(upbeat music) >> Hello and welcome to theCube's coverage of International Women's Day. I'm John Furrier, your host of "theCUBE." We've got great two remote guests coming into our Palo Alto Studios, some tech athletes, as we say, people that've been in the trenches, years of experience, Lena Smart, CISO at MongoDB, Cube alumni, and Tara Hernandez, VP of Developer Productivity at MongoDB as well. Thanks for coming in to this program and supporting our efforts today. Thanks so much. >> Thanks for having us. >> Yeah, everyone talk about the journey in tech, where it all started. Before we get there, talk about what you guys are doing at MongoDB specifically. MongoDB is kind of gone the next level as a platform. You have your own ecosystem, lot of developers, very technical crowd, but it's changing the business transformation. What do you guys do at Mongo? We'll start with you, Lena. >> So I'm the CISO, so all security goes through me. I like to say, well, I don't like to say, I'm described as the ones throat to choke. So anything to do with security basically starts and ends with me. We do have a fantastic Cloud engineering security team and a product security team, and they don't report directly to me, but obviously we have very close relationships. I like to keep that kind of church and state separate and I know I've spoken about that before. And we just recently set up a physical security team with an amazing gentleman who left the FBI and he came to join us after 26 years for the agency. So, really starting to look at the physical aspects of what we offer as well. >> I interviewed a CISO the other day and she said, "Every day is day zero for me." Kind of goofing on the Amazon Day one thing, but Tara, go ahead. Tara, go ahead. What's your role there, developer productivity? What are you focusing on? >> Sure. Developer productivity is kind of the latest description for things that we've described over the years as, you know, DevOps oriented engineering or platform engineering or build and release engineering development infrastructure. It's all part and parcel, which is how do we actually get our code from developer to customer, you know, and all the mechanics that go into that. It's been something I discovered from my first job way back in the early '90s at Borland. And the art has just evolved enormously ever since, so. >> Yeah, this is a very great conversation both of you guys, right in the middle of all the action and data infrastructures changing, exploding, and involving big time AI and data tsunami and security never stops. Well, let's get into, we'll talk about that later, but let's get into what motivated you guys to pursue a career in tech and what were some of the challenges that you faced along the way? >> I'll go first. The fact of the matter was I intended to be a double major in history and literature when I went off to university, but I was informed that I had to do a math or a science degree or else the university would not be paid for. At the time, UC Santa Cruz had a policy that called Open Access Computing. This is, you know, the late '80s, early '90s. And anybody at the university could get an email account and that was unusual at the time if you were, those of us who remember, you used to have to pay for that CompuServe or AOL or, there's another one, I forget what it was called, but if a student at Santa Cruz could have an email account. And because of that email account, I met people who were computer science majors and I'm like, "Okay, I'll try that." That seems good. And it was a little bit of a struggle for me, a lot I won't lie, but I can't complain with how it ended up. And certainly once I found my niche, which was development infrastructure, I found my true love and I've been doing it for almost 30 years now. >> Awesome. Great story. Can't wait to ask a few questions on that. We'll go back to that late '80s, early '90s. Lena, your journey, how you got into it. >> So slightly different start. I did not go to university. I had to leave school when I was 16, got a job, had to help support my family. Worked a bunch of various jobs till I was about 21 and then computers became more, I think, I wouldn't say they were ubiquitous, but they were certainly out there. And I'd also been saving up every penny I could earn to buy my own computer and bought an Amstrad 1640, 20 meg hard drive. It rocked. And kind of took that apart, put it back together again, and thought that could be money in this. And so basically just teaching myself about computers any job that I got. 'Cause most of my jobs were like clerical work and secretary at that point. But any job that had a computer in front of that, I would make it my business to go find the guy who did computing 'cause it was always a guy. And I would say, you know, I want to learn how these work. Let, you know, show me. And, you know, I would take my lunch hour and after work and anytime I could with these people and they were very kind with their time and I just kept learning, so yep. >> Yeah, those early days remind me of the inflection point we're going through now. This major C change coming. Back then, if you had a computer, you had to kind of be your own internal engineer to fix things. Remember back on the systems revolution, late '80s, Tara, when, you know, your career started, those were major inflection points. Now we're seeing a similar wave right now, security, infrastructure. It feels like it's going to a whole nother level. At Mongo, you guys certainly see this as well, with this AI surge coming in. A lot more action is coming in. And so there's a lot of parallels between these inflection points. How do you guys see this next wave of change? Obviously, the AI stuff's blowing everyone away. Oh, new user interface. It's been called the browser moment, the mobile iPhone moment, kind of for this generation. There's a lot of people out there who are watching that are young in their careers, what's your take on this? How would you talk to those folks around how important this wave is? >> It, you know, it's funny, I've been having this conversation quite a bit recently in part because, you know, to me AI in a lot of ways is very similar to, you know, back in the '90s when we were talking about bringing in the worldwide web to the forefront of the world, right. And we tended to think in terms of all the optimistic benefits that would come of it. You know, free passing of information, availability to anyone, anywhere. You just needed an internet connection, which back then of course meant a modem. >> John: Not everyone had though. >> Exactly. But what we found in the subsequent years is that human beings are what they are and we bring ourselves to whatever platforms that are there, right. And so, you know, as much as it was amazing to have this freely available HTML based internet experience, it also meant that the negatives came to the forefront quite quickly. And there were ramifications of that. And so to me, when I look at AI, we're already seeing the ramifications to that. Yes, are there these amazing, optimistic, wonderful things that can be done? Yes. >> Yeah. >> But we're also human and the bad stuff's going to come out too. And how do we- >> Yeah. >> How do we as an industry, as a community, you know, understand and mitigate those ramifications so that we can benefit more from the positive than the negative. So it is interesting that it comes kind of full circle in really interesting ways. >> Yeah. The underbelly takes place first, gets it in the early adopter mode. Normally industries with, you know, money involved arbitrage, no standards. But we've seen this movie before. Is there hope, Lena, that we can have a more secure environment? >> I would hope so. (Lena laughs) Although depressingly, we've been in this well for 30 years now and we're, at the end of the day, still telling people not to click links on emails. So yeah, that kind of still keeps me awake at night a wee bit. The whole thing about AI, I mean, it's, obviously I am not an expert by any stretch of the imagination in AI. I did read (indistinct) book recently about AI and that was kind of interesting. And I'm just trying to teach myself as much as I can about it to the extent of even buying the "Dummies Guide to AI." Just because, it's actually not a dummies guide. It's actually fairly interesting, but I'm always thinking about it from a security standpoint. So it's kind of my worst nightmare and the best thing that could ever happen in the same dream. You know, you've got this technology where I can ask it a question and you know, it spits out generally a reasonable answer. And my team are working on with Mark Porter our CTO and his team on almost like an incubation of AI link. What would it look like from MongoDB? What's the legal ramifications? 'Cause there will be legal ramifications even though it's the wild, wild west just now, I think. Regulation's going to catch up to us pretty quickly, I would think. >> John: Yeah, yeah. >> And so I think, you know, as long as companies have a seat at the table and governments perhaps don't become too dictatorial over this, then hopefully we'll be in a good place. But we'll see. I think it's a really interest, there's that curse, we're living in interesting times. I think that's where we are. >> It's interesting just to stay on this tech trend for a minute. The standards bodies are different now. Back in the old days there were, you know, IEEE standards, ITF standards. >> Tara: TPC. >> The developers are the new standard. I mean, now you're seeing open source completely different where it was in the '90s to here beginning, that was gen one, some say gen two, but I say gen one, now we're exploding with open source. You have kind of developers setting the standards. If developers like it in droves, it becomes defacto, which then kind of rolls into implementation. >> Yeah, I mean I think if you don't have developer input, and this is why I love working with Tara and her team so much is 'cause they get it. If we don't have input from developers, it's not going to get used. There's going to be ways of of working around it, especially when it comes to security. If they don't, you know, if you're a developer and you're sat at your screen and you don't want to do that particular thing, you're going to find a way around it. You're a smart person. >> Yeah. >> So. >> Developers on the front lines now versus, even back in the '90s, they're like, "Okay, consider the dev's, got a QA team." Everything was Waterfall, now it's Cloud, and developers are on the front lines of everything. Tara, I mean, this is where the standards are being met. What's your reaction to that? >> Well, I think it's outstanding. I mean, you know, like I was at Netscape and part of the crowd that released the browser as open source and we founded mozilla.org, right. And that was, you know, in many ways kind of the birth of the modern open source movement beyond what we used to have, what was basically free software foundation was sort of the only game in town. And I think it is so incredibly valuable. I want to emphasize, you know, and pile onto what Lena was saying, it's not just that the developers are having input on a sort of company by company basis. Open source to me is like a checks and balance, where it allows us as a broader community to be able to agree on and enforce certain standards in order to try and keep the technology platforms as accessible as possible. I think Kubernetes is a great example of that, right. If we didn't have Kubernetes, that would've really changed the nature of how we think about container orchestration. But even before that, Linux, right. Linux allowed us as an industry to end the Unix Wars and as someone who was on the front lines of that as well and having to support 42 different operating systems with our product, you know, that was a huge win. And it allowed us to stop arguing about operating systems and start arguing about software or not arguing, but developing it in positive ways. So with, you know, with Kubernetes, with container orchestration, we all agree, okay, that's just how we're going to orchestrate. Now we can build up this huge ecosystem, everybody gets taken along, right. And now it changes the game for what we're defining as business differentials, right. And so when we talk about crypto, that's a little bit harder, but certainly with AI, right, you know, what are the checks and balances that as an industry and as the developers around this, that we can in, you know, enforce to make sure that no one company or no one body is able to overly control how these things are managed, how it's defined. And I think that is only for the benefit in the industry as a whole, particularly when we think about the only other option is it gets regulated in ways that do not involve the people who actually know the details of what they're talking about. >> Regulated and or thrown away or bankrupt or- >> Driven underground. >> Yeah. >> Which would be even worse actually. >> Yeah, that's a really interesting, the checks and balances. I love that call out. And I was just talking with another interview part of the series around women being represented in the 51% ratio. Software is for everybody. So that we believe that open source movement around the collective intelligence of the participants in the industry and independent of gender, this is going to be the next wave. You're starting to see these videos really have impact because there are a lot more leaders now at the table in companies developing software systems and with AI, the aperture increases for applications. And this is the new dynamic. What's your guys view on this dynamic? How does this go forward in a positive way? Is there a certain trajectory you see? For women in the industry? >> I mean, I think some of the states are trying to, again, from the government angle, some of the states are trying to force women into the boardroom, for example, California, which can be no bad thing, but I don't know, sometimes I feel a bit iffy about all this kind of forced- >> John: Yeah. >> You know, making, I don't even know how to say it properly so you can cut this part of the interview. (John laughs) >> Tara: Well, and I think that they're >> I'll say it's not organic. >> No, and I think they're already pulling it out, right. It's already been challenged so they're in the process- >> Well, this is the open source angle, Tara, you are getting at it. The change agent is open, right? So to me, the history of the proven model is openness drives transparency drives progress. >> No, it's- >> If you believe that to be true, this could have another impact. >> Yeah, it's so interesting, right. Because if you look at McKinsey Consulting or Boston Consulting or some of the other, I'm blocking on all of the names. There has been a decade or more of research that shows that a non homogeneous employee base, be it gender or ethnicity or whatever, generates more revenue, right? There's dollar signs that can be attached to this, but it's not enough for all companies to want to invest in that way. And it's not enough for all, you know, venture firms or investment firms to grant that seed money or do those seed rounds. I think it's getting better very slowly, but socialization is a much harder thing to overcome over time. Particularly, when you're not just talking about one country like the United States in our case, but around the world. You know, tech centers now exist all over the world, including places that even 10 years ago we might not have expected like Nairobi, right. Which I think is amazing, but you have to factor in the cultural implications of that as well, right. So yes, the openness is important and we have, it's important that we have those voices, but I don't think it's a panacea solution, right. It's just one more piece. I think honestly that one of the most important opportunities has been with Cloud computing and Cloud's been around for a while. So why would I say that? It's because if you think about like everybody holds up the Steve Jobs, Steve Wozniak, back in the '70s, or Sergey and Larry for Google, you know, you had to have access to enough credit card limit to go to Fry's and buy your servers and then access to somebody like Susan Wojcicki to borrow the garage or whatever. But there was still a certain amount of upfrontness that you had to be able to commit to, whereas now, and we've, I think, seen a really good evidence of this being able to lease server resources by the second and have development platforms that you can do on your phone. I mean, for a while I think Africa, that the majority of development happened on mobile devices because there wasn't a sufficient supply chain of laptops yet. And that's no longer true now as far as I know. But like the power that that enables for people who would otherwise be underrepresented in our industry instantly opens it up, right? And so to me that's I think probably the biggest opportunity that we've seen from an industry on how to make more availability in underrepresented representation for entrepreneurship. >> Yeah. >> Something like AI, I think that's actually going to take us backwards if we're not careful. >> Yeah. >> Because of we're reinforcing that socialization. >> Well, also the bias. A lot of people commenting on the biases of the large language inherently built in are also problem. Lena, I want you to weigh on this too, because I think the skills question comes up here and I've been advocating that you don't need the pedigree, college pedigree, to get into a certain jobs, you mentioned Cloud computing. I mean, it's been around for you think a long time, but not really, really think about it. The ability to level up, okay, if you're going to join something new and half the jobs in cybersecurity are created in the past year, right? So, you have this what used to be a barrier, your degree, your pedigree, your certification would take years, would be a blocker. Now that's gone. >> Lena: Yeah, it's the opposite. >> That's, in fact, psychology. >> I think so, but the people who I, by and large, who I interview for jobs, they have, I think security people and also I work with our compliance folks and I can't forget them, but let's talk about security just now. I've always found a particular kind of mindset with security folks. We're very curious, not very good at following rules a lot of the time, and we'd love to teach others. I mean, that's one of the big things stem from the start of my career. People were always interested in teaching and I was interested in learning. So it was perfect. And I think also having, you know, strong women leaders at MongoDB allows other underrepresented groups to actually apply to the company 'cause they see that we're kind of talking the talk. And that's been important. I think it's really important. You know, you've got Tara and I on here today. There's obviously other senior women at MongoDB that you can talk to as well. There's a bunch of us. There's not a whole ton of us, but there's a bunch of us. And it's good. It's definitely growing. I've been there for four years now and I've seen a growth in women in senior leadership positions. And I think having that kind of track record of getting really good quality underrepresented candidates to not just interview, but come and join us, it's seen. And it's seen in the industry and people take notice and they're like, "Oh, okay, well if that person's working, you know, if Tara Hernandez is working there, I'm going to apply for that." And that in itself I think can really, you know, reap the rewards. But it's getting started. It's like how do you get your first strong female into that position or your first strong underrepresented person into that position? It's hard. I get it. If it was easy, we would've sold already. >> It's like anything. I want to see people like me, my friends in there. Am I going to be alone? Am I going to be of a group? It's a group psychology. Why wouldn't? So getting it out there is key. Is there skills that you think that people should pay attention to? One's come up as curiosity, learning. What are some of the best practices for folks trying to get into the tech field or that's in the tech field and advancing through? What advice are you guys- >> I mean, yeah, definitely, what I say to my team is within my budget, we try and give every at least one training course a year. And there's so much free stuff out there as well. But, you know, keep learning. And even if it's not right in your wheelhouse, don't pick about it. Don't, you know, take a look at what else could be out there that could interest you and then go for it. You know, what does it take you few minutes each night to read a book on something that might change your entire career? You know, be enthusiastic about the opportunities out there. And there's so many opportunities in security. Just so many. >> Tara, what's your advice for folks out there? Tons of stuff to taste, taste test, try things. >> Absolutely. I mean, I always say, you know, my primary qualifications for people, I'm looking for them to be smart and motivated, right. Because the industry changes so quickly. What we're doing now versus what we did even last year versus five years ago, you know, is completely different though themes are certainly the same. You know, we still have to code and we still have to compile that code or package the code and ship the code so, you know, how well can we adapt to these new things instead of creating floppy disks, which was my first job. Five and a quarters, even. The big ones. >> That's old school, OG. There it is. Well done. >> And now it's, you know, containers, you know, (indistinct) image containers. And so, you know, I've gotten a lot of really great success hiring boot campers, you know, career transitioners. Because they bring a lot experience in addition to the technical skills. I think the most important thing is to experiment and figuring out what do you like, because, you know, maybe you are really into security or maybe you're really into like deep level coding and you want to go back, you know, try to go to school to get a degree where you would actually want that level of learning. Or maybe you're a front end engineer, you want to be full stacked. Like there's so many different things, data science, right. Maybe you want to go learn R right. You know, I think it's like figure out what you like because once you find that, that in turn is going to energize you 'cause you're going to feel motivated. I think the worst thing you could do is try to force yourself to learn something that you really could not care less about. That's just the worst. You're going in handicapped. >> Yeah and there's choices now versus when we were breaking into the business. It was like, okay, you software engineer. They call it software engineering, that's all it was. You were that or you were in sales. Like, you know, some sort of systems engineer or sales and now it's,- >> I had never heard of my job when I was in school, right. I didn't even know it was a possibility. But there's so many different types of technical roles, you know, absolutely. >> It's so exciting. I wish I was young again. >> One of the- >> Me too. (Lena laughs) >> I don't. I like the age I am. So one of the things that I did to kind of harness that curiosity is we've set up a security champions programs. About 120, I guess, volunteers globally. And these are people from all different backgrounds and all genders, diversity groups, underrepresented groups, we feel are now represented within this champions program. And people basically give up about an hour or two of their time each week, with their supervisors permission, and we basically teach them different things about security. And we've now had seven full-time people move from different areas within MongoDB into my team as a result of that program. So, you know, monetarily and time, yeah, saved us both. But also we're showing people that there is a path, you know, if you start off in Tara's team, for example, doing X, you join the champions program, you're like, "You know, I'd really like to get into red teaming. That would be so cool." If it fits, then we make that happen. And that has been really important for me, especially to give, you know, the women in the underrepresented groups within MongoDB just that window into something they might never have seen otherwise. >> That's a great common fit is fit matters. Also that getting access to what you fit is also access to either mentoring or sponsorship or some sort of, at least some navigation. Like what's out there and not being afraid to like, you know, just ask. >> Yeah, we just actually kicked off our big mentor program last week, so I'm the executive sponsor of that. I know Tara is part of it, which is fantastic. >> We'll put a plug in for it. Go ahead. >> Yeah, no, it's amazing. There's, gosh, I don't even know the numbers anymore, but there's a lot of people involved in this and so much so that we've had to set up mentoring groups rather than one-on-one. And I think it was 45% of the mentors are actually male, which is quite incredible for a program called Mentor Her. And then what we want to do in the future is actually create a program called Mentor Them so that it's not, you know, not just on the female and so that we can live other groups represented and, you know, kind of break down those groups a wee bit more and have some more granularity in the offering. >> Tara, talk about mentoring and sponsorship. Open source has been there for a long time. People help each other. It's community-oriented. What's your view of how to work with mentors and sponsors if someone's moving through ranks? >> You know, one of the things that was really interesting, unfortunately, in some of the earliest open source communities is there was a lot of pervasive misogyny to be perfectly honest. >> Yeah. >> And one of the important adaptations that we made as an open source community was the idea, an introduction of code of conducts. And so when I'm talking to women who are thinking about expanding their skills, I encourage them to join open source communities to have opportunity, even if they're not getting paid for it, you know, to develop their skills to work with people to get those code reviews, right. I'm like, "Whatever you join, make sure they have a code of conduct and a good leadership team. It's very important." And there are plenty, right. And then that idea has come into, you know, conferences now. So now conferences have codes of contact, if there are any good, and maybe not all of them, but most of them, right. And the ideas of expanding that idea of intentional healthy culture. >> John: Yeah. >> As a business goal and business differentiator. I mean, I won't lie, when I was recruited to come to MongoDB, the culture that I was able to discern through talking to people, in addition to seeing that there was actually women in senior leadership roles like Lena, like Kayla Nelson, that was a huge win. And so it just builds on momentum. And so now, you know, those of us who are in that are now representing. And so that kind of reinforces, but it's all ties together, right. As the open source world goes, particularly for a company like MongoDB, which has an open source product, you know, and our community builds. You know, it's a good thing to be mindful of for us, how we interact with the community and you know, because that could also become an opportunity for recruiting. >> John: Yeah. >> Right. So we, in addition to people who might become advocates on Mongo's behalf in their own company as a solution for themselves, so. >> You guys had great successful company and great leadership there. I mean, I can't tell you how many times someone's told me "MongoDB doesn't scale. It's going to be dead next year." I mean, I was going back 10 years. It's like, just keeps getting better and better. You guys do a great job. So it's so fun to see the success of developers. Really appreciate you guys coming on the program. Final question, what are you guys excited about to end the segment? We'll give you guys the last word. Lena will start with you and Tara, you can wrap us up. What are you excited about? >> I'm excited to see what this year brings. I think with ChatGPT and its copycats, I think it'll be a very interesting year when it comes to AI and always in the lookout for the authentic deep fakes that we see coming out. So just trying to make people aware that this is a real thing. It's not just pretend. And then of course, our old friend ransomware, let's see where that's going to go. >> John: Yeah. >> And let's see where we get to and just genuine hygiene and housekeeping when it comes to security. >> Excellent. Tara. >> Ah, well for us, you know, we're always constantly trying to up our game from a security perspective in the software development life cycle. But also, you know, what can we do? You know, one interesting application of AI that maybe Google doesn't like to talk about is it is really cool as an addendum to search and you know, how we might incorporate that as far as our learning environment and developer productivity, and how can we enable our developers to be more efficient, productive in their day-to-day work. So, I don't know, there's all kinds of opportunities that we're looking at for how we might improve that process here at MongoDB and then maybe be able to share it with the world. One of the things I love about working at MongoDB is we get to use our own products, right. And so being able to have this interesting document database in order to put information and then maybe apply some sort of AI to get it out again, is something that we may well be looking at, if not this year, then certainly in the coming year. >> Awesome. Lena Smart, the chief information security officer. Tara Hernandez, vice president developer of productivity from MongoDB. Thank you so much for sharing here on International Women's Day. We're going to do this quarterly every year. We're going to do it and then we're going to do quarterly updates. Thank you so much for being part of this program. >> Thank you. >> Thanks for having us. >> Okay, this is theCube's coverage of International Women's Day. I'm John Furrier, your host. Thanks for watching. (upbeat music)

(upbeat music) >> Welcome to theCUBE's continuing coverage of AMD's fourth generation EPYC launch. I've got a special guest with me today from Prowess Consulting. His name is Evan Touger, he's a senior technical writer with Prowess. Evan, welcome. >> Hi, great to be here. Thanks. >> So tell us a little bit about Prowess, what does Prowess do? >> Yeah, we're a consulting firm. We've been around for quite a few years, based in Bellevue, Washington. And we do quite a few projects with folks from Dell to a lot of other companies, and dive in. We have engineers, writers, production folks, so pretty much end-to-end work, doing research testing and writing, and diving into different technical topics. >> So you- in this case what we're going to be talking about is some validation studies that you've done, looking at Dell PowerEdge servers that happened to be integrating in fourth-gen EPYC processors from AMD. What were the specific workloads that you were focused on in this study? >> Yeah, this particular one was honing in on virtualization, right? You know, obviously it's pretty much ubiquitous in the industry, everybody works with virtualization in one way or another. So just getting optimal performance for virtualization was critical, or is critical for most businesses. So we just wanted to look a little deeper into, you know, how do companies evaluate that? What are they going to use to make the determination for virtualization performance as it relates to their workloads? So that led us to this study, where we looked at some benchmarks, and then went a little deeper under the hood to see what led to the results that we saw from those benchmarks. >> So when you say virtualization, does that include virtual desktop infrastructure or are we just talking about virtual machines in general? >> No, it can include both. We looked at VMs, thinking in terms of what about database performance when you're working in VMs, all the way through to VDI and companies like healthcare organizations and so forth, where it's common to roll out lots of virtual desktops, and performance is critical there as well. >> Okay, you alluded to, sort of, looking under the covers to see, you know, where these performance results were coming from. I assume what you're referencing is the idea that it's not just all about the CPU when you talk about a system. Am I correct in that assumption and- >> Yeah, absolutely. >> What can you tell us? >> Well, you know, for companies evaluating, there's quite a bit to consider, obviously. So they're looking at not just raw performance but power performance. So that was part of it, and then what makes up that- those factors, right? So certainly CPU is critical to that, but then other things come into play, like the RAID controllers. So we looked a little bit there. And then networking, of course can be critical for configurations that are relying on good performance on their networks, both in terms of bandwidth and just reducing latency overall. So interconnects as well would be a big part of that. So with, with PCIe gen 5 or 5.0 pick your moniker. You know in this- in the infrastructure game, we're often playing a game of whack-a-mole, looking for the bottlenecks, you know, chasing the bottlenecks. PCIe 5 opens up a lot of bandwidth for memory and things like RAID controllers and NICs. I mean, is the bottleneck now just our imagination, Evan, have we reached a point where there are no bottlenecks? What did you see when you ran these tests? What, you know, what were you able to stress to a point where it was saturated, if anything? >> Yeah. Well, first of all, we didn't- these are particular tests were ones that we looked at industry benchmarks, and we were examining in particular to see where world records were set. And so we uncovered a few specific servers, PowerEdge servers that were pretty key there, or had a lot of- were leading in the category in a lot of areas. So that's what led us to then, okay, well why is that? What's in these servers, and what's responsible for that? So in a lot of cases they, we saw these results even with, you know, gen 4, PCIe gen 4. So there were situations where clearly there was benefit from faster interconnects and, and especially NVMe for RAID, you know, for supporting NVMe and SSDs. But all of that just leads you to the understanding that it means it can only get better, right? So going from gen 4 to- if you're seeing great results on gen 4, then gen 5 is probably going to be, you know, blow that away. >> And in this case, >> It'll be even better. >> In this case, gen 5 you're referencing PCIe >> PCIe right. Yeah, that's right. >> (indistinct) >> And then the same thing with EPYC actually holds true, some of the records, we saw records set for both 3rd and 4th gen, so- with EPYC, so the same thing there. Anywhere there's a record set on the 3rd gen, you know, makes us really- we're really looking forward to going back and seeing over the next few months, which of those records fall and are broken by newer generation versions of these servers, once they actually wrap to the newer generation processors. You know, based on, on what we're seeing for the- for what those processors can do, not only in. >> (indistinct) Go ahead. >> Sorry, just want to say, not only in terms of raw performance, but as I mentioned before, the power performance, 'cause they're very efficient, and that's a really critical consideration, right? I don't think you can overstate that for companies who are looking at, you know, have to consider expenditures and power and cooling and meeting sustainability goals and so forth. So that was really an important category in terms of what we looked at, was that power performance, not just raw performance. >> Yeah, I want to get back to that, that's a really good point. We should probably give credit where credit is due. Which Dell PowerEdge servers are we talking about that were tested and what did those interconnect components look like from a (indistinct) perspective? >> Yeah, so we focused primarily on a couple benchmarks that seemed most important for real world performance results for virtualization. TPCx-V and VMmark 3.x. the TPCx-V, that's where we saw PowerEdge R7525, R7515. They both had top scores in different categories there. That benchmark is great for looking at database workloads in particular, right? Running in virtualization settings. And then the VMmark 3.x was critical. We saw good, good results there for the 7525 and the R 7515 as well as the R 6525, in that one and that included, sorry, just checking notes to see what- >> Yeah, no, no, no, no, (indistinct) >> Included results for power performance, as I mentioned earlier, that's where we could see that. So we kind of, we saw this in a range of servers that included both 3rd gen AMD EPYC and newer 4th gen as well as I mentioned. The RAID controllers were critical in the TPCx-V. I don't think that came into play in the VM mark test, but they were definitely part of the TPCx-V benchmarks. So that's where the RAID controllers would make a difference, right? And in those tests, I think they're using PERC 11. So, you know, the newer PERC 12 controllers there, again we'd expect >> (indistinct) >> To see continued, you know, gains in newer benchmarks. That's what we'll be looking for over the next several months. >> Yeah. So I think if I've got my Dell nomenclature down, performance, no no, PowerEdge RAID Controller, is that right? >> Exactly, yeah, there you go. Right? >> With Broadcom, you know, powered by Broadcom. >> That's right. There you go. Yeah. Isn't the Dell naming scheme there PERC? >> Yeah, exactly, exactly. Back to your comment about power. So you've had a chance to take a pretty deep look at the latest stuff coming out. You're confident that- 'cause some of these servers are going to be more expensive than previous generation. Now a server is not a server is not a server, but some are awakening to the idea that there might be some sticker shock. You're confident that the bang for your buck, the bang for your kilowatt hour is actually going to be beneficial. We're actually making things better, faster, stronger, cheaper, more energy efficient. We're continuing on that curve? >> That's what I would expect to see, right. I mean, of course can't speak to to pricing without knowing, you know, where the dollars are going to land on the servers. But I would expect to see that because you're getting gains in a couple of ways. I mean, one, if the performance increases to the point where you can run more VMs, right? Get more performance out of your VMs and run more total VMs or more BDIs, then there's obviously a good, you know, payback on your investment there. And then as we were discussing earlier, just the power performance ratio, right? So if you're bringing down your power and cooling costs, if these machines are just more efficient overall, then you should see some gains there as well. So, you know, I think the key is looking at what's the total cost of ownership over, you know, a standard like a three-year period or something and what you're going to get out of it for your number of sessions, the performance for the sessions, and the overall efficiency of the machines. >> So just just to be clear with these Dell PowerEdge servers, you were able to validate world record performance. But this isn't, if you, if you look at CPU architecture, PCIe bus architecture, memory, you know, the class of memory, the class of RAID controller, the class of NIC. Those were not all state of the art in terms of at least what has been recently announced. Correct? >> Right. >> Because (indistinct) the PCI 4.0, So to your point- world records with that, you've got next-gen RAID controllers coming out, and NICs coming out. If the motherboard was PCIe 5, with commensurate memory, all of those things are getting better. >> Exactly, right. I mean you're, you're really you're just eliminating bandwidth constraints latency constraints, you know, all of that should be improved. NVMe, you know, just collectively all these things just open the doors, you know, letting more bandwidth through reducing all the latency. Those are, those are all pieces of the puzzle, right? That come together and it's all about finding the weakest link and eliminating it. And I think we're reaching the point where we're removing the biggest constraints from the systems. >> Okay. So I guess is it fair to summarize to say that with this infrastructure that you tested, you were able to set world records. This, during this year, I mean, over the next several months, things are just going to get faster and faster and faster and faster. >> That's what I would anticipate, exactly, right. If they're setting world records with these machines before some of the components are, you know, the absolute latest, it seems to me we're going to just see a continuing trend there, and more and more records should fall. So I'm really looking forward to seeing how that goes, 'cause it's already good and I think the return on investment is pretty good there. So I think it's only going to get better as these roll out. >> So let me ask you a question that's a little bit off topic. >> Okay. >> Kind of, you know, we see these gains, you know, we're all familiar with Moore's Law, we're familiar with, you know, the advancements in memory and bus architecture and everything else. We just covered SuperCompute 2022 in Dallas a couple of weeks ago. And it was fascinating talking to people about advances in AI that will be possible with new architectures. You know, most of these supercomputers that are running right now are n minus 1 or n minus 2 infrastructure, you know, they're, they're, they're PCI 3, right. And maybe two generations of processors old, because you don't just throw out a 100,000 CPU super computing environment every 18 months. It doesn't work that way. >> Exactly. >> Do you have an opinion on this question of the qualitative versus quantitative increase in computing moving forward? And, I mean, do you think that this new stuff that you're starting to do tests on is going to power a fundamental shift in computing? Or is it just going to be more consolidation, better power consumption? Do you think there's an inflection point coming? What do you think? >> That's a great question. That's a hard one to answer. I mean, it's probably a little bit of both, 'cause certainly there will be better consolidation, right? But I think that, you know, the systems, it works both ways. It just allows you to do more with less, right? And you can go either direction, you can do what you're doing now on fewer machines, you know, and get better value for it, or reduce your footprint. Or you can go the other way and say, wow, this lets us add more machines into the mix and take our our level of performance from here to here, right? So it just depends on what your focus is. Certainly with, with areas like, you know, HPC and AI and ML, having the ability to expand what you already are capable of by adding more machines that can do more is going to be your main concern. But if you're more like a small to medium sized business and the opportunity to do what you were doing on, on a much smaller footprint and for lower costs, that's really your goal, right? So I think you can use this in either direction and it should, should pay back in a lot of dividends. >> Yeah. Thanks for your thoughts. It's an interesting subject moving forward. You know, sometimes it's easy to get lost in the minutiae of the bits and bites and bobs of all the components we're studying, but they're powering something that that's going to effect effectively all of humanity as we move forward. So what else do we need to consider when it comes to what you've just validated in the virtualization testing? Anything else, anything we left out? >> I think we hit all the key points, or most of them it's, you know, really, it's just keeping in mind that it's all about the full system, the components not- you know, the processor is a obviously a key, but just removing blockages, right? Freeing up, getting rid of latency, improving bandwidth, all these things come to play. And then the power performance, as I said, I know I keep coming back to that but you know, we just, and a lot of what we work on, we just see that businesses, that's a really big concern for businesses and finding efficiency, right? And especially in an age of constrained budgets, that's a big deal. So, it's really important to have that power performance ratio. And that's one of the key things we saw that stood out to us in, in some of these benchmarks, so. >> Well, it's a big deal for me. >> It's all good. >> Yeah, I live in California and I know exactly how much I pay for a kilowatt hour of electricity. >> I bet, yeah. >> My friends in other places don't even know. So I totally understand the power constraint question. >> Yeah, it's not going to get better, so, anything you can do there, right? >> Yeah. Well Evan, this has been great. Thanks for sharing the results that Prowess has come up with, third party validation that, you know, even without the latest and greatest components in all categories, Dell PowerEdge servers are able to set world records. And I anticipate that those world records will be broken in 2023 and I expect that Prowess will be part of that process, So Thanks for that. For the rest of us- >> (indistinct) >> Here at theCUBE, I want to thank you for joining us. Stay tuned for continuing coverage of AMD's fourth generation EPYC launch, for myself and for Evan Touger. Thanks so much for joining us. (upbeat music)

