>> Announcer: Live from San Diego, California, it's theCUBE, covering Kubecon and CloudNativeCon, brought to you by RedHat, a CloudNative computing foundation and it's ecosystem partners. >> Hi and welcome back to Kubecon, CloudNativeCon 2019 here in San Diego. I'm Stu Miniman and my cohost for three days of coverage is John Troyer, and happy to welcome back to the program, was on the keynote stage earlier at the conference, Derek Collison is the founder and CEO of Synadia. >> Yes, welcome. >> Stu: Showing the logo, thanks so much for joining us, Derek. >> Oh, thank you, I really appreciate it, it's been a while. >> Yeah, it has, so you know, we've known you for many years, had you on the program, you look at us, you've got one of those VIP logos 'cause you've been on the show a few times, and you've seen a couple of these waves. Latest thing, of course, you're talking a lot about NATS, but of course Cloud Foundry you built that, so you've seen a lot of these waves, but I want to start with something you said that I thought was really thought-provoking and interesting. A lot of people, we talk about the Cloud economy, talk about the data economy... You talk about the connective economy, so, explain to our audience a little bit what that means. >> So, the general gist of it is, hey, where's the innovation and where's the value coming out of information technology, IT, infrastructure and things like that, and for a long time, we were swept up in the Cloud economy, which was how you move from CapEx into OpEx, and things like that, and then of course it was all about data. And it still is about data, but if you notice, it's not the data moving to where you're trying to process things, now it's all of a sudden being distributed, and so you take that, and you take MicroServices, and you take all these things, and at least from my perspective, I see the value driving out of these systems now is in, how are they connected? How are you observing them, how are you securing them and trusting them? And I believe that's where the value in the next wave of innovation's going to come from. >> Yeah, it's funny, I hear sometimes we talk about the pendulum of technology, and I look in the ten years we've been doing this, really we're talking about the journey along the distributed architecture we've been trying to build, and it's not moving back and forth, but it's kind of... >> Derek: Circling. >> It's kind of circling, and some of the themes are repeating, but it's growing that along the way, so, give us NATS and messaging, how this plays into helping to solve that communication issue, it's the kind of thing, we read about in the Google papers as to, global distributed architectures. >> Yeah, so, the general gist is that NATS was built to power Cloud Foundry, right, and that was the deployment mechanism for applications and such like that. And NATS, just like a lot of the other technologies, was built for an itch I needed to scratch. And it was a silo technology. So about two years ago, we had the opportunity to actually think about if we wanted to make a business out of NATS, right? And any time you say open source and commercial entity, there's challenges, and I don't think anyone has all of the answers. But the answer we came up with internally as a team was, we need to build something that's value is greater than the sum of its parts. I personally, again, and a lot of people won't agree with me and that's okay, I don't believe in the open core model. I don't believe in the fact that you make certain enterprise features and certain open source features. However, what I do believe is that if we could take a communication technology and make it a true utility, like the global cellular now, or the Internet, and connect everything, we'd have these opportunities that no one could foresee, for example, with the web, or even with the global cellular network and what people think is about to happen with the 5G. So we took NATS, which is a very mature technology, made it multi-tinted, made it very, very forward-looking secure, made it run in any Cloud, Edge, IoT, with the hope that we could encourage people to connect everything, start isolated, but have the ability to say, hey, we want to start sharing data securely in an audited way, that it's drop-dead simple to do. It's not a, let's plan a six-month project to integrate your systems with these systems and things like that, and so that's the gist of what we're trying to do, and we believe that running this thing as a server as such that it's a utility, it's not just something for you or for you or for me, it's that we're all using the same thing and we're all connected if we want to be, we think there's value there. >> Derek, maybe let's go in a little bit on NATS, and the service you're running too, but maybe educate us a little bit on the landscape here. We've already talked about IoT, Cloud data, VAP messaging, and I think people understand, to a certain extent, what a messaging system is, sometimes it gets conflated with a streaming system, maybe you could talk about what NATS does really well, we've talked about security, we've talked about a few other things, you've teased already here, but how should we be thinking about NATS? >> Well, I think, outside of NATS, just in general, any type of way of communications, we need to think secure by default, right? We can't do what happened with the Internet, where we go, ooh, it'd be really nice to do these kind of things, but we need security. And we have to wait, as a group of excited individuals, probably 15 years to get that, we can't do that in this generation with IoT and things. But when you look at NATS, or any technology, there's essentially two types of patterns that anybody wants to support. A service-based pattern, where I ask you a question, you give me an answer, ninety-plus percent of distributed systems today, that's their main architectural pattern. So I'm coordinating and asking a lot of questions of these services, micro-services, you know, has become popular. Streaming is now becoming popular with things like Kafka and stuff like that, it's been around for a while, but that's the second, other pattern. So it's like, I'm emitting events or data streams or things like that, and they could be persisted or not, but essentially if you want to make it simple, it's services and streams, and for us, we wanted technology that did equally well in both of them, right, you didn't have to pick one technology for one pattern and another one for a different one. >> All right, let's talk a little bit about your business. So you talked a little bit about kind of the business model, so explain the business model, what you're doing, how that actually goes together? >> Yeah, and for the viewers, this is our take on it, which means it's advice, you get what you pay for, it's free, type of stuff, but, you know... Been around the block a little bit. So, when we started out, what we didn't want to do is ignore the old models. I don't think a long-term business model is the old models, meaning recurring support, consulting, NRE work type of stuff, but I've also seen startups that ignore that and say, "no, we're not going to do that at all." And I did a little bit of that with my prior company, so we embrace that, but we know long-term that's not going to be it. So we deploy a global network, we have a global network, it's available with a single URL, secure by default, runs in every Cloud, every major GO, and more importantly, you can extend it on your own, on your own servers, with the RN off to do that. And we believe that Saas model, that utility model where, again, its value is greater than the sum of its parts, allows us to keep everything open-source, but there's a value in being connected to this network. Multi-Cloud, Cloud to Edge, all that kind of stuff. And what we want is we want customers to slowly transition to that. I've been telling people there's basic cable, which is like, just the dial tone, then there's going to be premium channels on that, that you can pay for, like storage, DR, secrets, zero-trust mechanisms, anomaly detection around communication patterns. People might opt in and say, "ooh, we want to pay