thank you. >>Have a good afternoon. >>Thank you too. Bye.

>> from our studios in the heart of Silicon Valley, Palo Alto, California It is a cute conversation >> universe. And welcome to another cube conversation from our wonderful Palo Alta Studios in beautiful Palo Alto, California. As we do with every cute conversation, we're gonna talk about an important topic with smart people that can provide some good clues and guidance as to how the industry's gonna be forward. We're gonna do that today, too. Specifically, what we're gonna talk about is that there has been an enormous amount of interest in kubernetes is a technology for making possible the whole micro service's approached application development. But one of the challenges that kubernetes has been specifically built to be stateless, which means that it's not necessarily aware of its underlying data. Now that is okay for certain classes of application. But the typical enterprise does want to ensure that its data can remain state full. That does have a level of protection required, et cetera, which creates a new need within the industry for how do we marry state full capabilities, staple storage capabilities with kubernetes and have that conversation? We've got great guests here. Part of Ayatollah is a co founder and C t o of robin dot io and radish men on is the CMO Robin. I owe partner Radish. Welcome to the Cube. >> Great to be here. >> All right, so, reddish one, we start with you. Why don't you give us a quick update on Robin Donna? >> Sure. Robin. Daughter, You, as you were alluding to, is addressing super important problem that is in front of us, which is that you've got cloud. Native technologies, especially containers. And community is becoming the default way in which enterprises are choosing to innovate. But at the same time, there's a >> whole swath >> of applications which were architected just five years ago, which all need to get the same benefits off agility, portability and efficiency of cloud native technologies. Robin helps bridge that, and I hope to talk more about that. >> Excellent. So part of let's start with you and talk about this problem this impedance mismatch between applications that require some state full assurance about the data and kubernetes, which tends to be stateless. How does that How does that impact the way applications get built and deployed? >> Sure. So if you look at me as you mentioned that communities is a platform that has started our originated for stateless workloads, and people have adopted the fastest growing open source project. We know about that, but when you look at a stateless work lord, it actually depends on state from somewhere. It's basically computing something right. It's computing state that's coming either, for the network ordered. Is computing on state that store brother inside, big data data, data leak or inside a database? Now, if you look at the problem itself, developers have gotten used to the agility benefits that communities has to offer the mostly infrastructure as a court kind of construct centered offers, however, the agility is not complete if you do not bring the state full workload workloads also into the communities for so as an example, think about somebody who's trying to build on entire pipeline right across the in. Just process so visualized by plane. If you're saying that you know what, in order to put this entire stock together, our entire pipeline together are to still do something that is non agile by going out sorry communities and then marry that with something inside communities. That's not true, actually. So more and more we're seeing developers and the develops teams basically saying that. Okay, I want to have the entire stock developed on deployed on a child platform, like open these. And of course, that comes with a bunch of challenges that need to be addressed and hoping you talk about that today. >> Well, if we have a zoo said the state has to be maintained somewhere, state may be maintained somewhere up in the cloud, But there are gonna be circumstances where because of data locality issues on, you know you want local control. You have ah, Leighton. See, considerations a number of other issues that you want to be ableto locate state in the closer close to the kubernetes. Is that really what we're talking about here? >> That's one aspect of it which is essentially around the performance and maybe you in governance reasons why you want to call a Kate State and stateless, Right? But the other reason I was saying is, if you want to deploy a stack, stack is comprised of many too many competent, stateless as well estate full. And you're talking about the birth of an entire application that the developer is gonna push under this platform right, so there. It's not about just the data locality and all that. It's also that just enabling the entire stock to be deployed in one shot. >> So you just you just you want a simpler, more manageable stats at all, right? So what's the solution? What people, what people have to do to get access to both those performance more more performance state Full application. Cubans clusters that record, have some degree of day locality concerns or to sustain that dream of increasingly simple stacks. What has to happen differently? >> Sure, and there are two aspects to this. The 1st 1 I would say, is that a the platform that is going to offer this on top of communities has to guarantee the persistency needs, whether it is in terms of reliability, dumps of performances. Selous, it has to guarantee does so you have to get those onto the platform first. But beyond that, if you look at other issues talking about many, there are many, many data platforms or data applications of