(upbeat music) >> Hello, beautiful cloud community, and welcome back to AWS reInvent. It is day four here in fabulous Las Vegas, Nevada. My voice can feel it, clearly. I'm Savannah Peterson with my co-host Paul Gillin. Paul, how you doing? >> Doing fine, Savannah. >> Are your feet about where my voice is? >> Well, getting little rest here as we have back to back segments. >> Yeah, yeah, we'll keep you off those. Very excited about this next segment. We get to have a chat with one of our very favorite analysts, Keith Townsend. Welcome back to theCUBE. >> Savannah Page. I'm going to use your south names, Savannah Page. Thank you for having me, Paul. Good to see you again. It's been been too long since CubeCon Valencia. >> Valencia. >> Valencia. >> Well at that beautiful lisp, love that. Keith, how's the show been for you so far? >> It has been great. I tweeted it a couple of days ago. Amazon reInvent is back. >> Savannah: Whoo! Love that. >> 50, 60 thousand people, you know? After 40 thousand, I stop countin'. It has been an amazing show. I don't know if it's just the assignment of returning, but easily the best reInvent of the four that I've attended. >> Savannah: Love that. >> Paul: I love that we have you here because, you know, we tend to get anchored to these desks, and we don't really get a sense of what's going on out there. You've been spending the last four days traversing the floor and talking to people. What are you hearing? Are there any mega themes that are emerging? >> Keith: So, a couple of mega themes is... We were in the Allen session with Adam, and Adam bought up the idea of hybrid cloud. At the 2019 show, that would be unheard of. There's only one cloud, and that's the AWS cloud, when you're at the Amazon show. Booths, folks, I was at the VMware booth and there's a hybrid cloud sign session. People are talking about multicloud. Yes, we're at the AWS show, but the reality that most customers' environments are complex. Adam mentioned that it's hybrid today and more than likely to be hybrid in the future in Amazon, and the ecosystem has adjusted to that reality. >> Paul: Now, is that because they want sell more outposts? >> You know, outpost is definitely a part of the story, but it's a tactile realization that outposts alone won't get it. So, you know, from Todd Consulting, to Capgemini, to PWC, to many of the integrations on the show floor... I even saw company that's doing HP-UX in the cloud or on-prem. The reality is these, well, we've deemed these legacy systems aren't going anywhere. AWS announced the mainframe service last year for converting mainframe code into cloud workloads, and it's just not taking on the, I think, the way that the Amazon would like, and that's a reality that is too complex for all of it to run in the cloud. >> Paul: So it sounds like the strategy is to envelop and consume then if you have mainframe conversion services and HP-UX in the cloud, I mean, you're talking about serious legacy stuff there. >> Keith: You're talking about serious legacy stuff. They haven't de-emphasized their relationship with VMware. You know, hybrid is not a place, it is a operating model. So VMware cloud on AWS allows you to do both models concurrently if you have those applications that need layer two. You have these workloads that just don't... SAP just doesn't... Sorry, AWS, SAP in the cloud and EC2 just doesn't make financial sense. It's a reality. It's accepting of that and meeting customers where they're at. >> And all the collaboration, I mean, you've mentioned so many companies in that answer, and I think it's very interesting to see how much we're all going to have to work together to make the cloud its own operating system. Cloud as an OS came up on our last conversation here and I think it's absolutely fascinating. >> Keith: Yeah, cloud is the OS I think is a thing. This idea that I'm going to use the cloud as my base layer of abstraction. I've talked to a really interesting startup... Well actually it's a open source project cross plane of where they're taking that cloud model and now I can put my VMware vsphere, my AWS, GCP, et cetera, behind that and use that operating model to manage my overall infrastructure. So, the maturity of the market has fascinated me over the past year, year and a half. >> It really feels like we're at a new inflection point. I totally agree. I want to talk about something completely different. >> Keith: Okay. >> Because I know that we both did this challenge. So one of the things that's really inspiring quite frankly about being here at AWS reInvent, and I know you all at home don't have an opportunity to walk the floor and get the experience and get as many steps as Paul gets in, but there's a real emphasis on giving back. This community cares about giving back and AWS is doing a variety of different activations to donate to a variety of different charities. And there's a DJ booth. I've been joking. It kind of feels like you're arriving at a rave when you get to reInvent. And right next to that, there is a hydrate and help station with these reusable water bottles. This is actually firm. It's not one of those plastic ones that's going to end up in the recycled bin or the landfill. And every single time that you fill up your water bottle, AWS will donate $3 to help women in Kenya get access to water. One of the things that I found really fascinating about the activation is women in sub-Saharan Africa spend 16 million hours carrying water a day, which is a wild concept to think about, and water is heavy. Keith, my man, I know that you did the activation. They had you carrying two 20 pound jugs of water. >> Keith: For about 15 feet. It's not the... >> (laughs) >> 20 pound jugs of water, 20 gallons, whatever the amount is. It was extremely heavy. I'm a fairly sizeable guy. Six four, six five. >> You're in good shape, yeah. >> Keith: Couple of a hundred pounds. >> Yeah. >> Keith: And I could not imagine spending that many hours simply getting fresh water. We take it for granted. Every time I run the water in the sink, my family gets on me because I get on them when they leave the sink water. It's like my dad's left the light on. If you leave the water on in my house, you are going to hear it from me because, you know, things like this tickle in my mind like, wow, people walk that far. >> Savannah: That's your whole day. >> Just water, and that's probably not even enough water for the day. >> Paul: Yeah. We think of that as being, like, an 18th century phenomenon, but it's very much today in parts of Sub-Saharan Africa. >> I know, and we're so privileged. For me, it was just, we work in technology. Everyone here is pretty blessed, and to do that activation really got my head in the right space to think, wow I'm so lucky. The team here, the fabulous production team, can go refill my water bottle. I mean, so simple. They've also got a fitness activation going on. You can jump on a bike, a treadmill, and if you work out for five minutes, they donate $5 to Fred Hutch up in Seattle. And that was nice. I did a little cross-training in between segments yesterday and I just, I really love seeing that emphasis. None of this matters if we're not taking care of community. >> Yeah, I'm going to go out and google Fred Hutch, and just donate the five bucks. 'Cause I'm not, I'm not. >> (laughs) >> I'll run forever, but I'm not getting on a bike. >> This from a guy who did 100 5Ks in a row last year. >> Yeah. I did 100 5Ks in a row, and I'm not doing five minutes on a bike. That's it. That's crazy, right? >> I mean there is a treadmill And they have the little hands workout thing too if you want. >> About five minutes though. >> Savannah: I know. >> Like five minutes is way longer than what you think it is. >> I mean, it's true. I was up there in a dress in sequence. Hopefully, I didn't scar any anyone on the show floor yesterday. It's still toss up. >> I'm going to take us back to back. >> Take us back Paul. >> Back to what we were talking about. I want to know what you're hearing. So we've had a lot of people on this show, a lot of vendors on the show who have said AWS is our most important cloud partner, which would imply that AWS's lead is solidifying its lead and pulling away from the pack as the number one. Do you hear that as well? Or is that lip service? >> Keith: So I always think about AWS reInvent as the Amazon victory lap. This is where they come and just thumb their noses at all the other cloud providers and just show how far ahead they're are. Werner Vogels, CTO at Amazon's keynotes, so I hadn't watched it yet, but at that keynote, this is where they literally take the victory lap and say that we're going to expose what we did four or five years ago on stage, and what we did four or five years ago is ahead of every cloud provider with maybe the exception of GCP and they're maybe three years behind. So customers are overwhelmingly choosing Amazon for these reasons. Don't get me wrong, Corey Quinn, Gardner folks, really went at Adam yesterday about Amazon had three majors outages in December last year. AWS has way too many services that are disconnected, but from the pure capability, I talked to a born in the cloud data protection company who could repatriate their data protection and storage on-prem private data center, save money. Instead, they double down on Amazon. They're using, they modernize their application and they're reduced their cost by 60 to 70%. >> Massive. >> This is massive. AWS is keeping up with customers no matter where they're at on the spectrum. >> Savannah: I love that you use the term victory lap. We've had a lot of folks from AWS here up on the show this week, and a couple of them have said they live for this. I mean, and it's got to be pretty cool. You've got 70 thousand plus people obsessed with your product and so many different partners doing so many different things from the edge to hospital to the largest companies on earth to the Israeli Ministry of Defense we were just talking about earlier, so everybody needs the cloud. I feel like that's where we're at. >> Keith: Yeah, and the next step, I think the next level opportunity for AWS is to get to that analyst or that citizen developer, being able to enable the end user to use a lambda, use these data services to create new applications, and the meanwhile, there's folks on the show floor filling that gap that enable develop... the piece of owner, the piece of parlor owner, to create a web portal that compares his prices and solutions to other vendors in his area and adjust dynamically. You go into a restaurant now and there is no price menu. There's a QR code that Amazon is powering much of that dynamic relationship between the restaurateur, the customer, and even the menu and availability. It's just a wonderful time. >> I always ask for the print menu. I'm sorry. >> Yeah. You want the printed menu. >> Look down, my phone doesn't work. >> Gimme something I could shine my light on. >> I know you didn't have have a chance to look at Vogel's keynote yet, but I mean you mentioned citizen developer. One of the things they announced this morning was essentially a low code lambda interface. So you can plug, take your lamb dysfunctions and do drag and drop a connection between them. So they are going after that market. >> Keith: So I guess I'll take my victory lap because that was my prediction. That's where Amazon's next... >> Well done, Keith. >> Because Lambda is that thing when you look at what server list was and the name of the concept of being, not having to have to worry about servers in your application development, the logical next step, I won't take too much of a leap. That logical first step is, well, code less code. This is something that Kelsey Hightower has talked about a lot. Low code, no code, the ability to empower people without having these artificial barriers, learning how to code in a different language. This is the time where I can go to Valencia, it's pronounced, where I can go to Valencia and not speak Spanish and just have my phone. Why can't we do, at business value, for people who have amazing ideas and enable those amazing ideas before I have to stick a developer in between them and the system. >> Paul: Low-code market is growing 35% a year. It's not surprising, given the potential that's out there. >> And as a non-technical person, who works in technology, I've been waiting for this moment. So keep predicting this kind of thing, Keith. 'Cause hopefully it'll keep happening. Keith, I'm going to give you the challenge we've been giving all of our guests this week. >> Keith: Okay. >> And I know you're going to absolutely crush this. So we are looking for your 32nd Instagram real, sizzle hot take, biggest takeaway from this year's show. >> So 32nd Instagram, I'll even put it on TikTok. >> Savannah: Heck yeah. >> Hybrid cloud, hybrid infrastructure. This is way bigger than Amazon. Whether we're talking about Amazon, AWS, I mean AWS's solutions, Google Cloud, Azure, OCI, on-prem. Customers want it all. They want a way to manage it all, and they need the skill and tools to enable their not-so-growing work force to do it. That is, that's AWS reInvent 2019 to 2022. >> Absolutely nailed it. Keith Townsend, it is always such a joy to have you here on theCUBE. Thank you for joining us >> Savannah Page. Great to have you. Paul, you too. You're always a great co-host. >> (laughs) We co-hosted for three days. >> We've got a lot of love for each other here. And we have even more love for all of you tuning into our fabulous livestream from AWS reInvent Las Vegas, Nevada, with Paul Gillin. I'm Savannah Peterson. You're watching theCUBE, the leader in high tech coverage. (upbeat music)

(bright upbeat music) >> Hello, wonderful Cloud community and welcome back to our wall-to-wall coverage of AWS re:Invent here in Las Vegas, Nevada. I'm Savannah Peterson, joined by the brilliant John Furrier. John, how you doing this afternoon? >> Doing great, feeling good. We've got day three here, another day tomorrow. Wall-to-wall coverage we're already over a hundred something videos, live getting up. >> You're holding up well. >> And then Cloud show is just popping. It's back to pre-pandemic levels. The audience is here, what recession? But there is one coming but apparently doesn't seem to be an unnoticed with the Cloud community. >> I think, we'll be talking a little bit about that in our next interview in the state of the union. Not just our union, but the the general global economy and the climate there with some fabulous guests from Software One. Please welcome Neil and Bernd, welcome to the show, guys. How you doing? >> Great, thank you. >> Really good. >> Yeah, like you said, just getting over the jet lag. >> Yeah, yeah. Pretty good today, yeah, (laughing loudly) glad we did it today. >> I love that Neil, set your smiling and I can feel your energy. Tell us a little bit about Software One and what you all do. >> Yeah, so Software One we're a software and Cloud solutions provider. We're in 90 countries. We have 65,000 customers. >> Savannah: Just a few. >> Yeah, and we really focus on being close to the customers and helping customers through their software and Cloud journey. So we transact, we sell software in Cloud, 10,000 different ISVs. And then on top of that we a lot of services around the spend optimization FinOps we'll talk about as well, and lots of other areas. But yeah, we're really a large scale partner in this space. >> That's awesome. FinOps, cost optimization, pretty much all we've been talking about here on the give. It's very much a hot topic. I'm actually excited about this and Bernd I'm going to throw this one to you first. We haven't actually done a proper definition of what FinOps is at the show yet. What is FinOps? >> Well, largely speaking it's Cloud cost optimization but for us it's a lot more than for others. That's our superpower. We do it all. We do the technology side but we also do the licensing side. So, we have a differentiated offering. If you would look at the six Rs of application migration we do it all, not even an Accenture as it all. And that is our differentiation. >> You know, yesterday Adams left was on the Keynote. He's like waving his hands around. It's like, "Hey, we got if you want to tighten your belt, come to the Cloud." I'm like, wait a minute. In 2008 when the last recession, Amazon wasn't a factor. They were small. Now they're massive, they're huge. They're a big part of the economic equation. What does belt tightening mean? Like what does that mean? Like do customers just go to the marketplace? Do they go, do you guys, so a lot of moving parts now on how they're buying software and they're fine tuning their Cloud too. It's not just eliminate budget, it's fine tune the machine if you will... >> 'make a smarter Cloud. >> Explain this phenomenon, how people are tackling this cost optimization, Cloud optimization. 'Cause they're not going to stop building. >> No. >> This is right sizing and tuning and cutting. >> Yeah, we see, of course with so many customers in so many countries, we have a lot of different views on maturity and we see customers taking the FinOps journey at different paces. But fundamentally what we see is that it's more of an afterthought and coming in at a panic stage rather than building it and engaging with it from the beginning and doing it continuously. And really that's the huge opportunity and AWS is a big believer in this of continued optimization of the Cloud is a confident Cloud. A confident Cloud means you'll do more with it. If you lose confidence in that bill in what how much it's costing you, you're going to retract. And so it's really about making sure all customers know exactly what's in there, how it's optimized, restocking, reformatting applications, getting more out of the microservices and getting more value out the Cloud and that will help them tighten that belt. >> So the euphoric enthusiasm of previous years of building water just fallen the pipes leaving the lights on when you go to bed. I mean that's kind of the mentality. People were not literally I won't say they weren't not paying attention but there was some just keep going we're all good now it's like whoa, whoa. We turn that service off and no one's using it or do automation. So there's a lot more of that mindset emerging. We're hearing that for the first time price performance being mindful of what's on and off common sense basically. >> Yeah, but it's not just that the lights are on and the faucets are open it's also the air condition is running. So the FinOps foundation is estimating that about a third of Cloud spend is waste and that's where FinOps comes in. We can help customers be more efficient in the Cloud and lower their Cloud spend while doing the same or more. >> So, let's dig in a little bit there. How do you apply FinOps when migrating to the Cloud? >> Well, you start with the business case and you're not just looking at infrastructure costs like most people do you ought look at software licensing costs. For example, if you run SQL on-premise you have an enterprise agreement. But if you move it to the Cloud you may actually take a different more favorable licensing agreement and save a lot of money. And these things are hidden. They're not to be seen but they need to be part of the business case. >> When you look at the modernization trend we had an analyst on our session with David Vellante and Zs (indistinct) from ZK Consulting. He had an interesting comment. He said, "Spend more in Cloud to save more." Which is a mindset that doesn't come across right. Wait a minute, spend more, save more. You can do bet right now with the Clouds kind of the the thesis of FinOps, you don't have to cut. Just kind of cut the waste out but still spend and build if you're smart, there's a lot more of that going on. What does that mean? >> I mean, yeah I've got a good example of this is, we're the largest Microsoft provider in the world. And when of course when you move Microsoft workloads to the Cloud, you don't... Maybe you don't want a server, you can go serverless, right? So you may not win a server. Bernd said SQL, right? So, it's not just about putting applications in the Cloud and workloads in the Cloud. It's about modernizing them and then really taking advantage of what you can really do in the Cloud. And I think that's where the customers are still pretty immature. They're still on that journey of throwing stuff in there and then realizing actually they can take way more advantage of what services are in there to reduce the amount and get even more in there. >> Yeah, and so the... You want to say, something? >> How much, just building on the stereotypical image of Cloud customer is the marketing person with a credit card, right? And there are many of them and they all buy their own Cloud and companies have a hard time consolidating the spend pulling it together, even within a country. But across countries across the globe, it's really, really hard. If you pull it all together, you get a better discount. You spend more to save more. >> Yeah, and also there's a human piece. We had an intern two summers ago playing with our Cloud. We're on a Cloud with our media plus stack left a service was playing around doing some tinkering and like, where's this bill? What is this extra $20,000 came from. It just, we left a service on... >> It's a really good point actually. It's something that we see almost every day right now which is customers also not understanding what they've put in the Cloud and what the implications of spikes are. And also therefore having really robust monitoring and processes and having a partner that can look after that for them. Otherwise we've got customers where they've been really shocked about not doing things the right way because they've empowered the business but also not with the maturity that the business needs to have that responsibility. >> And that's a great point. New people coming in and or people being platooned through new jobs are getting used to the Cloud. That's a great point. I got that brings up my security question 'cause this comes up a lot. So that's what's a lot of spend of people dialing up more security. Obviously people try everything with security, every tool, every platform, and throw everything at the problem. How does that impact the FinOps equation? 'Cause Dev SecOps is now part of everything. Okay, moving security at the CICD pipeline, that's cool. Check Cloud native applications, microservices event-based services check. But now you've got more security. How does that factor into the cost side? What you guys look at that can you share your thoughts on how your customers are managing their security posture without getting kind of over the barrel, if you will? >> Since we are at AWS re:Invent, right? We can talk about the well architected framework of AWS and there's six components to it. And there's reliability, there's security cost, performance quality, operational quality and sustainability. And so when we think about migrating apps to the Cloud or modernizing them in the Cloud security is always a table stakes. >> And it has to be, yeah, go ahead. >> I really like what AWS is doing with us on that. We partner very closely on that area. And to give you a parallel example of Microsoft I don't feel very good about that at the moment. We see a lot of customers right now that get hacked and normally it's... >> 'yeah that's such a topic. >> You mean on Azure? >> Yeah, and what happens is that they normally it's a crypto mining script that the customer comes in they come in as the customer get hacked and then they... We saw an incident the other day where we had 2,100 security incidents in a minute where it all like exploded on the customer side. And so that's also really important is that the customer's understanding that security element also who they're letting in and out of their organization and also the responsibility they have if things go bad. And that's also not aware, like when they get hacked, are they responsible for that? Are they not responsible? Is the provider... >> 'shared responsibility? >> Yeah. >> 'well that security data lake the open cybersecurity schema framework. That's going to be very interesting to see how that plays out to your point. >> Absolutely, absolutely. >> Yeah, it is fascinating and it does require a lot of collaboration. What other trends, what other big challenges are you seeing? You're obviously working with customers at incredible scale. What are some of the other problems you're helping them tackle? >> I think we work with customers from SMB all the way up to enterprise and public sector. But what we see is more in the enterprise space. So we see a lot of customers willing to commit a lot to the Cloud based on all the themes that we've set but not commit financially for all the PNLs that they run in all the business units of all the different companies that they may own in different countries. So it's like, how can I commit but not be responsible on the hook for the bill that comes in. And we see this all the time right now and we are working closely with AWS on this. And we see the ability for customers to commit centrally but decentralized billing, decentralized optimization and decentralized FinOps. So that's that educational layer within the business units who owns the PNL where they get that fitness and they own what they're spending but the company is alone can commit to AWS. And I think that's a big trend that we are seeing is centralized commitment but decentralized ownership in that model. >> And that's where the marketplaces kind of fit in as well. >> Absolutely. >> Yeah, yeah. Do you want to add some more on that? >> I mean the marketplace, if you're going to cut your bill you go to the marketplace right there you want single dashboard or your marketplace what's the customer going to do when they're going to tighten their belts? What do they do? What's their workflow, marketplace? What's the process? >> Well, on marketplaces, the larger companies will have a private marketplace with dedicated pricing managed service they can call off. But that's for the software of the shelf. They still have the data centers they still have all the legacy and they need to do the which ones are we going to keep which ones are we going to retire, we repurchase, we license, rehouse, relocate, all of those things. >> That's your wheelhouse. >> It's a three, yes is our wheelhouse. It's a three to five year process for most companies. >> This could be a tailwind for you guys. This is like a good time. >> I mean FinOps is super cool and super hot right now. >> Not that you're biased? (all laughing loudly) >> But look, it's great to see it because well we are the magic quadrant leader in software asset management, which is a pedigree of ours. But we always had to convince customers to do that because they're always worried, oh what you're going to find do I have an audit? Do I have to give Oracles some more money or SAP some more money? So there's always like, you know... >> 'don't, (indistinct). >> How compliant do I really want? >> Is anyone paying attention to this? >> Well FinOps it's all upside. Like it's all upside. And so it's completely flipped. And now we speak to most customers that are building FinOps internally and then they're like, hold on a minute I'm a bank. Why do I have hundred people doing FinOps? And so that's the trend that we've seen because they just get more and more value out of it all the time. >> Well also the key mindset is that the consumption based model of Cloud you mentioned Oracle 'cause they're stuck in that whoa, whoa, whoa, how many servers license and they're stuck in that extortion. And now they got Cloud once you're on a variable, what's the downside? >> Exactly and then you can look at all the applications, see where you can go serverless see where you can go native services all that sort of stuff is all upside. >> And for the major workloads like SAP and Oracle and Microsoft defined that customers save in the millions. >> Well just on that point, those VMware, SAP, these workloads they're being rolled and encapsulated into containers and Kubernetes run times moved into the Cloud, they're being refactored. So that's a whole nother ballgame. >> Yes. Lift and shift usually doesn't save you any money. So that's relocation with containers may save you money but in some cases you have to... >> 'it's more in the Cloud now than ever before. >> Yeah >> Yeah, yeah. >> Before we take him to the challenge portion we have a little quiz for you, or not a quiz, but a little prop for you in a second. I want to talk about your role. You have a very important role at the FinOps Foundation and why don't you tell me more about that? You, why don't you go. >> All right, so yeah I mean we are a founding member of the Finops organization. You can tell I'm super passionate about it as well. >> I wanted to keep that club like a poster boy for FinOps right now. It's great, I love the energy. >> You have some VA down that is going to go up on the table and dance, (all laughing loudly) >> We're ready for it. We're waiting for that performance here on theCUBE this week. I promise I would keep everyone up an alert... >> 'and it's on the post. And our value to the foundation is first of all the feedback we get from all our customers, right? We can bring that back as an organization to that also as one of the founding members. We're one of the only ones that really deliver services and platforms. So we'll work with Cloud health, Cloud ability our own platform as well, and we'll do that. And we have over 200 practitioners completely dedicated to FinOps as well. So, it's a great foundation, they're doing an amazing job and we're super proud to be part of that. >> Yeah, I love that you're contributing to the community as well as supporting it, looking after your customers. All right, so our new tradition here on theCUBE at re:Invent 'cause we're looking for your 32nd Instagram reel hot take sizzle of thought leadership on the number one takeaway most important theme of the show this year Bernd do you want to go first? >> Of the re:Invent show or whatever? >> You can interpret that however you want. We've gotten some unique interpretations throughout the week, so we're probing. >> Everybody's looking for the superpower to do more with less in the Cloud. That will be the theme of 2023. >> Perfect, I love that. 10 seconds, your mic very efficient. You're clearly providing an efficient solution based on that answer. >> I won't that much. That's... (laughing loudly) >> It's the quiz. And what about you Neil? Give us your, (indistinct) >> I'm going to steal your comment. It's exactly what I was thinking earlier. Tech is super resilient and tech is there for customers when they want to invest and modernize and do fun stuff and they're also there for when they want to save money. So we are always like a constant and you see that here. It's like this is... It's always happening here, always happening. >> It is always happening. It really can feel the energy. I hope that the show is just as energetic and fun for you guys. As the last few minutes here on theCUBE has been thank you both for joining us. >> Thanks. >> Thank you very much. >> And thank you all so much for tuning in. I hope you enjoyed this conversation about FinOps, Cloud confidence and all things AWS re:Invent. We're here in Las Vegas, Nevada with John Furrier, my name is Savannah Peterson. You're watching theCUBE, the leader in high tech coverage. (bright upbeat music)

(upbeat music) (logo shimmers) >> Good afternoon everyone, and welcome back to AWS re Invent 2022. We are live here from the show floor in Las Vegas, Nevada, we're theCUBE, my name is Savannah Peterson, joined by John Furrier, John, are you excited for the next segment? >> I love the innovation story, this next segment's going to be really interesting, an example of ecosystem innovation in action, it'll be great. >> Yeah, our next guests are actually award-winning, I am very excited about that, please welcome Alan and Becky from IBM. Thank you both so much for being here, how's the show going for ya? Becky you got a, just a platinum smile, I'm going to go to you first, how's the show so far? >> No, it's going great. There's lots of buzz, lots of excitement this year, of course, three times the number of people, but it's fantastic. >> Three times the number of people- >> (indistinct) for last year. >> That is so exciting, so what is that... Do you know what the total is then? >> I think it's over 55,000. >> Ooh, loving that. >> John: A lot. >> It's a lot, you can tell by the hallways- >> Becky: It's a lot. >> John: It's crowded, right. >> Yeah, you can tell by just the energy and the, honestly the heat in here right now is pretty good. Alan, how are you feeling on the show floor this year? >> Awesome, awesome, we're meeting a lot of partners, talking to a lot of clients. We're really kind of showing them what the new IBM, AWS relationship is all about, so, beautiful time to be here. >> Well Alan, why don't you tell us what that partnership is about, to start us off? >> Sure, sure. So the partnership started with the relationship in our consulting services, and Becky's going to talk more about that, right? And it grew, this year it grew into the IBM software realm where we signed an agreement with AWS around May timeframe this year. >> I love it, so, like you said, you're just getting started- >> Just getting started. >> This is the beginning of something magic. >> We're just scratching the surface with this right? >> Savannah: Yeah. >> But it represents a huge move for IBM to meet our clients where they are, right? Meet 'em where they are with IBM technology, enterprise technology they're used to, but with the look and feel and usage model that they're used to with AWS. >> Absolutely and so to build on that, you know, we're really excited to be an AWS Premier Consulting Partner. We've had this relationship for a little over five years with AWS, I'd say it's really gone up a notch over the last year or two as we've been working more and more closely, doubling down on our investments, doubling down on our certifications, we've got over 15,000 people certified now, almost 16,000 actually- >> Savannah: Wow. >> 14 competencies, 16 service deliveries and counting. We cover a mass of information and services from Data Analytics, IoT, AI, all the way to Modernization, SAP, Security Services, right. So it's pretty comprehensive relationship, but in addition to the fantastic clients that we both share, we're doing some really great things around joint industry solutions, which I'll talk about in a few minutes and some of those are being launched at the conference this year, so that's even better. But the most exciting thing to me right now is that we just found out that we won the Global Innovator Partner of the Year award, and a LATAM Partner of the Year award. >> Savannah: Wow. >> John: That's (indistinct) >> So, super excited for IBM Consulting to win this, we're honored and it's just a great, exciting part to the conference. >> The news coming out of this event, we know tomorrow's going to be the big keynote for the new Head of the ecosystem, Ruba. We're hearing that it's going to be all about the ecosystem, enabling value creation, enabling new kinds of solutions. We heard from the CEO of AWS, this nextGen environment's upon us, it's very solution-oriented- >> Becky: Absolutely. >> A lot of technology, it's not an either or, it's an and equation, this is a huge new shift, I won't say shift, a continuation for AWS, and you guys, we've been covering, so you got the and situation going on... Innovation solutions and innovation technology and customers can choose, build a foundation or have it out of the box. What's your reaction to that? Do you think it's going to go well for AWS and IBM? >> I think it fits well into our partnership, right? The the thing you mentioned that I gravitate to the most is the customer gets to choose and the thing that's been most amazing about the partnership, both of these companies are maniacally focused on the customer, right? And so we've seen that come about as we work on ways the customer to access our technology, consume the technology, right? We've sold software on-prem to customers before, right, now we're going to be selling SaaS on AWS because we had customers that were on AWS, we're making it so that they can more easily purchase it by being in the marketplace, making it so they can draw down their committed spin with AWS, their customers like that a lot- [John] Yeah. >> Right. We've even gone further to enable our distributor network and our resellers, 'cause a lot of our customers have those relationships, so they can buy through them. And recently we've enabled the customer to leverage their EDP, their committed spend with AWS against IBM's ELA and structure, right, so you kind of get a double commit value from a customer point of view, so the amazing part is just been all about the customers. >> Well, that's interesting, you got the technology relationship with AWS, you mentioned how they're engaging with the software consumption in marketplace, licensed deals, there's all kinds of new business model innovations on top of the consumption and building. Then you got the consulting piece, which is again, a big part of, Adam calls it "Business transformation," which is the result of digital transformation. So digital transformation is the process, the outcome is the business transformation, that's kind of where it all kind of connects. Becky, what's your thoughts on the Amazon consulting relationships? Obviously the awards are great but- >> They are, no- >> What's the next step? Where does it go from here? >> I think the best way for me to describe it is to give you some rapid flyer client examples, you know, real customer stories and I think that's where it really, rubber meets the road, right? So one of the most recent examples are IBM CEO Arvind Krishna, in his three key results actually mentioned one of our big clients with AWS which is the Department of Veterans Affairs in the US and is an AI solution that's helped automate claims processing. So the veterans are trying to get their benefits, they submit the claims, snail mail, phone calls, you know, some in person, some over email- >> Savannah: Oh, it gives me all the feels hearing you talk about this- >> It's a process that used to take 25 to 30 days depending on the complexity of the claims, we've gotten it down with AWS down to within 24 hours we can get the veterans what they need really quickly so, I mean, that's just huge. And it's an exciting story that includes data analytics, AI and automation, so that's just one example. You know, we've got examples around SAP where we've developed a next generation SAP for HANA Platform for Phillips Carbon Black hosted on AWS, right? For them, it created an integrated, scalable, digital business, that cut out a hundred percent the capital cost from on-prem solutions. We've got security solutions around architectures for telecommunications advisors and of course we have lots of examples of migration and modernization and moving workloads using Red Hat to do that. So there's a lot of great client examples, so to me, this is the heart of what we do, like you said, both companies are really focused on clients, Amazon's customer-obsessed, and doing what we can for our clients together is where we get the impact. >> Yeah, that's one of the things that, it sounds kind of cliche, "Oh we're going to work backwards from the customer," I know Amazon says that, they do, you guys are also very customer-focused but the customers are changing. So I'd love to get your reaction because we're now in that cloud 2.0, I call that 2.0 or you got the Amazon Classic, my word, and then Next Gen Cloud coming, the customers are different, they're transforming because IT's not a department anymore, it's in the DevOps pipeline. The developers are driving a lot of IT but security and on DataOps, it's the structural change happening at the customer, how do you guys see that at IBM? I know we cover a lot of Red Hat and Arvind talks to us all the time, meeting the customer where they are, where are they? Where are the customers? Can you share your perspective on where they are? >> It's an astute observation, right, the customer is changing. We have both of those sets of customers, right, we still have the traditional customer, our relationship with Central IT, right, and driving governance and all of those things. But the folks that are innovating many times they're in the line of business, they're discovering solutions, they're building new things. And so we need our offerings to be available to them. We need them to understand how to use them and be convenient for these guys and take them through that process. So that change in the customer is one that we are embracing by making our offerings easy to consume, easy to use, and easy to build into solutions and then easy to parlay into what central IT needs to do for governance, compliance, and these types of things, it's becoming our new bread and butter. >> And what's really cool is- >> Is that easy button- >> We've been talking about- >> It's the easy button. >> The easy button a lot on the show this week and if you just, you just described it it's exactly what people want, go on Becky. >> Sorry about that, I was going to say, the cool part is that we're co-creating these things with our clients. So we're using things like the Amazon Working Backward that you just mentioned.` We're using the IBM garage methodology to get innovative to do design working, design thinking workshops, and think about where is that end user?, Where is that stakeholder? Where are they, they thinking, feeling, doing, saying how do we make the easier? How do we get the easy button for them so that they can have the right solutions for their businesses. We work mostly with lines of business in my part of the organization, and they're hungry for that. >> You know, we had a quote on theCUBE yesterday, Savannah remember one of our guests said, you know, back in the, you know, 1990s or two 2000s, if you had four production apps, it was considered complex >> Savannah: Yeah. >> You know, now you got hundreds of workloads, thousands of workloads, so, you know, this end-to-end vision that we heard that's playing out is getting more complex, but the easy button is where these abstraction layers and technology could come in. So it's getting more complex because there's more stuff but it's getting easier because- >> Savannah: What is the magnitude? >> You can make it easier. This is a dynamic, share your thoughts on that. >> It's getting more complex because our clients need to move faster, right, they need to be more agile, right, so not only are there thousands of applications there are hundreds of thousands microservices that are composing those applications. So they need capabilities that help them not just build but govern that structure and put the right compliance over that structure. So this relationship- >> Savannah: Lines of governance, yeah- >> This relationship we built with AWS is in our key areas, it's a strategic move, not a small thing for us, it covers things like automation and integration where you need to build that way. It covers things like data and AI where you need to do the analytics, even things like sustainability where we're totally aligned with what AWS is talking about and trying to do, right, so it's really a good match made there. >> John: It really sounds awesome. >> Yeah, it's clear. I want to dig in a little bit, I love the term, and I saw it in my, it stuck out to me in the notes right away, getting ready for you all, "maniacal", maniacal about the customer, maniacal about the community, I think that's really clear when we're talking about 24 days to 24 hours, like the veteran example that you gave right there, which I genuinely felt in my heart. These are the types of collaborations that really impact people's lives, tell me about some of the other trends or maybe a couple other examples you might have because I think sometimes when our head's in the clouds, we talk a lot about the tech and the functionality, we forget it's touching every single person walking around us, probably in a different way right now than we may even be aware- >> I think one of the things that's been, and our clients have been asking us for, is to help coming into this new era, right, so we've come out of a pandemic where a lot of them had to do some really, really basic quick decisions. Okay, "Contact Center, everyone work from home now." Okay, how do we do that? Okay, so we cobbled something together, now we're back, so what do we do? How do we create digital transformation around that so that we are going forward in a really positive way that works for our clients or for our contact center reps who are maybe used to working from home now versus what our clients need, the response times they need, and AWS has all the technology that we're working with like Amazon Connect to be able to pull those things together with some of our software like Watson Assistant. So those types of solutions are coming together out of that need and now we're moving into the trend where economy's getting tougher, right? More cost cutting potentially is coming, right, better efficiencies, how do we leverage our solutions and help our clients and customers do that? So I think that's what the customer obsession's about, is making sure we really understand where their pain points are, and not just solve them but maybe get rid of 'em. >> John: Yeah, great one. >> Yeah. And not developing in a silo, I mean, it's a classic subway problem, you got to be communicating with your community if you want to continue to serve them. And IBM's been serving their community for a very long time, which is super impressive, do you think they're ready for the challenge? >> Let's do it. >> So we have a new thing on theCUBE. >> Becky: Oh boy. >> We didn't warn you about this, but here we go. Although you told, Alan, you've mentioned you're feeling very cool with the microphone on, so I feel like, I'm going to put you in the hot seat first on this one. Not that I don't think Becky's going to smash it, but I feel like you're channeling the power of the microphone. New challenges, treat it like a 32nd Instagram reel-style story, a hot take, your thought leadership, money clip, you know, this is your moment. What is the biggest takeaway, most important thing happening at the show this year? >> Most important thing happening at the show? Well, I'm glad you mentioned it that way, because earlier you said we may have to sing (presenters and guests all laughing) >> So this is much better than- >> That's actually part of the close. >> John: Hey, hey. >> Don't worry, don't worry, I haven't forgotten that, it's your Instagram reel, go. (Savannah laughs) >> Original audio happening here on theCUBE, courtesy of Alan and IBM, I am so here for it. >> So what my takeaway and what I would like for the audience to take away, out of this conversation especially, but even broadly, the IBM AWS relationship is really like a landmark type of relationship, right? It's one of the biggest that we've established on both sides, right- >> Savannah: It seems huge, okay you are too monolith in the world of companies, like, yeah- >> Becky: Totally. >> It's huge. And it represents a strategic change on both sides, right? With that customer- >> Savannah: Fundamentally- >> In the middle right? >> Savannah: Yeah. >> So we're seeing things like, you know, AWS is working with us to make sure we're building products the way that a AWS client likes to consume them, right, so that we have the right integration, so they get that right look and feel, but they still get the enterprise level capabilities they're used to from IBM, right? So the big takeaway I like for people to take, is this is a new IBM, it's a new AWS and IBM relationship, and so expect more of that goodness, more of those new things coming out of it. [John] Excellent, wow. >> That was great, well done, you nailed it. and you're going to finish with some acapella, right? (Alan laughs) >> You got a pitch pipe ready? (everyone laughs) >> All right Becky, what about you? Give us your hot take. >> Well, so for me, the biggest takeaway is just the way this relationship has grown so much, so, like you said, it's the new IBM it's the new AWS, we were here last year, we had some good things, this year we're back at the show with joint solutions, have been jointly funded and co-created by AWS and IBM. This is huge, this is a really big opportunity and a really big deal that these two companies have come together, identified joint customer needs and we're going after 'em together and we're putting 'em in the booth. >> Savannah: So cool. And there's things like smart edge for welding solutions that are out there. >> Savannah: Yes. >> You know, I talked about, and it's, you know you wouldn't think, "Okay, well what's that?" There's a lot to that, a lot of saving when you look at how you do welding and if you apply things like visual AI and auditory AI to make sure a weld is good. I mean, I think these are, these things are cool, I geek out on these things- >> John: Every vertical. >> I'm geeking out with you right now, just geeking- >> Yeah, yeah, yeah, so- >> Every vertical is infected. >> They are and it's so impactful to have AWS just in lockstep with us, doing these solutions, it's so different from, you know, you kind of create something that you think your customers like and then you put it out there. >> Yeah, versus this moment. >> Yeah, they're better together. >> It's strategic partnership- >> It's truly a strategic partnership. and we're really bringing that this year to reinvent and so I'm super excited about that. >> Congratulations. >> Wow, well, congratulations again on your awards, on your new partnership, I can't wait to hear, I mean, we're seven months in, eight months in to this this SaaS side of the partnership, can't wait to see what we're going to be talking about next year when we have you back on theCUBE. >> I know. >> and maybe again in between now and then. Alan, Becky, thank you both so much for being here, this was truly a joy and I'm sure you gave folks a taste of the new IBM, practicing what you preach. >> John: Great momentum. >> And I'm just, I'm so impressed with the two companies collaborating, for those of us OGs in tech, the big companies never collaborated before- >> Yeah. >> John: Yeah. Joint, co-created solutions. >> And you have friction between products and everything else. I mean's it's really, co-collaboration is, it's a big theme for us at all the shows we've been doing this year but it's just nice to see it in practice too, it's an entirely different thing, so well done. >> Well it's what gets me out of the bed in the morning. >> All right, congratulations. >> Very clearly, your energy is contagious and I love it and yeah, this has been great. Thank all of you at home or at work or on the International Space Station or wherever you might be tuning in from today for joining us, here in Las Vegas at AWS re Invent where we are live from the show floor, wall-to-wall coverage for three days with John Furrier. My name is Savannah Peterson, we're theCUBE, the source for high tech coverage. (cheerful upbeat music)

