>> Okay, welcome back to the portion of the program for customer lightning talks, where we chat with Armis' customers for a rapid fire five minute session on their Cisco perspectives and insights into cybersecurity. First up is Tim Everson, CISO of Kalahari resorts and conventions. Let's get it going. Hi, Tim. Welcome to theCUBE and Armis program, managing risk across your extended surface area. >> Thanks for having me appreciate it. >> So let's get going. So unified visibility across the extended asset serves as key. You can't secure what you can't see. Tell me about what you're able to centralize, your views on network assets and what is Armis doing from an impact standpoint that's had on your business? >> Sure. So traditionally basically you have all your various management platforms, your Cisco platforms, your Sims, your wireless platforms, all the different pieces and you've got a list of spare data out there and you've got to chase all of this data through all these different tools. Armis is fantastic and was really point blank dropping in place for us as far as getting access to all of that data all in one place and giving us visibility to everything. Basically opened the doors letting us see our customer wireless traffic, our internal traffic, our PCI traffic because we deal with credit cards, HIPAA, compliance, all this traffic, all these different places, all into one. >> All right, next up, vulnerability management is a big topic, across all assets, not just IT devices. The gaps are there in the current vulnerability management programs. How has Armis vulnerability management made things better for your business and what can you see now that you couldn't see before? >> So Armis gives me better visibility of the network side of these vulnerabilities. You have your Nessus vulnerability scanners, the things that look at machines, look at configurations and hard facts. Nessus gives you all those. But when you turn to Armis, Armis looks at the network perspective, takes all that traffic that it's seeing on the network and gives you the network side of these vulnerabilities. So you can see if something's trying to talk out to a specific port or to a specific host on the internet and Armis consolidates all that and gives you trusted sources of information to validate where those are coming from. >> When you take into account all the criticality of the different kinds of assets involved in a business operation and they're becoming more wider, especially with edge in other areas, how has the security workload changed? >> The security workload has increased dramatically, especially in hospitality. In our case, not only do we have hotel rooms and visitors and our guests, we also have a convention center that we deal with. We have water parks and fun things for people to do. Families and businesses alike. And so when you add all those things up and you add the wireless and you add the network and the audio video and all these different pieces that come into play with all of those things in hospitality and you add our convention centers on top of it, the footprint's just expanded enormously in the past few years. >> When you have a digital transformation in a use case like yours, it's very diverse. You need a robust network, you need a robust environment to implement SaaS solutions. No ages to deploy, no updates needed. You got to be in line with that to execute and scale. How easy was Armis to implement ease of use of simplicity, the plug and play? In other words, how quickly do you achieve this time to value? >> Oh goodness. We did a proof of concept about three months ago in one of our resort locations, we dropped in an Armis appliance and literally within the first couple hours of the appliance being on the network, we had data on 30 to 40,000 devices that were touching our network. Very quick and easy, very drop and plug and play and moving from the POC to production, same deal. We, we dropped in these appliances in site. Now we're seeing over 180,000 devices touching our networks within a given week. >> Armis has this global asset knowledge base, it's crowdsourced an a asset intelligent engine, it's a game changer. It tracks managed, unmanaged IOT devices. Were you shocked when you discovered how many assets they were able to discover and what impact did that have for you? >> Oh, absolutely. Not only do we have the devices that we have, but we have guests that bring things on site all the time, Roku TVs and players and Amazon Fire Sticks and all these different things that are touching our network and seeing those in real time and seeing how much traffic they're using we can see utilization, we can see exactly what's being brought on, we can see vehicles in our parking lot that have access points turned on. I mean, it's just amazing how much data this opened our eyes to that you know it's there but you don't ever see it. >> It's bring your own equipment to the resort just so you can watch all your Netflix, HDMI cable, everyone's doing it now. I mean, this is the new user behavior. Great insight. Anything more you'd want to say about Armis for the folks watching? >> I would say the key is they're very easy to work with. The team at Armis has worked very closely with me to get the integrations that we've put in place with our networking equipment, with our wireless, with different pieces of things and they're working directly with me to help integrate some other things that we've asked them to do that aren't there already. Their team is very open. They listen, they take everything that we have to say as a customer to heart and they really put a lot of effort into making it happen. >> All right, Tim. Well, thanks for your time. I'm John Furrier with theCUBE, the leader in enterprise tech coverage. Up next in this lightning talk session is Brian Gilligan, manager, security and Operations at Brookfield Properties. Thanks for watching.