for those things 'cause they're interesting to us." And then the last piece of that pie is, there may be people who are running against the global utility, running their own servers, and they go, "that service right there inside of that system, we love it, we want it on premise, can we actually license it from you?" So it's a combination of softwares and service, license revenue, and recurring support. >> Okay, and so, are you enabling partners to deliver those services, is that Synadia does that themselves, where do those premium services come from? >> So, we're going to seed the market, but yeah, we want it to be an open marketplace, and what we will provide is things like billing and such like that, almost, not exactly, but almost like the app store, the Apple app store, where someone who just wants to write a simple service, and if people like it, they don't have to do much, they just have it run and it's receiving stuff and they just get paid. So we do think that's a federated model. Believe it or not, we also feel running the network on a global scale is also federated. So we've designed it such that we don't have to be the only operators. Matter of fact, if we're successful, we're the smallest operator going forward. But, the system is always interconnected, right, so if John's trying to connect in and he's connecting to a Google server, I can connect to that server also, even though Synadia might have actually granted me the rights to access the system. And so we're working on that, we're thinking about that, but Cloud providers are really good at running infrastructure and running services on that infrastructure. We want to embrace that, we just want to make sure that any user of the system, it's like a SIM card that's unlocked, essentially, right? You could go to any provider that you want and it works, that's what we want to make sure we set up for. >> Right, it seems like a great example of this next wave of companies that's being built on top of the existing Cloud infrastructure. You don't have to be a hoster yourself, you could take advantage of and partner with all the other infrastructure providers and interconnect them in several different ways. Maybe, Derek, could you give us an example of an app, what an app might look like that's globally distributed and what kind of messages would be being passed back and forth? >> Sure, so, we're about to release something on Synadia where we truly believe, at the base of everything, it's just sending messages. And so, most people think of NATS as a communication mechanism, and it is, but when we say storage or state storage, they kind of say, "oh, NATS doesn't do that." But we can send a message to a KV service that says KV.set, and I could send a message that says KV get and get it back. Now, what's interesting is, we can make that zero trust, meaning, it leaves your app totally encrypted, so none of our servers, none of Google, Amazon, or Azure's servers, actually even understand what the heck it is, but what's interesting is, you could connect to any of our servers worldwide, or even run your own servers, and connect to those, and it works, all the time. We have another one that's just a usage server, meaning it tells you how much usage you've been racking up, let's say, over the month, kind of like a cell bill. And the way we built it was, there's multiple servers that are running, collecting this data, totally independent, there's no consensus. Everyone has the same subject, NGS.usage, you send a request saying, "what's my usage for the last hour?" Yet the backend service, guaranteed secure, trusted, it receives a request that it knows it's John, knows it's Stu, knows it's Derek, and so it can say, "oh, I'm trying to get John's usage, I'm trying to get Stu's usage." Yet the user experience is, everyone does the same thing, which we think is extremely powerful. And you don't have to do anything unnatural to get that with a system like NATS, right, where we tried to put security first and really think hard about what it meant, and that wasn't fun, it wasn't easy, but we think it's important. >> Yeah. So, Derek, I want to kind of step up-level a second here, 'cause you've got some great viewpoints on things, so, there's some people that look at a show like this or look at the industry and say, "Ah, there's all this hype around multi-Cloud, but there's a lot of challenges." Does it become least common denominator? How do these things work together? My definition that I've been saying for a while, I'll use a phrase you've used a couple of times. If, for multi-Cloud to be real, the value that I get out of it has to be greater than the sum of its parts. You live through the PaaS and the post-PaaS era, you've done a number of environments here, so where are we today, where do we need to go as an industry, as a whole, to reach that value statement that we talk about? >> Yeah, that's a great question. Even from day one in Cloud Foundry, I've believed in multi-Cloud, but I've watched how the markets have actually reacted and what they are doing, and the first wave in my perspective was, posturing for better pricing. To be honest with you, it was Netflix go, "hey we're going to move to Google unless you give us a better price." And I've seen that time and time again. Where it becomes real, though, is, when there's a class of service in a given Cloud provider, that is extremely attractive. Amazon, just in terms of the breadth, Azure a lot for some of the big data stuff, Google a lot for some of the AI stuff they have. Where an organization has a legitimate use to say "we really need best of breed in AI," best of breed in, let's say, big data, and they want to run an app in Azure and an app in Google, and that's kind of the realest situation I've seen. The notion of running something that's truly oblivious and can run anywhere, it's possible, but your lowest common denominators compute and simple storage, and a lot of times, that's not actually distinguishing. So I still see a lot of pricing pressure, you know, posturing, around multi-Cloud, just as a negotiation tactic. Where I see it being real is, this class of app, we want to run it in this Cloud provider to access these services that are differentiating. >> Derek, you have been around for a few generations of Stack wars, PaaS wars, I don't know that they need a name. Any advice to application architects and technologists who are choosing technologies here? I mean, here at this conference, Kubernetes is kind of a common assumption for a lot of what people are doing, not everybody, but there's a lot of other parts that plug into it, and a lot of other decisions to be made about architectures, and about, everything from messaging, to security, to networking, to storage, and I can go on and on and on and on. So, I mean how... Again, you've seen this happen a couple times, people having to pick and make choices, worried about lock-in, whatever they're worried about, I don't know. What are your thoughts on what's the, what are the right ways to do this so you actually succeed? >> Yeah, you know, it's a great question. And yeah, I have seen the pendulum swing back and forth quite a bit, but I think for the viewers, I can simplify it, at least from my perspective. It goes between choice and simplicity. So if you look in even the PaaS wars versus IaS versus all that stuff, PaaS was a swing towards simplicity, get stuff done, you know what I mean? And then there was like, "oh, I can get stuff done, but I don't have enough choice." So we saw this swing back, and I think Kubernetes hit at the absolute perfect time to take advantage of, "hey, we need choice at these base layers," right? And the way Kubernetes was architected was to give you that full choice. So if a startup's coming along and saying, okay, given the fact that the pendulum's over here, knowing it's going to be swinging back, and at least in my opinion, we're swinging back for simplicity, concentrate on, how do you simplify what people are struggling with today? So at this conference, there's a tremendous amount of people, you can get a lot of insight into what's going on, ask 'em where it hurts, you know what I mean? What are you struggling