>>Hello everyone. Welcome back to the Cube Live, AWS Reinvent 2022. This is our first day of three and a half days of wall to wall coverage on the cube. Lisa Martin here with Dave Valante. Dave, it's getting louder and louder behind us. People are back. They're excited. >>You know what somebody told me today? Hm? They said that less than 15% of the audience is developers. I'm like, no way. I don't believe it. But now maybe there's a redefinition of developers because it's all about the data and it's all about the developers in my mind. And that'll never change. >>It is. And one of the things we're gonna be talking about is app modernization. As customers really navigate the journey to do that so that they can be competitive and, and meet the demands of customers. We've got an alumni back with us to talk about that. AJ Patel joins us, the SVP and GM Modern Apps and Management business group at VMware. Aj, welcome back. Thank >>You. It's always great to be here, so thank you David. Good to see >>You. Isn't great. It's great to be back in person. So the VMware Tansu team here back at Reinvent on the Flow Shore Flow show floor. There we go. Talk about some of the things that you guys are doing together, innovating with aws. >>Yeah, so it's, it's great to be back after in person after multiple years and the energy level continues to amaze me. The partnership with AWS started on the infrastructure side with VMware cloud on aws. And when with tanza, we're extending it to the application space. And the work here is really about how do you make developers productive To your earlier point, it's all about developers. It's all about getting applications in production securely, safely, continuously. And tanza is all about making that bridge between great applications being built, getting them deployed and running, running and operating at scale. And EKS is a dominant Kubernetes platform. And so the better together story of tanu and EKS is a great one for us, and we're excited to announce some sort of innovations in that area. >>Well, Tanu was so front and center at VMware Explorer. I wasn't at in, in VMware Explorer, Europe. Right. But I'm sure it was a similar kind of focus. When are customers choosing Tanu? Why are they choosing Tanu? What's, what's, what's the update since last August when >>We, you know, the market settled into three main use cases. One is all about developer productivity. You know, consistently we're all dealing with skill set gap issues. How do we make every developer productive, modern developer? And so 10 is all about enabling that develop productivity. And we can talk quite a bit about it. Second one is security's front and center and security's being shifted left right into how you build great software. How do you secure that through the entire supply chain process? And how do you run and operationalize secure at runtime? So we're hearing consistently about making secure software supply chain heart of what our solution is. And third one is, how do I run and operate the modern application at scale across any Kubernetes, across any cloud? These are the three teams that are continuing to get resonance and empowering. All of this is exciting. David is this formation of platform teams. I just finished a study with Bain Consulting doing some research for me. 40% of our organization now have some form of a central team that's responsive for, for we call platform engineering and building platforms to make developers productive. That is a big change since about two years ago even. So this is becoming mainstream and customers are really focusing on delivering in value to making developers productive. >>Now. And, and, and the other nuance that I see, and you kinda see it here in the ecosystem, but when you talk about your customers with platform engineering, they're actually building their, they're pointing their business. They gonna page outta aws, pointing their businesses to their customers, right? Becoming software companies, becoming cloud companies and really generating new forms of revenue. >>You know, the interesting thing is, some of my customers I would never have thought as leading edge are retailers. Yeah. And not your typical Starbucks that you get a great example. I have an auto parts company that's completely modernizing how they deliver point of sale all the way to the supply chain. All built on ES at scale. You're typically think of that a financial services or a telco leading the pack. But I'm seeing innovation in India. I'm seeing the innovation in AMEA coming out of there, across the board. Every industry is becoming a product company. A digital twin as we would call it. Yeah. And means they become software houses. Yeah. They behave more like you and I in this event versus a, a traditional enterprise. >>And they're building their own ecosystems and that ecosystem's generating data that's generating more value. And it's just this cycle. It's, >>It's a amazing, it's a flywheel. So innovation continues to grow. Talk about really unlocking the developer experience and delivering to them what they need to modernize apps to move as fast and quickly as they want to. >>So, you know, I think AWS coin this word undifferentiated heavy lifting. If you think of a typical developer today, how much effort does he have to put in before he can get a single line of code out in production? If you can take away all the complexity, typically security compliance is a big headache for them, right? Developer doesn't wanna worry about that. Infrastructure provisioning, getting all the configurations right, is a headache for them. Being able to understand what size of infrastructure or resource to use cost effectively. How do you run it operationally? Cuz the application team is responsible for the operational cost of the product or service. So these are the un you know, heavy lifting that developers want to get away from. So they wanna write great code, build great experiences. And we've always talked about frameworks a way to abstract with the complexity. And so for us, there's a massive opportunity to say, how do I simplify and take away all the heavy lifting to get an idea into production seamlessly, continuously, securely. >>Is that part of your partnership? Because you think about a aws, they're really not about frameworks, they're about primitives. I mean, Warner Vos even talks about that in his, in his speech, you know, but, but that makes it more challenging for developers. >>No, actually, if you look at some of their initial investments around proton and et cetera work, they're starting to do, they're recognized, you know, PS is a bad, bad word, but the outcomes a platform as a service offers is what everybody wants. Just talking to the AWS leaders, responsible area, he actually has a separate build team. He didn't know what to call the third team. He has a Kubernetes team, he has a serverless team and has a build team. And that build team is everything above Kubernetes to make the developer productive. Right. And the ecosystem to bring together to make that happen. So I think AWS is recognizing that primitives are great for the elite developers, but if they want to get the mass scale and adoption in the business, it, if you will, they're gonna have to provide richer set of building blocks and reduce the complex and partnership like ours. Make that a reality. And what I'm excited about is there's a clear gap here, and t's the best platform to kind of fill that gap. Well, >>And I, I think that, you know, they're gonna double down triple, I just wrote about this double down, triple down on the primitives. Yes. They have to have the best, you know, servers and storage and database. And I think the way they, they, I call it taping the seams is with the ecosystem. Correct. You know, and they, nobody has a, a better ecosystem. I mean, you guys are, you know, the, the postage child for the ecosystem and now this even exceeds that. But partnering up, that's how they >>Continue to, and they're looking for someone who's open, right? Yeah. Yeah. And so one of the first question is, you know, are you proprie or open? Because one of the things they're fighting against is the lock in. So they can find a friendly partner who is open source, led, you know, upstream committing to the code, delivering that innovation, and bring the ecosystem into orchestrated choreography. It's like singing a music, right? They're running a, running an application delivery team is like running a, a musical orchestra. There's so many moving parts here, right? How do you make them sing together? And so if Tan Zoo and our platform can help them sing and drive more of their services, it's only more valuable for them. And >>I think the partners would generally say, you know, AWS always talking about customer obsession. It's like becomes this bromine, you go, yeah, yeah. But I actually think in the field, the the sellers would say, yeah, we're gonna do what the customer, if that means we're gonna partner up. Yeah. And I think AWS's comp structure makes it sort >>Of, I learned today how, how incentives with marketplaces work. Yeah. And it is powerful. It's very powerful. Yeah. Right. So you line up the sales incentive, you line up the customer and the benefits, you line up bringing the ecosystem to drive business results and everybody, and so everybody wins. And which is what you're seeing here, the excitement and the crowd is really the whole, all boats are rising. Yeah. Yeah. Right, right. And it's driven by the fact that customers are getting true value out of it. >>Oh, absolutely. Tremendous value. Speaking of customers, give us an example of a customer story that you think really articulates the value of what Tanzi was delivering, especially making that developer experience far simpler. What are some of those big business outcomes that that delivers? >>You know, at Explorer we had the CIO of cvs and with their acquisition of Aetna and CVS Health, they're transforming the, the health industry. And they talked about the whole covid and then how they had to deliver the number of, you know, vaccines to u i and how quickly they had to deliver on that. It talked about Tanu and how they leverage, leverage a Tanza platform to get those new applications out and start to build that. And Ro was basically talking about his number one prior is how does he get his developers more productive? Number to priority? How does he make sure the apps are secure? Number three, priority, how does he do it cost effectively in the world? Particularly where we're heading towards where, you know, the budgets are gonna get tighter. So how do I move more dollars to innovation while I continue to drive more efficiency in my platform? And so cloud is the future. How does he make the best use of the cloud both for his developers and his operations team? Right? >>What's happening in serverless, I, in 2017, Andy Chassy was in the cube. He said if AWS or if Amazon had to build all over again, they would build in, in was using serverless. And that was a big quote. We've mined that for years. And as you were talking about developer productivity, I started writing down all the things developers have to do. Yep. With it, they gotta, they gotta build a container image. They said they gotta deploy an EC two instance. They gotta allocate memory, they gotta fence off the apps in a virtual machine. They gotta run the, you know, compute against the app goes, they gotta pay for all that. So, okay, what's your story on, what's the market asking for in terms of serverless? Because there's still some people who want control over the run time. Help us sift through that. >>And it really comes back to the application pattern or the type you're running. If it's a stateless application that you need to spin up and spin down. Serverless is awesome. Why would I wanna worry about scaling it up in, I wanna set up some SLAs, SLIs service level objectives or, or, or indicators and then let the systems bring the resources I need as I need them. That's a perfect example for serverless, right? On the other hand, if you have a, a more of a workflow type application, there's a sequence, there's state, try building an application using serverless where you had to maintain state between two, two steps in the process. Not so much fun, right? So I don't think serverless is the answer for everything, but many use cases, the scale to zero is a tremendous benefit. Events happen. You wanna process something, work is done, you quietly go away. I don't wanna shut down the server started up, I want that to happen magically. So I think there's a role of serverless. So I believe Kubernetes and servers are the new runtime platform. It's not one or the other. It's about marrying that around the application patterns. I DevOps shouldn't care about it. That's an infrastructure concern. Let me just run application, let the infrastructure manage the operations of it, whether it's serverless, whether it's Kubernetes clusters, whether it's orchestration, that's details right. I I I shouldn't worry about it. Right. >>So we shouldn't think of those as separate architectures. We should think of it as an architecture, >>The continuum in some ways Yeah. Of different application workload types. And, and that's a toolkit that the operator has at his disposal to configure and saying, where does, should that application run? Should I want control? You can run it on a, a conveyance cluster. Can I just run it on a serverless infrastructure and and leave it to the cloud provider? Do it all for me. Sure. What, what was PAs? PAs was exactly that. Yeah. Yeah. Write the code once you do the rest. Yeah. Okay. Those are just elements of that. >>And then K native is kinda in the middle, >>Right? K native is just a technology that's starting to build that capability out in a standards way to make serverless available consistently across all clouds. So I'm not building to a, a lambda or a particular, you know, technology type. I'm building it in a standard way, in a standard programming model. And infrastructure just >>Works for me on any cloud. >>The whole idea portability. Consistency. >>Right. Powerful. Yep. >>What are some of the things that, that folks can expect to learn from VMware Tan to AWS this week at the >>Show? Yeah, so there's some really great announcements. First of all, we're excited to extend our, our partnership with AWS in the area of eks. What I mean by that is we traditionally, we would manage an EKS cluster, you visibility of what's running in there, but we weren't able to manage the lifecycle With this announcement. We can give you a full management of lifecycle of S workloads. Our customers have 400 plus EKS clusters, multiple teams sharing those in a multi-tenanted way with common policy. And they wanna manage a full life cycle, including all the upstream open source component that make up Kubernetes people. That ES is the one thing, it's a collection of a lot of open, open source packages. We're making it simple to manage it consistently from a single place on the security front. We're now making tons of service mesh available in the marketplace. >>And if you look at what service MeSHs, it's an overlay. It's an abstraction. I can create an idea of a global name space that cuts across multiple VPCs. I'm, I'm hearing at Amazon's gonna make some announcements around VPC and how they stitch VPCs together. It's all moving towards this idea of abstractions. I can set policy at logical level. I don't have to worry about data security and the communication between services. These are the things we're now enabling, which are really an, and to make EKS even more productive, making enterprise grade enterprise ready. And so a lot of excitement from the EKS development teams as well to partner closely with us to make this an end to end solution for our >>Customers. Yeah. So I mean it's under chasy, it was really driving those primitives and helping developers under continuing that path, but also recognizing the need for solutions. And that's where the ecosystem comes in, >>Right? And the question is, what is that box? As you said last time, right? For the super cloud, there is a cloud infrastructure, which is becoming the new palette, but how do you make sense of the 300 plus primitives? How do you bring them together? What are the best practices, patterns? How do I manage that when something goes wrong? These are real problems that we're looking to solve. >>And if you're gonna have deeper business integration with the cloud and technology in general, you have to have that >>Abstraction. You know, one of the simple question I ask is, how do you know you're getting value from your cloud investment? That's a very hard question. What's your trade off between performance and cost? Do you know where your security, when a lock 4G happens, do you know all the open source packages you need to patch? These are very simple questions, but imagine today having to do that when everybody's doing in a bespoke manner using the set of primitives. You need a platform. The industry is shown at scale. You have to start standardizing and building a consistent way of delivering and abstracting stuff. And that's where the next stage of the cloud journey >>And, and with the economic environment, I think people are also saying, okay, how do we get more? Exactly. We're in the cloud now. How do we get more? How do we >>Value out of the cloud? >>Exactly. Totally. >>How do we transform the business? Last question, AJ for you, is, if you had a bumper sticker and you're gonna put it on your fancy car, what would it say about VMware tan zone aws? >>I would say tan accelerates apps. >>Love >>It. Thank you so much. >>Thank you. Thank you so much for joining us. >>Appreciate it. Always great to be here. >>Pleasure. Likewise. For our guest, I'm Dave Ante. I'm Lisa Martin. You're watching The Cube, the leader in emerging and enterprise tech coverage.

>>Hello from Chicago, Lisa Martin, back with you and John Furrier. This is day one of the Cube's coverage of Ansible Fest 2022. John, we've been having great conversations all morning about automation and how it's really pivotal and central. One of the things that we want to talk about next is automation as a strategy. Yeah. You know, some of the barriers to customer adoption, one of them is, well, can we, can we really understand where the most ROI is gonna be? But another one is automation happening kind of in pockets and silos. And we're gonna be talking next with one of our alumni about breaking those down. >>This is gonna be a great segment from the customer perspective, the conversations they're having problems trying to solve, and really got a great cube alumni back to share. And we're excited. It's be a good segment. >>We do have a great alumni, Walter Bentley, Fresh from the keynote stages back with us, the senior manager of the automation practice at Red Hat. Walter, it's great to have you back on the program. >>Thank you. Thank you for having me back. I really look forward to doing this every year and you know, it's, it's >>Exciting. So we had your great energetic keynote this morning and you were really talking about organizations need to think about automation from a strategic lens perspective, a really a true long term investment. Where are most organizations today and how are you gonna help them get there? >>Right. So most organizations today are kind of in that sweet spot where they've discovered that they can do the tactical automation and they can deal with those small day-to-day things. And now they wanna move into the space where they're really able to plug automation into their current workflows and try to optimize it. And, and that's the perfect direction to be heading. And, and what I always encourage our customers is that once you get to that point, don't stop. You gotta keep going because the next phase is, is when you begin to innovate with automation. And when automation is at first is, is at the beginning of the, of everything you're creating. And at that point, that's when you're really gonna see the great benefits from it. >>How have your customer conversations evolved over the last couple of years, particularly as the world has changed, but we've also seen the acceleration of automation and so much, so much advancement in the technology. >>Right. You know, you'll be shocked that our customers wanted us to speak to them in more of an enterprise architecture level. They wanted us to really be able to come in and help them design how they're going to lay out their automation vision. And that surprised me at first. My background being in architecture for many years, I didn't know that, you know, automation had evolved to that level. And, and that was one of the things that we, we tried to do our best to rise to the occasion and be able to answer that call. >>You know, Walter, one of the things when we were in person last in 2019, you were on the cube and then we did the remote. We were kind of right. You got it right. When we were, we were talking about this, Hey, if this goes the way we think it's gonna go, the automation layer is gonna be horizontally scaled with the cloud. So income, cloud, growth, lift and shift. Now I got some refactored applications in the cloud and I got on premises edge coming hybrid steady state. What does automation look like? You had said it's gonna scale. Yep. And so as clients realize, well this is was the kind of a group within the group doing some automation stuff with Ansible, all great stuff, Product leadership, great community check, check, check. Now, how do you make that a global architecture for a company? What, what's it take to make that an enterprise scale architecture? What's the next step for the, for the journey and, and for the community and the customers? >>So one of the major announcements today is actually one of the right steps in the right direction, which is now that you can deploy a on all of your hyperscalers, right? So you have it local, you're covering your private cloud area, now you're able to cover your hyperscalers. Now it's time to unite them together so that they can all kind of work as one function. And to me, that is the enterprise approach that that to aap. And I'm just so excited that we finally have rolled it out for aws. We have it for Azure, of course we have it inside. And we're also working on things like you said, like the edge, but also things like making sure we're covering customers that are air gaped customers that do not have the capability of the ingress in, in, in, in being, of being able to go in and out of that environment and that network. Right. We're working on strategic, strategic solutions to be able to do that better >>For what's interesting, we've been talking about super cloud on the cube. I, we coined that term at reinvent about people using cloud in a different way to kind of do things and it's become kind of also a, a term for multi-cloud. Yes. So if you think about what you just said, it's interesting, this cloud services that could, they all have stores, they have compute, There might be a day where they're all kind of invisible. Yes. And you can have spanning services across the cloud, but yet they can still differentiate on their own. So it's not so much about sneakers, it's more about that interoperability. How do you see that? What's your reaction to that? Right. >>Well, that's one of the core reasons why we move to the name of the answ automation platform. Platform being the key right? Is, is the platform is supposed to be able to span into different environments and really kind of unite them together. And that was one of the the things that I really liked about when we went to that late last year. Yeah. Late last year. And, and we've been working with our customers and make sure that we make that front and center, that they move towards that environment so that they can begin to do better scale and really operate at that, at that executive level. >>What's your favorite customer story that you think really articulates the value of what you just said? >>Right. So the one, so I'll give you a different one from the one that I, that I talked about on stage. And, and again, it it, when we went in from a services engagement, we did not expect the outcome of the fact that they would access this particular customer. We went in something very tactical, just laying down the platform for them. And, and the expectation was we would lay it down and walk away and then hopefully they would pick it up and kind of run with it. What we came to realize is that they liked the oversight and they liked the way that we were working with them. And they wanted to take those preferred approaches and really embed them Right. And their organization. And so they invited us back actually for two or three different consulting engagements to come back and just help them drive that adoption. And this is at the, they're at the very beginning, right? So they're doing it a little bit different in a lot of other organizations. The other organizations would lay down the platform, do some things, and then call us back to help them them with adoption, Right. >>Is the report card out? Yeah, >>Absolutely. They did it differently. And, and that to me stood out as the level of maturity their IT organization is. >>It sounds like they went from tactical to strategic Yes. Pretty quickly. Which is not normally the >>Case. No, no, not at all. Not normally the case. But as you can clearly see that, we're starting to see that more and more with our customers. They're upleveling, I hate for the theme, but they're upleveling. Right. And, and, and that's what I meant by my organization, my team that I, that I run, we have to do more with our customers because they're expecting more >>For them to level up. And I loved how that was used this morning. I'm like, Yeah, that's a cool term. Level up. We all gotta level up to some degree. How are you helping organizations do that from a cultural shift perspective? Because of course the people are so integral to this being successful. Can't forget >>That. Absolutely. So, you know, you know, remember the days of when you would have the DevOps team and that was like the thing, like you have to form your DevOps team and once you got that, you're good to go. And, and I always tell our customers that's a good start, but that's definitely not where you want to end. And you have to get to the point where you have all parts of your organization writing automation content, feeling comfortable, being able to kind of control their day to day. And so that's where you have to break down those silos. You have to really have those, you know, your operators and your developers and, and your DBAs and your networking folks really communicating. And, and if everyone kind of takes care of their own world and write content to control what they do on a day to day, they can bring those together. >>Walter, on buzzword it's been kicking around Silicon Valley in the tech industry re recently is multiplayer versus single player software. Yes. And I I heard that must be from gamers obviously. Yes. Discourse pop. I heard that on, stayed here in the matrix announcement earlier. You know, when you talk about teamwork ops devs while working together, clearly the operator role is changing. What that means is changing devs are getting stronger and more open source, they're shifting left and all that good stuff in the, in the CID pipeline as the teams work together, multiplayer in an organization. What's the success form of that you see emerging for how to organize, how to motivate, how to get people kind of in a good, you know, teamwork pass score kind of team oriented approach? >>Well, I'm really proud to talk about is how AAP has really enabled that and, and kind of fast tracks that ability for everyone to work together within a, the all the functionality that's now built into it. There's pieces of it that are focused on different operators or different parts of the IT organization, right. And, and, and we're made to be able to help to bring them all together. You know, I love the components such as the service catalog. You know, imagine being able to have a place where you can publish all of your, your content for other people to consume. You know, back in the day everything was stored in, in a repository, right? And you had to know what you were looking for. And so just small changes like that, having the, the, the Ansible toy, right? So you're having tools that are actually built in for those who are writing the content to be able to have at their fingertips the ability to test their content right from inside of the, the, the toy, right? So the terminal interface, just those small little nuances to me is what helps to bring it all together and kind of create that >>Great leverage glue. Yes. Not a lot of busy work and you know, absolutely. Hunting and packing for stuff like configuring manually. >>Absolutely. >>Awesome. What's next for you guys? >>Well, you know, we have some big announcements coming up tomorrow. I won't, I won't get into as much as I want to talk about >>It. Events. Yeah, >>Yeah, yeah. Something starts with the e but also some really fantastic technology. We're, what we're doing is, is we're really taking the idea of automation and really feeding into it in a sense that we're building into some mar some, some really smart technology into aap. And I'm, I'm, I'm excited, I'm excited for direction it's going and I know everyone tomorrow are gonna really, really hear some great >>Things. We heard upleveling, we heard upleveling culture shift. If I asked you what does culture shift mean, how would you answer that? >>I would answer that in a sense that it, it, the culture shift is, is shifting from the place where you feel that you're on an island and you have to solve for it alone as well as feeling that you have to solve for the whole ribbon of whatever you're working on. And that culture shift is moving from that mentality to the fact that you have a whole team of folks who may know how to solve for that already. And you feel comfortable being able to reach out to them and work with them to be able to build that. And that's, that to me is the change. You know, I'm, I'm a old school infrastructure dude, you know, I was the one who would, who would wake up two o'clock in the morning to fix a problem, right? I thought it was on me, but now the culture shift is now it's, we are a team and we're gonna work together to solve it. So that's, that's kind of my view on >>It. And the appetite in organizations is there, cuz oftentimes in the, in the siloed world, it's, I own this, this is my baby. Right? Right. How do you help them as a, as a trusted advisor to really open up the kimono and embrace that collaboration? Because ultimately that's the right strategic direction for the business, >>Right? The first step in that is making sure that everyone is kind of operating from the same book, right. Or the same plan. And, and until you actually write that plan down and publish it in a place for other people to consume it, it creates a little bit of a barrier, right? So that's the first thing we do is write down that plan, make it available for all the consume. And at the beginning, you know, not everyone runs to it, but over time if their curiosity begins to peak and then over time they begin to consume it and possibly contribute to it themselves over time, that's, that's how we kind of conquer that. And so far we've seen some good success. >>What would you say if someone said, you know, I want some proof, proof in the pudding proven methods to help accelerate the time to value with automation and help organizations to really understand and quantify the ROI for doing so. >>Right. And, and to me that's, this is the conversation I love having because we've, we've come out with something that we call success metrics and, and yes, they are exactly what they sound like, right? There are some metrics that you can use to measure in your organization to kind of determine your maturity around automation. The two key things that I would love to share about that is that when we think of metrics, right? We think of performance, we think of, you know, how well something is running, how long it's been running. Those are all great, but the two additional success metrics that we include in there are around more of the cultural field. The perception, right? The perception as well as how comfortable your employees feel using that product. And that's where that, that the shift of looking at the cultural, not just the technical side, but the cultural side of things has made a big difference. So I love sharing those metrics with our customers. It usually resonates and then we help them dig in on, to see how they, how they fit, and also give them some ideas as to how they can improve going forward. >>I'm sure they appreciate that knowing where that, where we are now, how do we get to the end, not the end state. Obviously it's a journey, but how do we get farther along in this from a unified front approach rather than absolutely operating in these silos, which is not gonna get us to the, the the on the journey that we should be on. Correct. Yeah. Yep. So some good stuff coming out tomorrow. Not gonna give us any nuggets, which totally understands. Nope. >>No, but it's, you're gonna be very excited. Yes. It's good stuff. >>Awesome. I gotta ask you one quick question before we wrap up. You mentioned multi-cloud earlier. This is a big conversation in the industry. A lot of people are debating what that is. It sounds good on paper. Where is the customer's view as they look at this journey? Because we, we see a future where there'll be services that won't be common across clouds. There's a differentiation and some that will be, and that, that just be shared like compute for instance. And let, let us be there where you can call in to the multi-cloud. What's, how do you, how do your customers think about multi-cloud? Are they having that conversation more they go, Is that more of a destination of the future? In their mind >>It feels more like a destination of the future. Right now, a lot of organizations have kind of solidified on one cloud per se that they want to be able to roll out as far as being able to scale up and down their resources. But the idea is, is eventually, you know, you, you're gonna go with whatever works best for that product or whatever works best for that, that business case that you're trying to solve for. And, and that's why I love the fact that AEP is kind of generically being able to be applied across all of them. So that, that is, that is gonna be your unifier, right? That's gonna be the layer that will stay the same no matter where you go. And that's one of the things that I love about our product around that is that, that we are meant to be the unifier and we're >>Bless the whole today. It's a great opportunity for Ansible that's there. All >>Right. To be the unifier. Last question for you before we wrap. What was some of the feedback about, from your session this morning on Ansible really being that unifier? Any, any folks come up to you and say anything that was particularly insightful? >>Well, you know what, it it, what was kind of alluded to or shared with me directly was the fact that, you know, thinking about automation as you would traditional platforms, right? And, and building a strategy and, and the idea that you need to write that down and actually make some decisions around that. And, and it wasn't that it wasn't thought about it, it was just, it just never came front to mind. And, and so I'm happy that I was able to plant that seed because that, that's what we're seeing that makes the difference between those who are very successful with automation and those, those who may >>Not be writing it down. Sometimes it's fact to basics that back to basics really help absolutely fuel the growth of organizations. Walter, thank you. Thanks for joining John and me on the queue today talking about what's going on, automation as a strategy, the vision and how Ansible is really on its way to becoming that unifier. We appreciate your insights. Cool. >>No, it's my pleasure. And thank you for having me again. All >>Right, cool. Our pleasure for Walter Bentley and John Furrier. I'm Lisa Martin. You're watching The Cube Live from Chicago. Day one of our coverage of Ansible Fest 2022 continues next.