>> From the Aria Resort in Las Vegas, it's theCUBE. Covering AWS marketplace. Brought to you by Amazon Web Services. >> Hey, welcome back everybody, Jeff Frick here with theCUBE. We are kicking off three crazy days at AWS re:Invent. It is the place to be the week after Thanksgiving. There's got to be 50,000 people, we haven't got the official word, but it's packed and it kicks off tonight with a reception. We're here at the AWS Marketplace and Service Catalog Experience over at the Aria, in the quad, come check us out. A lot of good stuff going on. A lot of fun stuff going on. And we're excited to have first time to theCUBE, he's Nathan Dyer, Senior Product Manager for Tenable. Great to see you. >> Jeff, great to be here. Thanks for having me. >> Yeah, have the energy the opened the doors the people are streaming in. >> I don't know if it's the food or the drinks or the vendors. >> All of the above. Probably more the food and the drinks. All right. So give us an overview of Tenable for people who aren't familiar with the company. >> Yeah, so Tenable, we are the cyber exposure company. We help organizations assess, manage, and measure their cyber risk across their entire organization, across their monitored tax surface. And so what we try to do is help answer four fundamental questions around security. How exposed are we? How do we prioritize based on risk, how are we doing over time from a measurement standpoint, and then how do we compare with our peers? And so, if you haven't heard of Tenable, chances are you've heard of Nessus, which is one of our flagship brands. Nessus just turned 20 years young earlier this year. If you're pen tester, if you're a consultant if you're a practitioner, you know Nessus. But over the years we've added some other brands as well. Security Center which is now renamed Tenable.sc which is our On-Prem vulnerability management solution. And then tenable.io which was released in 2017 which is our cloud based vulnerability management solution and built on AWS. >> Right. So I was doing some research, I love your guys' little mantra here, it's security for code, for clouds and containers. You got all the C's there. The containers, you know, what's going on with Docker over the last couple of years and now obviously the huge groundswell with Kubernetes, you know this container thing, depending on who you talk to has been around for a long time but it certainly didn't have the momentum. How's the kind of the growth of the container world impacted the securities base? >> Oh, it's massive. Containers are everywhere. In fact there's a strong affinity to cloud and containers. So a lot of our large AWS customers love containers. They've been dabbling with containers for quite some time. They're moving more and more workloads to be containerized and on Kubernetes, Dockers, et cetera. From a securities standpoint that introduces a lot of challenges, right. They're short lived life cycles of docker containers make it very hard for us in security to assess or discover them. They're part of the whole immutable infrastructure phenomenon, so you can't patch it in production, right. Infrastructure is code. You have to tear down the container, fix the image and then redeploy. So from our perspective, we think you have to secure containers by focusing on the container image. Specifically as developers are spinning up new code, compiling new builds, creating new container images, is it running quality assurance checks? Security has to be a critical part of that quality assurance process. As you're doing integration tests, unit testing, API testing, security has to be a critical test looking for vulnerabilities and malwares is part of that process. >> But the rate of change in those images is pretty high. I mean, the rate of deployments is super high, but like you said a lot of them have short life spans, they're up or they're down. So, have people baked that in to their process? I mean, obviously, I hope they are. Or how are you helping them to make sure that security is a really key piece to that image. Because once that image goes out it has access to all kinds of things. >> So, the new news with containers, and then by focusing on the image it forces security teams to talk to their development peers. In order to secure DevOps and secure containers, security has to be embedded into continuous integration, into continuous delivery cycles or systems. And if you're focusing on development, you have a much greater chance of making sure that vulnerable container images are not escaping into the wild. And you guys should get a hold of those vulnerable images and make sure they adhere to policies before they're released into production. So that's the new news. >> Well, it's funny because you reference the DevOps. 