workloads that predict board docker and communities. Now, if you don't really bring them into the Ford, you really are not solving the real business challenges that people have today, right? So beyond just providing persistency layer to communities pods, you need to have a way in which you can take complex platforms such as Mongol, Cassandra Elastic, such article rack. Cloudera these kind of workload and bring them onto a platform that has architected for Microsoft. Just communities, right? Because these platforms are not. These workers are not designed for micro service's workloads. So how do you marry them onto a platform such as communities that is designed as a micro service's platform? So you go to solve that, and that is exactly what Robin has done. So we have taken this approach where you can take complex workloads, rear platforms and then make them run on on a Microsoft this platform like abilities, starting with the storage subsystem, which is where one of our course fences. >> So I could conceivably imagine an Oracle database being rendered as a container with inside a cougar and he's cluster and position as a service have been orchestrated by by that kubernetes instance. What >> if I could jump in? You don't have to imagine we have customers in production there. They have Oracle Rack as a service offered on robin right now. One thing I want to contextualize is that our roots are in problem solving this hard problem off applications that I haven't been designed for containers contain arising them and being able to manage that gracefully in carbonated right. It just gave the example off Oracle Rack as a service. Or we also have customers with, let's say, multiple petabytes of data with her new bastard service, um, covering big large enterprises as well. Now from that lineage. Now, what've you also offering is that there is a set of customers who, already picked, Committed is already right might be open shift. It might be P K, as it might be g k to do its customers. We also have an offering called Robbins Storage, which brings powerful data management capabilities right. So to offering the platform offering, which is communities plus storage plus networking. Bless application bundles for some of the demanding workloads. But we just talked about, and then Robin Storage is a new offering which can add the magic of data management and advanced data management capabilities to any community. Is that you? >> Well, let's talk about that just for one second the uh, when I think of data management capabilities, I'm thinking not just a Iot being written back and forth between some media and some application. I'm thinking in terms of, oh, data protection and security. So are there Give us a sense of the scope of the service? Is that our part off this solution that you're talking? >> Yeah, I'll start in part like and chime in as well. So the first context you need to have is that all these data management capabilities are in the context of a hybrid being the normed implementation, right? Nine or 10 customers are looking at implementing on Prem with Public Cloud, right? So in that context, any of the cable release that we're talking about being being able to take snapshots or being able to take, you know, move that snap short to be offer as a back up in the cloud or ability, the clone and rehydrate applications, these air own capabilities that need to operate in a hybrid cloud context, that's number one. The second thing is, rather than just solve the storage level problem off taking snapshots, being able to bring application and data together is a big game changer in partner. Can you add a little bit more on the apple is data? >> Absolutely. Because, I mean, if you look at the the dinner service is the radish doctor board snapshots and clones and things living backups. Those constructs have existed in the storage industries for almost three decades. So there's nothing new about dark, right? But if you look at applying them for work Lord that are running in communities, you gotta uplevel that, because when you look at a story little snapshot, it is still a volume orelon level snapshot. But what a developer develops team needs is the ability to take an entire workload. That's a Mongo TB cluster and the only snap, short and dark cluster. I want to keep different states, even if the topology of the application is changing. Correct. And that is something that Robin has innovated on because we recognized. And I come from a storage bag when I was a distinguishing. Jenna very does have Bean fortunate to be building many data platforms there on be recognized that just leaving that storage does not deliver the promise of agility that communities offers. They were uplevel it into applications and for the very first time. In fact, we're introducing concepts such as you go to a Mongo classroom. You say I want to go snapshot this cluster. We understand the apology that this cluster has. How many shards depositor for offering these things. The service is under Langston the volumes and we dark forms a snapshot. That's an application. Little snapshot of the benefit of application will snap Shirt is that if another developer wants to go clone and run queries on that, you don't have to go Dr Storage Admin inside. Just give me clones of these large volumes. They'll say, Just clone this Mongol Devi cluster on. Then within minutes, you have an up and running long body be cluster fully functional. You can start readies life. Exactly. Other thing would be draw the stock double portability. So you have this snapshot taken periodic snapshots. So let's say that you run out of capacity nor deer center, and you would like to go bust into a different cloud. That's your