with? How long have you been struggling with it? And then solve those problems, especially when the pendulum you know is starting to swing back around. Hey, can we do this in a more simplified way, why does it have to be so hard? Those are the big opportunities right now. But again, it'll swing this way, and it'll swing back, eventually it'll get to the middle, and then we'll pick a whole other class of problems to, you know, swing back and forth from. >> Well, you know, it actually, it's not surprising to me that you're actually echoing a comment that Steve Harrod made on the program yesterday, saying when he goes and talks to all the companies here, it's, tell me how you make my life better as a company, and that's what we need to focus on. That wave toward simplicity absolutely is something we see, it's something we've been driving toward from Kubernetes, but an area that you're spending some time in talking about at the keynote, Edge computing. And absolutely, we need simplicity for that to be able to come there. What are you seeing in the Edge space, what's real, customers you're talking to, give us a little bit of forward-looking as where you see that whole space going. >> Yeah, so, I mean, for me, Edge and IoT, you can define it a lot of different ways, but even for enterprise companies that are here, it's, hey, do you deploy a piece of software out into the field, or a hardware/software combination? So, Bose headsets, Peloton bikes, whatever, that's kind of an industrial IoT type of thing. I see a lot of people wanting to drag what they think works in Cloud out to the Edge. Kubernetes works here, we're going to drag it out here. We're just going to slim it up a little bit and package it. I don't know if that's the right answer. What I think we need to think about is how do we get data and compute, compute meaning processing of that data, securely in a trusted fashion out to the Edge, however that works? It doesn't necessarily mean we have to have all the same pieces, but you have to say, I want to push an update and I want it to go over the air so to speak to the Edge, I want to be able to trust that it's doing the right thing. And so I think there's a massive amount of opportunity around that, and in how do you move all those pieces around. And what we're trying to do at Synadia is encompassing both, right? So we started with the secure by default, trusting in the beginning, and then if we say, hey, it's just messages, and in the keynote, I talked a little bit about our excitement around web assembly. But where we get excited about it is, we give you a drop-dead easy system and say, I want to digitally sign that web assembly for use in this certain situation at the Edge. And then that shovels it out there, and the system looks at it, verifies that it was signed by John, and says, yep, I can run this now. And so we're looking very heavily at those types of opportunities. We don't care how the things are deployed per se, but I would say that I think as you get further out, I think you're going to see more common denominators around web assembly, secure and signed web assemblies, than on how we actually deploy them. So you're going to see lighter weight things, not to say that Kubernetes might not have relevance out there, but I don't think it's needed to get to where we want. We need that trust factor, ubiquitous, communications to really kind of light that field up. The other one at least that we feel we need to meet the customer where they're at, is most of the IoT type devices are MQTT. And so we talked also that in Q1, we're going to allow native MQTT apps to connect directly into a NATS server and the NGS ecosystem, meaning you get the best of both worlds as well. Then an Edge router's running a NATS server, could be a raspberry pie, thousands of devices all connecting in, we think that connectivity and trust will light up a lot of opportunities. >> All right, well, Derek, always a pleasure to catch up with you, thanks so much for the updates. >> Thank you guys, I really appreciate it. >> All right. John Troyer, I'm Stu Miniman, back with lots more coverage here at Kubecon CloudNativeCon, thanks for watching theCUBE.

>> live from San Francisco, celebrating 10 years of high tech coverage. It's the Cube covering Veum, World 2019 brought to you by IBM Wear and its ecosystem partners. >> Welcome back. This is The Cube. Live at VM World, 2019 times. Too many men with my co host Justin Warren, David Dante, John Ferrier. John Wall's John Troyer. Like a certain founding fonder, Alexander Hamilton, the Cube is going non stop coverage for the three days Habito. Welcome back to our program. Two of our Cube alumni's Lynn Lucas, who is the chief marketing officer of Cohee City. And she's brought along John White, who is the chief innovation officer at Expedient. Thank you both for joining us. >> Happy to be here. Happy 10 year anniversary to the cute >> Well, thank you so much. And you know, so many people we've known over the years. Actually, the first time I met John wait was I believe in this whole, you know, at VM World, you know, talk about what's going on. Eso You know, I always love talking to the service riders because it's been going through just a massive transformation, you know, all along on you, John, you've got a different title Since the last time I interviewed you, You been involved in the strategy You and I have gone toe cloud shows together and some of the other things they're so bring us up to speed as to, you know, expedient here at the show. And, uh, what brings you here with cohesive? >> Yes. Oh, yeah, thanks to your right. But I think it's probably five or six years ago. Maybe I asked too. You said, Hey, what do you know about the service provider community? Cause I wanted to kind of educate you because it was something that's been fairly new and expedience been in that industry for a long time. We were mainly in infrastructure of the service provider, man. The service providers are rounding on all that I t. Stuff that people need and ah, this VM world is a huge one for us. Last year we launched Enterprise Cloud, which is a product based on VM. Where's full softer to find stack And that was something we wanted to go to market with to give an alternative people, When you say Hey, I need to go to the cloud and you realize that okay. I really can't just take my APS and lift and shift and go there. There's another place for you that's a little a little more familiar. And as we see 20,000 people know VM were obviously that air here. So that's usually what what's usually happening in the Enterprise. So we're talking with those folks, and so we would launch that platform. We thought about everything differently. We were running virtualization since, 06 of seven, and we wanted to change everything back up platforms as well as needing things like scale out now, as were necessity at that point. So this VM worlds are coming out because we had, ah, release that last year. And now we have a lot of good customers to talk about on that platform. 