'Cause DevOps has now been around for a while and clearly is the way the code gets deployed in a very rapid iteration. So they're some significant lessons from the DevOps security angle that you're now using then on the container side. Yeah, well first thing with secure DevOps and Devops in general, is that you have to get the developers and security teams to talk. You have to have a shared understanding of what makes each other tick. What are the goals, what are the responsibilities, priorities, understand each other and it turns out there's actually a lot of shared understanding and mutual benefit between infosec and application developments. When security is focused on solving for vulnerabilities and looking for security issues, that's improving code quality. That's removing some of the software defects from the development code and developers love that. They love producing high quality code. On the flip side, security teams can learn a lot about agile development. DevOps principles. Bringing DevOps into the security discipline, and help security teams start to leverage automation and continuous testing, continuous delivery, and make them much more scalable and productive in their organizations. So there's a lot of mutual of understanding there. >> Right. So I'd imagine there's a lot of, kind of similarities between classic waterfall and the moat, versus now kind of the DevOps and the continuous and ongoing constant process. >> That's exactly right. >> Yeah. So we're here at the AWS Marketplace. So you guys are selling through the marketplace, how has that been for the company? How has the experience been working with the AWS marketplace team? >> Oh, it's been great. I mean, Amazon is a great partner to work with. Tenable.io which is our cloud based vulnerability management solution is built on Amazon. We have a great relationship with Amazon engineers. Now for the marketplace, we've been selling Nessus for quite some time through the marketplace. So if you're a Nessus subscriber, if you're a tenable.io or securities center or tenable.sc subscriber, you get access to unlimited Nessus scanners and you can provision them very easily through the marketplace. It's super easy. Just recently, we now unveiled tenable.io through the marketplace and so far it's been a great success. Now customers who prefer to buy through Amazon marketplace AWS marketplace, can do so with a couple of clicks and be provisioned and get up and running with tenable.io. It's super easy, you can learn about the product. Kick the tires with a free evaluation, and really provision the product very simply. >> Yeah, I would imagine the touch from your guys side goes down significantly when they're just coming right through the marketplace. >> Exactly. That's the idea. Make it super easy for customers to invest in tenable.io and get a great experience in doing it. >> What about your own sales guys though. Is there a little channel conflict? They're like hey come one, I want to sell hat thing, we don't want to go through Amazon. >> Not at all. Our mantra is we want our customer to purchase through the channel they're comfortable with. And if they want to purchase through the AWS marketplace we have a channel for them, if they want to go through our three chair model we have obviously a great experience there as well. >> And clearly Amazon brings a lot of customer eyeballs to the table. >> They're a great partner. >> So, just before we wrap, you guys came out with the vulnerability intelligence report. I wonder if you can share some of the highlights of the things. You guys are obviously keeping track of this, you talked about benchmarking against your peers. And I know there's also a lot of sharing of information within security companies, to kind of know what the bad guys are and some of the patterns and best practices. So, I'm wondering if you can share some of the current trends. What are you seeing? How's the landscape changing? >> Well first of all, we have phenomenal tenable research team. They're phenomenal in terms of the data science, in terms of the vulnerability intelligence. We have a wealth of data in our hands from various deployments and so there's a lot of great number crunching and analysis we can generate from that. What we discovered in the vulnerability and intelligence report, is that security teams are just bombarded with vulnerabilities, literally, bombarded. Last year in 2017 we saw over 15,000 CVE's and unique vulnerabilities hitting the marketplace or hitting the industry. And by the end of this year we're expected to be between 18,000 and 19,000 vulnerabilities. So the trend is just going up, up, up. I think what makes matters worse though, is that when you start looking at those 19,000 vulnerabilities, over 60% of those vulnerabilities are classified as either high risk or critical. >> 65%? >> Around 60%. >> Of the, what was the numerator? 