hello I'm John Furrier with thecube and welcome to this special presentation of the cube and Horizon 3.ai they're announcing a global partner first approach expanding their successful pen testing product Net Zero you're going to hear from leading experts in their staff their CEO positioning themselves for a successful Channel distribution expansion internationally in Europe Middle East Africa and Asia Pacific in this Cube special presentation you'll hear about the expansion the expanse partner program giving Partners a unique opportunity to offer Net Zero to their customers Innovation and Pen testing is going International with Horizon 3.ai enjoy the program [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're here with Jennifer Lee head of Channel sales at Horizon 3.ai Jennifer welcome to the cube thanks for coming on great well thank you for having me so big news around Horizon 3.aa driving Channel first commitment you guys are expanding the channel partner program to include all kinds of new rewards incentives training programs help educate you know Partners really drive more recurring Revenue certainly cloud and Cloud scale has done that you got a great product that fits into that kind of Channel model great Services you can wrap around it good stuff so let's get into it what are you guys doing what are what are you guys doing with this news why is this so important yeah for sure so um yeah we like you said we recently expanded our Channel partner program um the driving force behind it was really just um to align our like you said our Channel first commitment um and creating awareness around the importance of our partner ecosystems um so that's it's really how we go to market is is through the channel and a great International Focus I've talked with the CEO so you know about the solution and he broke down all the action on why it's important on the product side but why now on the go to market change what's the what's the why behind this big this news on the channel yeah for sure so um we are doing this now really to align our business strategy which is built on the concept of enabling our partners to create a high value high margin business on top of our platform and so um we offer a solution called node zero it provides autonomous pen testing as a service and it allows organizations to continuously verify their security posture um so we our company vision we have this tagline that states that our pen testing enables organizations to see themselves Through The Eyes of an attacker and um we use the like the attacker's perspective to identify exploitable weaknesses and vulnerabilities so we created this partner program from a perspective of the partner so the partner's perspective and we've built It Through The Eyes of our partner right so we're prioritizing really what the partner is looking for and uh will ensure like Mutual success for us yeah the partners always want to get in front of the customers and bring new stuff to them pen tests have traditionally been really expensive uh and so bringing it down in one to a service level that's one affordable and has flexibility to it allows a lot of capability so I imagine people getting excited by it so I have to ask you about the program What specifically are you guys doing can you share any details around what it means for the partners what they get what's in it for them can you just break down some of the mechanics and mechanisms or or details yeah yep um you know we're really looking to create business alignment um and like I said establish Mutual success with our partners so we've got two um two key elements that we were really focused on um that we bring to the partners so the opportunity the profit margin expansion is one of them and um a way for our partners to really differentiate themselves and stay relevant in the market so um we've restructured our discount model really um you know highlighting profitability and maximizing profitability and uh this includes our deal registration we've we've created deal registration program we've increased discount for partners who take part in our partner certification uh trainings and we've we have some other partner incentives uh that we we've created that that's going to help out there we've we put this all so we've recently Gone live with our partner portal um it's a Consolidated experience for our partners where they can access our our sales tools and we really view our partners as an extension of our sales and Technical teams and so we've extended all of our our training material that we use internally we've made it available to our partners through our partner portal um we've um I'm trying I'm thinking now back what else is in that partner portal here we've got our partner certification information so all the content that's delivered during that training can be found in the portal we've got deal registration uh um co-branded marketing materials pipeline management and so um this this portal gives our partners a One-Stop place to to go to find all that information um and then just really quickly on the second part of that that I mentioned is our technology really is um really disruptive to the market so you know like you said autonomous pen testing it's um it's still it's well it's still still relatively new topic uh for security practitioners and um it's proven to be really disruptive so um that on top of um just well recently we found an article that um that mentioned by markets and markets that reports that the global pen testing markets really expanding and so it's expected to grow to like 2.7 billion um by 2027. so the Market's there right the Market's expanding it's growing and so for our partners it's just really allows them to grow their revenue um across their customer base expand their customer base and offering this High profit margin while you know getting in early to Market on this just disruptive technology big Market a lot of opportunities to make some money people love to put more margin on on those deals especially when you can bring a great solution that everyone knows is hard to do so I think that's going to provide a lot of value is there is there a type of partner that you guys see emerging or you aligning with you mentioned the alignment with the partners I can see how that the training and the incentives are all there sounds like it's all going well is there a type of partner that's resonating the most or is there categories of partners that can take advantage of this yeah absolutely so we work with all different kinds of Partners we work with our traditional resale Partners um we've worked we're working with systems integrators we have a really strong MSP mssp program um we've got Consulting partners and the Consulting Partners especially with the ones that offer pen test services so we they use us as a as we act as a force multiplier just really offering them profit margin expansion um opportunity there we've got some technology partner partners that we really work with for co-cell opportunities and then we've got our Cloud Partners um you'd mentioned that earlier and so we are in AWS Marketplace so our ccpo partners we're part of the ISP accelerate program um so we we're doing a lot there with our Cloud partners and um of course we uh we go to market with uh distribution Partners as well gotta love the opportunity for more margin expansion every kind of partner wants to put more gross profit on their deals is there a certification involved I have to ask is there like do you get do people get certified or is it just you get trained is it self-paced training is it in person how are you guys doing the whole training certification thing because is that is that a requirement yeah absolutely so we do offer a certification program and um it's been very popular this includes a a seller's portion and an operator portion and and so um this is at no cost to our partners and um we operate both virtually it's it's law it's virtually but live it's not self-paced and we also have in person um you know sessions as well and we also can customize these to any partners that have a large group of people and we can just we can do one in person or virtual just specifically for that partner well any kind of incentive opportunities and marketing opportunities everyone loves to get the uh get the deals just kind of rolling in leads from what we can see if our early reporting this looks like a hot product price wise service level wise what incentive do you guys thinking about and and Joint marketing you mentioned co-sell earlier in pipeline so I was kind of kind of honing in on that piece sure and yes and then to follow along with our partner certification program we do incentivize our partners there if they have a certain number certified their discount increases so that's part of it we have our deal registration program that increases discount as well um and then we do have some um some partner incentives that are wrapped around meeting setting and um moving moving opportunities along to uh proof of value gotta love the education driving value I have to ask you so you've been around the industry you've seen the channel relationships out there you're seeing companies old school new school you know uh Horizon 3.ai is kind of like that new school very cloud specific a lot of Leverage with we mentioned AWS and all the clouds um why is the company so hot right now why did you join them and what's why are people attracted to this company what's the what's the attraction what's the vibe what do you what do you see and what what do you use what did you see in in this company well this is just you know like I said it's very disruptive um it's really in high demand right now and um and and just because because it's new to Market and uh a newer technology so we are we can collaborate with a manual pen tester um we can you know we can allow our customers to run their pen test um with with no specialty teams and um and and then so we and like you know like I said we can allow our partners can actually build businesses profitable businesses so we can they can use our product to increase their services revenue and um and build their business model you know around around our services what's interesting about the pen test thing is that it's very expensive and time consuming the people who do them are very talented people that could be working on really bigger things in the in absolutely customers so bringing this into the channel allows them if you look at the price Delta between a pen test and then what you guys are offering I mean that's a huge margin Gap between street price of say today's pen test and what you guys offer when you show people that they follow do they say too good to be true I mean what are some of the things that people say when you kind of show them that are they like scratch their head like come on what's the what's the catch here right so the cost savings is a huge is huge for us um and then also you know like I said working as a force multiplier with a pen testing company that offers the services and so they can they can do their their annual manual pen tests that may be required around compliance regulations and then we can we can act as the continuous verification of their security um um you know that that they can run um weekly and so it's just um you know it's just an addition to to what they're offering already and an expansion so Jennifer thanks for coming on thecube really appreciate you uh coming on sharing the insights on the channel uh what's next what can we expect from the channel group what are you thinking what's going on right so we're really looking to expand our our Channel um footprint and um very strategically uh we've got um we've got some big plans um for for Horizon 3.ai awesome well thanks for coming on really appreciate it you're watching thecube the leader in high tech Enterprise coverage [Music] [Music] hello and welcome to the Cube's special presentation with Horizon 3.ai with Raina Richter vice president of emea Europe Middle East and Africa and Asia Pacific APAC for Horizon 3 today welcome to this special Cube presentation thanks for joining us thank you for the invitation so Horizon 3 a guy driving Global expansion big international news with a partner first approach you guys are expanding internationally let's get into it you guys are driving this new expanse partner program to new heights tell us about it what are you seeing in the momentum why the expansion what's all the news about well I would say uh yeah in in international we have I would say a similar similar situation like in the US um there is a global shortage of well-educated penetration testers on the one hand side on the other side um we have a raising demand of uh network and infrastructure security and with our approach of an uh autonomous penetration testing I I believe we are totally on top of the game um especially as we have also now uh starting with an international instance that means for example if a customer in Europe is using uh our service node zero he will be connected to a node zero instance which is located inside the European Union and therefore he has doesn't have to worry about the conflict between the European the gdpr regulations versus the US Cloud act and I would say there we have a total good package for our partners that they can provide differentiators to their customers you know we've had great conversations here on thecube with the CEO and the founder of the company around the leverage of the cloud and how successful that's been for the company and honestly I can just Connect the Dots here but I'd like you to weigh in more on how that translates into the go to market here because you got great Cloud scale with with the security product you guys are having success with great leverage there I've seen a lot of success there what's the momentum on the channel partner program internationally why is it so important to you is it just the regional segmentation is it the economics why the momentum well there are it's there are multiple issues first of all there is a raising demand in penetration testing um and don't forget that uh in international we have a much higher level in number a number or percentage in SMB and mid-market customers so these customers typically most of them even didn't have a pen test done once a year so for them pen testing was just too expensive now with our offering together with our partners we can provide different uh ways how customers could get an autonomous pen testing done more than once a year with even lower costs than they had with with a traditional manual paint test so and that is because we have our uh Consulting plus package which is for typically pain testers they can go out and can do a much faster much quicker and their pain test at many customers once in after each other so they can do more pain tests on a lower more attractive price on the other side there are others what even the same ones who are providing um node zero as an mssp service so they can go after s p customers saying okay well you only have a couple of hundred uh IP addresses no worries we have the perfect package for you and then you have let's say the mid Market let's say the thousands and more employees then they might even have an annual subscription very traditional but for all of them it's all the same the customer or the service provider doesn't need a piece of Hardware they only need to install a small piece of a Docker container and that's it and that makes it so so smooth to go in and say okay Mr customer we just put in this this virtual attacker into your network and that's it and and all the rest is done and within within three clicks they are they can act like a pen tester with 20 years of experience and that's going to be very Channel friendly and partner friendly I can almost imagine so I have to ask you and thank you for calling the break calling out that breakdown and and segmentation that was good that was very helpful for me to understand but I want to follow up if you don't mind um what type of partners are you seeing the most traction with and why well I would say at the beginning typically you have the the innovators the early adapters typically Boutique size of Partners they start because they they are always looking for Innovation and those are the ones you they start in the beginning so we have a wide range of Partners having mostly even um managed by the owner of the company so uh they immediately understand okay there is the value and they can change their offering they're changing their offering in terms of penetration testing because they can do more pen tests and they can then add other ones or we have those ones who offer 10 tests services but they did not have their own pen testers so they had to go out on the open market and Source paint testing experts um to get the pen test at a particular customer done and now with node zero they're totally independent they can't go out and say okay Mr customer here's the here's the service that's it we turn it on and within an hour you're up and running totally yeah and those pen tests are usually expensive and hard to do now it's right in line with the sales delivery pretty interesting for a partner absolutely but on the other hand side we are not killing the pain testers business we do something we're providing with no tiers I would call something like the foundation work the foundational work of having an an ongoing penetration testing of the infrastructure the operating system and the pen testers by themselves they can concentrate in the future on things like application pen testing for example so those Services which we we're not touching so we're not killing the paint tester Market we're just taking away the ongoing um let's say foundation work call it that way yeah yeah that was one of my questions I was going to ask is there's a lot of interest in this autonomous pen testing one because it's expensive to do because those skills are required are in need and they're expensive so you kind of cover the entry level and the blockers that are in there I've seen people say to me this pen test becomes a blocker for getting things done so there's been a lot of interest in the autonomous pen testing and for organizations to have that posture and it's an overseas issue too because now you have that that ongoing thing so can you explain that particular benefit for an organization to have that continuously verifying an organization's posture yep certainly so I would say um typically you are you you have to do your patches you have to bring in new versions of operating systems of different Services of uh um operating systems of some components and and they are always bringing new vulnerabilities the difference here is that with node zero we are telling the customer or the partner package we're telling them which are the executable vulnerabilities because previously they might have had um a vulnerability scanner so this vulnerability scanner brought up hundreds or even thousands of cves but didn't say anything about which of them are vulnerable really executable and then you need an expert digging in one cve after the other finding out is it is it really executable yes or no and that is where you need highly paid experts which we have a shortage so with notes here now we can say okay we tell you exactly which ones are the ones you should work on because those are the ones which are executable we rank them accordingly to the risk level how easily they can be used and by a sudden and then the good thing is convert it or indifference to the traditional penetration test they don't have to wait for a year for the next pain test to find out if the fixing was effective they weren't just the next scan and say Yes closed vulnerability is gone the time is really valuable and if you're doing any devops Cloud native you're always pushing new things so pen test ongoing pen testing is actually a benefit just in general as a kind of hygiene so really really interesting solution really bring that global scale is going to be a new new coverage area for us for sure I have to ask you if you don't mind answering what particular region are you focused on or plan to Target for this next phase of growth well at this moment we are concentrating on the countries inside the European Union Plus the United Kingdom um but we are and they are of course logically I'm based into Frankfurt area that means we cover more or less the countries just around so it's like the total dark region Germany Switzerland Austria plus the Netherlands but we also already have Partners in the nordics like in Finland or in Sweden um so it's it's it it's rapidly we have Partners already in the UK and it's rapidly growing so I'm for example we are now starting with some activities in Singapore um um and also in the in the Middle East area um very important we uh depending on let's say the the way how to do business currently we try to concentrate on those countries where we can have um let's say um at least English as an accepted business language great is there any particular region you're having the most success with right now is it sounds like European Union's um kind of first wave what's them yes that's the first definitely that's the first wave and now we're also getting the uh the European instance up and running it's clearly our commitment also to the market saying okay we know there are certain dedicated uh requirements and we take care of this and and we're just launching it we're building up this one uh the instance um in the AWS uh service center here in Frankfurt also with some dedicated Hardware internet in a data center in Frankfurt where we have with the date six by the way uh the highest internet interconnection bandwidth on the planet so we have very short latency to wherever you are on on the globe that's a great that's a great call outfit benefit too I was going to ask that what are some of the benefits your partners are seeing in emea and Asia Pacific well I would say um the the benefits is for them it's clearly they can they can uh talk with customers and can offer customers penetration testing which they before and even didn't think about because it penetrates penetration testing in a traditional way was simply too expensive for them too complex the preparation time was too long um they didn't have even have the capacity uh to um to support a pain an external pain tester now with this service you can go in and say even if they Mr customer we can do a test with you in a couple of minutes within we have installed the docker container within 10 minutes we have the pen test started that's it and then we just wait and and I would say that is we'll we are we are seeing so many aha moments then now because on the partner side when they see node zero the first time working it's like this wow that is great and then they work out to customers and and show it to their typically at the beginning mostly the friendly customers like wow that's great I need that and and I would say um the feedback from the partners is that is a service where I do not have to evangelize the customer everybody understands penetration testing I don't have to say describe what it is they understand the customer understanding immediately yes penetration testing good about that I know I should do it but uh too complex too expensive now with the name is for example as an mssp service provided from one of our partners but it's getting easy yeah it's great and it's great great benefit there I mean I gotta say I'm a huge fan of what you guys are doing I like this continuous automation that's a major benefit to anyone doing devops or any kind of modern application development this is just a godsend for them this is really good and like you said the pen testers that are doing it they were kind of coming down from their expertise to kind of do things that should have been automated they get to focus on the bigger ticket items that's a really big point so we free them we free the pain testers for the higher level elements of the penetration testing segment and that is typically the application testing which is currently far away from being automated yeah and that's where the most critical workloads are and I think this is the nice balance congratulations on the international expansion of the program and thanks for coming on this special presentation really I really appreciate it thank you you're welcome okay this is thecube special presentation you know check out pen test automation International expansion Horizon 3 dot AI uh really Innovative solution in our next segment Chris Hill sector head for strategic accounts will discuss the power of Horizon 3.ai and Splunk in action you're watching the cube the leader in high tech Enterprise coverage foreign [Music] [Music] welcome back everyone to the cube and Horizon 3.ai special presentation I'm John Furrier host of thecube we're with Chris Hill sector head for strategic accounts and federal at Horizon 3.ai a great Innovative company Chris great to see you thanks for coming on thecube yeah like I said uh you know great to meet you John long time listener first time caller so excited to be here with you guys yeah we were talking before camera you had Splunk back in 2013 and I think 2012 was our first splunk.com and boy man you know talk about being in the right place at the right time now we're at another inflection point and Splunk continues to be relevant um and continuing to have that data driving Security in that interplay and your CEO former CTO of his plug as well at Horizon who's been on before really Innovative product you guys have but you know yeah don't wait for a breach to find out if you're logging the right data this is the topic of this thread Splunk is very much part of this new international expansion announcement uh with you guys tell us what are some of the challenges that you see where this is relevant for the Splunk and Horizon AI as you guys expand uh node zero out internationally yeah well so across so you know my role uh within Splunk it was uh working with our most strategic accounts and so I looked back to 2013 and I think about the sales process like working with with our small customers you know it was um it was still very siled back then like I was selling to an I.T team that was either using this for it operations um we generally would always even say yeah although we do security we weren't really designed for it we're a log management tool and we I'm sure you remember back then John we were like sort of stepping into the security space and and the public sector domain that I was in you know security was 70 of what we did when I look back to sort of uh the transformation that I was witnessing in that digital transformation um you know when I look at like 2019 to today you look at how uh the IT team and the security teams are being have been forced to break down those barriers that they used to sort of be silent away would not commute communicate one you know the security guys would be like oh this is my box I.T you're not allowed in today you can't get away with that and I think that the value that we bring to you know and of course Splunk has been a huge leader in that space and continues to do Innovation across the board but I think what we've we're seeing in the space and I was talking with Patrick Coughlin the SVP of uh security markets about this is that you know what we've been able to do with Splunk is build a purpose-built solution that allows Splunk to eat more data so Splunk itself is ulk know it's an ingest engine right the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it but without data it doesn't do anything right so how do you drive and how do you bring more data in and most importantly from a customer perspective how do you bring the right data in and so if you think about what node zero and what we're doing in a horizon 3 is that sure we do pen testing but because we're an autonomous pen testing tool we do it continuously so this whole thought I'd be like oh crud like my customers oh yeah we got a pen test coming up it's gonna be six weeks the week oh yeah you know and everyone's gonna sit on their hands call me back in two months Chris we'll talk to you then right not not a real efficient way to test your environment and shoot we saw that with Uber this week right um you know and that's a case where we could have helped oh just right we could explain the Uber thing because it was a contractor just give a quick highlight of what happened so you can connect the doctor yeah no problem so um it was uh I got I think it was yeah one of those uh you know games where they would try and test an environment um and with the uh pen tester did was he kept on calling them MFA guys being like I need to reset my password we need to set my right password and eventually the um the customer service guy said okay I'm resetting it once he had reset and bypassed the multi-factor authentication he then was able to get in and get access to the building area that he was in or I think not the domain but he was able to gain access to a partial part of that Network he then paralleled over to what I would assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains and So within minutes they had access and that's the sort of stuff that we do you know a lot of these tools like um you know you think about the cacophony of tools that are out there in a GTA architect architecture right I'm gonna get like a z-scale or I'm going to have uh octum and I have a Splunk I've been into the solar system I mean I don't mean to name names we have crowdstriker or Sentinel one in there it's just it's a cacophony of things that don't work together they weren't designed work together and so we have seen so many times in our business through our customer support and just working with customers when we do their pen tests that there will be 5 000 servers out there three are misconfigured those three misconfigurations will create the open door because remember the hacker only needs to be right once the defender needs to be right all the time and that's the challenge and so that's what I'm really passionate about what we're doing uh here at Horizon three I see this my digital transformation migration and security going on which uh we're at the tip of the spear it's why I joined sey Hall coming on this journey uh and just super excited about where the path's going and super excited about the relationship with Splunk I get into more details on some of the specifics of that but um you know well you're nailing I mean we've been doing a lot of things on super cloud and this next gen environment we're calling it next gen you're really seeing devops obviously devsecops has already won the it role has moved to the developer shift left is an indicator of that it's one of the many examples higher velocity code software supply chain you hear these things that means that it is now in the developer hands it is replaced by the new Ops data Ops teams and security where there's a lot of horizontal thinking to your point about access there's no more perimeter huge 100 right is really right on things one time you know to get in there once you're in then you can hang out move around move laterally big problem okay so we get that now the challenges for these teams as they are transitioning organizationally how do they figure out what to do okay this is the next step they already have Splunk so now they're kind of in transition while protecting for a hundred percent ratio of success so how would you look at that and describe the challenge is what do they do what is it what are the teams facing with their data and what's next what are they what are they what action do they take so let's use some vernacular that folks will know so if I think about devsecops right we both know what that means that I'm going to build security into the app it normally talks about sec devops right how am I building security around the perimeter of what's going inside my ecosystem and what are they doing and so if you think about what we're able to do with somebody like Splunk is we can pen test the entire environment from Soup To Nuts right so I'm going to test the end points through to its I'm going to look for misconfigurations I'm going to I'm going to look for um uh credential exposed credentials you know I'm going to look for anything I can in the environment again I'm going to do it at light speed and and what what we're doing for that SEC devops space is to you know did you detect that we were in your environment so did we alert Splunk or the Sim that there's someone in the environment laterally moving around did they more importantly did they log us into their environment and when do they detect that log to trigger that log did they alert on us and then finally most importantly for every CSO out there is going to be did they stop us and so that's how we we do this and I think you when speaking with um stay Hall before you know we've come up with this um boils but we call it fine fix verifying so what we do is we go in is we act as the attacker right we act in a production environment so we're not going to be we're a passive attacker but we will go in on credentialed on agents but we have to assume to have an assumed breach model which means we're going to put a Docker container in your environment and then we're going to fingerprint the environment so we're going to go out and do an asset survey now that's something that's not something that Splunk does super well you know so can Splunk see all the assets do the same assets marry up we're going to log all that data and think and then put load that into this long Sim or the smoke logging tools just to have it in Enterprise right that's an immediate future ad that they've got um and then we've got the fix so once we've completed our pen test um we are then going to generate a report and we can talk about these in a little bit later but the reports will show an executive summary the assets that we found which would be your asset Discovery aspect of that a fix report and the fixed report I think is probably the most important one it will go down and identify what we did how we did it and then how to fix that and then from that the pen tester or the organization should fix those then they go back and run another test and then they validate like a change detection environment to see hey did those fixes taste play take place and you know snehaw when he was the CTO of jsoc he shared with me a number of times about it's like man there would be 15 more items on next week's punch sheet that we didn't know about and it's and it has to do with how we you know how they were uh prioritizing the cves and whatnot because they would take all CBDs it was critical or non-critical and it's like we are able to create context in that environment that feeds better information into Splunk and whatnot that brings that brings up the efficiency for Splunk specifically the teams out there by the way the burnout thing is real I mean this whole I just finished my list and I got 15 more or whatever the list just can keeps growing how did node zero specifically help Splunk teams be more efficient like that's the question I want to get at because this seems like a very scale way for Splunk customers and teams service teams to be more so the question is how does node zero help make Splunk specifically their service teams be more efficient so so today in our early interactions we're building customers we've seen are five things um and I'll start with sort of identifying the blind spots right so kind of what I just talked about with you did we detect did we log did we alert did they stop node zero right and so I would I put that you know a more Layman's third grade term and if I was going to beat a fifth grader at this game would be we can be the sparring partner for a Splunk Enterprise customer a Splunk Essentials customer someone using Splunk soar or even just an Enterprise Splunk customer that may be a small shop with three people and just wants to know where am I exposed so by creating and generating these reports and then having um the API that actually generates the dashboard they can take all of these events that we've logged and log them in and then where that then comes in is number two is how do we prioritize those logs right so how do we create visibility to logs that that um are have critical impacts and again as I mentioned earlier not all cves are high impact regard and also not all or low right so if you daisy chain a bunch of low cves together boom I've got a mission critical AP uh CPE that needs to be fixed now such as a credential moving to an NT box that's got a text file with a bunch of passwords on it that would be very bad um and then third would be uh verifying that you have all of the hosts so one of the things that splunk's not particularly great at and they'll literate themselves they don't do asset Discovery so dude what assets do we see and what are they logging from that um and then for from um for every event that they are able to identify one of the cool things that we can do is actually create this low code no code environment so they could let you know Splunk customers can use Splunk sword to actually triage events and prioritize that event so where they're being routed within it to optimize the Sox team time to Market or time to triage any given event obviously reducing MTR and then finally I think one of the neatest things that we'll be seeing us develop is um our ability to build glass cables so behind me you'll see one of our triage events and how we build uh a Lockheed Martin kill chain on that with a glass table which is very familiar to the community we're going to have the ability and not too distant future to allow people to search observe on those iocs and if people aren't familiar with it ioc it's an instant of a compromise so that's a vector that we want to drill into and of course who's better at Drilling in the data and smoke yeah this is a critter this is an awesome Synergy there I mean I can see a Splunk customer going man this just gives me so much more capability action actionability and also real understanding and I think this is what I want to dig into if you don't mind understanding that critical impact okay is kind of where I see this coming got the data data ingest now data's data but the question is what not to log you know where are things misconfigured these are critical questions so can you talk about what it means to understand critical impact yeah so I think you know going back to the things that I just spoke about a lot of those cves where you'll see um uh low low low and then you daisy chain together and they're suddenly like oh this is high now but then your other impact of like if you're if you're a Splunk customer you know and I had it I had several of them I had one customer that you know terabytes of McAfee data being brought in and it was like all right there's a lot of other data that you probably also want to bring but they could only afford wanted to do certain data sets because that's and they didn't know how to prioritize or filter those data sets and so we provide that opportunity to say hey these are the critical ones to bring in but there's also the ones that you don't necessarily need to bring in because low cve in this case really does mean low cve like an ILO server would be one that um that's the print server uh where the uh your admin credentials are on on like a printer and so there will be credentials on that that's something that a hacker might go in to look at so although the cve on it is low is if you daisy chain with somebody that's able to get into that you might say Ah that's high and we would then potentially rank it giving our AI logic to say that's a moderate so put it on the scale and we prioritize those versus uh of all of these scanners just going to give you a bunch of CDs and good luck and translating that if I if I can and tell me if I'm wrong that kind of speaks to that whole lateral movement that's it challenge right print serve a great example looks stupid low end who's going to want to deal with the print server oh but it's connected into a critical system there's a path is that kind of what you're getting at yeah I use Daisy Chain I think that's from the community they came from uh but it's just a lateral movement it's exactly what they're doing in those low level low critical lateral movements is where the hackers are getting in right so that's the beauty thing about the uh the Uber example is that who would have thought you know I've got my monthly Factor authentication going in a human made a mistake we can't we can't not expect humans to make mistakes we're fallible right the reality is is once they were in the environment they could have protected themselves by running enough pen tests to know that they had certain uh exposed credentials that would have stopped the breach and they did not had not done that in their environment and I'm not poking yeah but it's an interesting Trend though I mean it's obvious if sometimes those low end items are also not protected well so it's easy to get at from a hacker standpoint but also the people in charge of them can be fished easily or spearfished because they're not paying attention because they don't have to no one ever told them hey be careful yeah for the community that I came from John that's exactly how they they would uh meet you at a uh an International Event um introduce themselves as a graduate student these are National actor States uh would you mind reviewing my thesis on such and such and I was at Adobe at the time that I was working on this instead of having to get the PDF they opened the PDF and whoever that customer was launches and I don't know if you remember back in like 2008 time frame there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it and John that's or LinkedIn hey I want to get a joke we want to hire you double the salary oh I'm gonna click on that for sure you know yeah right exactly yeah the one thing I would say to you is like uh when we look at like sort of you know because I think we did 10 000 pen tests last year is it's probably over that now you know we have these sort of top 10 ways that we think and find people coming into the environment the funniest thing is that only one of them is a cve related vulnerability like uh you know you guys know what they are right so it's it but it's it's like two percent of the attacks are occurring through the cves but yeah there's all that attention spent to that and very little attention spent to this pen testing side which is sort of this continuous threat you know monitoring space and and this vulnerability space where I think we play a such an important role and I'm so excited to be a part of the tip of the spear on this one yeah I'm old enough to know the movie sneakers which I loved as a you know watching that movie you know professional hackers are testing testing always testing the environment I love this I got to ask you as we kind of wrap up here Chris if you don't mind the the benefits to Professional Services from this Alliance big news Splunk and you guys work well together we see that clearly what are what other benefits do Professional Services teams see from the Splunk and Horizon 3.ai Alliance so if you're I think for from our our from both of our uh Partners uh as we bring these guys together and many of them already are the same partner right uh is that uh first off the licensing model is probably one of the key areas that we really excel at so if you're an end user you can buy uh for the Enterprise by the number of IP addresses you're using um but uh if you're a partner working with this there's solution ways that you can go in and we'll license as to msps and what that business model on msps looks like but the unique thing that we do here is this C plus license and so the Consulting plus license allows like a uh somebody a small to mid-sized to some very large uh you know Fortune 100 uh consulting firms use this uh by buying into a license called um Consulting plus where they can have unlimited uh access to as many IPS as they want but you can only run one test at a time and as you can imagine when we're going and hacking passwords and um checking hashes and decrypting hashes that can take a while so but for the right customer it's it's a perfect tool and so I I'm so excited about our ability to go to market with uh our partners so that we understand ourselves understand how not to just sell to or not tell just to sell through but we know how to sell with them as a good vendor partner I think that that's one thing that we've done a really good job building bring it into the market yeah I think also the Splunk has had great success how they've enabled uh partners and Professional Services absolutely you know the services that layer on top of Splunk are multi-fold tons of great benefits so you guys Vector right into that ride that way with friction and and the cool thing is that in you know in one of our reports which could be totally customized uh with someone else's logo we're going to generate you know so I I used to work in another organization it wasn't Splunk but we we did uh you know pen testing as for for customers and my pen testers would come on site they'd do the engagement and they would leave and then another release someone would be oh shoot we got another sector that was breached and they'd call you back you know four weeks later and so by August our entire pen testings teams would be sold out and it would be like well even in March maybe and they're like no no I gotta breach now and and and then when they do go in they go through do the pen test and they hand over a PDF and they pack on the back and say there's where your problems are you need to fix it and the reality is that what we're going to generate completely autonomously with no human interaction is we're going to go and find all the permutations of anything we found and the fix for those permutations and then once you've fixed everything you just go back and run another pen test it's you know for what people pay for one pen test they can have a tool that does that every every Pat patch on Tuesday and that's on Wednesday you know triage throughout the week green yellow red I wanted to see the colors show me green green is good right not red and one CIO doesn't want who doesn't want that dashboard right it's it's exactly it and we can help bring I think that you know I'm really excited about helping drive this with the Splunk team because they get that they understand that it's the green yellow red dashboard and and how do we help them find more green uh so that the other guys are in red yeah and get in the data and do the right thing and be efficient with how you use the data know what to look at so many things to pay attention to you know the combination of both and then go to market strategy real brilliant congratulations Chris thanks for coming on and sharing um this news with the detail around the Splunk in action around the alliance thanks for sharing John my pleasure thanks look forward to seeing you soon all right great we'll follow up and do another segment on devops and I.T and security teams as the new new Ops but and super cloud a bunch of other stuff so thanks for coming on and our next segment the CEO of horizon 3.aa will break down all the new news for us here on thecube you're watching thecube the leader in high tech Enterprise coverage [Music] yeah the partner program for us has been fantastic you know I think prior to that you know as most organizations most uh uh most Farmers most mssps might not necessarily have a a bench at all for penetration testing uh maybe they subcontract this work out or maybe they do it themselves but trying to staff that kind of position can be incredibly difficult for us this was a differentiator a a new a new partner a new partnership that allowed us to uh not only perform services for our customers but be able to provide a product by which that they can do it themselves so we work with our customers in a variety of ways some of them want more routine testing and perform this themselves but we're also a certified service provider of horizon 3 being able to perform uh penetration tests uh help review the the data provide color provide analysis for our customers in a broader sense right not necessarily the the black and white elements of you know what was uh what's critical what's high what's medium what's low what you need to fix but are there systemic issues this has allowed us to onboard new customers this has allowed us to migrate some penetration testing services to us from from competitors in the marketplace But ultimately this is occurring because the the product and the outcome are special they're unique and they're effective our customers like what they're seeing they like the routineness of it many of them you know again like doing this themselves you know being able to kind of pen test themselves parts of their networks um and the the new use cases right I'm a large organization I have eight to ten Acquisitions per year wouldn't it be great to have a tool to be able to perform a penetration test both internal and external of that acquisition before we integrate the two companies and maybe bringing on some risk it's a very effective partnership uh one that really is uh kind of taken our our Engineers our account Executives by storm um you know this this is a a partnership that's been very valuable to us [Music] a key part of the value and business model at Horizon 3 is enabling Partners to leverage node zero to make more revenue for themselves our goal is that for sixty percent of our Revenue this year will be originated by partners and that 95 of our Revenue next year will be originated by partners and so a key to that strategy is making us an integral part of your business models as a partner a key quote from one of our partners is that we enable every one of their business units to generate Revenue so let's talk about that in a little bit more detail first is that if you have a pen test Consulting business take Deloitte as an example what was six weeks of human labor at Deloitte per pen test has been cut down to four days of Labor using node zero to conduct reconnaissance find all the juicy interesting areas of the of the Enterprise that are exploitable and being able to go assess the entire organization and then all of those details get served up to the human to be able to look at understand and determine where to probe deeper so what you see in that pen test Consulting business is that node zero becomes a force multiplier where those Consulting teams were able to cover way more accounts and way more IPS within those accounts with the same or fewer consultants and so that directly leads to profit margin expansion for the Penn testing business itself because node 0 is a force multiplier the second business model here is if you're an mssp as an mssp you're already making money providing defensive cyber security operations for a large volume of customers and so what they do is they'll license node zero and use us as an upsell to their mssb business to start to deliver either continuous red teaming continuous verification or purple teaming as a service and so in that particular business model they've got an additional line of Revenue where they can increase the spend of their existing customers by bolting on node 0 as a purple team as a service offering the third business model or customer type is if you're an I.T services provider so as an I.T services provider you make money installing and configuring security products like Splunk or crowdstrike or hemio you also make money reselling those products and you also make money generating follow-on services to continue to harden your customer environments and so for them what what those it service providers will do is use us to verify that they've installed Splunk correctly improved to their customer that Splunk was installed correctly or crowdstrike was installed correctly using our results and then use our results to drive follow-on services and revenue and then finally we've got the value-added reseller which is just a straight up reseller because of how fast our sales Cycles are these vars are able to typically go from cold email to deal close in six to eight weeks at Horizon 3 at least a single sales engineer is able to run 30 to 50 pocs concurrently because our pocs are very lightweight and don't require any on-prem customization or heavy pre-sales post sales activity so as a result we're able to have a few amount of sellers driving a lot of Revenue and volume for us well the same thing applies to bars there isn't a lot of effort to sell the product or prove its value so vars are able to sell a lot more Horizon 3 node zero product without having to build up a huge specialist sales organization so what I'm going to do is talk through uh scenario three here as an I.T service provider and just how powerful node zero can be in driving additional Revenue so in here think of for every one dollar of node zero license purchased by the IT service provider to do their business it'll generate ten dollars of additional revenue for that partner so in this example kidney group uses node 0 to verify that they have installed and deployed Splunk correctly so Kitty group is a Splunk partner they they sell it services to install configure deploy and maintain Splunk and as they deploy Splunk they're going to use node 0 to attack the environment and make sure that the right logs and alerts and monitoring are being handled within the Splunk deployment so it's a way of doing QA or verifying that Splunk has been configured correctly and that's going to be internally used by kidney group to prove the quality of their services that they've just delivered then what they're going to do is they're going to show and leave behind that node zero Report with their client and that creates a resell opportunity for for kidney group to resell node 0 to their client because their client is seeing the reports and the results and saying wow this is pretty amazing and those reports can be co-branded where it's a pen testing report branded with kidney group but it says powered by Horizon three under it from there kidney group is able to take the fixed actions report that's automatically generated with every pen test through node zero and they're able to use that as the starting point for a statement of work to sell follow-on services to fix all of the problems that node zero identified fixing l11r misconfigurations fixing or patching VMware or updating credentials policies and so on so what happens is node 0 has found a bunch of problems the client often lacks the capacity to fix and so kidney group can use that lack of capacity by the client as a follow-on sales opportunity for follow-on services and finally based on the findings from node zero kidney group can look at that report and say to the customer you know customer if you bought crowdstrike you'd be able to uh prevent node Zero from attacking and succeeding in the way that it did for if you bought humano or if you bought Palo Alto networks or if you bought uh some privileged access management solution because of what node 0 was able to do with credential harvesting and attacks and so as a result kidney group is able to resell other security products within their portfolio crowdstrike Falcon humano Polito networks demisto Phantom and so on based on the gaps that were identified by node zero and that pen test and what that creates is another feedback loop where kidney group will then go use node 0 to verify that crowdstrike product has actually been installed and configured correctly and then this becomes the cycle of using node 0 to verify a deployment using that verification to drive a bunch of follow-on services and resell opportunities which then further drives more usage of the product now the way that we licensed is that it's a usage-based license licensing model so that the partner will grow their node zero Consulting plus license as they grow their business so for example if you're a kidney group then week one you've got you're going to use node zero to verify your Splunk install in week two if you have a pen testing business you're going to go off and use node zero to be a force multiplier for your pen testing uh client opportunity and then if you have an mssp business then in week three you're going to use node zero to go execute a purple team mssp offering for your clients so not necessarily a kidney group but if you're a Deloitte or ATT these larger companies and you've got multiple lines of business if you're Optive for instance you all you have to do is buy one Consulting plus license and you're going to be able to run as many pen tests as you want sequentially so now you can buy a single license and use that one license to meet your week one client commitments and then meet your week two and then meet your week three and as you grow your business you start to run multiple pen tests concurrently so in week one you've got to do a Splunk verify uh verify Splunk install and you've got to run a pen test and you've got to do a purple team opportunity you just simply expand the number of Consulting plus licenses from one license to three licenses and so now as you systematically grow your business you're able to grow your node zero capacity with you giving you predictable cogs predictable margins and once again 10x additional Revenue opportunity for that investment in the node zero Consulting plus license my name is Saint I'm the co-founder and CEO here at Horizon 3. I'm going to talk to you today about why it's important to look at your Enterprise Through The Eyes of an attacker the challenge I had when I was a CIO in banking the CTO at Splunk and serving within the Department of Defense is that I had no idea I was Secure until the bad guys had showed up am I logging the right data am I fixing the right vulnerabilities are my security tools that I've paid millions of dollars for actually working together to defend me and the answer is I don't know does my team actually know how to respond to a breach in the middle of an incident I don't know I've got to wait for the bad guys to show up and so the challenge I had was how do we proactively verify our security posture I tried a variety of techniques the first was the use of vulnerability scanners and the challenge with vulnerability scanners is being vulnerable doesn't mean you're exploitable I might have a hundred thousand findings from my scanner of which maybe five or ten can actually be exploited in my environment the other big problem with scanners is that they can't chain weaknesses together from machine to machine so if you've got a thousand machines in your environment or more what a vulnerability scanner will do is tell you you have a problem on machine one and separately a problem on machine two but what they can tell you is that an attacker could use a load from machine one plus a low from machine two to equal to critical in your environment and what attackers do in their tactics is they chain together misconfigurations dangerous product defaults harvested credentials and exploitable vulnerabilities into attack paths across different machines so to address the attack pads across different machines I tried layering in consulting-based pen testing and the issue is when you've got thousands of hosts or hundreds of thousands of hosts in your environment human-based pen testing simply doesn't scale to test an infrastructure of that size moreover when they actually do execute a pen test and you get the report oftentimes you lack the expertise within your team to quickly retest to verify that you've actually fixed the problem and so what happens is you end up with these pen test reports that are incomplete snapshots and quickly going stale and then to mitigate that problem I tried using breach and attack simulation tools and the struggle with these tools is one I had to install credentialed agents everywhere two I had to write my own custom attack scripts that I didn't have much talent for but also I had to maintain as my environment changed and then three these types of tools were not safe to run against production systems which was the the majority of my attack surface so that's why we went off to start Horizon 3. so Tony and I met when we were in Special Operations together and the challenge we wanted to solve was how do we do infrastructure security testing at scale by giving the the power of a 20-year pen testing veteran into the hands of an I.T admin a network engineer in just three clicks and the whole idea is we enable these fixers The Blue Team to be able to run node Zero Hour pen testing product to quickly find problems in their environment that blue team will then then go off and fix the issues that were found and then they can quickly rerun the attack to verify that they fixed the problem and the whole idea is delivering this without requiring custom scripts be developed without requiring credential agents be installed and without requiring the use of external third-party consulting services or Professional Services self-service pen testing to quickly Drive find fix verify there are three primary use cases that our customers use us for the first is the sock manager that uses us to verify that their security tools are actually effective to verify that they're logging the right data in Splunk or in their Sim to verify that their managed security services provider is able to quickly detect and respond to an attack and hold them accountable for their slas or that the sock understands how to quickly detect and respond and measuring and verifying that or that the variety of tools that you have in your stack most organizations have 130 plus cyber security tools none of which are designed to work together are actually working together the second primary use case is proactively hardening and verifying your systems this is when the I that it admin that network engineer they're able to run self-service pen tests to verify that their Cisco environment is installed in hardened and configured correctly or that their credential policies are set up right or that their vcenter or web sphere or kubernetes environments are actually designed to be secure and what this allows the it admins and network Engineers to do is shift from running one or two pen tests a year to 30 40 or more pen tests a month and you can actually wire those pen tests into your devops process or into your detection engineering and the change management processes to automatically trigger pen tests every time there's a change in your environment the third primary use case is for those organizations lucky enough to have their own internal red team they'll use node zero to do reconnaissance and exploitation at scale and then use the output as a starting point for the humans to step in and focus on the really hard juicy stuff that gets them on stage at Defcon and so these are the three primary use cases and what we'll do is zoom into the find fix verify Loop because what I've found in my experience is find fix verify is the future operating model for cyber security organizations and what I mean here is in the find using continuous pen testing what you want to enable is on-demand self-service pen tests you want those pen tests to find attack pads at scale spanning your on-prem infrastructure your Cloud infrastructure and your perimeter because attackers don't only state in one place they will find ways to chain together a perimeter breach a credential from your on-prem to gain access to your cloud or some other permutation and then the third part in continuous pen testing is attackers don't focus on critical vulnerabilities anymore they know we've built vulnerability Management Programs to reduce those vulnerabilities so attackers have adapted and what they do is chain together misconfigurations in your infrastructure and software and applications with dangerous product defaults with exploitable vulnerabilities and through the collection of credentials through a mix of techniques at scale once you've found those problems the next question is what do you do about it well you want to be able to prioritize fixing problems that are actually exploitable in your environment that truly matter meaning they're going to lead to domain compromise or domain user compromise or access your sensitive data the second thing you want to fix is making sure you understand what risk your crown jewels data is exposed to where is your crown jewels data is in the cloud is it on-prem has it been copied to a share drive that you weren't aware of if a domain user was compromised could they access that crown jewels data you want to be able to use the attacker's perspective to secure the critical data you have in your infrastructure and then finally as you fix these problems you want to quickly remediate and retest that you've actually fixed the issue and this fine fix verify cycle becomes that accelerator that drives purple team culture the third part here is verify and what you want to be able to do in the verify step is verify that your security tools and processes in people can effectively detect and respond to a breach you want to be able to integrate that into your detection engineering processes so that you know you're catching the right security rules or that you've deployed the right configurations you also want to make sure that your environment is adhering to the best practices around systems hardening in cyber resilience and finally you want to be able to prove your security posture over a time to your board to your leadership into your regulators so what I'll do now is zoom into each of these three steps so when we zoom in to find here's the first example using node 0 and autonomous pen testing and what an attacker will do is find a way to break through the perimeter in this example it's very easy to misconfigure kubernetes to allow an attacker to gain remote code execution into your on-prem kubernetes environment and break through the perimeter and from there what the attacker is going to do is conduct Network reconnaissance and then find ways to gain code execution on other machines in the environment and as they get code execution they start to dump credentials collect a bunch of ntlm hashes crack those hashes using open source and dark web available data as part of those attacks and then reuse those credentials to log in and laterally maneuver throughout the environment and then as they loudly maneuver they can reuse those credentials and use credential spraying techniques and so on to compromise your business email to log in as admin into your cloud and this is a very common attack and rarely is a CV actually needed to execute this attack often it's just a misconfiguration in kubernetes with a bad credential policy or password policy combined with bad practices of credential reuse across the organization here's another example of an internal pen test and this is from an actual customer they had 5 000 hosts within their environment they had EDR and uba tools installed and they initiated in an internal pen test on a single machine from that single initial access point node zero enumerated the network conducted reconnaissance and found five thousand hosts were accessible what node 0 will do under the covers is organize all of that reconnaissance data into a knowledge graph that we call the Cyber terrain map and that cyber Terrain map becomes the key data structure that we use to efficiently maneuver and attack and compromise your environment so what node zero will do is they'll try to find ways to get code execution reuse credentials and so on in this customer example they had Fortinet installed as their EDR but node 0 was still able to get code execution on a Windows machine from there it was able to successfully dump credentials including sensitive credentials from the lsas process on the Windows box and then reuse those credentials to log in as domain admin in the network and once an attacker becomes domain admin they have the keys to the kingdom they can do anything they want so what happened here well it turns out Fortinet was misconfigured on three out of 5000 machines bad automation the customer had no idea this had happened they would have had to wait for an attacker to show up to realize that it was misconfigured the second thing is well why didn't Fortinet stop the credential pivot in the lateral movement and it turned out the customer didn't buy the right modules or turn on the right services within that particular product and we see this not only with Ford in it but we see this with Trend Micro and all the other defensive tools where it's very easy to miss a checkbox in the configuration that will do things like prevent credential dumping the next story I'll tell you is attackers don't have to hack in they log in so another infrastructure pen test a typical technique attackers will take is man in the middle uh attacks that will collect hashes so in this case what an attacker will do is leverage a tool or technique called responder to collect ntlm hashes that are being passed around the network and there's a variety of reasons why these hashes are passed around and it's a pretty common misconfiguration but as an attacker collects those hashes then they start to apply techniques to crack those hashes so they'll pass the hash and from there they will use open source intelligence common password structures and patterns and other types of techniques to try to crack those hashes into clear text passwords so here node 0 automatically collected hashes it automatically passed the hashes to crack those credentials and then from there it starts to take the domain user user ID passwords that it's collected and tries to access different services and systems in your Enterprise in this case node 0 is able to successfully gain access to the Office 365 email environment because three employees didn't have MFA configured so now what happens is node 0 has a placement and access in the business email system which sets up the conditions for fraud lateral phishing and other techniques but what's especially insightful here is that 80 of the hashes that were collected in this pen test were cracked in 15 minutes or less 80 percent 26 of the user accounts had a password that followed a pretty obvious pattern first initial last initial and four random digits the other thing that was interesting is 10 percent of service accounts had their user ID the same as their password so VMware admin VMware admin web sphere admin web Square admin so on and so forth and so attackers don't have to hack in they just log in with credentials that they've collected the next story here is becoming WS AWS admin so in this example once again internal pen test node zero gets initial access it discovers 2 000 hosts are network reachable from that environment if fingerprints and organizes all of that data into a cyber Terrain map from there it it fingerprints that hpilo the integrated lights out service was running on a subset of hosts hpilo is a service that is often not instrumented or observed by security teams nor is it easy to patch as a result attackers know this and immediately go after those types of services so in this case that ILO service was exploitable and were able to get code execution on it ILO stores all the user IDs and passwords in clear text in a particular set of processes so once we gain code execution we were able to dump all of the credentials and then from there laterally maneuver to log in to the windows box next door as admin and then on that admin box we're able to gain access to the share drives and we found a credentials file saved on a share Drive from there it turned out that credentials file was the AWS admin credentials file giving us full admin authority to their AWS accounts not a single security alert was triggered in this attack because the customer wasn't observing the ILO service and every step thereafter was a valid login in the environment and so what do you do step one patch the server step two delete the credentials file from the share drive and then step three is get better instrumentation on privileged access users and login the final story I'll tell is a typical pattern that we see across the board with that combines the various techniques I've described together where an attacker is going to go off and use open source intelligence to find all of the employees that work at your company from there they're going to look up those employees on dark web breach databases and other forms of information and then use that as a starting point to password spray to compromise a domain user all it takes is one employee to reuse a breached password for their Corporate email or all it takes is a single employee to have a weak password that's easily guessable all it takes is one and once the attacker is able to gain domain user access in most shops domain user is also the local admin on their laptop and once your local admin you can dump Sam and get local admin until M hashes you can use that to reuse credentials again local admin on neighboring machines and attackers will start to rinse and repeat then eventually they're able to get to a point where they can dump lsas or by unhooking the anti-virus defeating the EDR or finding a misconfigured EDR as we've talked about earlier to compromise the domain and what's consistent is that the fundamentals are broken at these shops they have poor password policies they don't have least access privilege implemented active directory groups are too permissive where domain admin or domain user is also the local admin uh AV or EDR Solutions are misconfigured or easily unhooked and so on and what we found in 10 000 pen tests is that user Behavior analytics tools never caught us in that lateral movement in part because those tools require pristine logging data in order to work and also it becomes very difficult to find that Baseline of normal usage versus abnormal usage of credential login another interesting Insight is there were several Marquee brand name mssps that were defending our customers environment and for them it took seven hours to detect and respond to the pen test seven hours the pen test was over in less than two hours and so what you had was an egregious violation of the service level agreements that that mssp had in place and the customer was able to use us to get service credit and drive accountability of their sock and of their provider the third interesting thing is in one case it took us seven minutes to become domain admin in a bank that bank had every Gucci security tool you could buy yet in 7 minutes and 19 seconds node zero started as an unauthenticated member of the network and was able to escalate privileges through chaining and misconfigurations in lateral movement and so on to become domain admin if it's seven minutes today we should assume it'll be less than a minute a year or two from now making it very difficult for humans to be able to detect and respond to that type of Blitzkrieg attack so that's in the find it's not just about finding problems though the bulk of the effort should be what to do about it the fix and the verify so as you find those problems back to kubernetes as an example we will show you the path here is the kill chain we took to compromise that environment we'll show you the impact here is the impact or here's the the proof of exploitation that we were able to use to be able to compromise it and there's the actual command that we executed so you could copy and paste that command and compromise that cubelet yourself if you want and then the impact is we got code execution and we'll actually show you here is the impact this is a critical here's why it enabled perimeter breach affected applications will tell you the specific IPS where you've got the problem how it maps to the miter attack framework and then we'll tell you exactly how to fix it we'll also show you what this problem enabled so you can accurately prioritize why this is important or why it's not important the next part is accurate prioritization the hardest part of my job as a CIO was deciding what not to fix so if you take SMB signing not required as an example by default that CVSs score is a one out of 10. but this misconfiguration is not a cve it's a misconfig enable an attacker to gain access to 19 credentials including one domain admin two local admins and access to a ton of data because of that context this is really a 10 out of 10. you better fix this as soon as possible however of the seven occurrences that we found it's only a critical in three out of the seven and these are the three specific machines and we'll tell you the exact way to fix it and you better fix these as soon as possible for these four machines over here these didn't allow us to do anything of consequence so that because the hardest part is deciding what not to fix you can justifiably choose not to fix these four issues right now and just add them to your backlog and surge your team to fix these three as quickly as possible and then once you fix these three you don't have to re-run the entire pen test you can select these three and then one click verify and run a very narrowly scoped pen test that is only testing this specific issue and what that creates is a much faster cycle of finding and fixing problems the other part of fixing is verifying that you don't have sensitive data at risk so once we become a domain user we're able to use those domain user credentials and try to gain access to databases file shares S3 buckets git repos and so on and help you understand what sensitive data you have at risk so in this example a green checkbox means we logged in as a valid domain user we're able to get read write access on the database this is how many records we could have accessed and we don't actually look at the values in the database but we'll show you the schema so you can quickly characterize that pii data was at risk here and we'll do that for your file shares and other sources of data so now you can accurately articulate the data you have at risk and prioritize cleaning that data up especially data that will lead to a fine or a big news issue so that's the find that's the fix now we're going to talk about the verify the key part in verify is embracing and integrating with detection engineering practices so when you think about your layers of security tools you've got lots of tools in place on average 130 tools at any given customer but these tools were not designed to work together so when you run a pen test what you want to do is say did you detect us did you log us did you alert on us did you stop us and from there what you want to see is okay what are the techniques that are commonly used to defeat an environment to actually compromise if you look at the top 10 techniques we use and there's far more than just these 10 but these are the most often executed nine out of ten have nothing to do with cves it has to do with misconfigurations dangerous product defaults bad credential policies and it's how we chain those together to become a domain admin or compromise a host so what what customers will do is every single attacker command we executed is provided to you as an attackivity log so you can actually see every single attacker command we ran the time stamp it was executed the hosts it executed on and how it Maps the minor attack tactics so our customers will have are these attacker logs on one screen and then they'll go look into Splunk or exabeam or Sentinel one or crowdstrike and say did you detect us did you log us did you alert on us or not and to make that even easier if you take this example hey Splunk what logs did you see at this time on the VMware host because that's when node 0 is able to dump credentials and that allows you to identify and fix your logging blind spots to make that easier we've got app integration so this is an actual Splunk app in the Splunk App Store and what you can come is inside the Splunk console itself you can fire up the Horizon 3 node 0 app all of the pen test results are here so that you can see all of the results in one place and you don't have to jump out of the tool and what you'll show you as I skip forward is hey there's a pen test here are the critical issues that we've identified for that weaker default issue here are the exact commands we executed and then we will automatically query into Splunk all all terms on between these times on that endpoint that relate to this attack so you can now quickly within the Splunk environment itself figure out that you're missing logs or that you're appropriately catching this issue and that becomes incredibly important in that detection engineering cycle that I mentioned earlier so how do our customers end up using us they shift from running one pen test a year to 30 40 pen tests a month oftentimes wiring us into their deployment automation to automatically run pen tests the other part that they'll do is as they run more pen tests they find more issues but eventually they hit this inflection point where they're able to rapidly clean up their environment and that inflection point is because the red and the blue teams start working together in a purple team culture and now they're working together to proactively harden their environment the other thing our customers will do is run us from different perspectives they'll first start running an RFC 1918 scope to see once the attacker gained initial access in a part of the network that had wide access what could they do and then from there they'll run us within a specific Network segment okay from within that segment could the attacker break out and gain access to another segment then they'll run us from their work from home environment could they Traverse the VPN and do something damaging and once they're in could they Traverse the VPN and get into my cloud then they'll break in from the outside all of these perspectives are available to you in Horizon 3 and node zero as a single SKU and you can run as many pen tests as you want if you run a phishing campaign and find that an intern in the finance department had the worst phishing behavior you can then inject their credentials and actually show the end-to-end story of how an attacker fished gained credentials of an intern and use that to gain access to sensitive financial data so what our customers end up doing is running multiple attacks from multiple perspectives and looking at those results over time I'll leave you two things one is what is the AI in Horizon 3 AI those knowledge graphs are the heart and soul of everything that we do and we use machine learning reinforcement techniques reinforcement learning techniques Markov decision models and so on to be able to efficiently maneuver and analyze the paths in those really large graphs we also use context-based scoring to prioritize weaknesses and we're also able to drive collective intelligence across all of the operations so the more pen tests we run the smarter we get and all of that is based on our knowledge graph analytics infrastructure that we have finally I'll leave you with this was my decision criteria when I was a buyer for my security testing strategy what I cared about was coverage I wanted to be able to assess my on-prem cloud perimeter and work from home and be safe to run in production I want to be able to do that as often as I wanted I want to be able to run pen tests in hours or days not weeks or months so I could accelerate that fine fix verify loop I wanted my it admins and network Engineers with limited offensive experience to be able to run a pen test in a few clicks through a self-service experience and not have to install agent and not have to write custom scripts and finally I didn't want to get nickeled and dimed on having to buy different types of attack modules or different types of attacks I wanted a single annual subscription that allowed me to run any type of attack as often as I wanted so I could look at my Trends in directions over time so I hope you found this talk valuable uh we're easy to find and I look forward to seeing seeing you use a product and letting our results do the talking when you look at uh you know kind of the way no our pen testing algorithms work is we dynamically select uh how to compromise an environment based on what we've discovered and the goal is to become a domain admin compromise a host compromise domain users find ways to encrypt data steal sensitive data and so on but when you look at the the top 10 techniques that we ended up uh using to compromise environments the first nine have nothing to do with cves and that's the reality cves are yes a vector but less than two percent of cves are actually used in a compromise oftentimes it's some sort of credential collection credential cracking uh credential pivoting and using that to become an admin and then uh compromising environments from that point on so I'll leave this up for you to kind of read through and you'll have the slides available for you but I found it very insightful that organizations and ourselves when I was a GE included invested heavily in just standard vulnerability Management Programs when I was at DOD that's all disa cared about asking us about was our our kind of our cve posture but the attackers have adapted to not rely on cves to get in because they know that organizations are actively looking at and patching those cves and instead they're chaining together credentials from one place with misconfigurations and dangerous product defaults in another to take over an environment a concrete example is by default vcenter backups are not encrypted and so as if an attacker finds vcenter what they'll do is find the backup location and there are specific V sender MTD files where the admin credentials are parsippled in the binaries so you can actually as an attacker find the right MTD file parse out the binary and now you've got the admin credentials for the vcenter environment and now start to log in as admin there's a bad habit by signal officers and Signal practitioners in the in the Army and elsewhere where the the VM notes section of a virtual image has the password for the VM well those VM notes are not stored encrypted and attackers know this and they're able to go off and find the VMS that are unencrypted find the note section and pull out the passwords for those images and then reuse those credentials across the board so I'll pause here and uh you know Patrick love you get some some commentary on on these techniques and other things that you've seen and what we'll do in the last say 10 to 15 minutes is uh is rolled through a little bit more on what do you do about it yeah yeah no I love it I think um I think this is pretty exhaustive what I like about what you've done here is uh you know we've seen we've seen double-digit increases in the number of organizations that are reporting actual breaches year over year for the last um for the last three years and it's often we kind of in the Zeitgeist we pegged that on ransomware which of course is like incredibly important and very top of mind um but what I like about what you have here is you know we're reminding the audience that the the attack surface area the vectors the matter um you know has to be more comprehensive than just thinking about ransomware scenarios yeah right on um so let's build on this when you think about your defense in depth you've got multiple security controls that you've purchased and integrated and you've got that redundancy if a control fails but the reality is that these security tools aren't designed to work together so when you run a pen test what you want to ask yourself is did you detect node zero did you log node zero did you alert on node zero and did you stop node zero and when you think about how to do that every single attacker command executed by node zero is available in an attacker log so you can now see you know at the bottom here vcenter um exploit at that time on that IP how it aligns to minor attack what you want to be able to do is go figure out did your security tools catch this or not and that becomes very important in using the attacker's perspective to improve your defensive security controls and so the way we've tried to make this easier back to like my my my the you know I bleed Green in many ways still from my smoke background is you want to be able to and what our customers do is hey we'll look at the attacker logs on one screen and they'll look at what did Splunk see or Miss in another screen and then they'll use that to figure out what their logging blind spots are and what that where that becomes really interesting is we've actually built out an integration into Splunk where there's a Splunk app you can download off of Splunk base and you'll get all of the pen test results right there in the Splunk console and from that Splunk console you're gonna be able to see these are all the pen tests that were run these are the issues that were found um so you can look at that particular pen test here are all of the weaknesses that were identified for that particular pen test and how they categorize out for each of those weaknesses you can click on any one of them that are critical in this case and then we'll tell you for that weakness and this is where where the the punch line comes in so I'll pause the video here for that weakness these are the commands that were executed on these endpoints at this time and then we'll actually query Splunk for that um for that IP address or containing that IP and these are the source types that surface any sort of activity so what we try to do is help you as quickly and efficiently as possible identify the logging blind spots in your Splunk environment based on the attacker's perspective so as this video kind of plays through you can see it Patrick I'd love to get your thoughts um just seeing so many Splunk deployments and the effectiveness of those deployments and and how this is going to help really Elevate the effectiveness of all of your Splunk customers yeah I'm super excited about this I mean I think this these kinds of purpose-built integration snail really move the needle for our customers I mean at the end of the day when I think about the power of Splunk I think about a product I was first introduced to 12 years ago that was an on-prem piece of software you know and at the time it sold on sort of Perpetual and term licenses but one made it special was that it could it could it could eat data at a speed that nothing else that I'd have ever seen you can ingest massively scalable amounts of data uh did cool things like schema on read which facilitated that there was this language called SPL that you could nerd out about uh and you went to a conference once a year and you talked about all the cool things you were splunking right but now as we think about the next phase of our growth um we live in a heterogeneous environment where our customers have so many different tools and data sources that are ever expanding and as you look at the as you look at the role of the ciso it's mind-blowing to me the amount of sources Services apps that are coming into the ciso span of let's just call it a span of influence in the last three years uh you know we're seeing things like infrastructure service level visibility application performance monitoring stuff that just never made sense for the security team to have visibility into you um at least not at the size and scale which we're demanding today um and and that's different and this isn't this is why it's so important that we have these joint purpose-built Integrations that um really provide more prescription to our customers about how do they walk on that Journey towards maturity what does zero to one look like what does one to two look like whereas you know 10 years ago customers were happy with platforms today they want integration they want Solutions and they want to drive outcomes and I think this is a great example of how together we are stepping to the evolving nature of the market and also the ever-evolving nature of the threat landscape and what I would say is the maturing needs of the customer in that environment yeah for sure I think especially if if we all anticipate budget pressure over the next 18 months due to the economy and elsewhere while the security budgets are not going to ever I don't think they're going to get cut they're not going to grow as fast and there's a lot more pressure on organizations to extract more value from their existing Investments as well as extracting more value and more impact from their existing teams and so security Effectiveness Fierce prioritization and automation I think become the three key themes of security uh over the next 18 months so I'll do very quickly is run through a few other use cases um every host that we identified in the pen test were able to score and say this host allowed us to do something significant therefore it's it's really critical you should be increasing your logging here hey these hosts down here we couldn't really do anything as an attacker so if you do have to make trade-offs you can make some trade-offs of your logging resolution at the lower end in order to increase logging resolution on the upper end so you've got that level of of um justification for where to increase or or adjust your logging resolution another example is every host we've discovered as an attacker we Expose and you can export and we want to make sure is every host we found as an attacker is being ingested from a Splunk standpoint a big issue I had as a CIO and user of Splunk and other tools is I had no idea if there were Rogue Raspberry Pi's on the network or if a new box was installed and whether Splunk was installed on it or not so now you can quickly start to correlate what hosts did we see and how does that reconcile with what you're logging from uh finally or second to last use case here on the Splunk integration side is for every single problem we've found we give multiple options for how to fix it this becomes a great way to prioritize what fixed actions to automate in your soar platform and what we want to get to eventually is being able to automatically trigger soar actions to fix well-known problems like automatically invalidating passwords for for poor poor passwords in our credentials amongst a whole bunch of other things we could go off and do and then finally if there is a well-known kill chain or attack path one of the things I really wish I could have done when I was a Splunk customer was take this type of kill chain that actually shows a path to domain admin that I'm sincerely worried about and use it as a glass table over which I could start to layer possible indicators of compromise and now you've got a great starting point for glass tables and iocs for actual kill chains that we know are exploitable in your environment and that becomes some super cool Integrations that we've got on the roadmap between us and the Splunk security side of the house so what I'll leave with actually Patrick before I do that you know um love to get your comments and then I'll I'll kind of leave with one last slide on this wartime security mindset uh pending you know assuming there's no other questions no I love it I mean I think this kind of um it's kind of glass table's approach to how do you how do you sort of visualize these workflows and then use things like sore and orchestration and automation to operationalize them is exactly where we see all of our customers going and getting away from I think an over engineered approach to soar with where it has to be super technical heavy with you know python programmers and getting more to this visual view of workflow creation um that really demystifies the power of Automation and also democratizes it so you don't have to have these programming languages in your resume in order to start really moving the needle on workflow creation policy enforcement and ultimately driving automation coverage across more and more of the workflows that your team is seeing yeah I think that between us being able to visualize the actual kill chain or attack path with you know think of a of uh the soar Market I think going towards this no code low code um you know configurable sore versus coded sore that's going to really be a game changer in improve or giving security teams a force multiplier so what I'll leave you with is this peacetime mindset of security no longer is sustainable we really have to get out of checking the box and then waiting for the bad guys to show up to verify that security tools are are working or not and the reason why we've got to really do that quickly is there are over a thousand companies that withdrew from the Russian economy over the past uh nine months due to the Ukrainian War there you should expect every one of them to be punished by the Russians for leaving and punished from a cyber standpoint and this is no longer about financial extortion that is ransomware this is about punishing and destroying companies and you can punish any one of these companies by going after them directly or by going after their suppliers and their Distributors so suddenly your attack surface is no more no longer just your own Enterprise it's how you bring your goods to Market and it's how you get your goods created because while I may not be able to disrupt your ability to harvest fruit if I can get those trucks stuck at the border I can increase spoilage and have the same effect and what we should expect to see is this idea of cyber-enabled economic Warfare where if we issue a sanction like Banning the Russians from traveling there is a cyber-enabled counter punch which is corrupt and destroy the American Airlines database that is below the threshold of War that's not going to trigger the 82nd Airborne to be mobilized but it's going to achieve the right effect ban the sale of luxury goods disrupt the supply chain and create shortages banned Russian oil and gas attack refineries to call a 10x spike in gas prices three days before the election this is the future and therefore I think what we have to do is shift towards a wartime mindset which is don't trust your security posture verify it see yourself Through The Eyes of the attacker build that incident response muscle memory and drive better collaboration between the red and the blue teams your suppliers and Distributors and your information uh sharing organization they have in place and what's really valuable for me as a Splunk customer was when a router crashes at that moment you don't know if it's due to an I.T Administration problem or an attacker and what you want to have are different people asking different questions of the same data and you want to have that integrated triage process of an I.T lens to that problem a security lens to that problem and then from there figuring out is is this an IT workflow to execute or a security incident to execute and you want to have all of that as an integrated team integrated process integrated technology stack and this is something that I very care I cared very deeply about as both a Splunk customer and a Splunk CTO that I see time and time again across the board so Patrick I'll leave you with the last word the final three minutes here and I don't see any open questions so please take us home oh man see how you think we spent hours and hours prepping for this together that that last uh uh 40 seconds of your talk track is probably one of the things I'm most passionate about in this industry right now uh and I think nist has done some really interesting work here around building cyber resilient organizations that have that has really I think helped help the industry see that um incidents can come from adverse conditions you know stress is uh uh performance taxations in the infrastructure service or app layer and they can come from malicious compromises uh Insider threats external threat actors and the more that we look at this from the perspective of of a broader cyber resilience Mission uh in a wartime mindset uh I I think we're going to be much better off and and will you talk about with operationally minded ice hacks information sharing intelligence sharing becomes so important in these wartime uh um situations and you know we know not all ice acts are created equal but we're also seeing a lot of um more ad hoc information sharing groups popping up so look I think I think you framed it really really well I love the concept of wartime mindset and um I I like the idea of applying a cyber resilience lens like if you have one more layer on top of that bottom right cake you know I think the it lens and the security lens they roll up to this concept of cyber resilience and I think this has done some great work there for us yeah you're you're spot on and that that is app and that's gonna I think be the the next um terrain that that uh that you're gonna see vendors try to get after but that I think Splunk is best position to win okay that's a wrap for this special Cube presentation you heard all about the global expansion of horizon 3.ai's partner program for their Partners have a unique opportunity to take advantage of their node zero product uh International go to Market expansion North America channel Partnerships and just overall relationships with companies like Splunk to make things more comprehensive in this disruptive cyber security world we live in and hope you enjoyed this program all the videos are available on thecube.net as well as check out Horizon 3 dot AI for their pen test Automation and ultimately their defense system that they use for testing always the environment that you're in great Innovative product and I hope you enjoyed the program again I'm John Furrier host of the cube thanks for watching