12 months later. >> Yeah, well, Lynn, first of all, congratulations because, you know, I know John sits on customer counsels for some of these events. I've dug into a bunch of the networking pieces with him and actually was, you know, we spent a bunch of years. We went to a bunch of shows together and he was looking at the some of the various vendors and a bunch of the new startups and cohesive E is the one that you know really stepped up provided the solution that he was looking for. So it's been interesting to hear service fighters. You were usually the first ones that companies were talking to. But bring brings the cohesive story there. >> Yeah, and so were a super pleased and honored to have expedient working with Cohee City. And John has been instrumental in really providing a lot of direction to us on what his needs are and how to make the product even better for for him and the service provider community, it's a huge part of our go to market strategy. We believe that with the massive growth in the interest in hybrid and Justus John was saying, There's so many customers that really aren't equipped to deal with How do I move to ah hybrid cloud strategy, whether that before compliance reasons, whether that be geographical reasons under you've seen them all. And so this is something where we feel really thrilled to have the, um, where's cloud partner of the Year working with us and to help serve customers with the expedient enterprise Cloud platform. >> Congratulations on that team. And right when we first met five years ago Public cloud for VM wear And for most of the service bodies, it was the enemy, all right. It's like, Oh, my gosh. There, you know, you went toe Amazon reinvent and create a little bit of partnership. So give us the update on hybrid. What that means and how solutions like, Oh, he city, you know, help you provide services to your customer. >> Yeah, it's funny you mentioned. I mean, that's you would ask me, What are you doing here? What are you doing here? Because it was going out doing this research, seeing where the market was on containers on adoption of Claude practices. So we wanted to make sure that we were very open with all the different solutions that are out there. And that's been our strategy from the from the start. So building enterprise cloud was one thing we need to do to come to market with a platform like everybody else. But multi cloud is really where we have focused. And it's funny. I mean, when I when I first started coming to the M world, it was very product centric, you know, you had this product, you could do X with it. And here's the return that you would get at it. And when you're coming to the emerald now it's more about platforms. And that's really what I found most interesting with Cohee City when I first met Mohit, probably two and 1/2 3 years ago, was that he was focusing on the platform of data management. And that's really what the problem was. It wasn't now, specifically, it wasn't data protection. Specifically, it was What all can you do with that with that data management? And we're You know, we're spending a ton of time with Cohee City on. We were building multi Tennessee with them to them, be able to support that. And that's what we're delivering on now. So it's it's it's the scale out now's it's ah, data protection. And then we're taking those service is and then putting him in eight of us in azure or wherever it might be because it doesn't matter to us, because long term we want to care about the long term I t care and feeding and focus on that as our value prop instead of just actually which silo >> it lives in. Yeah, and right from the very beginning, I remember speaking to Kohei City very, very early on when it just sort of come out of stealth. And it was baked into into the product the idea of data management that it was going to be much more, much more than just data protection. So, what are you seeing now that we have a lot of years of product development has clearly gone into it since we first looked at it then. But what are you seeing? Customers using the platform for here in 2019? >> Well, we started a little bit more unique than most other customers. I think we talked about this, you know, throughout CO e city. And we actually started on a scale out now's platform s. So we have one of our clients homes dot com who? They're with us this week because they have a really interesting you. No need for this type of enterprise. Cloud there with us and they're talking about all the different benefits they received out. And they started actually with on the file side of things homes dot com, real estate, online real estate. So I think you know about how many images and how many fouls you have out there. We have 2.6 billion images right now running on the cohesive platform. That was 2.6 billion and a 30% annual growth rate. Yes. So the numbers are crazy. You can't put those on any other traditional now, as that's out there. Uh, so we used a he city first to get started there, and then the backups really were the icing on the cake. So last October, we built We started going out the Nats platform to handle those images. And if you actually go to homes dot com right now, it's being served fully out Enterprise cloud from a container and virtual machine layer and then on the back end from Cohee City. And they were using that to protect it as well. >> And I think that if I add on to that is really a testament to the, you know, the foundation that mo it built, which is a true distributed file system, Google like, in that sense. And I think correct me if I'm wrong, John. But you know, you then also saw while that benefit of a platform approach and not another silo for the backup and having co he city help solve the challenges for both files as well as data protection and then maybe one day in the future. Looking at some of the things that we're doing now that we're doing more security on running APS and things like that on the platform as that may be an extension for you, >> Yeah, that's that's definitely a big focus of our effort, the global d duplication that you get with CO he city. When you add all those files in all the different customers, we have all the different virtue machines. Ah, the ratios were hitting or just insane. And it's something we decided as a service provider that we we said, OK, this technology, we actually want to give that benefit back to the customer. And so when somebody buys data stores from us on the data production, they buy what they're actually consuming on the disk. So you could have 100 terabytes in all of your V EMS. If you only need one terabyte, that's all you're buying from us. And that's a lot of the power of that platform that we get with cohesive. >> Yeah. So, John, wanna help? They want you to help us understand the nuance of something. We're platform? Yeah. Has a little bit of new Monsanto. Little bit, a little loaded thing. GM was the platform. Cohesive is a platform. You use both of them. So just help us understand how cohesive Ian Veum wear and all those things that they go together. They're not, you know, competing against each other in as your architectural Or are they? They're >> not competing there two layers, In my opinion, where you have your primary stores really living in and the M R and secondary storage is everything else on Cohee City. Ah, what? The nice thing is, they did a lot of cool things to kind of marry the two together. Um, one of the one of the tools that we're using Aesthetic ahi city is called Instant on or instant Restore a Virtue machines so we can actually spin up a virtual machine almost instantaneously. It lives on the Coast City platform. Once it's rehydrated, then does a storage the emotion automatically into the V, m or environment. So we're able to do migration or if we had, You know, we have a bad ransomware attack and we need to restore 100 V EMS within a few minutes. We can instantly bring those back up in the cohesive platform and then move them to a production virtual environment once it's done. And that's something that we weren't able to do with our existing vendor. And that was something we needed to actually go and focus on because being in the healthcare space being in the compliance space, that's that's a big problem for us. >> Yeah, just add, I think that, um Vienna, where is clearly one of our most important partners. The very first area that mo it developed was data protection, for I am where, I would say, well north of 70 75% of our customers are protecting their Veum, where environments We have a very large customer that's protecting over 18,000 V EMS on Cohee City. So with the certifications that we have with V. C. D. And with the integrations, as you've mentioned with of you realize it's it's really it's a partnership. Andi think we're adding a lot of value to the customers that are building on V. M. where is >> very complimentary for sure. >> Yeah, it's been interesting that to see how customers choosing to go with a platform like like expedient because, as you mentioned earlier, stewed like five years ago, Cloud was the enemy. And but we're being told that on a public card is gonna take everything, and it's just gonna own all of the environment where is now? In 2019 we found that the story is actually much more complicated than that. Some of us probably believe that at the time I put my hand up is one