18,000? >> Of those 18,000 to 19,000 vulnerabilities, are classified as high risk or critical risk. So, that's a lot of fire drills that security teams need to chase. And so, what we're trying to achieve is helping our customers, helping the market at large understand what are the true risks out there, not the theoretical risks. What are the actual cyber risks. Meaning what are the vulnerabilities that could be easily exploitable, that have exploit kits already developed. We have our data science team looking at the characteristics of vulnerabilities and which ones would be leveraged by the bad guys and which ones would not be. And we significantly boil that number down so that organizations can focus on only 5% of the number of vulnerabilities that they otherwise would be chasing without changing their overall security risk to the organization. So, prioritization is super, super critical for those organizations. >> Nathan I think we all that separating the signal from the noise. (laughs) >> Jeff, well thanks for having me. >> Nathan, thank you very much, it's great to see you and have a great show. >> Thanks. You too. >> All right, I'm Jeff he's Nathan, you're watching theCUBE. We are at the AWS marketplace and service catalog experience at the Aria, at the quad. Come on by. We're serving free food and drink. See you next time. (lively music)

>> Voiceover: Live from Boston, Massachusets, it's The Cube, covering OpenStack Summit 2017, brought to you by the OpenStack foundation, RedHat, and additional ecosystem support. >> Welcome back, I'm Stu Miniman, joined by my co-host John Troyer. We're really digging in to some of the practitioners here on day three of our coverage. Happy to welcome back to the program, a Cube alum. Not only that, a super user, and not only that, a cowinner Paddy Power Betfair, Steve Armstrong, principal automation engineer. Thanks so much for joining us and congratulations to you and all team. >> Thank you, thanks very much. >> Alright, so, we've had you on the program, bring us up to speed, you know, where's your OpenStack deployment going, where are you spending your time? You know, at the event and stuff. >> So we're just recently, last year, merged companies, so what we're doing with it at OpenStack implantation at the moment is we're migrating all of our applications onto it from the merged company, so we're in the migration phase of the project at the moment, so we just recently, just after Christmas, had the hundred applications onto the platform. Mayston, we're now up to around 200 applications, so what we're doing with it is we've got a single customer platform which is the Merscode base of the two companies, and then we're going to run different branding from it. So in terms of OpenStack, what we're doing is we're looking to do an upgrade in the next month, as well. We had the session earlier on today where we went through that, so hopefully that was insightful for the people that were here. >> So fascinating, I'll tell you what, one of the, you know, there are many challenges with mergers and acquisitions. IT can be atrocious. I've worked with plenty of companies, if they're small, the parent company comes in, rips out the entire thing, and puts a new thing. How's OpenStack, is that an enabler? Do you see it as a marked improvement? Any findings that you've got so far? >> Well I think with OpenStack, it is very flexible because we're using it as the Middleware for the whole platform, and so we've got different storage vendors, we can just substitute the end and then go to the OpenStack APIs, that programmatically control everything. So, it's really useful for us, so if we ever wanted to essentially use a new storage vendor then we don't have to rewrite all the self-service orchestration our developers are using and interrupt them, so that's really, that's key for us and our business. >> It's interesting you use the word middleware. I haven't heard that word used in terms of OpenStack, but you mean the layer, literally the layer, between storage networking the raw infrastructure, and the app on top. >> Yeah, so what we're really doing, we've created self-service template that our development teams use, and we then want multiple different ways for teams to create virtual machines and basically go the APIs directly, so what we've done is we've created a layer using Felt Works School, and where development teams fill in self-Service yamafells with all the details that it needs and then they can send them for structure that way, so we're simplifying it and making it user-friendly for them so that when they're onboarding an application, they don't actually need to come to the infrastructure team. They can basically self-serve against OpenStack, so I think that's giving them that EWS or Google Cloud or Azure-like ability within the private cloud, and we've had to really change the way our business is set-up to actually operate that, so generally what we've done is we set up different teams where they're more T-shaped teams, so you, in a T-shape team, you have a network engineer, you have a storage guy, you have some automation engineers, someone maybe from a development background, and what we really did with it, when we're building the pilot process, we tried to encapsulate all those different scales within the one team and set them up as a core team that would then go and build the infrastructure using best practices from each discipline. >> So a T-shaped in the sense that, the team is still cross-functional, what's the 'T' of the T-shape. >> So, the debt of