>>Welcome back everyone to the Cube and Horizon three.ai special presentation. I'm John Furrier, host of the Cube. We with Chris Hill, Sector head for strategic accounts and federal@horizonthree.ai. Great innovative company. Chris, great to see you. Thanks for coming on the Cube. >>Yeah, like I said, you know, great to meet you John. Long time listener. First time call. So excited to be here with >>You guys. Yeah, we were talking before camera. You had Splunk back in 2013 and I think 2012 was our first splunk.com. Yep. And boy man, you know, talk about being in the right place at the right time. Now we're at another inflection point and Splunk continues to be relevant and continuing to have that data driving security and that interplay. And your ceo, former CTO of Splunk as well at Horizons Neha, who's been on before. Really innovative product you guys have, but you know, Yeah, don't wait for a brief to find out if you're locking the right data. This is the topic of this thread. Splunk is very much part of this new international expansion announcement with you guys. Tell us what are some of the challenges that you see where this is relevant for the Splunk and the Horizon AI as you guys expand Node zero out internationally? >>Yeah, well so across, so you know, my role within Splunk was working with our most strategic accounts. And so I look back to 2013 and I think about the sales process like working with, with our small customers. You know, it was, it was still very siloed back then. Like I was selling to an IT team that was either using us for IT operations. We generally would always even say, yeah, although we do security, we weren't really designed for it. We're a log management tool. And you know, we, and I'm sure you remember back then John, we were like sort of stepping into the security space and in the public sector domain that I was in, you know, security was 70% of what we did. When I look back to sort of the transformation that I was, was witnessing in that digital transformation, you know when I, you look at like 2019 to today, you look at how the IT team and the security teams are, have been forced to break down those barriers that they used to sort of be silo away, would not communicate one, you know, the security guys would be like, Oh this is my BA box it, you're not allowed in today. >>You can't get away with that. And I think that the value that we bring to, you know, and of course Splunk has been a huge leader in that space and continues to do innovation across the board. But I think what we've we're seeing in the space that I was talking with Patrick Kauflin, the SVP of security markets about this, is that, you know, what we've been able to do with Splunk is build a purpose built solution that allows Splunk to eat more data. So Splunk itself, as you well know, it's an ingest engine, right? So the great reason people bought it was you could build these really fast dashboards and grab intelligence out of it, but without data it doesn't do anything, right? So how do you drive and how do you bring more data in? And most importantly from a customer perspective, how do you bring the right data in? >>And so if you think about what node zero and what we're doing in a Horizon three is that, sure we do pen testing, but because we're an autonomous pen testing tool, we do it continuously. So this whole thought of being like, Oh, crud like my customers, Oh yeah, we got a pen test coming up, it's gonna be six weeks. The wait. Oh yeah. You know, and everyone's gonna sit on their hands, Call me back in two months, Chris, we'll talk to you then. Right? Not, not a real efficient way to test your environment and shoot, we, we saw that with Uber this week. Right? You know, and that's a case where we could have helped. >>Well just real quick, explain the Uber thing cause it was a contractor. Just give a quick highlight of what happened so you can connect the >>Dots. Yeah, no problem. So there it was, I think it was one of those, you know, games where they would try and test an environment. And what the pen tester did was he kept on calling them MFA guys being like, I need to reset my password re to set my password. And eventually the customer service guy said, Okay, I'm resetting it. Once he had reset and bypassed the multifactor authentication, he then was able to get in and get access to the domain area that he was in or the, not the domain, but he was able to gain access to a partial part of the network. He then paralleled over to what would I assume is like a VA VMware or some virtual machine that had notes that had all of the credentials for logging into various domains. And so within minutes they had access. And that's the sort of stuff that we do under, you know, a lot of these tools. >>Like not, and I'm not, you know, you think about the cacophony of tools that are out there in a CTA orchestra architecture, right? I'm gonna get like a Zscaler, I'm gonna have Okta, I'm gonna have a Splunk, I'm gonna do this sore system. I mean, I don't mean to name names, we're gonna have crowd strike or, or Sentinel one in there. It's just, it's a cacophony of things that don't work together. They weren't designed work together. And so we have seen so many times in our business through our customer support and just working with customers when we do their pen test, that there will be 5,000 servers out there. Three are misconfigured. Those three misconfigurations will create the open door. Cause remember the hacker only needs to be right once, the defender needs to be right all the time. And that's the challenge. And so that's why I'm really passionate about what we're doing here at Horizon three. I see this my digital transformation, migration and security going on, which we're at the tip of the sp, it's why I joined say Hall coming on this journey and just super excited about where the path's going and super excited about the relationship with Splunk. I get into more details on some of the specifics of that. But you know, >>I mean, well you're nailing, I mean we've been doing a lot of things around super cloud and this next gen environment, we're calling it NextGen. You're really seeing DevOps, obviously Dev SecOps has, has already won the IT role has moved to the developer shift left as an indicator of that. It's one of the many examples, higher velocity code software supply chain. You hear these things. That means that it is now in the developer hands, it is replaced by the new ops, data ops teams and security where there's a lot of horizontal thinking. To your point about access, there's no more perimeter. So >>That there is no perimeter. >>Huge. A hundred percent right, is really right on. I don't think it's one time, you know, to get in there. Once you're in, then you can hang out, move around, move laterally. Big problem. Okay, so we get that. Now, the challenges for these teams as they are transitioning organizationally, how do they figure out what to do? Okay, this is the next step. They already have Splunk, so now they're kind of in transition while protecting for a hundred percent ratio of success. So how would you look at that and describe the challenges? What do they do? What is, what are the teams facing with their data and what's next? What do they, what do they, what action do they take? >>So let's do some vernacular that folks will know. So if I think about dev sec ops, right? We both know what that means, that I'm gonna build security into the app, but no one really talks about SEC DevOps, right? How am I building security around the perimeter of what's going inside my ecosystem and what are they doing? And so if you think about what we're able to do with somebody like Splunk is we could pen test the entire environment from soup to nuts, right? So I'm gonna test the end points through to it. So I'm gonna look for misconfigurations, I'm gonna, and I'm gonna look for credential exposed credentials. You know, I'm gonna look for anything I can in the environment. Again, I'm gonna do it at at light speed. And, and what we're, what we're doing for that SEC dev space is to, you know, did you detect that we were in your environment? >>So did we alert Splunk or the SIM that there's someone in the environment laterally moving around? Did they, more importantly, did they log us into their environment? And when did they detect that log to trigger that log? Did they alert on us? And then finally, most importantly, for every CSO out there is gonna be did they stop us? And so that's how we, we, we do this in, I think you, when speaking with Stay Hall, before, you know, we've come up with this boils U Loop, but we call it fine fix verify. So what we do is we go in is we act as the attacker, right? We act in a production environment. So we're not gonna be, we're a passive attacker, but we will go in un credentialed UN agents. But we have to assume, have an assumed breach model, which means we're gonna put a Docker container in your environment and then we're going to fingerprint the environment. >>So we're gonna go out and do an asset survey. Now that's something that's not something that Splunk does super well, you know, so can Splunk see all the assets, do the same assets marry up? We're gonna log all that data and think then put load that into the Splunk sim or the smoke logging tools just to have it in enterprise, right? That's an immediate future ad that they've got. And then we've got the fix. So once we've completed our pen test, we are then gonna generate a report and we could talk about about these in a little bit later. But the reports will show an executive summary the assets that we found, which would be your asset discovery aspect of that, a fixed report. And the fixed report I think is probably the most important one. It will go down and identify what we did, how we did it, and then how to fix that. >>And then from that, the pen tester or the organization should fix those. Then they go back and run another test. And then they validate through like a change detection environment to see, hey, did those fixes taste, play take place? And you know, SNA Hall, when he was the CTO of JS o, he shared with me a number of times about, he's like, Man, there would be 15 more items on next week's punch sheet that we didn't know about. And it's, and it has to do with how we, you know, how they were prioritizing the CVEs and whatnot because they would take all CVS was critical or non-critical. And it's like we are able to create context in that environment that feeds better information into Splunk and whatnot. That >>Was a lot. That brings, that brings up the, the efficiency for Splunk specifically. The teams out there. By the way, the burnout thing is real. I mean, this whole, I just finished my list and I got 15 more or whatever the list just can, keeps, keeps growing. How did Node zero specifically help Splunk teams be more efficient? Now that's the question I want to get at, because this seems like a very scalable way for Splunk customers and teams, service teams to be more efficient. So the question is, how does Node zero help make Splunk specifically their service teams be more efficient? >>So to, so today in our early interactions with building Splunk customers, what we've seen are five things, and I'll start with sort of identifying the blind spots, right? So kind of what I just talked about with you. Did we detect, did we log, did we alert? Did they stop node zero, right? And so I would, I put that at, you know, a a a more layman's third grade term. And if I was gonna beat a fifth grader at this game would be, we can be the sparring partner for a Splunk enterprise customer, a Splunk essentials customer, someone using Splunk soar, or even just an enterprise Splunk customer that may be a small shop with three people and, and just wants to know where am I exposed. So by creating and generating these reports and then having the API that actually generates the dashboard, they can take all of these events that we've logged and log them in. >>And then where that then comes in is number two is how do we prioritize those logs, right? So how do we create visibility to logs that are, have critical impacts? And again, as I mentioned earlier, not all CVEs are high impact regard and also not all are low, right? So if you daisy chain a bunch of low CVEs together, boom, I've got a mission critical AP CVE that needs to be fixed now, such as a credential moving to an NT box that's got a text file with a bunch of passwords on it, that would be very bad. And then third would be verifying that you have all of the hosts. So one of the things that Splunk's not particularly great at, and they, they themselves, they don't do asset discovery. So do what assets do we see and what are they logging from that? And then for, from, for every event that they are able to identify the, one of the cool things that we can do is actually create this low-code, no-code environment. >>So they could let, you know, float customers can use Splunk. So to actually triage events and prioritize that events or where they're being routed within it to optimize the SOX team time to market or time to triage any given event. Obviously reducing mtr. And then finally, I think one of the neatest things that we'll be seeing us develop is our ability to build glass tables. So behind me you'll see one of our triage events and how we build a lock Lockheed Martin kill chain on that with a glass table, which is very familiar to this Splunk community. We're going to have the ability, not too distant future to allow people to search, observe on those IOCs. And if people aren't familiar with an ioc, it's an incident of compromise. So that's a vector that we want to drill into. And of course who's better at drilling in into data and Splunk. >>Yeah, this is a critical, this is awesome synergy there. I mean I can see a Splunk customer going, Man, this just gives me so much more capability. Action actionability. And also real understanding, and I think this is what I wanna dig into, if you don't mind understanding that critical impact, okay. Is kind of where I see this coming. I got the data, data ingest now data's data. But the question is what not to log, You know, where are things misconfigured? These are critical questions. So can you talk about what it means to understand critical impact? >>Yeah, so I think, you know, going back to those things that I just spoke about, a lot of those CVEs where you'll see low, low, low and then you daisy chain together and you're suddenly like, oh, this is high now. But then to your other impact of like if you're a, if you're a a Splunk customer, you know, and I had, I had several of them, I had one customer that, you know, terabytes of McAfee data being brought in and it was like, all right, there's a lot of other data that you probably also wanna bring, but they could only afford, wanted to do certain data sets because that's, and they didn't know how to prioritize or filter those data sets. And so we provide that opportunity to say, Hey, these are the critical ones to bring in. But there's also the ones that you don't necessarily need to bring in because low CVE in this case really does mean low cve. >>Like an ILO server would be one that, that's the print server where the, your admin credentials are on, on like a, a printer. And so there will be credentials on that. That's something that a hacker might go in to look at. So although the CVE on it is low, if you daisy chain was something that's able to get into that, you might say, ah, that's high. And we would then potentially rank it giving our AI logic to say that's a moderate. So put it on the scale and we prioritize though, versus a, a vulner review scanner's just gonna give you a bunch of CVEs and good luck. >>And translating that if I, if I can and tell me if I'm wrong, that kind of speaks to that whole lateral movement. That's it. Challenge, right? Print server, great example, look stupid low end, who's gonna wanna deal with the print server? Oh, but it's connected into a critical system. There's a path. Is that kind of what you're getting at? >>Yeah, I used daisy chain. I think that's from the community they came from. But it's, it's just a lateral movement. It's exactly what they're doing. And those low level, low critical lateral movements is where the hackers are getting in. Right? So that's what the beauty thing about the, the Uber example is that who would've thought, you know, I've got my multifactor authentication going in a human made a mistake. We can't, we can't not expect humans to make mistakes. Were fall, were fallible, right? Yeah. The reality is is once they were in the environment, they could have protected themselves by running enough pen tests to know that they had certain exposed credentials that would've stopped the breach. Yeah. And they did not, had not done that in their environment. And I'm not poking. Yeah, >>They put it's interesting trend though. I mean it's obvious if sometimes those low end items are also not protected well. So it's easy to get at from a hacker standpoint, but also the people in charge of them can be fished easily or spear fished because they're not paying attention. Cause they don't have to. No one ever told them, Hey, be careful of what you collect. >>Yeah. For the community that I came from, John, that's exactly how they, they would meet you at a, an international event introduce themselves as a graduate student. These are national actor states. Would you mind reviewing my thesis on such and such? And I was at Adobe at the time though I was working on this and start off, you get the pdf, they opened the PDF and whoever that customer was launches, and I don't know if you remember back in like 2002, 2008 time frame, there was a lot of issues around IP being by a nation state being stolen from the United States and that's exactly how they did it. And John, that's >>Or LinkedIn. Hey I wanna get a joke, we wanna hire you double the salary. Oh I'm gonna click on that for sure. You know? Yeah, >>Right. Exactly. Yeah. The one thing I would say to you is like when we look at like sort of, you know, cuz I think we did 10,000 pen test last year is it's probably over that now, you know, we have these sort of top 10 ways that we think then fine people coming into the environment. The funniest thing is that only one of them is a, a CVE related vulnerability. Like, you know, you guys know what they are, right? So it's it, but it's, it's like 2% of the attacks are occurring through the CVEs, but yet there's all that attention spent to that. Yeah. And very little attention spent to this pen testing side. Yeah. Which is sort of this continuous threat, you know, monitoring space and, and, and this vulnerability space where I think we play such an important role and I'm so excited to be a part of the tip of the spear on this one. >>Yeah. I'm old enough to know the movie sneakers, which I love as a, you know, watching that movie, you know, professional hackers are testing, testing, always testing the environment. I love this. I gotta ask you, as we kind of wrap up here, Chris, if you don't mind the benefits to team professional services from this alliance, big news Splunk and you guys work well together. We see that clearly. What are, what other benefits do professional services teams see from the Splunk and Horizon three AI alliance? >>So if you're a, I think for, from our, our, from both of our partners as we bring these guys together and many of them already are the same partner, right? Is that first off, the licensing model is probably one of the key areas that we really excel at. So if you're an end user, you can buy for the enterprise by the enter of IP addresses you're using. But if you're a partner working with this, there's solution ways that you can go in and we'll license as to MSPs and what that business model on our MSPs looks like. But the unique thing that we do here is this c plus license. And so the Consulting Plus license allows like a, somebody a small to midsize to some very large, you know, Fortune 100, you know, consulting firms uses by buying into a license called Consulting Plus where they can have unlimited access to as many ips as they want. >>But you can only run one test at a time. And as you can imagine when we're going and hacking passwords and checking hashes and decrypting hashes, that can take a while. So, but for the right customer, it's, it's a perfect tool. And so I I'm so excited about our ability to go to market with our partners so that we underhand to sell, understand how not to just sell too or not tell just to sell through, but we know how to sell with them as a good vendor partner. I think that that's one thing that we've done a really good job building bringing into market. >>Yeah. I think also the Splunk has had great success how they've enabled partners and professional services. Absolutely. They've, you know, the services that layer on top of Splunk are multifold tons of great benefits. So you guys vector right into that ride, that wave with >>Friction. And, and the cool thing is that in, you know, in one of our reports, which could be totally customized with someone else's logo, we're going to generate, you know, so I, I used to work at another organization, it wasn't Splunk, but we, we did, you know, pen testing as a, as a for, for customers and my pen testers would come on site, they, they do the engagement and they would leave. And then another really, someone would be, oh shoot, we got another sector that was breached and they'd call you back, you know, four weeks later. And so by August our entire pen testings teams would be sold out and it would be like, wow. And in March maybe, and they'd like, No, no, no, I gotta breach now. And, and, and then when they do go in, they go through, do the pen test and they hand over a PDF and they pat you on the back and say, there's where your problems are, you need to fix it. And the reality is, is that what we're gonna generate completely autonomously with no human interaction is we're gonna go and find all the permutations that anything we found and the fix for those permutations and then once you fixed everything, you just go back and run another pen test. Yeah. It's, you know, for what people pay for one pen test, they could have a tool that does that. Every, every pat patch on Tuesday pen test on Wednesday, you know, triage throughout the week, >>Green, yellow, red. I wanted to see colors show me green, green is good, right? Not red. >>And once CIO doesn't want, who doesn't want that dashboard, right? It's, it's, it is exactly it. And we can help bring, I think that, you know, I'm really excited about helping drive this with the Splunk team cuz they get that, they understand that it's the green, yellow, red dashboard and, and how do we help them find more green so that the other guys are >>In Yeah. And get in the data and do the right thing and be efficient with how you use the data, Know what to look at. So many things to pay attention to, you know, the combination of both and then, then go to market strategy. Real brilliant. Congratulations Chris. Thanks for coming on and sharing this news with the detail around this Splunk in action around the alliance. Thanks for sharing, >>John. My pleasure. Thanks. Look forward to seeing you soon. >>All right, great. We'll follow up and do another segment on DevOps and IT and security teams as the new new ops, but, and Super cloud, a bunch of other stuff. So thanks for coming on. And our next segment, the CEO of Verizon, three AA, will break down all the new news for us here on the cube. You're watching the cube, the leader in high tech enterprise coverage.