of those that customers actually needed to live in multiple places. It's not a story of or it's a story of end, so you do need to be ableto have something which can work well with others on the same way we've got. We've got co, he's ity and V M. Where is it? Well, they're not really competing with each other. They work better together and particularly as customers scale, we find my any any kind of enterprise customer is header a genius, so you have to have solutions that give them options and that work together well with you have to play nicely with others. >> I think that's exactly right. And part of what we've done is built a software to find solution and to also give John expedient flexibility. How do you want to deploy for your customers? The solution. Is it in the, uh, the hyper scaler? Is it Hello, somewhere? Is that your own cloud? And so that's part of the advantage. I think all in one solution that then you can give your customers some flexibility as well as to how they want to consume the service as well. >> Absolutely meaning the flexibility And you mentioned software only, and are, you know, software or suffer to find that was something that was big for us. When we're looking for partnerships, we have a standardized hardware build that we want to use. And that was all built on Del. And it was something that, you know, we were able to work with obesity to get that standardized so we can continue to roll out. Excuse that we were most comfortable with. And they could just have the software layer on top. >> Yeah. So you've managed to do this successfully. You're going really well. Yeah. What's next? >> Well, um you know we have, you know, So in we ordered in October of last year. Right now we have six petabytes online enrolling. So that's that's great. You know, that's that's good to see. That's going to continue to grow at a pretty rapid rate. Data is something that obviously, we all know is never gonna shrink on. We're gonna continue to grow that with new customer acquisitions, and that's everything where we want to continue to go with this, Uh, this product specifically is on the data management side. The things that they're doing in Helios to start to get understanding and awareness in value out of that data that's sitting there is really, really important and exciting for us in the future. We deal what tonic compliance PC idea says hip. And we want to make sure that the data that we're storing inside of there will be compliant by those. So being able to write an application to see if the credit card numbers in a file or in a database by using the cozy platform that we brought us value. Same thing goes with a lot of the ransomware protection they're doing. So if you see a foul that gets encrypted, then I know. Okay, I have a problem. I better go look at that and give me a time stamped, Actually. Go on, restore from instead of actually trying toe, you know, pick around. And hopefully I find it when it before it was encrypted. So we're really excited about those opportunities is the future and seeing what data management can just bring to it. >> Well, Lynn, always a pleasure to catch up with you. Thank you so much for joining us again. And John, my friend, this is your six time on the program, actually gonna have a celebration in New England in a little over unveil for, ah, six s o right in New England. So for Justin Warren, I'm stupid him in. We love talking about sports here, and, uh, yeah, the Cuban way have the Niners and the Patriots for the team there. But as always, Thank you for watching the cue

>> Announcer: Live from Washington, DC it's theCube covering .conf 2017 brought to you by Splunk. >> Welcome back here on theCube the flagship broadcast for Silicon Angle TV, glad to have you here at .conf 2017 along with Dave Vellante, John Walls. We are live in Washington, DC and balmy Washington, DC. It's like 88 here today, really hot. >> It's cooler here than it is in Boston, I here. >> Yeah, right, but we're not used to it this time of year. Brad Medairy now joins us he's an SVP at Booz Allen Hamilton and Brad, thank you for being with us. >> Dave: And another Redskins fan I heard. >> Another Redskins fan. >> It was a big night wasn't it? Sunday night, I mean we haven't had many of those in the last decade or so. >> Yeah, yeah, I became a Redskins fan in 1998 and unfortunately a little late after the three or four superbowls. >> John: That's a long dry spell, yeah. >> Are you guys Nats fans? >> Oh, huge Nats fan, I don't know, how about Brad, I don't want to speak for you. >> I've got a soft spot in my heart for the Nats, what's the story with that team? >> Well, it's just been post-season disappointment, but this year. >> This is the year. >> This is the year, although-- >> Hey, if the Redsox and the Cubs can do it. >> I hate to go down the path, but Geos worry me a little bit, but we can talk about it offline. >> Brad: Yeah, let's not talk about DC Sports. >> Three out of five outings now have not been very good, but anyway let's take care of what we can. Cyber, let's talk a little cyber here. I guess that's your expertise, so pretty calm, nothing going on these days, right? >> It's a boring field, you know? Boring field, yeah. >> A piece of cake. So you've got clients private sector, public sector, what's kind of the cross-pollination there? I mean, what are there mutual concerns, and what do you see from them in terms of common threats? >> Yeah, so at Booz Allen we support both federal and commercial clients, and we have a long history in cyber security kind of with deep roots in the defense and the intelligence community, and have been in the space for years. What's interesting is I kind of straddle both sides of the fence from a commercial and a federal perspective, and the commercial side, some of the major breaches really force a lot of these organizations to quickly get religion, and early on everything was very compliance driven and now it's much more proactive and the need to be much more both efficient and effective. The federal space is, I think in many cases, catching up, and so I've done a lot of work across .mil and there's been a lot of investment across .mil, and very secure, .gov, you know, is still probably a fast follower, and one of the things that we're doing is bringing a lot of commercial best practices into the government space and the government's quickly moving from a compliance-based approach to cyber security to much more proactive, proactive defense. >> Can you get, it's almost like a glacier sometimes, right, I mean there's a legacy mindset, in a way, that government does it's business, but I would assume that events over the past year or two have really prompted them along a little bit more. >> I mean there's definitely been some highly publicized events around breaches across .gov, and I think there's a lot of really progressive programs out there that are working to quickly you know, remediate a lot of these issues. One of the programs we're involved in is something called CDM that's run out of DHS, Continuous Diagnostic and Mitigation, and it's a program really designed to up-armor .gov, you know to increase situational awareness and provide much more proactive reporting so that you can get real-time information around events and postures of the network, so I think there's a lot of exciting activities and I think DHS and partnership with the federal agencies is really kind of spearheading that. >> So if we can just sort of lay out the situation in the commercial world and see how it compares to what's going on in gov. Product creep, right, there's dozens and dozens and dozens of products that have been installed, security teams are just sort of overwhelmed, overworked, response is too slow, I've seen data from, whatever, 190 days to 350 days, to identify an infiltration, nevermind remediate it, and so, it's a challenge, so what's happening in your world and how can you guys help? >> Yeah, you know it's funny, I love going out to the RSA conference and, you know, I watch a lot of folks in the space, walking around with a shopping cart and they meet all these great vendors and they have all these shiny pebbles and they walk away with the silver