the T is really the deep-dive expertise, so you might have a network engineer who has a deep-dive knowledge in that, but what we're trying to do is expand the teams breadth, so the breadth is the T is really the other disciplines that they are learning as part of that team. >> And congrats on the award again. >> Steve: Thank you. >> As they talked about the award, some of the description of why you got the award, they did mention, the words dev-ops and CICDs. You talked a little bit about an order structure and changing your org, and processes to do that. Now do you call that T-shaped, is that a dev-ops team for you, or how do you all look at it? >> We don't really like to use dev-ops team because it is kind of a- >> That was a trick question. >> Yeah, a leading question, so it was really, a. What we try to do is have cross-functional teams so really dev-ops for us, what it means, is more collaboration between those teams. We've still got teams at the moment within our business that are looking after the heritage legacy stacks at the moment, so what we'll need to do going forward in our business is bring those teams into the fold cause we've really had, I mean, essentially what we're doing at the moment, it's, like, gotten our bimodal, where you essential have more to, we're beltless. We need to take that to the next level and basically bring the people that have been looking after the other parts of the business because you need to maintain them while we're doing this new private-cloud implementation, along on that journey, so we're running training sessions now for our network engineers, teaching them mansible skill in the map, so it's really exciting time, just bringing on that journey. >> I actually think that's fascinating, because there's been a lot of talk about bimodal, type one versus type two and the word from the community and from the end users' raids, that's not sustainable. So, what you're saying is is indeed you can organize that way, but you've got to bring the old teams- >> Yeah, I think you can put names on anything, but generally that's what you do, you stand up, we stood up a brand new Greenfield implementation. You needed to people to go over to that, and act in a different way because OpenStack, it doesn't make sense having different styles, looking after different components of it, because OpenStack centralizes that into middleware, so it's actually quite difficult to chop that up into different styles. If you're going to do it, you couldn't have someone just looking after sender for instance because it's so incorporated with the rest of the stack. So really what we're doing is we're exposing that API layer to the developers and allowing them to self-service against it, and then we look after the core team, the maintenance of it, so we've done this with the team. Eight people looking after the core platform, and then we've got multiple different teams that went out and they helped the developers onboard many applications onto the platform by teaching them the self-service workflows and how to fill out all the yama files, and then if there's any feedback from them, we use a continuous improvement model to try and get them to improve the platform continuously. So, it's a continuum process and it's gets better and better each day, and hopefully we're going to speed up the amount of deployment that we can do and speed up take to market for it. >> Nice. So Steve, we've very much appropriated, you know, your organization sharing with our community. You're very active, obviously, in the super user. Talk about how you interact with your peers, you know, how that helped with your learnings, kind of that give and take that you have with the community. >> Yeah, so with the community, really, we come to these events, and we generally try to be as open as possible and just talk about our lessons learned. I think the OpenStack Summit's great for that because people are very honest. It's not like vendor-led. And met-ups, for instance, where they'll just tell you that everything's great and they're very self-deprecating in some of the sessions, but I think that honesty with the OpenSource community and the continual learning that you get from that is really key to actually looking at the problems, seeing 'OK, we're not 100% perfect' cause you never will be, and continuously improving as a community. So, I think having the belief then to drive with the OpenSource community is very key in that, and because that, I think, what you can do is if something in OpenStack isn't working the way that you want it to, you can contribute back and you can actually help make a difference and make it better. That's what we're trying to and there's projects such as Vitrush or Rickos and Alice's where at the moment you don't have a sense of plug-in, we use senses, so we begin to contribute back in write in a plug-in for that project so that we can use it, and then others basically benefit from that as well, so I think that's where OpenStack's very key. Your hear Edward Snowden's keynote, some controversial things in there, but at the same time, the premise was really if your putting your data somewhere else, like in public cloud, you don't actually know what's happening with, so that was something that resonated quite well because