(bright music) >> "Supermetafragilisticexpialadotious." What's in a name? In an homage to the inimitable Charles Fitzgerald, we've chosen this title for today's session because of all the buzz surrounding "supercloud," a term that we introduced last year to signify a major architectural trend and shift that's occurring in the technology industry. Since that time, we've published numerous videos and articles on the topic, and on August 9th, kicked off "Supercloud22," an open industry event designed to advance the supercloud conversation, gathering input from more than 30 experienced technologists and business leaders in "The Cube" and broader technology community. We're talking about individuals like Benoit Dageville, Kit Colbert, Ali Ghodsi, Mohit Aron, David McJannet, and dozens of other experts. And today, we're pleased to welcome David Linthicum, who's a Chief Strategy Officer of Cloud Services at Deloitte Consulting. David is a technology visionary, a technical CTO. He's an author and a frequently sought after keynote speaker at high profile conferences like "VMware Explore" next week. David Linthicum, welcome back to "The Cube." Good to see you again. >> Oh, it's great to be here. Thanks for the invitation. Thanks for having me. >> Yeah, you're very welcome. Okay, so this topic of supercloud, what you call metacloud, has created a lot of interest. VMware calls it cross-cloud services, Snowflake calls it their data cloud, there's a lot of different names, but recently, you published a piece in "InfoWorld" where you said the following. "I really don't care what we call it, "and I really don't care if I put "my own buzzword into the mix. "However, this does not change the fact "that metacloud is perhaps the most important "architectural evolution occurring right now, "and we need to get this right out of the gate. "If we do that, who cares what it's named?" So very cool. And you also mentioned in a recent article that you don't like to put out new terms out in the wild without defining them. So what is a metacloud, or what we call supercloud? What's your definition? >> Yeah, and again, I don't care what people call it. The reality is it's the ability to have a layer of cross-cloud services. It sits above existing public cloud providers. So the idea here is that instead of building different security systems, different governance systems, different operational systems in each specific cloud provider, using whatever native features they provide, we're trying to do that in a cross-cloud way. So in other words, we're pushing out data integration, security, all these other things that we have to take care of as part of deploying a particular cloud provider. And in a multicloud scenario, we're building those in and between the clouds. And so we've been tracking this for about five years. We understood that multicloud is not necessarily about the particular public cloud providers, it's about things that you build in and between the clouds. >> Got it, okay. So I want to come back to that, to the definition, but I want to tie us to the so-called multicloud. You guys did a survey recently. We've said that multicloud was mostly a symptom of multi-vendor, Shadow Cloud, M&A, and only recently has become a strategic imperative. Now, Deloitte published a survey recently entitled "Closing the Cloud Strategy, Technology, Innovation Gap," and I'd like to explore that a little bit. And so in that survey, you showed data. What I liked about it is you went beyond what we all know, right? The old, "Our research shows that on average, "X number of clouds are used at an individual company." I mean, you had that too, but you really went deeper. You identified why companies are using multiple clouds, and you developed different categories of practitioners across 500 survey respondents. But the reasons were very clear for "why multicloud," as this becomes more strategic. Service choice scale, negotiating leverage, improved business resiliency, minimizing lock-in, interoperability of data, et cetera. So my question to you, David, is what's the problem supercloud or metacloud solves, and what's different from multicloud? >> That's a great question. The reality is that if we're... Well, supercloud or metacloud, whatever, is really something that exists above a multicloud, but I kind of view them as the same thing. It's an architectural pattern. We can name it anything. But the reality is that if we're moving to these multicloud environments, we're doing so to leverage best of breed things. In other words, best of breed technology to provide the innovators within the company to take the business to the next level, and we determine that in the survey. And so if we're looking at what a multicloud provides, it's the ability to provide different choices of different services or piece parts that allows us to build anything that we need to do. And so what we found in the survey and what we found in just practice in dealing with our clients is that ultimately, the value of cloud computing is going to be the innovation aspects. In other words, the ability to take the company to the next level from being more innovative and more disruptive in the marketplace that they're in. And the only way to do that, instead of basically leveraging the services of a particular walled garden of a single public cloud provider, is to cast a wider net and get out and leverage all kinds of services to make these happen. So if you think about that, that's basically how multicloud has evolved. In other words, it wasn't planned. They didn't say, "We're going to go do a multicloud." It was different developers and innovators in the company that went off and leveraged these cloud services, sometimes with the consent of IT leadership, sometimes not. And now we have these multitudes of different services that we're leveraging. And so many of these enterprises are going from 1000 to, say, 3000 services under management. That creates a complexity problem. We have a problem of heterogeneity, different platforms, different tools, different services, different AI technology, database technology, things like that. So the metacloud, or the supercloud, or whatever you want to call it, is the ability to deal with that complexity on the complexity's terms. And so instead of building all these various things that we have to do individually in each of the cloud providers, we're trying to do so within a cross-cloud service layer. We're trying to create this layer of technology, which removes us from dealing with the complexity of the underlying multicloud services and makes it manageable. Because right now, I think we're getting to a point of complexity we just can't operate it at the budgetary limits that we are right now. We can't keep the number of skills around, the number of operators around, to keep these things going. We're going to have to get creative in terms of how we manage these things, how we manage a multicloud. And that's where the supercloud, metacloud, whatever they want to call it, comes that. >> Yeah, and as John Furrier likes to say, in IT, we tend to solve complexity with more complexity, and that's not what we're talking about here. We're talking about simplifying, and you talked about the abstraction layer, and then it sounds like I'm inferring more. There's value that's added on top of that. And then you also said the hyperscalers are in a walled garden. So I've been asked, why aren't the hyperscalers superclouds? And I've said, essentially, they want to put your data into their cloud and keep it there. Now, that doesn't mean they won't eventually get into that. We've seen examples a little bit, Outposts, Anthos, Azure Arc, but the hyperscalers really aren't building superclouds or metaclouds, at least today, are they? >> No, they're not. And I always have the predictions for every major cloud conference that this is the conference that the hyperscaler is going to figure out some sort of a multicloud across-cloud strategy. In other words, building services that are able to operate across clouds. That really has never happened. It has happened in dribs and drabs, and you just mentioned a few examples of that, but the ability to own the space, to understand that we're not going to be the center of the universe in how people are going to leverage it, is going to be multiple things, including legacy systems and other cloud providers, and even industry clouds that are emerging these days, and SaaS providers, and all these things. So we're going to assist you in dealing with complexity, and we're going to provide the core services of being there. That hasn't happened yet. And they may be worried about conflicting their market, and the messaging is a bit different, even actively pushing back on the concept of multicloud, but the reality is the market's going to take them there. So in other words, if enough of their customers are asking for this and asking that they take the lead in building these cross-cloud technologies, even if they're participating in the stack and not being the stack, it's too compelling of a market that it's not going to drag a lot of the existing public cloud providers there. >> Well, it's going to be interesting to see how that plays out, David, because I never say never when it comes to a company like AWS, and we've seen how fast they move. And at the same time, they don't want to be commoditized. There's the layer underneath all this infrastructure, and they got this ecosystem that's adding all this tremendous value. But I want to ask you, what are the essential elements of supercloud, coming back to the definition, if you will, and what's different about metacloud, as you call it, from plain old SaaS or PaaS? What are the key elements there? >> Well, the key elements would be holistic management of all of the IT infrastructure. So even though it's sitting above a multicloud, I view metacloud, supercloud as the ability to also manage your existing legacy systems, your existing security stack, your existing network operations, basically everything that exists under the purview of IT. If you think about it, we're moving our infrastructure into the clouds, and we're probably going to hit a saturation point of about 70%. And really, if the supercloud, metacloud, which is going to be expensive to build for most of the enterprises, it needs to support these things holistically. So it needs to have all the services, that is going to be shareable across the different providers, and also existing legacy systems, and also edge computing, and IoT, and all these very diverse systems that we're building there right now. So if complexity is a core challenge to operate these things at scale and the ability to secure these things at scale, we have to have commonality in terms of security architecture and technology, commonality in terms of our directory services, commonality in terms of network operations, commonality in term of cloud operations, commonality in terms of FinOps. All these things should exist in some holistic cross-cloud layer that sits above all this complexity. And you pointed out something very profound. In other words, that is going to mean that we're hiding a lot of the existing cloud providers in terms of their interfaces and dashboards and things like that that we're dealing with today, their APIs. But the reality is that if we're able to manage these things at scale, the public cloud providers are going to benefit greatly from that. They're going to sell more services because people are going to find they're able to leverage them easier. And so in other words, if we're removing the complexity wall, which many in the industry are calling it right now, then suddenly we're moving from, say, the 25 to 30% migrated in the cloud, which most enterprises are today, to 50, 60, 70%. And we're able to do this at scale, and we're doing it at scale because we're providing some architectural optimization through the supercloud, metacloud layer. >> Okay, thanks for that. David, I just want to tap your CTO brain for a minute. At "Supercloud22," we came up with these three deployment models. Kit Colbert put forth the idea that one model would be your control planes running in one cloud, let's say AWS, but it interacts with and can manage and deploy on other clouds, the Kubernetes Cluster Management System. The second one, Mohit Aron from Cohesity laid out, where you instantiate the stack on different clouds and different cloud regions, and then you create a layer, a common interface across those. And then Snowflake was the third deployment model where it's a single global instance, it's one instantiation, and basically building out their own cloud across these regions. Help us parse through that. Do those seem like reasonable deployment models to you? Do you have any thoughts on that? >> Yeah, I mean, that's a distributed computing trick we've been doing, which is, in essence, an agent of the supercloud that's carrying out some of the cloud native functions on that particular cloud, but is, in essence, a slave to the metacloud, or the supercloud, whatever, that's able to run across the various cloud providers. In other words, when it wants to access a service, it may not go directly to that service. It goes directly to the control plane, and that control plane is responsible... Very much like Kubernetes and Docker works, that control plane is responsible for reaching out and leveraging those native services. I think that that's thinking that's a step in the right direction. I think these things unto themselves, at least initially, are going to be a very complex array of technology. Even though we're trying to remove complexity, the supercloud unto itself, in terms of the ability to build this thing that's able to operate at scale across-cloud, is going to be a collection of many different technologies that are interfacing with the public cloud providers in different ways. And so we can start putting these meta architectures together, and I certainly have written and spoke about this for years, but initially, this is going to be something that may escape the detail or the holistic nature of these meta architectures that people are floating around right now. >> Yeah, so I want to stay on this, because anytime I get a CTO brain, I like to... I'm not an engineer, but I've been around a long time, so I know a lot of buzzwords and have absorbed a lot over the years, but so you take those, the second two models, the Mohit instantiate on each cloud and each cloud region versus the Snowflake approach. I asked Benoit Dageville, "Does that mean if I'm in "an AWS east region and I want to do a query on Azure West, "I can do that without moving data?" And he said, "Yes and no." And the answer was really, "No, we actually take a subset of that data," so there's the latency problem. From those deployment model standpoints, what are the trade-offs that you see in terms of instantiating the stack on each individual cloud versus that single instance? Is there a benefit of the single instance for governance and security and simplicity, but a trade-off on latency, or am I overthinking this? >> Yeah, you hit it on the nose. The reality is that the trade-off is going to be latency and performance. If we get wiggy with the distributed nature, like the distributed data example you just provided, we have to basically separate the queries and communicate with the databases on each instance, and then reassemble the result set that goes back to the people who are recording it. And so we can do caching systems and things like that. But the reality is, if it's distributed system, we're going to have latency and bandwidth issues that are going to be limiting us. And also security issues, because if we're removing lots of information over the open internet, or even private circuits, that those are going to be attack vectors that hackers can leverage. You have to keep that in mind. We're trying to reduce those attack vectors. So it would be, in many instances, and I think we have to think about this, that we're going to keep the data in the same physical region for just that. So in other words, it's going to provide the best performance and also the most simplistic access to dealing with security. And so we're not, in essence, thinking about where the data's going, how it's moving across things, things like that. So the challenge is going to be is when you're dealing with a supercloud or metacloud is, when do you make those decisions? And I think, in many instances, even though we're leveraging multiple databases across multiple regions and multiple public cloud providers, and that's the idea of it, we're still going to localize the data for performance reasons. I mean, I just wrote a blog in "InfoWorld" a couple of months ago and talked about, people who are trying to distribute data across different public cloud providers for different reasons, distribute an application development system, things like that, you can do it. With enough time and money, you can do anything. I think the challenge is going to be operating that thing, and also providing a viable business return based on the application. And so why it may look like a good science experiment, and it's cool unto itself as an architect, the reality is the more pragmatic approach is going to be a leavitt in a single region on a single cloud. >> Very interesting. The other reason I like to talk to companies like Deloitte and experienced people like you is 'cause I can get... You're agnostic, right? I mean, you're technology agnostic, vendor agnostic. So I want to come back with another question, which is, how do you deal with what I call the lowest common denominator problem? What I mean by that is if one cloud has, let's say, a superior service... Let's take an example of Nitro and Graviton. AWS seems to be ahead on that, but let's say some other cloud isn't quite quite there yet, and you're building a supercloud or a metacloud. How do you rationalize that? Does it have to be like a caravan in the army where you slow down so all the slowest trucks can keep up, or are the ways to adjudicate that that are advantageous to hide that deficiency? >> Yeah, and that's a great thing about leveraging a supercloud or a metacloud is we're putting that management in a single layer. So as far as a user or even a developer on those systems, they shouldn't worry about the performance that may come back, because we're dealing with the... You hit the nail on the head with that one. The slowest component is the one that dictates performance. And so we have to have some sort of a performance management layer. We're also making dynamic decisions to move data, to move processing, from one server to the other to try to minimize the amount of latency that's coming from a single component. So the great thing about that is we're putting that volatility into a single domain, and it's making architectural decisions in terms of where something will run and where it's getting its data from, things are stored, things like that, based on the performance feedback that's coming back from the various cloud services that are under management. And so if you're running across clouds, it becomes even more interesting, because ultimately, you're going to make some architectural choices on the fly in terms of where that stuff runs based on the active dynamic performance that that public cloud provider is providing. So in other words, we may find that it automatically shut down a database service, say MySQL, on one cloud instance, and moved it to a MySQL instance on another public cloud provider because there was some sort of a performance issue that it couldn't work around. And by the way, it does so dynamically. Away from you making that decision, it's making that decision on your behalf. Again, this is a matter of abstraction, removing complexity, and dealing with complexity through abstraction and automation, and this is... That would be an example of fixing something with automation, self-healing. >> When you meet with some of the public cloud providers and they talk about on-prem private cloud, the general narrative from the hyperscalers is, "Well, that's not a cloud." Should on-prem be inclusive of supercloud, metacloud? >> Absolutely, I mean, and they're selling private cloud instances with the edge cloud that they're selling. The reality is that we're going to have to keep a certain amount of our infrastructure, including private clouds, on premise. It's something that's shrinking as a market share, and it's going to be tougher and tougher to justify as the public cloud providers become better and better at what they do, but we certainly have edge clouds now, and hyperscalers have examples of that where they run a instance of their public cloud infrastructure on premise on physical hardware and software. And the reality is, too, we have data centers and we have systems that just won't go away for another 20 or 30 years. They're just too sticky. They're uneconomically viable to move into the cloud. That's the core thing. It's not that we can't do it. The fact of the matter is we shouldn't do it, because there's not going to be an economic... There's not going to be an economic incentive of making that happen. So if we're going to create this meta layer or this infrastructure which is going to run across clouds, and everybody agrees on, that's what the supercloud is, we have to include the on-premise systems, including private clouds, including legacy systems. And by the way, include the rising number of IoT systems that are out there, and edge-based systems out there. So we're managing it using the same infrastructure into cloud services. So they have metadata systems and they have specialized services, and service finance and retail and things like doing risk analytics. So it gets them further down that path, but not necessarily giving them a SaaS application where they're forced into all of the business processes. We're giving you piece parts. So we'll give you 1000 different parts that are related to the finance industry. You can assemble anything you need, but the thing is, it's not going to be like building it from scratch. We're going to give you risk analytics, we're giving you the financial analytics, all these things that you can leverage within your applications how you want to leverage them. We'll maintain them. So in other words, you don't have to maintain 'em just like a cloud service. And suddenly, we can build applications in a couple of weeks that used to take a couple of months, in some cases, a couple of years. So that seems to be a large take of it moving forward. So get it up in the supercloud. Those become just other services that are under managed... That are under management on the supercloud, the metacloud. So we're able to take those services, abstract them, assemble them, use them in different applications. And the ability to manage where those services are originated versus where they're consumed is going to be managed by the supercloud layer, which, you're dealing with the governance, the service governance, the security systems, the directory systems, identity access management, things like that. They're going to get you further along down the pike, and that comes back as real value. If I'm able to build something in two weeks that used to take me two months, and I'm able to give my creators in the organization the ability to move faster, that's a real advantage. And suddenly, we are going to be valued by our digital footprint, our ability to do things in a creative and innovative way. And so organizations are able to move that fast, leveraging cloud computing for what it should be leveraged, as a true force multiplier for the business. They're going to win the game. They're going to get the most value. They're going to be around in 20 years, the others won't. >> David Linthicum, always love talking. You have a dangerous combination of business and technology expertise. Let's tease. "VMware Explore" next week, you're giving a keynote, if they're going to be there. Which day are you? >> Tuesday. Tuesday, 11 o'clock. >> All right, that's a big day. Tuesday, 11 o'clock. And David, please do stop by "The Cube." We're in Moscone West. Love to get you on and continue this conversation. I got 100 more questions for you. Really appreciate your time. >> I always love talking to people at "The Cube." Thank you very much. >> All right, and thanks for watching our ongoing coverage of "Supercloud22" on "The Cube," your leader in enterprise tech and emerging tech coverage. (bright music)

(inspiring music) >> Welcome back to The Cube's coverage here in Las Vegas. I'm John Furrier for re:Mars coverage. Two days of live action, a lot of things happening in space, robotics, automation, and machine learning. That's Mars spelled backwards, but that's machine learning, automation, robotics and space. Got a great guest, Jens Ortmann, associate director at Boston Consulting Group, also known as BCG. Jens, welcome to The Cube. >> Thank you very much. >> So tell me what you're working on. You've got a very cool project you're working on, 'Involved'. Take us through what it is, explain what the project is. >> Yeah, so I'm part of the data science unit within BCG Gamma and I'm focusing on solving business problems for the automotive industry. What I would like to talk about is actually a small internal site project that we were building. It's a conversion rate engine, where we built an advanced analytics tool that computes the conversion rate for car dealerships, at scale. So for every single car dealer in a market, we can compute the conversion rate. >> John: What is a conversion rate? Can you explain that? >> So a conversion rate is very simple. It's actually out of the people that come into your car dealership, how many do you, as a car dealer, manage to sell a car to? >> So, what's your sell, through monthly kind of- >> Per visitor that come into, so your walk-ins. >> So, physical? >> Physical, yeah. So this was for physical stores. It's actually a key metric for sales performance for car dealerships, or for the automotive manufacturers to be aware of. >> So I'm watching here in the show floor at re:Mars, you've got the 'Just Walk Through', which is Amazon's 'take whatever you want and go', are you seeing you're getting analytics on like people coming in, you can see them, there's a drop off rate? Take me through how it works, the challenges because I don't envision like, "Oh, so they walked in and they left but they didn't leave with a car." It's not take and walk out, it's not grab and go. But the concept of using computer vision, I can imagine it being a popular thing. So how do you measure this, people coming in? >> It's actually a big challenge that we learned when we were doing this project. Traditionally, people were measuring it with like these laser sensors but the signal is very, very messy. Now when we wanted to do it at scale, we partnered with an Israeli startup called Play Sense, who aggregate mobile phone data. So we used mobile footfall data to measure how many people visit a store. So it actually is a combination of three main data sources to get to the conversion rate. One, as I mentioned, the mobile footfall data, the second one is building footprints, actual outlines of buildings that we source from the cadastral agency that we need to use it to cut out the footfall data to get the visitors. And the third one, of course, is sales that we get from the official car registration data. Then we combine those to have the key numbers. >> Is there a facial recognition involved in this? >> There's no facial recognition involved. >> So the tire kickers that come in and kick the tires and leave, but might come back. Is that factored in too, or? >> So there is a lot of pre-processing going on to really only get the signals from visitors. So filtering out people that maybe come into the store after hours, cleaning crews, people that come into the store every day, people that work there, they would be in the footfall data. So we applied some logic to identify exactly those people that are most likely actually visitors interested in buying a car >> Well everyone can relate to buying a car, obviously. I wanted you to step back and you mentioned scale. Can you scope the scale of the problem for us? How big is this observation space? What systems are involved? 'Cause when you say scale, I'm thinking all the dealerships in the aggregate. Or, is it by franchise or is it anonymous data? Can you scale the scope of this thing, or scope the scale? >> So we built this as a prototype for the German market and we used the top 10 car brands in Germany. They have around 10,000 car dealerships, for which we all have data. The actual mobile phone footprint data, it's a lot more. I think it was 30 million data points. >> Are you triangulating that? How does that mobile data work? Signal? >> So the mobile data is coming through apps. So mobile apps where you allow the app to track your location. >> Got it, okay. >> That gets anonymized and then you have these mobile data aggregators, like Play Sense. >> Got it, okay. >> That sell the data on. >> So you have to plug into a lot of systems? >> Yes. >> To make all this work. >> Yes and a lot of different data sources. >> And how easy is that? What's the challenge there? Is it cloud integration? How are you guys pulling this together? >> So we build it as a prototype initially, based on our own internal infrastructure, using basic Python and regular cloud infrastructure to process the data. >> All right, so I'm looking at my notes here. Data sets, you have a lot of data sets. What kind of analytics are you running on that? Can you share some examples? >> So I have to be careful since we filed a patent on this but a lot of the thing is actually in data processing, making sure that the data points we get are accurate and usable for this, and then differentiating between the different types of businesses that people are running. So there is on the one hand, you have the problem of outliers, basically filtering out when numbers don't make sense. On the other hand, there is a lot going on in the business itself. Like what do you do when a car dealership sells cars of multiple brands? You see only one visitor seeing cars of different brands but you see sales for two different types of brands. So this is just two examples of some of the processing that we had to implement to make this happen. >> So where can people find out information on this project? Or is it pretty much not public? Are you sharing anything publicly? >> So currently, we have held off the publication on this because we filed a patent on it. We're now about to go to market, building out a solution for the US as well, to then bring this to clients. >> What do you think about this show here at re:Mars? What's your assessment of the vibe? What's it like? Share with the folks who aren't here, what's your takeaway? >> It's really fun. It's really impressive. And it has a great, really inspiring vibe of cool innovative solutions. >> Yeah, you get the creative geniuses, you got the industrial geniuses, you got the software geniuses, all kind of coming together, and they're real people and they're here as a community. To me, the positive future vibe of this show, really is resonating in the keynotes and the energy. It's a forward thinking, positive message. And it's not marketing, this is the vibe. >> Exactly, I think it's something we really need at the moment. >> Yeah, we can solve all of the global problems by going to the moon and Mars. First the moon, then Mars. Who knows, maybe the breakthrough is there. >> People solve a lot of fundamental issues along the way that'll help in a lot of different areas as well. >> I wonder if I'll be alive when there's tourism in the moon. I was just joking with the folks earlier, "Oh yeah, I left that part on Earth, I have to go get it." Cause there's going to be a whole infrastructure there. Construction, all in good time. Okay, what's next for you guys? Tell me what's next on the project. You got a patent pending, so you're a little bit tight lipped and quiet on the secret sauce, I get that. What's next for the vision of the project? >> So this is just one example of how we can use this. Especially this footfall data set in an innovative way in the automotive industry. What we would like to look into is getting more details. Currently, we only see a single data point for a visitor. What would be interesting to understand, also, like the journey of visitors. Did they visit other car dealerships? Or, where are they from? What demographics do they come from? If you can tie that to a geographic location. And then on the business side as well, linking this for example, for companies to marketing campaigns. Does advertisement catch on? Do discounts catch on? Do they drive more people into the stores? Do they drive more sales? How does it affect conversion rate? Also, benchmark within the network, how different car dealerships are performing, how different brands are performing. And then eventually, everything is going to online. This can also be a foundation to set a baseline for online sales, which is still at the very early stages in the automotive industry. >> Yeah, I think there's a lot of reference implementations here for other applications, not just dealerships, all footfall traffic. That's interesting. The question I have for you, and the final question really before we wrap up, is the convergence of online, offline, physical, virtual. It's pretty clear we're living in a hybrid steady state right now, with all the post pandemic and the innovations pulled forward. So, having a device on me, IOT device or phone, will be a big part of things. So I'm buying online and I'm walking in, I'm one presence, virtually and physical. How do you guys see that around the corner? What's next there? Because I can see that coming together in my mind. >> It is. I mean, we can see it happen at Tesla. Tesla barely has any physical dealerships anymore, they have showrooms and do all the sales online. And I think that has a large impact on the industry at the moment. Driving the more traditional manufacturers also to think about what can be and what can be in a digital and online first world. >> Yeah, well this is happening. Well, Jens, thanks for coming on. I appreciate the commentary on re:Mars. Thanks for sharing your perspective and sharing about your project at Boston Consulting Group, also known as BCG. >> Thank you very much. >> Very reputable firm. Okay, that's the Cube coverage here at re:Mars. I'm John Furrier, your host. Two days of wall to wall coverage here. It's a great show. Machine learning, automation, robotics, and space, Mars. Of course, you got Reinvent, the big show, and at Reinforce, the security show. You got the space-software-robotics show, security. And then of course Reinvent is the big show. The Cube covers it, all three will be here. So keep watching here for more coverage. We'll be right back. (gentle inspiring music)