bullet, right, and so if they implement this tool or technology, they're done, right? And I think we all know, that's not the case, and so over the years I think that we've seen a lot of, a lot of organizations, both federal and commercial, try to solve a lot of the problems through, you know, new technology solutions, whether it's the next best intrusion detection, or if it's endpoint, you know, the rage now is EDR, MDR, and so, but the problem is at the end of the day, the adversaries live in the seams, and in the world that I grew up in focused a lot around counter-terrorism. We took a data-centric approach to finding advanced adversaries, and one of the reasons that the Booz Allen has strategically partnered with Splunk is we believe that, you know, in a data-centric approach to cyber, and Splunk as a platform allows us to quickly integrate data, independent of the tools because the other thing with these tool ecosystems is all these tools work really well within their own ecosystem, but as soon as you start to mix and match best of breed tools and capabilities, they tend to not play well together. And so we use Splunk as that integration hub to bring together the data that allows us to bring our advanced trade-craft and tech-craft around hunting, understanding of the adversaries to be able to fuse that data and do advanced detection and help our clients be a lot more proactive. >> So cyber foresight is the service that you lead with? >> Yeah, you know, one of the things, having a company that's been, Booz Allen I think now is 103 years old, with obvious deep roots in the federal government, and so we have a pedigree in defense and intelligence, and we have a lot of amazing analysts, a lot of amazing, what we call, tech-craft, and what we did was, this was many many years ago, and we're probably one of the best kept secrets in threat intelligence, but after maybe five or six years ago when you started to see a lot of the public breaches in the financial services industry, a lot of the financial service clients came to us and said, "Hey, Booz Allen, you guys understand the threat, you understand actors, you understand TTPs, help educate us around what these adversaries are doing. Why are they doing it, how are they doing it, and how can we get out in front of it?" So the question has always been, you know, how can we be more proactive? And so we started a capability that we, or we developed a capability called cyber foresight where we provided some of our human intelligence analysts and applied them to open-source data and we were providing threat intelligence as a service. And what's funny is today you see a lot of the cyber threat intelligence landscape is fairly crowded, when I talk to clients they affectionately refer to people that provide threat intelligence as beltway book reporters, which I love. (laughter) But for us, you know, we've lived in that space for so many years we have the analysts, the scale, the tradecraft, the tools, the technologies, and we feel that we're really well positioned to be able to provide clients with the insights. You know, early on when we were working heavily in the financial services sector, the biggest challenge a lot of our clients had in threat intelligence was, what do I do with it? Okay, so you're going to send me, what we call a Spot Report, and so hey we know this nation-state actor with this advanced set of TTPs is targeting my organization, so what, right? I'm the CISO, I'm the CIO, should I resign? Should I jump out the window? (laughter) What do I do? I know these guys are coming after me, how do I actually operationalize that? And so what we've spent a lot of time thinking about and investing in is how to operationalize threat intelligence, and when we started, you kind of think of it as a pitcher and a catcher, right? You know, so the threat intelligence provider throws those insights, but the receiver needs to be able to catch that information, be able to put it in context, process it, and then operationalize it, implement it within their enterprise to be able to stop those advanced threats. And so one of the reasons that we gravitated toward Splunk, Splunk is a platform, Splunk is becoming really, in our mind, one of the defacto repositories for IT and cyber data across our client space, so when you take that, all those insights that Splunk has around the cyber posture and the infrastructure of an enterprise, and you overlay the threat intelligence with that, it gives us the ability to be able to quickly operationalize that intelligence, and so what does that mean? So, you know, when a security operator is sitting at a console, they're drowning in data, and, you know, analysts, we've investigated tons of commercial breaches and in most cases what we see is the analyst, at some point, had a blinking red light on their screen that was an indicator of that particular breach. The problem is, how do you filter through the noise? That's a problem that this whole industry, it's a signal to noise ratio issue. >> So you guys bring humans to that equation, human intelligence meets analytics and machine intelligence, and your adversary has evolved, and I wonder if you can talk about that, it's gone from sort of hacktivists to organized crime and nation-states, so they've become much more sophisticated. How have the humans sort of evolved as well that your bridge to bear? >> Yeah, I mean certainly the bear to entry is lower, and so now we're seeing ransomware as a service, we're seeing attacks on industrial control systems, on IOT devices, you know, financial services now is extremely concerned about building control systems because if you can compromise and build a control system you can get into potentially laterally move into the enterprise network. And so our analysts now not only are traditional intelligence analysts that understand adversaries and TTPs, but they also need to be technologists, they need to have reverse engineering experience, they need to be malware analysts, they need to be able to look at attack factors in TTPs to be able to put all the stuff in context, and again it goes back to being able to operationalize this intelligence to get value out of it quickly. >> They need to have imaginations, right? I mean thinking like the bad guys, I guess. >> Yeah, I mean we spend a lot of time, we've started up a new capability called Dark Labs and it's our way to be able to unlock some of those folks that think like bad guys and be able to unleash them to look at the world through a different lens, and be able to help provide clients insights into attack factors, new TTPs, and it's fascinating to watch those teams work. >> How does social media come into play here? Or is that a problem at all, or is that a consideration for you at all? >> Well, you know, when we look at a lot of attacks, what's kind of interesting with the space now is you look at nation-state and nation-state activists and they have sophisticated TTPs. In general they don't have to use them. Nation-states haven't even pulled out their quote "good stuff" yet because right now, for the most part they go with low-hanging fruit, low-hanging fruit being-- >> Just pushing the door open, right? >> Yeah, I mean, why try to crash through the wall when you can just, you know, the door's not locked? And so, you know, when you talk about things like social media whether it's phishing, whether it's malware injected in images, or on Facebook, or Twitter, you know, the majority of tacts are either driven through people, or driven through just unpatched systems. And so, you know, it's kind of cliche, but it really starts with policies, training of the people in your organization, but then also putting some more proactive monitoring in place to be able to kind of start to detect some of those more advanced signatures for some of the stuff that's happening in social media. >> It's like having the best security system in the world, but you left your front door unlocked. >> That's right, that's right. >> So I wonder if, Brad, I don't know how much you can say, but I wonder if you could comment just generally, like you said, we haven't seen their best pitch yet, we had Robert Gates on, and when I was