on premises, and you want to go and run a clone in geeky because that's where the capacities, our snapshots and the baby, a implemented and architect of this allow you to port an entire application along with topology? Medea on data so that he can go and stand up Fully functional, ready to use. That's among Would he be cluster and geeky in the club? >> Now you talk about UK a Google kubernetes engine on G C P Google Cloud Platform. Obviously, that's when you think about kubernetes. That's kind of the mother ship. When you come right down to it. How does your platform and G K E G. C P work together? >> So the first thing is >> that we have, ah, partnership, which is led by engineering to engineering engagement, that >> part eyes front, ending around a standard set of AP eyes whereby the advanced data management capabilities that we're talking about can be brought into communities world itself and, of course, geeky as the implementation footprint. Right? So that's one area that we've been collaborating on. The second is from, ah, Google perspective. The preferred storage for running enterprise workloads or state full workloads or the data intensive work clothes that be talking about is Robin Storage and that's ah that we definitely are pretty excited by the fact that through rigorous technical evaluation, after rigorous technical evaluation, Google is chosen Robyn stories as the preferred storage for these demanding workloads. So from both these standpoints off moving the state of the art of what does it mean to provide data management capabilities to communities, to providing a solution that works today for customers who are embracing G K both on Prem in in the cloud to be able to bring state full workloads? We're working with Google and pretty excited about that part. Anyone add further color on the engineering partnership? >> He absolutely, I think, as a radish mentioned. So Google perform. We are the purport storage solution for that. Now can we just rewind back a little bit there? About 25 30 different stories? When does providing stories for communities? Right. So what is this? I think that this move is something special that let us tow this thing at this point, right. We took a very fundamentally different approach when we when we saw this problem for G k r for communities you could have started with several open source story solutions, are there and build on top of that. When their companies that take barter effects, for example, pity orifice and build on that. The companies that takes seven belong there, right? Be formally said that. Listen, if you want to elevate the experience from storage onto applications, that the example that I took earlier off taking a snatcher, a mongo migrating and if your story, it's stackers underwear off the application, which means that the stories track is unaware of the topology of the application. Can you really do application consistent snapshots? You can't. All he can do is begin to snapshot individual Williams. Correct. Now, if the stories stock is not a rare off the application to polish, can you actually the application level quality? Also, this. If you can't do that, can you really guarantee noisy neighbor elimination? You had to >> do all >> those things right? If you really wanna run data platforms, those are the core things that you need to do right and Soviet took an approach is that it doesn't know it will not cut it if you build a story. Stack on top of border defense, for example, are on set, so we do a ground up approach and he said, Look, if you wanna build a story, started this cloud native communities native. How would that look like? And how would the perimeters exposed so that it can deliver the entire experienced applications? So architectural leave yard very superior compared to the other players out there, it's proof is that we've got picked. Now that's one aspect. The other aspect is the approach that were taken to expose these primitives, their own snapshots and backup on a portability and all that was very clean. Right on. Very pragmatic how it works with both the born in the cloud as well as the the prior boatloads right on. Because of that, we're also collaborating with the Google engineers is to come up with a set off a P eyes that were planning to standardize right around community so that you could have a very standard set off a p I through which you can trigger these data management calls. Right? So that's that's other like no other stock Borden engineering to engineering collaboration. So that's the other thing that we're collaborating on to create the stana riser of FBI's based on the knowledge that we have had, because we have have we have feel deployments off like rubbish. Talked about right article rack. We have field the Prime Minster. People are deploying multiple petabytes off starting in the single communities. Robin, cluster. Right? So all that learning all the experience that we have had its contributed towards this joint Engineering to engineering. Afford that you're going to create the standardized data management. >> So we've got Robin. I owe has delivered a piece of technology for handling state full kubernetes clusters that has been validated by Google I o. Today or you know, so that can be used now. And is the basis for further engineering work to move this Maur into the mainstream for the future? That's good. Very exciting stuff, Partha. Right, Dash. Thanks very much for being here in the Cube. Thank you. Thank you. And once again, I want to thank part uh Chautala, Who is the co founder and CEO of Robin I owe and radish men on Who's the CMO Robin don I owe once again. I'm Peter Bursts. Thanks very much for watching this cube conversation until next time