(upbeat music) >> The ascendancy of cloud and SAS has shown new light on how organizations think about, pay for, and value hardware. Once sought after skills for practitioners with expertise in hardware troubleshooting, configuring ports, tuning storage arrays, and maximizing server utilization has been superseded by demand for cloud architects, DevOps pros, developers with expertise in microservices, container, application development, and like. Even a company like Dell, the largest hardware company in enterprise tech touts that it has more software engineers than those working in hardware. Begs the question, is hardware going the way of Coball? Well, not likely. Software has to run on something, but the labor needed to deploy, and troubleshoot, and manage hardware infrastructure is shifting. At the same time, we've seen the value flow also shifting in hardware. Once a world dominated by X86 processors value is flowing to alternatives like Nvidia and arm based designs. Moreover, other componentry like NICs, accelerators, and storage controllers are becoming more advanced, integrated, and increasingly important. The question is, does it matter? And if so, why does it matter and to whom? What does it mean to customers, workloads, OEMs, and the broader society? Hello and welcome to this week's Wikibon theCUBE Insights powered by ETR. In this breaking analysis, we've organized a special power panel of industry analysts and experts to address the question, does hardware still matter? Allow me to introduce the panel. Bob O'Donnell is president and chief analyst at TECHnalysis Research. Zeus Kerravala is the founder and principal analyst at ZK Research. David Nicholson is a CTO and tech expert. Keith Townson is CEO and founder of CTO Advisor. And Marc Staimer is the chief dragon slayer at Dragon Slayer Consulting and oftentimes a Wikibon contributor. Guys, welcome to theCUBE. Thanks so much for spending some time here. >> Good to be here. >> Thanks. >> Thanks for having us. >> Okay before we get into it, I just want to bring up some data from ETR. This is a survey that ETR does every quarter. It's a survey of about 1200 to 1500 CIOs and IT buyers and I'm showing a subset of the taxonomy here. This XY axis and the vertical axis is something called net score. That's a measure of spending momentum. It's essentially the percentage of customers that are spending more on a particular area than those spending less. You subtract the lesses from the mores and you get a net score. Anything the horizontal axis is pervasion in the data set. Sometimes they call it market share. It's not like IDC market share. It's just the percentage of activity in the data set as a percentage of the total. That red 40% line, anything over that is considered highly elevated. And for the past, I don't know, eight to 12 quarters, the big four have been AI and machine learning, containers, RPA and cloud and cloud of course is very impressive because not only is it elevated in the vertical access, but you know it's very highly pervasive on the horizontal. So what I've done is highlighted in red that historical hardware sector. The server, the storage, the networking, and even PCs despite the work from home are depressed in relative terms. And of course, data center collocation services. Okay so you're seeing obviously hardware is not... People don't have the spending momentum today that they used to. They've got other priorities, et cetera, but I want to start and go kind of around the horn with each of you, what is the number one trend that each of you sees in hardware and why does it matter? Bob O'Donnell, can you please start us off? >> Sure Dave, so look, I mean, hardware is incredibly important and one comment first I'll make on that slide is let's not forget that hardware, even though it may not be growing, the amount of money spent on hardware continues to be very, very high. It's just a little bit more stable. It's not as subject to big jumps as we see certainly in other software areas. But look, the important thing that's happening in hardware is the diversification of the types of chip architectures we're seeing and how and where they're being deployed, right? You refer to this in your opening. We've moved from a world of x86 CPUs from Intel and AMD to things like obviously GPUs, DPUs. We've got VPU for, you know, computer vision processing. We've got AI-dedicated accelerators, we've got all kinds of other network acceleration tools and AI-powered tools. There's an incredible diversification of these chip architectures and that's been happening for a while but now we're seeing them more widely deployed and it's being done that way because workloads are evolving. The kinds of workloads that we're seeing in some of these software areas require different types of compute engines than traditionally we've had. The other thing is (coughs), excuse me, the power requirements based on where geographically that compute happens is also evolving. This whole notion of the edge, which I'm sure we'll get into a little bit more detail later is driven by the fact that where the compute actually sits closer to in theory the edge and where edge devices are, depending on your definition, changes the power requirements. It changes the kind of connectivity that connects the applications to those edge devices and those applications. So all of those things are being impacted by this growing diversity in chip architectures. And that's a very long-term trend that I think we're going to continue to see play out through this decade and well into the 2030s as well. >> Excellent, great, great points. Thank you, Bob. Zeus up next, please. >> Yeah, and I think the other thing when you look at this chart to remember too is, you know, through the pandemic and the work from home period a lot of companies did put their office modernization projects on hold and you heard that echoed, you know, from really all the network manufacturers anyways. They always had projects underway to upgrade networks. They put 'em on hold. Now that people are starting to come back to the office, they're looking at that now. So we might see some change there, but Bob's right. The size of those market are quite a bit different. I think the other big trend here is the hardware companies, at least in the areas that I look at networking are understanding now that it's a combination of hardware and software and silicon that works together that creates that optimum type of performance and experience, right? So some things are best done in silicon. Some like data forwarding and things like that. Historically when you look at the way network devices were built, you did everything in hardware. You configured in hardware, they did all the data for you, and did all the management. And that's been decoupled now. So more and more of the control element has been placed in software. A lot of the high-performance things, encryption, and as I mentioned, data forwarding, packet analysis, stuff like that is still done in hardware, but not everything is done in hardware. And so it's a combination of the two. I think, for the people that work with the equipment as well, there's been more shift to understanding how to work with software. And this is a mistake I think the industry made for a while is we had everybody convinced they had to become a programmer. It's really more a software power user. Can you pull things out of software? Can you through API calls and things like that. But I think the big frame here is, David, it's a combination of hardware, software working together that really make a difference. And you know how much you invest in hardware versus software kind of depends on the performance requirements you have. And I'll talk about that later but that's really the big shift that's happened here. It's the vendors that figured out how to optimize performance by leveraging the best of all of those. >> Excellent. You guys both brought up some really good themes that we can tap into Dave Nicholson, please. >> Yeah, so just kind of picking up where Bob started off. Not only are we seeing the rise of a variety of CPU designs, but I think increasingly the connectivity that's involved from a hardware perspective, from a kind of a server or service design perspective has become increasingly important. I think we'll get a chance to look at this in more depth a little bit later but when you look at what happens on the motherboard, you know we're not in so much a CPU-centric world anymore. Various application environments have various demands and you can meet them by using a variety of components. And it's extremely significant when you start looking down at the component level. It's really important that you optimize around those components. So I guess my summary would be, I think we are moving out of the CPU-centric hardware model into more of a connectivity-centric model. We can talk more about that later. >> Yeah, great. And thank you, David, and Keith Townsend I really interested in your perspectives on this. I mean, for years you worked in a data center surrounded by hardware. Now that we have the software defined data center, please chime in here. >> Well, you know, I'm going to dig deeper into that software-defined data center nature of what's happening with hardware. Hardware is meeting software infrastructure as code is a thing. What does that code look like? We're still trying to figure out but servicing up these capabilities that the previous analysts have brought up, how do I ensure that I can get the level of services needed for the applications that I need? Whether they're legacy, traditional data center, workloads, AI ML, workloads, workloads at the edge. How do I codify that and consume that as a service? And hardware vendors are figuring this out. HPE, the big push into GreenLake as a service. Dale now with Apex taking what we need, these bare bone components, moving it forward with DDR five, six CXL, et cetera, and surfacing that as cold or as services. This is a very tough problem. As we transition from consuming a hardware-based configuration to this infrastructure as cold paradigm shift. >> Yeah, programmable infrastructure, really attacking that sort of labor discussion that we were having earlier, okay. Last but not least Marc Staimer, please. >> Thanks, Dave. My peers raised really good points. I agree with most of them, but I'm going to disagree with the title of this session, which is, does hardware matter? It absolutely matters. You can't run software on the air. You can't run it in an ephemeral cloud, although there's the technical cloud and that's a different issue. The cloud is kind of changed everything. And from a market perspective in the 40 plus years I've been in this business, I've seen this perception that hardware has to go down in price every year. And part of that was driven by Moore's law. And we're coming to, let's say a lag or an end, depending on who you talk to Moore's law. So we're not doubling our transistors every 18 to 24 months in a chip and as a result of that, there's been a higher emphasis on software. From a market perception, there's no penalty. They don't put the same pressure on software from the market to reduce the cost every year that they do on hardware, which kind of bass ackwards when you think about it. Hardware costs are fixed. Software costs tend to be very low. It's kind of a weird thing that we do in the market. And what's changing is we're now starting to treat hardware like software from an OPEX versus CapEx perspective. So yes, hardware matters. And we'll talk about that more in length. >> You know, I want to follow up on that. And I wonder if you guys have a thought on this, Bob O'Donnell, you and I have talked about this a little bit. Marc, you just pointed out that Moore's laws could have waning. Pat Gelsinger recently at their investor meeting said that he promised that Moore's law is alive and well. And the point I made in breaking analysis was okay, great. You know, Pat said, doubling transistors every 18 to 24 months, let's say that Intel can do that. Even though we know it's waning somewhat. Look at the M1 Ultra from Apple (chuckles). In about 15 months increased transistor density on their package by 6X. So to your earlier point, Bob, we have this sort of these alternative processors that are really changing things. And to Dave Nicholson's point, there's a whole lot of supporting components as well. Do you have a comment on that, Bob? >> Yeah, I mean, it's a great point, Dave. And one thing to bear in mind as well, not only are we seeing a diversity of these different chip architectures and different types of components as a number of us have raised the other big point and I think it was Keith that mentioned it. CXL and interconnect on the chip itself is dramatically changing it. And a lot of the more interesting advances that are going to continue to drive Moore's law forward in terms of the way we think about performance, if perhaps not number of transistors per se, is the interconnects that become available. You're seeing the development of chiplets or tiles, people use different names, but the idea is you can have different components being put together eventually in sort of a Lego block style. And what that's also going to allow, not only is that going to give interesting performance possibilities 'cause of the faster interconnect. So you can share, have shared memory between things which for big workloads like AI, huge data sets can make a huge difference in terms of how you talk to memory over a network connection, for example, but not only that you're going to see more diversity in the types of solutions that can be built. So we're going to see even more choices in hardware from a silicon perspective because you'll be able to piece together different elements. And oh, by the way, the other benefit of that is we've reached a point in chip architectures where not everything benefits from being smaller. We've been so focused and so obsessed when it comes to Moore's law, to the size of each individual transistor and yes, for certain architecture types, CPUs and GPUs in particular, that's absolutely true, but we've already hit the point where things like RF for 5g and wifi and other wireless technologies and a whole bunch of other things actually don't get any better with a smaller transistor size. They actually get worse. So the beauty of these chiplet architectures is you could actually combine different chip manufacturing sizes. You know you hear about four nanometer and five nanometer along with 14 nanometer on a single chip, each one optimized for its specific application yet together, they can give you the best of all worlds. And so we're just at the very beginning of that era, which I think is going to drive a ton of innovation. Again, gets back to my comment about different types of devices located geographically different places at the edge, in the data center, you know, in a private cloud versus a public cloud. All of those things are going to be impacted and there'll be a lot more options because of this silicon diversity and this interconnect diversity that we're just starting to see. >> Yeah, David. David Nicholson's got a graphic on that. They're going to show later. Before we do that, I want to introduce some data. I actually want to ask Keith to comment on this before we, you know, go on. This next slide is some data from ETR that shows the percent of customers that cited difficulty procuring hardware. And you can see the red is they had significant issues and it's most pronounced in laptops and networking hardware on the far right-hand side, but virtually all categories, firewalls, peripheral servers, storage are having moderately difficult procurement issues. That's the sort of pinkish or significant challenges. So Keith, I mean, what are you seeing with your customers in the hardware supply chains and bottlenecks? And you know we're seeing it with automobiles and appliances but so it goes beyond IT. The semiconductor, you know, challenges. What's been the impact on the buyer community and society and do you have any sense as to when it will subside? >> You know, I was just asked this question yesterday and I'm feeling the pain. People question, kind of a side project within the CTO advisor, we built a hybrid infrastructure, traditional IT data center that we're walking with the traditional customer and modernizing that data center. So it was, you know, kind of a snapshot of time in 2016, 2017, 10 gigabit, ARISTA switches, some older Dell's 730 XD switches, you know, speeds and feeds. And we said we would modern that with the latest Intel stack and connected to the public cloud and then the pandemic hit and we are experiencing a lot of the same challenges. I thought we'd easily migrate from 10 gig networking to 25 gig networking path that customers are going on. The 10 gig network switches that I bought used are now double the price because you can't get legacy 10 gig network switches because all of the manufacturers are focusing on the more profitable 25 gig for capacity, even the 25 gig switches. And we're focused on networking right now. It's hard to procure. We're talking about nine to 12 months or more lead time. So we're seeing customers adjust by adopting cloud. But if you remember early on in the pandemic, Microsoft Azure kind of gated customers that didn't have a capacity agreement. So customers are keeping an eye on that. There's a desire to abstract away from the underlying vendor to be able to control or provision your IT services in a way that we do with VMware VP or some other virtualization technology where it doesn't matter who can get me the hardware, they can just get me the hardware because it's critically impacting projects and timelines. >> So that's a great setup Zeus for you with Keith mentioned the earlier the software-defined data center with software-defined networking and cloud. Do you see a day where networking hardware is monetized and it's all about the software, or are we there already? >> No, we're not there already. And I don't see that really happening any time in the near future. I do think it's changed though. And just to be clear, I mean, when you look at that data, this is saying customers have had problems procuring the equipment, right? And there's not a network vendor out there. I've talked to Norman Rice at Extreme, and I've talked to the folks at Cisco and ARISTA about this. They all said they could have had blowout quarters had they had the inventory to ship. So it's not like customers aren't buying this anymore. Right? I do think though, when it comes to networking network has certainly changed some because there's a lot more controls as I mentioned before that you can do in software. And I think the customers need to start thinking about the types of hardware they buy and you know, where they're going to use it and, you know, what its purpose is. Because I've talked to customers that have tried to run software and commodity hardware and where the performance requirements are very high and it's bogged down, right? It just doesn't have the horsepower to run it. And, you know, even when you do that, you have to start thinking of the components you use. The NICs you buy. And I've talked to customers that have simply just gone through the process replacing a NIC card and a commodity box and had some performance problems and, you know, things like that. So if agility is more important than performance, then by all means try running software on commodity hardware. I think that works in some cases. If performance though is more important, that's when you need that kind of turnkey hardware system. And I've actually seen more and more customers reverting back to that model. In fact, when you talk to even some startups I think today about when they come to market, they're delivering things more on appliances because that's what customers want. And so there's this kind of app pivot this pendulum of agility and performance. And if performance absolutely matters, that's when you do need to buy these kind of turnkey, prebuilt hardware systems. If agility matters more, that's when you can go more to software, but the underlying hardware still does matter. So I think, you know, will we ever have a day where you can just run it on whatever hardware? Maybe but I'll long be retired by that point. So I don't care. >> Well, you bring up a good point Zeus. And I remember the early days of cloud, the narrative was, oh, the cloud vendors. They don't use EMC storage, they just run on commodity storage. And then of course, low and behold, you know, they've trot out James Hamilton to talk about all the custom hardware that they were building. And you saw Google and Microsoft follow suit. >> Well, (indistinct) been falling for this forever. Right? And I mean, all the way back to the turn of the century, we were calling for the commodity of hardware. And it's never really happened because you can still drive. As long as you can drive innovation into it, customers will always lean towards the innovation cycles 'cause they get more features faster and things. And so the vendors have done a good job of keeping that cycle up but it'll be a long time before. >> Yeah, and that's why you see companies like Pure Storage. A storage company has 69% gross margins. All right. I want to go jump ahead. We're going to bring up the slide four. I want to go back to something that Bob O'Donnell was talking about, the sort of supporting act. The diversity of silicon and we've marched to the cadence of Moore's law for decades. You know, we asked, you know, is Moore's law dead? We say it's moderating. Dave Nicholson. You want to talk about those supporting components. And you shared with us a slide that shift. You call it a shift from a processor-centric world to a connect-centric world. What do you mean by that? And let's bring up slide four and you can talk to that. >> Yeah, yeah. So first, I want to echo this sentiment that the question does hardware matter is sort of the answer is of course it matters. Maybe the real question should be, should you care about it? And the answer to that is it depends who you are. If you're an end user using an application on your mobile device, maybe you don't care how the architecture is put together. You just care that the service is delivered but as you back away from that and you get closer and closer to the source, someone needs to care about the hardware and it should matter. Why? Because essentially what hardware is doing is it's consuming electricity and dollars and the more efficiently you can configure hardware, the more bang you're going to get for your buck. So it's not only a quantitative question in terms of how much can you deliver? But it also ends up being a qualitative change as capabilities allow for things we couldn't do before, because we just didn't have the aggregate horsepower to do it. So this chart actually comes out of some performance tests that were done. So it happens to be Dell servers with Broadcom components. And the point here was to peel back, you know, peel off the top of the server and look at what's in that server, starting with, you know, the PCI interconnect. So PCIE gen three, gen four, moving forward. What are the effects on from an interconnect versus on performance application performance, translating into new orders per minute, processed per dollar, et cetera, et cetera? If you look at the advances in CPU architecture mapped against the advances in interconnect and storage subsystem performance, you can see that CPU architecture is sort of lagging behind in a way. And Bob mentioned this idea of tiling and all of the different ways to get around that. When we do performance testing, we can actually peg CPUs, just running the performance tests without any actual database environments working. So right now we're at this sort of imbalance point where you have to make sure you design things properly to get the most bang per kilowatt hour of power per dollar input. So the key thing here what this is highlighting is just as a very specific example, you take a card that's designed as a gen three PCIE device, and you plug it into a gen four slot. Now the card is the bottleneck. You plug a gen four card into a gen four slot. Now the gen four slot is the bottleneck. So we're constantly chasing these bottlenecks. Someone has to be focused on that from an architectural perspective, it's critically important. So there's no question that it matters. But of course, various people in this food chain won't care where it comes from. I guess a good analogy might be, where does our food come from? If I get a steak, it's a pink thing wrapped in plastic, right? Well, there are a lot of inputs that a lot of people have to care about to get that to me. Do I care about all of those things? No. Are they important? They're critically important. >> So, okay. So all I want to get to the, okay. So what does this all mean to customers? And so what I'm hearing from you is to balance a system it's becoming, you know, more complicated. And I kind of been waiting for this day for a long time, because as we all know the bottleneck was always the spinning disc, the last mechanical. So people who wrote software knew that when they were doing it right, the disc had to go and do stuff. And so they were doing other things in the software. And now with all these new interconnects and flash and things like you could do atomic rights. And so that opens up new software possibilities and combine that with alternative processes. But what's the so what on this to the customer and the application impact? Can anybody address that? >> Yeah, let me address that for a moment. I want to leverage some of the things that Bob said, Keith said, Zeus said, and David said, yeah. So I'm a bit of a contrarian in some of this. For example, on the chip side. As the chips get smaller, 14 nanometer, 10 nanometer, five nanometer, soon three nanometer, we talk about more cores, but the biggest problem on the chip is the interconnect from the chip 'cause the wires get smaller. People don't realize in 2004 the latency on those wires in the chips was 80 picoseconds. Today it's 1300 picoseconds. That's on the chip. This is why they're not getting faster. So we maybe getting a little bit slowing down in Moore's law. But even as we kind of conquer that you still have the interconnect problem and the interconnect problem goes beyond the chip. It goes within the system, composable architectures. It goes to the point where Keith made, ultimately you need a hybrid because what we're seeing, what I'm seeing and I'm talking to customers, the biggest issue they have is moving data. Whether it be in a chip, in a system, in a data center, between data centers, moving data is now the biggest gating item in performance. So if you want to move it from, let's say your transactional database to your machine learning, it's the bottleneck, it's moving the data. And so when you look at it from a distributed environment, now you've got to move the compute to the data. The only way to get around these bottlenecks today is to spend less time in trying to move the data and more time in taking the compute, the software, running on hardware closer to the data. Go ahead. >> So is this what you mean when Nicholson was talking about a shift from a processor centric world to a connectivity centric world? You're talking about moving the bits across all the different components, not having the processor you're saying is essentially becoming the bottleneck or the memory, I guess. >> Well, that's one of them and there's a lot of different bottlenecks, but it's the data movement itself. It's moving away from, wait, why do we need to move the data? Can we move the compute, the processing closer to the data? Because if we keep them separate and this has been a trend now where people are moving processing away from it. It's like the edge. I think it was Zeus or David. You were talking about the edge earlier. As you look at the edge, who defines the edge, right? Is the edge a closet or is it a sensor? If it's a sensor, how do you do AI at the edge? When you don't have enough power, you don't have enough computable. People were inventing chips to do that. To do all that at the edge, to do AI within the sensor, instead of moving the data to a data center or a cloud to do the processing. Because the lag in latency is always limited by speed of light. How fast can you move the electrons? And all this interconnecting, all the processing, and all the improvement we're seeing in the PCIE bus from three, to four, to five, to CXL, to a higher bandwidth on the network. And that's all great but none of that deals with the speed of light latency. And that's an-- Go ahead. >> You know Marc, no, I just want to just because what you're referring to could be looked at at a macro level, which I think is what you're describing. You can also look at it at a more micro level from a systems design perspective, right? I'm going to be the resident knuckle dragging hardware guy on the panel today. But it's exactly right. You moving compute closer to data includes concepts like peripheral cards that have built in intelligence, right? So again, in some of this testing that I'm referring to, we saw dramatic improvements when you basically took the horsepower instead of using the CPU horsepower for the like IO. Now you have essentially offload engines in the form of storage controllers, rate controllers, of course, for ethernet NICs, smart NICs. And so when you can have these sort of offload engines and we've gone through these waves over time. People think, well, wait a minute, raid controller and NVMe? You know, flash storage devices. Does that make sense? It turns out it does. Why? Because you're actually at a micro level doing exactly what you're referring to. You're bringing compute closer to the data. Now, closer to the data meaning closer to the data storage subsystem. It doesn't solve the macro issue that you're referring to but it is important. Again, going back to this idea of system design optimization, always chasing the bottleneck, plugging the holes. Someone needs to do that in this value chain in order to get the best value for every kilowatt hour of power and every dollar. >> Yeah. >> Well this whole drive performance has created some really interesting architectural designs, right? Like Nickelson, the rise of the DPU right? Brings more processing power into systems that already had a lot of processing power. There's also been some really interesting, you know, kind of innovation in the area of systems architecture too. If you look at the way Nvidia goes to market, their drive kit is a prebuilt piece of hardware, you know, optimized for self-driving cars, right? They partnered with Pure Storage and ARISTA to build that AI-ready infrastructure. I remember when I talked to Charlie Giancarlo, the CEO of Pure about when the three companies rolled that out. He said, "Look, if you're going to do AI, "you need good store. "You need fast storage, fast processor and fast network." And so for customers to be able to put that together themselves was very, very difficult. There's a lot of software that needs tuning as well. So the three companies partner together to create a fully integrated turnkey hardware system with a bunch of optimized software that runs on it. And so in that case, in some ways the hardware was leading the software innovation. And so, the variety of different architectures we have today around hardware has really exploded. And I think it, part of the what Bob brought up at the beginning about the different chip design. >> Yeah, Bob talked about that earlier. Bob, I mean, most AI today is modeling, you know, and a lot of that's done in the cloud and it looks from my standpoint anyway that the future is going to be a lot of AI inferencing at the edge. And that's a radically different architecture, Bob, isn't it? >> It is, it's a completely different architecture. And just to follow up on a couple points, excellent conversation guys. Dave talked about system architecture and really this that's what this boils down to, right? But it's looking at architecture at every level. I was talking about the individual different components the new interconnect methods. There's this new thing called UCIE universal connection. I forget what it stands answer for, but it's a mechanism for doing chiplet architectures, but then again, you have to take it up to the system level, 'cause it's all fine and good. If you have this SOC that's tuned and optimized, but it has to talk to the rest of the system. And that's where you see other issues. And you've seen things like CXL and other interconnect standards, you know, and nobody likes to talk about interconnect 'cause it's really wonky and really technical and not that sexy, but at the end of the day it's incredibly important exactly. To the other points that were being raised like mark raised, for example, about getting that compute closer to where the data is and that's where again, a diversity of chip architectures help and exactly to your last comment there Dave, putting that ability in an edge device is really at the cutting edge of what we're seeing on a semiconductor design and the ability to, for example, maybe it's an FPGA, maybe it's a dedicated AI chip. It's another kind of chip architecture that's being created to do that inferencing on the edge. Because again, it's that the cost and the challenges of moving lots of data, whether it be from say a smartphone to a cloud-based application or whether it be from a private network to a cloud or any other kinds of permutations we can think of really matters. And the other thing is we're tackling bigger problems. So architecturally, not even just architecturally within a system, but when we think about DPUs and the sort of the east west data center movement conversation that we hear Nvidia and others talk about, it's about combining multiple sets of these systems to function together more efficiently again with even bigger sets of data. So really is about tackling where the processing is needed, having the interconnect and the ability to get where the data you need to the right place at the right time. And because those needs are diversifying, we're just going to continue to see an explosion of different choices and options, which is going to make hardware even more essential I would argue than it is today. And so I think what we're going to see not only does hardware matter, it's going to matter even more in the future than it does now. >> Great, yeah. Great discussion, guys. I want to bring Keith back into the conversation here. Keith, if your main expertise in tech is provisioning LUNs, you probably you want to look for another job. So maybe clearly hardware matters, but with software defined everything, do people with hardware expertise matter outside of for instance, component manufacturers or cloud companies? I mean, VMware certainly changed the dynamic in servers. Dell just spun off its most profitable asset and VMware. So it obviously thinks hardware can stand alone. How does an enterprise architect view the shift to software defined hyperscale cloud and how do you see the shifting demand for skills in enterprise IT? >> So I love the question and I'll take a different view of it. If you're a data analyst and your primary value add is that you do ETL transformation, talk to a CDO, a chief data officer over midsize bank a little bit ago. He said 80% of his data scientists' time is done on ETL. Super not value ad. He wants his data scientists to do data science work. Chances are if your only value is that you do LUN provisioning, then you probably don't have a job now. The technologies have gotten much more intelligent. As infrastructure pros, we want to give infrastructure pros the opportunities to shine and I think the software defined nature and the automation that we're seeing vendors undertake, whether it's Dell, HP, Lenovo take your pick that Pure Storage, NetApp that are doing the automation and the ML needed so that these practitioners don't spend 80% of their time doing LUN provisioning and focusing on their true expertise, which is ensuring that data is stored. Data is retrievable, data's protected, et cetera. I think the shift is to focus on that part of the job that you're ensuring no matter where the data's at, because as my data is spread across the enterprise hybrid different types, you know, Dave, you talk about the super cloud a lot. If my data is in the super cloud, protecting that data and securing that data becomes much more complicated when than when it was me just procuring or provisioning LUNs. So when you say, where should the shift be, or look be, you know, focusing on the real value, which is making sure that customers can access data, can recover data, can get data at performance levels that they need within the price point. They need to get at those datasets and where they need it. We talked a lot about where they need out. One last point about this interconnecting. I have this vision and I think we all do of composable infrastructure. This idea that scaled out does not solve every problem. The cloud can give me infinite scale out. Sometimes I just need a single OS with 64 terabytes of RAM and 204 GPUs or GPU instances that single OS does not exist today. And the opportunity is to create composable infrastructure so that we solve a lot of these problems that just simply don't scale out. >> You know, wow. So many interesting points there. I had just interviewed Zhamak Dehghani, who's the founder of Data Mesh last week. And she made a really interesting point. She said, "Think about, we have separate stacks. "We have an application stack and we have "a data pipeline stack and the transaction systems, "the transaction database, we extract data from that," to your point, "We ETL it in, you know, it takes forever. "And then we have this separate sort of data stack." If we're going to inject more intelligence and data and AI into applications, those two stacks, her contention is they have to come together. And when you think about, you know, super cloud bringing compute to data, that was what Haduck was supposed to be. It ended up all sort of going into a central location, but it's almost a rhetorical question. I mean, it seems that that necessitates new thinking around hardware architectures as it kind of everything's the edge. And the other point is to your point, Keith, it's really hard to secure that. So when you can think about offloads, right, you've heard the stats, you know, Nvidia talks about it. Broadcom talks about it that, you know, that 30%, 25 to 30% of the CPU cycles are wasted on doing things like storage offloads, or networking or security. It seems like maybe Zeus you have a comment on this. It seems like new architectures need to come other to support, you know, all of that stuff that Keith and I just dispute. >> Yeah, and by the way, I do want to Keith, the question you just asked. Keith, it's the point I made at the beginning too about engineers do need to be more software-centric, right? They do need to have better software skills. In fact, I remember talking to Cisco about this last year when they surveyed their engineer base, only about a third of 'em had ever made an API call, which you know that that kind of shows this big skillset change, you know, that has to come. But on the point of architectures, I think the big change here is edge because it brings in distributed compute models. Historically, when you think about compute, even with multi-cloud, we never really had multi-cloud. We'd use multiple centralized clouds, but compute was always centralized, right? It was in a branch office, in a data center, in a cloud. With edge what we creates is the rise of distributed computing where we'll have an application that actually accesses different resources and at different edge locations. And I think Marc, you were talking about this, like the edge could be in your IoT device. It could be your campus edge. It could be cellular edge, it could be your car, right? And so we need to start thinkin' about how our applications interact with all those different parts of that edge ecosystem, you know, to create a single experience. The consumer apps, a lot of consumer apps largely works that way. If you think of like app like Uber, right? It pulls in information from all kinds of different edge application, edge services. And, you know, it creates pretty cool experience. We're just starting to get to that point in the business world now. There's a lot of security implications and things like that, but I do think it drives more architectural decisions to be made about how I deploy what data where and where I do my processing, where I do my AI and things like that. It actually makes the world more complicated. In some ways we can do so much more with it, but I think it does drive us more towards turnkey systems, at least initially in order to, you know, ensure performance and security. >> Right. Marc, I wanted to go to you. You had indicated to me that you wanted to chat about this a little bit. You've written quite a bit about the integration of hardware and software. You know, we've watched Oracle's move from, you know, buying Sun and then basically using that in a highly differentiated approach. Engineered systems. What's your take on all that? I know you also have some thoughts on the shift from CapEx to OPEX chime in on that. >> Sure. When you look at it, there are advantages to having one vendor who has the software and hardware. They can synergistically make them work together that you can't do in a commodity basis. If you own the software and somebody else has the hardware, I'll give you an example would be Oracle. As you talked about with their exit data platform, they literally are leveraging microcode in the Intel chips. And now in AMD chips and all the way down to Optane, they make basically AMD database servers work with Optane memory PMM in their storage systems, not MVME, SSD PMM. I'm talking about the cards itself. So there are advantages you can take advantage of if you own the stack, as you were putting out earlier, Dave, of both the software and the hardware. Okay, that's great. But on the other side of that, that tends to give you better performance, but it tends to cost a little more. On the commodity side it costs less but you get less performance. What Zeus had said earlier, it depends where you're running your application. How much performance do you need? What kind of performance do you need? One of the things about moving to the edge and I'll get to the OPEX CapEx in a second. One of the issues about moving to the edge is what kind of processing do you need? If you're running in a CCTV camera on top of a traffic light, how much power do you have? How much cooling do you have that you can run this? And more importantly, do you have to take the data you're getting and move it somewhere else and get processed and the information is sent back? I mean, there are companies out there like Brain Chip that have developed AI chips that can run on the sensor without a CPU. Without any additional memory. So, I mean, there's innovation going on to deal with this question of data movement. There's companies out there like Tachyon that are combining GPUs, CPUs, and DPUs in a single chip. Think of it as super composable architecture. They're looking at being able to do more in less. On the OPEX and CapEx issue. >> Hold that thought, hold that thought on the OPEX CapEx, 'cause we're running out of time and maybe you can wrap on that. I just wanted to pick up on something you said about the integrated hardware software. I mean, other than the fact that, you know, Michael Dell unlocked whatever $40 billion for himself and Silverlake, I was always a fan of a spin in with VMware basically become the Oracle of hardware. Now I know it would've been a nightmare for the ecosystem and culturally, they probably would've had a VMware brain drain, but what does anybody have any thoughts on that as a sort of a thought exercise? I was always a fan of that on paper. >> I got to eat a little crow. I did not like the Dale VMware acquisition for the industry in general. And I think it hurt the industry in general, HPE, Cisco walked away a little bit from that VMware relationship. But when I talked to customers, they loved it. You know, I got to be honest. They absolutely loved the integration. The VxRail, VxRack solution exploded. Nutanix became kind of a afterthought when it came to competing. So that spin in, when we talk about the ability to innovate and the ability to create solutions that you just simply can't create because you don't have the full stack. Dell was well positioned to do that with a potential span in of VMware. >> Yeah, we're going to be-- Go ahead please. >> Yeah, in fact, I think you're right, Keith, it was terrible for the industry. Great for Dell. And I remember talking to Chad Sakac when he was running, you know, VCE, which became Rack and Rail, their ability to stay in lockstep with what VMware was doing. What was the number one workload running on hyperconverged forever? It was VMware. So their ability to remain in lockstep with VMware gave them a huge competitive advantage. And Dell came out of nowhere in, you know, the hyper-converged market and just started taking share because of that relationship. So, you know, this sort I guess it's, you know, from a Dell perspective I thought it gave them a pretty big advantage that they didn't really exploit across their other properties, right? Networking and service and things like they could have given the dominance that VMware had. From an industry perspective though, I do think it's better to have them be coupled. So. >> I agree. I mean, they could. I think they could have dominated in super cloud and maybe they would become the next Oracle where everybody hates 'em, but they kick ass. But guys. We got to wrap up here. And so what I'm going to ask you is I'm going to go and reverse the order this time, you know, big takeaways from this conversation today, which guys by the way, I can't thank you enough phenomenal insights, but big takeaways, any final thoughts, any research that you're working on that you want highlight or you know, what you look for in the future? Try to keep it brief. We'll go in reverse order. Maybe Marc, you could start us off please. >> Sure, on the research front, I'm working on a total cost of ownership of an integrated database analytics machine learning versus separate services. On the other aspect that I would wanted to chat about real quickly, OPEX versus CapEx, the cloud changed the market perception of hardware in the sense that you can use hardware or buy hardware like you do software. As you use it, pay for what you use in arrears. The good thing about that is you're only paying for what you use, period. You're not for what you don't use. I mean, it's compute time, everything else. The bad side about that is you have no predictability in your bill. It's elastic, but every user I've talked to says every month it's different. And from a budgeting perspective, it's very hard to set up your budget year to year and it's causing a lot of nightmares. So it's just something to be aware of. From a CapEx perspective, you have no more CapEx if you're using that kind of base system but you lose a certain amount of control as well. So ultimately that's some of the issues. But my biggest point, my biggest takeaway from this is the biggest issue right now that everybody I talk to in some shape or form it comes down to data movement whether it be ETLs that you talked about Keith or other aspects moving it between hybrid locations, moving it within a system, moving it within a chip. All those are key issues. >> Great, thank you. Okay, CTO advisor, give us your final thoughts. >> All right. Really, really great commentary. Again, I'm going to point back to us taking the walk that our customers are taking, which is trying to do this conversion of all primary data center to a hybrid of which I have this hard earned philosophy that enterprise IT is additive. When we add a service, we rarely subtract a service. So the landscape and service area what we support has to grow. So our research focuses on taking that walk. We are taking a monolithic application, decomposing that to containers, and putting that in a public cloud, and connecting that back private data center and telling that story and walking that walk with our customers. This has been a super enlightening panel. >> Yeah, thank you. Real, real different world coming. David Nicholson, please. >> You know, it really hearkens back to the beginning of the conversation. You talked about momentum in the direction of cloud. I'm sort of spending my time under the hood, getting grease under my fingernails, focusing on where still the lions share of spend will be in coming years, which is OnPrem. And then of course, obviously data center infrastructure for cloud but really diving under the covers and helping folks understand the ramifications of movement between generations of CPU architecture. I know we all know Sapphire Rapids pushed into the future. When's the next Intel release coming? Who knows? We think, you know, in 2023. There have been a lot of people standing by from a practitioner's standpoint asking, well, what do I do between now and then? Does it make sense to upgrade bits and pieces of hardware or go from a last generation to a current generation when we know the next generation is coming? And so I've been very, very focused on looking at how these connectivity components like rate controllers and NICs. I know it's not as sexy as talking about cloud but just how these opponents completely change the game and actually can justify movement from say a 14th-generation architecture to a 15th-generation architecture today, even though gen 16 is coming, let's say 12 months from now. So that's where I am. Keep my phone number in the Rolodex. I literally reference Rolodex intentionally because like I said, I'm in there under the hood and it's not as sexy. But yeah, so that's what I'm focused on Dave. >> Well, you know, to paraphrase it, maybe derivative paraphrase of, you know, Larry Ellison's rant on what is cloud? It's operating systems and databases, et cetera. Rate controllers and NICs live inside of clouds. All right. You know, one of the reasons I love working with you guys is 'cause have such a wide observation space and Zeus Kerravala you, of all people, you know you have your fingers in a lot of pies. So give us your final thoughts. >> Yeah, I'm not a propeller heady as my chip counterparts here. (all laugh) So, you know, I look at the world a little differently and a lot of my research I'm doing now is the impact that distributed computing has on customer employee experiences, right? You talk to every business and how the experiences they deliver to their customers is really differentiating how they go to market. And so they're looking at these different ways of feeding up data and analytics and things like that in different places. And I think this is going to have a really profound impact on enterprise IT architecture. We're putting more data, more compute in more places all the way down to like little micro edges and retailers and things like that. And so we need the variety. Historically, if you think back to when I was in IT you know, pre-Y2K, we didn't have a lot of choice in things, right? We had a server that was rack mount or standup, right? And there wasn't a whole lot of, you know, differences in choice. But today we can deploy, you know, these really high-performance compute systems on little blades inside servers or inside, you know, autonomous vehicles and things. I think the world from here gets... You know, just the choice of what we have and the way hardware and software works together is really going to, I think, change the world the way we do things. We're already seeing that, like I said, in the consumer world, right? There's so many things you can do from, you know, smart home perspective, you know, natural language processing, stuff like that. And it's starting to hit businesses now. So just wait and watch the next five years. >> Yeah, totally. The computing power at the edge is just going to be mind blowing. >> It's unbelievable what you can do at the edge. >> Yeah, yeah. Hey Z, I just want to say that we know you're not a propeller head and I for one would like to thank you for having your master's thesis hanging on the wall behind you 'cause we know that you studied basket weaving. >> I was actually a physics math major, so. >> Good man. Another math major. All right, Bob O'Donnell, you're going to bring us home. I mean, we've seen the importance of semiconductors and silicon in our everyday lives, but your last thoughts please. >> Sure and just to clarify, by the way I was a great books major and this was actually for my final paper. And so I was like philosophy and all that kind of stuff and literature but I still somehow got into tech. Look, it's been a great conversation and I want to pick up a little bit on a comment Zeus made, which is this it's the combination of the hardware and the software and coming together and the manner with which that needs to happen, I think is critically important. And the other thing is because of the diversity of the chip architectures and all those different pieces and elements, it's going to be how software tools evolve to adapt to that new world. So I look at things like what Intel's trying to do with oneAPI. You know, what Nvidia has done with CUDA. What other platform companies are trying to create tools that allow them to leverage the hardware, but also embrace the variety of hardware that is there. And so as those software development environments and software development tools evolve to take advantage of these new capabilities, that's going to open up a lot of interesting opportunities that can leverage all these new chip architectures. That can leverage all these new interconnects. That can leverage all these new system architectures and figure out ways to make that all happen, I think is going to be critically important. And then finally, I'll mention the research I'm actually currently working on is on private 5g and how companies are thinking about deploying private 5g and the potential for edge applications for that. So I'm doing a survey of several hundred us companies as we speak and really looking forward to getting that done in the next couple of weeks. >> Yeah, look forward to that. Guys, again, thank you so much. Outstanding conversation. Anybody going to be at Dell tech world in a couple of weeks? Bob's going to be there. Dave Nicholson. Well drinks on me and guys I really can't thank you enough for the insights and your participation today. Really appreciate it. Okay, and thank you for watching this special power panel episode of theCube Insights powered by ETR. Remember we publish each week on Siliconangle.com and wikibon.com. All these episodes they're available as podcasts. DM me or any of these guys. I'm at DVellante. You can email me at David.Vellante@siliconangle.com. Check out etr.ai for all the data. This is Dave Vellante. We'll see you next time. (upbeat music)

(soft bright music) (logo swooshing) (crowd murmuring) >> Hey everyone, welcome to Las Vegas! Lisa Martin here on the ground with theCUBE about Coupa Inspire 2022. And can you hear the buzz behind me? It is so great to be in person. Nick Banich joins me, the Chief Revenue Officer and Global Partnership Manager for the Coupa Alliance at Miebach Consulting. Nick, it's great to have you on the program. >> Thanks for having me, Lisa. First time here at Inspire and it's exciting. >> Is it exciting? It's great to see this room packed. >> It is! It feels, like, the pandemic is finally- >> It does. >> Maybe behind us. >> Right, fingers crossed. (Nick chuckles) So talk to us a little bit about Miebach Consulting and a little bit about the Coupa Partnership, so the audience gets that understanding of what you guys do. >> Yeah, guess, we're kind of new to the Coupa ecosystem. You could say, we came as part of the acquisition of LLamasoft. So Miebach is a supply chain focus, advisory, consultancy, engineering firm. So we have three different business lines. Supply chain strategy, where we do things like supply chain design and the Coupa platform, planning, inventory, engineering, automation studies, and distribution centers, with the labor crunch that we're facing right now. As well as we have a digital transformation group that works on getting the decision-making as a supply chain industry into the digital realm and away from Microsoft Excel. >> Let's talk about the digitization of the supply chain. You know, one of the things that we've seen in the last couple of years is this massive acceleration to digital because businesses in every industry had no choice. But where are, what are the current trends from a digital supply chain perspective? >> You know, I think the, kind of the integration of the compression of the decision-making cycle has really gotten companies to not look at strategic decisions then operational decisions and tactical decisions in execution. That all has to be compressed now with the volatility we've all been exposed to. I mean, basically, for the past 20 years, we took the supply chain and turned it into a Swiss watch. It was very long, very well orchestrated. But with the volatility, with labor issues, with the land war in Europe, this volatility and change is requiring companies to be much more adaptive. And they've had to compress that decision cycle down and the Coupa platform, certainly, from a supply chain standpoint, absolutely helps infuse that process to shorten time from question to answer and allow you to address strategic and tactical topics in parallel to one another and not kind of waterfall down over the decision making product. >> That's important, 'cause these days, there is no time for waterfalls. So let's unpack the Coupa supply chain design platform. Talk to me about it, what it does and how it is helping that acceleration? >> Yeah, so it's incredibly powerful. And what it allows you to do is create that digital representation. We can take a three dimensional world and put it into a two dimensional linear program. And within the same platform we can optimize strategically and take a look at end to end type of supply chain decisions, nearshoring, onshoring, supplier diversification, and risk aspects. We can look at it more operationally. We're actually looking at which manufacturing plans should make what? What distribution centers should serve what customers? How do I segment my products? How do I segment my customers? Then within the same modules, you can use and go to your inventory optimization, not only optimize inventory, but also simulate it, which gives you phenomenal power in a world where there is so much uncertainty. You can apply risk in those questions of what if, so you're ready. So that way, when the thing happens, you're not that scrambling to have analysts crunch Excel files to see what do you do to normalize inventory levels or normalize your supplier base. You're able to be more proactive with the predictive and prescriptive analytics that the full suite provides for you. >> That is essential. If that's one of the lessons we've learned in the last couple of years, not if, but when. >> Nick: Yes. >> Talk to me about customers that are using the platform. What are some of the, using it well. What are some of the things that they have in common? >> You know, I think the organizations that are implementing it well, look for it. They view it as a real platform. You know, historically, supply chain design, network optimization, was seen as a tool, and companies implement it as a tool. You purchase licenses, you assign a couple of people to work on it from your analytical department and you just went with it. This is a very powerful platform to completely revolutionize how you make decisions within your supply chain. And you need to approach it the same way you approach a new warehouse management system, a new planning platform, a new labor management system, the change management aspects, the organizational aspects, the education of stakeholders on what is this, demystifying it. So it's not a black box and everybody knows what it can and should do and how best to utilize it. So those organizations that view it as more than a distribution network tool, "Hey, where do I put my new warehouse? Hey, this lease is coming up in Central Europe. It's coming up in Ohio. Do I extend the lease? Do I need to move?" That's, like, a level zero maturity on our maturity graph. The very mature companies are using it and infusing it both strategically, operational, technically, and are using it for distribution decisions, transportation decisions around mode selection, production footprint decisions. You have the capability to have a digital twin. And by having, the other thing companies struggle with is, they just build one model. >> Uh-hmm. >> I start out, I buy the product. You know, I get it built in, I move everything to the cloud and then I do a distribution solve for the U.S. And then the European group says, "Hey, that was great. That was insightful. Can we do the same thing in Europe?" And you take that model and then you add Europe into it. And then the production group says, "Hey, you know, we're thinking about changing some of our make-buy decisions. Can you model what the effect would be on total cost if we did do some nearshoring?" And all of a sudden, you turn your one model that you had built for a specific purpose into this Christmas tree where everybody's hanging their ornaments. And what you really need to do is having a modeling strategy. What type, you should have a volume, a portfolio of models you can pull from and say, "Hey, here's our strategic end to end model. Hey, here's our tactical Asian production models. Hey, here's our total landed cost for top 15% of our customers." And having that set of models, so you have right models, the right questions. >> Uh-hmm. >> That's what the companies that are really scaling this and really excelling. And you'll notice a pattern. The companies that are excelling that have the Coupa platform, typically, you'll find them on list, like, Gartner's Top 25 and things along those lines. Because it is a very powerful platform when you unlock the art of the possible with it. >> Sounds, like, those are companies that are very innovative. But where does the company, that maybe isn't there yet? How do they start? 'Cause it sounds, like, there's a tremendous wealth of potential and opportunities that the technology can deliver. Do they have to start with executive buy-in? What do you see as kind of, like, some of those early steps? >> This is a change management exercise from the very beginning. So creating that sense of urgency, creating your powerful coalition. You have to start with that. If you view this as, "Hey, we're going to have a tool, we're going to use this once, and then our supply chain's fixed for the next 10 years." I mean, I think most leaders are realizing that those days are long gone. That supply chain design has to be a continual topic at the top levels. You know, supply chain is on the lips of every politician and every (chuckles) board member right now. So this is a wonderful moment for those supply chain leaders that have wanted to infuse a greater level of digital decision-making. This is the perfect opportunity. You can get buy-in, like, you never had before. Your CFO is probably analyzing labor inflation, fuel inflation rates, disruptions on supply base, and you're probably having to deal with more pressure out of the CFO and its department than you ever had to in the past. We see it with our clients. The pressure is on with those leaders. And this allows you to very quickly be much more holistic in that decision-making. You're not relying on how good was the analyst, that made this Excel file that told you to open up this plan, move this distribution center, serve this customer base in this way. It's not based on how that data looks and how good that analyst was, you're infusing an entire practice into your organization. >> That's critical, because every company these days is a data company. If they're not, they're not going to be around. It's about the ability to have visibility extract the value from the data to make those data-driven decisions, because we don't have time. We heard a lot about that from a real-time perspective and the keynote this morning that's table stakes run any organization. >> Yeah, and with the move of the platform to the cloud, as part of the Coupa ecosystem, with the DDM, with the rapid model builder, and all those things that come along with it, it will significantly squash the amount out of time you have from question to answer. Because the first time you do this, it probably takes four months. And of that four months to ask that question, and get an answer, build your model, you know, replicate the 3D world in that 2D environment. Over half of that time is spent on cleaning data, building the baseline model, aligning with finance, they peanut butter spread certain aspects of cost onto the onto SKUs and really getting correct cost allocations for A, B, and C SKUs. You spend half your time just playing around with your data to get the model to work right now. Once you add that model, next time, question and answer infinitely quicker. But you have to have a good data strategy. You have to have the right data architecture. If you don't have that specific to supply chain, leaders really need to get on that. Because what we see a lot of times is organizations will have an enterprise data strategy. >> Uh-hmm. >> And they're going to build a data warehouse or a data lake, you know, whatever, I'm a consultant, so I'm also guilty of the buzz words. But, we kind of call it the supply chain data plan. You don't need to wait for the whole enterprise to get ready to have all of your data sorted out in a single instance, homogenize. Start collecting that supply chain data, have a data strategy around it. So that way, you can start replicating these things then you can feed it back into the enterprise data strategy. But you have to get your data right. It's the old adage garbage in garbage out. >> Right. >> It's still true to this day. No matter how powerful the analytical tools are, we're infusing machine learning, artificial intelligence into some of the solves in the platform. But if you don't have that good data, you're going to struggle. So that's a key piece to it, getting that executive buy-in and having that right data strategy will set you on a much smoother path to success than if you don't do those things. >> Right, the data strategy is critical. If not, one of the biggest competitive differentiators these days. Where is the chief data officer, the chief digital officer, the chief information officer, in these conversations that Miebach is having with customers? >> Too often, not at the forefront enough. >> Lisa: Really? >> Those clients that have that group, have that organization, and they have influencing power, those programs go much quicker, much simpler. The rate of adoption, the scalability of the program. All of a sudden, you're not thinking about, "What am I going to do with one or two analysts interacting with the product?" You're now developing apps. You have your planners interfacing with it. You have capacity managers interacting with the digital model. Those that don't have that, do have much more impetus, because it's always the adage of, "Oh, IT, what do we do? And our data's a mess. We have this data program and our IT resources are super constrained." So you have to bring those people to the table. You have to have them part of the conversation, 'cause they can be an incredible enabler if you bring them and get them bought in. >> That's a great point of those enablers. And especially, given the fact that nobody has extra time to waste here. This is a, everything is so fast moving. You mentioned supply chain being on the lips of every politician. Everybody's lips, everybody's expecting some delivery that is delayed for whatever reason. >> I mean, 12 years ago when I started with the firm, and people, "Oh, what does the firm do?" I'm like, "Oh we're a global supply chain consultancy." And they're like, "What?" >> Yeah. (laughs) >> You know, now everybody knows. And they're like, "Oh, yeah!" It's amazing that the revolution, I mean, the pandemic has been incredibly unfortunate with all the hardships and deaths and everything and still dealing with hotspots and things. I think it did bring supply chain, supply chain was struggling for a while to get a seat at the table. Organizations started having chief supply chain officers. You know, that was a new thing not that long ago. This has brought table stakes to the supply chain organization. My challenge back to us is what do we do with this now? >> Right. >> For years, as an industry, we've asked to be at the table, we're here now, spotlight's on us. It's time for us to deliver. Things like the Coupa platform are an incredible enabler of that. But you got to get it right when you roll it out. >> The spotlight's on you, but there's also a skill shortage. Talk to me about that. I just saw you do a big sigh. How can Miebach and Coupa with this platform help to mitigate some of the supply chain skills gap that organizations in every industry are facing? >> You know, it really comes down to the human element and when people talk a lot about sustainability, they talk about environmental conditions. There's a human sustainability topic we have to cover. Nobody likes being assigned to be a data analyst on a transformational project. And you're crunching Excel spreadsheets and running it sequel coding. No, no, that's not an enjoyable fulfilling task for many people. >> Lisa: No. >> There are special people that it is, and God bless (chuckles) them. So with things, like, the apps, with things, like, building out, so that way, we can take the people that you do have and have them making decisions, driving discussions around the insights the platform's giving versus just crunching numbers and building models. This is where you're going to have a much higher retainment. People are going to be excited about the job. They're going to have fun at the job because you do see a turnover of organizations that don't get the data strategy right, that people don't like being in a supply chain center of excellence in perpetuity. Again, there are certain people that are, but a lot of times, once the people get this analytical insight to how strategically the design of the company is set up, business units will grab them and give them a significant role. And then you're continually churning and replacing your COE talent. So having a talent strategy for your COE and having a strategy of how you're going to leverage, you know, we're in a world where my first grader's are learning coding, right? Like, you need to have a data strategy. So that way, that becomes your people strategy as well. And too many times, people think, "Hey, I buy the platform. I need a project strategy. What are the projects we're going to do?" And not often enough, do they talk about the people element of it to really make this work. And it absolutely has to be part of the discussion as you're setting up your center of excellence, it's people, it's processes and it's technology. >> Absolutely! >> You got to bring those three together or you real struggle a bit. >> You do. And then change management is not an easy thing to do for anybody. But one of the things you talked about, this is the pandemic as an accelerator of getting the supply chain folks to the table, being able to accelerate, getting data into the hands of people that can actually take in clean insights and make decisions based on that. So if you look into a crystal ball, what's the future of supply chain design? Where is it going? >> I believe we're going to see a lot more of movement towards applications and infusing of artificial intelligence and machine learning. It's there. It's ready to go. What a lot of companies are lacking and it goes back to what we already talked about is the data piece of it. I mean, we have been developing algorithms in a machine learning environment for three, four years now. It goes back to garbage in, and garbage out. So I think it's going to be a big element of supply chain talent, securing that, figuring out with robotic product process automation and things like that. How do you take non-value added work so you can take the talent you do have and give them more fulfilling work? I think companies are going to need to have data strategies and all that unlocks applications and things. So you can democratize, right? You have this digital twin in the cloud. How many people within the organization cross-functionally have questions about the supply chain? >> Right. >> What if this happens? What if that happens? Hey, if we do this, what does it effect upstream downstream? >> Right. >> So once you build that cloud, develop the applications that allow the entire enterprise to interface with this digital representation to play around and see what the effect is to then make better, more informed, more holistic decisions, drive more conversational, cross functionally amongst leaders, and even below the top leadership level. I think this is really where we're going to go and the companies that don't just survive, but thrive in this new normal, whatever that's going to be, is going to be the companies that get that right. >> They have to embrace that. There's no doubt. >> Nick: Have to embrace it. >> Nick, it's been great having you on the program, talking about supply chain, what's going on there, the accelerators, but also the opportunities. Thank you so much for sharing your insights. >> I appreciate the opportunity. So it's been a great conversation. I look forward to the rest of the event! >> I agree. For Nick Banich, I'm Lisa Martin on the ground in Las Vegas at Coupa Inspire 2022. Stick around, I'll be back with my next guest shortly. (bright music)