interviewing him he said, "You know, we have great offensive posture and security, but we have to be super careful how we use it because when it comes to critical infrastructure we have the most to lose." And when you think about the sort of aftermath of Stuxnet, when basically the Iranians said hey we can do this too, what's the general sort of philosophy inside the beltway around offense versus defense? >> You know, I think from, that's a great question. From an offensive cyber perspective I think where the industry is going is how do you take offensive tradecraft and apply it to defensive? And so by that I mean, think about we take folks that have experience thinking like a bad guy, but unleash them in a security operation center to do things like advanced hunting, and so what they'll do is take large sets of data and start doing hypothesis driven analytics where they'll be able to kind of think like a bad guy and then they'll have developers or techies next to them building different types of analytics to try to take their mind and put it into an analytic that you can run over a set of data to see, hey, is there an actor on your network performing like that? And so I think we see in the space now a lot of focus around hunting and red teaming, and I think that's kind of the industry's way of trying to take some of that offensive mentality, but then apply it on the defensive side. >> Dave: It just acts like kind of Navy Seal operations in security. >> Right, right, yeah. I mean the challenge is there's a finite set of people in the world that really, truly have that level of tradecraft so the question is, how do you actually deliver that at any level of scale that can make a difference across this broader industry. >> So it's the quantity of those skill sets, and they always say that the amazing thing, again I come back to Stuxnet, was that the code was perfect. >> Brad: Yeah. >> The antivirus guy said, "We've never seen anything like that where the code is just perfect." And you're saying it's just a quantity of skills that enables that, that's how you know it's nation-state, obviously, something like that. >> Yeah, I mean the level of expertise, the skill set, the time it take to be able to mature that tradecraft is many many years, and so I think that when we can crack the bubble of how we can take that expertise, deliver it in a defensive way to provide unique insights that, and do that at scale because just taking one of those folks into an organization doesn't help the whole, right? How can you actually kind of operationalize that to be able to deliver that treadecraft through things like analytics as a service, through manage, detection, and response, at scale so that one person can influence many many organizations at one time. >> And, just before we go, so cyber foresight is available today, it's something you're going to market with. >> Yeah, we just partnered with Splunk, it's available as a part of Splunk ES, it's an add-on, and it provides our analysts the ability to provide insights and be able to operationalize that within Splunk, we're super excited about it and it's been a great partnership with Splunk and their ES team. >> Dave: So you guys are going to market together on this one. >> We are partnered, we're going to market together, and delivering the best of our tradecraft and our intelligence analysts with their platform and product. >> Dave: Alright, good luck with it. >> Hey, thank you, thank you very much, guys. >> Good pair, that's for sure, yeah. Thank you, Brad, for being with us here, and Monday night, let's see how it goes, right? >> Yeah, I'm optimistic. >> Very good, alright. Coach Brad Medairy joining us with his rundown on what's happening at Booz Allen. Back with more here on theCube, you're watching live .conf 2017.

>> Narrator: Live from Washington DC, it's theCube, covering AWS Public Sector Summit 2017. Brought to you by Amazon Web Services and its partner Ecosystem. >> Welcome back here to Washington, D.C. You're watching Cube Live here at Silicon Angle T.V. The flagship broadcast of Silicon Angle. We are at AWS Public Sector Summit 2017 wrapping up day one coverage here in the Walter Washington Convention Center. Along with John Furrier, we are now joined by our esteemed colleague Jeff Frick who's been alongside all day handling all the machinations behind the scenes. >> Behind the scenes, John. >> John: Doing an admirable job of that, Jeff. >> So what do you think, our first ever visit to your town. >> John: I love it, I love it. >> I sense something tableau at the Opry. The Opry's the other big convention center, here, or Graceland. >> International Harbor. >> It's the same company. >> National harbor, MGM. >> You're a D.C. guy. >> Gaylord. >> Gaylord, thank you. >> What's the connection? So we going to get some tickets for the Nationals game? >> We got Nats game tonight, Strasburg pitched last night, did not pitch well, but who knows? Maybe we'll get Gio tonight. >> Well the action certainly Amazon Web Services >> Yeah let's talk about what we have going on here today, Jeff. >> Well, I mean, we interviewed, you and I did some great interviews. Intel came on, which is obviously Bellwether in the tech business. Jeff, former Intel employee knows what it's like to march to the cadence of Moore's law and Intel is continuing to do well in platinum sponsor or diamond sponsor here at the event. Look it, the chips are getting smarter and smarter, security at the Silicon, powering 5G, a networks transmission, a lot of the plumbing that's going on in cloud and in cars and devices and companies, it's going to all be connected. So it's a connected world we're living in and Intel's going to be a key part of that so they're highly interested and motivated by all the people that are popping up in the cloud. >> We were just talking and Jeff, I know, you're able to listen on the last interview that we did, but a point that you made, that, you know, a point that you raised, about four years ago, when the CIA deal came down and AWS is ON one side and IBM's on the other, and AWS wins that battle. You called it the shot heard round the cloud. And that, now four years later, has turned out to be a hugely pivotal moment. >> Yeah, I mean this is like moments in time history here, again, documenting it on the Cube for the first time. I don't think anything was written about this I'll say it since we're going to be analyzing it. The shot heard around the cloud was 2013 when AWS public sector under Teresa Carlton's team and her leadership, beat IBM for the Central Intelligence Agency, CIA, contract. Guaranteed lots of spec for IBM. Amazon comes out of the woodwork and wins it. And they won it because essentially the sales motion and the power of IBM had this thing lopped in. But at that time the marketplace was booming with what we call Shadow IT, where you could put your credit card down and go into Amazon cloud and get some instants. What happened was someone actually cut a little prototype, showed their boss, and they said, "I like that better than that, let's do a bake-off." So what happened was at the last minute, new opportunity comes in and then they do what they call a bake-off. Bake-offs and RAPs come in and they won. Went to court and the judge in the ruling actually said Amazon has a better product. So they ruled in favor of Amazon Web Services. That was what I called the shot heard around the cloud. Since that point on, the cloud has become more legitimate every single day for not only startups, enterprises, as well as now public sector. So shot heard around the cloud fast forward to today, this show's on a trajectory to take on the pace of re:Invent, which as their core Amazon Web Services show, then of course which is why we're here chronicalizing this moment in history. This is where we believe, Jeff you and I talked about this, and Dave Alante and I talked about the research team, this is where the influction point kicks up. This is a new growth pillar unpredicted by Wall Street, new growth predictor for revenue for Amazon, they're already a cash machine. They're already looking like a hockey stick this way. You add on public sector, it's going to be phenomenal. So, a