you have to look at what workload you want to run in public cloud and which ones you can run in private cloud, so I think it would really... We're just getting on to the next stages, and evolution and that journey where we will be looking at what workloads we place where, and I think that is where tubes like Cooper Nessus are really thriving, because they can place workloads wherever you want, and that's the popularity is so high. >> I'm wondering if you can speak a little bit to your company's corporate culture that allows, you know, this movement. I think, you know, information's open, eventually the house always wins on these bets, alright, with so much information available. >> Yeah, so, I think for us, the way that we've been able to do this is we've had sponsorship from CT level and Director level down, and it's very hard when you're doing a grassroots movement of just engineers trying to do this from the ground up. You really have to have a company that believes in this philosophy and wants to take it forward. And for us, what we really wanted to was just create a platform that allowed our developers to innovate on it, and just basically make the best tubes possible for our customers. >> So you're a longtime OpenStack user. We're now here in Boston, you know, Summits every six months. Anything in particular about the mood of people, the operators here, kind of how you would like to see both, you know, we've talked about Cooper and Eddie's, you've talked about different modules that you might want to see, you know, some activity in, or, just how you see in the future, path of OpenStack, how would you like the community and the project to grow? >> Well, I think there is a lot of presentations on stand-alone apps in OpenStack, so you have center stand-alone for box storage, you have ironic stand-alone. We use some of those projects to actually build it out, so I think module-bar rising it, and allowing it to be used, you might not want to install all of OpenStack, but why can't you install sender for instance, to control box storage, and so I think that's really the future of it. People could take all of it, or they could take different components of it, and I think that's what we're seeing in the community. People want to be able to install sender to help manage it, and maybe not install neutron or keystone alongside it, so I think that's really where OpenStack is going. It will be a modular metal service framework that makes it up, and you can install the best that you want in the project that you want. We've also seen a consolidation of projects, that the results of talk are in that eventually making projects simpler and removing features. I think when we originally had OpenStack, we just tried to throw every feature possible in, and then you seen a sprawl of projects, and then that's not maintainable. I think what we're getting down to is just the key projects that then use going forward, So I think you see the consolidation and then stand-alone instances that you can kind of plug-in the edges. >> So, Steve, let me speak a little bit about your business. I have to think there's few companies, you know, at least definitely fewer industries, that, deal with the rate of change and the uncertainty in the world, you know, more than really gambling in everything, that happens there. Anything changing in kind of the relationship of IT to the business? How does OpenStack help you respond to a very dynamic environment. >> Yeah, so, I think the key thing for us, is if one of our competitors has a feature, and we can't compete with that feature, we just will loose our customers to that competitor. So really being able to change and use OpenStack to change the platform and get new products out to market as quickly as possible is very key for us. Generally OpenStack is helping is we want an active, active data center We have a 24/7 business. We really need to have that uptake. If we are down, any sporting event, our customers will go somewhere else to place bets. So that's really key. And, for us, we've used OpenStack across two data centers, and built that out, and what we're looking to do is scale that out horizontally. So, for instance, when we've got new applications coming up onboard, we can just scale out new ratchets in openstack, we use ironic. We're completely controlling the whole data center programmatically, and that allows us the ability to scale up the infrastructure to meet the demands so that people are not waiting on tickets, or not having the internal IT processes that are handling most of our firms, so that's really where OpenStack is allowing us to evolve is that flexibility in having a private cloud just like you would a public cloud with VWS, but we've got that in-house. So I think we're quite lucky, and I keep telling the garages that are working on this, this is a once in a lifetime project, and I don't think they'll really believe me until they get their next job, so I think they're being quite spoiled in this as well. >> Steve Armstrong, really appreciate you joining us again on the program, and once again congratulations at Paddy Power Betfair and the whole team, and John and I will be back with more coverage here from the OpenStack Summit 2017 in Boston, Massachusetts You're watching the Cube.