>>Hi, everyone. Welcome to the cubes presentation of the AWS startup showcase the theme. This episode is data as code, and this is season two, episode two of the ongoing series covering exciting startups from the ecosystem in cloud and the future of data analytics. I'm your host, John furry. You're getting great featured panel here with AWS heroes, Lynn blankets, the CEO of Lindbergh Lega consulting, Peter Hanson's, founder of cloud Cedar and Alex debris, principal of debris advisory. Great to see all of you here and, uh, remotely and look forward to see you in person at the next re-invent or other event. >>Thanks for having us. >>So Lynn, you're doing a lot of work in healthcare, Peter you're in the middle of all the action as data as code Alex. You're in deep on the databases. We've got a good round up of, of topics here ranging from healthcare to getting under the hood on databases. So as we'll start with you, what are you working on right now? What trends do you see in the database space? >>Yeah, sure. So I do, uh, I do a lot of consulting work working with different people and, you know, often with, with dynamo DB or, or just general serverless technology type stuff. Um, if you want to talk about trends that I'm seeing right now, I would say trends you're seeing as a lot, just more serverless native databases or cloud native databases where you're seeing these cool databases come out that really take advantage of, uh, this new cloud environment, right? Where you have scalability, you have plasticity of the clouds. So you're not having, you know, instant space environments anymore. You're paying for capacity, you're paying for throughput. You're able to scale up and down. You're not managing individual instances. So a lot of cool stuff that we're seeing, you know, um, with this new generation of, of infrastructure and in particular database is taking advantage of this, this new cloud world >>And really lot deep into the database side in terms of like cloud native impact, diversity of database types, when to use certain databases that also a big deal. >>Yeah, absolutely. I like, I totally agree. I love seeing the different types of databases and, you know, AWS has this whole, uh, purpose-built database strategy. And I think that, that makes a lot of sense. Um, you know, I want to go too far with it. I would, I would more think about purpose-built categories and things like that, you know, specialize in an OLTB database within your, within your organization, whether that's dynamo DB or document DB or relational database Aurora or something like that. But then also choose some sort of analytics database, you know, if it's drew it or Redshift or Athena, and then, you know, if you have some specialized needs, you want to show some real time stuff to your users, check out rock site. If you want to, uh, you know, do some graph analytics, fraud detection, checkout tiger graph, a lot of cool stuff that we're seeing from the startup showcase here. >>Looking forward to unpacking that Lynn you've been in love now, a healthcare action with cloud ops, the pandemic pushes hard core on everybody. What are you working on? >>Yeah, it's all COVID data all the time. Uh, before the pandemic, I was supporting research groups for cancer genomics, which I still do, but, um, what's, uh, impactful is the explosive data volumes. You know, when you there's big data and there's genomic data, you know, I've worked with clients that have broken data centers, broken public cloud provider data centers because of the daily volume they're putting in. So there's this volume aspect. And then there's a collaboration, particularly around COVID research because of pandemic. And so you have this explosive volume, you have this, um, need for, uh, computational complexity. And that means cloud the challenge is it, you know, put the pedal to the metal. So you've got all these bioinformatics researchers that are used to single machine. Suddenly they have to deal with distributed compute. So it's a wild time to be in this space. >>What was the big change that you've seen with the, uh, the pandemic and in genomic cloud genomic specifically what's the big change has happened. >>The amount of data that is being put into the public cloud, um, previously people would have their data on their local, uh, capacity, and then they would publish their paper and the data may or may not become available for, uh, reproducing the research, uh, to accelerate for drug discovery and even variant identification. The data sets are being pushed to public cloud repositories, which is a whole new set of concerns. You have not only dealing with the volume and cost, but security, you know, there's federated security is non-trivial and not well understood by this domain. So there's so much work available here. >>Awesome. Peter, you're doing a lot with the data as a platform kind of view and platform engineering data as code is, is something that's being kicked around. What are you working on and how does platform engineering change as data becomes so much more prevalent in its value proposition? >>Yeah. So I'm the founder of cloud Cedar and, um, we sort of built this company out, this consultancy all around the challenges that a lot of companies have got with getting their data sorted, getting it organized, getting it ready for other use cases, such as analytics and machine learning, um, AI workloads and the like. So typically a platform engineering team will look after the organization of a company infrastructure, making sure that it's coherent across the company and a data platform, engineering teams doing something similar in that sense where they're, they're looking at making sure that, uh, data teams have a solid foundation to build upon, uh, that everything's quite predictable and what that enables is a faster velocity and the ability to use data as code as a way of specifying and onboarding data, building that, translating it, transforming it out into its specific domains and then on to data products. >>I have to ask you while you're here. Um, there's a big trend around data meshes right now. You're hearing, we've had a lot of stuff on the cube. Um, what are practical that people are using data mesh, first of all, is it relevant and how are people looking at this data mesh conversation? >>I think it becomes more and more relevant, uh, the bigger the organization that you're dealing with. So, you know, often times in the enterprise, you've got, uh, projects with timelines of five to 10 years often outlasting technology life cycles. The technology that you're building on is probably irrelevant by the time that you complete it. And what we're seeing is that data engineering teams and data teams more broadly, this organizational bottleneck and data mesh is all about, uh, breaking down that, um, bottleneck and decentralizing the work, shifting that work back onto, uh, development teams who oftentimes have got more of the context and a centralized data engineering team. And we're seeing a lot of, uh, Philocity increases as a result of that. >>It's interesting. There's so many different aspects of how data is changing the world. Lynn talks about the volume with the cloud and genomics. We're hearing data engineering at a platform level. You're talking about slicing and dicing and real-time information. You mentioned rock set, Alex. So I'd like to ask each of you to answer this next question, which is how has the team dynamics changed with data engineering because every single company's impacted. So if you're researchers, Lynn, you're pumping more data into the cloud, that's got a little bit of data engineering to it. Do they even understand that is that impacting them? So how has data changed the responsibilities or roles in this new emerging area of data engineering or whatever you want to call it? Lynn, we'll start with you. What do you, what do you see this impact? >>Well, you know, I mean, dev ops becomes data ops and ML ops and, uh, you know, this is a whole emergent area of work and it starts with an understanding of container technologies, which, you know, in different verticals like FinTech, that's a given, right, but in bioinformatics building an appropriately optimized Docker container is something I'm still working with customers now on because they have the concept of a Docker container is just a virtual machine, which obviously it isn't, or shouldn't be. So, um, you have, again, as I mentioned previously, this humongous skill gap, um, concepts like D, which are prevalent in ad tech FinTech, that's not available yet for most of my customers. So those are the things that I'm building. So the whole ops space is, um, this a wide open area. And really it's a question of practicality. Um, you know, I have, uh, a lot of experience with data lakes and, you know, containerizing and using the data lake platform. But a lot of my customers are going to move to like an interim pass based solutions. If they're using spark, for example, they might use to use a managed spark solution as an interim, um, step up to the cloud before they build their own containers. Because the amount of knowledge to do that effectively is non-trivial >>Peter, you mentioned data, you mentioned data lakes, onboarding data into lake house architectures, for instance, something that you're familiar with. Um, this is not obvious to some verticals obvious to others. What do you see this data engineering impact from a personnel standpoint? And then ultimately how things get built, >>You know, are you directing that to me, >>Peter? >>Yeah. So I think, um, first and foremost, you know, the workload that data engineering teams are dealing with is ever increasing. Usually there's a 10 X ratio of, um, software engineers to data engineers within a business and usually double the amount of analysts to data engineers again. And so they're, they're fighting it ever increasing backload. And, uh, so they're fighting an ever increasing backlog of, of, uh, tasks to do and tickets to, to, to churn through. And so what we're seeing is that data engineering teams are becoming data platform engineering teams where they're building capability instead of constantly hamster wheels spinning if you will. And so with that in mind, with onboarding data into, uh, a Lakehouse architecture or a data lake where data engineering teams, uh, uh, getting wins is developing a very good baseline of structure where they're getting the categorization, the data tagging, whether this data is of a particular domain, does it contain some, um, PII data, for instance, uh, and, and, and, and then the security aspects, and also, you know, the mechanisms on which to do the data transformations, >>Alex, on the database side, those are known personas in an enterprise, a them, the database team, but now the scale is so big. Um, and there's so much going on in databases. How does the data engineering impact organizations from your standpoint? >>Yeah, absolutely. I think definitely, you know, gone are the days where you have a single relational database that is serving operational queries for your users, and you can also serve analytics queries, you know, for your internal teams. It's, it's now split up into those purpose-built databases, like we've said. Uh, but now you've got two different teams managing it and they're, they're designing their data model for different things. You know? So L LLTP might have a more de-normalized model, something that works for very fast operations and it's optimized for that, but now you need to suck that data out and get it elsewhere so that your, your PM or your business analyst, or whoever can crunch through some of that. And, you know, now it needs to be in a more normalized format. How do you sort of bridge that gap? That's a tough one. I think you need to, you know, build empathy on each side of, of what each side is doing and, and build the tools to say, Hey, this is going to help you, uh, you know, LLTP team, if we know what, what users are actually doing, and, and if you can get us into the right format there, so that then I can, you know, we can analyze it, um, on the backend. >>So I think, I think building empathy across those teams is helpful. >>When I left to come back to, you mentioned a health and informatics is coming back. Um, but it's interesting, you know, I look at a database world and you look at the solutions that are out there. A lot of companies that build data solutions don't have a data problem. They've never, they're not swimming in a lot of data, but then you look at like the field that you're working in right now with the genomics and health and, and quantum, they're always, they're dealing with data all the time. So you have people who deal with a lot of data all the time are breaking through New Zealand. People who are don't have that experience are now becoming data full, right? So people are now either it's a first time problem, or they've always been swimming in a ton of data. So it's more of what's the new playbook. And then, wow, I've never had to deal with a lot of data before. What's your take? >>It's interesting. Cause they know, uh, bioinformatics hires, um, uh, grad students. So grad students, you know, use their, our scripts with their file on their laptop. And so, um, to get those folks to understand distributed container-based computing is like I said, a not non-trivial problem. What's been really interesting with the money pouring in to COVID research is when I first started, some of the workflows would take, you know, literally 500 hours and that was just okay. And coming out of FinTech, I was, uh, I could, I was blown away like FinTech is like, could that please take a millisecond rather than a second? Right. And so what has now happened, which makes it, you know, like I said, even more fun to work in this domain is, uh, the research dollars have really gone up because of the pandemic. And so there are, there are, there's this blending of people like me with more of a big data background coming into bioinformatics and working side by side. >>So it's this interesting sort of translation because you have the whole taxonomy of bioinformatics with genomics and sequencers and all the weird file types that you get. And then you have the whole taxonomy of dev ops data ops, you know, containers and Kubernetes and all that. And trying to get that into pipelines that can actually, you know, be efficient, given the constraints. Of course, we, on the tech side, we always want to make it super optimized. I had a customer that we got it down from 500 hours to minutes, but they wanted to stay with the past solution because it was easier for them to go from 500 hours to five hours was good enough, but you know, the techies want to get it down to five minutes. >>This is, this is, we've seen this movie before dev ops, um, edge and op operations, you know, IOT, world scenes, the convergence of cultures. Now you have data and then old, old school operations kind of coming up. So this kind of supports the thesis. That data as code is the next infrastructure as code. What do you guys, what's the reaction there for you guys? What do you think about that? What does data's code mean? If infrastructure's code was cloud and dev ops, what is data as code? What does that mean? >>I could take it if you like. I think, um, data teams, organizations, um, have been long been this bottleneck within the organization and there's like this dark matter of untapped energy and potential waiting to be unleashed a data with the advent of open source projects like DBT, um, have been slowly sort of embracing software development, lifecycle practices. And this is really sort of seeing a, a big steep increase in, um, in their velocity. And, and this is only going to increase and improve as we're seeing data teams, um, embrace starter as code. I think it's, uh, the future is bright for data. So I'm very excited. >>Lynn Peter reaction. I mean, agility data is code is developer concept CICB pipeline. You mentioned it new operational workflows coming into traditional operations reaction. >>Yeah. I mean, I think Peter's right on there. I'd say, you know, some of those tools we're seeing come in from, from software, like, like DBT, basically giving you that infrastructure as code, but applied to that data realm. Also there have been a few, like get for data type things, pack a derm, I believe is one and a few other ones where you bring that in and you also see a lot of immutability concepts flowing into the data realm. So I think just seeing some of those software engineering concepts come over to the data world has, has been pretty interesting >>What we'll literally just versioning datasets and the identification of what's in a data set. What's not in a data set. Some of this is around ethical AI as well, um, is a whole, uh, area that has come out of research groups. Um, mostly AI research groups, but is being applied to medical data and needs to be obviously, um, so this, this, this, um, metadata and versioning around data sets is really, I think, a very of the moment area. >>Yeah, I think we, we, you guys are bringing up a really good kind of direction that's happening in data. And that is something that you're seeing on the software side, open source and now dev ops. And now going to data is that the supply chain challenges of we've been talking about it here on the cube and this, this, um, this episode is, you know, we've seen Ukraine war, but some open source, you know, malware hitting datasets is data secure. What is that going to look like? So you starting to get into this what's the supply chain, is it verified data sets if data sets have to be managed a whole nother level of data supply chain comes up, what do you guys think about that? >>I'll jump in. Oh, sorry. I'll jump in again. I think that, you know, there's, there's, um, some, some of the compliance requirements, um, around financial data are going to be applied to other types of data, probably health data. So immutability reproducibility, um, that is, uh, legally required. Um, also some of the privacy requirements that originated in Europe with GDPR are going to be replicated as more and more, um, types of data. And again, I'm always going to speak for health, but there's other types as well coming out of personal devices and that kind of stuff. So I think, you know, this idea of data as code is it's, it goes down to versioning and controlling and, um, that's, uh, that's sort of a real succinct way to say it that we didn't used to think about that. We just put it in our, you know, relational database and we were good to go, but, um, versioning and controlling in the global ecosystem is kind of, uh, where I'm focusing my efforts. >>It brings up a good question. If databases, if data is going to be part of the development process has to be addressable, which means horizontally scalable. That means it has to be accessible and open. How do you make that work and not foreclose it with a lot of restrictions? >>I think the use of data catalogs and appropriate tagging and categorization, you know, I think, you know, everyone's heard of the term data swamp, and I think that just came about because that everyone saw like, oh, wow, S3, you know, infinite storage. We just, you know, throw whatever in there for as long as we want. And I think at times, you know, the proliferation of S3 buckets, um, and the like, you know, we've just seen, uh, perhaps security, not maintained as well as it could have been. And I think that's kind of where data platform engineering teams have really sort of, uh, come into the, for, you know, creating a governance set of buckets like formation on top. But I think that's kind of where we need to see a lot more work with appropriate tags and also the automatic publishing of metadata into data catalogs so that, um, folks can easily search and address particular data sets and also control the access. You know, for instance, you've got some PII data, perhaps really only your marketing folks should be looking at email addresses and the like not perhaps your finance folks. So I think, you know, there's, there's a lot to be leveraged there in formation and other solutions, >>Alex, let's back up and talk about what's in it for the customer, right. Let's zoom back and saying reality is I just got to get my data to make sure it's secure always on and not going to be hackable. And I just got to get my data available on river performance. So then, then I got to start thinking about, okay, how do I intersect it? So what should teams be thinking about right now as I look up all their data options or databases across their enterprise? >>Yeah, it's, it's a, it's a good question. I just, you know, I think Peter made some good points there and you can think of history as sort of ebbing and flowing between centralization and decentralization a lot of times. And you know, when storage was expensive, data was going to be sort of centralized and Maine maintained, sort of a, you know, by the, uh, the people that are in charge of it. But then when, when S3 comes along, it really decreases storage. Now we can do a lot more experiments on it. We can store a lot more of our data, keep it around and do different things on it. You know, now we've got regulations again, we were, we gotta, we gotta be more realistic about, about keeping that data secure and make sure we're, we're doing the right things with it. So it's, we're gonna probably go through a period of, of centralization as we work out some of this tooling around, you know, tagging and, and ethical AI that, that both Peter. And when we're talking about here and maybe get us into that, that next wearable world of de-centralization again. But I, I think that ebb and flow is going to be natural in response to, you know, the problems of the, the other extreme, >>Where are we in the market right now from progress standpoint, because data lakes don't want to be data swamps. You seeing lake formation as a data architecture, as an example, where are we with customers? What are they doing right now? Where would you put them in the progress bar of, of evolution towards the Nirvana of having this data sovereignty? And this data is code environment. Are they just now in the data lake store, everything real-time and historical? >>Well, I can jump in there. Um, SQL on files is the, is the driver. And so we know when Amazon got Athena, um, that really drove a lot of the customers to really realistically look at data lake technologies, but data warehouses are not going away. And the integration between the two is not seamless. No, we, we are partners with AWS, but we don't work for them. So we can tell you the truth here. Um, there's, there's work to it, but it really, for my customers, it really upped the ante around data lake, uh, because Athena and technologies like that, the serverless, um, SQL queries or the familiar quarry, um, uh, libraries really drove a movement away from either OLTB or OLAP, more expensive, more cumbersome structures, >>But they still need that. Oh, LTP, like if they have high latency issues, they want to be low latency. Can they have the best of both worlds? That's the question. >>I mean, I w I would say we're getting, you know, we're getting closer. We're always going to be, uh, you know, that technology is going to be moving forward, and then we'll just move the goalpost again, in terms of, of what we're asking from it. But I think, you know, the technology that's getting out there, you can get, get really well. And then, you know, just what I work in the dynamo DB world. So you can get really great low latency. So, you know, single digit millisecond LLTP response times on that. I think some of the analytics stuff has been a problem with that. And there, there are different solutions out there to where you can export dynamo to S3, and then you can be doing SQL on your FA your files with Athena Lakeland's talking about, or now you see, you know, rock set of partner here that that'll just ingest your dynamo, DB data, you know, make all those changes. So if you're doing a lot of, uh, changes to your data and dynamo is going to reflect in Roxanna, and then you can do analytics queries, you can do complex filters, different things like that. So, you know, I, I think we continue to push the envelope and then we moved the goalpost again. But, um, you know, I think we're in a, a lot better place than we were a few years ago, for sure. >>Where do you guys see this going relative to the next level? If data as code becomes that next agile, um, software defined environment with open source? Well, all of these new tools with serverless things happening with data lakes are built in with nice architectures with data warehouses, where does it go next? What happens next? If this becomes an agile environment, what's the impact? >>Well, I don't want to be so dominant, but I have, I feel strongly, so I'm going to jump in here. So, so I, um, I feel like, you know, now for my, my, my most computationally intensive workloads, I'm using GPS, I'm bursting to GPU for TensorFlow neural networks. So I've been doing quite a bit of exploration around Amazon bracket for QPS and it's early. Um, and it's specialty. It's not, you know, for everybody. And the learning curve again is pretty daunting, but, um, there are some use cases out there. I mean, I got ahold of a paper where some people did some, um, it was a Q CNN, um, quantum convolutional neural network for lung cancer images, um, from COVID patients and the, the, uh, the QP Hugh, um, algorithm pipeline performed more accurately and faster. So I think, um, bursting to quantum is something to pay attention to. >>Awesome. Peter, what's your take on what's next? >>Well, I think there's still, um, that, that was absolutely fascinating from Lynn, but I think also there's, there's, uh, you know, some more sort of low-level, uh, low-hanging fruit available in, in the data stack. I think there's a lot of, there's still a lot of challenges around the transformation there, getting our data from sort of raw landed data into business domains, and that sort of talks to a lot of what data mesh is all about. I think if we can somehow make that a little more frictionless, because that that's really where the like labor intensive work is. That's, that's kinda dominating, uh, data engineering teams and where we're sort of trying to push that, that workload back onto, um, you know, software engineering teams. >>Alice will give you the final word. What's the impact. What's the next step? What's it look like in the future? >>Yeah, for sure. I mean, I've never had the, uh, breaking a data center problem that wind's had, or the bursting the quantum problem, for sure. But, you know, if you're in that, you know, the pool I swim and of terabytes of data and below and things like that, I think it's a good time. It just like we saw, you know, like we were talking about dev ops and, and pushing, uh, you know, allowing software engineers to handle more of, of the operation stuff. I think the same thing with data can happen where, you know, software engineering teams can handle not just their code, not just, you know, deploying and operating it, but also thinking about their data around the code. And that doesn't mean you won't have people assist you within your organization. You won't have some specialists in there, but I think pushing more stuff, even onto the individual development teams where they have ownership of that. And they're thinking about it through all this different life cycle. I mean, I'm pretty bullish on that. And I think that's an exciting development >>Was that shift, what left with left is security. What does that mean to >>Shipped so much stuff left, but now, you know, the things that were at the end are back at the end again, but, uh, you know, at least we think we can think about that stuff early in the process, which is good, >>Great conversation, very provocative, very realistic and great impact on the future data as code is real, the developers I do believe will have a great operational role and the data stack concept and impacting things like quantum, it's all kind of lining up nicely. Um, and it's a great opportunity to be in this field from a science and policy standpoint. Um, data engineering is legit. It's going to continue to grow and thanks for unpacking that here on the queue. Appreciate it. Okay. Great panel D AWS heroes. They work with AWS and the ecosystem independently out there. They're in the trenches doing the front lines, cracking the code here with data as code season two, episode two of the ongoing series of the 80, but startups I'm John for your host. Thanks for watching.

(upbeat music) >> Okay, we're here talking about how you can better understand and manage the risks associated with the digital supply chain. How in this day and age where software comes from so many different places and sources throughout the ecosystem, how can organizations manage the risks associated with our dependence on software? And with me now are two great guests, Andrea Hall, who is a specialist solution architect and project manager for security and compliance at Red Hat. She's going to focus on public sector. And Andrew Block who's a distinguished architect at Red Hat Consulting, folks welcome. >> Welcome >> Thank you. Thanks for having us. >> You're very welcome. Andrea, let's start with you. Let's talk about regulations. What exists today that we should be aware of that organizations should be paying attention to? >> Oh sure, so the thing that comes to mind first being in the US is the presidential executive order on cybersecurity that came out a few months ago. Organizations are really paying attention to that. And in the US, it's having a ripple effect with policy, but we're also seeing policy considerations pop up in other countries, Australia and England. The supply chain is a big focus right now, of course, but we see these changes coming down the road as more and more government organizations are trying to secure their critical infrastructure. >> Is there kind of a leadership, or probably in other words, is somebody saying seeing what the UK does and say, okay, we're going to follow that template? Or is it just a variety and a mish mash with no sort of consolidation? How is that sort of playing out? >> I see a lot of organizations kind of basing their requirements on (indistinct) However, each organization has its own nuances. Each agency has its own nuances to how it wants them implemented. >> Andrew, maybe you could chime in here. What are you seeing when you talk to customers that are tuned into this issue? >> You know, as Andrea had just mentioned having that north star in terms of regulations is so fundamentally great for them because many of them especially in regulate industries, look to these regulations on how they apply their own policies. So at least it has some guidance on how to move forward because as we all know the secure software supply chain is getting news every day and how they react to it is something that I know all their leaders are asking themselves, especially those IT leaders. >> Andrea, when I talk to practitioners, sometimes they're frustrated. They understand they have to comply. They know new regulations are coming out, but sometimes it's hard for them to keep up. It would be helpful if you're sitting across the table from somebody who's frustrated and they ask you, what are your expectations? What are the trends in regulations? How do you see the current regulations evolving to specifically accommodate the digital supply chain and the security exposures and corollary requirements there? >> We see a lot of organizations struggling in the sense of trying to understand what the policy actually wants. Definitions are still a little bit vague, but implementation is also difficult because sometimes organizations will add more tools to their toolkit, adding a layer of complexity there. Really automation has to be pulled in. That's key to implementing this instead of adding more workload and more burden to your folks. It's really important for these organizations to pull stakeholders in the organization together. So the IT leaders bring together the developers, the security operations sit at the same table, talk about whether or not what needs to be implemented or what's proposed to be implemented, will affect the mission or in any way or disrupt operations. It's important for everybody to be on the same page so it doesn't slow anything down as you're trying to roll it out. >> And one of the things here is that we're seeing a lot of change with these new regulations and with a lot of organizations, any type of change is scary. And that is one area that they're looking for guidance not only in the tooling, but also how they apply it in the organization. >> I'll add on. >> Please. >> I'll add onto that and say, organizations really need to take into account the people side of things too. People need to understand what the impact is to the organization, so that they don't try to find the loopholes, they're buying into what needs to be done. They understand the why behind it. You for example, if you walk into your house, you normally close the door behind you. Security needs to be seen as that, as well, that's the culture and it's the habit. And it's ingrained in the fabric of the organization to live this way, not just implement the tools to do it. >> Right, and the number of doors you have in your infrastructure are a lot more than just a couple. Andrew mentioned sort of guidance and governments are obviously taking a more active role. I mean, sometimes I'm a cynic. I mean, the president Biden signs an executive order, but swipe of a pen doesn't really give us enough to go on. Do you think Andrea, that we're going to see new guidance from governments in the very near future? What are you expecting? >> I expect to see more conversations happening. I know that agencies who developed the policies are pulling together stakeholders and getting input. But I do see in the not too distant future, that mandates will be rolling out, yes. >> Well, so Andrew of course, Andrea, if you have a thought on this as well, but how do you see organizations dealing with adopting these new policies. >> Slowly, don't boil the ocean is one thing I tell a lot to every one of them, because a lot of these tooling, a lot of these concepts are foreign to them, brand new. How they adopt those and how they implement them, needs to be done in a very agile fashion, very slow and prescriptive. Go ahead and try to find one area of improvement and go ahead and work upon it and build upon it. Because not only does that normally make your organization more successful and secure, but also helps your organization just from a more out standpoint. One thing that you need to emphasize is that don't blame anyone. 'Cause a lot of times when you're going through this, you're reassessing your own supply chain. You might find where you could see improvements that need to be done. Don't blame things that may have occurred in the past. See how you can benefit from these lessons learned in the future. >> It's interesting you say that the blame game, I mean it used to be that failure meant you get fired and that's obviously has changed. As many have said, you know you're going to have incidents. It's how you respond to those incidents. What you learn from them. Do you have Andrew, any insights from specifically working with customers on securing their software supply chain? What can you tell us about what leading practitioners are doing today? >> They're going in and not only assessing what their software components consist of. Using tools like an SBOM, a software bill of materials, understand where all the components of their ecosystem and their lineage comes from. We're hearing almost every single day, new vulnerabilities that are being introduced in various software packages. By having that understanding of what is in your ecosystem, you can then better understand how to mitigate those concerns moving forward. >> Andrea, Andrew was just saying, one of the things is you don't just dive in. You've got to be careful. There's going to be ripple effects is what I'm inferring, but at the same time, there's a mandate to move quickly. Are there things that could accelerate the adoption of regulation or even the creation of regulations and that guidance in your view? What could accelerate this? >> As far as accelerating it goes, I think it's having those conversations proactively with the stakeholders in your organization and understanding the environment like Andrew said. Go ahead and get that baseline. And just know that whatever changes you make are maybe going to be audited down the road, because as we were moving towards this kind of third-party verification, that you're actually implementing things in order to do business with another organization. The importance of that, if organizations see that gravity to this, I think they will try to speed things up. I think that if organizations and the people in those organizations understand that why, that I talked about earlier and they understand how things like solar winds or things like the oil disruption that happened earlier this year. The personal effect to cyber events will help your organization move forward. Again, everybody's bought into the concept, everybody's working towards the same goals and they understand that why behind it. >> In addition to that, having tooling available, that makes it easy for them. You have a lot of individuals who this is all foreign, providing that base level tooling that aligns to a lot of the regulations that might be applicable within their real realm and their domain, makes it easier for them to start to complying and taking less burden off of them to be able to be successful. >> So it's a hard problem because Andrew, how do you deal with sort of the comment more tools, okay. But I look at that the Optiv map, if you've seen that. It makes your eyes cross. You've got so many tools, so much fragmentation, you're introducing new tools. Can automation help that? Is there hope for consolidation of that tools portfolio? >> Right now, this space is very emerging. It's very emerging, it's very fluid to be honest, 'cause there is actually mandates only a year or two old. But as they come over the course of time, however, I do see these types of tooling starting to consolidate where right now it seems like every vendor has a tool that tries to address this. It's being able to have the people work together, have more regulations that will come out that will allow us to start to redefine and solidify on certain tools like ISO standards. There are certain ones that I mentioned on as balance previously, there's now a ISO standard on SBOM there wasn't previously. So as more and more of these regulations come out, it makes it easier to provide that recommended set of tooling that organizations can start leveraging instead of vendor A, vendor B. >> Andrea, I said this before I was a cynic, but will give you the last word, give us some hope. I mean, obviously public policy is very important. A partnership between governments and industry, both the practitioners, the organizations that are buying these tools, as well as the technology industry got to work together in an ecosystem. Give us some hope. >> The hope I think will come from realizing that as you're doing this, as you are implementing these changes, you're in a sense trying to prevent those future incidents from happening. There's some assurance that you're doing everything that you can do here. It's a situation, it can be daunting, I'll put it that way. It can be really daunting for organizations, but just know that organizations like Red Hat are doing what we can to help you down the road. >> And really it's just continuing this whole shifting left mentality. The top of supply chain is just one component, but the introducing dev sec ops security at the beginning, that really will make the organizations become successful because this is not just a technology problem, It's a people issue as well. And being able to kind of package them all up together will help organizations as a whole. >> Yeah, so that's a really important point. You hear that term shift left. For years, people say, hey, you can't just bolt security on, as an afterthought, that's problematic. And that's the answer to that problem, right? Is shifting left meaning designing it in at the point of code, infrastructure as code, dev sec ops. That's where it starts, right? >> Exactly, being able to have security at the forefront and then have everything afterwards. Propagate from your security mindset. >> Excellent, okay, Andrea, Andrew, thanks so much for coming to the program today. >> Thank you for having us. >> Very welcome, thanks for watching. This is Dave Vellante for The Cube. Your a global leader in enterprise tech coverage. (soft music)

(upbeat music) >> Okay, we're here talking about how you can better understand and manage the risks associated with the digital supply chain. How in this day and age where software comes from so many different places and sources throughout the ecosystem, how can organizations manage the risks associated with our dependence on software? And with me now are two great guests, Andrea Hall, who is a specialist solution architect and project manager for security and compliance at Red Hat. She's going to focus on public sector. And Andrew Block who's a distinguished architect at Red Hat Consulting, folks welcome. >> Welcome >> Thank you. Thanks for having us. >> You're very welcome. Andrea, let's start with you. Let's talk about regulations. What exists today that we should be aware of that organizations should be paying attention to? >> Oh sure, so the thing that comes to mind first being in the US is the presidential executive order on cybersecurity that came out a few months ago. Organizations are really paying attention to that. And in the US, it's having a ripple effect with policy, but we're also seeing policy considerations pop up in other countries, Australia and England. The supply chain is a big focus right now, of course, but we see these changes coming down the road as more and more government organizations are trying to secure their critical infrastructure. >> Is there kind of a leadership, or probably in other words, is somebody saying seeing what the UK does and say, okay, we're going to follow that template? Or is it just a variety and a mish mash with no sort of consolidation? How is that sort of playing out? >> I see a lot of organizations kind of basing their requirements on (indistinct) However, each organization has its own nuances. Each agency has its own nuances to how it wants them implemented. >> Andrew, maybe you could chime in here. What are you seeing when you talk to customers that are tuned into this issue? >> No as Andrea had just mentioned having that north star in terms of regulations is so fundamentally great for them because many of them especially in regulate industries, look to these regulations on how they apply their own policies. So at least it has some guidance on how to move forward because as we all know the secure software supply chain is getting news every day and how they react to it is something that I know all their leaders are asking themselves, especially those IT leaders. >> Andrea, when I talk to practitioners, sometimes they're frustrated. They understand they have to comply. They know new regulations are coming out, but sometimes it's hard for them to keep up. It would be helpful if you're sitting across the table from somebody who's frustrated and they ask you, what are your expectations? What are the trends in regulations? How do you see the current regulations evolving to specifically accommodate the digital supply chain and the security exposures and corollary requirements there? >> We see a lot of organizations struggling in the sense of trying to understand what the policy actually wants. Definitions are still a little bit vague, but implementation is also difficult because sometimes organizations will add more tools to their toolkit, adding a layer of complexity there. Really automation has to be pulled in. That's key to implementing this instead of adding more workload and more burden to your folks. It's really important for these organizations to pull stakeholders in the organization together. So the IT leaders bring together the developers, the security operations sit at the same table, talk about whether or not what needs to be implemented or what's proposed to be implemented, will affect the mission or in any way or disrupt operations. It's important for everybody to be on the same page so it doesn't slow anything down as you're trying to roll it out. >> And one of the things here is that we're seeing a lot of change with these new regulations and with a lot of organizations, any type of change is scary. And that is one area that they're looking for guidance not only in the tooling, but also how they apply it in the organization. >> I'll add on. >> Please. >> I'll add onto that and say, organizations really need to take into account the people side of things too. People need to understand what the impact is to the organization, so that they don't try to find the loopholes, they're buying into what needs to be done. They understand the why behind it. You for example, if you walk into your house, you normally close the door behind you. Security needs to be seen as that, as well, that's the culture and it's the habit. And it's ingrained in the fabric of the organization to live this way, not just implement the tools to do it. >> Right, and the number of doors you have in your infrastructure are a lot more than just a couple. Andrew mentioned sort of guidance and governments are obviously taking a more active role. I mean, sometimes I'm a cynic. I mean, the president Biden signs an executive order, but swipe of a pen doesn't really give us enough to go on. Do you think Andrea, that we're going to see new guidance from governments in the very near future? What are you expecting? >> I expect to see more conversations happening. I know that agencies who developed the policies are pulling together stakeholders and getting input. But I do see in the not too distant future, that mandates will be rolling out, yes. >> Well, so Andrew of course, Andrea, if you have a thought on this as well, but how do you see organizations dealing with adopting these new policies. >> Slowly, don't boil the ocean is one thing I tell a lot to every one of them, because a lot of these tooling, a lot of these concepts are foreign to them, brand new. How they adopt those and how they implement them, needs to be done in a very agile fashion, very slow and prescriptive. Go ahead and try to find one area of improvement and go ahead and work upon it and build upon it. Because not only does that normally make your organization more successful and secure, but also helps your organization just from a more out standpoint. One thing that you need to emphasize is that don't blame anyone. 'Cause a lot of times when you're going through this, you're reassessing your own supply chain. You might find where you could see improvements that need to be done. Don't blame things that may have occurred in the past. See how you can benefit from these lessons learned in the future. >> It's interesting you say that the blame game, I mean it used to be that failure meant you get fired and that's obviously has changed. As many have said, you know you're going to have incidents. It's how you respond to those incidents. What you learn from them. Do you have Andrew, any insights from specifically working with customers on securing their software supply chain? What can you tell us about what leading practitioners are doing today? >> They're going in and not only assessing what their software components consist of. Using tools like an SBOM, a software bill of materials, understand where all the components of their ecosystem and their lineage comes from. We're hearing almost every single day, new vulnerabilities that are being introduced in various software packages. By having that understanding of what is in your ecosystem, you can then better understand how to mitigate those concerns moving forward. >> Andrea, Andrew was just saying, one of the things is you don't just dive in. You've got to be careful. There's going to be ripple effects is what I'm inferring, but at the same time, there's a mandate to move quickly. Are there things that could accelerate the adoption of regulation or even the creation of regulations and that guidance in your view? What could accelerate this? >> As far as accelerating it goes, I think it's having those conversations proactively with the stakeholders in your organization and understanding the environment like Andrew said. Go ahead and get that baseline. And just know that whatever changes you make are maybe going to be audited down the road, because as we were moving towards this kind of third-party verification, that you're actually implementing things in order to do business with another organization. The importance of that, if organizations see that gravity to this, I think they will try to speed things up. I think that if organizations and the people in those organizations understand that why, that I talked about earlier and they understand how things like solar winds or things like the oil disruption that happened earlier this year. The personal effect to cyber events will help your organization move forward. Again, everybody's bought into the concept, everybody's working towards the same goals and they understand that why behind it. >> In addition to that, having tooling available, that makes it easy for them. You have a lot of individuals who this is all foreign, providing that base level tooling that aligns to a lot of the regulations that might be applicable within their real realm and their domain, makes it easier for them to start to complying and taking less burden off of them to be able to be successful. >> So it's a hard problem because Andrew, how do you deal with sort of the comment more tools, okay. But I look at that the Optiv map, if you've seen that. It makes your eyes cross. You've got so many tools, so much fragmentation, you're introducing new tools. Can automation help that? Is there hope for consolidation of that tools portfolio? >> Right now, this space is very emerging. It's very emergent, it's very fluid to be honest, 'cause there is actually mandates only a year or two old. But as they come over the course of time, however, I do see these types of tooling starting to consolidate where right now it seems like every vendor has a tool that tries to address this. It's being able to have the people work together, have more regulations that will come out that will allow us to start to redefine and solidify on certain tools like ISO standards. There are certain ones that I mentioned on as balance previously, there's now a ISO standard on SBOM there wasn't previously. So as more and more of these regulations come out, it makes it easier to provide that recommended set of tooling that organization is leveraging instead of vendor A, vendor B. >> Andrea, I said this before I was a cynic, but will give you the last word, give us some hope. I mean, obviously public policy is very important. A partnership between governments and industry, both the practitioners, the organizations that are buying these tools, as well as the technology industry got to work together in an ecosystem. Give us some hope. >> The hope I think will come from realizing that as you're doing this, as you are implementing these changes, you're in a sense trying to prevent those future incidents from happening. There's some assurance that you're doing everything that you can do here. It's a situation, it can be daunting, I'll put it that way. It can be really daunting for organizations, but just know that organizations like Red Hat are doing what we can to help you down the road. >> And really it's just continuing this whole shifting left mentality. The top of supply chain is just one component, but the introducing dev sec ops security at the beginning, that really will make the organizations become successful because this is not just a technology problem, It's a people issue as well. And being able to kind of package them all up together will help organizations as a whole. >> Yeah, so that's a really important point. You hear that term shift left. For years, people say, hey, you can't just bolt security on, as an afterthought, that's problematic. And that's the answer to that problem, right? Is shifting left meaning designing it in at the point of code, infrastructure as code, dev sec ops. That's where it starts, right? >> Exactly, being able to have security at the forefront and then have everything afterwards. Propagate from your security mindset. >> Excellent, okay, Andrea, Andrew, thanks so much for coming to the program today. >> Thank you for having us. >> Very welcome, thanks for watching. This is Dave Vellante for The Cube. Your a global leader in enterprise tech coverage. (soft music)