>> Announcer: From downtown San Francisco, it's theCUBE, covering RSA North America 2018. >> Hey, welcome back everybody. Jeff Frick here with theCUBE. We're at the RSA Conference in downtown San Francisco. Forty thousand plus security experts really trying to help us all out. Protect our borders not so much, but protects access to these machines, which is harder and harder and harder everyday with bring your own devices and all these devices. So really, it's a different strategy. And we're really excited to have ExtraHop back, we had ExtraHop on last year for the first year, he's Matt Cauthorn, the VP of security at ExtraHop. So Matt, what do you think of the show? >> Oh, amazing. Absolutely amazing. Super packed, been walking like crazy. Got all my steps in, its fantastic. >> Alright, so you guys have been in network security for a long time? >> Yeah so we've been, so we live in the East-West corridor, inside the enterprise, inside the perimeter doing wire data analytics, and network security analytics. Our source of data is the network itself. >> Okay. And the network is increasing exponentially with all the traffic that's going through, the data sources are increasing exponentially with all the traffic going through. >> That's right. >> So how are you guys keeping up with the scale, and what's really the security solution that you guys are implementing? >> So the point you make is really interesting. Yes, it is increasing exponentially, and as a data source the network is the only sort of observational point of truth in the entirety of IT. Everything else is sort of self-reported. Logs, end points, those are very valuable data sources, but as an empirical source of truth, of evidence, the network wins. That assumes you can scale. And that assumes you're fluent with the protocols that are traversing the network, and you're able to actually handle the traffic in the first place. And so for us just this week, we announced a 100gb per second capable appliance, which you know is an unprecedented amount of analytics from the network's perspective. So we're very proud about that. >> So what are you looking for? What are some of the telltale signs that you guys are sniffing for? >> So generally, we auto-classify and auto-discover all of the behaviors on the wire. From the devices themselves, to the services that those devices expose, as well as the transactions that those devices exchange. And so from a context perspective, we're able to go far deeper than almost anyone else in the space, that we know of at least. Far deeper and far more comprehensive sort of analysis as it relates to the network itself. >> And the context is really the key, right? Tag testing what, why, how. System behavior, that's what you're looking for? >> A great example is a user logging into a database, that might be part of a cluster of databases, and understanding what the user's behavior is with the database, which queries are being exchanged, what the database response is in the first place. Is it an error, is it an access denied? And does this behavior look like a denial of service, for example. And we can do all of that in real time, and we have a machine learning layer that sits over top and sort of does a lot of the analytics, and the sort of insights preemptively on your behalf. >> And it's only going to get crazier, right? With IOT and 5g. Just putting that much more data, that many more devices, that much more information on the network. Yeah, so IOT in particular is interesting, because IOT is challenging to instrument in traditional ways, and so you really do have to fall back to the network at some point for your analysis. And so that's where we're very, very strong in the IOT world and industrial controls, SCADA and beyond. Healthcare, HL7 for example. So we're able to actually give you a level of insight that's really, really difficult to get otherwise. >> And we've been hearing a lot of the keynotes and stuff, that those machines, those end points are often the easiest path in for the bad guys. >> Yes they are. >> An enormous security camera or whatever, because they don't have the same OS, they don't have all the ability to configure the protections that you would with say a laptop or a server. >> That's right. There's a surprising number of IOT devices out there that are running very, very old. And vulnerable operating systems are easy to exploit. >> Alright, so Matt I guess we're into Q2 already, hard to believe the years passing by. What's priorities for 2018 for you and ExtraHop? >> So we've announced a first class, purpose-built security solution this year, and really the plan is to continue the sort of momentum that we've accrued. Which is very encouraging, the amount of interest that we've had. It's hard to keep up, frankly. Which is fantastic. We want to continue to build on that, grow out the use cases, grow out the customer base and continue our success. >> Alright Matt, well we'll keep an eye on the story, and thanks for stopping by. >> Great, thank you. Appreciate it. >> Alrighties Matt, I'm Jeff, you're watching theCUBE from RSA Conference, San Francisco. Thanks for watching.