lot of people are seeing it but this is just growing like a weed. >> Jeff, follow up on that. >> I was going to say, the two mega trends, John, that we've talked about time and time again, and Teresa Carlson and team have done a terrific job here in the public sector, but I always go back to the James, Tuesday night in the James Hamilton at re:Invent, and if you've never gone you got to go, and he talks about just all these big iron infrastructure investments that Amazon continues to make because they have such scale behind them. Whether it's in chips, whether it's in networking, whether it's in new fibers that they're running across the oceans. They can invest so much money to the benefit of their customers, whether it be security, you know, in all the areas of compute, that is fascinating to me. The other thing we always hear about, about cloud, right, is at some point, it's cheaper to own rather than rent. We just keep coming back to Netflix, like at nighttime, I think Netflix owns whatever the number, 45 percent of all internet traffic in the evening is Netflix, whatever the number is. They're still on Amazon. So, it's not necessarily better to rent than buy. You have to know what you're doing and we were at another show the other day, it was Gannet, the newspaper company. When they're using a lot of servers, they use hundreds, but he said there are sometimes, using AWS, that they actually turn all the servers off. You cannot do that in a standard infrastructure world. You can't turn everything off and then on. Which again, you got to manage it. You don't want the expensive bill. But to me, being able to leverage such scale to the benefit of every customer whether it's Netflix or a startup, it's pretty tough. >> And this is the secret, and this is something again, shared with the Cube audience, here, is not new to us, but we're going to re-amplify it because the people make a mistake with the cloud, it's in one area, they don't match the business model to their variable cost expenses. If you get into the cloud business, and you can actually ratchet your revenue coming in and then manage that cost delta redline, blackline, know where those lines are, as long as you're in the black, and revenue, and you then have the cost variable step up with your revenue, that is the magical formula. It's not that hard, it's back of an envelope. >> Right, right. >> Red line cost, black line revenue. >> The other great story, it was from summit, actually, in San Francisco earlier this year, at they keynote, they had Nextdoor, everybody knows Nextdoor it's the social media for your mom, my mom. They love it, right, people are losing dogs, and looking for a plumber, but the guy talked from about Nextdoor. >> John: Don't knock Nextdoor. >> I don't knock Nextdoor, the Nextdoor CEO gets up and he said, well, I laugh because the Nextdoor guy's mom didn't know what he did until he did Nextdoor. Anyway, he said, you know, we have the entire production system for Nextdoor. And then we would build production plus one on a completely separate group of hardwares inside of Amazon. When that was tested out and ready to run, guess what, we just turn off the first one. You can't, you can't, you can't do that in an owned infrastructure world. You can't build N and N plus one and N plus two and turn off N, you just can't do that. >> Well, the Fugue CEO, Josh, everyone should check out on Youtube.com/siliconangle, he was awesome. He basically saw a throwaway infrastructure mindset to your point about Nextdoor. You build it up and then you bring your new stuff in, you digitally throw it away. >> Right, right. >> That's the future. And this is the business model aspect. And public sector, we were joking, look it, let's just be honest with ourselves, it is a glacier antiquated old systems, people trying hard, you know, government servants, you know, that, employees of the government, not appointees, they don't have a lot of budget and they're always under scrutiny for cost. So the cost benefits always there and they have old systems. So they want new systems. So the demand is there. The question is, can they pull it off. >> So, talk about the government mindset or the shift. We've heard a little bit about that today. About how, to the point that you just made there, John, that you know, very reluctant, some foot-dragging going on, that's historical, that's what happens. But now, maybe the CIA deal, whatever it was, we hit that tipping point, and all the sudden, the minds are opening, and some people are embracing, or being more engaging, with new mousetraps, with better ways to do things. >> We've got the speakers coming on here, so we should wrap it up real quick. Final thoughts, from Day One. >> I was just going to say that the other thing is that before there was so much fat, in not only government in general, but in infrastructure purchasing, 'cause you had to, you better not run out of hardware at Q3 when you're running the numbers. So everything was so over provision, so much expense and over provisioning. With Amazon you don't need to over provision. You can tap it when you need it and turn it off so there's a huge amount of budget that should actually be released. >> I want to ask you guys, we'll wrap up here, final, since you're emceeing, final thoughts. What is your impression of day one? I'll start here and you guys can have time to think of an answer. My takeaway for public sector is Teresa Carlson has risen up as a prime executive for Amazon Web Services. She went from knocking doors eight years ago to full on blown growth strategy for Amazon. And it's very clear, they're not there yet. They only have 10,000 people here, so the conference isn't that massive. But it's on its way to becoming massive. Here's their issue. They have to start getting the cadence of re:Invent launches into the public sector. And that's the big story here. They are quickly shortening the cycles between what they launch at Amazon re:Invent and what they roll out of the public sector. The question is how fast can they do that? And that's what we're going to be watching. And then the customer behaviors starting to procure. So greenlight for Amazon. But they got to get those release cycles. Stuff gets released at Amazon re:Invent, they got to roll them with government, shorten that down to almost zero, they'll win. >> Yeah, my just quick impression is, I like to look at the booth action, because we've all had booth duty, right. What's going on in the booths? Did the people that paid for a booth here feel like they got their money's worth? And the traffic in the booths has been good, they've been three deep, four deep. So the people that are here are curious they're interested, they're spending time going booth to booth to booth, and that's a very good sign. >> This is a learning conference. Alright your thoughts. >> I would say, the only thing that is, I wouldn't say it's a red light by any means, but it's like a caution light, it's about budgets, you know, when you run government, you're always, you are vulnerable to somebody else's budget decision. I'm, you know, whether it's Congress, whether it's a city council, whether it's a state legislation, whatever it is, that's always just kind of a, a little hangup you have to deal with because you might have the best mousetrap in the world, but if somebody says nah, you can't write that check this year, maybe next year. We're going to put our money somewhere else. That's the only thing. >> I got my Trump joke in, I don't know if you heard that, but my Trump joke is, I'll say it at the end, there's a lot of data lakes in D.C., and they've turned into data swamps. So Amazon's here to drain the data swamp. >> Jeff: He got it in. He's been practicing that all week. >> I've heard it three times, are you kidding? Funny every time. >> Well you know our Cube, you know we talk about data swamps. I hate the word data lake, as everyone knows, I just hate that word, it's just not. >> Well, there is value in that swamp. >> Hated the word data lake. >> For Jeff Rick, John Furrier, I'm John Walsh. Thank you for joining us here at the AWS Public Sector Summit 2017. Back tomorrow with more coverage, live here on the Cube.